Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Sound Clips infection


  • Please log in to reply
17 replies to this topic

#1 FullMetalPuppet

FullMetalPuppet

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 25 July 2012 - 02:45 PM

I have had this infection that plays random sound clips for about 2 weeks now. It pops up randomly but when it does my speed decrease dramatically and i am unable do anything.
Sometimes the audio clips are from something like QVC and other times some sort of Turkish news update.
I need help to solve this desperately.
If you could help me I would be very Grateful. (I am not the greatest at using a Laptop so I may not understand a few things.)
And I have Windows 7 if that helps

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:16 PM

Posted 25 July 2012 - 03:43 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 FullMetalPuppet

FullMetalPuppet
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 25 July 2012 - 04:11 PM

I was about to save the log of the aswMBR and i got the 'Blue Screen of Death'
So I don't think I will be able to get the log of that.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:16 PM

Posted 25 July 2012 - 04:19 PM

Ignore it

#5 FullMetalPuppet

FullMetalPuppet
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 26 July 2012 - 07:22 AM

aswMBR:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-25 22:21:05
-----------------------------
22:21:05.875 OS Version: Windows x64 6.1.7601 Service Pack 1
22:21:05.875 Number of processors: 4 586 0x2A07
22:21:05.876 ComputerName: FULLMETAL UserName: Kieran
22:21:07.442 Initialize success
22:21:15.441 AVAST engine defs: 12072501
22:21:20.954 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:21:20.959 Disk 0 Vendor: SAMSUNG_ 2AR1 Size: 953869MB BusType: 3
22:21:20.998 Disk 0 MBR read successfully
22:21:21.006 Disk 0 MBR scan
22:21:21.020 Disk 0 unknown MBR code
22:21:21.040 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:21:21.078 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 373760 MB offset 206848
22:21:21.091 Disk 0 Partition - 00 0F Extended LBA 559386 MB offset 765667328
22:21:21.156 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 20622 MB offset 1911289856
22:21:21.240 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 559385 MB offset 765669376
22:21:21.320 Disk 0 scanning C:\windows\system32\drivers
22:21:41.928 Service scanning
22:22:31.320 Modules scanning
22:22:33.517 AVAST engine scan C:\windows
22:22:40.718 AVAST engine scan C:\windows\system32
22:29:51.813 AVAST engine scan C:\windows\system32\drivers
22:30:24.700 AVAST engine scan C:\Users\Kieran
22:31:11.784 Disk 0 MBR has been saved successfully to "C:\Users\Kieran\Desktop\MBR.dat"
22:31:11.791 The log file has been saved successfully to "C:\Users\Kieran\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-25 22:21:05
-----------------------------
22:21:05.875 OS Version: Windows x64 6.1.7601 Service Pack 1
22:21:05.875 Number of processors: 4 586 0x2A07
22:21:05.876 ComputerName: FULLMETAL UserName: Kieran
22:21:07.442 Initialize success
22:21:15.441 AVAST engine defs: 12072501
22:21:20.954 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:21:20.959 Disk 0 Vendor: SAMSUNG_ 2AR1 Size: 953869MB BusType: 3
22:21:20.998 Disk 0 MBR read successfully
22:21:21.006 Disk 0 MBR scan
22:21:21.020 Disk 0 unknown MBR code
22:21:21.040 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:21:21.078 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 373760 MB offset 206848
22:21:21.091 Disk 0 Partition - 00 0F Extended LBA 559386 MB offset 765667328
22:21:21.156 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 20622 MB offset 1911289856
22:21:21.240 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 559385 MB offset 765669376
22:21:21.320 Disk 0 scanning C:\windows\system32\drivers
22:21:41.928 Service scanning
22:22:31.320 Modules scanning
22:22:33.517 AVAST engine scan C:\windows
22:22:40.718 AVAST engine scan C:\windows\system32
22:29:51.813 AVAST engine scan C:\windows\system32\drivers
22:30:24.700 AVAST engine scan C:\Users\Kieran
22:31:11.784 Disk 0 MBR has been saved successfully to "C:\Users\Kieran\Desktop\MBR.dat"
22:31:11.791 The log file has been saved successfully to "C:\Users\Kieran\Desktop\aswMBR.txt"
22:51:55.704 Disk 0 MBR has been saved successfully to "C:\Users\Kieran\Desktop\MBR.dat"
22:51:55.707 The log file has been saved successfully to "C:\Users\Kieran\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-25 22:54:15
-----------------------------
22:54:15.770 OS Version: Windows x64 6.1.7601 Service Pack 1
22:54:15.770 Number of processors: 4 586 0x2A07
22:54:15.772 ComputerName: FULLMETAL UserName: Kieran
22:54:37.290 Initialize success
22:54:52.835 AVAST engine defs: 12072501
22:54:58.406 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:54:58.415 Disk 0 Vendor: SAMSUNG_ 2AR1 Size: 953869MB BusType: 3
22:54:58.507 Disk 0 MBR read successfully
22:54:58.513 Disk 0 MBR scan
22:54:58.522 Disk 0 unknown MBR code
22:54:58.608 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:54:58.700 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 373760 MB offset 206848
22:54:58.711 Disk 0 Partition - 00 0F Extended LBA 559386 MB offset 765667328
22:54:58.889 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 20622 MB offset 1911289856
22:54:59.506 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 559385 MB offset 765669376
22:54:59.719 Disk 0 scanning C:\windows\system32\drivers
22:55:45.649 Service scanning
22:56:34.764 Modules scanning
22:56:35.166 Disk 0 trace - called modules:
22:56:35.204 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:56:35.220 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007778060]
22:56:35.235 3 CLASSPNP.SYS[fffff88001b6e43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80073e8050]
22:56:43.377 AVAST engine scan C:\windows
22:56:53.293 AVAST engine scan C:\windows\system32
23:15:03.461 AVAST engine scan C:\windows\system32\drivers
23:16:55.283 AVAST engine scan C:\Users\Kieran
10:31:57.098 File: C:\Users\Kieran\AppData\Local\Temp\NODB9B4.tmp **INFECTED** Win64:Sirefef-F [Rtk]
10:34:49.302 AVAST engine scan C:\ProgramData
10:36:16.051 Scan finished successfully
10:51:39.151 Disk 0 MBR has been saved successfully to "C:\Users\Kieran\Downloads\MBR.dat"
10:51:39.167 The log file has been saved successfully to "C:\Users\Kieran\Downloads\aswMBR.txt"
10:51:54.753 Disk 0 MBR has been saved successfully to "C:\Users\Kieran\Desktop\MBR.dat"
10:51:54.753 The log file has been saved successfully to "C:\Users\Kieran\Desktop\aswMBR.txt"


ESET:

C:\Users\Kieran\AppData\Local\Temp\nse5BFA.tmp\Install.dll probably a variant of Win32/Adware.HotBar.E application cleaned by deleting - quarantined
C:\Users\Kieran\AppData\Local\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a}\n Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Kieran\Downloads\Little_Busters.exe Win32/Adware.1ClickDownload.C application cleaned by deleting - quarantined
C:\Users\Kieran\Downloads\VeohWebPlayerSetup_eng(1).exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Kieran\Downloads\VeohWebPlayerSetup_eng.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Kieran\Downloads\XvidSetup.exe a variant of Win32/Adware.HotBar.P application cleaned by deleting - quarantined
C:\Windows\Installer\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\Windows\Installer\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a}\U\80000000.@ Win64/Sirefef.AL trojan cleaned by deleting - quarantined


TDSSKiller:

22:00:32.0193 5008 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:00:32.0313 5008 ============================================================
22:00:32.0313 5008 Current date / time: 2012/07/25 22:00:32.0313
22:00:32.0313 5008 SystemInfo:
22:00:32.0313 5008
22:00:32.0313 5008 OS Version: 6.1.7601 ServicePack: 1.0
22:00:32.0313 5008 Product type: Workstation
22:00:32.0314 5008 ComputerName: FULLMETAL
22:00:32.0314 5008 UserName: Kieran
22:00:32.0314 5008 Windows directory: C:\windows
22:00:32.0314 5008 System windows directory: C:\windows
22:00:32.0314 5008 Running under WOW64
22:00:32.0314 5008 Processor architecture: Intel x64
22:00:32.0314 5008 Number of processors: 4
22:00:32.0314 5008 Page size: 0x1000
22:00:32.0314 5008 Boot type: Normal boot
22:00:32.0314 5008 ============================================================
22:00:32.0910 5008 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:00:32.0918 5008 ============================================================
22:00:32.0918 5008 \Device\Harddisk0\DR0:
22:00:32.0918 5008 MBR partitions:
22:00:32.0918 5008 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:00:32.0918 5008 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2DA00000
22:00:32.0939 5008 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2DA33000, BlocksNum 0x4448C800
22:00:32.0939 5008 ============================================================
22:00:32.0964 5008 C: <-> \Device\Harddisk0\DR0\Partition1
22:00:33.0008 5008 D: <-> \Device\Harddisk0\DR0\Partition2
22:00:33.0008 5008 ============================================================
22:00:33.0008 5008 Initialize success
22:00:33.0008 5008 ============================================================
22:00:47.0536 1032 ============================================================
22:00:47.0536 1032 Scan started
22:00:47.0536 1032 Mode: Manual; TDLFS;
22:00:47.0536 1032 ============================================================
22:00:48.0141 1032 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
22:00:48.0146 1032 1394ohci - ok
22:00:48.0204 1032 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
22:00:48.0209 1032 ACPI - ok
22:00:48.0303 1032 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
22:00:48.0304 1032 AcpiPmi - ok
22:00:48.0432 1032 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:00:48.0437 1032 AdobeFlashPlayerUpdateSvc - ok
22:00:48.0565 1032 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
22:00:48.0572 1032 adp94xx - ok
22:00:48.0642 1032 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
22:00:48.0649 1032 adpahci - ok
22:00:48.0718 1032 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
22:00:48.0722 1032 adpu320 - ok
22:00:48.0756 1032 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
22:00:48.0758 1032 AeLookupSvc - ok
22:00:48.0903 1032 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
22:00:48.0912 1032 AFD - ok
22:00:48.0955 1032 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
22:00:48.0957 1032 agp440 - ok
22:00:49.0004 1032 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
22:00:49.0006 1032 ALG - ok
22:00:49.0108 1032 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
22:00:49.0109 1032 aliide - ok
22:00:49.0135 1032 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
22:00:49.0136 1032 amdide - ok
22:00:49.0169 1032 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
22:00:49.0171 1032 AmdK8 - ok
22:00:49.0181 1032 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
22:00:49.0182 1032 AmdPPM - ok
22:00:49.0226 1032 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
22:00:49.0228 1032 amdsata - ok
22:00:49.0274 1032 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
22:00:49.0277 1032 amdsbs - ok
22:00:49.0316 1032 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
22:00:49.0317 1032 amdxata - ok
22:00:49.0352 1032 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
22:00:49.0354 1032 AppID - ok
22:00:49.0382 1032 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
22:00:49.0383 1032 AppIDSvc - ok
22:00:49.0415 1032 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
22:00:49.0417 1032 Appinfo - ok
22:00:49.0602 1032 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:00:49.0605 1032 Apple Mobile Device - ok
22:00:49.0648 1032 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
22:00:49.0650 1032 arc - ok
22:00:49.0671 1032 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
22:00:49.0673 1032 arcsas - ok
22:00:49.0712 1032 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
22:00:49.0713 1032 AsyncMac - ok
22:00:49.0828 1032 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
22:00:49.0829 1032 atapi - ok
22:00:49.0900 1032 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
22:00:49.0913 1032 AudioEndpointBuilder - ok
22:00:49.0935 1032 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
22:00:49.0947 1032 AudioSrv - ok
22:00:49.0999 1032 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
22:00:50.0002 1032 AxInstSV - ok
22:00:50.0079 1032 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
22:00:50.0087 1032 b06bdrv - ok
22:00:50.0206 1032 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
22:00:50.0211 1032 b57nd60a - ok
22:00:50.0320 1032 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:00:50.0323 1032 BBSvc - ok
22:00:50.0714 1032 BCM43XX (43ad3d3e7674833fca9a7c4e7180ad54) C:\windows\system32\DRIVERS\bcmwl664.sys
22:00:50.0806 1032 BCM43XX - ok
22:00:50.0915 1032 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
22:00:50.0917 1032 BDESVC - ok
22:00:50.0965 1032 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
22:00:50.0966 1032 Beep - ok
22:00:51.0171 1032 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
22:00:51.0173 1032 BingDesktopUpdate - ok
22:00:51.0194 1032 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
22:00:51.0195 1032 blbdrive - ok
22:00:51.0284 1032 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:00:51.0290 1032 Bonjour Service - ok
22:00:51.0402 1032 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
22:00:51.0403 1032 bowser - ok
22:00:51.0430 1032 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
22:00:51.0431 1032 BrFiltLo - ok
22:00:51.0445 1032 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
22:00:51.0446 1032 BrFiltUp - ok
22:00:51.0484 1032 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
22:00:51.0487 1032 Browser - ok
22:00:51.0510 1032 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
22:00:51.0514 1032 Brserid - ok
22:00:51.0526 1032 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
22:00:51.0528 1032 BrSerWdm - ok
22:00:51.0541 1032 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
22:00:51.0542 1032 BrUsbMdm - ok
22:00:51.0557 1032 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
22:00:51.0558 1032 BrUsbSer - ok
22:00:51.0605 1032 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\DRIVERS\BthEnum.sys
22:00:51.0606 1032 BthEnum - ok
22:00:51.0628 1032 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
22:00:51.0630 1032 BTHMODEM - ok
22:00:51.0657 1032 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
22:00:51.0660 1032 BthPan - ok
22:00:51.0698 1032 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\system32\Drivers\BTHport.sys
22:00:51.0706 1032 BTHPORT - ok
22:00:51.0745 1032 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
22:00:51.0747 1032 bthserv - ok
22:00:51.0780 1032 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\system32\Drivers\BTHUSB.sys
22:00:51.0781 1032 BTHUSB - ok
22:00:51.0908 1032 BTWAMPFL (72cc5dcc4e67e7927f94801166cfdcda) C:\windows\system32\DRIVERS\btwampfl.sys
22:00:51.0914 1032 BTWAMPFL - ok
22:00:51.0946 1032 btwaudio (f6135859a582a7294ba7a3336e08baa1) C:\windows\system32\drivers\btwaudio.sys
22:00:51.0948 1032 btwaudio - ok
22:00:51.0989 1032 btwavdt (3def2370e414b4e299673558ba171a51) C:\windows\system32\drivers\btwavdt.sys
22:00:51.0991 1032 btwavdt - ok
22:00:52.0180 1032 btwdins (f0af04a96ca48b869284b5dc4cdb8cbb) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:00:52.0196 1032 btwdins - ok
22:00:52.0216 1032 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\windows\system32\DRIVERS\btwl2cap.sys
22:00:52.0218 1032 btwl2cap - ok
22:00:52.0234 1032 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\windows\system32\DRIVERS\btwrchid.sys
22:00:52.0237 1032 btwrchid - ok
22:00:52.0272 1032 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
22:00:52.0275 1032 cdfs - ok
22:00:52.0399 1032 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
22:00:52.0402 1032 cdrom - ok
22:00:52.0450 1032 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
22:00:52.0452 1032 CertPropSvc - ok
22:00:52.0496 1032 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
22:00:52.0498 1032 circlass - ok
22:00:52.0544 1032 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
22:00:52.0564 1032 CLFS - ok
22:00:52.0689 1032 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:00:52.0691 1032 clr_optimization_v2.0.50727_32 - ok
22:00:52.0837 1032 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:00:52.0840 1032 clr_optimization_v2.0.50727_64 - ok
22:00:52.0941 1032 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:00:52.0944 1032 clr_optimization_v4.0.30319_32 - ok
22:00:53.0058 1032 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:00:53.0061 1032 clr_optimization_v4.0.30319_64 - ok
22:00:53.0106 1032 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\windows\system32\DRIVERS\clwvd.sys
22:00:53.0107 1032 clwvd - ok
22:00:53.0141 1032 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
22:00:53.0142 1032 CmBatt - ok
22:00:53.0195 1032 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
22:00:53.0196 1032 cmdide - ok
22:00:53.0252 1032 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
22:00:53.0260 1032 CNG - ok
22:00:53.0379 1032 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
22:00:53.0380 1032 Compbatt - ok
22:00:53.0410 1032 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
22:00:53.0411 1032 CompositeBus - ok
22:00:53.0433 1032 COMSysApp - ok
22:00:53.0453 1032 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
22:00:53.0455 1032 crcdisk - ok
22:00:53.0509 1032 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
22:00:53.0513 1032 CryptSvc - ok
22:00:53.0578 1032 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
22:00:53.0589 1032 DcomLaunch - ok
22:00:53.0671 1032 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
22:00:53.0677 1032 defragsvc - ok
22:00:53.0709 1032 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
22:00:53.0711 1032 DfsC - ok
22:00:53.0766 1032 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
22:00:53.0777 1032 Dhcp - ok
22:00:53.0798 1032 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
22:00:53.0800 1032 discache - ok
22:00:53.0850 1032 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
22:00:53.0852 1032 Disk - ok
22:00:53.0948 1032 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
22:00:53.0953 1032 Dnscache - ok
22:00:54.0007 1032 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
22:00:54.0011 1032 dot3svc - ok
22:00:54.0035 1032 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
22:00:54.0038 1032 DPS - ok
22:00:54.0081 1032 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
22:00:54.0082 1032 drmkaud - ok
22:00:54.0138 1032 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
22:00:54.0151 1032 DXGKrnl - ok
22:00:54.0183 1032 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
22:00:54.0187 1032 EapHost - ok
22:00:54.0371 1032 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
22:00:54.0425 1032 ebdrv - ok
22:00:54.0586 1032 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
22:00:54.0589 1032 EFS - ok
22:00:54.0697 1032 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
22:00:54.0708 1032 ehRecvr - ok
22:00:54.0783 1032 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
22:00:54.0786 1032 ehSched - ok
22:00:54.0861 1032 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
22:00:54.0868 1032 elxstor - ok
22:00:54.0900 1032 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
22:00:54.0901 1032 ErrDev - ok
22:00:54.0974 1032 ETD (9d8739a2a2173c9d27c499a3fc6eda3f) C:\windows\system32\DRIVERS\ETD.sys
22:00:54.0976 1032 ETD - ok
22:00:55.0090 1032 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
22:00:55.0096 1032 EventSystem - ok
22:00:55.0154 1032 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
22:00:55.0157 1032 exfat - ok
22:00:55.0173 1032 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
22:00:55.0178 1032 fastfat - ok
22:00:55.0237 1032 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
22:00:55.0249 1032 Fax - ok
22:00:55.0274 1032 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
22:00:55.0275 1032 fdc - ok
22:00:55.0310 1032 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
22:00:55.0312 1032 fdPHost - ok
22:00:55.0332 1032 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
22:00:55.0334 1032 FDResPub - ok
22:00:55.0373 1032 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
22:00:55.0375 1032 FileInfo - ok
22:00:55.0400 1032 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
22:00:55.0401 1032 Filetrace - ok
22:00:55.0415 1032 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
22:00:55.0416 1032 flpydisk - ok
22:00:55.0447 1032 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
22:00:55.0451 1032 FltMgr - ok
22:00:55.0535 1032 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
22:00:55.0550 1032 FontCache - ok
22:00:55.0634 1032 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:00:55.0636 1032 FontCache3.0.0.0 - ok
22:00:55.0741 1032 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
22:00:55.0742 1032 FsDepends - ok
22:00:55.0780 1032 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
22:00:55.0781 1032 Fs_Rec - ok
22:00:55.0822 1032 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
22:00:55.0826 1032 fvevol - ok
22:00:55.0862 1032 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
22:00:55.0864 1032 gagp30kx - ok
22:00:56.0020 1032 GameConsoleService (521a469caf61f00e1de081cc2099c1d6) C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
22:00:56.0024 1032 GameConsoleService - ok
22:00:56.0091 1032 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
22:00:56.0092 1032 GEARAspiWDM - ok
22:00:56.0147 1032 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
22:00:56.0163 1032 gpsvc - ok
22:00:56.0254 1032 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
22:00:56.0255 1032 hcw85cir - ok
22:00:56.0305 1032 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
22:00:56.0311 1032 HdAudAddService - ok
22:00:56.0336 1032 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
22:00:56.0339 1032 HDAudBus - ok
22:00:56.0375 1032 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
22:00:56.0376 1032 HidBatt - ok
22:00:56.0387 1032 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
22:00:56.0390 1032 HidBth - ok
22:00:56.0423 1032 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
22:00:56.0425 1032 HidIr - ok
22:00:56.0456 1032 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
22:00:56.0458 1032 hidserv - ok
22:00:56.0543 1032 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
22:00:56.0545 1032 HidUsb - ok
22:00:56.0588 1032 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
22:00:56.0592 1032 hkmsvc - ok
22:00:56.0628 1032 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
22:00:56.0638 1032 HomeGroupListener - ok
22:00:56.0738 1032 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
22:00:56.0747 1032 HomeGroupProvider - ok
22:00:56.0802 1032 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
22:00:56.0805 1032 HpSAMD - ok
22:00:56.0879 1032 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
22:00:56.0891 1032 HTTP - ok
22:00:56.0910 1032 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
22:00:56.0911 1032 hwpolicy - ok
22:00:57.0015 1032 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
22:00:57.0018 1032 i8042prt - ok
22:00:57.0084 1032 iaStor (53cc5bf8b5a219119953c7abb19a7705) C:\windows\system32\DRIVERS\iaStor.sys
22:00:57.0091 1032 iaStor - ok
22:00:57.0156 1032 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
22:00:57.0163 1032 iaStorV - ok
22:00:57.0296 1032 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:00:57.0313 1032 idsvc - ok
22:00:57.0962 1032 igfx (0ac9e321d604be48a0d72b69ba484bdc) C:\windows\system32\DRIVERS\igdkmd64.sys
22:00:58.0118 1032 igfx - ok
22:00:58.0313 1032 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
22:00:58.0314 1032 iirsp - ok
22:00:58.0411 1032 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
22:00:58.0425 1032 IKEEXT - ok
22:00:58.0695 1032 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\windows\system32\drivers\RTKVHD64.sys
22:00:58.0742 1032 IntcAzAudAddService - ok
22:00:58.0950 1032 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
22:00:58.0955 1032 IntcDAud - ok
22:00:58.0973 1032 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
22:00:58.0974 1032 intelide - ok
22:00:59.0014 1032 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
22:00:59.0015 1032 intelppm - ok
22:00:59.0075 1032 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
22:00:59.0079 1032 IPBusEnum - ok
22:00:59.0141 1032 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
22:00:59.0143 1032 IpFilterDriver - ok
22:00:59.0157 1032 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
22:00:59.0160 1032 IPMIDRV - ok
22:00:59.0195 1032 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
22:00:59.0198 1032 IPNAT - ok
22:00:59.0417 1032 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
22:00:59.0431 1032 iPod Service - ok
22:00:59.0464 1032 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
22:00:59.0466 1032 IRENUM - ok
22:00:59.0490 1032 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
22:00:59.0492 1032 isapnp - ok
22:00:59.0531 1032 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
22:00:59.0536 1032 iScsiPrt - ok
22:00:59.0626 1032 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
22:00:59.0628 1032 kbdclass - ok
22:00:59.0672 1032 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
22:00:59.0674 1032 kbdhid - ok
22:00:59.0712 1032 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:00:59.0715 1032 KeyIso - ok
22:00:59.0749 1032 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
22:00:59.0751 1032 KSecDD - ok
22:00:59.0770 1032 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
22:00:59.0775 1032 KSecPkg - ok
22:00:59.0806 1032 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
22:00:59.0808 1032 ksthunk - ok
22:00:59.0911 1032 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
22:00:59.0919 1032 KtmRm - ok
22:00:59.0975 1032 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
22:00:59.0983 1032 LanmanServer - ok
22:01:00.0015 1032 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
22:01:00.0023 1032 LanmanWorkstation - ok
22:01:00.0065 1032 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
22:01:00.0067 1032 lltdio - ok
22:01:00.0148 1032 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
22:01:00.0157 1032 lltdsvc - ok
22:01:00.0188 1032 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
22:01:00.0191 1032 lmhosts - ok
22:01:00.0468 1032 LMS (926eba26a8b49d1597751ced06b50862) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:01:00.0473 1032 LMS - ok
22:01:00.0517 1032 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
22:01:00.0519 1032 LSI_FC - ok
22:01:00.0566 1032 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
22:01:00.0569 1032 LSI_SAS - ok
22:01:00.0596 1032 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
22:01:00.0598 1032 LSI_SAS2 - ok
22:01:00.0640 1032 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
22:01:00.0644 1032 LSI_SCSI - ok
22:01:00.0761 1032 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
22:01:00.0763 1032 luafv - ok
22:01:00.0790 1032 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
22:01:00.0794 1032 Mcx2Svc - ok
22:01:00.0817 1032 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
22:01:00.0818 1032 megasas - ok
22:01:00.0924 1032 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
22:01:00.0929 1032 MegaSR - ok
22:01:00.0977 1032 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
22:01:00.0979 1032 MEIx64 - ok
22:01:01.0005 1032 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
22:01:01.0009 1032 MMCSS - ok
22:01:01.0035 1032 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
22:01:01.0036 1032 Modem - ok
22:01:01.0125 1032 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
22:01:01.0126 1032 monitor - ok
22:01:01.0141 1032 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
22:01:01.0142 1032 mouclass - ok
22:01:01.0152 1032 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
22:01:01.0153 1032 mouhid - ok
22:01:01.0178 1032 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
22:01:01.0180 1032 mountmgr - ok
22:01:01.0350 1032 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:01:01.0353 1032 MozillaMaintenance - ok
22:01:01.0429 1032 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\windows\system32\DRIVERS\MpFilter.sys
22:01:01.0433 1032 MpFilter - ok
22:01:01.0520 1032 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
22:01:01.0524 1032 mpio - ok
22:01:01.0548 1032 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
22:01:01.0549 1032 mpsdrv - ok
22:01:01.0568 1032 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
22:01:01.0573 1032 MRxDAV - ok
22:01:01.0617 1032 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
22:01:01.0620 1032 mrxsmb - ok
22:01:01.0732 1032 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
22:01:01.0737 1032 mrxsmb10 - ok
22:01:01.0776 1032 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
22:01:01.0779 1032 mrxsmb20 - ok
22:01:01.0806 1032 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
22:01:01.0807 1032 msahci - ok
22:01:01.0843 1032 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
22:01:01.0846 1032 msdsm - ok
22:01:01.0941 1032 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
22:01:01.0946 1032 MSDTC - ok
22:01:01.0982 1032 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
22:01:01.0983 1032 Msfs - ok
22:01:02.0023 1032 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
22:01:02.0024 1032 mshidkmdf - ok
22:01:02.0041 1032 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
22:01:02.0042 1032 msisadrv - ok
22:01:02.0082 1032 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
22:01:02.0086 1032 MSiSCSI - ok
22:01:02.0096 1032 msiserver - ok
22:01:02.0141 1032 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
22:01:02.0143 1032 MSKSSRV - ok
22:01:02.0170 1032 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
22:01:02.0171 1032 MSPCLOCK - ok
22:01:02.0196 1032 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
22:01:02.0198 1032 MSPQM - ok
22:01:02.0231 1032 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
22:01:02.0238 1032 MsRPC - ok
22:01:02.0269 1032 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
22:01:02.0271 1032 mssmbios - ok
22:01:02.0290 1032 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
22:01:02.0291 1032 MSTEE - ok
22:01:02.0309 1032 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
22:01:02.0310 1032 MTConfig - ok
22:01:02.0327 1032 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
22:01:02.0329 1032 Mup - ok
22:01:02.0396 1032 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
22:01:02.0406 1032 napagent - ok
22:01:02.0463 1032 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
22:01:02.0468 1032 NativeWifiP - ok
22:01:02.0543 1032 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
22:01:02.0559 1032 NDIS - ok
22:01:02.0602 1032 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
22:01:02.0603 1032 NdisCap - ok
22:01:02.0632 1032 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
22:01:02.0633 1032 NdisTapi - ok
22:01:02.0646 1032 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
22:01:02.0647 1032 Ndisuio - ok
22:01:02.0677 1032 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
22:01:02.0679 1032 NdisWan - ok
22:01:02.0695 1032 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
22:01:02.0696 1032 NDProxy - ok
22:01:02.0727 1032 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
22:01:02.0728 1032 NetBIOS - ok
22:01:02.0785 1032 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
22:01:02.0789 1032 NetBT - ok
22:01:02.0827 1032 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:01:02.0830 1032 Netlogon - ok
22:01:02.0888 1032 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
22:01:02.0895 1032 Netman - ok
22:01:02.0949 1032 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
22:01:02.0957 1032 netprofm - ok
22:01:03.0102 1032 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:01:03.0104 1032 NetTcpPortSharing - ok
22:01:03.0149 1032 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
22:01:03.0151 1032 nfrd960 - ok
22:01:03.0192 1032 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\windows\system32\DRIVERS\NisDrvWFP.sys
22:01:03.0194 1032 NisDrv - ok
22:01:03.0295 1032 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
22:01:03.0300 1032 NisSrv - ok
22:01:03.0381 1032 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
22:01:03.0389 1032 NlaSvc - ok
22:01:03.0590 1032 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
22:01:03.0634 1032 NOBU - ok
22:01:03.0798 1032 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
22:01:03.0800 1032 Npfs - ok
22:01:03.0829 1032 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
22:01:03.0833 1032 nsi - ok
22:01:03.0848 1032 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
22:01:03.0851 1032 nsiproxy - ok
22:01:03.0941 1032 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
22:01:03.0966 1032 Ntfs - ok
22:01:04.0070 1032 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
22:01:04.0071 1032 Null - ok
22:01:04.0120 1032 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\windows\system32\DRIVERS\nusb3hub.sys
22:01:04.0122 1032 nusb3hub - ok
22:01:04.0154 1032 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\windows\system32\DRIVERS\nusb3xhc.sys
22:01:04.0158 1032 nusb3xhc - ok
22:01:04.0883 1032 nvlddmkm (fbe6ac1c3591cb67543fad15abd26bcb) C:\windows\system32\DRIVERS\nvlddmkm.sys
22:01:05.0063 1032 nvlddmkm - ok
22:01:05.0192 1032 nvpciflt (680c5baf7d0190b1485068fc4ba75f1c) C:\windows\system32\DRIVERS\nvpciflt.sys
22:01:05.0193 1032 nvpciflt - ok
22:01:05.0241 1032 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
22:01:05.0244 1032 nvraid - ok
22:01:05.0286 1032 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
22:01:05.0288 1032 nvstor - ok
22:01:05.0397 1032 NVSvc (147b0d17255fd796f990cc6f745605c5) C:\windows\system32\nvvsvc.exe
22:01:05.0416 1032 NVSvc - ok
22:01:05.0582 1032 nvUpdatusService (812bf9531c827e1d8029843cddb2b5d6) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
22:01:05.0615 1032 nvUpdatusService - ok
22:01:05.0739 1032 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
22:01:05.0742 1032 nv_agp - ok
22:01:05.0757 1032 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
22:01:05.0759 1032 ohci1394 - ok
22:01:05.0832 1032 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:01:05.0835 1032 ose - ok
22:01:06.0117 1032 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:01:06.0194 1032 osppsvc - ok
22:01:06.0309 1032 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
22:01:06.0319 1032 p2pimsvc - ok
22:01:06.0364 1032 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
22:01:06.0373 1032 p2psvc - ok
22:01:06.0425 1032 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
22:01:06.0429 1032 Parport - ok
22:01:06.0468 1032 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
22:01:06.0470 1032 partmgr - ok
22:01:06.0504 1032 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
22:01:06.0509 1032 PcaSvc - ok
22:01:06.0549 1032 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
22:01:06.0552 1032 pci - ok
22:01:06.0567 1032 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
22:01:06.0567 1032 pciide - ok
22:01:06.0603 1032 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
22:01:06.0606 1032 pcmcia - ok
22:01:06.0632 1032 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
22:01:06.0634 1032 pcw - ok
22:01:06.0679 1032 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
22:01:06.0691 1032 PEAUTH - ok
22:01:06.0757 1032 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
22:01:06.0761 1032 PerfHost - ok
22:01:06.0869 1032 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
22:01:06.0889 1032 pla - ok
22:01:06.0951 1032 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
22:01:06.0959 1032 PlugPlay - ok
22:01:06.0991 1032 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
22:01:06.0995 1032 PNRPAutoReg - ok
22:01:07.0027 1032 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
22:01:07.0035 1032 PNRPsvc - ok
22:01:07.0082 1032 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
22:01:07.0090 1032 PolicyAgent - ok
22:01:07.0140 1032 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
22:01:07.0145 1032 Power - ok
22:01:07.0216 1032 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
22:01:07.0218 1032 PptpMiniport - ok
22:01:07.0246 1032 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
22:01:07.0247 1032 Processor - ok
22:01:07.0303 1032 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
22:01:07.0309 1032 ProfSvc - ok
22:01:07.0352 1032 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:01:07.0355 1032 ProtectedStorage - ok
22:01:07.0400 1032 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
22:01:07.0405 1032 Psched - ok
22:01:07.0501 1032 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
22:01:07.0525 1032 ql2300 - ok
22:01:07.0773 1032 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
22:01:07.0776 1032 ql40xx - ok
22:01:07.0820 1032 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
22:01:07.0827 1032 QWAVE - ok
22:01:07.0859 1032 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
22:01:07.0861 1032 QWAVEdrv - ok
22:01:07.0883 1032 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
22:01:07.0884 1032 RasAcd - ok
22:01:07.0926 1032 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
22:01:07.0928 1032 RasAgileVpn - ok
22:01:07.0965 1032 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
22:01:07.0970 1032 RasAuto - ok
22:01:08.0000 1032 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
22:01:08.0004 1032 Rasl2tp - ok
22:01:08.0043 1032 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
22:01:08.0052 1032 RasMan - ok
22:01:08.0093 1032 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
22:01:08.0096 1032 RasPppoe - ok
22:01:08.0132 1032 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
22:01:08.0135 1032 RasSstp - ok
22:01:08.0196 1032 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
22:01:08.0203 1032 rdbss - ok
22:01:08.0284 1032 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
22:01:08.0286 1032 rdpbus - ok
22:01:08.0321 1032 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
22:01:08.0322 1032 RDPCDD - ok
22:01:08.0342 1032 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
22:01:08.0343 1032 RDPENCDD - ok
22:01:08.0372 1032 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
22:01:08.0373 1032 RDPREFMP - ok
22:01:08.0431 1032 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
22:01:08.0435 1032 RDPWD - ok
22:01:08.0472 1032 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
22:01:08.0476 1032 rdyboost - ok
22:01:08.0522 1032 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
22:01:08.0526 1032 RemoteAccess - ok
22:01:08.0689 1032 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
22:01:08.0695 1032 RemoteRegistry - ok
22:01:08.0744 1032 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
22:01:08.0748 1032 RFCOMM - ok
22:01:08.0833 1032 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
22:01:08.0838 1032 RichVideo - ok
22:01:08.0863 1032 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
22:01:08.0867 1032 RpcEptMapper - ok
22:01:08.0888 1032 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
22:01:08.0891 1032 RpcLocator - ok
22:01:08.0971 1032 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
22:01:08.0985 1032 RpcSs - ok
22:01:09.0036 1032 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
22:01:09.0038 1032 rspndr - ok
22:01:09.0161 1032 RTL8167 (e50cfb92986dcab49de93788fd695813) C:\windows\system32\DRIVERS\Rt64win7.sys
22:01:09.0170 1032 RTL8167 - ok
22:01:09.0267 1032 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\windows\SysWOW64\drivers\rtport.sys
22:01:09.0268 1032 rtport - ok
22:01:09.0303 1032 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\windows\system32\Drivers\SABI.sys
22:01:09.0304 1032 SABI - ok
22:01:09.0393 1032 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:01:09.0396 1032 SamSs - ok
22:01:09.0436 1032 Samsung UPD Service (d641337b75b9a9d5ae10687aa1097755) C:\windows\System32\SUPDSvc.exe
22:01:09.0442 1032 Samsung UPD Service - ok
22:01:09.0473 1032 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
22:01:09.0475 1032 sbp2port - ok
22:01:09.0518 1032 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
22:01:09.0524 1032 SCardSvr - ok
22:01:09.0553 1032 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
22:01:09.0554 1032 scfilter - ok
22:01:09.0618 1032 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
22:01:09.0642 1032 Schedule - ok
22:01:09.0664 1032 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
22:01:09.0666 1032 SCPolicySvc - ok
22:01:09.0702 1032 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
22:01:09.0708 1032 SDRSVC - ok
22:01:09.0800 1032 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:01:09.0804 1032 SeaPort - ok
22:01:09.0855 1032 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
22:01:09.0856 1032 secdrv - ok
22:01:09.0884 1032 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
22:01:09.0890 1032 seclogon - ok
22:01:09.0920 1032 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
22:01:09.0924 1032 SENS - ok
22:01:09.0940 1032 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
22:01:09.0944 1032 SensrSvc - ok
22:01:09.0968 1032 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
22:01:09.0969 1032 Serenum - ok
22:01:09.0991 1032 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
22:01:09.0993 1032 Serial - ok
22:01:10.0009 1032 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
22:01:10.0011 1032 sermouse - ok
22:01:10.0051 1032 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
22:01:10.0056 1032 SessionEnv - ok
22:01:10.0069 1032 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
22:01:10.0070 1032 sffdisk - ok
22:01:10.0076 1032 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
22:01:10.0077 1032 sffp_mmc - ok
22:01:10.0086 1032 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
22:01:10.0087 1032 sffp_sd - ok
22:01:10.0096 1032 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
22:01:10.0097 1032 sfloppy - ok
22:01:10.0135 1032 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
22:01:10.0142 1032 ShellHWDetection - ok
22:01:10.0174 1032 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
22:01:10.0176 1032 SiSRaid2 - ok
22:01:10.0206 1032 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
22:01:10.0207 1032 SiSRaid4 - ok
22:01:10.0289 1032 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
22:01:10.0292 1032 SkypeUpdate - ok
22:01:10.0321 1032 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
22:01:10.0323 1032 Smb - ok
22:01:10.0374 1032 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
22:01:10.0377 1032 SNMPTRAP - ok
22:01:10.0403 1032 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
22:01:10.0404 1032 spldr - ok
22:01:10.0444 1032 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
22:01:10.0454 1032 Spooler - ok
22:01:10.0610 1032 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
22:01:10.0655 1032 sppsvc - ok
22:01:10.0746 1032 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
22:01:10.0750 1032 sppuinotify - ok
22:01:10.0813 1032 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
22:01:10.0820 1032 srv - ok
22:01:10.0868 1032 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
22:01:10.0874 1032 srv2 - ok
22:01:10.0908 1032 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
22:01:10.0911 1032 srvnet - ok
22:01:10.0977 1032 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
22:01:10.0984 1032 SSDPSRV - ok
22:01:11.0009 1032 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
22:01:11.0015 1032 SstpSvc - ok
22:01:11.0093 1032 Steam Client Service - ok
22:01:11.0124 1032 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
22:01:11.0125 1032 stexstor - ok
22:01:11.0186 1032 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys
22:01:11.0187 1032 StillCam - ok
22:01:11.0275 1032 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
22:01:11.0288 1032 stisvc - ok
22:01:11.0326 1032 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
22:01:11.0327 1032 swenum - ok
22:01:11.0382 1032 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
22:01:11.0394 1032 swprv - ok
22:01:11.0496 1032 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
22:01:11.0528 1032 SysMain - ok
22:01:11.0633 1032 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
22:01:11.0638 1032 TabletInputService - ok
22:01:11.0679 1032 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
22:01:11.0688 1032 TapiSrv - ok
22:01:11.0719 1032 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
22:01:11.0725 1032 TBS - ok
22:01:11.0880 1032 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
22:01:11.0909 1032 Tcpip - ok
22:01:12.0114 1032 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
22:01:12.0144 1032 TCPIP6 - ok
22:01:12.0250 1032 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
22:01:12.0252 1032 tcpipreg - ok
22:01:12.0273 1032 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
22:01:12.0275 1032 TDPIPE - ok
22:01:12.0306 1032 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
22:01:12.0308 1032 TDTCP - ok
22:01:12.0331 1032 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
22:01:12.0334 1032 tdx - ok
22:01:12.0377 1032 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
22:01:12.0378 1032 TermDD - ok
22:01:12.0438 1032 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
22:01:12.0454 1032 TermService - ok
22:01:12.0476 1032 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
22:01:12.0480 1032 Themes - ok
22:01:12.0510 1032 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
22:01:12.0514 1032 THREADORDER - ok
22:01:12.0551 1032 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
22:01:12.0557 1032 TrkWks - ok
22:01:12.0604 1032 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
22:01:12.0608 1032 TrustedInstaller - ok
22:01:12.0645 1032 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
22:01:12.0647 1032 tssecsrv - ok
22:01:12.0690 1032 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
22:01:12.0692 1032 TsUsbFlt - ok
22:01:12.0713 1032 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
22:01:12.0715 1032 TsUsbGD - ok
22:01:12.0757 1032 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
22:01:12.0760 1032 tunnel - ok
22:01:12.0816 1032 TurboB (48743b69ea47c020a792d8649f753f44) C:\windows\system32\DRIVERS\TurboB.sys
22:01:12.0817 1032 TurboB - ok
22:01:12.0921 1032 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
22:01:12.0924 1032 TurboBoost - ok
22:01:12.0960 1032 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
22:01:12.0962 1032 uagp35 - ok
22:01:13.0006 1032 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
22:01:13.0012 1032 udfs - ok
22:01:13.0078 1032 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
22:01:13.0084 1032 UI0Detect - ok
22:01:13.0125 1032 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
22:01:13.0127 1032 uliagpkx - ok
22:01:13.0153 1032 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
22:01:13.0155 1032 umbus - ok
22:01:13.0166 1032 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
22:01:13.0169 1032 UmPass - ok
22:01:13.0400 1032 UNS (fdf92ec84fecee834fb10a2a0a19bcda) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:01:13.0441 1032 UNS - ok
22:01:13.0548 1032 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
22:01:13.0558 1032 upnphost - ok
22:01:13.0629 1032 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys
22:01:13.0631 1032 USBAAPL64 - ok
22:01:13.0671 1032 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
22:01:13.0674 1032 usbccgp - ok
22:01:13.0728 1032 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
22:01:13.0731 1032 usbcir - ok
22:01:13.0762 1032 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
22:01:13.0763 1032 usbehci - ok
22:01:13.0813 1032 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
22:01:13.0819 1032 usbhub - ok
22:01:13.0852 1032 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
22:01:13.0855 1032 usbohci - ok
22:01:13.0888 1032 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys
22:01:13.0889 1032 usbprint - ok
22:01:13.0935 1032 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
22:01:13.0937 1032 USBSTOR - ok
22:01:13.0955 1032 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
22:01:13.0957 1032 usbuhci - ok
22:01:14.0004 1032 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
22:01:14.0008 1032 usbvideo - ok
22:01:14.0044 1032 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
22:01:14.0048 1032 UxSms - ok
22:01:14.0087 1032 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:01:14.0090 1032 VaultSvc - ok
22:01:14.0133 1032 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
22:01:14.0135 1032 vdrvroot - ok
22:01:14.0181 1032 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
22:01:14.0193 1032 vds - ok
22:01:14.0237 1032 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
22:01:14.0239 1032 vga - ok
22:01:14.0257 1032 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
22:01:14.0259 1032 VgaSave - ok
22:01:14.0289 1032 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
22:01:14.0293 1032 vhdmp - ok
22:01:14.0316 1032 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
22:01:14.0318 1032 viaide - ok
22:01:14.0346 1032 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
22:01:14.0348 1032 volmgr - ok
22:01:14.0379 1032 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
22:01:14.0385 1032 volmgrx - ok
22:01:14.0431 1032 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\windows\system32\drivers\volsnap.sys
22:01:14.0438 1032 volsnap - ok
22:01:14.0485 1032 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
22:01:14.0488 1032 vsmraid - ok
22:01:14.0587 1032 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
22:01:14.0612 1032 VSS - ok
22:01:14.0714 1032 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
22:01:14.0715 1032 vwifibus - ok
22:01:14.0756 1032 vwififlt (13a0decd1794de60a8427862c8669d27) C:\windows\system32\DRIVERS\vwififlt.sys
22:01:14.0758 1032 vwififlt - ok
22:01:14.0802 1032 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
22:01:14.0812 1032 W32Time - ok
22:01:14.0860 1032 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
22:01:14.0861 1032 WacomPen - ok
22:01:14.0896 1032 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
22:01:14.0898 1032 WANARP - ok
22:01:14.0911 1032 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
22:01:14.0914 1032 Wanarpv6 - ok
22:01:15.0046 1032 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
22:01:15.0068 1032 WatAdminSvc - ok
22:01:15.0164 1032 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
22:01:15.0191 1032 wbengine - ok
22:01:15.0310 1032 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
22:01:15.0318 1032 WbioSrvc - ok
22:01:15.0355 1032 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
22:01:15.0364 1032 wcncsvc - ok
22:01:15.0393 1032 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
22:01:15.0398 1032 WcsPlugInService - ok
22:01:15.0450 1032 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
22:01:15.0452 1032 Wd - ok
22:01:15.0506 1032 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
22:01:15.0517 1032 Wdf01000 - ok
22:01:15.0552 1032 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
22:01:15.0558 1032 WdiServiceHost - ok
22:01:15.0567 1032 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
22:01:15.0577 1032 WdiSystemHost - ok
22:01:15.0604 1032 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
22:01:15.0612 1032 WebClient - ok
22:01:15.0645 1032 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
22:01:15.0653 1032 Wecsvc - ok
22:01:15.0682 1032 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
22:01:15.0688 1032 wercplsupport - ok
22:01:15.0726 1032 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
22:01:15.0732 1032 WerSvc - ok
22:01:15.0769 1032 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
22:01:15.0770 1032 WfpLwf - ok
22:01:15.0798 1032 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
22:01:15.0800 1032 WIMMount - ok
22:01:15.0813 1032 WinHttpAutoProxySvc - ok
22:01:15.0888 1032 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
22:01:15.0893 1032 Winmgmt - ok
22:01:16.0009 1032 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
22:01:16.0044 1032 WinRM - ok
22:01:16.0181 1032 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
22:01:16.0182 1032 WinUsb - ok
22:01:16.0253 1032 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
22:01:16.0267 1032 Wlansvc - ok
22:01:16.0346 1032 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:01:16.0348 1032 wlcrasvc - ok
22:01:16.0618 1032 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:01:16.0653 1032 wlidsvc - ok
22:01:16.0763 1032 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
22:01:16.0764 1032 WmiAcpi - ok
22:01:16.0838 1032 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
22:01:16.0842 1032 wmiApSrv - ok
22:01:16.0873 1032 WMPNetworkSvc - ok
22:01:16.0949 1032 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
22:01:16.0956 1032 WPCSvc - ok
22:01:16.0981 1032 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
22:01:16.0989 1032 WPDBusEnum - ok
22:01:17.0018 1032 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
22:01:17.0020 1032 ws2ifsl - ok
22:01:17.0030 1032 WSearch - ok
22:01:17.0063 1032 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
22:01:17.0065 1032 WudfPf - ok
22:01:17.0104 1032 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
22:01:17.0107 1032 WUDFRd - ok
22:01:17.0134 1032 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
22:01:17.0141 1032 wudfsvc - ok
22:01:17.0167 1032 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
22:01:17.0177 1032 WwanSvc - ok
22:01:17.0236 1032 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
22:01:17.0781 1032 \Device\Harddisk0\DR0 - ok
22:01:17.0821 1032 Boot (0x1200) (297977640f9220f59ab9a64ca8aad4fd) \Device\Harddisk0\DR0\Partition0
22:01:17.0825 1032 \Device\Harddisk0\DR0\Partition0 - ok
22:01:17.0847 1032 Boot (0x1200) (2d837edfd9dea28e9bea2420ff297022) \Device\Harddisk0\DR0\Partition1
22:01:17.0851 1032 \Device\Harddisk0\DR0\Partition1 - ok
22:01:17.0887 1032 Boot (0x1200) (c840dbdd860521dd767b3742817b70dc) \Device\Harddisk0\DR0\Partition2
22:01:17.0889 1032 \Device\Harddisk0\DR0\Partition2 - ok
22:01:17.0892 1032 ============================================================
22:01:17.0892 1032 Scan finished
22:01:17.0892 1032 ============================================================
22:01:17.0918 3360 Detected object count: 0
22:01:17.0918 3360 Actual detected object count: 0
22:01:49.0496 5272 ============================================================
22:01:49.0496 5272 Scan started
22:01:49.0496 5272 Mode: Manual; TDLFS;
22:01:49.0496 5272 ============================================================
22:01:49.0837 5272 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
22:01:49.0840 5272 1394ohci - ok
22:01:49.0877 5272 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
22:01:49.0881 5272 ACPI - ok
22:01:49.0922 5272 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
22:01:49.0922 5272 AcpiPmi - ok
22:01:50.0034 5272 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:01:50.0038 5272 AdobeFlashPlayerUpdateSvc - ok
22:01:50.0090 5272 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
22:01:50.0096 5272 adp94xx - ok
22:01:50.0134 5272 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
22:01:50.0139 5272 adpahci - ok
22:01:50.0192 5272 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
22:01:50.0196 5272 adpu320 - ok
22:01:50.0232 5272 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
22:01:50.0234 5272 AeLookupSvc - ok
22:01:50.0305 5272 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
22:01:50.0313 5272 AFD - ok
22:01:50.0341 5272 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
22:01:50.0343 5272 agp440 - ok
22:01:50.0378 5272 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
22:01:50.0380 5272 ALG - ok
22:01:50.0393 5272 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
22:01:50.0395 5272 aliide - ok
22:01:50.0433 5272 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
22:01:50.0434 5272 amdide - ok
22:01:50.0465 5272 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
22:01:50.0466 5272 AmdK8 - ok
22:01:50.0477 5272 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
22:01:50.0479 5272 AmdPPM - ok
22:01:50.0511 5272 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
22:01:50.0513 5272 amdsata - ok
22:01:50.0555 5272 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
22:01:50.0558 5272 amdsbs - ok
22:01:50.0580 5272 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
22:01:50.0581 5272 amdxata - ok
22:01:50.0618 5272 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
22:01:50.0620 5272 AppID - ok
22:01:50.0644 5272 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
22:01:50.0646 5272 AppIDSvc - ok
22:01:50.0668 5272 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
22:01:50.0670 5272 Appinfo - ok
22:01:50.0776 5272 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:01:50.0779 5272 Apple Mobile Device - ok
22:01:50.0812 5272 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
22:01:50.0814 5272 arc - ok
22:01:50.0836 5272 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
22:01:50.0838 5272 arcsas - ok
22:01:50.0863 5272 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
22:01:50.0864 5272 AsyncMac - ok
22:01:50.0893 5272 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
22:01:50.0894 5272 atapi - ok
22:01:50.0960 5272 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
22:01:50.0971 5272 AudioEndpointBuilder - ok
22:01:50.0992 5272 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
22:01:51.0007 5272 AudioSrv - ok
22:01:51.0043 5272 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
22:01:51.0045 5272 AxInstSV - ok
22:01:51.0100 5272 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
22:01:51.0108 5272 b06bdrv - ok
22:01:51.0162 5272 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
22:01:51.0167 5272 b57nd60a - ok
22:01:51.0340 5272 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:01:51.0344 5272 BBSvc - ok
22:01:51.0598 5272 BCM43XX (43ad3d3e7674833fca9a7c4e7180ad54) C:\windows\system32\DRIVERS\bcmwl664.sys
22:01:51.0673 5272 BCM43XX - ok
22:01:51.0767 5272 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
22:01:51.0769 5272 BDESVC - ok
22:01:51.0807 5272 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
22:01:51.0808 5272 Beep - ok
22:01:51.0878 5272 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
22:01:51.0880 5272 BingDesktopUpdate - ok
22:01:51.0926 5272 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
22:01:51.0927 5272 blbdrive - ok
22:01:52.0005 5272 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:01:52.0012 5272 Bonjour Service - ok
22:01:52.0055 5272 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
22:01:52.0057 5272 bowser - ok
22:01:52.0082 5272 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
22:01:52.0083 5272 BrFiltLo - ok
22:01:52.0097 5272 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
22:01:52.0098 5272 BrFiltUp - ok
22:01:52.0139 5272 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
22:01:52.0142 5272 Browser - ok
22:01:52.0176 5272 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
22:01:52.0181 5272 Brserid - ok
22:01:52.0225 5272 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
22:01:52.0227 5272 BrSerWdm - ok
22:01:52.0236 5272 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
22:01:52.0237 5272 BrUsbMdm - ok
22:01:52.0246 5272 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
22:01:52.0247 5272 BrUsbSer - ok
22:01:52.0293 5272 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\DRIVERS\BthEnum.sys
22:01:52.0294 5272 BthEnum - ok
22:01:52.0316 5272 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
22:01:52.0317 5272 BTHMODEM - ok
22:01:52.0342 5272 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
22:01:52.0344 5272 BthPan - ok
22:01:52.0386 5272 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\system32\Drivers\BTHport.sys
22:01:52.0395 5272 BTHPORT - ok
22:01:52.0423 5272 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
22:01:52.0425 5272 bthserv - ok
22:01:52.0455 5272 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\system32\Drivers\BTHUSB.sys
22:01:52.0457 5272 BTHUSB - ok
22:01:52.0553 5272 BTWAMPFL (72cc5dcc4e67e7927f94801166cfdcda) C:\windows\system32\DRIVERS\btwampfl.sys
22:01:52.0559 5272 BTWAMPFL - ok
22:01:52.0578 5272 btwaudio (f6135859a582a7294ba7a3336e08baa1) C:\windows\system32\drivers\btwaudio.sys
22:01:52.0581 5272 btwaudio - ok
22:01:52.0610 5272 btwavdt (3def2370e414b4e299673558ba171a51) C:\windows\system32\drivers\btwavdt.sys
22:01:52.0613 5272 btwavdt - ok
22:01:52.0736 5272 btwdins (f0af04a96ca48b869284b5dc4cdb8cbb) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:01:52.0751 5272 btwdins - ok
22:01:52.0779 5272 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\windows\system32\DRIVERS\btwl2cap.sys
22:01:52.0780 5272 btwl2cap - ok
22:01:52.0800 5272 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\windows\system32\DRIVERS\btwrchid.sys
22:01:52.0801 5272 btwrchid - ok
22:01:52.0862 5272 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
22:01:52.0864 5272 cdfs - ok
22:01:52.0895 5272 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
22:01:52.0898 5272 cdrom - ok
22:01:52.0938 5272 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
22:01:52.0940 5272 CertPropSvc - ok
22:01:52.0966 5272 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
22:01:52.0968 5272 circlass - ok
22:01:53.0011 5272 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
22:01:53.0017 5272 CLFS - ok
22:01:53.0089 5272 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:01:53.0091 5272 clr_optimization_v2.0.50727_32 - ok
22:01:53.0145 5272 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:01:53.0147 5272 clr_optimization_v2.0.50727_64 - ok
22:01:53.0219 5272 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:01:53.0224 5272 clr_optimization_v4.0.30319_32 - ok
22:01:53.0258 5272 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:01:53.0262 5272 clr_optimization_v4.0.30319_64 - ok
22:01:53.0295 5272 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\windows\system32\DRIVERS\clwvd.sys
22:01:53.0297 5272 clwvd - ok
22:01:53.0320 5272 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
22:01:53.0321 5272 CmBatt - ok
22:01:53.0350 5272 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
22:01:53.0351 5272 cmdide - ok
22:01:53.0408 5272 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
22:01:53.0415 5272 CNG - ok
22:01:53.0433 5272 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
22:01:53.0435 5272 Compbatt - ok
22:01:53.0453 5272 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
22:01:53.0455 5272 CompositeBus - ok
22:01:53.0462 5272 COMSysApp - ok
22:01:53.0484 5272 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
22:01:53.0485 5272 crcdisk - ok
22:01:53.0531 5272 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
22:01:53.0535 5272 CryptSvc - ok
22:01:53.0587 5272 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
22:01:53.0599 5272 DcomLaunch - ok
22:01:53.0650 5272 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
22:01:53.0656 5272 defragsvc - ok
22:01:53.0688 5272 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
22:01:53.0691 5272 DfsC - ok
22:01:53.0734 5272 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
22:01:53.0740 5272 Dhcp - ok
22:01:53.0752 5272 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
22:01:53.0754 5272 discache - ok
22:01:53.0805 5272 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
22:01:53.0807 5272 Disk - ok
22:01:53.0838 5272 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
22:01:53.0843 5272 Dnscache - ok
22:01:53.0883 5272 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
22:01:53.0888 5272 dot3svc - ok
22:01:53.0926 5272 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
22:01:53.0929 5272 DPS - ok
22:01:53.0957 5272 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
22:01:53.0958 5272 drmkaud - ok
22:01:54.0017 5272 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
22:01:54.0032 5272 DXGKrnl - ok
22:01:54.0071 5272 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
22:01:54.0074 5272 EapHost - ok
22:01:54.0226 5272 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
22:01:54.0266 5272 ebdrv - ok
22:01:54.0352 5272 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
22:01:54.0354 5272 EFS - ok
22:01:54.0436 5272 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
22:01:54.0447 5272 ehRecvr - ok
22:01:54.0474 5272 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
22:01:54.0476 5272 ehSched - ok
22:01:54.0577 5272 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
22:01:54.0585 5272 elxstor - ok
22:01:54.0610 5272 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
22:01:54.0611 5272 ErrDev - ok
22:01:54.0651 5272 ETD (9d8739a2a2173c9d27c499a3fc6eda3f) C:\windows\system32\DRIVERS\ETD.sys
22:01:54.0653 5272 ETD - ok
22:01:54.0710 5272 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
22:01:54.0717 5272 EventSystem - ok
22:01:54.0759 5272 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
22:01:54.0765 5272 exfat - ok
22:01:54.0793 5272 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
22:01:54.0797 5272 fastfat - ok
22:01:54.0857 5272 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
22:01:54.0869 5272 Fax - ok
22:01:54.0894 5272 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
22:01:54.0896 5272 fdc - ok
22:01:54.0920 5272 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
22:01:54.0924 5272 fdPHost - ok
22:01:54.0940 5272 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
22:01:54.0942 5272 FDResPub - ok
22:01:54.0961 5272 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
22:01:54.0963 5272 FileInfo - ok
22:01:54.0989 5272 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
22:01:54.0990 5272 Filetrace - ok
22:01:54.0996 5272 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
22:01:54.0997 5272 flpydisk - ok
22:01:55.0029 5272 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
22:01:55.0033 5272 FltMgr - ok
22:01:55.0114 5272 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
22:01:55.0129 5272 FontCache - ok
22:01:55.0212 5272 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:01:55.0213 5272 FontCache3.0.0.0 - ok
22:01:55.0276 5272 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
22:01:55.0278 5272 FsDepends - ok
22:01:55.0323 5272 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
22:01:55.0324 5272 Fs_Rec - ok
22:01:55.0368 5272 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
22:01:55.0372 5272 fvevol - ok
22:01:55.0381 5272 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
22:01:55.0383 5272 gagp30kx - ok
22:01:55.0501 5272 GameConsoleService (521a469caf61f00e1de081cc2099c1d6) C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
22:01:55.0505 5272 GameConsoleService - ok
22:01:55.0535 5272 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
22:01:55.0536 5272 GEARAspiWDM - ok
22:01:55.0591 5272 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
22:01:55.0604 5272 gpsvc - ok
22:01:55.0643 5272 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
22:01:55.0644 5272 hcw85cir - ok
22:01:55.0680 5272 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
22:01:55.0686 5272 HdAudAddService - ok
22:01:55.0714 5272 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
22:01:55.0716 5272 HDAudBus - ok
22:01:55.0724 5272 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
22:01:55.0726 5272 HidBatt - ok
22:01:55.0744 5272 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
22:01:55.0747 5272 HidBth - ok
22:01:55.0767 5272 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
22:01:55.0768 5272 HidIr - ok
22:01:55.0799 5272 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
22:01:55.0801 5272 hidserv - ok
22:01:55.0831 5272 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
22:01:55.0832 5272 HidUsb - ok
22:01:55.0865 5272 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
22:01:55.0869 5272 hkmsvc - ok
22:01:55.0900 5272 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
22:01:55.0906 5272 HomeGroupListener - ok
22:01:55.0949 5272 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
22:01:55.0955 5272 HomeGroupProvider - ok
22:01:56.0000 5272 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
22:01:56.0002 5272 HpSAMD - ok
22:01:56.0058 5272 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
22:01:56.0070 5272 HTTP - ok
22:01:56.0099 5272 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
22:01:56.0100 5272 hwpolicy - ok
22:01:56.0128 5272 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
22:01:56.0130 5272 i8042prt - ok
22:01:56.0189 5272 iaStor (53cc5bf8b5a219119953c7abb19a7705) C:\windows\system32\DRIVERS\iaStor.sys
22:01:56.0196 5272 iaStor - ok
22:01:56.0243 5272 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
22:01:56.0249 5272 iaStorV - ok
22:01:56.0383 5272 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:01:56.0396 5272 idsvc - ok
22:01:56.0917 5272 igfx (0ac9e321d604be48a0d72b69ba484bdc) C:\windows\system32\DRIVERS\igdkmd64.sys
22:01:57.0111 5272 igfx - ok
22:01:57.0225 5272 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
22:01:57.0227 5272 iirsp - ok
22:01:57.0298 5272 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
22:01:57.0314 5272 IKEEXT - ok
22:01:57.0464 5272 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\windows\system32\drivers\RTKVHD64.sys
22:01:57.0516 5272 IntcAzAudAddService - ok
22:01:57.0628 5272 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
22:01:57.0632 5272 IntcDAud - ok
22:01:57.0652 5272 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
22:01:57.0653 5272 intelide - ok
22:01:57.0671 5272 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
22:01:57.0673 5272 intelppm - ok
22:01:57.0710 5272 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
22:01:57.0713 5272 IPBusEnum - ok
22:01:57.0731 5272 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
22:01:57.0733 5272 IpFilterDriver - ok
22:01:57.0746 5272 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
22:01:57.0748 5272 IPMIDRV - ok
22:01:57.0773 5272 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
22:01:57.0775 5272 IPNAT - ok
22:01:57.0868 5272 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
22:01:57.0880 5272 iPod Service - ok
22:01:57.0888 5272 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
22:01:57.0889 5272 IRENUM - ok
22:01:57.0926 5272 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
22:01:57.0927 5272 isapnp - ok
22:01:57.0962 5272 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
22:01:57.0965 5272 iScsiPrt - ok
22:01:57.0982 5272 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
22:01:57.0983 5272 kbdclass - ok
22:01:58.0007 5272 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
22:01:58.0008 5272 kbdhid - ok
22:01:58.0045 5272 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:01:58.0048 5272 KeyIso - ok
22:01:58.0118 5272 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
22:01:58.0120 5272 KSecDD - ok
22:01:58.0148 5272 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
22:01:58.0151 5272 KSecPkg - ok
22:01:58.0175 5272 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
22:01:58.0176 5272 ksthunk - ok
22:01:58.0232 5272 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
22:01:58.0240 5272 KtmRm - ok
22:01:58.0287 5272 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
22:01:58.0295 5272 LanmanServer - ok
22:01:58.0328 5272 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
22:01:58.0334 5272 LanmanWorkstation - ok
22:01:58.0367 5272 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
22:01:58.0368 5272 lltdio - ok
22:01:58.0414 5272 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
22:01:58.0420 5272 lltdsvc - ok
22:01:58.0445 5272 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
22:01:58.0448 5272 lmhosts - ok
22:01:58.0538 5272 LMS (926eba26a8b49d1597751ced06b50862) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:01:58.0544 5272 LMS - ok
22:01:58.0573 5272 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
22:01:58.0576 5272 LSI_FC - ok
22:01:58.0620 5272 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
22:01:58.0622 5272 LSI_SAS - ok
22:01:58.0640 5272 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
22:01:58.0645 5272 LSI_SAS2 - ok
22:01:58.0678 5272 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
22:01:58.0680 5272 LSI_SCSI - ok
22:01:58.0706 5272 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
22:01:58.0710 5272 luafv - ok
22:01:58.0745 5272 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
22:01:58.0749 5272 Mcx2Svc - ok
22:01:58.0774 5272 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
22:01:58.0777 5272 megasas - ok
22:01:58.0803 5272 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
22:01:58.0807 5272 MegaSR - ok
22:01:58.0845 5272 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
22:01:58.0846 5272 MEIx64 - ok
22:01:58.0874 5272 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
22:01:58.0877 5272 MMCSS - ok
22:01:58.0892 5272 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
22:01:58.0893 5272 Modem - ok
22:01:58.0916 5272 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
22:01:58.0917 5272 monitor - ok
22:01:58.0932 5272 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
22:01:58.0933 5272 mouclass - ok
22:01:58.0942 5272 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
22:01:58.0943 5272 mouhid - ok
22:01:58.0969 5272 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
22:01:58.0971 5272 mountmgr - ok
22:01:59.0041 5272 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:01:59.0043 5272 MozillaMaintenance - ok
22:01:59.0085 5272 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\windows\system32\DRIVERS\MpFilter.sys
22:01:59.0088 5272 MpFilter - ok
22:01:59.0123 5272 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
22:01:59.0125 5272 mpio - ok
22:01:59.0149 5272 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
22:01:59.0151 5272 mpsdrv - ok
22:01:59.0174 5272 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
22:01:59.0176 5272 MRxDAV - ok
22:01:59.0218 5272 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
22:01:59.0221 5272 mrxsmb - ok
22:01:59.0290 5272 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
22:01:59.0294 5272 mrxsmb10 - ok
22:01:59.0321 5272 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
22:01:59.0324 5272 mrxsmb20 - ok
22:01:59.0352 5272 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
22:01:59.0353 5272 msahci - ok
22:01:59.0378 5272 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
22:01:59.0381 5272 msdsm - ok
22:01:59.0421 5272 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
22:01:59.0424 5272 MSDTC - ok
22:01:59.0463 5272 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
22:01:59.0464 5272 Msfs - ok
22:01:59.0481 5272 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
22:01:59.0482 5272 mshidkmdf - ok
22:01:59.0509 5272 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
22:01:59.0511 5272 msisadrv - ok
22:01:59.0550 5272 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
22:01:59.0555 5272 MSiSCSI - ok
22:01:59.0562 5272 msiserver - ok
22:01:59.0589 5272 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
22:01:59.0590 5272 MSKSSRV - ok
22:01:59.0606 5272 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
22:01:59.0607 5272 MSPCLOCK - ok
22:01:59.0632 5272 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
22:01:59.0633 5272 MSPQM - ok
22:01:59.0706 5272 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
22:01:59.0710 5272 MsRPC - ok
22:01:59.0739 5272 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
22:01:59.0740 5272 mssmbios - ok
22:01:59.0759 5272 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
22:01:59.0760 5272 MSTEE - ok
22:01:59.0789 5272 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
22:01:59.0790 5272 MTConfig - ok
22:01:59.0820 5272 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
22:01:59.0822 5272 Mup - ok
22:01:59.0872 5272 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
22:01:59.0880 5272 napagent - ok
22:01:59.0938 5272 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
22:01:59.0942 5272 NativeWifiP - ok
22:02:00.0002 5272 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
22:02:00.0013 5272 NDIS - ok
22:02:00.0051 5272 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
22:02:00.0052 5272 NdisCap - ok
22:02:00.0069 5272 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
22:02:00.0070 5272 NdisTapi - ok
22:02:00.0106 5272 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
22:02:00.0107 5272 Ndisuio - ok
22:02:00.0134 5272 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
22:02:00.0137 5272 NdisWan - ok
22:02:00.0166 5272 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
22:02:00.0167 5272 NDProxy - ok
22:02:00.0185 5272 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
22:02:00.0187 5272 NetBIOS - ok
22:02:00.0221 5272 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
22:02:00.0225 5272 NetBT - ok
22:02:00.0263 5272 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:02:00.0266 5272 Netlogon - ok
22:02:00.0315 5272 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
22:02:00.0322 5272 Netman - ok
22:02:00.0372 5272 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
22:02:00.0379 5272 netprofm - ok
22:02:00.0471 5272 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:02:00.0473 5272 NetTcpPortSharing - ok
22:02:00.0509 5272 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
22:02:00.0511 5272 nfrd960 - ok
22:02:00.0549 5272 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\windows\system32\DRIVERS\NisDrvWFP.sys
22:02:00.0551 5272 NisDrv - ok
22:02:00.0653 5272 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
22:02:00.0657 5272 NisSrv - ok
22:02:00.0704 5272 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
22:02:00.0711 5272 NlaSvc - ok
22:02:00.0904 5272 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
22:02:00.0947 5272 NOBU - ok
22:02:01.0056 5272 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
22:02:01.0058 5272 Npfs - ok
22:02:01.0088 5272 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
22:02:01.0091 5272 nsi - ok
22:02:01.0107 5272 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
22:02:01.0108 5272 nsiproxy - ok
22:02:01.0220 5272 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
22:02:01.0251 5272 Ntfs - ok
22:02:01.0362 5272 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
22:02:01.0363 5272 Null - ok
22:02:01.0402 5272 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\windows\system32\DRIVERS\nusb3hub.sys
22:02:01.0404 5272 nusb3hub - ok
22:02:01.0437 5272 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\windows\system32\DRIVERS\nusb3xhc.sys
22:02:01.0440 5272 nusb3xhc - ok
22:02:02.0012 5272 nvlddmkm (fbe6ac1c3591cb67543fad15abd26bcb) C:\windows\system32\DRIVERS\nvlddmkm.sys
22:02:02.0168 5272 nvlddmkm - ok
22:02:02.0274 5272 nvpciflt (680c5baf7d0190b1485068fc4ba75f1c) C:\windows\system32\DRIVERS\nvpciflt.sys
22:02:02.0275 5272 nvpciflt - ok
22:02:02.0314 5272 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
22:02:02.0316 5272 nvraid - ok
22:02:02.0342 5272 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
22:02:02.0345 5272 nvstor - ok
22:02:02.0413 5272 NVSvc (147b0d17255fd796f990cc6f745605c5) C:\windows\system32\nvvsvc.exe
22:02:02.0431 5272 NVSvc - ok
22:02:02.0583 5272 nvUpdatusService (812bf9531c827e1d8029843cddb2b5d6) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
22:02:02.0614 5272 nvUpdatusService - ok
22:02:02.0722 5272 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
22:02:02.0724 5272 nv_agp - ok
22:02:02.0770 5272 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
22:02:02.0772 5272 ohci1394 - ok
22:02:02.0867 5272 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:02:02.0870 5272 ose - ok
22:02:03.0120 5272 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:02:03.0196 5272 osppsvc - ok
22:02:03.0297 5272 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
22:02:03.0305 5272 p2pimsvc - ok
22:02:03.0351 5272 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
22:02:03.0360 5272 p2psvc - ok
22:02:03.0406 5272 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
22:02:03.0407 5272 Parport - ok
22:02:03.0451 5272 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
22:02:03.0452 5272 partmgr - ok
22:02:03.0489 5272 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
22:02:03.0493 5272 PcaSvc - ok
22:02:03.0531 5272 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
22:02:03.0534 5272 pci - ok
22:02:03.0560 5272 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
22:02:03.0561 5272 pciide - ok
22:02:03.0597 5272 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
22:02:03.0601 5272 pcmcia - ok
22:02:03.0623 5272 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
22:02:03.0625 5272 pcw - ok
22:02:03.0677 5272 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
22:02:03.0689 5272 PEAUTH - ok
22:02:03.0751 5272 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
22:02:03.0753 5272 PerfHost - ok
22:02:03.0863 5272 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
22:02:03.0887 5272 pla - ok
22:02:03.0944 5272 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
22:02:03.0954 5272 PlugPlay - ok
22:02:03.0985 5272 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
22:02:03.0989 5272 PNRPAutoReg - ok
22:02:04.0021 5272 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
22:02:04.0029 5272 PNRPsvc - ok
22:02:04.0094 5272 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
22:02:04.0104 5272 PolicyAgent - ok
22:02:04.0156 5272 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
22:02:04.0162 5272 Power - ok
22:02:04.0220 5272 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
22:02:04.0222 5272 PptpMiniport - ok
22:02:04.0238 5272 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
22:02:04.0239 5272 Processor - ok
22:02:04.0296 5272 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
22:02:04.0302 5272 ProfSvc - ok
22:02:04.0345 5272 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:02:04.0348 5272 ProtectedStorage - ok
22:02:04.0381 5272 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
22:02:04.0384 5272 Psched - ok
22:02:04.0455 5272 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
22:02:04.0474 5272 ql2300 - ok
22:02:04.0577 5272 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
22:02:04.0580 5272 ql40xx - ok
22:02:04.0624 5272 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
22:02:04.0631 5272 QWAVE - ok
22:02:04.0652 5272 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
22:02:04.0653 5272 QWAVEdrv - ok
22:02:04.0677 5272 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
22:02:04.0678 5272 RasAcd - ok
22:02:04.0709 5272 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
22:02:04.0711 5272 RasAgileVpn - ok
22:02:04.0747 5272 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
22:02:04.0753 5272 RasAuto - ok
22:02:04.0788 5272 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
22:02:04.0791 5272 Rasl2tp - ok
22:02:04.0843 5272 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
22:02:04.0853 5272 RasMan - ok
22:02:04.0876 5272 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
22:02:04.0878 5272 RasPppoe - ok
22:02:04.0915 5272 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
22:02:04.0917 5272 RasSstp - ok
22:02:04.0950 5272 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
22:02:04.0956 5272 rdbss - ok
22:02:04.0990 5272 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
22:02:04.0991 5272 rdpbus - ok
22:02:05.0017 5272 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
22:02:05.0018 5272 RDPCDD - ok
22:02:05.0070 5272 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
22:02:05.0071 5272 RDPENCDD - ok
22:02:05.0089 5272 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
22:02:05.0090 5272 RDPREFMP - ok
22:02:05.0146 5272 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
22:02:05.0152 5272 RDPWD - ok
22:02:05.0193 5272 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
22:02:05.0198 5272 rdyboost - ok
22:02:05.0235 5272 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
22:02:05.0239 5272 RemoteAccess - ok
22:02:05.0274 5272 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
22:02:05.0279 5272 RemoteRegistry - ok
22:02:05.0318 5272 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
22:02:05.0321 5272 RFCOMM - ok
22:02:05.0419 5272 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
22:02:05.0423 5272 RichVideo - ok
22:02:05.0469 5272 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
22:02:05.0474 5272 RpcEptMapper - ok
22:02:05.0505 5272 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
22:02:05.0507 5272 RpcLocator - ok
22:02:05.0549 5272 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
22:02:05.0561 5272 RpcSs - ok
22:02:05.0597 5272 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
22:02:05.0599 5272 rspndr - ok
22:02:05.0659 5272 RTL8167 (e50cfb92986dcab49de93788fd695813) C:\windows\system32\DRIVERS\Rt64win7.sys
22:02:05.0668 5272 RTL8167 - ok
22:02:05.0750 5272 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\windows\SysWOW64\drivers\rtport.sys
22:02:05.0751 5272 rtport - ok
22:02:05.0775 5272 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\windows\system32\Drivers\SABI.sys
22:02:05.0776 5272 SABI - ok
22:02:05.0809 5272 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:02:05.0812 5272 SamSs - ok
22:02:05.0852 5272 Samsung UPD Service (d641337b75b9a9d5ae10687aa1097755) C:\windows\System32\SUPDSvc.exe
22:02:05.0858 5272 Samsung UPD Service - ok
22:02:05.0889 5272 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
22:02:05.0893 5272 sbp2port - ok
22:02:05.0936 5272 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
22:02:05.0942 5272 SCardSvr - ok
22:02:05.0969 5272 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
22:02:05.0970 5272 scfilter - ok
22:02:06.0043 5272 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
22:02:06.0065 5272 Schedule - ok
22:02:06.0106 5272 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
22:02:06.0108 5272 SCPolicySvc - ok
22:02:06.0144 5272 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
22:02:06.0152 5272 SDRSVC - ok
22:02:06.0229 5272 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:02:06.0233 5272 SeaPort - ok
22:02:06.0272 5272 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
22:02:06.0273 5272 secdrv - ok
22:02:06.0301 5272 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
22:02:06.0304 5272 seclogon - ok
22:02:06.0327 5272 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
22:02:06.0331 5272 SENS - ok
22:02:06.0357 5272 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
22:02:06.0360 5272 SensrSvc - ok
22:02:06.0385 5272 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
22:02:06.0386 5272 Serenum - ok
22:02:06.0410 5272 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
22:02:06.0412 5272 Serial - ok
22:02:06.0437 5272 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
22:02:06.0438 5272 sermouse - ok
22:02:06.0491 5272 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
22:02:06.0497 5272 SessionEnv - ok
22:02:06.0519 5272 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
22:02:06.0520 5272 sffdisk - ok
22:02:06.0528 5272 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
22:02:06.0529 5272 sffp_mmc - ok
22:02:06.0542 5272 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
22:02:06.0543 5272 sffp_sd - ok
22:02:06.0556 5272 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
22:02:06.0557 5272 sfloppy - ok
22:02:06.0600 5272 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
22:02:06.0610 5272 ShellHWDetection - ok
22:02:06.0636 5272 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
22:02:06.0638 5272 SiSRaid2 - ok
22:02:06.0679 5272 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
22:02:06.0681 5272 SiSRaid4 - ok
22:02:06.0754 5272 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
22:02:06.0757 5272 SkypeUpdate - ok
22:02:06.0783 5272 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
22:02:06.0785 5272 Smb - ok
22:02:06.0848 5272 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
22:02:06.0853 5272 SNMPTRAP - ok
22:02:06.0908 5272 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
22:02:06.0909 5272 spldr - ok
22:02:06.0977 5272 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
22:02:06.0990 5272 Spooler - ok
22:02:07.0173 5272 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
22:02:07.0220 5272 sppsvc - ok
22:02:07.0373 5272 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
22:02:07.0379 5272 sppuinotify - ok
22:02:07.0443 5272 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
22:02:07.0450 5272 srv - ok
22:02:07.0495 5272 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
22:02:07.0502 5272 srv2 - ok
22:02:07.0557 5272 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
22:02:07.0560 5272 srvnet - ok
22:02:07.0603 5272 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
22:02:07.0612 5272 SSDPSRV - ok
22:02:07.0646 5272 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
22:02:07.0652 5272 SstpSvc - ok
22:02:07.0704 5272 Steam Client Service - ok
22:02:07.0738 5272 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
22:02:07.0739 5272 stexstor - ok
22:02:07.0769 5272 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys
22:02:07.0771 5272 StillCam - ok
22:02:07.0843 5272 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
22:02:07.0861 5272 stisvc - ok
22:02:07.0885 5272 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
22:02:07.0887 5272 swenum - ok
22:02:07.0939 5272 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
22:02:07.0950 5272 swprv - ok
22:02:08.0091 5272 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
22:02:08.0124 5272 SysMain - ok
22:02:08.0215 5272 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
22:02:08.0220 5272 TabletInputService - ok
22:02:08.0262 5272 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
22:02:08.0270 5272 TapiSrv - ok
22:02:08.0301 5272 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
22:02:08.0306 5272 TBS - ok
22:02:08.0440 5272 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
22:02:08.0471 5272 Tcpip - ok
22:02:08.0666 5272 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
22:02:08.0696 5272 TCPIP6 - ok
22:02:08.0822 5272 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
22:02:08.0823 5272 tcpipreg - ok
22:02:08.0844 5272 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
22:02:08.0845 5272 TDPIPE - ok
22:02:08.0900 5272 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
22:02:08.0901 5272 TDTCP - ok
22:02:08.0924 5272 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
22:02:08.0927 5272 tdx - ok
22:02:08.0959 5272 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
22:02:08.0961 5272 TermDD - ok
22:02:09.0022 5272 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
22:02:09.0037 5272 TermService - ok
22:02:09.0058 5272 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
22:02:09.0062 5272 Themes - ok
22:02:09.0090 5272 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
22:02:09.0094 5272 THREADORDER - ok
22:02:09.0133 5272 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
22:02:09.0139 5272 TrkWks - ok
22:02:09.0190 5272 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
22:02:09.0194 5272 TrustedInstaller - ok
22:02:09.0227 5272 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
22:02:09.0228 5272 tssecsrv - ok
22:02:09.0249 5272 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
22:02:09.0251 5272 TsUsbFlt - ok
22:02:09.0277 5272 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
22:02:09.0278 5272 TsUsbGD - ok
22:02:09.0309 5272 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
22:02:09.0312 5272 tunnel - ok
22:02:09.0353 5272 TurboB (48743b69ea47c020a792d8649f753f44) C:\windows\system32\DRIVERS\TurboB.sys
22:02:09.0355 5272 TurboB - ok
22:02:09.0449 5272 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
22:02:09.0452 5272 TurboBoost - ok
22:02:09.0489 5272 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
22:02:09.0490 5272 uagp35 - ok
22:02:09.0526 5272 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
22:02:09.0531 5272 udfs - ok
22:02:09.0583 5272 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
22:02:09.0588 5272 UI0Detect - ok
22:02:09.0617 5272 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
22:02:09.0619 5272 uliagpkx - ok
22:02:09.0645 5272 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
22:02:09.0647 5272 umbus - ok
22:02:09.0662 5272 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
22:02:09.0663 5272 UmPass - ok
22:02:09.0850 5272 UNS (fdf92ec84fecee834fb10a2a0a19bcda) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:02:09.0899 5272 UNS - ok
22:02:10.0004 5272 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
22:02:10.0013 5272 upnphost - ok
22:02:10.0067 5272 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys
22:02:10.0069 5272 USBAAPL64 - ok
22:02:10.0108 5272 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
22:02:10.0111 5272 usbccgp - ok
22:02:10.0144 5272 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
22:02:10.0147 5272 usbcir - ok
22:02:10.0176 5272 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
22:02:10.0178 5272 usbehci - ok
22:02:10.0213 5272 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
22:02:10.0219 5272 usbhub - ok
22:02:10.0245 5272 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
22:02:10.0246 5272 usbohci - ok
22:02:10.0282 5272 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys
22:02:10.0284 5272 usbprint - ok
22:02:10.0328 5272 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
22:02:10.0330 5272 USBSTOR - ok
22:02:10.0360 5272 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
22:02:10.0361 5272 usbuhci - ok
22:02:10.0395 5272 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
22:02:10.0398 5272 usbvideo - ok
22:02:10.0436 5272 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
22:02:10.0440 5272 UxSms - ok
22:02:10.0480 5272 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
22:02:10.0483 5272 VaultSvc - ok
22:02:10.0515 5272 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
22:02:10.0517 5272 vdrvroot - ok
22:02:10.0564 5272 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
22:02:10.0574 5272 vds - ok
22:02:10.0596 5272 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
22:02:10.0597 5272 vga - ok
22:02:10.0619 5272 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
22:02:10.0620 5272 VgaSave - ok
22:02:10.0650 5272 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
22:02:10.0653 5272 vhdmp - ok
22:02:10.0677 5272 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
22:02:10.0678 5272 viaide - ok
22:02:10.0706 5272 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
22:02:10.0708 5272 volmgr - ok
22:02:10.0740 5272 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
22:02:10.0745 5272 volmgrx - ok
22:02:10.0791 5272 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\windows\system32\drivers\volsnap.sys
22:02:10.0795 5272 volsnap - ok
22:02:10.0833 5272 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
22:02:10.0835 5272 vsmraid - ok
22:02:10.0940 5272 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
22:02:10.0964 5272 VSS - ok
22:02:11.0085 5272 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
22:02:11.0086 5272 vwifibus - ok
22:02:11.0140 5272 vwififlt (13a0decd1794de60a8427862c8669d27) C:\windows\system32\DRIVERS\vwififlt.sys
22:02:11.0141 5272 vwififlt - ok
22:02:11.0210 5272 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
22:02:11.0221 5272 W32Time - ok
22:02:11.0252 5272 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
22:02:11.0254 5272 WacomPen - ok
22:02:11.0280 5272 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
22:02:11.0282 5272 WANARP - ok
22:02:11.0292 5272 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
22:02:11.0295 5272 Wanarpv6 - ok
22:02:11.0391 5272 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
22:02:11.0413 5272 WatAdminSvc - ok
22:02:11.0516 5272 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
22:02:11.0544 5272 wbengine - ok
22:02:11.0682 5272 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
22:02:11.0689 5272 WbioSrvc - ok
22:02:11.0725 5272 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
22:02:11.0734 5272 wcncsvc - ok
22:02:11.0765 5272 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
22:02:11.0770 5272 WcsPlugInService - ok
22:02:11.0821 5272 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
22:02:11.0822 5272 Wd - ok
22:02:11.0881 5272 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
22:02:11.0893 5272 Wdf01000 - ok
22:02:11.0926 5272 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
22:02:11.0932 5272 WdiServiceHost - ok
22:02:11.0943 5272 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
22:02:11.0949 5272 WdiSystemHost - ok
22:02:11.0990 5272 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
22:02:12.0000 5272 WebClient - ok
22:02:12.0038 5272 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
22:02:12.0046 5272 Wecsvc - ok
22:02:12.0076 5272 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
22:02:12.0081 5272 wercplsupport - ok
22:02:12.0106 5272 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
22:02:12.0112 5272 WerSvc - ok
22:02:12.0174 5272 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
22:02:12.0175 5272 WfpLwf - ok
22:02:12.0192 5272 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
22:02:12.0193 5272 WIMMount - ok
22:02:12.0203 5272 WinHttpAutoProxySvc - ok
22:02:12.0268 5272 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
22:02:12.0273 5272 Winmgmt - ok
22:02:12.0396 5272 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
22:02:12.0439 5272 WinRM - ok
22:02:12.0562 5272 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
22:02:12.0563 5272 WinUsb - ok
22:02:12.0646 5272 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
22:02:12.0668 5272 Wlansvc - ok
22:02:12.0751 5272 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:02:12.0752 5272 wlcrasvc - ok
22:02:12.0898 5272 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:02:12.0943 5272 wlidsvc - ok
22:02:13.0056 5272 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
22:02:13.0057 5272 WmiAcpi - ok
22:02:13.0131 5272 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
22:02:13.0134 5272 wmiApSrv - ok
22:02:13.0190 5272 WMPNetworkSvc - ok
22:02:13.0222 5272 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
22:02:13.0227 5272 WPCSvc - ok
22:02:13.0252 5272 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
22:02:13.0260 5272 WPDBusEnum - ok
22:02:13.0292 5272 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
22:02:13.0293 5272 ws2ifsl - ok
22:02:13.0301 5272 WSearch - ok
22:02:13.0335 5272 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
22:02:13.0338 5272 WudfPf - ok
22:02:13.0410 5272 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
22:02:13.0413 5272 WUDFRd - ok
22:02:13.0442 5272 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
22:02:13.0448 5272 wudfsvc - ok
22:02:13.0486 5272 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
22:02:13.0494 5272 WwanSvc - ok
22:02:13.0562 5272 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
22:02:14.0051 5272 \Device\Harddisk0\DR0 - ok
22:02:14.0091 5272 Boot (0x1200) (297977640f9220f59ab9a64ca8aad4fd) \Device\Harddisk0\DR0\Partition0
22:02:14.0095 5272 \Device\Harddisk0\DR0\Partition0 - ok
22:02:14.0129 5272 Boot (0x1200) (2d837edfd9dea28e9bea2420ff297022) \Device\Harddisk0\DR0\Partition1
22:02:14.0133 5272 \Device\Harddisk0\DR0\Partition1 - ok
22:02:14.0192 5272 Boot (0x1200) (c840dbdd860521dd767b3742817b70dc) \Device\Harddisk0\DR0\Partition2
22:02:14.0216 5272 \Device\Harddisk0\DR0\Partition2 - ok
22:02:14.0218 5272 ============================================================
22:02:14.0218 5272 Scan finished
22:02:14.0218 5272 ============================================================
22:02:14.0251 5748 Detected object count: 0
22:02:14.0251 5748 Actual detected object count: 0

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:16 PM

Posted 26 July 2012 - 07:38 AM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a}

Click on LOOK,post the generated log


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 FullMetalPuppet

FullMetalPuppet
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 26 July 2012 - 08:41 AM

System look

SystemLook 30.07.11 by jpshortstuff
Log created at 13:45 on 26/07/2012 by Kieran
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 014A9CB92514E27C0107614DF764BC06
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a}"
C:\Users\Kieran\AppData\Local\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a} d--hs-- [10:27 15/02/2012]
C:\Windows\Installer\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a} d--hs-- [10:27 15/02/2012]

-= EOF =-

mini toolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Kieran (administrator) on 26-07-2012 at 14:27:26
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom 802.11n Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?&$ subinterface=ethernet_14 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : FullMetal
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2
Physical Address. . . . . . . . . : 90-A4-DE-A5-53-28
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
Physical Address. . . . . . . . . : 90-A4-DE-C6-24-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::841a:1d68:1e59:c530%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 26 July 2012 10:54:46
Lease Expires . . . . . . . . . . : 26 July 2012 15:05:48
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 428909790
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-F9-1B-0B-00-13-77-12-31-41
DNS Servers . . . . . . . . . . . : 194.168.4.100
194.168.8.100
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : E8-03-9A-01-60-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{30D76EC0-A62F-4256-A614-FD735B130451}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5A46DC68-6BE5-4397-B1F8-36D7164A8C50}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B316951F-F62D-4C79-9CEB-56B62B6F52B0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: google.com
Addresses: 2a00:1450:4009:804::1000
173.194.34.135
173.194.34.134
173.194.34.133
173.194.34.136
173.194.34.137
173.194.34.128
173.194.34.131
173.194.34.130
173.194.34.129
173.194.34.142
173.194.34.132


Pinging google.com [173.194.34.134] with 32 bytes of data:
Reply from 173.194.34.134: bytes=32 time=19ms TTL=54
Reply from 173.194.34.134: bytes=32 time=18ms TTL=56

Ping statistics for 173.194.34.134:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 19ms, Average = 18ms
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=253ms TTL=53
Reply from 72.30.38.140: bytes=32 time=173ms TTL=53

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 173ms, Maximum = 253ms, Average = 213ms
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...90 a4 de a5 53 28 ......Bluetooth Device (Personal Area Network) #2
14...90 a4 de c6 24 21 ......Broadcom 802.11n Network Adapter
13...e8 03 9a 01 60 5b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.6 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.6 286
192.168.0.6 255.255.255.255 On-link 192.168.0.6 286
192.168.0.255 255.255.255.255 On-link 192.168.0.6 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.6 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.6 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
14 286 fe80::/64 On-link
14 286 fe80::841a:1d68:1e59:c530/128
On-link
1 306 ff00::/8 On-link
14 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/26/2012 01:18:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7601.17568, time stamp: 0x4d6c7db2
Faulting module name: mshtml.dll, version: 9.0.8112.16446, time stamp: 0x4fb5b675
Exception code: 0xc0000005
Fault offset: 0x00000000002e9f82
Faulting process id: 0x778
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/26/2012 00:01:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4243

Error: (07/26/2012 00:01:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4243

Error: (07/26/2012 00:01:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2012 00:01:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3182

Error: (07/26/2012 00:01:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3182

Error: (07/26/2012 00:01:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2012 00:01:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2184

Error: (07/26/2012 00:01:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2184

Error: (07/26/2012 00:01:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/26/2012 00:35:47 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/26/2012 00:35:47 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/26/2012 00:16:55 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/26/2012 00:16:55 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/26/2012 11:59:41 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/26/2012 11:59:41 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/26/2012 11:45:20 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/26/2012 11:45:20 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/26/2012 10:55:09 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/26/2012 10:55:09 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (07/26/2012 01:18:09 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7601.175684d6c7db2mshtml.dll9.0.8112.164464fb5b675c000000500000000002e9f8277801cd6b289f873a70C:\windows\system32\svchost.exeC:\windows\system32\mshtml.dllf60afa8e-d71b-11e1-ba85-90a4dea55328

Error: (07/26/2012 00:01:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4243

Error: (07/26/2012 00:01:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4243

Error: (07/26/2012 00:01:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2012 00:01:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3182

Error: (07/26/2012 00:01:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3182

Error: (07/26/2012 00:01:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2012 00:01:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2184

Error: (07/26/2012 00:01:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2184

Error: (07/26/2012 00:01:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

???? ??? Windows Live (Version: 15.4.3502.0922)
???? Windows Live (Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader 9.5.1 (Version: 9.5.1)
Agatha Christie - Death on the Nile (Version: 2.2.0.82)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
µTorrent (Version: 3.1.3)
Audiosurf
„Windows Live Essentials“ (Version: 15.4.3502.0922)
„Windows Live Mail“ (Version: 15.4.3502.0922)
„Windows Live Messenger“ (Version: 15.4.3502.0922)
„Windows Live“ fotogalerija (Version: 15.4.3502.0922)
BatteryLifeExtender (Version: 1.0.11)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.610.0)
Bing Desktop (Version: 1.0.45.0)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Build-a-lot (Version: 2.2.0.82)
ChargeableUSB (Version: 1.0.0.0)
Chuzzle Deluxe (Version: 2.2.0.82)
CLANNAD Full Voice 1.5
CyberLink Media Suite (Version: 8.0.2227)
CyberLink Media+ Player10 (Version: 10.0.1110.00)
CyberLink MediaShow (Version: 5.0.1130a)
CyberLink Power2Go (Version: 6.1.3802)
CyberLink PowerDirector (Version: 8.0.3306)
CyberLink YouCam (Version: 3.1.3509)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.82)
Dungeon Defenders
Easy Content Share (Version: 1.0)
Easy Display Manager (Version: 3.2)
Easy Migration (Version: 1.0)
Easy Network Manager (Version: 4.4.7)
Easy SpeedUp Manager (Version: 2.1.1.1)
EasyBatteryManager (Version: 4.0.0.4)
EasyFileShare (Version: 1.0.13)
ESET Online Scanner v3
ETDWare PS/2-X64 8.0.7.2_WHQL (Version: 8.0.7.2)
Farm Frenzy (Version: 2.2.0.82)
Fast Start (Version: 2.2.0.1)
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 20.0.1132.57)
iCloud (Version: 1.1.0.40)
Insaniquarium Deluxe (Version: 2.2.0.82)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Processor Graphics (Version: 8.15.10.2253)
Intel® Rapid Storage Technology (Version: 10.1.5.1001)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.0.82.0)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
John Deere Drive Green (Version: 2.2.0.82)
Junk Mail filter update (Version: 15.4.3502.0922)
KNOWHOW™ APP CENTRE (Version: 22447)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Movie Color Enhancer (Version: 1.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Multimedia POP (Version: 1.1)
Norton Online Backup (Version: 2.1.17869)
NVIDIA Display Control Panel (Version: 6.14.12.6672)
NVIDIA Graphics Driver 266.72 (Version: 266.72)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.15 (Version: 1.0.15)
NVIDIA Update Components (Version: 1.0.15)
Peggle (Version: 2.2.0.82)
Penguins! (Version: 2.2.0.82)
PhoneShare (Version: 9.1.4)
Plants vs. Zombies (Version: 2.2.0.82)
Poczta uslugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Polar Golfer (Version: 2.2.0.82)
Pošta Windows Live (Version: 15.4.3502.0922)
QuickTime (Version: 7.72.80.56)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realm of the Mad God
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek Ethernet Controller Driver (Version: 7.45.516.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6400)
RealUpgrade 1.1 (Version: 1.1.0)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.30.0)
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
Safari (Version: 5.34.57.2)
Samsung AnyWeb Print (Version: 2.0.67.1)
Samsung Printer Live Update
Samsung Recovery Solution 5 (Version: 5.0.0.9)
Samsung Support Center 1.0 (Version: 1.1.38)
Samsung Universal Print Driver (Version: 2.02.05.00:27)
Samsung Universal Scan Driver (Version: 1.2.5.0)
Samsung Update Plus (Version: 3.0.0.17)
SamsungMovie (Version: 1.0.0)
SISShortcut (Version: 1.00.000)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.9 (Version: 5.9.123)
Star Wars Battlefront II (Version: 1.0)
Steam (Version: 1.0.0.0)
System Requirements Lab CYRI (Version: 4.5.1.0)
Terraria
The Binding Of Isaac
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
User Guide (Version: 1.5)
uTorrentControl2 Toolbar (Version: 6.8.9.0)
VLC media player 1.0.1 (Version: 1.0.1)
WIDCOMM Bluetooth Software (Version: 6.3.0.7000)
WildTangent Games (Version: 1.0.1.5)
WildTangent ORB Game Console
Windows Live ?? (Version: 15.4.3502.0922)
Windows Live ?? ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3508.1109)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Foto-galerija (Version: 15.4.3502.0922)
Windows Live fotoattelu galerija (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Pošta (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
WinRAR 4.10 (64-bit) (Version: 4.10.0)
WordCaptureX Pro (Version: 4.0.0)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 8104.37 MB
Available physical RAM: 5576.23 MB
Total Pagefile: 16206.93 MB
Available Pagefile: 12992.98 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.58 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:365 GB) (Free:262.74 GB) NTFS
2 Drive d: () (Fixed) (Total:546.27 GB) (Free:516.65 GB) NTFS

========================= Users: ========================================

User accounts for \\FULLMETAL

Administrator Guest Kieran
UpdatusUser


**** End of log ****


FSS

Farbar Service Scanner Version: 22-07-2012
Ran by Kieran (administrator) on 26-07-2012 at 14:40:13
Running from "C:\Users\Kieran\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware cleaner

# AdwCleaner v1.703 - Logfile created 07/26/2012 at 14:34:47
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Kieran - FULLMETAL
# Running from : C:\Users\Kieran\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Kieran\AppData\Local\APN
Folder Deleted : C:\Users\Kieran\AppData\Local\Conduit
Folder Deleted : C:\Users\Kieran\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\Profiles\772uotg5.default\ConduitCommon
Folder Deleted : C:\Program Files (x86)\Conduit
File Deleted : C:\Users\Kieran\AppData\Local\Temp\Uninstall.exe

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Conduit

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\Profiles\772uotg5.default\prefs.js

Deleted : user_pref("CT3072253..clientLogIsEnabled", false);
Deleted : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129572937280362976", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445530228833", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Deleted : user_pref("CT3072253.CTID", "CT3072253");
Deleted : user_pref("CT3072253.CurrentServerDate", "25-7-2012");
Deleted : user_pref("CT3072253.DSInstall", false);
Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Mon Jul 23 2012 03:18:11 GMT+0100 (GMT Daylight T[...]
Deleted : user_pref("CT3072253.DownloadReferralCookieData", "");
Deleted : user_pref("CT3072253.FirstServerDate", "16-2-2012");
Deleted : user_pref("CT3072253.FirstTime", true);
Deleted : user_pref("CT3072253.FirstTimeFF3", true);
Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true);
Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3072253.HPInstall", false);
Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Deleted : user_pref("CT3072253.Initialize", true);
Deleted : user_pref("CT3072253.InitializeCommonPrefs", true);
Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT3072253.InstallationId", "ConduitXPEIntegration");
Deleted : user_pref("CT3072253.InstallationType", "ConduitXPEIntegration");
Deleted : user_pref("CT3072253.InstalledDate", "Wed Feb 15 2012 22:33:24 GMT+0000 (GMT Standard Time)");
Deleted : user_pref("CT3072253.IsGrouping", false);
Deleted : user_pref("CT3072253.IsInitSetupIni", true);
Deleted : user_pref("CT3072253.IsMulticommunity", false);
Deleted : user_pref("CT3072253.IsOpenThankYouPage", true);
Deleted : user_pref("CT3072253.IsOpenUninstallPage", false);
Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Tue Jul 24 2012 21:54:40 GMT+0100 (GMT Daylight Ti[...]
Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3072253.LastLogin_3.12.0.7", "Wed Apr 25 2012 19:52:23 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT3072253.LastLogin_3.12.2.3", "Wed May 30 2012 15:02:55 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT3072253.LastLogin_3.13.0.6", "Wed Jul 25 2012 19:41:07 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT3072253.LastLogin_3.14.1.0", "Wed Jul 25 2012 20:48:44 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT3072253.LastLogin_3.9.0.3", "Wed Feb 15 2012 22:33:26 GMT+0000 (GMT Standard Time)");
Deleted : user_pref("CT3072253.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT3072253.Locale", "en");
Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.9.0.3");
Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Tue Jul 24 2012 21:54:40 GMT+0100 (GMT Daylight [...]
Deleted : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Tue Jul 24 2012 21:54:40 GMT+0100 (GMT Daylight Time[...]
Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Wed Jul 25 2012 19:41:07 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("CT3072253.SettingsLastUpdate", "1342354602");
Deleted : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Wed Feb 15 2012 22:33:22 GMT+0000 (GMT Standar[...]
Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3072253.UserID", "UN28045162907045760");
Deleted : user_pref("CT3072253.ValidationData_Toolbar", 1);
Deleted : user_pref("CT3072253.alertChannelId", "1463702");
Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", "5765642046656220313520323031322032323A33333A33302[...]
Deleted : user_pref("CT3072253.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT3072253.backendstorage.facebook_user_locale", "656E");
Deleted : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Wed Feb 15 2012 22:33:24 GMT+0000 (GMT Stan[...]
Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3072253.initDone", true);
Deleted : user_pref("CT3072253.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3072253.myStuffEnabled", true);
Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3072253.revertSettingsEnabled", true);
Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3072253.testingCtid", "");
Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Tue Jul 24 2012 21:54:40 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Wed Feb 15 2012 22:33:27 GMT+0000 (GMT Stand[...]
Deleted : user_pref("CT3072253.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/UK", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"229[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Kieran\\AppData\\Roaming\\Mozilla\\[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Deleted : user_pref("CommunityToolbar.globalUserId", "8ba444f1-c06b-4a69-8146-c6e91605a7a1");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Feb 15 2012 22:33:2[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Feb 15 2012 22:33:35 GMT+000[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Feb 15 2012 22:33:22 GMT+0000 (G[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "acf35a06-9e36-46a1-a38c-cdff64dfd2d5");
Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=[...]

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Kieran\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",
Deleted : "scriptable_host": [ "hxxp://*/*", "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdC[...]
Deleted : "matches": [ "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*", "[...]
Deleted : "path": "plugins/ConduitChromeApiPlugin.dll",
Deleted : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT307225[...]

*************************

AdwCleaner[S1].txt - [13641 octets] - [26/07/2012 14:34:47]

########## EOF - C:\AdwCleaner[S1].txt - [13770 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:16 PM

Posted 26 July 2012 - 08:47 AM

Malwarebytes log?

#9 FullMetalPuppet

FullMetalPuppet
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 26 July 2012 - 09:33 AM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.25.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kieran :: FULLMETAL [administrator]

26/07/2012 13:48:32
mbam-log-2012-07-26 (13-48-32).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 394806
Time elapsed: 37 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:16 PM

Posted 26 July 2012 - 09:40 AM

Press Windows+R key and type

notepad and click ok

copy this script and paste in notepad
@echo off
cd c:\windows\system32
takeown /a /f services.exe
cacls services.exe /g administrators:f
ren services.exe services.exe.old
COPY /Y C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\WINDOWS\system32
DEL %0

Click on FILE>> save as

filename:services.bat
Save as type:All types

Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER


Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Kieran\AppData\Local\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a}
C:\Windows\Installer\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a}

delete the folders

Post the new system look log

Download

MpsSvc
BFE
wscsvc
defender
wuauserv
BITS
Sharedaccess

Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#11 FullMetalPuppet

FullMetalPuppet
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 26 July 2012 - 10:32 AM

System Look

SystemLook 30.07.11 by jpshortstuff
Log created at 16:00 on 26/07/2012 by Kieran
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a}"
C:\Users\Kieran\AppData\Local\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a} d--hs-- [10:27 15/02/2012]
C:\Windows\Installer\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a} d--hs-- [10:27 15/02/2012]

-= EOF =-

FSS

wFarbar Service Scanner Version: 26-07-2012
Ran by Kieran (administrator) on 26-07-2012 at 16:31:42
Running from "C:\Users\Kieran\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Also it seems as though my Firewall is working again (I hadn't even realised it had been down)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:16 PM

Posted 26 July 2012 - 10:46 AM

Searching for "{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a}"
C:\Users\Kieran\AppData\Local\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a} d--hs-- [10:27 15/02/2012]
C:\Windows\Installer\{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a} d--hs-- [10:27 15/02/2012]


Delete these folders and post the new System look log

#13 FullMetalPuppet

FullMetalPuppet
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 26 July 2012 - 11:38 AM

SystemLook 30.07.11 by jpshortstuff
Log created at 17:37 on 26/07/2012 by Kieran
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{3bf1d42c-8c4c-1d21-d332-a6ec1a4a7f3a}"
No folders found.

-= EOF =-

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:16 PM

Posted 26 July 2012 - 01:27 PM

Delete this file

C:\windows\system32\services.exe.old

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#15 FullMetalPuppet

FullMetalPuppet
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 26 July 2012 - 03:13 PM

Thank you for all your help. I am certain this is just due to carelessness on my part and I have learnt from it
Sorry for any trouble caused in asking for your help but I am really grateful.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users