Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

strange sound playing at odd hours


  • Please log in to reply
11 replies to this topic

#1 mattsbach

mattsbach

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 01 August 2012 - 12:26 AM

just recently my computer started playing advertisements in the background at random times - just audio. It's weird stuff - sometimes it's an ad and other times it's just strange sounds like voices murmuring (no I'm not crazy :)). It's not coming from any programs I have running and I can't see anything in the system processes that point to where it's coming from. The audio lasts for 1-2 minutes and then shuts off. I figure I'm infected with spyware but don't know how to address the issue. I've run MBAM with no infections found. Please help me diagnose and thank you!

matthew

Edited by Budapest, 01 August 2012 - 12:33 AM.
Moved from Win7 ~Budapest


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:52 AM

Posted 01 August 2012 - 06:05 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 mattsbach

mattsbach
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 01 August 2012 - 12:53 PM

Thank you so much! here are the logs


12:16:41.0510 7716 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:16:41.0713 7716 ============================================================
12:16:41.0713 7716 Current date / time: 2012/08/01 12:16:41.0713
12:16:41.0713 7716 SystemInfo:
12:16:41.0713 7716
12:16:41.0713 7716 OS Version: 6.1.7601 ServicePack: 1.0
12:16:41.0713 7716 Product type: Workstation
12:16:41.0713 7716 ComputerName: OWNER-PC110658
12:16:41.0713 7716 UserName: Owner
12:16:41.0713 7716 Windows directory: C:\Windows
12:16:41.0713 7716 System windows directory: C:\Windows
12:16:41.0713 7716 Running under WOW64
12:16:41.0713 7716 Processor architecture: Intel x64
12:16:41.0713 7716 Number of processors: 8
12:16:41.0713 7716 Page size: 0x1000
12:16:41.0713 7716 Boot type: Normal boot
12:16:41.0713 7716 ============================================================
12:16:42.0087 7716 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:16:42.0087 7716 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:16:42.0087 7716 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:16:42.0087 7716 Drive \Device\Harddisk3\DR3 - Size: 0x7446E00000 (465.11 Gb), SectorSize: 0x200, Cylinders: 0xED2B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:16:42.0087 7716 Drive \Device\Harddisk4\DR4 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:16:47.0703 7716 ============================================================
12:16:47.0703 7716 \Device\Harddisk0\DR0:
12:16:47.0703 7716 MBR partitions:
12:16:47.0703 7716 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38949991
12:16:47.0703 7716 \Device\Harddisk1\DR1:
12:16:47.0703 7716 MBR partitions:
12:16:47.0703 7716 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:16:47.0703 7716 \Device\Harddisk2\DR2:
12:16:47.0703 7716 MBR partitions:
12:16:47.0703 7716 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
12:16:47.0703 7716 \Device\Harddisk3\DR3:
12:16:47.0703 7716 MBR partitions:
12:16:47.0703 7716 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A236800
12:16:47.0703 7716 \Device\Harddisk4\DR4:
12:16:47.0703 7716 MBR partitions:
12:16:47.0703 7716 \Device\Harddisk4\DR4\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
12:16:47.0703 7716 ============================================================
12:16:47.0750 7716 C: <-> \Device\Harddisk0\DR0\Partition0
12:16:47.0781 7716 E: <-> \Device\Harddisk1\DR1\Partition0
12:16:48.0109 7716 H: <-> \Device\Harddisk3\DR3\Partition0
12:16:48.0140 7716 I: <-> \Device\Harddisk2\DR2\Partition0
12:16:48.0171 7716 K: <-> \Device\Harddisk4\DR4\Partition0
12:16:48.0171 7716 ============================================================
12:16:48.0171 7716 Initialize success
12:16:48.0171 7716 ============================================================
12:16:50.0215 7844 ============================================================
12:16:50.0215 7844 Scan started
12:16:50.0215 7844 Mode: Manual;
12:16:50.0215 7844 ============================================================
12:16:52.0009 7844 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
12:16:52.0009 7844 1394ohci - ok
12:16:52.0040 7844 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:16:52.0040 7844 ACPI - ok
12:16:52.0056 7844 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:16:52.0056 7844 AcpiPmi - ok
12:16:52.0134 7844 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:16:52.0134 7844 AdobeARMservice - ok
12:16:52.0243 7844 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:16:52.0243 7844 AdobeFlashPlayerUpdateSvc - ok
12:16:52.0274 7844 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
12:16:52.0290 7844 adp94xx - ok
12:16:52.0321 7844 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
12:16:52.0321 7844 adpahci - ok
12:16:52.0336 7844 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
12:16:52.0336 7844 adpu320 - ok
12:16:52.0352 7844 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:16:52.0352 7844 AeLookupSvc - ok
12:16:52.0399 7844 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:16:52.0399 7844 AFD - ok
12:16:52.0414 7844 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:16:52.0414 7844 agp440 - ok
12:16:52.0430 7844 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:16:52.0430 7844 ALG - ok
12:16:52.0446 7844 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:16:52.0446 7844 aliide - ok
12:16:52.0461 7844 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:16:52.0461 7844 amdide - ok
12:16:52.0461 7844 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
12:16:52.0461 7844 AmdK8 - ok
12:16:52.0477 7844 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
12:16:52.0477 7844 AmdPPM - ok
12:16:52.0492 7844 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:16:52.0492 7844 amdsata - ok
12:16:52.0508 7844 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
12:16:52.0508 7844 amdsbs - ok
12:16:52.0524 7844 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:16:52.0524 7844 amdxata - ok
12:16:52.0539 7844 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:16:52.0555 7844 AppID - ok
12:16:52.0570 7844 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:16:52.0570 7844 AppIDSvc - ok
12:16:52.0570 7844 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:16:52.0586 7844 Appinfo - ok
12:16:52.0695 7844 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:16:52.0695 7844 Apple Mobile Device - ok
12:16:52.0742 7844 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
12:16:52.0742 7844 AppMgmt - ok
12:16:52.0758 7844 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
12:16:52.0758 7844 arc - ok
12:16:52.0789 7844 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
12:16:52.0789 7844 arcsas - ok
12:16:52.0804 7844 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:16:52.0820 7844 AsyncMac - ok
12:16:52.0867 7844 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:16:52.0867 7844 atapi - ok
12:16:52.0898 7844 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:16:52.0898 7844 AudioEndpointBuilder - ok
12:16:52.0914 7844 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:16:52.0914 7844 AudioSrv - ok
12:16:52.0945 7844 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:16:52.0945 7844 AxInstSV - ok
12:16:52.0976 7844 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
12:16:52.0976 7844 b06bdrv - ok
12:16:52.0992 7844 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:16:52.0992 7844 b57nd60a - ok
12:16:53.0007 7844 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:16:53.0007 7844 BDESVC - ok
12:16:53.0023 7844 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:16:53.0038 7844 Beep - ok
12:16:53.0054 7844 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:16:53.0054 7844 blbdrive - ok
12:16:53.0194 7844 Bluetooth Device Manager (e7062088161c56bf42e7dba53664e584) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
12:16:53.0210 7844 Bluetooth Device Manager - ok
12:16:53.0257 7844 Bluetooth Media Service (21b1cb06c0254bbc08b8c30d8f282e69) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
12:16:53.0272 7844 Bluetooth Media Service - ok
12:16:53.0304 7844 Bluetooth OBEX Service (0bc0dc720f22a9d6d721fd5b7d15e84f) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
12:16:53.0304 7844 Bluetooth OBEX Service - ok
12:16:53.0366 7844 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:16:53.0366 7844 Bonjour Service - ok
12:16:53.0553 7844 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:16:53.0553 7844 bowser - ok
12:16:53.0569 7844 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
12:16:53.0569 7844 BrFiltLo - ok
12:16:53.0569 7844 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
12:16:53.0569 7844 BrFiltUp - ok
12:16:53.0584 7844 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:16:53.0600 7844 BridgeMP - ok
12:16:53.0600 7844 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:16:53.0600 7844 Browser - ok
12:16:53.0616 7844 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:16:53.0616 7844 Brserid - ok
12:16:53.0631 7844 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:16:53.0631 7844 BrSerWdm - ok
12:16:53.0631 7844 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:16:53.0631 7844 BrUsbMdm - ok
12:16:53.0631 7844 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:16:53.0631 7844 BrUsbSer - ok
12:16:53.0647 7844 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
12:16:53.0647 7844 BTHMODEM - ok
12:16:53.0647 7844 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:16:53.0647 7844 bthserv - ok
12:16:53.0678 7844 BTMCOM (6d3ff2b480f7ab8da103cbc7fbeacd48) C:\Windows\system32\Drivers\btmcom.sys
12:16:53.0678 7844 BTMCOM - ok
12:16:53.0725 7844 BTMUSB (8515aa7dc5ecebdfcc480d2001398bd7) C:\Windows\system32\Drivers\btmusb.sys
12:16:53.0725 7844 BTMUSB - ok
12:16:53.0740 7844 catchme - ok
12:16:53.0772 7844 cbfs3 (b9f9b339e3996a28a37b55b1c74e1d66) C:\Windows\system32\drivers\cbfs3.sys
12:16:53.0772 7844 cbfs3 - ok
12:16:53.0803 7844 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:16:53.0803 7844 cdfs - ok
12:16:53.0834 7844 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:16:53.0834 7844 cdrom - ok
12:16:53.0865 7844 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:16:53.0865 7844 CertPropSvc - ok
12:16:53.0865 7844 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
12:16:53.0865 7844 circlass - ok
12:16:53.0881 7844 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:16:53.0896 7844 CLFS - ok
12:16:53.0959 7844 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:16:53.0959 7844 clr_optimization_v2.0.50727_32 - ok
12:16:53.0990 7844 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:16:53.0990 7844 clr_optimization_v2.0.50727_64 - ok
12:16:54.0037 7844 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:16:54.0037 7844 clr_optimization_v4.0.30319_32 - ok
12:16:54.0068 7844 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:16:54.0084 7844 clr_optimization_v4.0.30319_64 - ok
12:16:54.0084 7844 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
12:16:54.0084 7844 CmBatt - ok
12:16:54.0099 7844 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:16:54.0099 7844 cmdide - ok
12:16:54.0130 7844 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
12:16:54.0130 7844 CNG - ok
12:16:54.0146 7844 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
12:16:54.0146 7844 Compbatt - ok
12:16:54.0162 7844 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
12:16:54.0162 7844 CompositeBus - ok
12:16:54.0177 7844 COMSysApp - ok
12:16:54.0193 7844 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
12:16:54.0193 7844 crcdisk - ok
12:16:54.0208 7844 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
12:16:54.0208 7844 CryptSvc - ok
12:16:54.0240 7844 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
12:16:54.0240 7844 CSC - ok
12:16:54.0271 7844 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
12:16:54.0271 7844 CscService - ok
12:16:54.0318 7844 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
12:16:54.0318 7844 dc3d - ok
12:16:54.0349 7844 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:16:54.0349 7844 DcomLaunch - ok
12:16:54.0380 7844 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:16:54.0380 7844 defragsvc - ok
12:16:54.0396 7844 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:16:54.0396 7844 DfsC - ok
12:16:54.0411 7844 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:16:54.0411 7844 Dhcp - ok
12:16:54.0427 7844 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:16:54.0427 7844 discache - ok
12:16:54.0442 7844 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
12:16:54.0442 7844 Disk - ok
12:16:54.0458 7844 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
12:16:54.0458 7844 dmvsc - ok
12:16:54.0489 7844 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:16:54.0505 7844 Dnscache - ok
12:16:54.0520 7844 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:16:54.0520 7844 dot3svc - ok
12:16:54.0520 7844 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:16:54.0520 7844 DPS - ok
12:16:54.0552 7844 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:16:54.0552 7844 drmkaud - ok
12:16:54.0583 7844 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:16:54.0583 7844 DXGKrnl - ok
12:16:54.0614 7844 e1cexpress (471612d324d8682b98b267bd091d2219) C:\Windows\system32\DRIVERS\e1c62x64.sys
12:16:54.0614 7844 e1cexpress - ok
12:16:54.0630 7844 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:16:54.0630 7844 EapHost - ok
12:16:54.0708 7844 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
12:16:54.0754 7844 ebdrv - ok
12:16:54.0926 7844 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:16:54.0926 7844 EFS - ok
12:16:54.0988 7844 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:16:54.0988 7844 ehRecvr - ok
12:16:55.0004 7844 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:16:55.0004 7844 ehSched - ok
12:16:55.0082 7844 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
12:16:55.0082 7844 ElbyCDIO - ok
12:16:55.0129 7844 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
12:16:55.0129 7844 elxstor - ok
12:16:55.0144 7844 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:16:55.0144 7844 ErrDev - ok
12:16:55.0238 7844 esgiguard (df96c3cd6ae15f6d0a6bcb70f9c1e88d) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
12:16:55.0238 7844 esgiguard - ok
12:16:55.0269 7844 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:16:55.0269 7844 EventSystem - ok
12:16:55.0269 7844 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:16:55.0285 7844 exfat - ok
12:16:55.0300 7844 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:16:55.0300 7844 fastfat - ok
12:16:55.0332 7844 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:16:55.0347 7844 Fax - ok
12:16:55.0347 7844 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
12:16:55.0347 7844 fdc - ok
12:16:55.0378 7844 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:16:55.0378 7844 fdPHost - ok
12:16:55.0394 7844 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:16:55.0394 7844 FDResPub - ok
12:16:55.0394 7844 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:16:55.0394 7844 FileInfo - ok
12:16:55.0410 7844 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:16:55.0410 7844 Filetrace - ok
12:16:55.0519 7844 FLEXnet Licensing Service (3d9b36631032fde0ffea0dc0260e4e35) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:16:55.0519 7844 FLEXnet Licensing Service - ok
12:16:55.0550 7844 FLEXnet Licensing Service 64 (52c0312ab35eb7187015fb6a99136bb5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:16:55.0566 7844 FLEXnet Licensing Service 64 - ok
12:16:55.0753 7844 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
12:16:55.0753 7844 flpydisk - ok
12:16:56.0361 7844 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:16:56.0361 7844 FltMgr - ok
12:16:56.0392 7844 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:16:56.0424 7844 FontCache - ok
12:16:56.0486 7844 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:16:56.0486 7844 FontCache3.0.0.0 - ok
12:16:56.0517 7844 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:16:56.0517 7844 FsDepends - ok
12:16:56.0548 7844 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:16:56.0548 7844 Fs_Rec - ok
12:16:57.0063 7844 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:16:57.0079 7844 fvevol - ok
12:16:57.0079 7844 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
12:16:57.0079 7844 gagp30kx - ok
12:16:57.0126 7844 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:16:57.0126 7844 GEARAspiWDM - ok
12:16:57.0157 7844 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:16:57.0157 7844 gpsvc - ok
12:16:57.0266 7844 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:16:57.0266 7844 gupdate - ok
12:16:57.0282 7844 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:16:57.0282 7844 gupdatem - ok
12:16:57.0297 7844 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:16:57.0297 7844 hcw85cir - ok
12:16:57.0328 7844 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:16:57.0328 7844 HdAudAddService - ok
12:16:57.0344 7844 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:16:57.0344 7844 HDAudBus - ok
12:16:57.0375 7844 hdsp (981135f473d20c32f6bdf5952a08be14) C:\Windows\system32\drivers\hdsp_64.sys
12:16:57.0375 7844 hdsp - ok
12:16:57.0391 7844 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
12:16:57.0391 7844 HidBatt - ok
12:16:57.0391 7844 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
12:16:57.0391 7844 HidBth - ok
12:16:57.0406 7844 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
12:16:57.0406 7844 HidIr - ok
12:16:57.0422 7844 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:16:57.0422 7844 hidserv - ok
12:16:57.0438 7844 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:16:57.0438 7844 HidUsb - ok
12:16:57.0469 7844 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:16:57.0469 7844 hkmsvc - ok
12:16:57.0484 7844 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:16:57.0484 7844 HomeGroupListener - ok
12:16:57.0500 7844 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:16:57.0516 7844 HomeGroupProvider - ok
12:16:57.0547 7844 hotcore3 (cf512ee1c8299766241fc9a9d74f8db0) C:\Windows\system32\DRIVERS\hotcore3.sys
12:16:57.0547 7844 hotcore3 - ok
12:16:57.0547 7844 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:16:57.0547 7844 HpSAMD - ok
12:16:57.0578 7844 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:16:57.0594 7844 HTTP - ok
12:16:57.0594 7844 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:16:57.0594 7844 hwpolicy - ok
12:16:57.0609 7844 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:16:57.0625 7844 i8042prt - ok
12:16:57.0640 7844 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
12:16:57.0640 7844 iaStor - ok
12:16:57.0750 7844 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:16:57.0750 7844 IAStorDataMgrSvc - ok
12:16:57.0796 7844 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:16:57.0796 7844 iaStorV - ok
12:16:57.0843 7844 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:16:57.0859 7844 idsvc - ok
12:16:57.0874 7844 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
12:16:57.0874 7844 iirsp - ok
12:16:57.0921 7844 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:16:57.0921 7844 IKEEXT - ok
12:16:57.0937 7844 Intel® PROSet Monitoring Service (7a3f838f2d7c8fd8e8cff480384a798c) C:\Windows\system32\IProsetMonitor.exe
12:16:57.0952 7844 Intel® PROSet Monitoring Service - ok
12:16:57.0952 7844 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:16:57.0952 7844 intelide - ok
12:16:57.0968 7844 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:16:57.0968 7844 intelppm - ok
12:16:57.0984 7844 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:16:57.0984 7844 IPBusEnum - ok
12:16:57.0999 7844 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:16:57.0999 7844 IpFilterDriver - ok
12:16:57.0999 7844 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:16:57.0999 7844 IPMIDRV - ok
12:16:58.0015 7844 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:16:58.0015 7844 IPNAT - ok
12:16:58.0140 7844 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
12:16:58.0140 7844 iPod Service - ok
12:16:58.0171 7844 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:16:58.0171 7844 IRENUM - ok
12:16:58.0186 7844 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:16:58.0186 7844 isapnp - ok
12:16:58.0202 7844 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:16:58.0202 7844 iScsiPrt - ok
12:16:58.0218 7844 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:16:58.0218 7844 kbdclass - ok
12:16:58.0233 7844 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
12:16:58.0233 7844 kbdhid - ok
12:16:58.0249 7844 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:16:58.0249 7844 KeyIso - ok
12:16:58.0280 7844 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
12:16:58.0280 7844 KSecDD - ok
12:16:58.0296 7844 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
12:16:58.0296 7844 KSecPkg - ok
12:16:58.0296 7844 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:16:58.0296 7844 ksthunk - ok
12:16:58.0327 7844 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:16:58.0342 7844 KtmRm - ok
12:16:58.0358 7844 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
12:16:58.0358 7844 LanmanServer - ok
12:16:58.0374 7844 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:16:58.0374 7844 LanmanWorkstation - ok
12:16:58.0405 7844 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:16:58.0405 7844 lltdio - ok
12:16:58.0436 7844 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:16:58.0436 7844 lltdsvc - ok
12:16:58.0452 7844 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:16:58.0452 7844 lmhosts - ok
12:16:58.0576 7844 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
12:16:58.0576 7844 LMIGuardianSvc - ok
12:16:58.0623 7844 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
12:16:58.0623 7844 LMIInfo - ok
12:16:58.0670 7844 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
12:16:58.0670 7844 LMIMaint - ok
12:16:58.0686 7844 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
12:16:58.0701 7844 lmimirr - ok
12:16:58.0701 7844 LMIRfsClientNP - ok
12:16:58.0748 7844 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
12:16:58.0748 7844 LMIRfsDriver - ok
12:16:58.0764 7844 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
12:16:58.0764 7844 LogMeIn - ok
12:16:58.0779 7844 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
12:16:58.0779 7844 LSI_FC - ok
12:16:58.0795 7844 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
12:16:58.0795 7844 LSI_SAS - ok
12:16:58.0810 7844 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
12:16:58.0810 7844 LSI_SAS2 - ok
12:16:58.0810 7844 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
12:16:58.0810 7844 LSI_SCSI - ok
12:16:58.0842 7844 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:16:58.0842 7844 luafv - ok
12:16:58.0888 7844 lxefCATSCustConnectService (0c650620d4146e5eda65b93ec659a1e5) C:\Windows\system32\spool\DRIVERS\x64\3\\lxefserv.exe
12:16:58.0888 7844 lxefCATSCustConnectService - ok
12:16:58.0904 7844 lxef_device - ok
12:16:58.0920 7844 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:16:58.0920 7844 Mcx2Svc - ok
12:16:58.0935 7844 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
12:16:58.0935 7844 megasas - ok
12:16:58.0951 7844 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
12:16:58.0951 7844 MegaSR - ok
12:16:58.0982 7844 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
12:16:58.0982 7844 MEIx64 - ok
12:16:59.0013 7844 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:16:59.0013 7844 MMCSS - ok
12:16:59.0091 7844 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:16:59.0091 7844 Modem - ok
12:16:59.0138 7844 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:16:59.0138 7844 monitor - ok
12:16:59.0154 7844 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:16:59.0154 7844 mouclass - ok
12:16:59.0169 7844 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:16:59.0185 7844 mouhid - ok
12:16:59.0185 7844 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:16:59.0185 7844 mountmgr - ok
12:16:59.0294 7844 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:16:59.0294 7844 MozillaMaintenance - ok
12:16:59.0341 7844 mozybackup (19b2629c3f8e02b2e823738ff0ab1bfd) C:\Program Files\MozyHome\mozybackup.exe
12:16:59.0341 7844 mozybackup - ok
12:16:59.0356 7844 mozyFilter (a5c8838b68eddd5c738308b3a50cb350) C:\Windows\system32\DRIVERS\mozy.sys
12:16:59.0356 7844 mozyFilter - ok
12:16:59.0372 7844 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:16:59.0372 7844 mpio - ok
12:16:59.0403 7844 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:16:59.0403 7844 mpsdrv - ok
12:16:59.0419 7844 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:16:59.0419 7844 MRxDAV - ok
12:16:59.0434 7844 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:16:59.0434 7844 mrxsmb - ok
12:16:59.0481 7844 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:16:59.0481 7844 mrxsmb10 - ok
12:16:59.0512 7844 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:16:59.0512 7844 mrxsmb20 - ok
12:16:59.0512 7844 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:16:59.0512 7844 msahci - ok
12:16:59.0528 7844 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:16:59.0528 7844 msdsm - ok
12:16:59.0544 7844 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:16:59.0559 7844 MSDTC - ok
12:16:59.0575 7844 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:16:59.0575 7844 Msfs - ok
12:16:59.0590 7844 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:16:59.0590 7844 mshidkmdf - ok
12:16:59.0590 7844 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:16:59.0590 7844 msisadrv - ok
12:16:59.0622 7844 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:16:59.0622 7844 MSiSCSI - ok
12:16:59.0622 7844 msiserver - ok
12:16:59.0637 7844 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:16:59.0637 7844 MSKSSRV - ok
12:16:59.0637 7844 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:16:59.0637 7844 MSPCLOCK - ok
12:16:59.0637 7844 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:16:59.0637 7844 MSPQM - ok
12:16:59.0653 7844 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:16:59.0668 7844 MsRPC - ok
12:16:59.0684 7844 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
12:16:59.0684 7844 mssmbios - ok
12:16:59.0684 7844 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:16:59.0684 7844 MSTEE - ok
12:16:59.0684 7844 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
12:16:59.0684 7844 MTConfig - ok
12:16:59.0684 7844 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:16:59.0684 7844 Mup - ok
12:16:59.0715 7844 mv61xx (7e045af28f71851aa5ece8c78aefce46) C:\Windows\system32\DRIVERS\mv61xx.sys
12:16:59.0715 7844 mv61xx - ok
12:16:59.0746 7844 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:16:59.0746 7844 napagent - ok
12:16:59.0778 7844 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:16:59.0778 7844 NativeWifiP - ok
12:16:59.0824 7844 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:16:59.0824 7844 NDIS - ok
12:16:59.0824 7844 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:16:59.0824 7844 NdisCap - ok
12:16:59.0840 7844 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:16:59.0840 7844 NdisTapi - ok
12:16:59.0856 7844 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:16:59.0856 7844 Ndisuio - ok
12:16:59.0871 7844 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:16:59.0871 7844 NdisWan - ok
12:16:59.0887 7844 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:16:59.0887 7844 NDProxy - ok
12:16:59.0887 7844 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:16:59.0887 7844 NetBIOS - ok
12:16:59.0902 7844 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:16:59.0902 7844 NetBT - ok
12:16:59.0918 7844 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:16:59.0918 7844 Netlogon - ok
12:16:59.0949 7844 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:16:59.0949 7844 Netman - ok
12:16:59.0980 7844 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:16:59.0980 7844 netprofm - ok
12:17:00.0058 7844 netr28ux (5eb01f698c4e2c11598934d4540047ca) C:\Windows\system32\DRIVERS\netr28ux.sys
12:17:00.0074 7844 netr28ux - ok
12:17:00.0121 7844 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:17:00.0121 7844 NetTcpPortSharing - ok
12:17:00.0183 7844 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
12:17:00.0199 7844 nfrd960 - ok
12:17:00.0230 7844 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:17:00.0230 7844 NlaSvc - ok
12:17:00.0261 7844 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:17:00.0261 7844 Npfs - ok
12:17:00.0277 7844 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:17:00.0277 7844 nsi - ok
12:17:00.0292 7844 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:17:00.0292 7844 nsiproxy - ok
12:17:00.0355 7844 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:17:00.0386 7844 Ntfs - ok
12:17:00.0495 7844 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys
12:17:00.0495 7844 NuidFltr - ok
12:17:00.0511 7844 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:17:00.0511 7844 Null - ok
12:17:00.0542 7844 nusb3hub (01266516e6e88d183a2b58722eeb4443) C:\Windows\system32\DRIVERS\nusb3hub.sys
12:17:00.0542 7844 nusb3hub - ok
12:17:00.0558 7844 nusb3xhc (5ec04f55cc5f165f21752712437df638) C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:17:00.0558 7844 nusb3xhc - ok
12:17:00.0589 7844 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
12:17:00.0604 7844 NVHDA - ok
12:17:00.0885 7844 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:17:01.0041 7844 nvlddmkm - ok
12:17:01.0119 7844 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:17:01.0119 7844 nvraid - ok
12:17:01.0135 7844 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:17:01.0135 7844 nvstor - ok
12:17:01.0182 7844 nvsvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe
12:17:01.0197 7844 nvsvc - ok
12:17:01.0275 7844 nvUpdatusService (e7818cd4fb51284c948d68a7a85a69b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:17:01.0291 7844 nvUpdatusService - ok
12:17:01.0384 7844 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:17:01.0384 7844 nv_agp - ok
12:17:01.0384 7844 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:17:01.0384 7844 ohci1394 - ok
12:17:01.0462 7844 OpenVPNService (6c2e3718a4df94958515d30d8ac52e52) C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
12:17:01.0462 7844 OpenVPNService - ok
12:17:01.0494 7844 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:17:01.0494 7844 ose - ok
12:17:01.0525 7844 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:17:01.0540 7844 p2pimsvc - ok
12:17:01.0556 7844 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:17:01.0556 7844 p2psvc - ok
12:17:01.0587 7844 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
12:17:01.0587 7844 Parport - ok
12:17:01.0618 7844 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:17:01.0618 7844 partmgr - ok
12:17:01.0634 7844 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:17:01.0634 7844 PcaSvc - ok
12:17:01.0650 7844 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:17:01.0650 7844 pci - ok
12:17:01.0665 7844 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:17:01.0665 7844 pciide - ok
12:17:01.0681 7844 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
12:17:01.0681 7844 pcmcia - ok
12:17:01.0696 7844 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:17:01.0696 7844 pcw - ok
12:17:01.0743 7844 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:17:01.0743 7844 PEAUTH - ok
12:17:01.0790 7844 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
12:17:01.0806 7844 PeerDistSvc - ok
12:17:01.0868 7844 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:17:01.0868 7844 PerfHost - ok
12:17:01.0930 7844 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:17:01.0946 7844 pla - ok
12:17:01.0977 7844 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:17:01.0993 7844 PlugPlay - ok
12:17:02.0008 7844 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:17:02.0008 7844 PNRPAutoReg - ok
12:17:02.0040 7844 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:17:02.0040 7844 PNRPsvc - ok
12:17:02.0086 7844 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
12:17:02.0086 7844 Point64 - ok
12:17:02.0118 7844 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:17:02.0133 7844 PolicyAgent - ok
12:17:02.0164 7844 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:17:02.0164 7844 Power - ok
12:17:02.0180 7844 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:17:02.0180 7844 PptpMiniport - ok
12:17:02.0196 7844 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
12:17:02.0196 7844 Processor - ok
12:17:02.0227 7844 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
12:17:02.0227 7844 ProfSvc - ok
12:17:02.0258 7844 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:17:02.0258 7844 ProtectedStorage - ok
12:17:02.0274 7844 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:17:02.0274 7844 Psched - ok
12:17:02.0320 7844 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
12:17:02.0336 7844 ql2300 - ok
12:17:02.0414 7844 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
12:17:02.0414 7844 ql40xx - ok
12:17:02.0430 7844 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:17:02.0445 7844 QWAVE - ok
12:17:02.0445 7844 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:17:02.0445 7844 QWAVEdrv - ok
12:17:02.0492 7844 radpms (58435613c2537715a9423597ec6635cc) C:\Windows\system32\DRIVERS\radpms.sys
12:17:02.0492 7844 radpms - ok
12:17:02.0508 7844 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:17:02.0508 7844 RasAcd - ok
12:17:02.0523 7844 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:17:02.0539 7844 RasAgileVpn - ok
12:17:02.0554 7844 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:17:02.0554 7844 RasAuto - ok
12:17:02.0570 7844 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:17:02.0570 7844 Rasl2tp - ok
12:17:02.0586 7844 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:17:02.0586 7844 RasMan - ok
12:17:02.0601 7844 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:17:02.0601 7844 RasPppoe - ok
12:17:02.0617 7844 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:17:02.0617 7844 RasSstp - ok
12:17:02.0632 7844 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:17:02.0632 7844 rdbss - ok
12:17:02.0632 7844 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:17:02.0632 7844 rdpbus - ok
12:17:02.0648 7844 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:17:02.0648 7844 RDPCDD - ok
12:17:02.0664 7844 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
12:17:02.0679 7844 RDPDR - ok
12:17:02.0679 7844 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:17:02.0679 7844 RDPENCDD - ok
12:17:02.0679 7844 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:17:02.0695 7844 RDPREFMP - ok
12:17:02.0710 7844 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
12:17:02.0710 7844 RDPWD - ok
12:17:02.0726 7844 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:17:02.0742 7844 rdyboost - ok
12:17:02.0757 7844 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:17:02.0757 7844 RemoteAccess - ok
12:17:02.0773 7844 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:17:02.0788 7844 RemoteRegistry - ok
12:17:02.0804 7844 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:17:02.0804 7844 RpcEptMapper - ok
12:17:02.0820 7844 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:17:02.0835 7844 RpcLocator - ok
12:17:02.0851 7844 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:17:02.0851 7844 RpcSs - ok
12:17:02.0866 7844 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:17:02.0866 7844 rspndr - ok
12:17:02.0882 7844 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
12:17:02.0882 7844 s3cap - ok
12:17:02.0913 7844 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:17:02.0913 7844 SamSs - ok
12:17:02.0991 7844 SANDRA (5efbbfcc6adac121c8e2fe76641ed329) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\WNt500x64\Sandra.sys
12:17:02.0991 7844 SANDRA - ok
12:17:02.0991 7844 SandraAgentSrv (df7d83053f32dd52b7cc079eb3342c24) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\RpcAgentSrv.exe
12:17:03.0007 7844 SandraAgentSrv - ok
12:17:03.0007 7844 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:17:03.0007 7844 sbp2port - ok
12:17:03.0241 7844 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:17:03.0241 7844 SCardSvr - ok
12:17:03.0272 7844 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:17:03.0272 7844 scfilter - ok
12:17:03.0303 7844 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:17:03.0319 7844 Schedule - ok
12:17:03.0334 7844 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:17:03.0334 7844 SCPolicySvc - ok
12:17:03.0350 7844 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:17:03.0366 7844 SDRSVC - ok
12:17:03.0397 7844 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:17:03.0397 7844 secdrv - ok
12:17:03.0397 7844 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:17:03.0397 7844 seclogon - ok
12:17:03.0412 7844 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:17:03.0412 7844 SENS - ok
12:17:03.0428 7844 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:17:03.0428 7844 SensrSvc - ok
12:17:03.0428 7844 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
12:17:03.0428 7844 Serenum - ok
12:17:03.0444 7844 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
12:17:03.0444 7844 Serial - ok
12:17:03.0459 7844 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
12:17:03.0459 7844 sermouse - ok
12:17:03.0475 7844 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:17:03.0475 7844 SessionEnv - ok
12:17:03.0490 7844 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:17:03.0490 7844 sffdisk - ok
12:17:03.0490 7844 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:17:03.0490 7844 sffp_mmc - ok
12:17:03.0490 7844 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:17:03.0490 7844 sffp_sd - ok
12:17:03.0490 7844 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
12:17:03.0490 7844 sfloppy - ok
12:17:03.0506 7844 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:17:03.0506 7844 ShellHWDetection - ok
12:17:03.0522 7844 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
12:17:03.0522 7844 SiSRaid2 - ok
12:17:03.0537 7844 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
12:17:03.0537 7844 SiSRaid4 - ok
12:17:03.0553 7844 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:17:03.0553 7844 Smb - ok
12:17:03.0584 7844 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:17:03.0584 7844 SNMPTRAP - ok
12:17:03.0600 7844 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:17:03.0600 7844 spldr - ok
12:17:03.0615 7844 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:17:03.0615 7844 Spooler - ok
12:17:03.0693 7844 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:17:03.0709 7844 sppsvc - ok
12:17:04.0504 7844 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:17:04.0504 7844 sppuinotify - ok
12:17:04.0598 7844 SpyHunter 4 Service (45a20a8416ee7dc7711953cc68b07643) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
12:17:04.0598 7844 SpyHunter 4 Service - ok
12:17:04.0629 7844 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:17:04.0629 7844 srv - ok
12:17:04.0645 7844 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:17:04.0645 7844 srv2 - ok
12:17:04.0660 7844 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:17:04.0660 7844 srvnet - ok
12:17:04.0692 7844 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:17:04.0692 7844 SSDPSRV - ok
12:17:04.0707 7844 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:17:04.0707 7844 SstpSvc - ok
12:17:04.0723 7844 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
12:17:04.0723 7844 stexstor - ok
12:17:04.0754 7844 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:17:04.0754 7844 stisvc - ok
12:17:04.0770 7844 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
12:17:04.0770 7844 storflt - ok
12:17:04.0785 7844 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
12:17:04.0785 7844 StorSvc - ok
12:17:04.0816 7844 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
12:17:04.0816 7844 storvsc - ok
12:17:04.0816 7844 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
12:17:04.0816 7844 swenum - ok
12:17:04.0941 7844 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:17:04.0941 7844 SwitchBoard - ok
12:17:04.0972 7844 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:17:04.0972 7844 swprv - ok
12:17:05.0050 7844 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:17:05.0066 7844 SysMain - ok
12:17:05.0674 7844 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:17:05.0674 7844 TabletInputService - ok
12:17:05.0721 7844 tap0901 (6e8732acfd4c8d1ec4a4e872168b8b92) C:\Windows\system32\DRIVERS\tap0901.sys
12:17:05.0721 7844 tap0901 - ok
12:17:05.0737 7844 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:17:05.0737 7844 TapiSrv - ok
12:17:05.0752 7844 tapoas (927d0cdb3f96efc1e98fb1a2c9fb67ad) C:\Windows\system32\DRIVERS\tapoas.sys
12:17:05.0752 7844 tapoas - ok
12:17:05.0752 7844 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:17:05.0752 7844 TBS - ok
12:17:05.0830 7844 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:17:05.0846 7844 Tcpip - ok
12:17:06.0501 7844 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:17:06.0517 7844 TCPIP6 - ok
12:17:07.0172 7844 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:17:07.0172 7844 tcpipreg - ok
12:17:07.0172 7844 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:17:07.0172 7844 TDPIPE - ok
12:17:07.0219 7844 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:17:07.0219 7844 TDTCP - ok
12:17:07.0250 7844 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:17:07.0250 7844 tdx - ok
12:17:07.0266 7844 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
12:17:07.0266 7844 TermDD - ok
12:17:07.0297 7844 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:17:07.0297 7844 TermService - ok
12:17:07.0312 7844 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:17:07.0312 7844 Themes - ok
12:17:07.0344 7844 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:17:07.0344 7844 THREADORDER - ok
12:17:07.0359 7844 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:17:07.0359 7844 TrkWks - ok
12:17:07.0390 7844 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:17:07.0390 7844 TrustedInstaller - ok
12:17:07.0406 7844 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:17:07.0406 7844 tssecsrv - ok
12:17:07.0437 7844 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:17:07.0437 7844 TsUsbFlt - ok
12:17:07.0437 7844 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
12:17:07.0437 7844 TsUsbGD - ok
12:17:07.0453 7844 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:17:07.0453 7844 tunnel - ok
12:17:07.0468 7844 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
12:17:07.0468 7844 uagp35 - ok
12:17:07.0484 7844 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:17:07.0484 7844 udfs - ok
12:17:07.0500 7844 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:17:07.0500 7844 UI0Detect - ok
12:17:07.0531 7844 UimBus (4bf243bf18de55c08a021dd37f54a097) C:\Windows\system32\DRIVERS\uimx64.sys
12:17:07.0531 7844 UimBus - ok
12:17:07.0546 7844 Uim_IM (743affe7920184238d37f4307198313b) C:\Windows\system32\Drivers\Uim_IMx64.sys
12:17:07.0546 7844 Uim_IM - ok
12:17:07.0562 7844 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:17:07.0562 7844 uliagpkx - ok
12:17:07.0578 7844 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
12:17:07.0593 7844 umbus - ok
12:17:07.0593 7844 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
12:17:07.0593 7844 UmPass - ok
12:17:07.0609 7844 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
12:17:07.0609 7844 UmRdpService - ok
12:17:07.0624 7844 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:17:07.0640 7844 upnphost - ok
12:17:07.0656 7844 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
12:17:07.0656 7844 USBAAPL64 - ok
12:17:07.0687 7844 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
12:17:07.0687 7844 usbccgp - ok
12:17:07.0687 7844 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:17:07.0687 7844 usbcir - ok
12:17:07.0718 7844 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:17:07.0718 7844 usbehci - ok
12:17:07.0749 7844 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:17:07.0749 7844 usbhub - ok
12:17:07.0780 7844 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:17:07.0780 7844 usbohci - ok
12:17:07.0796 7844 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
12:17:07.0796 7844 usbprint - ok
12:17:07.0812 7844 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:17:07.0812 7844 usbscan - ok
12:17:07.0827 7844 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:17:07.0827 7844 USBSTOR - ok
12:17:07.0843 7844 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:17:07.0843 7844 usbuhci - ok
12:17:07.0874 7844 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:17:07.0874 7844 UxSms - ok
12:17:07.0890 7844 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:17:07.0890 7844 VaultSvc - ok
12:17:07.0921 7844 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
12:17:07.0921 7844 VClone - ok
12:17:07.0952 7844 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:17:07.0952 7844 vdrvroot - ok
12:17:07.0968 7844 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:17:07.0968 7844 vds - ok
12:17:07.0999 7844 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:17:07.0999 7844 vga - ok
12:17:08.0014 7844 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:17:08.0014 7844 VgaSave - ok
12:17:08.0030 7844 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:17:08.0030 7844 vhdmp - ok
12:17:08.0046 7844 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:17:08.0046 7844 viaide - ok
12:17:08.0061 7844 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
12:17:08.0061 7844 vmbus - ok
12:17:08.0077 7844 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
12:17:08.0077 7844 VMBusHID - ok
12:17:08.0092 7844 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:17:08.0092 7844 volmgr - ok
12:17:08.0108 7844 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:17:08.0108 7844 volmgrx - ok
12:17:08.0124 7844 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:17:08.0124 7844 volsnap - ok
12:17:08.0202 7844 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
12:17:08.0202 7844 vsmraid - ok
12:17:08.0264 7844 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:17:08.0295 7844 VSS - ok
12:17:09.0309 7844 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:17:09.0309 7844 vwifibus - ok
12:17:09.0340 7844 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:17:09.0340 7844 vwififlt - ok
12:17:09.0356 7844 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:17:09.0356 7844 W32Time - ok
12:17:09.0387 7844 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
12:17:09.0387 7844 WacomPen - ok
12:17:09.0403 7844 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:17:09.0403 7844 WANARP - ok
12:17:09.0403 7844 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:17:09.0403 7844 Wanarpv6 - ok
12:17:09.0450 7844 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:17:09.0450 7844 WatAdminSvc - ok
12:17:09.0512 7844 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:17:09.0528 7844 wbengine - ok
12:17:10.0495 7844 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:17:10.0495 7844 WbioSrvc - ok
12:17:10.0510 7844 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:17:10.0510 7844 wcncsvc - ok
12:17:10.0526 7844 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:17:10.0526 7844 WcsPlugInService - ok
12:17:10.0557 7844 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
12:17:10.0557 7844 Wd - ok
12:17:10.0588 7844 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
12:17:10.0588 7844 WDC_SAM - ok
12:17:10.0604 7844 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:17:10.0620 7844 Wdf01000 - ok
12:17:10.0620 7844 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:17:10.0620 7844 WdiServiceHost - ok
12:17:10.0620 7844 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:17:10.0620 7844 WdiSystemHost - ok
12:17:10.0635 7844 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:17:10.0651 7844 WebClient - ok
12:17:10.0651 7844 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:17:10.0651 7844 Wecsvc - ok
12:17:10.0666 7844 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:17:10.0666 7844 wercplsupport - ok
12:17:10.0698 7844 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:17:10.0698 7844 WerSvc - ok
12:17:10.0744 7844 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:17:10.0744 7844 WfpLwf - ok
12:17:10.0744 7844 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:17:10.0744 7844 WIMMount - ok
12:17:10.0744 7844 WinHttpAutoProxySvc - ok
12:17:10.0791 7844 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:17:10.0791 7844 Winmgmt - ok
12:17:10.0854 7844 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:17:10.0885 7844 WinRM - ok
12:17:11.0899 7844 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:17:11.0899 7844 WinUsb - ok
12:17:11.0930 7844 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:17:11.0930 7844 Wlansvc - ok
12:17:11.0961 7844 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:17:11.0961 7844 WmiAcpi - ok
12:17:12.0008 7844 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:17:12.0008 7844 wmiApSrv - ok
12:17:12.0086 7844 WMPNetworkSvc - ok
12:17:12.0102 7844 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:17:12.0102 7844 WPCSvc - ok
12:17:12.0117 7844 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:17:12.0117 7844 WPDBusEnum - ok
12:17:12.0133 7844 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:17:12.0133 7844 ws2ifsl - ok
12:17:12.0133 7844 WSearch - ok
12:17:12.0148 7844 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:17:12.0148 7844 WudfPf - ok
12:17:12.0164 7844 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:17:12.0164 7844 WUDFRd - ok
12:17:12.0180 7844 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:17:12.0180 7844 wudfsvc - ok
12:17:12.0195 7844 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:17:12.0195 7844 WwanSvc - ok
12:17:12.0211 7844 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:17:12.0414 7844 \Device\Harddisk0\DR0 - ok
12:17:12.0429 7844 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
12:17:12.0429 7844 \Device\Harddisk1\DR1 - ok
12:17:12.0429 7844 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
12:17:12.0429 7844 \Device\Harddisk2\DR2 - ok
12:17:12.0429 7844 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
12:17:12.0429 7844 \Device\Harddisk3\DR3 - ok
12:17:12.0429 7844 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk4\DR4
12:17:12.0429 7844 \Device\Harddisk4\DR4 - ok
12:17:12.0445 7844 Boot (0x1200) (1d2cb8150f0740eb48d664aa25ad3815) \Device\Harddisk0\DR0\Partition0
12:17:12.0445 7844 \Device\Harddisk0\DR0\Partition0 - ok
12:17:12.0445 7844 Boot (0x1200) (bc2a3a7628ae1e115bff7546ca69bf1a) \Device\Harddisk1\DR1\Partition0
12:17:12.0445 7844 \Device\Harddisk1\DR1\Partition0 - ok
12:17:12.0445 7844 Boot (0x1200) (18dfeb311eea2ed9e116ccdfd8e31239) \Device\Harddisk2\DR2\Partition0
12:17:12.0445 7844 \Device\Harddisk2\DR2\Partition0 - ok
12:17:12.0445 7844 Boot (0x1200) (679468958eaf69d7baf921957bb6c2fa) \Device\Harddisk3\DR3\Partition0
12:17:12.0445 7844 \Device\Harddisk3\DR3\Partition0 - ok
12:17:12.0445 7844 Boot (0x1200) (2850fe8e11c8cd6bbdf902ac145d278c) \Device\Harddisk4\DR4\Partition0
12:17:12.0445 7844 \Device\Harddisk4\DR4\Partition0 - ok
12:17:12.0445 7844 ============================================================
12:17:12.0445 7844 Scan finished
12:17:12.0445 7844 ============================================================
12:17:12.0460 6752 Detected object count: 0
12:17:12.0460 6752 Actual detected object count: 0
12:17:36.0250 4872 ============================================================
12:17:36.0250 4872 Scan started
12:17:36.0250 4872 Mode: Manual; TDLFS;
12:17:36.0250 4872 ============================================================
12:17:36.0469 4872 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
12:17:36.0469 4872 1394ohci - ok
12:17:36.0484 4872 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:17:36.0484 4872 ACPI - ok
12:17:36.0516 4872 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:17:36.0516 4872 AcpiPmi - ok
12:17:36.0625 4872 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:17:36.0625 4872 AdobeARMservice - ok
12:17:37.0389 4872 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:17:37.0389 4872 AdobeFlashPlayerUpdateSvc - ok
12:17:37.0405 4872 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
12:17:37.0405 4872 adp94xx - ok
12:17:37.0436 4872 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
12:17:37.0436 4872 adpahci - ok
12:17:37.0452 4872 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
12:17:37.0452 4872 adpu320 - ok
12:17:37.0467 4872 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:17:37.0467 4872 AeLookupSvc - ok
12:17:37.0498 4872 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:17:37.0498 4872 AFD - ok
12:17:37.0514 4872 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:17:37.0514 4872 agp440 - ok
12:17:37.0530 4872 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:17:37.0530 4872 ALG - ok
12:17:37.0530 4872 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:17:37.0530 4872 aliide - ok
12:17:37.0561 4872 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:17:37.0561 4872 amdide - ok
12:17:37.0561 4872 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
12:17:37.0561 4872 AmdK8 - ok
12:17:37.0576 4872 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
12:17:37.0576 4872 AmdPPM - ok
12:17:37.0592 4872 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:17:37.0592 4872 amdsata - ok
12:17:37.0623 4872 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
12:17:37.0623 4872 amdsbs - ok
12:17:37.0623 4872 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:17:37.0623 4872 amdxata - ok
12:17:37.0654 4872 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:17:37.0654 4872 AppID - ok
12:17:37.0670 4872 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:17:37.0670 4872 AppIDSvc - ok
12:17:37.0670 4872 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:17:37.0670 4872 Appinfo - ok
12:17:37.0779 4872 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:17:37.0779 4872 Apple Mobile Device - ok
12:17:37.0795 4872 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
12:17:37.0795 4872 AppMgmt - ok
12:17:37.0810 4872 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
12:17:37.0810 4872 arc - ok
12:17:37.0842 4872 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
12:17:37.0842 4872 arcsas - ok
12:17:37.0842 4872 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:17:37.0842 4872 AsyncMac - ok
12:17:37.0873 4872 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:17:37.0873 4872 atapi - ok
12:17:37.0904 4872 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:17:37.0904 4872 AudioEndpointBuilder - ok
12:17:37.0904 4872 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:17:37.0920 4872 AudioSrv - ok
12:17:37.0920 4872 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:17:37.0920 4872 AxInstSV - ok
12:17:37.0951 4872 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
12:17:37.0951 4872 b06bdrv - ok
12:17:37.0982 4872 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:17:37.0982 4872 b57nd60a - ok
12:17:37.0982 4872 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:17:37.0982 4872 BDESVC - ok
12:17:37.0998 4872 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:17:37.0998 4872 Beep - ok
12:17:38.0013 4872 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:17:38.0013 4872 blbdrive - ok
12:17:38.0154 4872 Bluetooth Device Manager (e7062088161c56bf42e7dba53664e584) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
12:17:38.0169 4872 Bluetooth Device Manager - ok
12:17:38.0200 4872 Bluetooth Media Service (21b1cb06c0254bbc08b8c30d8f282e69) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
12:17:38.0200 4872 Bluetooth Media Service - ok
12:17:38.0232 4872 Bluetooth OBEX Service (0bc0dc720f22a9d6d721fd5b7d15e84f) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
12:17:38.0232 4872 Bluetooth OBEX Service - ok
12:17:38.0263 4872 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:17:38.0263 4872 Bonjour Service - ok
12:17:38.0341 4872 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:17:38.0341 4872 bowser - ok
12:17:38.0356 4872 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
12:17:38.0356 4872 BrFiltLo - ok
12:17:38.0356 4872 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
12:17:38.0356 4872 BrFiltUp - ok
12:17:38.0372 4872 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
12:17:38.0372 4872 BridgeMP - ok
12:17:38.0388 4872 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:17:38.0388 4872 Browser - ok
12:17:38.0403 4872 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:17:38.0403 4872 Brserid - ok
12:17:38.0419 4872 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:17:38.0419 4872 BrSerWdm - ok
12:17:38.0419 4872 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:17:38.0419 4872 BrUsbMdm - ok
12:17:38.0434 4872 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:17:38.0434 4872 BrUsbSer - ok
12:17:38.0434 4872 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
12:17:38.0434 4872 BTHMODEM - ok
12:17:38.0450 4872 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:17:38.0450 4872 bthserv - ok
12:17:38.0466 4872 BTMCOM (6d3ff2b480f7ab8da103cbc7fbeacd48) C:\Windows\system32\Drivers\btmcom.sys
12:17:38.0466 4872 BTMCOM - ok
12:17:38.0512 4872 BTMUSB (8515aa7dc5ecebdfcc480d2001398bd7) C:\Windows\system32\Drivers\btmusb.sys
12:17:38.0512 4872 BTMUSB - ok
12:17:38.0512 4872 catchme - ok
12:17:38.0544 4872 cbfs3 (b9f9b339e3996a28a37b55b1c74e1d66) C:\Windows\system32\drivers\cbfs3.sys
12:17:38.0544 4872 cbfs3 - ok
12:17:38.0559 4872 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:17:38.0559 4872 cdfs - ok
12:17:38.0590 4872 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:17:38.0590 4872 cdrom - ok
12:17:38.0606 4872 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:17:38.0606 4872 CertPropSvc - ok
12:17:38.0606 4872 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
12:17:38.0622 4872 circlass - ok
12:17:38.0637 4872 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:17:38.0637 4872 CLFS - ok
12:17:38.0700 4872 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:17:38.0700 4872 clr_optimization_v2.0.50727_32 - ok
12:17:38.0731 4872 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:17:38.0731 4872 clr_optimization_v2.0.50727_64 - ok
12:17:38.0918 4872 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:17:38.0918 4872 clr_optimization_v4.0.30319_32 - ok
12:17:38.0934 4872 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:17:38.0934 4872 clr_optimization_v4.0.30319_64 - ok
12:17:38.0949 4872 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
12:17:38.0949 4872 CmBatt - ok
12:17:38.0965 4872 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:17:38.0965 4872 cmdide - ok
12:17:38.0996 4872 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
12:17:38.0996 4872 CNG - ok
12:17:39.0012 4872 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
12:17:39.0012 4872 Compbatt - ok
12:17:39.0043 4872 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
12:17:39.0043 4872 CompositeBus - ok
12:17:39.0043 4872 COMSysApp - ok
12:17:39.0043 4872 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
12:17:39.0043 4872 crcdisk - ok
12:17:39.0074 4872 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
12:17:39.0074 4872 CryptSvc - ok
12:17:39.0090 4872 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
12:17:39.0105 4872 CSC - ok
12:17:39.0136 4872 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
12:17:39.0136 4872 CscService - ok
12:17:39.0152 4872 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
12:17:39.0152 4872 dc3d - ok
12:17:39.0183 4872 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:17:39.0183 4872 DcomLaunch - ok
12:17:39.0199 4872 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:17:39.0199 4872 defragsvc - ok
12:17:39.0214 4872 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:17:39.0214 4872 DfsC - ok
12:17:39.0230 4872 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:17:39.0230 4872 Dhcp - ok
12:17:39.0246 4872 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:17:39.0246 4872 discache - ok
12:17:39.0261 4872 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
12:17:39.0261 4872 Disk - ok
12:17:39.0277 4872 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
12:17:39.0277 4872 dmvsc - ok
12:17:39.0292 4872 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:17:39.0292 4872 Dnscache - ok
12:17:39.0308 4872 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:17:39.0308 4872 dot3svc - ok
12:17:39.0308 4872 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:17:39.0308 4872 DPS - ok
12:17:39.0324 4872 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:17:39.0324 4872 drmkaud - ok
12:17:39.0355 4872 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:17:39.0370 4872 DXGKrnl - ok
12:17:39.0370 4872 e1cexpress (471612d324d8682b98b267bd091d2219) C:\Windows\system32\DRIVERS\e1c62x64.sys
12:17:39.0370 4872 e1cexpress - ok
12:17:39.0386 4872 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:17:39.0386 4872 EapHost - ok
12:17:39.0480 4872 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
12:17:39.0480 4872 ebdrv - ok
12:17:39.0558 4872 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:17:39.0558 4872 EFS - ok
12:17:39.0604 4872 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:17:39.0620 4872 ehRecvr - ok
12:17:39.0620 4872 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:17:39.0620 4872 ehSched - ok
12:17:39.0651 4872 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
12:17:39.0651 4872 ElbyCDIO - ok
12:17:39.0698 4872 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
12:17:39.0698 4872 elxstor - ok
12:17:39.0714 4872 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:17:39.0714 4872 ErrDev - ok
12:17:39.0792 4872 esgiguard (df96c3cd6ae15f6d0a6bcb70f9c1e88d) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
12:17:39.0792 4872 esgiguard - ok
12:17:39.0823 4872 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:17:39.0823 4872 EventSystem - ok
12:17:39.0838 4872 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:17:39.0838 4872 exfat - ok
12:17:39.0870 4872 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:17:39.0870 4872 fastfat - ok
12:17:39.0885 4872 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:17:39.0901 4872 Fax - ok
12:17:39.0901 4872 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
12:17:39.0901 4872 fdc - ok
12:17:39.0901 4872 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:17:39.0901 4872 fdPHost - ok
12:17:39.0916 4872 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:17:39.0916 4872 FDResPub - ok
12:17:39.0932 4872 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:17:39.0932 4872 FileInfo - ok
12:17:39.0948 4872 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:17:39.0948 4872 Filetrace - ok
12:17:40.0010 4872 FLEXnet Licensing Service (3d9b36631032fde0ffea0dc0260e4e35) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:17:40.0010 4872 FLEXnet Licensing Service - ok
12:17:40.0072 4872 FLEXnet Licensing Service 64 (52c0312ab35eb7187015fb6a99136bb5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:17:40.0072 4872 FLEXnet Licensing Service 64 - ok
12:17:40.0135 4872 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
12:17:40.0135 4872 flpydisk - ok
12:17:40.0150 4872 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:17:40.0150 4872 FltMgr - ok
12:17:40.0197 4872 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:17:40.0197 4872 FontCache - ok
12:17:40.0260 4872 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:17:40.0260 4872 FontCache3.0.0.0 - ok
12:17:40.0306 4872 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:17:40.0306 4872 FsDepends - ok
12:17:40.0322 4872 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:17:40.0322 4872 Fs_Rec - ok
12:17:40.0338 4872 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:17:40.0338 4872 fvevol - ok
12:17:40.0353 4872 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
12:17:40.0353 4872 gagp30kx - ok
12:17:40.0384 4872 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:17:40.0384 4872 GEARAspiWDM - ok
12:17:40.0416 4872 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:17:40.0416 4872 gpsvc - ok
12:17:40.0494 4872 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:17:40.0494 4872 gupdate - ok
12:17:40.0494 4872 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:17:40.0494 4872 gupdatem - ok
12:17:40.0509 4872 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:17:40.0509 4872 hcw85cir - ok
12:17:40.0540 4872 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:17:40.0540 4872 HdAudAddService - ok
12:17:40.0556 4872 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:17:40.0556 4872 HDAudBus - ok
12:17:40.0572 4872 hdsp (981135f473d20c32f6bdf5952a08be14) C:\Windows\system32\drivers\hdsp_64.sys
12:17:40.0572 4872 hdsp - ok
12:17:40.0587 4872 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
12:17:40.0587 4872 HidBatt - ok
12:17:40.0587 4872 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
12:17:40.0587 4872 HidBth - ok
12:17:40.0603 4872 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
12:17:40.0603 4872 HidIr - ok
12:17:40.0634 4872 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:17:40.0634 4872 hidserv - ok
12:17:40.0650 4872 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:17:40.0650 4872 HidUsb - ok
12:17:40.0665 4872 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:17:40.0665 4872 hkmsvc - ok
12:17:40.0665 4872 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:17:40.0665 4872 HomeGroupListener - ok
12:17:40.0696 4872 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:17:40.0696 4872 HomeGroupProvider - ok
12:17:40.0712 4872 hotcore3 (cf512ee1c8299766241fc9a9d74f8db0) C:\Windows\system32\DRIVERS\hotcore3.sys
12:17:40.0712 4872 hotcore3 - ok
12:17:40.0743 4872 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:17:40.0743 4872 HpSAMD - ok
12:17:40.0759 4872 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:17:40.0759 4872 HTTP - ok
12:17:40.0774 4872 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:17:40.0774 4872 hwpolicy - ok
12:17:40.0790 4872 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:17:40.0790 4872 i8042prt - ok
12:17:40.0821 4872 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
12:17:40.0821 4872 iaStor - ok
12:17:40.0884 4872 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:17:40.0884 4872 IAStorDataMgrSvc - ok
12:17:40.0915 4872 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:17:40.0915 4872 iaStorV - ok
12:17:40.0993 4872 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:17:40.0993 4872 idsvc - ok
12:17:41.0008 4872 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
12:17:41.0008 4872 iirsp - ok
12:17:41.0055 4872 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:17:41.0055 4872 IKEEXT - ok
12:17:41.0071 4872 Intel® PROSet Monitoring Service (7a3f838f2d7c8fd8e8cff480384a798c) C:\Windows\system32\IProsetMonitor.exe
12:17:41.0071 4872 Intel® PROSet Monitoring Service - ok
12:17:41.0086 4872 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:17:41.0086 4872 intelide - ok
12:17:41.0102 4872 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:17:41.0102 4872 intelppm - ok
12:17:41.0102 4872 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:17:41.0102 4872 IPBusEnum - ok
12:17:41.0118 4872 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:17:41.0118 4872 IpFilterDriver - ok
12:17:41.0133 4872 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:17:41.0133 4872 IPMIDRV - ok
12:17:41.0149 4872 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:17:41.0149 4872 IPNAT - ok
12:17:41.0227 4872 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
12:17:41.0227 4872 iPod Service - ok
12:17:41.0242 4872 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:17:41.0242 4872 IRENUM - ok
12:17:41.0258 4872 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:17:41.0258 4872 isapnp - ok
12:17:41.0289 4872 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:17:41.0289 4872 iScsiPrt - ok
12:17:41.0305 4872 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:17:41.0305 4872 kbdclass - ok
12:17:41.0305 4872 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
12:17:41.0305 4872 kbdhid - ok
12:17:41.0336 4872 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:17:41.0336 4872 KeyIso - ok
12:17:41.0352 4872 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
12:17:41.0352 4872 KSecDD - ok
12:17:41.0367 4872 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
12:17:41.0367 4872 KSecPkg - ok
12:17:41.0383 4872 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:17:41.0383 4872 ksthunk - ok
12:17:41.0398 4872 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:17:41.0398 4872 KtmRm - ok
12:17:41.0430 4872 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
12:17:41.0430 4872 LanmanServer - ok
12:17:41.0461 4872 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:17:41.0461 4872 LanmanWorkstation - ok
12:17:41.0476 4872 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:17:41.0476 4872 lltdio - ok
12:17:41.0492 4872 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:17:41.0492 4872 lltdsvc - ok
12:17:41.0492 4872 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:17:41.0508 4872 lmhosts - ok
12:17:41.0601 4872 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
12:17:41.0601 4872 LMIGuardianSvc - ok
12:17:41.0632 4872 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
12:17:41.0632 4872 LMIInfo - ok
12:17:41.0648 4872 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
12:17:41.0648 4872 LMIMaint - ok
12:17:41.0679 4872 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
12:17:41.0679 4872 lmimirr - ok
12:17:41.0695 4872 LMIRfsClientNP - ok
12:17:41.0726 4872 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
12:17:41.0726 4872 LMIRfsDriver - ok
12:17:41.0742 4872 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
12:17:41.0742 4872 LogMeIn - ok
12:17:41.0757 4872 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
12:17:41.0757 4872 LSI_FC - ok
12:17:41.0757 4872 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
12:17:41.0757 4872 LSI_SAS - ok
12:17:41.0788 4872 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
12:17:41.0788 4872 LSI_SAS2 - ok
12:17:41.0788 4872 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
12:17:41.0788 4872 LSI_SCSI - ok
12:17:41.0820 4872 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:17:41.0820 4872 luafv - ok
12:17:41.0960 4872 lxefCATSCustConnectService (0c650620d4146e5eda65b93ec659a1e5) C:\Windows\system32\spool\DRIVERS\x64\3\\lxefserv.exe
12:17:41.0960 4872 lxefCATSCustConnectService - ok
12:17:41.0960 4872 lxef_device - ok
12:17:41.0991 4872 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:17:41.0991 4872 Mcx2Svc - ok
12:17:42.0022 4872 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
12:17:42.0022 4872 megasas - ok
12:17:42.0038 4872 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
12:17:42.0038 4872 MegaSR - ok
12:17:42.0054 4872 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
12:17:42.0054 4872 MEIx64 - ok
12:17:42.0069 4872 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:17:42.0069 4872 MMCSS - ok
12:17:42.0085 4872 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:17:42.0085 4872 Modem - ok
12:17:42.0116 4872 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:17:42.0116 4872 monitor - ok
12:17:42.0132 4872 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:17:42.0132 4872 mouclass - ok
12:17:42.0147 4872 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:17:42.0147 4872 mouhid - ok
12:17:42.0163 4872 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:17:42.0163 4872 mountmgr - ok
12:17:42.0225 4872 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:17:42.0225 4872 MozillaMaintenance - ok
12:17:42.0288 4872 mozybackup (19b2629c3f8e02b2e823738ff0ab1bfd) C:\Program Files\MozyHome\mozybackup.exe
12:17:42.0288 4872 mozybackup - ok
12:17:42.0303 4872 mozyFilter (a5c8838b68eddd5c738308b3a50cb350) C:\Windows\system32\DRIVERS\mozy.sys
12:17:42.0303 4872 mozyFilter - ok
12:17:42.0319 4872 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:17:42.0319 4872 mpio - ok
12:17:42.0334 4872 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:17:42.0334 4872 mpsdrv - ok
12:17:42.0350 4872 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:17:42.0350 4872 MRxDAV - ok
12:17:42.0366 4872 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:17:42.0366 4872 mrxsmb - ok
12:17:42.0397 4872 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:17:42.0397 4872 mrxsmb10 - ok
12:17:42.0428 4872 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:17:42.0428 4872 mrxsmb20 - ok
12:17:42.0444 4872 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:17:42.0444 4872 msahci - ok
12:17:42.0475 4872 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:17:42.0475 4872 msdsm - ok
12:17:42.0490 4872 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:17:42.0490 4872 MSDTC - ok
12:17:42.0506 4872 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:17:42.0506 4872 Msfs - ok
12:17:42.0522 4872 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:17:42.0522 4872 mshidkmdf - ok
12:17:42.0537 4872 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:17:42.0537 4872 msisadrv - ok
12:17:42.0537 4872 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:17:42.0537 4872 MSiSCSI - ok
12:17:42.0553 4872 msiserver - ok
12:17:42.0568 4872 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:17:42.0568 4872 MSKSSRV - ok
12:17:42.0568 4872 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:17:42.0568 4872 MSPCLOCK - ok
12:17:42.0584 4872 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:17:42.0584 4872 MSPQM - ok
12:17:42.0600 4872 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:17:42.0600 4872 MsRPC - ok
12:17:42.0600 4872 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
12:17:42.0600 4872 mssmbios - ok
12:17:42.0615 4872 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:17:42.0615 4872 MSTEE - ok
12:17:42.0615 4872 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
12:17:42.0615 4872 MTConfig - ok
12:17:42.0646 4872 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:17:42.0646 4872 Mup - ok
12:17:42.0662 4872 mv61xx (7e045af28f71851aa5ece8c78aefce46) C:\Windows\system32\DRIVERS\mv61xx.sys
12:17:42.0662 4872 mv61xx - ok
12:17:42.0693 4872 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:17:42.0693 4872 napagent - ok
12:17:42.0724 4872 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:17:42.0724 4872 NativeWifiP - ok
12:17:42.0787 4872 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:17:42.0787 4872 NDIS - ok
12:17:42.0802 4872 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:17:42.0802 4872 NdisCap - ok
12:17:42.0818 4872 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:17:42.0818 4872 NdisTapi - ok
12:17:42.0834 4872 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:17:42.0834 4872 Ndisuio - ok
12:17:42.0834 4872 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:17:42.0834 4872 NdisWan - ok
12:17:42.0849 4872 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:17:42.0849 4872 NDProxy - ok
12:17:42.0849 4872 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:17:42.0849 4872 NetBIOS - ok
12:17:42.0865 4872 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:17:42.0865 4872 NetBT - ok
12:17:42.0880 4872 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:17:42.0880 4872 Netlogon - ok
12:17:42.0927 4872 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:17:42.0927 4872 Netman - ok
12:17:42.0943 4872 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:17:42.0943 4872 netprofm - ok
12:17:42.0990 4872 netr28ux (5eb01f698c4e2c11598934d4540047ca) C:\Windows\system32\DRIVERS\netr28ux.sys
12:17:42.0990 4872 netr28ux - ok
12:17:43.0036 4872 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:17:43.0036 4872 NetTcpPortSharing - ok
12:17:43.0099 4872 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
12:17:43.0099 4872 nfrd960 - ok
12:17:43.0114 4872 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:17:43.0130 4872 NlaSvc - ok
12:17:43.0130 4872 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:17:43.0130 4872 Npfs - ok
12:17:43.0146 4872 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:17:43.0146 4872 nsi - ok
12:17:43.0161 4872 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:17:43.0161 4872 nsiproxy - ok
12:17:43.0208 4872 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:17:43.0224 4872 Ntfs - ok
12:17:43.0317 4872 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys
12:17:43.0317 4872 NuidFltr - ok
12:17:43.0348 4872 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:17:43.0348 4872 Null - ok
12:17:43.0364 4872 nusb3hub (01266516e6e88d183a2b58722eeb4443) C:\Windows\system32\DRIVERS\nusb3hub.sys
12:17:43.0364 4872 nusb3hub - ok
12:17:43.0380 4872 nusb3xhc (5ec04f55cc5f165f21752712437df638) C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:17:43.0380 4872 nusb3xhc - ok
12:17:43.0395 4872 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
12:17:43.0395 4872 NVHDA - ok
12:17:43.0676 4872 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:17:43.0723 4872 nvlddmkm - ok
12:17:43.0832 4872 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:17:43.0832 4872 nvraid - ok
12:17:43.0848 4872 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:17:43.0848 4872 nvstor - ok
12:17:43.0879 4872 nvsvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe
12:17:43.0894 4872 nvsvc - ok
12:17:43.0972 4872 nvUpdatusService (e7818cd4fb51284c948d68a7a85a69b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:17:43.0972 4872 nvUpdatusService - ok
12:17:44.0050 4872 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:17:44.0050 4872 nv_agp - ok
12:17:44.0050 4872 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:17:44.0050 4872 ohci1394 - ok
12:17:44.0113 4872 OpenVPNService (6c2e3718a4df94958515d30d8ac52e52) C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
12:17:44.0113 4872 OpenVPNService - ok
12:17:44.0144 4872 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:17:44.0144 4872 ose - ok
12:17:44.0175 4872 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:17:44.0175 4872 p2pimsvc - ok
12:17:44.0191 4872 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:17:44.0191 4872 p2psvc - ok
12:17:44.0222 4872 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
12:17:44.0222 4872 Parport - ok
12:17:44.0253 4872 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:17:44.0253 4872 partmgr - ok
12:17:44.0253 4872 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:17:44.0253 4872 PcaSvc - ok
12:17:44.0269 4872 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:17:44.0269 4872 pci - ok
12:17:44.0284 4872 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:17:44.0284 4872 pciide - ok
12:17:44.0300 4872 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
12:17:44.0300 4872 pcmcia - ok
12:17:44.0316 4872 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:17:44.0316 4872 pcw - ok
12:17:44.0331 4872 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:17:44.0347 4872 PEAUTH - ok
12:17:44.0378 4872 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
12:17:44.0378 4872 PeerDistSvc - ok
12:17:44.0425 4872 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:17:44.0425 4872 PerfHost - ok
12:17:44.0503 4872 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:17:44.0503 4872 pla - ok
12:17:44.0534 4872 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:17:44.0534 4872 PlugPlay - ok
12:17:44.0534 4872 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:17:44.0534 4872 PNRPAutoReg - ok
12:17:44.0550 4872 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:17:44.0550 4872 PNRPsvc - ok
12:17:44.0596 4872 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
12:17:44.0596 4872 Point64 - ok
12:17:44.0628 4872 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:17:44.0628 4872 PolicyAgent - ok
12:17:44.0659 4872 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:17:44.0659 4872 Power - ok
12:17:44.0674 4872 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:17:44.0674 4872 PptpMiniport - ok
12:17:44.0674 4872 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
12:17:44.0674 4872 Processor - ok
12:17:44.0706 4872 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
12:17:44.0706 4872 ProfSvc - ok
12:17:44.0737 4872 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:17:44.0737 4872 ProtectedStorage - ok
12:17:44.0737 4872 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:17:44.0752 4872 Psched - ok
12:17:44.0784 4872 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
12:17:44.0784 4872 ql2300 - ok
12:17:44.0862 4872 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
12:17:44.0862 4872 ql40xx - ok
12:17:44.0877 4872 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:17:44.0893 4872 QWAVE - ok
12:17:44.0893 4872 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:17:44.0893 4872 QWAVEdrv - ok
12:17:44.0924 4872 radpms (58435613c2537715a9423597ec6635cc) C:\Windows\system32\DRIVERS\radpms.sys
12:17:44.0924 4872 radpms - ok
12:17:44.0940 4872 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:17:44.0940 4872 RasAcd - ok
12:17:44.0955 4872 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:17:44.0955 4872 RasAgileVpn - ok
12:17:44.0955 4872 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:17:44.0971 4872 RasAuto - ok
12:17:44.0971 4872 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:17:44.0971 4872 Rasl2tp - ok
12:17:45.0002 4872 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:17:45.0002 4872 RasMan - ok
12:17:45.0002 4872 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:17:45.0002 4872 RasPppoe - ok
12:17:45.0018 4872 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:17:45.0018 4872 RasSstp - ok
12:17:45.0033 4872 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:17:45.0033 4872 rdbss - ok
12:17:45.0033 4872 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:17:45.0033 4872 rdpbus - ok
12:17:45.0049 4872 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:17:45.0049 4872 RDPCDD - ok
12:17:45.0064 4872 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
12:17:45.0064 4872 RDPDR - ok
12:17:45.0080 4872 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:17:45.0080 4872 RDPENCDD - ok
12:17:45.0080 4872 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:17:45.0080 4872 RDPREFMP - ok
12:17:45.0111 4872 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
12:17:45.0111 4872 RDPWD - ok
12:17:45.0111 4872 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:17:45.0111 4872 rdyboost - ok
12:17:45.0127 4872 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:17:45.0142 4872 RemoteAccess - ok
12:17:45.0142 4872 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:17:45.0142 4872 RemoteRegistry - ok
12:17:45.0158 4872 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:17:45.0158 4872 RpcEptMapper - ok
12:17:45.0158 4872 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:17:45.0158 4872 RpcLocator - ok
12:17:45.0174 4872 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:17:45.0189 4872 RpcSs - ok
12:17:45.0205 4872 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:17:45.0205 4872 rspndr - ok
12:17:45.0220 4872 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
12:17:45.0220 4872 s3cap - ok
12:17:45.0236 4872 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:17:45.0236 4872 SamSs - ok
12:17:45.0298 4872 SANDRA (5efbbfcc6adac121c8e2fe76641ed329) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\WNt500x64\Sandra.sys
12:17:45.0298 4872 SANDRA - ok
12:17:45.0314 4872 SandraAgentSrv (df7d83053f32dd52b7cc079eb3342c24) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\RpcAgentSrv.exe
12:17:45.0314 4872 SandraAgentSrv - ok
12:17:45.0330 4872 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:17:45.0330 4872 sbp2port - ok
12:17:45.0345 4872 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:17:45.0345 4872 SCardSvr - ok
12:17:45.0361 4872 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:17:45.0361 4872 scfilter - ok
12:17:45.0392 4872 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:17:45.0408 4872 Schedule - ok
12:17:45.0423 4872 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:17:45.0423 4872 SCPolicySvc - ok
12:17:45.0439 4872 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:17:45.0439 4872 SDRSVC - ok
12:17:45.0470 4872 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:17:45.0470 4872 secdrv - ok
12:17:45.0486 4872 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:17:45.0486 4872 seclogon - ok
12:17:45.0486 4872 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:17:45.0486 4872 SENS - ok
12:17:45.0501 4872 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:17:45.0501 4872 SensrSvc - ok
12:17:45.0501 4872 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
12:17:45.0501 4872 Serenum - ok
12:17:45.0517 4872 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
12:17:45.0517 4872 Serial - ok
12:17:45.0517 4872 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
12:17:45.0517 4872 sermouse - ok
12:17:45.0532 4872 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:17:45.0532 4872 SessionEnv - ok
12:17:45.0548 4872 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:17:45.0548 4872 sffdisk - ok
12:17:45.0548 4872 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:17:45.0548 4872 sffp_mmc - ok
12:17:45.0548 4872 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:17:45.0548 4872 sffp_sd - ok
12:17:45.0548 4872 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
12:17:45.0548 4872 sfloppy - ok
12:17:45.0579 4872 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:17:45.0579 4872 ShellHWDetection - ok
12:17:45.0595 4872 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
12:17:45.0595 4872 SiSRaid2 - ok
12:17:45.0610 4872 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
12:17:45.0610 4872 SiSRaid4 - ok
12:17:45.0610 4872 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:17:45.0610 4872 Smb - ok
12:17:45.0626 4872 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:17:45.0626 4872 SNMPTRAP - ok
12:17:45.0642 4872 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:17:45.0642 4872 spldr - ok
12:17:45.0657 4872 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:17:45.0657 4872 Spooler - ok
12:17:45.0735 4872 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:17:45.0751 4872 sppsvc - ok
12:17:45.0829 4872 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:17:45.0829 4872 sppuinotify - ok
12:17:45.0907 4872 SpyHunter 4 Service (45a20a8416ee7dc7711953cc68b07643) C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
12:17:45.0907 4872 SpyHunter 4 Service - ok
12:17:45.0938 4872 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:17:45.0938 4872 srv - ok
12:17:45.0969 4872 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:17:45.0969 4872 srv2 - ok
12:17:45.0969 4872 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:17:45.0969 4872 srvnet - ok
12:17:46.0000 4872 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:17:46.0000 4872 SSDPSRV - ok
12:17:46.0016 4872 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:17:46.0016 4872 SstpSvc - ok
12:17:46.0032 4872 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
12:17:46.0032 4872 stexstor - ok
12:17:46.0063 4872 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:17:46.0063 4872 stisvc - ok
12:17:46.0078 4872 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
12:17:46.0078 4872 storflt - ok
12:17:46.0078 4872 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
12:17:46.0078 4872 StorSvc - ok
12:17:46.0094 4872 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
12:17:46.0094 4872 storvsc - ok
12:17:46.0110 4872 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
12:17:46.0110 4872 swenum - ok
12:17:46.0188 4872 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:17:46.0188 4872 SwitchBoard - ok
12:17:46.0219 4872 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:17:46.0219 4872 swprv - ok
12:17:46.0250 4872 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:17:46.0266 4872 SysMain - ok
12:17:46.0312 4872 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:17:46.0312 4872 TabletInputService - ok
12:17:46.0344 4872 tap0901 (6e8732acfd4c8d1ec4a4e872168b8b92) C:\Windows\system32\DRIVERS\tap0901.sys
12:17:46.0344 4872 tap0901 - ok
12:17:46.0359 4872 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:17:46.0359 4872 TapiSrv - ok
12:17:46.0375 4872 tapoas (927d0cdb3f96efc1e98fb1a2c9fb67ad) C:\Windows\system32\DRIVERS\tapoas.sys
12:17:46.0375 4872 tapoas - ok
12:17:46.0375 4872 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:17:46.0375 4872 TBS - ok
12:17:46.0437 4872 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:17:46.0453 4872 Tcpip - ok
12:17:46.0546 4872 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:17:46.0562 4872 TCPIP6 - ok
12:17:46.0624 4872 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:17:46.0624 4872 tcpipreg - ok
12:17:46.0640 4872 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:17:46.0640 4872 TDPIPE - ok
12:17:46.0671 4872 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:17:46.0671 4872 TDTCP - ok
12:17:46.0687 4872 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:17:46.0687 4872 tdx - ok
12:17:46.0687 4872 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
12:17:46.0687 4872 TermDD - ok
12:17:46.0718 4872 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:17:46.0718 4872 TermService - ok
12:17:46.0749 4872 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:17:46.0749 4872 Themes - ok
12:17:46.0765 4872 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:17:46.0765 4872 THREADORDER - ok
12:17:46.0780 4872 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:17:46.0780 4872 TrkWks - ok
12:17:46.0827 4872 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:17:46.0827 4872 TrustedInstaller - ok
12:17:46.0843 4872 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:17:46.0843 4872 tssecsrv - ok
12:17:46.0858 4872 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:17:46.0858 4872 TsUsbFlt - ok
12:17:46.0858 4872 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
12:17:46.0858 4872 TsUsbGD - ok
12:17:46.0874 4872 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:17:46.0874 4872 tunnel - ok
12:17:46.0874 4872 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
12:17:46.0874 4872 uagp35 - ok
12:17:46.0890 4872 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:17:46.0890 4872 udfs - ok
12:17:46.0905 4872 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:17:46.0905 4872 UI0Detect - ok
12:17:46.0936 4872 UimBus (4bf243bf18de55c08a021dd37f54a097) C:\Windows\system32\DRIVERS\uimx64.sys
12:17:46.0936 4872 UimBus - ok
12:17:46.0968 4872 Uim_IM (743affe7920184238d37f4307198313b) C:\Windows\system32\Drivers\Uim_IMx64.sys
12:17:46.0968 4872 Uim_IM - ok
12:17:46.0983 4872 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:17:46.0983 4872 uliagpkx - ok
12:17:46.0999 4872 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
12:17:46.0999 4872 umbus - ok
12:17:46.0999 4872 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
12:17:46.0999 4872 UmPass - ok
12:17:47.0014 4872 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
12:17:47.0014 4872 UmRdpService - ok
12:17:47.0046 4872 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:17:47.0046 4872 upnphost - ok
12:17:47.0077 4872 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
12:17:47.0077 4872 USBAAPL64 - ok
12:17:47.0092 4872 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
12:17:47.0092 4872 usbccgp - ok
12:17:47.0108 4872 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:17:47.0108 4872 usbcir - ok
12:17:47.0124 4872 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:17:47.0124 4872 usbehci - ok
12:17:47.0139 4872 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:17:47.0139 4872 usbhub - ok
12:17:47.0155 4872 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:17:47.0155 4872 usbohci - ok
12:17:47.0170 4872 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
12:17:47.0170 4872 usbprint - ok
12:17:47.0202 4872 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:17:47.0202 4872 usbscan - ok
12:17:47.0217 4872 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:17:47.0217 4872 USBSTOR - ok
12:17:47.0233 4872 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:17:47.0233 4872 usbuhci - ok
12:17:47.0248 4872 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:17:47.0248 4872 UxSms - ok
12:17:47.0280 4872 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:17:47.0280 4872 VaultSvc - ok
12:17:47.0311 4872 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
12:17:47.0311 4872 VClone - ok
12:17:47.0326 4872 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:17:47.0326 4872 vdrvroot - ok
12:17:47.0342 4872 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:17:47.0342 4872 vds - ok
12:17:47.0358 4872 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:17:47.0358 4872 vga - ok
12:17:47.0373 4872 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:17:47.0373 4872 VgaSave - ok
12:17:47.0389 4872 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:17:47.0389 4872 vhdmp - ok
12:17:47.0404 4872 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:17:47.0404 4872 viaide - ok
12:17:47.0436 4872 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
12:17:47.0436 4872 vmbus - ok
12:17:47.0436 4872 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
12:17:47.0436 4872 VMBusHID - ok
12:17:47.0451 4872 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:17:47.0451 4872 volmgr - ok
12:17:47.0467 4872 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:17:47.0467 4872 volmgrx - ok
12:17:47.0482 4872 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:17:47.0482 4872 volsnap - ok
12:17:47.0498 4872 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
12:17:47.0498 4872 vsmraid - ok
12:17:47.0545 4872 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:17:47.0545 4872 VSS - ok
12:17:47.0623 4872 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:17:47.0623 4872 vwifibus - ok
12:17:47.0623 4872 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:17:47.0623 4872 vwififlt - ok
12:17:47.0638 4872 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:17:47.0654 4872 W32Time - ok
12:17:47.0654 4872 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
12:17:47.0654 4872 WacomPen - ok
12:17:47.0670 4872 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:17:47.0670 4872 WANARP - ok
12:17:47.0670 4872 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:17:47.0670 4872 Wanarpv6 - ok
12:17:47.0716 4872 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:17:47.0716 4872 WatAdminSvc - ok
12:17:47.0763 4872 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:17:47.0779 4872 wbengine - ok
12:17:47.0826 4872 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:17:47.0826 4872 WbioSrvc - ok
12:17:47.0841 4872 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:17:47.0841 4872 wcncsvc - ok
12:17:47.0857 4872 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:17:47.0857 4872 WcsPlugInService - ok
12:17:47.0872 4872 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
12:17:47.0872 4872 Wd - ok
12:17:47.0888 4872 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
12:17:47.0888 4872 WDC_SAM - ok
12:17:47.0919 4872 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:17:47.0919 4872 Wdf01000 - ok
12:17:47.0919 4872 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:17:47.0919 4872 WdiServiceHost - ok
12:17:47.0935 4872 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:17:47.0935 4872 WdiSystemHost - ok
12:17:47.0950 4872 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:17:47.0950 4872 WebClient - ok
12:17:47.0950 4872 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:17:47.0966 4872 Wecsvc - ok
12:17:47.0966 4872 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:17:47.0966 4872 wercplsupport - ok
12:17:47.0982 4872 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:17:47.0982 4872 WerSvc - ok
12:17:48.0013 4872 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:17:48.0013 4872 WfpLwf - ok
12:17:48.0028 4872 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:17:48.0028 4872 WIMMount - ok
12:17:48.0028 4872 WinHttpAutoProxySvc - ok
12:17:48.0075 4872 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:17:48.0075 4872 Winmgmt - ok
12:17:48.0122 4872 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:17:48.0138 4872 WinRM - ok
12:17:48.0200 4872 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:17:48.0200 4872 WinUsb - ok
12:17:48.0231 4872 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:17:48.0231 4872 Wlansvc - ok
12:17:48.0262 4872 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:17:48.0262 4872 WmiAcpi - ok
12:17:48.0309 4872 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:17:48.0309 4872 wmiApSrv - ok
12:17:48.0325 4872 WMPNetworkSvc - ok
12:17:48.0356 4872 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:17:48.0356 4872 WPCSvc - ok
12:17:48.0356 4872 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:17:48.0356 4872 WPDBusEnum - ok
12:17:48.0372 4872 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:17:48.0372 4872 ws2ifsl - ok
12:17:48.0372 4872 WSearch - ok
12:17:48.0387 4872 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:17:48.0387 4872 WudfPf - ok
12:17:48.0403 4872 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:17:48.0403 4872 WUDFRd - ok
12:17:48.0403 4872 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:17:48.0403 4872 wudfsvc - ok
12:17:48.0434 4872 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:17:48.0434 4872 WwanSvc - ok
12:17:48.0434 4872 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:17:48.0652 4872 \Device\Harddisk0\DR0 - ok
12:17:48.0652 4872 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
12:17:48.0730 4872 \Device\Harddisk1\DR1 - ok
12:17:48.0730 4872 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
12:17:48.0840 4872 \Device\Harddisk2\DR2 - ok
12:17:48.0840 4872 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
12:17:49.0214 4872 \Device\Harddisk3\DR3 - ok
12:17:49.0214 4872 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk4\DR4
12:17:49.0323 4872 \Device\Harddisk4\DR4 - ok
12:17:49.0323 4872 Boot (0x1200) (1d2cb8150f0740eb48d664aa25ad3815) \Device\Harddisk0\DR0\Partition0
12:17:49.0323 4872 \Device\Harddisk0\DR0\Partition0 - ok
12:17:49.0323 4872 Boot (0x1200) (bc2a3a7628ae1e115bff7546ca69bf1a) \Device\Harddisk1\DR1\Partition0
12:17:49.0323 4872 \Device\Harddisk1\DR1\Partition0 - ok
12:17:49.0323 4872 Boot (0x1200) (18dfeb311eea2ed9e116ccdfd8e31239) \Device\Harddisk2\DR2\Partition0
12:17:49.0323 4872 \Device\Harddisk2\DR2\Partition0 - ok
12:17:49.0323 4872 Boot (0x1200) (679468958eaf69d7baf921957bb6c2fa) \Device\Harddisk3\DR3\Partition0
12:17:49.0323 4872 \Device\Harddisk3\DR3\Partition0 - ok
12:17:49.0323 4872 Boot (0x1200) (2850fe8e11c8cd6bbdf902ac145d278c) \Device\Harddisk4\DR4\Partition0
12:17:49.0323 4872 \Device\Harddisk4\DR4\Partition0 - ok
12:17:49.0323 4872 ============================================================
12:17:49.0323 4872 Scan finished
12:17:49.0323 4872 ============================================================
12:17:49.0339 7640 Detected object count: 0
12:17:49.0339 7640 Actual detected object count: 0




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 12:18:54
-----------------------------
12:18:54.531 OS Version: Windows x64 6.1.7601 Service Pack 1
12:18:54.531 Number of processors: 8 586 0x2A07
12:18:54.531 ComputerName: OWNER-PC110658 UserName: Owner
12:19:00.038 Initialize success
12:19:31.238 AVAST engine defs: 12080100
12:19:41.441 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:19:41.441 Disk 0 Vendor: ST350041 JC45 Size: 476940MB BusType: 8
12:19:41.441 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
12:19:41.441 Disk 1 Vendor: ST310005 JC45 Size: 953869MB BusType: 8
12:19:41.441 Disk 0 MBR read successfully
12:19:41.441 Disk 0 MBR scan
12:19:41.456 Disk 0 Windows 7 default MBR code
12:19:41.456 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 463507 MB offset 2048
12:19:41.472 Disk 0 Partition 2 00 BC BCFS 13431 MB offset 949264785
12:19:41.519 Disk 0 scanning C:\Windows\system32\drivers
12:19:50.083 Service scanning
12:20:05.184 Modules scanning
12:20:05.184 Disk 0 trace - called modules:
12:20:05.199 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
12:20:05.199 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80090c3790]
12:20:05.199 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007e11050]
12:20:05.886 AVAST engine scan C:\Windows
12:20:07.508 AVAST engine scan C:\Windows\system32
12:21:52.528 AVAST engine scan C:\Windows\system32\drivers
12:22:00.296 AVAST engine scan C:\Users\Owner
12:22:56.784 File: C:\Users\Owner\AppData\Local\{b9a85bf4-fa72-097a-2079-c05dc739741c}\n **INFECTED** Win64:Sirefef-F [Rtk]
12:29:03.945 AVAST engine scan C:\ProgramData
12:30:05.131 Scan finished successfully
12:39:17.934 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
12:39:17.936 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"







C:\Qoobox\Quarantine\C\Users\Owner\AppData\Local\cgheyijvaa.exe.vir a variant of Win32/Kryptik.AIUD trojan
C:\Users\Owner\AppData\Local\{b9a85bf4-fa72-097a-2079-c05dc739741c}\n Win64/Sirefef.W trojan
C:\Windows\Installer\{b9a85bf4-fa72-097a-2079-c05dc739741c}\U\80000000.@ Win64/Sirefef.AL trojan
K:\$RECYCLE.BIN\S-1-5-21-2155120952-764981566-888926259-1000\$RITT0W3\XF-AdobeMasterCS3-KG.exe a variant of Win32/Keygen.BR application

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:52 AM

Posted 01 August 2012 - 01:09 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{b9a85bf4-fa72-097a-2079-c05dc739741c}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

Edited by narenxp, 01 August 2012 - 01:09 PM.


#5 mattsbach

mattsbach
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 01 August 2012 - 02:35 PM

thank you - I think I got them all....






SystemLook 30.07.11 by jpshortstuff
Log created at 14:13 on 01/08/2012 by Owner
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\erdnt\cache64\services.exe --a---- 328704 bytes [19:02 19/07/2012] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 014A9CB92514E27C0107614DF764BC06
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{c647b46a-6d6b-8d07-01fd-6814141c9716}"
No folders found.

-= EOF =-






Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.01.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC110658 [administrator]

8/1/2012 2:15:17 PM
mbam-log-2012-08-01 (14-15-17).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 396331
Time elapsed: 30 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Qoobox\Quarantine\C\Users\Owner\AppData\Local\cgheyijvaa.exe.vir (Trojan.Lameshield) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\{b9a85bf4-fa72-097a-2079-c05dc739741c}\n (Trojan.Sirefef) -> Delete on reboot.

(end)







MiniToolBox by Farbar Version: 23-07-2012
Ran by Owner (administrator) on 01-08-2012 at 15:27:14
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 imageads9.googleadservices.com
127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns-5.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com adobeereg.com ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip100.adobe.com wwis-dubc1-vip101.adobe.com wwis-dubc1-vip102.adobe.com wwis-dubc1-vip103.adobe.com wwis-dubc1-vip104.adobe.com wwis-dubc1-vip105.adobe.com wwis-dubc1-vip106.adobe.com wwis-dubc1-vip107.adobe.com wwis-dubc1-vip108.adobe.com
127.0.0.1 wwis-dubc1-vip109.adobe.com wwis-dubc1-vip110.adobe.com wwis-dubc1-vip111.adobe.com wwis-dubc1-vip112.adobe.com wwis-dubc1-vip113.adobe.com wwis-dubc1-vip114.adobe.com wwis-dubc1-vip115.adobe.com wwis-dubc1-vip116.adobe.com wwis-dubc1-vip117.adobe.com wwis-dubc1-vip118.adobe.com wwis-dubc1-vip119.adobe.com wwis-dubc1-vip120.adobe.com wwis-dubc1-vip121.adobe.com wwis-dubc1-vip122.adobe.com wwis-dubc1-vip123.adobe.com
127.0.0.1 wwis-dubc1-vip124.adobe.com wwis-dubc1-vip125.adobe.com wwis-dubc1-vip30.adobe.com wwis-dubc1-vip31.adobe.com wwis-dubc1-vip32.adobe.com wwis-dubc1-vip33.adobe.com wwis-dubc1-vip34.adobe.com wwis-dubc1-vip35.adobe.com wwis-dubc1-vip36.adobe.com wwis-dubc1-vip37.adobe.com wwis-dubc1-vip38.adobe.com wwis-dubc1-vip39.adobe.com wwis-dubc1-vip40.adobe.com wwis-dubc1-vip41.adobe.com wwis-dubc1-vip42.adobe.com
127.0.0.1 wwis-dubc1-vip43.adobe.com wwis-dubc1-vip44.adobe.com wwis-dubc1-vip45.adobe.com wwis-dubc1-vip46.adobe.com wwis-dubc1-vip47.adobe.com wwis-dubc1-vip48.adobe.com wwis-dubc1-vip49.adobe.com wwis-dubc1-vip50.adobe.com wwis-dubc1-vip51.adobe.com wwis-dubc1-vip52.adobe.com wwis-dubc1-vip53.adobe.com wwis-dubc1-vip54.adobe.com wwis-dubc1-vip55.adobe.com wwis-dubc1-vip56.adobe.com wwis-dubc1-vip57.adobe.com
127.0.0.1 wwis-dubc1-vip58.adobe.com wwis-dubc1-vip59.adobe.com wwis-dubc1-vip60.adobe.com wwis-dubc1-vip61.adobe.com wwis-dubc1-vip62.adobe.com wwis-dubc1-vip63.adobe.com wwis-dubc1-vip64.adobe.com wwis-dubc1-vip65.adobe.com wwis-dubc1-vip66.adobe.com wwis-dubc1-vip67.adobe.com wwis-dubc1-vip68.adobe.com wwis-dubc1-vip69.adobe.com wwis-dubc1-vip70.adobe.com wwis-dubc1-vip71.adobe.com wwis-dubc1-vip72.adobe.com
127.0.0.1 wwis-dubc1-vip73.adobe.com wwis-dubc1-vip74.adobe.com wwis-dubc1-vip75.adobe.com wwis-dubc1-vip76.adobe.com wwis-dubc1-vip77.adobe.com wwis-dubc1-vip78.adobe.com wwis-dubc1-vip79.adobe.com wwis-dubc1-vip80.adobe.com wwis-dubc1-vip81.adobe.com wwis-dubc1-vip82.adobe.com wwis-dubc1-vip83.adobe.com wwis-dubc1-vip84.adobe.com wwis-dubc1-vip85.adobe.com wwis-dubc1-vip86.adobe.com wwis-dubc1-vip87.adobe.com
127.0.0.1 wwis-dubc1-vip88.adobe.com wwis-dubc1-vip89.adobe.com wwis-dubc1-vip90.adobe.com wwis-dubc1-vip91.adobe.com wwis-dubc1-vip92.adobe.com wwis-dubc1-vip93.adobe.com wwis-dubc1-vip94.adobe.com wwis-dubc1-vip95.adobe.com wwis-dubc1-vip96.adobe.com wwis-dubc1-vip97.adobe.com wwis-dubc1-vip98.adobe.com wwis-dubc1-vip99.adobe.com
127.0.0.1 pagead2.googlesyndication.com
127.0.0.1 partner.googleadservices.com
127.0.0.1 imageads.googleadservices.com
127.0.0.1 imageads1.googleadservices.com
127.0.0.1 imageads2.googleadservices.com
127.0.0.1 imageads3.googleadservices.com
127.0.0.1 imageads4.googleadservices.com
127.0.0.1 imageads5.googleadservices.com
127.0.0.1 imageads6.googleadservices.com
127.0.0.1 imageads7.googleadservices.com

There are 1 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)
802.11bgn 1T1R Wireless Adapter = Wireless Network Connection (Hardware not present)
TAP-Win32 Adapter V9 = office (Media disconnected)
TAP-Win32 Adapter V9 = datacenter (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC110658
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter datacenter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9 #2
Physical Address. . . . . . . . . : 00-FF-45-B1-EB-02
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter office:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-41-2A-E7-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 00-22-4D-4F-DC-F7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3040:4969:6b63:1f2a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 01, 2012 2:52:34 PM
Lease Expires . . . . . . . . . . : Thursday, August 02, 2012 2:52:34 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234889805
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-9D-04-93-00-22-4D-4F-DC-F7
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{45B1EB02-5E3A-4784-9FF4-A1D7385E7208}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{412AE735-DC18-481E-A693-7866D7D644DB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:800::1002
74.125.228.14
74.125.228.9
74.125.228.4
74.125.228.1
74.125.228.7
74.125.228.2
74.125.228.6
74.125.228.8
74.125.228.5
74.125.228.0
74.125.228.3


Pinging google.com [74.125.228.9] with 32 bytes of data:
Reply from 74.125.228.9: bytes=32 time=10ms TTL=252
Reply from 74.125.228.9: bytes=32 time=9ms TTL=252

Ping statistics for 74.125.228.9:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 10ms, Average = 9ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=167ms TTL=250
Reply from 72.30.38.140: bytes=32 time=180ms TTL=250

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 167ms, Maximum = 180ms, Average = 173ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...00 ff 45 b1 eb 02 ......TAP-Win32 Adapter V9 #2
19...00 ff 41 2a e7 35 ......TAP-Win32 Adapter V9
11...00 22 4d 4f dc f7 ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.8 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.8 276
192.168.1.8 255.255.255.255 On-link 192.168.1.8 276
192.168.1.255 255.255.255.255 On-link 192.168.1.8 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.8 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.8 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::3040:4969:6b63:1f2a/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/01/2012 02:53:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 00:39:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2012 00:39:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2012 00:39:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/01/2012 02:44:34 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000000684a22b000
Faulting process id: 0x12e0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/31/2012 11:45:22 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/9FAD91A6CE6AC6C50047C44EC9D4A50D92D84979.crt> with error: This operation returned because the timeout period expired.
.

Error: (07/30/2012 08:26:42 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mshtml.dll, version: 9.0.8112.16447, time stamp: 0x4fca0a05
Exception code: 0xc0000005
Fault offset: 0x00000000002ea0f2
Faulting process id: 0x4c0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/30/2012 07:23:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mshtml.dll, version: 9.0.8112.16447, time stamp: 0x4fca0a05
Exception code: 0xc0000005
Fault offset: 0x00000000002ea0f2
Faulting process id: 0x460
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/30/2012 03:13:53 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00006a61c7880000
Faulting process id: 0x1a5c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/30/2012 02:55:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mshtml.dll, version: 9.0.8112.16447, time stamp: 0x4fca0a05
Exception code: 0xc0000005
Fault offset: 0x00000000000b1cff
Faulting process id: 0xf78
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (08/01/2012 02:53:59 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/01/2012 02:53:59 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/01/2012 02:52:50 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/01/2012 02:52:50 PM) (Source: Service Control Manager) (User: )
Description: The lxefCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (08/01/2012 02:52:50 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxefCATSCustConnectService service to connect.

Error: (08/01/2012 02:52:47 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/01/2012 02:52:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/27/2012 03:13:04 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/27/2012 03:13:04 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/27/2012 03:12:15 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (08/01/2012 02:53:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 00:39:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/01/2012 00:39:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/01/2012 00:39:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe

Error: (08/01/2012 02:44:34 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1unknown0.0.0.000000000c0000005000000684a22b00012e001cd6fb0f673fb5dC:\Windows\system32\svchost.exeunknown5a146619-dba4-11e1-a479-00224d4fdcf7

Error: (07/31/2012 11:45:22 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/9FAD91A6CE6AC6C50047C44EC9D4A50D92D84979.crtThis operation returned because the timeout period expired.

Error: (07/30/2012 08:26:42 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1mshtml.dll9.0.8112.164474fca0a05c000000500000000002ea0f24c001cd6eb2fc0a3577C:\Windows\system32\svchost.exeC:\Windows\system32\mshtml.dll661a56a8-daa6-11e1-a479-00224d4fdcf7

Error: (07/30/2012 07:23:44 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1mshtml.dll9.0.8112.164474fca0a05c000000500000000002ea0f246001cd6ea9f40294c2C:\Windows\system32\svchost.exeC:\Windows\system32\mshtml.dll9a5654e2-da9d-11e1-a479-00224d4fdcf7

Error: (07/30/2012 03:13:53 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1unknown0.0.0.000000000c000000500006a61c78800001a5c01cd6e22b82a79caC:\Windows\system32\svchost.exeunknown1db31b08-da16-11e1-a479-00224d4fdcf7

Error: (07/30/2012 02:55:57 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1mshtml.dll9.0.8112.164474fca0a05c000000500000000000b1cfff7801cd6e203eb128edC:\Windows\system32\svchost.exeC:\Windows\system32\mshtml.dll9c5ac2d9-da13-11e1-a479-00224d4fdcf7


=========================== Installed Programs ============================

7-Zip 9.20
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.3)
Adobe AIR (Version: 2.7.0.19530)
Adobe Community Help (Version: 3.4.980)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Setup (Version: 1.0)
Adobe Story (Version: 1.0.571)
Amazon MP3 Downloader 1.0.12 (Version: 1.0.12)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Applian FLV and Media Player 3.1.1.12 (Version: 3.1.1.12)
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Converter 8
AVS Video Editor 6
AVS Video Recorder 2.4
AVS4YOU Software Navigator 1.4
BitTorrent (Version: 7.6.1)
BlitzIn 3.0
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.17)
CDBurnerXP (Version: 4.3.8.2568)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
Dropbox (Version: 1.4.7)
ESET Online Scanner v3
FastStone Photo Resizer 3.1 (Version: 3.1)
Finale 2008 (Version: 13.1.9)
Garritan Instruments for Finale (Version: 1.0.13)
GoldWave v5.67
Google Chrome (Version: 20.0.1132.57)
Google Chrome (Version: 21.0.1180.60)
Google Update Helper (Version: 1.3.21.115)
GPXtoPOI
Hydra
iCloud (Version: 1.1.0.40)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Network Connections 16.1.53.0 (Version: 16.1.53.0)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
iTunes (Version: 10.6.3.25)
iZotope Spectron for DirectX (Version: 1.0)
iZotope Trash for DirectX (Version: 1.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 31 (Version: 6.0.310)
Justinmind Prototyper 4.5.0 (Version: 4.5.0)
Karen's Directory Printer (Version: 5.3.0.2)
Lexmark S800 Series
LogMeIn (Version: 4.1.1868)
Machinarium (Version: 23.10.09)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
marvell 61xx (Version: 1.2.0.7700)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MIDI-OX (Version: 7.02.372)
MobileMe Control Panel (Version: 3.1.8.0)
Motorola Bluetooth (Version: 3.0.02.285)
Moyea FLV Editor Lite version: 1.0.1.0
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MozyHome (Version: 2.14.1.193)
Native Instruments Kontakt 3 (Version: 3.5.0.025)
Native Instruments Kontakt Factory Selection (Version: 1.0.0.002)
Native Instruments Service Center (Version: 2.2.0.367)
NexusFont 2.5 (ver 2.5.8.1582)
NVIDIA 3D Vision Controller Driver (Version: 275.33)
NVIDIA 3D Vision Controller Driver 275.33 (Version: 275.33)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA HD Audio Driver 1.2.23.3 (Version: 1.2.23.3)
NVIDIA Install Application (Version: 2.275.80.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
OpenVPN 2.1_rc20 (Version: 2.1_rc20)
Orion 7.6
Paragon Backup & Recovery™ 10 Suite (Version: 90.00.0003)
PDF Settings CS5 (Version: 10.0)
Plucked String
Poly850 VSTi/DXi v1.01 (Version: 1.0)
QuickTime (Version: 7.72.80.56)
Ralink RT2870 Wireless LAN Card (Version: 3.1.4.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6392)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.16.0)
RME Hammerfall DSP (WDM) (Version: 3.2.6.0)
Safari (Version: 5.34.57.2)
Scorpion
SiSoftware Sandra Lite 2011.SP3 (Version: 17.64.2011.7)
SpyHunter (Version: 4.8.13.3861)
SQLyog 5.19 (Version: 5.19)
TextPad 5 (Version: 5.4.2)
TortoiseSVN 1.7.7.22907 (64 bit) (Version: 1.7.22907)
Toxic 2.5
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VirtualCloneDrive
WebEx
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinSCP 4.3.5 (Version: 4.3.5)
X-Poly

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 8174.22 MB
Available physical RAM: 5683.48 MB
Total Pagefile: 16346.63 MB
Available Pagefile: 13908.7 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.33 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:452.64 GB) (Free:380.32 GB) NTFS
3 Drive e: (Storage) (Fixed) (Total:931.51 GB) (Free:931.38 GB) NTFS
4 Drive g: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
5 Drive h: (My Passport) (Fixed) (Total:465.11 GB) (Free:395.72 GB) NTFS
6 Drive i: (ScribbyWibby) (Fixed) (Total:931.51 GB) (Free:53.75 GB) NTFS
8 Drive k: (SimpleDrive) (Fixed) (Total:465.76 GB) (Free:364.19 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC110658

Administrator Guest LogMeInRemoteUser
Owner UpdatusUser


**** End of log ****








Farbar Service Scanner Version: 26-07-2012
Ran by Owner (administrator) on 01-08-2012 at 15:28:19
Running from "C:\Users\Owner\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****










# AdwCleaner v1.800 - Logfile created 08/01/2012 at 15:29:30
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Owner - OWNER-PC110658
# Running from : C:\Users\Owner\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Freeze.com

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\i7b7x4vw.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.60

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [1058 octets] - [01/08/2012 15:29:30]

########## EOF - C:\AdwCleaner[S1].txt - [1186 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:52 AM

Posted 01 August 2012 - 03:42 PM

Press Windows+R key and type

notepad and click ok

copy this script and paste in notepad
@echo off
cd c:\windows\system32
takeown /a /f services.exe
cacls services.exe /g administrators:f
ren services.exe services.exe.old
COPY /Y C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\WINDOWS\system32
DEL %0

Click on FILE>> save as

filename:sevices.bat
Save as type:All types

Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER

Download

MpsSvc
BFE
wscsvc
defender
wuauserv
BITS
Sharedaccess

Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#7 mattsbach

mattsbach
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 01 August 2012 - 04:09 PM

thank you - I followed these steps but I don't see where the fss log after restart.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:52 AM

Posted 01 August 2012 - 04:10 PM

Please run the system look and FSS again and post the new logs

#9 mattsbach

mattsbach
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 01 August 2012 - 04:24 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 17:20 on 01/08/2012 by Owner
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\erdnt\cache64\services.exe --a---- 328704 bytes [19:02 19/07/2012] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{c647b46a-6d6b-8d07-01fd-6814141c9716}"
No folders found.

-= EOF =-



Farbar Service Scanner Version: 26-07-2012
Ran by Owner (administrator) on 01-08-2012 at 17:23:53
Running from "C:\Users\Owner\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:52 AM

Posted 01 August 2012 - 04:26 PM

That looks good

Delete this file

C:\windows\system32\services.exe.old

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 mattsbach

mattsbach
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:02:52 AM

Posted 01 August 2012 - 04:46 PM

thanks again for everything - I have finished all the last steps...well..installing java now.

CHEERS!

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:52 AM

Posted 01 August 2012 - 05:17 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users