Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible rootkit


  • Please log in to reply
24 replies to this topic

#1 Rakoth

Rakoth

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 05 July 2012 - 07:07 PM

Malware Bytes detected two infections today:
trojan.agent.mrggen
trojan.dropper.bcminer

Once I removed and rebooted, I kept getting a notice that explorer.exe and svchost keeps trying to hit potential malware URLs:
195.3.145.57 (Type: outgoing, Port: 60627, Process: explorer.exe)
212.117.165.20 (Type: outgoing, Port: 50306, Process: svchost.exe)
206.161.121.124 (Type: outgoing, Port: 50357, Process: svchost.exe)
195.3.145.57 (Type: outgoing, Port: 55072, Process: explorer.exe)

I have no idea what this could be. Running a Spybot SnD scan now. All it found were a couple of browser spyware.

I am not sure what those URLs are. I tried googling the first one, and it sent me here.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:41 PM

Posted 05 July 2012 - 07:19 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Rakoth

Rakoth
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 05 July 2012 - 07:25 PM

18:25:15.0643 5180 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
18:25:16.0137 5180 ============================================================
18:25:16.0137 5180 Current date / time: 2012/07/05 18:25:16.0137
18:25:16.0137 5180 SystemInfo:
18:25:16.0137 5180
18:25:16.0137 5180 OS Version: 6.1.7601 ServicePack: 1.0
18:25:16.0137 5180 Product type: Workstation
18:25:16.0137 5180 ComputerName: RAKOTH-DESKTOP
18:25:16.0138 5180 UserName: Rakoth
18:25:16.0138 5180 Windows directory: C:\Windows
18:25:16.0138 5180 System windows directory: C:\Windows
18:25:16.0138 5180 Running under WOW64
18:25:16.0138 5180 Processor architecture: Intel x64
18:25:16.0138 5180 Number of processors: 4
18:25:16.0138 5180 Page size: 0x1000
18:25:16.0138 5180 Boot type: Normal boot
18:25:16.0138 5180 ============================================================
18:25:17.0031 5180 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:25:17.0043 5180 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:25:17.0063 5180 ============================================================
18:25:17.0063 5180 \Device\Harddisk0\DR0:
18:25:17.0063 5180 MBR partitions:
18:25:17.0063 5180 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
18:25:17.0063 5180 \Device\Harddisk1\DR1:
18:25:17.0064 5180 MBR partitions:
18:25:17.0064 5180 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
18:25:17.0064 5180 ============================================================
18:25:17.0085 5180 C: <-> \Device\Harddisk0\DR0\Partition0
18:25:17.0098 5180 D: <-> \Device\Harddisk1\DR1\Partition0
18:25:17.0098 5180 ============================================================
18:25:17.0098 5180 Initialize success
18:25:17.0098 5180 ============================================================
18:26:21.0490 2132 ============================================================
18:26:21.0490 2132 Scan started
18:26:21.0490 2132 Mode: Manual; TDLFS;
18:26:21.0490 2132 ============================================================
18:26:22.0536 2132 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:26:22.0536 2132 1394ohci - ok
18:26:22.0598 2132 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:26:22.0598 2132 ACPI - ok
18:26:22.0629 2132 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:26:22.0629 2132 AcpiPmi - ok
18:26:22.0676 2132 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:26:22.0676 2132 AdobeARMservice - ok
18:26:22.0770 2132 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:26:22.0785 2132 AdobeFlashPlayerUpdateSvc - ok
18:26:22.0832 2132 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:26:22.0832 2132 adp94xx - ok
18:26:22.0863 2132 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:26:22.0863 2132 adpahci - ok
18:26:22.0879 2132 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:26:22.0894 2132 adpu320 - ok
18:26:22.0910 2132 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:26:22.0910 2132 AeLookupSvc - ok
18:26:22.0972 2132 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:26:22.0972 2132 AFD - ok
18:26:23.0019 2132 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:26:23.0019 2132 agp440 - ok
18:26:23.0035 2132 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:26:23.0035 2132 ALG - ok
18:26:23.0050 2132 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:26:23.0050 2132 aliide - ok
18:26:23.0066 2132 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:26:23.0066 2132 amdide - ok
18:26:23.0082 2132 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:26:23.0082 2132 AmdK8 - ok
18:26:23.0097 2132 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:26:23.0097 2132 AmdPPM - ok
18:26:23.0128 2132 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:26:23.0128 2132 amdsata - ok
18:26:23.0160 2132 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:26:23.0160 2132 amdsbs - ok
18:26:23.0175 2132 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:26:23.0175 2132 amdxata - ok
18:26:23.0222 2132 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:26:23.0222 2132 AppID - ok
18:26:23.0238 2132 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:26:23.0238 2132 AppIDSvc - ok
18:26:23.0269 2132 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:26:23.0269 2132 Appinfo - ok
18:26:23.0300 2132 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
18:26:23.0300 2132 AppMgmt - ok
18:26:23.0316 2132 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:26:23.0316 2132 arc - ok
18:26:23.0331 2132 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:26:23.0331 2132 arcsas - ok
18:26:23.0362 2132 asmthub3 (954950d11ada98ac1b7ee3c770e4622c) C:\Windows\system32\DRIVERS\asmthub3.sys
18:26:23.0362 2132 asmthub3 - ok
18:26:23.0409 2132 asmtxhci (01dbb05db1db95803e3c9f2b49afe79c) C:\Windows\system32\DRIVERS\asmtxhci.sys
18:26:23.0409 2132 asmtxhci - ok
18:26:23.0518 2132 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:26:23.0518 2132 aspnet_state - ok
18:26:23.0565 2132 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
18:26:23.0565 2132 aswFsBlk - ok
18:26:23.0628 2132 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
18:26:23.0628 2132 aswMonFlt - ok
18:26:23.0643 2132 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
18:26:23.0643 2132 aswRdr - ok
18:26:23.0721 2132 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
18:26:23.0737 2132 aswSnx - ok
18:26:23.0768 2132 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
18:26:23.0768 2132 aswSP - ok
18:26:23.0784 2132 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
18:26:23.0784 2132 aswTdi - ok
18:26:23.0815 2132 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:26:23.0815 2132 AsyncMac - ok
18:26:23.0846 2132 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:26:23.0846 2132 atapi - ok
18:26:23.0877 2132 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
18:26:23.0877 2132 AthBTPort - ok
18:26:23.0986 2132 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\system32\Drivers\AthDfu.sys
18:26:23.0986 2132 ATHDFU - ok
18:26:24.0064 2132 AtherosSvc (21753130331188c4b474e1d3b396e629) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
18:26:24.0064 2132 AtherosSvc - ok
18:26:24.0142 2132 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:26:24.0142 2132 AudioEndpointBuilder - ok
18:26:24.0142 2132 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:26:24.0158 2132 AudioSrv - ok
18:26:24.0236 2132 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:26:24.0236 2132 avast! Antivirus - ok
18:26:24.0267 2132 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:26:24.0267 2132 AxInstSV - ok
18:26:24.0314 2132 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:26:24.0314 2132 b06bdrv - ok
18:26:24.0361 2132 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:26:24.0361 2132 b57nd60a - ok
18:26:24.0408 2132 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:26:24.0408 2132 BDESVC - ok
18:26:24.0439 2132 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:26:24.0439 2132 Beep - ok
18:26:24.0517 2132 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:26:24.0532 2132 BFE - ok
18:26:24.0610 2132 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:26:24.0610 2132 BITS - ok
18:26:24.0657 2132 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:26:24.0657 2132 blbdrive - ok
18:26:24.0688 2132 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:26:24.0688 2132 bowser - ok
18:26:24.0704 2132 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:26:24.0704 2132 BrFiltLo - ok
18:26:24.0704 2132 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:26:24.0704 2132 BrFiltUp - ok
18:26:24.0751 2132 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:26:24.0751 2132 Browser - ok
18:26:24.0766 2132 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:26:24.0782 2132 Brserid - ok
18:26:24.0798 2132 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:26:24.0798 2132 BrSerWdm - ok
18:26:24.0798 2132 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:26:24.0798 2132 BrUsbMdm - ok
18:26:24.0813 2132 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:26:24.0813 2132 BrUsbSer - ok
18:26:24.0860 2132 BTATH_A2DP (fe70889a85c57a9268101b2db0474509) C:\Windows\system32\drivers\btath_a2dp.sys
18:26:24.0860 2132 BTATH_A2DP - ok
18:26:24.0891 2132 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
18:26:24.0891 2132 BTATH_BUS - ok
18:26:24.0922 2132 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
18:26:24.0922 2132 BTATH_HCRP - ok
18:26:24.0938 2132 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:26:24.0938 2132 BTATH_LWFLT - ok
18:26:24.0954 2132 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
18:26:24.0954 2132 BTATH_RCP - ok
18:26:25.0016 2132 BtFilter (aa0f5afcf077c5246589b32eceeae566) C:\Windows\system32\DRIVERS\btfilter.sys
18:26:25.0016 2132 BtFilter - ok
18:26:25.0047 2132 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:26:25.0047 2132 BthEnum - ok
18:26:25.0063 2132 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:26:25.0078 2132 BTHMODEM - ok
18:26:25.0094 2132 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:26:25.0094 2132 BthPan - ok
18:26:25.0141 2132 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
18:26:25.0141 2132 BTHPORT - ok
18:26:25.0172 2132 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:26:25.0172 2132 bthserv - ok
18:26:25.0188 2132 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
18:26:25.0188 2132 BTHUSB - ok
18:26:25.0203 2132 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:26:25.0203 2132 cdfs - ok
18:26:25.0266 2132 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:26:25.0266 2132 cdrom - ok
18:26:25.0312 2132 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:26:25.0312 2132 CertPropSvc - ok
18:26:25.0328 2132 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:26:25.0328 2132 circlass - ok
18:26:25.0359 2132 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:26:25.0375 2132 CLFS - ok
18:26:25.0422 2132 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:26:25.0422 2132 clr_optimization_v2.0.50727_32 - ok
18:26:25.0468 2132 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:26:25.0468 2132 clr_optimization_v2.0.50727_64 - ok
18:26:25.0562 2132 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:26:25.0562 2132 clr_optimization_v4.0.30319_32 - ok
18:26:25.0609 2132 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:26:25.0609 2132 clr_optimization_v4.0.30319_64 - ok
18:26:25.0624 2132 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:26:25.0624 2132 CmBatt - ok
18:26:25.0656 2132 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:26:25.0656 2132 cmdide - ok
18:26:25.0702 2132 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:26:25.0702 2132 CNG - ok
18:26:25.0718 2132 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:26:25.0718 2132 Compbatt - ok
18:26:25.0749 2132 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:26:25.0749 2132 CompositeBus - ok
18:26:25.0765 2132 COMSysApp - ok
18:26:25.0858 2132 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:26:25.0858 2132 cphs - ok
18:26:25.0890 2132 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:26:25.0890 2132 crcdisk - ok
18:26:25.0921 2132 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
18:26:25.0921 2132 CryptSvc - ok
18:26:25.0983 2132 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:26:25.0983 2132 CSC - ok
18:26:26.0046 2132 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
18:26:26.0061 2132 CscService - ok
18:26:26.0092 2132 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:26:26.0092 2132 DcomLaunch - ok
18:26:26.0139 2132 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:26:26.0139 2132 defragsvc - ok
18:26:26.0186 2132 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:26:26.0202 2132 DfsC - ok
18:26:26.0233 2132 dg_ssudbus (6060106ce00f32f63f1a73160e46e9d2) C:\Windows\system32\DRIVERS\ssudbus.sys
18:26:26.0233 2132 dg_ssudbus - ok
18:26:26.0280 2132 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:26:26.0280 2132 Dhcp - ok
18:26:26.0295 2132 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:26:26.0295 2132 discache - ok
18:26:26.0326 2132 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:26:26.0326 2132 Disk - ok
18:26:26.0358 2132 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:26:26.0358 2132 Dnscache - ok
18:26:26.0404 2132 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:26:26.0404 2132 dot3svc - ok
18:26:26.0436 2132 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:26:26.0436 2132 DPS - ok
18:26:26.0467 2132 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:26:26.0467 2132 drmkaud - ok
18:26:26.0592 2132 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:26:26.0607 2132 DXGKrnl - ok
18:26:26.0654 2132 e1cexpress (6bafd9819d9fec2edbaebc8493c711a4) C:\Windows\system32\DRIVERS\e1c62x64.sys
18:26:26.0654 2132 e1cexpress - ok
18:26:26.0685 2132 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:26:26.0685 2132 EapHost - ok
18:26:26.0884 2132 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:26:26.0893 2132 ebdrv - ok
18:26:26.0997 2132 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:26:26.0999 2132 EFS - ok
18:26:27.0085 2132 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:26:27.0090 2132 ehRecvr - ok
18:26:27.0120 2132 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:26:27.0121 2132 ehSched - ok
18:26:27.0179 2132 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:26:27.0183 2132 elxstor - ok
18:26:27.0207 2132 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:26:27.0207 2132 ErrDev - ok
18:26:27.0259 2132 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:26:27.0263 2132 EventSystem - ok
18:26:27.0287 2132 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:26:27.0289 2132 exfat - ok
18:26:27.0308 2132 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:26:27.0310 2132 fastfat - ok
18:26:27.0381 2132 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:26:27.0387 2132 Fax - ok
18:26:27.0398 2132 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:26:27.0399 2132 fdc - ok
18:26:27.0419 2132 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:26:27.0421 2132 fdPHost - ok
18:26:27.0433 2132 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:26:27.0435 2132 FDResPub - ok
18:26:27.0450 2132 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:26:27.0452 2132 FileInfo - ok
18:26:27.0463 2132 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:26:27.0464 2132 Filetrace - ok
18:26:27.0476 2132 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:26:27.0476 2132 flpydisk - ok
18:26:27.0516 2132 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:26:27.0518 2132 FltMgr - ok
18:26:27.0613 2132 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:26:27.0622 2132 FontCache - ok
18:26:27.0695 2132 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:26:27.0696 2132 FontCache3.0.0.0 - ok
18:26:27.0728 2132 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:26:27.0729 2132 FsDepends - ok
18:26:27.0760 2132 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:26:27.0760 2132 Fs_Rec - ok
18:26:27.0817 2132 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:26:27.0817 2132 fvevol - ok
18:26:27.0833 2132 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:26:27.0848 2132 gagp30kx - ok
18:26:27.0911 2132 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:26:27.0911 2132 gpsvc - ok
18:26:27.0973 2132 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:26:27.0973 2132 gupdate - ok
18:26:27.0989 2132 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:26:27.0989 2132 gupdatem - ok
18:26:28.0004 2132 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:26:28.0020 2132 gusvc - ok
18:26:28.0036 2132 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:26:28.0036 2132 hcw85cir - ok
18:26:28.0098 2132 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:26:28.0098 2132 HdAudAddService - ok
18:26:28.0129 2132 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:26:28.0129 2132 HDAudBus - ok
18:26:28.0145 2132 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:26:28.0145 2132 HidBatt - ok
18:26:28.0160 2132 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:26:28.0160 2132 HidBth - ok
18:26:28.0192 2132 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:26:28.0192 2132 HidIr - ok
18:26:28.0207 2132 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:26:28.0207 2132 hidserv - ok
18:26:28.0238 2132 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
18:26:28.0238 2132 HidUsb - ok
18:26:28.0254 2132 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:26:28.0254 2132 hkmsvc - ok
18:26:28.0301 2132 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:26:28.0301 2132 HomeGroupListener - ok
18:26:28.0348 2132 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:26:28.0348 2132 HomeGroupProvider - ok
18:26:28.0363 2132 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:26:28.0363 2132 HpSAMD - ok
18:26:28.0426 2132 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:26:28.0441 2132 HTTP - ok
18:26:28.0457 2132 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:26:28.0457 2132 hwpolicy - ok
18:26:28.0472 2132 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:26:28.0472 2132 i8042prt - ok
18:26:28.0535 2132 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:26:28.0535 2132 iaStorV - ok
18:26:28.0660 2132 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:26:28.0660 2132 idsvc - ok
18:26:29.0578 2132 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:26:29.0618 2132 igfx - ok
18:26:29.0708 2132 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:26:29.0708 2132 iirsp - ok
18:26:29.0768 2132 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:26:29.0778 2132 IKEEXT - ok
18:26:29.0948 2132 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
18:26:29.0948 2132 IntcAzAudAddService - ok
18:26:30.0042 2132 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:26:30.0042 2132 intelide - ok
18:26:30.0057 2132 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:26:30.0057 2132 intelppm - ok
18:26:30.0104 2132 Intel® PROSet Monitoring Service (068ec06f3b6dd7b81b365d8fd2ce27e6) C:\Windows\system32\IProsetMonitor.exe
18:26:30.0104 2132 Intel® PROSet Monitoring Service - ok
18:26:30.0135 2132 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:26:30.0135 2132 IPBusEnum - ok
18:26:30.0182 2132 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:26:30.0182 2132 IpFilterDriver - ok
18:26:30.0198 2132 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:26:30.0198 2132 IPMIDRV - ok
18:26:30.0229 2132 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:26:30.0229 2132 IPNAT - ok
18:26:30.0244 2132 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:26:30.0244 2132 IRENUM - ok
18:26:30.0276 2132 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:26:30.0276 2132 isapnp - ok
18:26:30.0307 2132 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:26:30.0322 2132 iScsiPrt - ok
18:26:30.0369 2132 JRAID (a577f5db30f70eca9708c07c2eacbd9d) C:\Windows\system32\DRIVERS\jraid.sys
18:26:30.0369 2132 JRAID - ok
18:26:30.0385 2132 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:26:30.0385 2132 kbdclass - ok
18:26:30.0416 2132 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:26:30.0416 2132 kbdhid - ok
18:26:30.0463 2132 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:26:30.0463 2132 KeyIso - ok
18:26:30.0463 2132 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:26:30.0463 2132 KSecDD - ok
18:26:30.0494 2132 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:26:30.0494 2132 KSecPkg - ok
18:26:30.0510 2132 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:26:30.0510 2132 ksthunk - ok
18:26:30.0541 2132 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:26:30.0556 2132 KtmRm - ok
18:26:30.0619 2132 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:26:30.0619 2132 LanmanServer - ok
18:26:30.0697 2132 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:26:30.0697 2132 LanmanWorkstation - ok
18:26:30.0728 2132 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:26:30.0728 2132 lltdio - ok
18:26:30.0775 2132 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:26:30.0775 2132 lltdsvc - ok
18:26:30.0790 2132 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:26:30.0790 2132 lmhosts - ok
18:26:30.0822 2132 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:26:30.0822 2132 LSI_FC - ok
18:26:30.0837 2132 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:26:30.0837 2132 LSI_SAS - ok
18:26:30.0853 2132 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:26:30.0853 2132 LSI_SAS2 - ok
18:26:30.0884 2132 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:26:30.0884 2132 LSI_SCSI - ok
18:26:30.0900 2132 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:26:30.0900 2132 luafv - ok
18:26:30.0962 2132 m4cxwin764 (790f789f8ce1b70e7c384ad95e8ca3ef) C:\Windows\system32\DRIVERS\m4cxwin764.sys
18:26:30.0962 2132 m4cxwin764 - ok
18:26:30.0993 2132 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
18:26:31.0009 2132 MBAMProtector - ok
18:26:31.0087 2132 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:26:31.0087 2132 MBAMService - ok
18:26:31.0118 2132 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:26:31.0118 2132 Mcx2Svc - ok
18:26:31.0134 2132 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:26:31.0134 2132 megasas - ok
18:26:31.0165 2132 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:26:31.0165 2132 MegaSR - ok
18:26:31.0196 2132 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
18:26:31.0196 2132 MEIx64 - ok
18:26:31.0212 2132 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:26:31.0212 2132 MMCSS - ok
18:26:31.0227 2132 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:26:31.0227 2132 Modem - ok
18:26:31.0243 2132 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:26:31.0243 2132 monitor - ok
18:26:31.0274 2132 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:26:31.0274 2132 mouclass - ok
18:26:31.0305 2132 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:26:31.0305 2132 mouhid - ok
18:26:31.0348 2132 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:26:31.0349 2132 mountmgr - ok
18:26:31.0385 2132 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:26:31.0386 2132 mpio - ok
18:26:31.0406 2132 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:26:31.0407 2132 mpsdrv - ok
18:26:31.0434 2132 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:26:31.0436 2132 MRxDAV - ok
18:26:31.0471 2132 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:26:31.0473 2132 mrxsmb - ok
18:26:31.0497 2132 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:26:31.0499 2132 mrxsmb10 - ok
18:26:31.0532 2132 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:26:31.0533 2132 mrxsmb20 - ok
18:26:31.0548 2132 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:26:31.0549 2132 msahci - ok
18:26:31.0570 2132 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:26:31.0572 2132 msdsm - ok
18:26:31.0590 2132 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:26:31.0593 2132 MSDTC - ok
18:26:31.0618 2132 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:26:31.0618 2132 Msfs - ok
18:26:31.0632 2132 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:26:31.0633 2132 mshidkmdf - ok
18:26:31.0643 2132 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:26:31.0644 2132 msisadrv - ok
18:26:31.0672 2132 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:26:31.0675 2132 MSiSCSI - ok
18:26:31.0678 2132 msiserver - ok
18:26:31.0705 2132 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:26:31.0706 2132 MSKSSRV - ok
18:26:31.0719 2132 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:26:31.0720 2132 MSPCLOCK - ok
18:26:31.0724 2132 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:26:31.0725 2132 MSPQM - ok
18:26:31.0770 2132 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:26:31.0773 2132 MsRPC - ok
18:26:31.0809 2132 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:26:31.0810 2132 mssmbios - ok
18:26:31.0819 2132 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:26:31.0820 2132 MSTEE - ok
18:26:31.0829 2132 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:26:31.0830 2132 MTConfig - ok
18:26:31.0845 2132 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:26:31.0846 2132 Mup - ok
18:26:31.0890 2132 mv91xx (34d08c9c64f657d194961e96c47e9c69) C:\Windows\system32\DRIVERS\mv91xx.sys
18:26:31.0893 2132 mv91xx - ok
18:26:31.0967 2132 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:26:31.0972 2132 napagent - ok
18:26:32.0007 2132 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:26:32.0010 2132 NativeWifiP - ok
18:26:32.0081 2132 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:26:32.0088 2132 NDIS - ok
18:26:32.0101 2132 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:26:32.0102 2132 NdisCap - ok
18:26:32.0120 2132 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:26:32.0121 2132 NdisTapi - ok
18:26:32.0161 2132 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:26:32.0162 2132 Ndisuio - ok
18:26:32.0199 2132 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:26:32.0201 2132 NdisWan - ok
18:26:32.0238 2132 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:26:32.0239 2132 NDProxy - ok
18:26:32.0256 2132 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:26:32.0257 2132 NetBIOS - ok
18:26:32.0294 2132 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:26:32.0296 2132 NetBT - ok
18:26:32.0331 2132 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:26:32.0332 2132 Netlogon - ok
18:26:32.0376 2132 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:26:32.0380 2132 Netman - ok
18:26:32.0497 2132 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:32.0499 2132 NetMsmqActivator - ok
18:26:32.0512 2132 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:32.0513 2132 NetPipeActivator - ok
18:26:32.0543 2132 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:26:32.0548 2132 netprofm - ok
18:26:32.0562 2132 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:32.0564 2132 NetTcpActivator - ok
18:26:32.0567 2132 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:32.0568 2132 NetTcpPortSharing - ok
18:26:32.0590 2132 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:26:32.0591 2132 nfrd960 - ok
18:26:32.0636 2132 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:26:32.0640 2132 NlaSvc - ok
18:26:32.0645 2132 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:26:32.0646 2132 Npfs - ok
18:26:32.0655 2132 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:26:32.0657 2132 nsi - ok
18:26:32.0671 2132 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:26:32.0672 2132 nsiproxy - ok
18:26:32.0786 2132 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:26:32.0795 2132 Ntfs - ok
18:26:32.0854 2132 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:26:32.0855 2132 Null - ok
18:26:32.0890 2132 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
18:26:32.0892 2132 NVHDA - ok
18:26:33.0591 2132 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:26:33.0629 2132 nvlddmkm - ok
18:26:33.0737 2132 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:26:33.0739 2132 nvraid - ok
18:26:33.0789 2132 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:26:33.0791 2132 nvstor - ok
18:26:33.0876 2132 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
18:26:33.0884 2132 nvsvc - ok
18:26:34.0092 2132 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:26:34.0109 2132 nvUpdatusService - ok
18:26:34.0201 2132 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:26:34.0203 2132 nv_agp - ok
18:26:34.0230 2132 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:26:34.0231 2132 ohci1394 - ok
18:26:34.0276 2132 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:26:34.0277 2132 ose - ok
18:26:34.0567 2132 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:26:34.0581 2132 osppsvc - ok
18:26:34.0654 2132 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:26:34.0658 2132 p2pimsvc - ok
18:26:34.0692 2132 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:26:34.0697 2132 p2psvc - ok
18:26:34.0726 2132 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:26:34.0727 2132 Parport - ok
18:26:34.0755 2132 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:26:34.0756 2132 partmgr - ok
18:26:34.0780 2132 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:26:34.0783 2132 PcaSvc - ok
18:26:34.0814 2132 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:26:34.0816 2132 pci - ok
18:26:34.0845 2132 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:26:34.0846 2132 pciide - ok
18:26:34.0870 2132 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:26:34.0872 2132 pcmcia - ok
18:26:34.0890 2132 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:26:34.0891 2132 pcw - ok
18:26:34.0937 2132 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:26:34.0943 2132 PEAUTH - ok
18:26:35.0035 2132 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
18:26:35.0046 2132 PeerDistSvc - ok
18:26:35.0120 2132 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:26:35.0122 2132 PerfHost - ok
18:26:35.0284 2132 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:26:35.0295 2132 pla - ok
18:26:35.0345 2132 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:26:35.0349 2132 PlugPlay - ok
18:26:35.0374 2132 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:26:35.0376 2132 PNRPAutoReg - ok
18:26:35.0404 2132 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:26:35.0407 2132 PNRPsvc - ok
18:26:35.0442 2132 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:26:35.0446 2132 PolicyAgent - ok
18:26:35.0478 2132 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:26:35.0481 2132 Power - ok
18:26:35.0528 2132 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:26:35.0529 2132 PptpMiniport - ok
18:26:35.0548 2132 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:26:35.0549 2132 Processor - ok
18:26:35.0582 2132 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
18:26:35.0586 2132 ProfSvc - ok
18:26:35.0622 2132 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:26:35.0624 2132 ProtectedStorage - ok
18:26:35.0662 2132 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:26:35.0663 2132 Psched - ok
18:26:35.0768 2132 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:26:35.0779 2132 ql2300 - ok
18:26:35.0850 2132 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:26:35.0852 2132 ql40xx - ok
18:26:35.0896 2132 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:26:35.0899 2132 QWAVE - ok
18:26:35.0914 2132 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:26:35.0915 2132 QWAVEdrv - ok
18:26:35.0930 2132 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:26:35.0930 2132 RasAcd - ok
18:26:35.0952 2132 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:26:35.0953 2132 RasAgileVpn - ok
18:26:35.0977 2132 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:26:35.0980 2132 RasAuto - ok
18:26:36.0013 2132 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:26:36.0015 2132 Rasl2tp - ok
18:26:36.0050 2132 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:26:36.0054 2132 RasMan - ok
18:26:36.0077 2132 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:26:36.0079 2132 RasPppoe - ok
18:26:36.0090 2132 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:26:36.0091 2132 RasSstp - ok
18:26:36.0132 2132 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:26:36.0135 2132 rdbss - ok
18:26:36.0145 2132 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:26:36.0146 2132 rdpbus - ok
18:26:36.0169 2132 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:26:36.0170 2132 RDPCDD - ok
18:26:36.0206 2132 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:26:36.0208 2132 RDPDR - ok
18:26:36.0226 2132 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:26:36.0227 2132 RDPENCDD - ok
18:26:36.0236 2132 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:26:36.0236 2132 RDPREFMP - ok
18:26:36.0298 2132 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
18:26:36.0299 2132 RdpVideoMiniport - ok
18:26:36.0335 2132 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
18:26:36.0337 2132 RDPWD - ok
18:26:36.0375 2132 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:26:36.0378 2132 rdyboost - ok
18:26:36.0407 2132 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:26:36.0409 2132 RemoteAccess - ok
18:26:36.0444 2132 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:26:36.0447 2132 RemoteRegistry - ok
18:26:36.0482 2132 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:26:36.0484 2132 RFCOMM - ok
18:26:36.0523 2132 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
18:26:36.0525 2132 RimUsb - ok
18:26:36.0551 2132 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
18:26:36.0552 2132 RimVSerPort - ok
18:26:36.0569 2132 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
18:26:36.0570 2132 ROOTMODEM - ok
18:26:36.0589 2132 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:26:36.0591 2132 RpcEptMapper - ok
18:26:36.0609 2132 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:26:36.0610 2132 RpcLocator - ok
18:26:36.0666 2132 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:26:36.0672 2132 RpcSs - ok
18:26:36.0688 2132 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:26:36.0689 2132 rspndr - ok
18:26:36.0717 2132 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:26:36.0718 2132 s3cap - ok
18:26:36.0755 2132 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:26:36.0757 2132 SamSs - ok
18:26:36.0800 2132 Samsung UPD Service2 (2c31378a5695526e99adab928157b992) C:\Windows\System32\SUPDSvc2.exe
18:26:36.0803 2132 Samsung UPD Service2 - ok
18:26:36.0836 2132 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:26:36.0838 2132 sbp2port - ok
18:26:36.0855 2132 SBRE - ok
18:26:36.0892 2132 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:26:36.0895 2132 SCardSvr - ok
18:26:36.0924 2132 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:26:36.0925 2132 scfilter - ok
18:26:37.0012 2132 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:26:37.0022 2132 Schedule - ok
18:26:37.0052 2132 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:26:37.0053 2132 SCPolicySvc - ok
18:26:37.0097 2132 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:26:37.0100 2132 SDRSVC - ok
18:26:37.0147 2132 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:26:37.0148 2132 secdrv - ok
18:26:37.0180 2132 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:26:37.0182 2132 seclogon - ok
18:26:37.0207 2132 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:26:37.0210 2132 SENS - ok
18:26:37.0221 2132 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:26:37.0223 2132 SensrSvc - ok
18:26:37.0227 2132 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:26:37.0228 2132 Serenum - ok
18:26:37.0252 2132 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:26:37.0253 2132 Serial - ok
18:26:37.0282 2132 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:26:37.0283 2132 sermouse - ok
18:26:37.0314 2132 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:26:37.0317 2132 SessionEnv - ok
18:26:37.0349 2132 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:26:37.0349 2132 sffdisk - ok
18:26:37.0359 2132 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:26:37.0360 2132 sffp_mmc - ok
18:26:37.0364 2132 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:26:37.0365 2132 sffp_sd - ok
18:26:37.0377 2132 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:26:37.0378 2132 sfloppy - ok
18:26:37.0428 2132 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:26:37.0432 2132 ShellHWDetection - ok
18:26:37.0449 2132 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:26:37.0450 2132 SiSRaid2 - ok
18:26:37.0465 2132 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:26:37.0467 2132 SiSRaid4 - ok
18:26:37.0513 2132 SkLaggProtocol (e6152bf23bf29585fbceeecbfbae000c) C:\Windows\system32\DRIVERS\yk62x64l.sys
18:26:37.0514 2132 SkLaggProtocol - ok
18:26:37.0536 2132 SkVlanProtocol (fbf71f6e89d3d9ab57dc81829f95c2f1) C:\Windows\system32\DRIVERS\yk62x64v.sys
18:26:37.0537 2132 SkVlanProtocol - ok
18:26:37.0613 2132 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
18:26:37.0615 2132 SkypeUpdate - ok
18:26:37.0632 2132 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:26:37.0634 2132 Smb - ok
18:26:37.0667 2132 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:26:37.0669 2132 SNMPTRAP - ok
18:26:37.0684 2132 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:26:37.0685 2132 spldr - ok
18:26:37.0735 2132 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:26:37.0741 2132 Spooler - ok
18:26:37.0950 2132 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:26:37.0962 2132 sppsvc - ok
18:26:38.0042 2132 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:26:38.0044 2132 sppuinotify - ok
18:26:38.0130 2132 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys
18:26:38.0130 2132 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2
18:26:38.0131 2132 sptd ( LockedFile.Multi.Generic ) - warning
18:26:38.0131 2132 sptd - detected LockedFile.Multi.Generic (1)
18:26:38.0213 2132 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:26:38.0217 2132 srv - ok
18:26:38.0258 2132 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:26:38.0262 2132 srv2 - ok
18:26:38.0305 2132 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:26:38.0307 2132 srvnet - ok
18:26:38.0343 2132 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:26:38.0347 2132 SSDPSRV - ok
18:26:38.0383 2132 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
18:26:38.0384 2132 SSPORT - ok
18:26:38.0400 2132 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:26:38.0402 2132 SstpSvc - ok
18:26:38.0436 2132 ssudmdm (855335bf5792e56164f98c012e3d92dd) C:\Windows\system32\DRIVERS\ssudmdm.sys
18:26:38.0438 2132 ssudmdm - ok
18:26:38.0470 2132 Steam Client Service - ok
18:26:38.0578 2132 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:26:38.0581 2132 Stereo Service - ok
18:26:38.0599 2132 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:26:38.0600 2132 stexstor - ok
18:26:38.0660 2132 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:26:38.0667 2132 stisvc - ok
18:26:38.0700 2132 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:26:38.0701 2132 storflt - ok
18:26:38.0714 2132 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:26:38.0714 2132 storvsc - ok
18:26:38.0739 2132 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:26:38.0740 2132 swenum - ok
18:26:38.0774 2132 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:26:38.0779 2132 swprv - ok
18:26:38.0782 2132 Synth3dVsc - ok
18:26:38.0898 2132 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:26:38.0912 2132 SysMain - ok
18:26:38.0996 2132 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:26:38.0999 2132 TabletInputService - ok
18:26:39.0043 2132 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:26:39.0048 2132 TapiSrv - ok
18:26:39.0068 2132 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:26:39.0071 2132 TBS - ok
18:26:39.0300 2132 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:26:39.0315 2132 Tcpip - ok
18:26:39.0471 2132 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:26:39.0487 2132 TCPIP6 - ok
18:26:39.0549 2132 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:26:39.0549 2132 tcpipreg - ok
18:26:39.0565 2132 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:26:39.0565 2132 TDPIPE - ok
18:26:39.0596 2132 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:26:39.0596 2132 TDTCP - ok
18:26:39.0627 2132 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:26:39.0627 2132 tdx - ok
18:26:39.0674 2132 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:26:39.0674 2132 TermDD - ok
18:26:39.0721 2132 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:26:39.0736 2132 TermService - ok
18:26:39.0736 2132 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:26:39.0736 2132 Themes - ok
18:26:39.0768 2132 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:26:39.0768 2132 THREADORDER - ok
18:26:39.0783 2132 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:26:39.0783 2132 TrkWks - ok
18:26:39.0814 2132 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:26:39.0814 2132 TrustedInstaller - ok
18:26:39.0861 2132 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:26:39.0861 2132 tssecsrv - ok
18:26:39.0892 2132 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:26:39.0892 2132 TsUsbFlt - ok
18:26:39.0892 2132 tsusbhub - ok
18:26:39.0939 2132 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:26:39.0939 2132 tunnel - ok
18:26:40.0080 2132 TVersityMediaServer (06bccb3bf0d06adccc4ebc8ef682dd59) C:\ProgramData\TVersity\Media Server\MediaServer.exe
18:26:40.0080 2132 TVersityMediaServer - ok
18:26:40.0158 2132 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:26:40.0158 2132 uagp35 - ok
18:26:40.0204 2132 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:26:40.0204 2132 udfs - ok
18:26:40.0220 2132 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:26:40.0236 2132 UI0Detect - ok
18:26:40.0267 2132 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:26:40.0267 2132 uliagpkx - ok
18:26:40.0298 2132 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:26:40.0314 2132 umbus - ok
18:26:40.0329 2132 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:26:40.0329 2132 UmPass - ok
18:26:40.0360 2132 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
18:26:40.0376 2132 UmRdpService - ok
18:26:40.0407 2132 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:26:40.0407 2132 upnphost - ok
18:26:40.0438 2132 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:26:40.0438 2132 usbccgp - ok
18:26:40.0470 2132 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:26:40.0470 2132 usbcir - ok
18:26:40.0485 2132 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:26:40.0485 2132 usbehci - ok
18:26:40.0516 2132 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:26:40.0532 2132 usbhub - ok
18:26:40.0548 2132 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:26:40.0548 2132 usbohci - ok
18:26:40.0563 2132 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:26:40.0563 2132 usbprint - ok
18:26:40.0579 2132 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:26:40.0579 2132 usbscan - ok
18:26:40.0594 2132 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:26:40.0594 2132 USBSTOR - ok
18:26:40.0610 2132 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:26:40.0610 2132 usbuhci - ok
18:26:40.0657 2132 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
18:26:40.0657 2132 usb_rndisx - ok
18:26:40.0672 2132 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:26:40.0672 2132 UxSms - ok
18:26:40.0704 2132 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:26:40.0704 2132 VaultSvc - ok
18:26:40.0735 2132 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:26:40.0735 2132 vdrvroot - ok
18:26:40.0782 2132 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:26:40.0782 2132 vds - ok
18:26:40.0813 2132 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:26:40.0813 2132 vga - ok
18:26:40.0828 2132 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:26:40.0828 2132 VgaSave - ok
18:26:40.0844 2132 VGPU - ok
18:26:40.0875 2132 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:26:40.0875 2132 vhdmp - ok
18:26:40.0906 2132 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:26:40.0906 2132 viaide - ok
18:26:40.0938 2132 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:26:40.0938 2132 vmbus - ok
18:26:40.0953 2132 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:26:40.0953 2132 VMBusHID - ok
18:26:40.0984 2132 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:26:40.0984 2132 volmgr - ok
18:26:41.0031 2132 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:26:41.0047 2132 volmgrx - ok
18:26:41.0062 2132 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:26:41.0062 2132 volsnap - ok
18:26:41.0140 2132 vpnagent (c52acf0e71dfcb0d7ebddc005aa76815) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
18:26:41.0140 2132 vpnagent - ok
18:26:41.0156 2132 vpnva (22cbf4070aa7e13c17389eda5b944a10) C:\Windows\system32\DRIVERS\vpnva64.sys
18:26:41.0156 2132 vpnva - ok
18:26:41.0187 2132 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:26:41.0187 2132 vsmraid - ok
18:26:41.0296 2132 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:26:41.0312 2132 VSS - ok
18:26:41.0390 2132 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
18:26:41.0390 2132 vwifibus - ok
18:26:41.0437 2132 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:26:41.0452 2132 W32Time - ok
18:26:41.0468 2132 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:26:41.0468 2132 WacomPen - ok
18:26:41.0515 2132 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:26:41.0515 2132 WANARP - ok
18:26:41.0530 2132 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:26:41.0530 2132 Wanarpv6 - ok
18:26:41.0640 2132 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:26:41.0640 2132 WatAdminSvc - ok
18:26:41.0749 2132 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:26:41.0764 2132 wbengine - ok
18:26:41.0827 2132 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:26:41.0842 2132 WbioSrvc - ok
18:26:41.0889 2132 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:26:41.0905 2132 wcncsvc - ok
18:26:41.0920 2132 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:26:41.0920 2132 WcsPlugInService - ok
18:26:41.0952 2132 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:26:41.0967 2132 Wd - ok
18:26:41.0998 2132 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:26:42.0014 2132 Wdf01000 - ok
18:26:42.0030 2132 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:26:42.0030 2132 WdiServiceHost - ok
18:26:42.0045 2132 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:26:42.0045 2132 WdiSystemHost - ok
18:26:42.0092 2132 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:26:42.0092 2132 WebClient - ok
18:26:42.0123 2132 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:26:42.0123 2132 Wecsvc - ok
18:26:42.0154 2132 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:26:42.0154 2132 wercplsupport - ok
18:26:42.0186 2132 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:26:42.0186 2132 WerSvc - ok
18:26:42.0217 2132 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:26:42.0217 2132 WfpLwf - ok
18:26:42.0217 2132 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:26:42.0217 2132 WIMMount - ok
18:26:42.0232 2132 WinHttpAutoProxySvc - ok
18:26:42.0279 2132 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:26:42.0279 2132 Winmgmt - ok
18:26:42.0404 2132 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:26:42.0420 2132 WinRM - ok
18:26:42.0544 2132 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:26:42.0544 2132 WinUsb - ok
18:26:42.0607 2132 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:26:42.0622 2132 Wlansvc - ok
18:26:42.0669 2132 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:26:42.0669 2132 WmiAcpi - ok
18:26:42.0700 2132 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:26:42.0700 2132 wmiApSrv - ok
18:26:42.0716 2132 WMPNetworkSvc - ok
18:26:42.0732 2132 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:26:42.0732 2132 WPCSvc - ok
18:26:42.0778 2132 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:26:42.0778 2132 WPDBusEnum - ok
18:26:42.0794 2132 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:26:42.0794 2132 ws2ifsl - ok
18:26:42.0794 2132 WSearch - ok
18:26:42.0950 2132 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:26:42.0966 2132 wuauserv - ok
18:26:43.0044 2132 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:26:43.0044 2132 WudfPf - ok
18:26:43.0075 2132 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:26:43.0075 2132 WUDFRd - ok
18:26:43.0106 2132 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:26:43.0106 2132 wudfsvc - ok
18:26:43.0137 2132 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:26:43.0137 2132 WwanSvc - ok
18:26:43.0168 2132 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:26:43.0246 2132 \Device\Harddisk0\DR0 - ok
18:26:43.0262 2132 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
18:26:43.0496 2132 \Device\Harddisk1\DR1 - ok
18:26:43.0512 2132 Boot (0x1200) (8c1d1140e23916e739974c2e811f2d8d) \Device\Harddisk0\DR0\Partition0
18:26:43.0512 2132 \Device\Harddisk0\DR0\Partition0 - ok
18:26:43.0512 2132 Boot (0x1200) (cf2b3bc20c28014dc93e4bcd921fbb7b) \Device\Harddisk1\DR1\Partition0
18:26:43.0512 2132 \Device\Harddisk1\DR1\Partition0 - ok
18:26:43.0512 2132 ============================================================
18:26:43.0512 2132 Scan finished
18:26:43.0512 2132 ============================================================
18:26:43.0527 5220 Detected object count: 1
18:26:43.0527 5220 Actual detected object count: 1
18:28:16.0498 5220 sptd ( LockedFile.Multi.Generic ) - skipped by user
18:28:16.0498 5220 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:28:29.0368 6028 ============================================================
18:28:29.0368 6028 Scan started
18:28:29.0368 6028 Mode: Manual; TDLFS;
18:28:29.0368 6028 ============================================================
18:28:30.0585 6028 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:28:30.0585 6028 1394ohci - ok
18:28:30.0632 6028 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:28:30.0632 6028 ACPI - ok
18:28:30.0663 6028 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:28:30.0663 6028 AcpiPmi - ok
18:28:30.0710 6028 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:28:30.0710 6028 AdobeARMservice - ok
18:28:30.0819 6028 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:28:30.0819 6028 AdobeFlashPlayerUpdateSvc - ok
18:28:30.0866 6028 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:28:30.0866 6028 adp94xx - ok
18:28:30.0897 6028 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:28:30.0897 6028 adpahci - ok
18:28:30.0928 6028 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:28:30.0928 6028 adpu320 - ok
18:28:30.0944 6028 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:28:30.0959 6028 AeLookupSvc - ok
18:28:31.0006 6028 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:28:31.0006 6028 AFD - ok
18:28:31.0037 6028 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:28:31.0037 6028 agp440 - ok
18:28:31.0053 6028 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:28:31.0053 6028 ALG - ok
18:28:31.0068 6028 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:28:31.0068 6028 aliide - ok
18:28:31.0084 6028 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:28:31.0084 6028 amdide - ok
18:28:31.0084 6028 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:28:31.0100 6028 AmdK8 - ok
18:28:31.0100 6028 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:28:31.0115 6028 AmdPPM - ok
18:28:31.0146 6028 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:28:31.0146 6028 amdsata - ok
18:28:31.0162 6028 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:28:31.0162 6028 amdsbs - ok
18:28:31.0193 6028 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:28:31.0193 6028 amdxata - ok
18:28:31.0209 6028 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:28:31.0209 6028 AppID - ok
18:28:31.0224 6028 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:28:31.0224 6028 AppIDSvc - ok
18:28:31.0240 6028 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:28:31.0240 6028 Appinfo - ok
18:28:31.0271 6028 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
18:28:31.0271 6028 AppMgmt - ok
18:28:31.0303 6028 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:28:31.0304 6028 arc - ok
18:28:31.0321 6028 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:28:31.0322 6028 arcsas - ok
18:28:31.0353 6028 asmthub3 (954950d11ada98ac1b7ee3c770e4622c) C:\Windows\system32\DRIVERS\asmthub3.sys
18:28:31.0355 6028 asmthub3 - ok
18:28:31.0392 6028 asmtxhci (01dbb05db1db95803e3c9f2b49afe79c) C:\Windows\system32\DRIVERS\asmtxhci.sys
18:28:31.0395 6028 asmtxhci - ok
18:28:31.0479 6028 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:28:31.0480 6028 aspnet_state - ok
18:28:31.0507 6028 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
18:28:31.0508 6028 aswFsBlk - ok
18:28:31.0532 6028 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
18:28:31.0533 6028 aswMonFlt - ok
18:28:31.0553 6028 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
18:28:31.0555 6028 aswRdr - ok
18:28:31.0631 6028 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
18:28:31.0638 6028 aswSnx - ok
18:28:31.0671 6028 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
18:28:31.0674 6028 aswSP - ok
18:28:31.0689 6028 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
18:28:31.0690 6028 aswTdi - ok
18:28:31.0709 6028 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:28:31.0709 6028 AsyncMac - ok
18:28:31.0740 6028 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:28:31.0741 6028 atapi - ok
18:28:31.0759 6028 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
18:28:31.0760 6028 AthBTPort - ok
18:28:31.0772 6028 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\system32\Drivers\AthDfu.sys
18:28:31.0773 6028 ATHDFU - ok
18:28:31.0802 6028 AtherosSvc (21753130331188c4b474e1d3b396e629) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
18:28:31.0803 6028 AtherosSvc - ok
18:28:31.0864 6028 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:28:31.0870 6028 AudioEndpointBuilder - ok
18:28:31.0877 6028 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:28:31.0882 6028 AudioSrv - ok
18:28:31.0958 6028 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:28:31.0959 6028 avast! Antivirus - ok
18:28:31.0998 6028 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:28:31.0999 6028 AxInstSV - ok
18:28:32.0037 6028 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:28:32.0041 6028 b06bdrv - ok
18:28:32.0070 6028 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:28:32.0072 6028 b57nd60a - ok
18:28:32.0092 6028 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:28:32.0093 6028 BDESVC - ok
18:28:32.0104 6028 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:28:32.0104 6028 Beep - ok
18:28:32.0176 6028 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:28:32.0182 6028 BFE - ok
18:28:32.0239 6028 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:28:32.0247 6028 BITS - ok
18:28:32.0271 6028 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:28:32.0272 6028 blbdrive - ok
18:28:32.0312 6028 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:28:32.0313 6028 bowser - ok
18:28:32.0313 6028 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:28:32.0313 6028 BrFiltLo - ok
18:28:32.0329 6028 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:28:32.0329 6028 BrFiltUp - ok
18:28:32.0366 6028 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:28:32.0368 6028 Browser - ok
18:28:32.0393 6028 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:28:32.0396 6028 Brserid - ok
18:28:32.0405 6028 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:28:32.0406 6028 BrSerWdm - ok
18:28:32.0413 6028 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:28:32.0414 6028 BrUsbMdm - ok
18:28:32.0420 6028 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:28:32.0421 6028 BrUsbSer - ok
18:28:32.0449 6028 BTATH_A2DP (fe70889a85c57a9268101b2db0474509) C:\Windows\system32\drivers\btath_a2dp.sys
18:28:32.0450 6028 BTATH_A2DP - ok
18:28:32.0461 6028 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
18:28:32.0461 6028 BTATH_BUS - ok
18:28:32.0487 6028 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
18:28:32.0488 6028 BTATH_HCRP - ok
18:28:32.0502 6028 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:28:32.0502 6028 BTATH_LWFLT - ok
18:28:32.0524 6028 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
18:28:32.0526 6028 BTATH_RCP - ok
18:28:32.0562 6028 BtFilter (aa0f5afcf077c5246589b32eceeae566) C:\Windows\system32\DRIVERS\btfilter.sys
18:28:32.0565 6028 BtFilter - ok
18:28:32.0598 6028 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:28:32.0599 6028 BthEnum - ok
18:28:32.0615 6028 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:28:32.0616 6028 BTHMODEM - ok
18:28:32.0637 6028 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:28:32.0639 6028 BthPan - ok
18:28:32.0675 6028 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
18:28:32.0679 6028 BTHPORT - ok
18:28:32.0702 6028 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:28:32.0704 6028 bthserv - ok
18:28:32.0717 6028 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
18:28:32.0719 6028 BTHUSB - ok
18:28:32.0738 6028 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:28:32.0739 6028 cdfs - ok
18:28:32.0776 6028 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:28:32.0778 6028 cdrom - ok
18:28:32.0808 6028 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:28:32.0809 6028 CertPropSvc - ok
18:28:32.0818 6028 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:28:32.0819 6028 circlass - ok
18:28:32.0844 6028 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:28:32.0847 6028 CLFS - ok
18:28:32.0906 6028 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:28:32.0908 6028 clr_optimization_v2.0.50727_32 - ok
18:28:32.0950 6028 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:28:32.0952 6028 clr_optimization_v2.0.50727_64 - ok
18:28:33.0025 6028 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:28:33.0026 6028 clr_optimization_v4.0.30319_32 - ok
18:28:33.0067 6028 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:28:33.0068 6028 clr_optimization_v4.0.30319_64 - ok
18:28:33.0075 6028 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:28:33.0076 6028 CmBatt - ok
18:28:33.0104 6028 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:28:33.0105 6028 cmdide - ok
18:28:33.0154 6028 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:28:33.0157 6028 CNG - ok
18:28:33.0169 6028 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:28:33.0170 6028 Compbatt - ok
18:28:33.0198 6028 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:28:33.0199 6028 CompositeBus - ok
18:28:33.0202 6028 COMSysApp - ok
18:28:33.0285 6028 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:28:33.0288 6028 cphs - ok
18:28:33.0305 6028 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:28:33.0305 6028 crcdisk - ok
18:28:33.0338 6028 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
18:28:33.0340 6028 CryptSvc - ok
18:28:33.0395 6028 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:28:33.0399 6028 CSC - ok
18:28:33.0456 6028 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
18:28:33.0456 6028 CscService - ok
18:28:33.0519 6028 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:28:33.0519 6028 DcomLaunch - ok
18:28:33.0563 6028 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:28:33.0566 6028 defragsvc - ok
18:28:33.0605 6028 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:28:33.0606 6028 DfsC - ok
18:28:33.0642 6028 dg_ssudbus (6060106ce00f32f63f1a73160e46e9d2) C:\Windows\system32\DRIVERS\ssudbus.sys
18:28:33.0643 6028 dg_ssudbus - ok
18:28:33.0664 6028 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:28:33.0667 6028 Dhcp - ok
18:28:33.0684 6028 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:28:33.0685 6028 discache - ok
18:28:33.0701 6028 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:28:33.0702 6028 Disk - ok
18:28:33.0741 6028 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:28:33.0743 6028 Dnscache - ok
18:28:33.0777 6028 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:28:33.0780 6028 dot3svc - ok
18:28:33.0811 6028 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:28:33.0813 6028 DPS - ok
18:28:33.0834 6028 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:28:33.0835 6028 drmkaud - ok
18:28:33.0902 6028 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:28:33.0910 6028 DXGKrnl - ok
18:28:33.0956 6028 e1cexpress (6bafd9819d9fec2edbaebc8493c711a4) C:\Windows\system32\DRIVERS\e1c62x64.sys
18:28:33.0958 6028 e1cexpress - ok
18:28:33.0972 6028 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:28:33.0973 6028 EapHost - ok
18:28:34.0160 6028 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:28:34.0177 6028 ebdrv - ok
18:28:34.0269 6028 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:28:34.0271 6028 EFS - ok
18:28:34.0357 6028 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:28:34.0362 6028 ehRecvr - ok
18:28:34.0392 6028 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:28:34.0393 6028 ehSched - ok
18:28:34.0451 6028 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:28:34.0456 6028 elxstor - ok
18:28:34.0479 6028 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:28:34.0479 6028 ErrDev - ok
18:28:34.0518 6028 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:28:34.0518 6028 EventSystem - ok
18:28:34.0534 6028 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:28:34.0534 6028 exfat - ok
18:28:34.0549 6028 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:28:34.0549 6028 fastfat - ok
18:28:34.0627 6028 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:28:34.0627 6028 Fax - ok
18:28:34.0737 6028 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:28:34.0737 6028 fdc - ok
18:28:34.0737 6028 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:28:34.0737 6028 fdPHost - ok
18:28:34.0752 6028 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:28:34.0752 6028 FDResPub - ok
18:28:34.0773 6028 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:28:34.0774 6028 FileInfo - ok
18:28:34.0785 6028 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:28:34.0786 6028 Filetrace - ok
18:28:34.0798 6028 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:28:34.0798 6028 flpydisk - ok
18:28:34.0836 6028 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:28:34.0837 6028 FltMgr - ok
18:28:34.0925 6028 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:28:34.0928 6028 FontCache - ok
18:28:35.0001 6028 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:28:35.0002 6028 FontCache3.0.0.0 - ok
18:28:35.0034 6028 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:28:35.0034 6028 FsDepends - ok
18:28:35.0065 6028 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:28:35.0066 6028 Fs_Rec - ok
18:28:35.0105 6028 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:28:35.0107 6028 fvevol - ok
18:28:35.0119 6028 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:28:35.0120 6028 gagp30kx - ok
18:28:35.0187 6028 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:28:35.0193 6028 gpsvc - ok
18:28:35.0238 6028 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:28:35.0240 6028 gupdate - ok
18:28:35.0243 6028 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:28:35.0244 6028 gupdatem - ok
18:28:35.0264 6028 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:28:35.0266 6028 gusvc - ok
18:28:35.0278 6028 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:28:35.0279 6028 hcw85cir - ok
18:28:35.0319 6028 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:28:35.0322 6028 HdAudAddService - ok
18:28:35.0342 6028 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:28:35.0343 6028 HDAudBus - ok
18:28:35.0357 6028 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:28:35.0358 6028 HidBatt - ok
18:28:35.0375 6028 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:28:35.0377 6028 HidBth - ok
18:28:35.0389 6028 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:28:35.0390 6028 HidIr - ok
18:28:35.0410 6028 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:28:35.0412 6028 hidserv - ok
18:28:35.0428 6028 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
18:28:35.0429 6028 HidUsb - ok
18:28:35.0461 6028 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:28:35.0463 6028 hkmsvc - ok
18:28:35.0502 6028 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:28:35.0505 6028 HomeGroupListener - ok
18:28:35.0540 6028 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:28:35.0543 6028 HomeGroupProvider - ok
18:28:35.0563 6028 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:28:35.0564 6028 HpSAMD - ok
18:28:35.0629 6028 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:28:35.0635 6028 HTTP - ok
18:28:35.0650 6028 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:28:35.0651 6028 hwpolicy - ok
18:28:35.0674 6028 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:28:35.0676 6028 i8042prt - ok
18:28:35.0723 6028 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:28:35.0726 6028 iaStorV - ok
18:28:35.0826 6028 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:28:35.0833 6028 idsvc - ok
18:28:36.0681 6028 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:28:36.0728 6028 igfx - ok
18:28:36.0853 6028 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:28:36.0853 6028 iirsp - ok
18:28:36.0962 6028 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:28:36.0977 6028 IKEEXT - ok
18:28:37.0165 6028 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
18:28:37.0196 6028 IntcAzAudAddService - ok
18:28:37.0555 6028 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:28:37.0555 6028 intelide - ok
18:28:37.0586 6028 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:28:37.0586 6028 intelppm - ok
18:28:37.0633 6028 Intel® PROSet Monitoring Service (068ec06f3b6dd7b81b365d8fd2ce27e6) C:\Windows\system32\IProsetMonitor.exe
18:28:37.0633 6028 Intel® PROSet Monitoring Service - ok
18:28:37.0648 6028 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:28:37.0648 6028 IPBusEnum - ok
18:28:37.0679 6028 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:28:37.0679 6028 IpFilterDriver - ok
18:28:37.0711 6028 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:28:37.0711 6028 IPMIDRV - ok
18:28:37.0742 6028 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:28:37.0742 6028 IPNAT - ok
18:28:37.0742 6028 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:28:37.0757 6028 IRENUM - ok
18:28:37.0773 6028 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:28:37.0773 6028 isapnp - ok
18:28:37.0820 6028 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:28:37.0820 6028 iScsiPrt - ok
18:28:37.0867 6028 JRAID (a577f5db30f70eca9708c07c2eacbd9d) C:\Windows\system32\DRIVERS\jraid.sys
18:28:37.0867 6028 JRAID - ok
18:28:37.0882 6028 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:28:37.0882 6028 kbdclass - ok
18:28:37.0898 6028 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:28:37.0898 6028 kbdhid - ok
18:28:37.0945 6028 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:28:37.0945 6028 KeyIso - ok
18:28:37.0945 6028 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:28:37.0945 6028 KSecDD - ok
18:28:37.0960 6028 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:28:37.0960 6028 KSecPkg - ok
18:28:37.0976 6028 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:28:37.0976 6028 ksthunk - ok
18:28:38.0023 6028 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:28:38.0023 6028 KtmRm - ok
18:28:38.0054 6028 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:28:38.0069 6028 LanmanServer - ok
18:28:38.0101 6028 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:28:38.0101 6028 LanmanWorkstation - ok
18:28:38.0116 6028 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:28:38.0116 6028 lltdio - ok
18:28:38.0147 6028 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:28:38.0163 6028 lltdsvc - ok
18:28:38.0163 6028 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:28:38.0179 6028 lmhosts - ok
18:28:38.0194 6028 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:28:38.0194 6028 LSI_FC - ok
18:28:38.0210 6028 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:28:38.0210 6028 LSI_SAS - ok
18:28:38.0225 6028 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:28:38.0225 6028 LSI_SAS2 - ok
18:28:38.0241 6028 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:28:38.0257 6028 LSI_SCSI - ok
18:28:38.0272 6028 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:28:38.0272 6028 luafv - ok
18:28:38.0319 6028 m4cxwin764 (790f789f8ce1b70e7c384ad95e8ca3ef) C:\Windows\system32\DRIVERS\m4cxwin764.sys
18:28:38.0319 6028 m4cxwin764 - ok
18:28:38.0335 6028 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
18:28:38.0335 6028 MBAMProtector - ok
18:28:38.0413 6028 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:28:38.0428 6028 MBAMService - ok
18:28:38.0459 6028 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:28:38.0459 6028 Mcx2Svc - ok
18:28:38.0475 6028 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:28:38.0475 6028 megasas - ok
18:28:38.0506 6028 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:28:38.0506 6028 MegaSR - ok
18:28:38.0537 6028 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
18:28:38.0537 6028 MEIx64 - ok
18:28:38.0553 6028 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:28:38.0553 6028 MMCSS - ok
18:28:38.0569 6028 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:28:38.0569 6028 Modem - ok
18:28:38.0584 6028 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:28:38.0584 6028 monitor - ok
18:28:38.0615 6028 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:28:38.0615 6028 mouclass - ok
18:28:38.0631 6028 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:28:38.0631 6028 mouhid - ok
18:28:38.0662 6028 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:28:38.0662 6028 mountmgr - ok
18:28:38.0693 6028 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:28:38.0709 6028 mpio - ok
18:28:38.0725 6028 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:28:38.0725 6028 mpsdrv - ok
18:28:38.0756 6028 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:28:38.0756 6028 MRxDAV - ok
18:28:38.0787 6028 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:28:38.0787 6028 mrxsmb - ok
18:28:38.0818 6028 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:28:38.0818 6028 mrxsmb10 - ok
18:28:38.0959 6028 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:28:38.0959 6028 mrxsmb20 - ok
18:28:38.0974 6028 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:28:38.0974 6028 msahci - ok
18:28:39.0005 6028 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:28:39.0005 6028 msdsm - ok
18:28:39.0021 6028 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:28:39.0021 6028 MSDTC - ok
18:28:39.0037 6028 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:28:39.0037 6028 Msfs - ok
18:28:39.0052 6028 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:28:39.0052 6028 mshidkmdf - ok
18:28:39.0068 6028 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:28:39.0068 6028 msisadrv - ok
18:28:39.0099 6028 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:28:39.0099 6028 MSiSCSI - ok
18:28:39.0099 6028 msiserver - ok
18:28:39.0115 6028 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:28:39.0115 6028 MSKSSRV - ok
18:28:39.0115 6028 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:28:39.0115 6028 MSPCLOCK - ok
18:28:39.0115 6028 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:28:39.0115 6028 MSPQM - ok
18:28:39.0161 6028 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:28:39.0177 6028 MsRPC - ok
18:28:39.0208 6028 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:28:39.0208 6028 mssmbios - ok
18:28:39.0224 6028 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:28:39.0224 6028 MSTEE - ok
18:28:39.0224 6028 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:28:39.0224 6028 MTConfig - ok
18:28:39.0239 6028 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:28:39.0239 6028 Mup - ok
18:28:39.0286 6028 mv91xx (34d08c9c64f657d194961e96c47e9c69) C:\Windows\system32\DRIVERS\mv91xx.sys
18:28:39.0286 6028 mv91xx - ok
18:28:39.0333 6028 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:28:39.0349 6028 napagent - ok
18:28:39.0380 6028 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:28:39.0380 6028 NativeWifiP - ok
18:28:39.0442 6028 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:28:39.0458 6028 NDIS - ok
18:28:39.0473 6028 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:28:39.0473 6028 NdisCap - ok
18:28:39.0473 6028 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:28:39.0473 6028 NdisTapi - ok
18:28:39.0505 6028 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:28:39.0505 6028 Ndisuio - ok
18:28:39.0551 6028 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:28:39.0551 6028 NdisWan - ok
18:28:39.0583 6028 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:28:39.0583 6028 NDProxy - ok
18:28:39.0598 6028 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:28:39.0598 6028 NetBIOS - ok
18:28:39.0629 6028 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:28:39.0629 6028 NetBT - ok
18:28:39.0676 6028 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:28:39.0676 6028 Netlogon - ok
18:28:39.0707 6028 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:28:39.0707 6028 Netman - ok
18:28:39.0801 6028 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:39.0801 6028 NetMsmqActivator - ok
18:28:39.0801 6028 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:39.0801 6028 NetPipeActivator - ok
18:28:39.0832 6028 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:28:39.0832 6028 netprofm - ok
18:28:39.0848 6028 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:39.0848 6028 NetTcpActivator - ok
18:28:39.0848 6028 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:39.0848 6028 NetTcpPortSharing - ok
18:28:39.0879 6028 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:28:39.0879 6028 nfrd960 - ok
18:28:39.0926 6028 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:28:39.0926 6028 NlaSvc - ok
18:28:39.0941 6028 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:28:39.0941 6028 Npfs - ok
18:28:39.0957 6028 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:28:39.0957 6028 nsi - ok
18:28:39.0973 6028 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:28:39.0973 6028 nsiproxy - ok
18:28:40.0082 6028 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:28:40.0097 6028 Ntfs - ok
18:28:40.0160 6028 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:28:40.0160 6028 Null - ok
18:28:40.0175 6028 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
18:28:40.0175 6028 NVHDA - ok
18:28:40.0862 6028 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:28:40.0893 6028 nvlddmkm - ok
18:28:41.0002 6028 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:28:41.0002 6028 nvraid - ok
18:28:41.0033 6028 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:28:41.0033 6028 nvstor - ok
18:28:41.0111 6028 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
18:28:41.0111 6028 nvsvc - ok
18:28:41.0267 6028 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:28:41.0283 6028 nvUpdatusService - ok
18:28:41.0361 6028 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:28:41.0361 6028 nv_agp - ok
18:28:41.0392 6028 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:28:41.0392 6028 ohci1394 - ok
18:28:41.0408 6028 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:28:41.0423 6028 ose - ok
18:28:41.0704 6028 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:28:41.0720 6028 osppsvc - ok
18:28:41.0798 6028 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:28:41.0798 6028 p2pimsvc - ok
18:28:41.0845 6028 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:28:41.0845 6028 p2psvc - ok
18:28:41.0876 6028 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:28:41.0876 6028 Parport - ok
18:28:41.0907 6028 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:28:41.0907 6028 partmgr - ok
18:28:41.0923 6028 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:28:41.0938 6028 PcaSvc - ok
18:28:41.0985 6028 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:28:41.0985 6028 pci - ok
18:28:42.0047 6028 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:28:42.0047 6028 pciide - ok
18:28:42.0063 6028 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:28:42.0063 6028 pcmcia - ok
18:28:42.0094 6028 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:28:42.0094 6028 pcw - ok
18:28:42.0141 6028 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:28:42.0141 6028 PEAUTH - ok
18:28:42.0235 6028 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
18:28:42.0250 6028 PeerDistSvc - ok
18:28:42.0313 6028 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:28:42.0313 6028 PerfHost - ok
18:28:42.0453 6028 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:28:42.0453 6028 pla - ok
18:28:42.0515 6028 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:28:42.0515 6028 PlugPlay - ok
18:28:42.0547 6028 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:28:42.0547 6028 PNRPAutoReg - ok
18:28:42.0562 6028 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:28:42.0578 6028 PNRPsvc - ok
18:28:42.0625 6028 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:28:42.0625 6028 PolicyAgent - ok
18:28:42.0656 6028 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:28:42.0656 6028 Power - ok
18:28:42.0718 6028 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:28:42.0718 6028 PptpMiniport - ok
18:28:42.0734 6028 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:28:42.0734 6028 Processor - ok
18:28:42.0765 6028 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
18:28:42.0781 6028 ProfSvc - ok
18:28:42.0812 6028 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:28:42.0812 6028 ProtectedStorage - ok
18:28:42.0843 6028 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:28:42.0843 6028 Psched - ok
18:28:43.0015 6028 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:28:43.0030 6028 ql2300 - ok
18:28:43.0093 6028 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:28:43.0093 6028 ql40xx - ok
18:28:43.0124 6028 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:28:43.0124 6028 QWAVE - ok
18:28:43.0139 6028 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:28:43.0139 6028 QWAVEdrv - ok
18:28:43.0155 6028 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:28:43.0155 6028 RasAcd - ok
18:28:43.0171 6028 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:28:43.0171 6028 RasAgileVpn - ok
18:28:43.0186 6028 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:28:43.0202 6028 RasAuto - ok
18:28:43.0233 6028 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:28:43.0233 6028 Rasl2tp - ok
18:28:43.0264 6028 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:28:43.0264 6028 RasMan - ok
18:28:43.0280 6028 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:28:43.0280 6028 RasPppoe - ok
18:28:43.0295 6028 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:28:43.0295 6028 RasSstp - ok
18:28:43.0342 6028 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:28:43.0342 6028 rdbss - ok
18:28:43.0358 6028 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:28:43.0358 6028 rdpbus - ok
18:28:43.0358 6028 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:28:43.0358 6028 RDPCDD - ok
18:28:43.0389 6028 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:28:43.0405 6028 RDPDR - ok
18:28:43.0420 6028 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:28:43.0420 6028 RDPENCDD - ok
18:28:43.0420 6028 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:28:43.0420 6028 RDPREFMP - ok
18:28:43.0483 6028 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
18:28:43.0483 6028 RdpVideoMiniport - ok
18:28:43.0514 6028 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
18:28:43.0514 6028 RDPWD - ok
18:28:43.0561 6028 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:28:43.0561 6028 rdyboost - ok
18:28:43.0592 6028 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:28:43.0592 6028 RemoteAccess - ok
18:28:43.0607 6028 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:28:43.0607 6028 RemoteRegistry - ok
18:28:43.0639 6028 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:28:43.0639 6028 RFCOMM - ok
18:28:43.0654 6028 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
18:28:43.0654 6028 RimUsb - ok
18:28:43.0685 6028 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
18:28:43.0685 6028 RimVSerPort - ok
18:28:43.0685 6028 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
18:28:43.0701 6028 ROOTMODEM - ok
18:28:43.0717 6028 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:28:43.0717 6028 RpcEptMapper - ok
18:28:43.0732 6028 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:28:43.0732 6028 RpcLocator - ok
18:28:43.0795 6028 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:28:43.0795 6028 RpcSs - ok
18:28:43.0810 6028 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:28:43.0810 6028 rspndr - ok
18:28:43.0841 6028 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:28:43.0841 6028 s3cap - ok
18:28:43.0873 6028 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:28:43.0873 6028 SamSs - ok
18:28:43.0904 6028 Samsung UPD Service2 (2c31378a5695526e99adab928157b992) C:\Windows\System32\SUPDSvc2.exe
18:28:43.0904 6028 Samsung UPD Service2 - ok
18:28:44.0075 6028 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:28:44.0075 6028 sbp2port - ok
18:28:44.0091 6028 SBRE - ok
18:28:44.0107 6028 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:28:44.0107 6028 SCardSvr - ok
18:28:44.0138 6028 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:28:44.0138 6028 scfilter - ok
18:28:44.0231 6028 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:28:44.0231 6028 Schedule - ok
18:28:44.0309 6028 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:28:44.0325 6028 SCPolicySvc - ok
18:28:44.0341 6028 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:28:44.0356 6028 SDRSVC - ok
18:28:44.0387 6028 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:28:44.0387 6028 secdrv - ok
18:28:44.0419 6028 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:28:44.0419 6028 seclogon - ok
18:28:44.0434 6028 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:28:44.0434 6028 SENS - ok
18:28:44.0450 6028 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:28:44.0450 6028 SensrSvc - ok
18:28:44.0465 6028 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:28:44.0465 6028 Serenum - ok
18:28:44.0481 6028 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:28:44.0481 6028 Serial - ok
18:28:44.0512 6028 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:28:44.0512 6028 sermouse - ok
18:28:44.0543 6028 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:28:44.0543 6028 SessionEnv - ok
18:28:44.0575 6028 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:28:44.0575 6028 sffdisk - ok
18:28:44.0575 6028 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:28:44.0590 6028 sffp_mmc - ok
18:28:44.0590 6028 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:28:44.0590 6028 sffp_sd - ok
18:28:44.0606 6028 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:28:44.0606 6028 sfloppy - ok
18:28:44.0653 6028 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:28:44.0653 6028 ShellHWDetection - ok
18:28:44.0668 6028 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:28:44.0668 6028 SiSRaid2 - ok
18:28:44.0684 6028 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:28:44.0684 6028 SiSRaid4 - ok
18:28:44.0731 6028 SkLaggProtocol (e6152bf23bf29585fbceeecbfbae000c) C:\Windows\system32\DRIVERS\yk62x64l.sys
18:28:44.0731 6028 SkLaggProtocol - ok
18:28:44.0746 6028 SkVlanProtocol (fbf71f6e89d3d9ab57dc81829f95c2f1) C:\Windows\system32\DRIVERS\yk62x64v.sys
18:28:44.0746 6028 SkVlanProtocol - ok
18:28:44.0855 6028 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
18:28:44.0855 6028 SkypeUpdate - ok
18:28:44.0871 6028 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:28:44.0871 6028 Smb - ok
18:28:44.0887 6028 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:28:44.0887 6028 SNMPTRAP - ok
18:28:44.0902 6028 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:28:44.0902 6028 spldr - ok
18:28:44.0965 6028 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:28:44.0965 6028 Spooler - ok
18:28:45.0183 6028 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:28:45.0199 6028 sppsvc - ok
18:28:45.0261 6028 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:28:45.0261 6028 sppuinotify - ok
18:28:45.0323 6028 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys
18:28:45.0323 6028 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2
18:28:45.0323 6028 sptd ( LockedFile.Multi.Generic ) - warning
18:28:45.0323 6028 sptd - detected LockedFile.Multi.Generic (1)
18:28:45.0386 6028 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:28:45.0386 6028 srv - ok
18:28:45.0417 6028 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:28:45.0433 6028 srv2 - ok
18:28:45.0464 6028 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:28:45.0464 6028 srvnet - ok
18:28:45.0479 6028 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:28:45.0479 6028 SSDPSRV - ok
18:28:45.0511 6028 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
18:28:45.0511 6028 SSPORT - ok
18:28:45.0526 6028 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:28:45.0526 6028 SstpSvc - ok
18:28:45.0557 6028 ssudmdm (855335bf5792e56164f98c012e3d92dd) C:\Windows\system32\DRIVERS\ssudmdm.sys
18:28:45.0557 6028 ssudmdm - ok
18:28:45.0589 6028 Steam Client Service - ok
18:28:45.0682 6028 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:28:45.0682 6028 Stereo Service - ok
18:28:45.0698 6028 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:28:45.0698 6028 stexstor - ok
18:28:45.0745 6028 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:28:45.0760 6028 stisvc - ok
18:28:45.0791 6028 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:28:45.0791 6028 storflt - ok
18:28:45.0807 6028 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:28:45.0807 6028 storvsc - ok
18:28:45.0823 6028 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:28:45.0823 6028 swenum - ok
18:28:45.0869 6028 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:28:45.0869 6028 swprv - ok
18:28:45.0869 6028 Synth3dVsc - ok
18:28:45.0994 6028 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:28:46.0010 6028 SysMain - ok
18:28:46.0119 6028 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:28:46.0119 6028 TabletInputService - ok
18:28:46.0166 6028 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:28:46.0166 6028 TapiSrv - ok
18:28:46.0197 6028 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:28:46.0197 6028 TBS - ok
18:28:46.0337 6028 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:28:46.0353 6028 Tcpip - ok
18:28:46.0493 6028 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:28:46.0509 6028 TCPIP6 - ok
18:28:46.0571 6028 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:28:46.0571 6028 tcpipreg - ok
18:28:46.0603 6028 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:28:46.0603 6028 TDPIPE - ok
18:28:46.0634 6028 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:28:46.0634 6028 TDTCP - ok
18:28:46.0665 6028 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:28:46.0665 6028 tdx - ok
18:28:46.0696 6028 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:28:46.0696 6028 TermDD - ok
18:28:46.0743 6028 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:28:46.0759 6028 TermService - ok
18:28:46.0759 6028 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:28:46.0759 6028 Themes - ok
18:28:46.0790 6028 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:28:46.0790 6028 THREADORDER - ok
18:28:46.0805 6028 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:28:46.0805 6028 TrkWks - ok
18:28:46.0852 6028 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:28:46.0852 6028 TrustedInstaller - ok
18:28:46.0883 6028 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:28:46.0883 6028 tssecsrv - ok
18:28:46.0915 6028 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:28:46.0915 6028 TsUsbFlt - ok
18:28:46.0915 6028 tsusbhub - ok
18:28:46.0961 6028 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:28:46.0961 6028 tunnel - ok
18:28:47.0086 6028 TVersityMediaServer (06bccb3bf0d06adccc4ebc8ef682dd59) C:\ProgramData\TVersity\Media Server\MediaServer.exe
18:28:47.0102 6028 TVersityMediaServer - ok
18:28:47.0180 6028 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:28:47.0180 6028 uagp35 - ok
18:28:47.0211 6028 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:28:47.0211 6028 udfs - ok
18:28:47.0242 6028 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:28:47.0242 6028 UI0Detect - ok
18:28:47.0273 6028 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:28:47.0273 6028 uliagpkx - ok
18:28:47.0305 6028 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:28:47.0305 6028 umbus - ok
18:28:47.0320 6028 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:28:47.0320 6028 UmPass - ok
18:28:47.0351 6028 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
18:28:47.0351 6028 UmRdpService - ok
18:28:47.0383 6028 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:28:47.0398 6028 upnphost - ok
18:28:47.0414 6028 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:28:47.0414 6028 usbccgp - ok
18:28:47.0445 6028 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:28:47.0445 6028 usbcir - ok
18:28:47.0476 6028 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:28:47.0476 6028 usbehci - ok
18:28:47.0507 6028 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:28:47.0507 6028 usbhub - ok
18:28:47.0539 6028 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:28:47.0539 6028 usbohci - ok
18:28:47.0554 6028 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:28:47.0554 6028 usbprint - ok
18:28:47.0570 6028 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:28:47.0570 6028 usbscan - ok
18:28:47.0585 6028 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:28:47.0585 6028 USBSTOR - ok
18:28:47.0601 6028 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:28:47.0601 6028 usbuhci - ok
18:28:47.0632 6028 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
18:28:47.0632 6028 usb_rndisx - ok
18:28:47.0648 6028 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:28:47.0648 6028 UxSms - ok
18:28:47.0679 6028 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:28:47.0679 6028 VaultSvc - ok
18:28:47.0710 6028 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:28:47.0710 6028 vdrvroot - ok
18:28:47.0757 6028 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:28:47.0757 6028 vds - ok
18:28:47.0773 6028 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:28:47.0773 6028 vga - ok
18:28:47.0788 6028 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:28:47.0788 6028 VgaSave - ok
18:28:47.0788 6028 VGPU - ok
18:28:47.0819 6028 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:28:47.0835 6028 vhdmp - ok
18:28:47.0882 6028 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:28:47.0882 6028 viaide - ok
18:28:47.0897 6028 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:28:47.0913 6028 vmbus - ok
18:28:47.0929 6028 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:28:47.0929 6028 VMBusHID - ok
18:28:47.0960 6028 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:28:47.0960 6028 volmgr - ok
18:28:48.0007 6028 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:28:48.0007 6028 volmgrx - ok
18:28:48.0022 6028 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:28:48.0038 6028 volsnap - ok
18:28:48.0100 6028 vpnagent (c52acf0e71dfcb0d7ebddc005aa76815) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
18:28:48.0100 6028 vpnagent - ok
18:28:48.0116 6028 vpnva (22cbf4070aa7e13c17389eda5b944a10) C:\Windows\system32\DRIVERS\vpnva64.sys
18:28:48.0116 6028 vpnva - ok
18:28:48.0131 6028 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:28:48.0147 6028 vsmraid - ok
18:28:48.0256 6028 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:28:48.0272 6028 VSS - ok
18:28:48.0350 6028 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
18:28:48.0350 6028 vwifibus - ok
18:28:48.0397 6028 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:28:48.0397 6028 W32Time - ok
18:28:48.0412 6028 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:28:48.0412 6028 WacomPen - ok
18:28:48.0428 6028 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:28:48.0428 6028 WANARP - ok
18:28:48.0428 6028 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:28:48.0428 6028 Wanarpv6 - ok
18:28:48.0537 6028 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:28:48.0553 6028 WatAdminSvc - ok
18:28:48.0646 6028 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:28:48.0662 6028 wbengine - ok
18:28:48.0740 6028 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:28:48.0740 6028 WbioSrvc - ok
18:28:48.0787 6028 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:28:48.0802 6028 wcncsvc - ok
18:28:48.0818 6028 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:28:48.0818 6028 WcsPlugInService - ok
18:28:48.0833 6028 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:28:48.0833 6028 Wd - ok
18:28:48.0880 6028 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:28:48.0880 6028 Wdf01000 - ok
18:28:48.0896 6028 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:28:48.0896 6028 WdiServiceHost - ok
18:28:48.0896 6028 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:28:48.0911 6028 WdiSystemHost - ok
18:28:48.0943 6028 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:28:48.0958 6028 WebClient - ok
18:28:48.0974 6028 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:28:48.0989 6028 Wecsvc - ok
18:28:49.0005 6028 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:28:49.0005 6028 wercplsupport - ok
18:28:49.0021 6028 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:28:49.0021 6028 WerSvc - ok
18:28:49.0036 6028 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:28:49.0036 6028 WfpLwf - ok
18:28:49.0052 6028 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:28:49.0052 6028 WIMMount - ok
18:28:49.0052 6028 WinHttpAutoProxySvc - ok
18:28:49.0130 6028 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:28:49.0130 6028 Winmgmt - ok
18:28:49.0270 6028 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:28:49.0286 6028 WinRM - ok
18:28:49.0364 6028 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:28:49.0379 6028 WinUsb - ok
18:28:49.0442 6028 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:28:49.0442 6028 Wlansvc - ok
18:28:49.0473 6028 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:28:49.0473 6028 WmiAcpi - ok
18:28:49.0504 6028 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:28:49.0504 6028 wmiApSrv - ok
18:28:49.0520 6028 WMPNetworkSvc - ok
18:28:49.0535 6028 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:28:49.0535 6028 WPCSvc - ok
18:28:49.0582 6028 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:28:49.0582 6028 WPDBusEnum - ok
18:28:49.0598 6028 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:28:49.0598 6028 ws2ifsl - ok
18:28:49.0598 6028 WSearch - ok
18:28:49.0754 6028 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:28:49.0769 6028 wuauserv - ok
18:28:49.0863 6028 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:28:49.0863 6028 WudfPf - ok
18:28:49.0894 6028 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:28:49.0894 6028 WUDFRd - ok
18:28:49.0925 6028 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:28:49.0925 6028 wudfsvc - ok
18:28:49.0957 6028 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:28:49.0957 6028 WwanSvc - ok
18:28:49.0988 6028 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:28:50.0050 6028 \Device\Harddisk0\DR0 - ok
18:28:50.0050 6028 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
18:28:50.0206 6028 \Device\Harddisk1\DR1 - ok
18:28:50.0206 6028 Boot (0x1200) (8c1d1140e23916e739974c2e811f2d8d) \Device\Harddisk0\DR0\Partition0
18:28:50.0206 6028 \Device\Harddisk0\DR0\Partition0 - ok
18:28:50.0206 6028 Boot (0x1200) (cf2b3bc20c28014dc93e4bcd921fbb7b) \Device\Harddisk1\DR1\Partition0
18:28:50.0206 6028 \Device\Harddisk1\DR1\Partition0 - ok
18:28:50.0206 6028 ============================================================
18:28:50.0206 6028 Scan finished
18:28:50.0206 6028 ============================================================
18:28:50.0222 2092 Detected object count: 1
18:28:50.0222 2092 Actual detected object count: 1
18:28:55.0853 2092 sptd ( LockedFile.Multi.Generic ) - skipped by user
18:28:55.0853 2092 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:28:59.0285 5396 Deinitialize success

Edited by Rakoth, 05 July 2012 - 07:30 PM.


#4 Rakoth

Rakoth
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 05 July 2012 - 07:33 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-05 18:42:31
-----------------------------
18:42:31.684 OS Version: Windows x64 6.1.7601 Service Pack 1
18:42:31.684 Number of processors: 4 586 0x2A07
18:42:31.684 ComputerName: RAKOTH-DESKTOP UserName: Rakoth
18:42:34.069 Initialize success
18:42:34.100 AVAST engine defs: 12070501
18:42:58.773 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:42:58.773 Disk 0 Vendor: WDC_WD5000AAKS-00A7B2 01.03B01 Size: 476940MB BusType: 11
18:42:58.773 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
18:42:58.788 Disk 1 Vendor: WDC_WD7501AALS-00E3A0 05.01D05 Size: 715404MB BusType: 11
18:42:58.851 Disk 0 MBR read successfully
18:42:58.851 Disk 0 MBR scan
18:42:58.851 Disk 0 Windows 7 default MBR code
18:42:58.882 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 476938 MB offset 2048
18:42:58.898 Disk 0 scanning C:\Windows\system32\drivers
18:43:05.808 Service scanning
18:43:15.636 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
18:43:19.035 Modules scanning
18:43:19.044 Disk 0 trace - called modules:
18:43:19.071 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa800c73b2c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
18:43:19.078 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800ddf2060]
18:43:19.084 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800d599060]
18:43:19.086 \Driver\atapi[0xfffffa800d55cb50] -> IRP_MJ_CREATE -> 0xfffffa800c73b2c0
18:43:21.111 AVAST engine scan C:\Windows
18:43:27.530 AVAST engine scan C:\Windows\system32
18:45:10.230 AVAST engine scan C:\Windows\system32\drivers
18:45:20.144 AVAST engine scan C:\Users\Rakoth
18:50:43.867 File: C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed}\n **INFECTED** Win32:Sirefef-PL [Rtk]
18:50:43.913 File: C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed}\U\00000004.@ **INFECTED** Win32:Malware-gen
18:50:44.023 File: C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed}\U\80000000.@ **INFECTED** Win32:Malware-gen
18:50:44.054 File: C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed}\U\80000032.@ **INFECTED** Win32:Atraps-PF [Trj]
18:50:44.085 File: C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed}\U\80000064.@ **INFECTED** Win32:Atraps-PF [Trj]
18:53:45.935 AVAST engine scan C:\ProgramData
18:55:34.807 Scan finished successfully
18:56:57.129 Disk 0 MBR has been saved successfully to "C:\Users\Rakoth\Documents\MBR.dat"
18:56:57.129 The log file has been saved successfully to "C:\Users\Rakoth\Documents\aswMBR.txt"

Edited by Rakoth, 05 July 2012 - 07:57 PM.


#5 Rakoth

Rakoth
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 05 July 2012 - 08:59 PM

C:\Users\Rakoth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MVA2RQSD\99[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed}\n Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:41 PM

Posted 05 July 2012 - 09:16 PM

Boot into normal mode

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{0b617a03-38a3-5ea4-f144-d82f20b090ed}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Edited by narenxp, 05 July 2012 - 09:16 PM.


#7 Rakoth

Rakoth
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 06 July 2012 - 06:39 AM

SystemLook 30.07.11 by jpshortstuff
Log created at 05:38 on 06/07/2012 by Rakoth
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{0b617a03-38a3-5ea4-f144-d82f20b090ed}"
C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed} d--hs-- [12:21 11/01/2012]
C:\Windows\Installer\{0b617a03-38a3-5ea4-f144-d82f20b090ed} d--hs-- [15:54 05/07/2012]

-= EOF =-

#8 Rakoth

Rakoth
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 06 July 2012 - 07:37 AM

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.06.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Rakoth :: RAKOTH-DESKTOP [administrator]

Protection: Disabled

7/6/2012 5:40:57 AM
mbam-log-2012-07-06 (05-40-57).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 643497
Time elapsed: 55 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 Rakoth

Rakoth
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 06 July 2012 - 07:44 AM

MiniToolBox by Farbar Version: 25-06-2012
Ran by Rakoth (administrator) on 06-07-2012 at 06:43:12
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)
Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = Local Area Connection 4 (Hardware not present)
D-Link DGE-530T Gigabit Ethernet Adapter (rev.B) = Local Area Connection 3 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 4" forwarding=enabled advertise=enabled metric=1 nud=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Rakoth-Desktop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : D-Link DGE-530T Gigabit Ethernet Adapter (rev.B)
Physical Address. . . . . . . . . : 1C-BD-B9-7F-A0-8D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-26-83-34-43-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 54-04-A6-0A-5A-85
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, July 06, 2012 5:37:07 AM
Lease Expires . . . . . . . . . . : Friday, July 06, 2012 7:37:07 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 64.59.135.133
64.59.128.120
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{A655FF99-89DB-4C6D-AC6F-3A96E51E69F4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9DBAF553-F415-4054-9911-279C27832D61}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{76EEB0AC-8846-4EDC-BF1F-71AA81805AE1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: nsc1.so.cg.shawcable.net
Address: 64.59.135.133

Name: google.com
Addresses: 2607:f8b0:400a:800::1003
173.194.33.14
173.194.33.2
173.194.33.1
173.194.33.7
173.194.33.5
173.194.33.0
173.194.33.9
173.194.33.4
173.194.33.8
173.194.33.3
173.194.33.6


Pinging google.com [173.194.33.14] with 32 bytes of data:
Reply from 173.194.33.14: bytes=32 time=33ms TTL=57
Reply from 173.194.33.14: bytes=32 time=28ms TTL=57

Ping statistics for 173.194.33.14:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 33ms, Average = 30ms
Server: nsc1.so.cg.shawcable.net
Address: 64.59.135.133

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=75ms TTL=55
Reply from 209.191.122.70: bytes=32 time=75ms TTL=55

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 75ms, Maximum = 75ms, Average = 75ms
Server: nsc1.so.cg.shawcable.net
Address: 64.59.135.133

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...1c bd b9 7f a0 8d ......D-Link DGE-530T Gigabit Ethernet Adapter (rev.B)
13...00 26 83 34 43 49 ......Bluetooth Device (Personal Area Network)
10...54 04 a6 0a 5a 85 ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.10 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.10 266
192.168.0.10 255.255.255.255 On-link 192.168.0.10 266
192.168.0.255 255.255.255.255 On-link 192.168.0.10 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.10 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.10 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/05/2012 07:59:19 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7461c9f1
Faulting process id: 0x13e4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/05/2012 07:59:19 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7461c9f1
Faulting process id: 0x14b8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/05/2012 07:59:19 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7461c9f1
Faulting process id: 0x160c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/05/2012 07:58:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7461c9f1
Faulting process id: 0x8b4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/05/2012 07:58:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7461c9f1
Faulting process id: 0x12ac
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/05/2012 07:58:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7461c9f1
Faulting process id: 0x141c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/05/2012 07:56:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7461c9f1
Faulting process id: 0x1570
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/05/2012 07:56:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7461c9f1
Faulting process id: 0x1450
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/05/2012 07:56:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7461c9f1
Faulting process id: 0xef0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/05/2012 07:55:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7461c9f1
Faulting process id: 0x133c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (07/06/2012 05:37:09 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/06/2012 05:37:09 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/05/2012 08:07:54 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/05/2012 08:07:53 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/05/2012 08:07:53 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/05/2012 08:07:53 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/05/2012 08:07:53 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/05/2012 08:07:53 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/05/2012 08:07:53 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/05/2012 08:07:53 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (07/05/2012 07:59:19 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057461c9f113e401cd5b1af45c85dcC:\Windows\SysWOW64\svchost.exeunknown3212963d-c70e-11e1-9515-002683344349

Error: (07/05/2012 07:59:19 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057461c9f114b801cd5b1af457c31cC:\Windows\SysWOW64\svchost.exeunknown32105bed-c70e-11e1-9515-002683344349

Error: (07/05/2012 07:59:19 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057461c9f1160c01cd5b1af45c85dcC:\Windows\SysWOW64\svchost.exeunknown321034dd-c70e-11e1-9515-002683344349

Error: (07/05/2012 07:58:04 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057461c9f18b401cd5b1ac8201e8dC:\Windows\SysWOW64\svchost.exeunknown05d3cd8e-c70e-11e1-9515-002683344349

Error: (07/05/2012 07:58:04 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057461c9f112ac01cd5b1ac7b29f40C:\Windows\SysWOW64\svchost.exeunknown0561b291-c70e-11e1-9515-002683344349

Error: (07/05/2012 07:58:04 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057461c9f1141c01cd5b1ac7addc80C:\Windows\SysWOW64\svchost.exeunknown05618b81-c70e-11e1-9515-002683344349

Error: (07/05/2012 07:56:49 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057461c9f1157001cd5b1a9b0e7facC:\Windows\SysWOW64\svchost.exeunknownd8bb58ac-c70d-11e1-9515-002683344349

Error: (07/05/2012 07:56:49 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057461c9f1145001cd5b1a9b0e7facC:\Windows\SysWOW64\svchost.exeunknownd8bb319c-c70d-11e1-9515-002683344349

Error: (07/05/2012 07:56:49 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057461c9f1ef001cd5b1a9b0e7facC:\Windows\SysWOW64\svchost.exeunknownd8bb0a8c-c70d-11e1-9515-002683344349

Error: (07/05/2012 07:55:34 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057461c9f1133c01cd5b1a6e6cb288C:\Windows\SysWOW64\svchost.exeunknownac2a0e1b-c70d-11e1-9515-002683344349


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Adobe AIR (Version: 3.1.0.4880)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.10.0.0)
Assassin's Creed
avast! Free Antivirus (Version: 7.0.1456.0)
BlackBerry Desktop Software 7.0 (Version: 7.0.0.43)
Bluetooth Win7 Suite (64) (Version: 7.2.0.65)
calibre (Version: 0.8.43)
CCleaner (Version: 3.18)
Cisco AnyConnect VPN Client (Version: 2.3.0185)
Combined Community Codec Pack 2011-11-11 (Version: 2011.11.11.0)
Content Manager Assistant for PlayStation® (Version: 1.10.4086.63)
D-Link Corporation Control Program (Version: 11.11.17.3)
DAEMON Tools Lite (Version: 4.45.4.0315)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Deus Ex: Human Revolution
DGE-530T Ethernet Controller All-In-One Windows Driver (Version: 1.12.0013)
Diablo II
Diablo III (Version: 1.0.3.10057)
Dota 2
ESET Online Scanner v3
Evernote v. 4.5.7 (Version: 4.5.7.7146)
EVGA Precision X 3.0.2 (Version: 3.0.2)
Google Chrome (Version: 20.0.1132.47)
Google Drive (Version: 1.2.3123.250)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.99)
Guild Wars 2
HiJackThis (Version: 1.0.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 32 (Version: 6.0.320)
JMicron JMB36X Driver (Version: 1.17.58.2)
Kingdoms of Amalur: Reckoning™
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
marvell 91xx driver (Version: 1.0.0.1045)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSI Afterburner 2.2.0 (Version: 2.2.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Notepad++ (Version: 5.9.8)
NVIDIA 3D Vision Controller Driver 296.10 (Version: 296.10)
NVIDIA 3D Vision Driver 296.10 (Version: 296.10)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
Origin (Version: 8.3.7.3619)
Overlord
Overlord II
Overlord: Raising Hell
Razer Mamba (Version: 2.01.05)
Realtek High Definition Audio Driver (Version: 6.0.1.6251)
Samsung Kies (Version: 2.1.0.11112_41)
Samsung Universal Print Driver (Version: 2.03.01.00:36)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.8.0)
Skype™ 5.9 (Version: 5.9.123)
Spybot - Search & Destroy (Version: 1.6.2)
StarCraft II (Version: 1.4.3.21029)
Steam (Version: 1.0.0.0)
Tengwar Mode Editor
Tengwar Scribe
TERA (Version: 1.38)
TurboTax 2011 (Version: 1.00.0000)
TVersity Codec Pack 1.7 (Version: 1.7)
TVersity Media Server 1.9.7 (Version: 1.9.7)
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
WinRAR 4.10 beta 2 (64-bit) (Version: 4.10.2)
World of Warcraft Beta (Version: )
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 16359.09 MB
Available physical RAM: 12272.77 MB
Total Pagefile: 32716.38 MB
Available Pagefile: 28289.19 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.55 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:82.58 GB) NTFS
2 Drive d: () (Fixed) (Total:698.63 GB) (Free:596.7 GB) NTFS

========================= Users: ========================================

User accounts for \\RAKOTH-DESKTOP

Administrator Guest Rakoth
UpdatusUser


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:41 PM

Posted 06 July 2012 - 03:00 PM

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Rakoth\AppData\Local\{0b617a03-38a3-5ea4-f144-d82f20b090ed}
C:\Windows\Installer\{0b617a03-38a3-5ea4-f144-d82f20b090ed}

delete both the folders

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#11 Rakoth

Rakoth
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 06 July 2012 - 06:51 PM

Farbar Service Scanner Version: 02-07-2012
Ran by Rakoth (administrator) on 06-07-2012 at 17:50:29
Running from "C:\Users\Rakoth\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

The folders have been deleted as per your request.

Edited by Rakoth, 06 July 2012 - 06:53 PM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:41 PM

Posted 06 July 2012 - 08:05 PM

Create a restore point before trying this

Download

MpsSvc
wscsvc
defender


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#13 Rakoth

Rakoth
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 06 July 2012 - 08:32 PM

Farbar Service Scanner Version: 02-07-2012
Ran by Rakoth (administrator) on 06-07-2012 at 19:31:39
Running from "C:\Users\Rakoth\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:41 PM

Posted 06 July 2012 - 08:34 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#15 Rakoth

Rakoth
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 06 July 2012 - 09:16 PM

Thank you very much.

I learnt a lot from this, I will be more careful.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users