Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Horrible Virus, Keeps coming back.


  • Please log in to reply
15 replies to this topic

#1 StupidMalware

StupidMalware

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 06 August 2012 - 10:01 PM

I've ran malwarebytes,SuperAntiSpyware, and Sophos is running now. The Virus won't come off and when I run a scan in safe mode it says it's gone but in regular it says it's there. The virus redirects every link I click on in google go to some other ad. Please help. I'll update if Sophos removes it.

Oh By the way Malwarebytes says
Trojan.dropper.bcminer
Rootkit.0Access
Rootkit.0Access

Edit: Ran Sophos...did nothing...

Edited by StupidMalware, 06 August 2012 - 10:15 PM.


BC AdBot (Login to Remove)

 


m

#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:19 PM

Posted 06 August 2012 - 11:30 PM

Please do not run any tools unless instructed

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 StupidMalware

StupidMalware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 07 August 2012 - 08:38 AM

Please do not run any tools unless instructed

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

awsMBR LOg:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-06 23:49:42
-----------------------------
23:49:42.112 OS Version: Windows x64 6.1.7601 Service Pack 1
23:49:42.112 Number of processors: 8 586 0x2A07
23:49:42.112 ComputerName: IAN-PC UserName: Ian
23:49:43.061 Initialize success
23:49:53.462 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:49:53.463 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
23:49:53.476 Disk 0 MBR read successfully
23:49:53.478 Disk 0 MBR scan
23:49:53.480 Disk 0 Windows 7 default MBR code
23:49:53.482 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
23:49:53.497 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 286161 MB offset 52430848
23:49:53.499 Disk 0 Partition - 00 0F Extended LBA 403641 MB offset 638488576
23:49:53.529 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 403640 MB offset 638490624
23:49:53.550 Disk 0 scanning C:\Windows\system32\drivers
23:49:58.499 Service scanning
23:50:07.342 Modules scanning
23:50:07.348 Disk 0 trace - called modules:
23:50:07.358 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
23:50:07.362 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800c09e790]
23:50:07.366 3 CLASSPNP.SYS[fffff88001bab43f] -> nt!IofCallDriver -> [0xfffffa800a206800]
23:50:07.370 5 ACPI.sys[fffff88000faa7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800a20e050]
23:50:07.374 Scan finished successfully
23:50:24.939 Disk 0 MBR has been saved successfully to "C:\Users\Ian\Desktop\MBR.dat"
23:50:24.943 The log file has been saved successfully to "C:\Users\Ian\Desktop\aswMBRLog.txt"

TDSSKiller:


23:44:37.0484 5928 ============================================================
23:44:37.0484 5928 Current date / time: 2012/08/06 23:44:37.0484
23:44:37.0484 5928 SystemInfo:
23:44:37.0484 5928
23:44:37.0484 5928 OS Version: 6.1.7601 ServicePack: 1.0
23:44:37.0484 5928 Product type: Workstation
23:44:37.0485 5928 ComputerName: IAN-PC
23:44:37.0485 5928 UserName: Ian
23:44:37.0485 5928 Windows directory: C:\Windows
23:44:37.0485 5928 System windows directory: C:\Windows
23:44:37.0485 5928 Running under WOW64
23:44:37.0485 5928 Processor architecture: Intel x64
23:44:37.0485 5928 Number of processors: 8
23:44:37.0485 5928 Page size: 0x1000
23:44:37.0485 5928 Boot type: Normal boot
23:44:37.0485 5928 ============================================================
23:44:37.0859 5928 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:44:37.0863 5928 ============================================================
23:44:37.0863 5928 \Device\Harddisk0\DR0:
23:44:37.0864 5928 MBR partitions:
23:44:37.0864 5928 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x22EE8800
23:44:37.0880 5928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x260E9800, BlocksNum 0x3145C000
23:44:37.0880 5928 ============================================================
23:44:37.0914 5928 C: <-> \Device\Harddisk0\DR0\Partition0
23:44:37.0946 5928 D: <-> \Device\Harddisk0\DR0\Partition1
23:44:37.0946 5928 ============================================================
23:44:37.0946 5928 Initialize success
23:44:37.0946 5928 ============================================================
23:44:39.0425 1532 ============================================================
23:44:39.0425 1532 Scan started
23:44:39.0425 1532 Mode: Manual;
23:44:39.0425 1532 ============================================================
23:44:40.0719 1532 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:44:40.0731 1532 1394ohci - ok
23:44:40.0767 1532 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:44:40.0770 1532 ACPI - ok
23:44:40.0791 1532 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:44:40.0792 1532 AcpiPmi - ok
23:44:40.0901 1532 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:44:40.0902 1532 AdobeFlashPlayerUpdateSvc - ok
23:44:40.0956 1532 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
23:44:40.0966 1532 adp94xx - ok
23:44:40.0992 1532 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
23:44:40.0995 1532 adpahci - ok
23:44:41.0014 1532 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
23:44:41.0021 1532 adpu320 - ok
23:44:41.0051 1532 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:44:41.0052 1532 AeLookupSvc - ok
23:44:41.0101 1532 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:44:41.0105 1532 AFD - ok
23:44:41.0124 1532 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:44:41.0125 1532 agp440 - ok
23:44:41.0167 1532 AiCharger (16f6f6b7903b913ab41ab848c8bb5658) C:\Windows\system32\DRIVERS\AiCharger.sys
23:44:41.0167 1532 AiCharger - ok
23:44:41.0181 1532 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:44:41.0183 1532 ALG - ok
23:44:41.0205 1532 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:44:41.0206 1532 aliide - ok
23:44:41.0209 1532 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:44:41.0210 1532 amdide - ok
23:44:41.0225 1532 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
23:44:41.0226 1532 AmdK8 - ok
23:44:41.0239 1532 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
23:44:41.0240 1532 AmdPPM - ok
23:44:41.0263 1532 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:44:41.0265 1532 amdsata - ok
23:44:41.0301 1532 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
23:44:41.0306 1532 amdsbs - ok
23:44:41.0331 1532 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:44:41.0332 1532 amdxata - ok
23:44:41.0398 1532 Amsp (e8494519bcb9e3b1b72e5604993a76e3) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
23:44:41.0399 1532 Amsp - ok
23:44:41.0434 1532 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:44:41.0435 1532 AppID - ok
23:44:41.0455 1532 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:44:41.0456 1532 AppIDSvc - ok
23:44:41.0477 1532 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:44:41.0478 1532 Appinfo - ok
23:44:41.0530 1532 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:44:41.0531 1532 Apple Mobile Device - ok
23:44:41.0552 1532 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
23:44:41.0553 1532 arc - ok
23:44:41.0577 1532 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
23:44:41.0578 1532 arcsas - ok
23:44:41.0635 1532 ASLDRService (a3626c6d3f2dc95497f3f61842d7fd89) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
23:44:41.0636 1532 ASLDRService - ok
23:44:41.0653 1532 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:44:41.0654 1532 ASMMAP64 - ok
23:44:41.0694 1532 AsusUacSvc (b6ef28ecee73b624d56df30ad562ae8d) C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
23:44:41.0695 1532 AsusUacSvc - ok
23:44:41.0706 1532 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:44:41.0706 1532 AsyncMac - ok
23:44:41.0719 1532 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:44:41.0720 1532 atapi - ok
23:44:41.0741 1532 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
23:44:41.0742 1532 AthBTPort - ok
23:44:41.0789 1532 Atheros Bt&Wlan Coex Agent (4c4a576818ea028257c624ae36ff7a03) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
23:44:41.0790 1532 Atheros Bt&Wlan Coex Agent - ok
23:44:41.0797 1532 AtherosSvc (21753130331188c4b474e1d3b396e629) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
23:44:41.0798 1532 AtherosSvc - ok
23:44:41.0954 1532 athr (b4174564ad5834a1680610572477878c) C:\Windows\system32\DRIVERS\athrx.sys
23:44:41.0994 1532 athr - ok
23:44:42.0064 1532 ATKGFNEXSrv (dbc598e47e7a382e60e2a4745d41fef9) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:44:42.0064 1532 ATKGFNEXSrv - ok
23:44:42.0124 1532 ATKWMIACPIIO_ (41ceaffcf3550785e59e3ec9bee8d97a) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
23:44:42.0124 1532 ATKWMIACPIIO_ - ok
23:44:42.0292 1532 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:44:42.0314 1532 AudioEndpointBuilder - ok
23:44:42.0319 1532 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:44:42.0322 1532 AudioSrv - ok
23:44:42.0347 1532 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:44:42.0348 1532 AxInstSV - ok
23:44:42.0425 1532 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
23:44:42.0433 1532 b06bdrv - ok
23:44:42.0480 1532 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:44:42.0488 1532 b57nd60a - ok
23:44:42.0549 1532 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
23:44:42.0550 1532 BBSvc - ok
23:44:42.0564 1532 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:44:42.0565 1532 BDESVC - ok
23:44:42.0572 1532 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:44:42.0573 1532 Beep - ok
23:44:42.0598 1532 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:44:42.0599 1532 blbdrive - ok
23:44:42.0666 1532 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
23:44:42.0669 1532 Bonjour Service - ok
23:44:42.0703 1532 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:44:42.0705 1532 bowser - ok
23:44:42.0722 1532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
23:44:42.0723 1532 BrFiltLo - ok
23:44:42.0734 1532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
23:44:42.0735 1532 BrFiltUp - ok
23:44:42.0751 1532 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:44:42.0753 1532 Browser - ok
23:44:42.0777 1532 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:44:42.0788 1532 Brserid - ok
23:44:42.0800 1532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:44:42.0801 1532 BrSerWdm - ok
23:44:42.0804 1532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:44:42.0804 1532 BrUsbMdm - ok
23:44:42.0807 1532 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:44:42.0808 1532 BrUsbSer - ok
23:44:42.0848 1532 BTATH_A2DP (fe70889a85c57a9268101b2db0474509) C:\Windows\system32\drivers\btath_a2dp.sys
23:44:42.0855 1532 BTATH_A2DP - ok
23:44:42.0878 1532 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
23:44:42.0878 1532 BTATH_BUS - ok
23:44:42.0897 1532 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
23:44:42.0901 1532 BTATH_HCRP - ok
23:44:42.0917 1532 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
23:44:42.0918 1532 BTATH_LWFLT - ok
23:44:42.0940 1532 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
23:44:42.0946 1532 BTATH_RCP - ok
23:44:42.0982 1532 BtFilter (aa0f5afcf077c5246589b32eceeae566) C:\Windows\system32\DRIVERS\btfilter.sys
23:44:42.0985 1532 BtFilter - ok
23:44:43.0023 1532 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
23:44:43.0024 1532 BthEnum - ok
23:44:43.0061 1532 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
23:44:43.0063 1532 BTHMODEM - ok
23:44:43.0080 1532 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
23:44:43.0082 1532 BthPan - ok
23:44:43.0126 1532 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
23:44:43.0137 1532 BTHPORT - ok
23:44:43.0173 1532 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:44:43.0175 1532 bthserv - ok
23:44:43.0192 1532 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
23:44:43.0193 1532 BTHUSB - ok
23:44:43.0217 1532 busenum (55913573c41cf091f93a1ac07965ea7e) C:\Windows\system32\DRIVERS\SteelBus64.sys
23:44:43.0219 1532 busenum - ok
23:44:43.0243 1532 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:44:43.0245 1532 cdfs - ok
23:44:43.0268 1532 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
23:44:43.0276 1532 cdrom - ok
23:44:43.0304 1532 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:44:43.0305 1532 CertPropSvc - ok
23:44:43.0321 1532 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
23:44:43.0322 1532 circlass - ok
23:44:43.0351 1532 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:44:43.0358 1532 CLFS - ok
23:44:43.0445 1532 CLHNServiceForPowerDVD (db26c2ba2ac0ab6be1cfa59f61ce22da) D:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
23:44:43.0446 1532 CLHNServiceForPowerDVD - ok
23:44:43.0500 1532 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:44:43.0501 1532 clr_optimization_v2.0.50727_32 - ok
23:44:43.0530 1532 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:44:43.0531 1532 clr_optimization_v2.0.50727_64 - ok
23:44:43.0593 1532 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:44:43.0593 1532 clr_optimization_v4.0.30319_32 - ok
23:44:43.0604 1532 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:44:43.0605 1532 clr_optimization_v4.0.30319_64 - ok
23:44:43.0624 1532 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:44:43.0625 1532 CmBatt - ok
23:44:43.0637 1532 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:44:43.0638 1532 cmdide - ok
23:44:43.0688 1532 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
23:44:43.0710 1532 CNG - ok
23:44:43.0736 1532 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
23:44:43.0737 1532 Compbatt - ok
23:44:43.0759 1532 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:44:43.0761 1532 CompositeBus - ok
23:44:43.0772 1532 COMSysApp - ok
23:44:43.0792 1532 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
23:44:43.0793 1532 crcdisk - ok
23:44:43.0844 1532 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
23:44:43.0844 1532 Creative ALchemy AL6 Licensing Service - ok
23:44:43.0859 1532 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
23:44:43.0860 1532 Creative Audio Engine Licensing Service - ok
23:44:43.0890 1532 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
23:44:43.0892 1532 CryptSvc - ok
23:44:43.0970 1532 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:44:43.0974 1532 cvhsvc - ok
23:44:44.0039 1532 CyberLink PowerDVD 11.0 Monitor Service (e27d60e5a51eedf9a57f5b69a9a6457d) D:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
23:44:44.0040 1532 CyberLink PowerDVD 11.0 Monitor Service - ok
23:44:44.0056 1532 CyberLink PowerDVD 11.0 Service (857943a77b06ac056771a3b12cd318dd) D:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
23:44:44.0057 1532 CyberLink PowerDVD 11.0 Service - ok
23:44:44.0093 1532 danewFltr (003626f7ca17c204f16cd5047af0703a) C:\Windows\system32\drivers\danew.sys
23:44:44.0094 1532 danewFltr - ok
23:44:44.0155 1532 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:44:44.0160 1532 DcomLaunch - ok
23:44:44.0203 1532 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:44:44.0206 1532 defragsvc - ok
23:44:44.0231 1532 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:44:44.0233 1532 DfsC - ok
23:44:44.0270 1532 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:44:44.0286 1532 Dhcp - ok
23:44:44.0300 1532 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:44:44.0301 1532 discache - ok
23:44:44.0330 1532 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
23:44:44.0332 1532 Disk - ok
23:44:44.0373 1532 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:44:44.0379 1532 Dnscache - ok
23:44:44.0400 1532 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:44:44.0411 1532 dot3svc - ok
23:44:44.0427 1532 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:44:44.0434 1532 DPS - ok
23:44:44.0446 1532 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:44:44.0447 1532 drmkaud - ok
23:44:44.0495 1532 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:44:44.0503 1532 DXGKrnl - ok
23:44:44.0538 1532 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:44:44.0540 1532 EapHost - ok
23:44:44.0702 1532 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
23:44:44.0747 1532 ebdrv - ok
23:44:44.0848 1532 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:44:44.0849 1532 EFS - ok
23:44:44.0933 1532 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:44:44.0937 1532 ehRecvr - ok
23:44:44.0962 1532 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:44:44.0963 1532 ehSched - ok
23:44:45.0028 1532 ekrn - ok
23:44:45.0097 1532 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
23:44:45.0111 1532 elxstor - ok
23:44:45.0119 1532 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:44:45.0120 1532 ErrDev - ok
23:44:45.0159 1532 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:44:45.0172 1532 EventSystem - ok
23:44:45.0206 1532 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:44:45.0211 1532 exfat - ok
23:44:45.0237 1532 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:44:45.0239 1532 fastfat - ok
23:44:45.0296 1532 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:44:45.0306 1532 Fax - ok
23:44:45.0333 1532 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
23:44:45.0334 1532 fdc - ok
23:44:45.0351 1532 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:44:45.0352 1532 fdPHost - ok
23:44:45.0365 1532 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:44:45.0366 1532 FDResPub - ok
23:44:45.0376 1532 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:44:45.0377 1532 FileInfo - ok
23:44:45.0386 1532 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:44:45.0387 1532 Filetrace - ok
23:44:45.0410 1532 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
23:44:45.0411 1532 flpydisk - ok
23:44:45.0437 1532 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:44:45.0439 1532 FltMgr - ok
23:44:45.0488 1532 FLxHCIc (bfda4d45d7c3e278d46f5bb0e5348c56) C:\Windows\system32\DRIVERS\FLxHCIc.sys
23:44:45.0494 1532 FLxHCIc - ok
23:44:45.0511 1532 FLxHCIh (7dab83e54f868806d919384ac3def762) C:\Windows\system32\DRIVERS\FLxHCIh.sys
23:44:45.0512 1532 FLxHCIh - ok
23:44:45.0583 1532 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:44:45.0600 1532 FontCache - ok
23:44:45.0656 1532 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:44:45.0657 1532 FontCache3.0.0.0 - ok
23:44:45.0671 1532 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:44:45.0672 1532 FsDepends - ok
23:44:45.0692 1532 fspad_win764 (3dfa8d4e50d608f8f732014614c84dd2) C:\Windows\system32\DRIVERS\fspad_win764.sys
23:44:45.0694 1532 fspad_win764 - ok
23:44:45.0725 1532 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
23:44:45.0726 1532 fssfltr - ok
23:44:45.0883 1532 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:44:45.0899 1532 fsssvc - ok
23:44:45.0997 1532 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
23:44:45.0997 1532 Fs_Rec - ok
23:44:46.0033 1532 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:44:46.0035 1532 fvevol - ok
23:44:46.0069 1532 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
23:44:46.0070 1532 gagp30kx - ok
23:44:46.0093 1532 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:44:46.0094 1532 GEARAspiWDM - ok
23:44:46.0146 1532 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:44:46.0159 1532 gpsvc - ok
23:44:46.0222 1532 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:44:46.0223 1532 gusvc - ok
23:44:46.0236 1532 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:44:46.0237 1532 hcw85cir - ok
23:44:46.0267 1532 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:44:46.0283 1532 HdAudAddService - ok
23:44:46.0317 1532 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:44:46.0319 1532 HDAudBus - ok
23:44:46.0332 1532 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
23:44:46.0333 1532 HidBatt - ok
23:44:46.0347 1532 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
23:44:46.0349 1532 HidBth - ok
23:44:46.0370 1532 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
23:44:46.0372 1532 HidIr - ok
23:44:46.0383 1532 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:44:46.0384 1532 hidserv - ok
23:44:46.0407 1532 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:44:46.0408 1532 HidUsb - ok
23:44:46.0439 1532 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:44:46.0441 1532 hkmsvc - ok
23:44:46.0470 1532 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:44:46.0482 1532 HomeGroupListener - ok
23:44:46.0507 1532 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:44:46.0516 1532 HomeGroupProvider - ok
23:44:46.0530 1532 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:44:46.0532 1532 HpSAMD - ok
23:44:46.0587 1532 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:44:46.0598 1532 HTTP - ok
23:44:46.0616 1532 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:44:46.0616 1532 hwpolicy - ok
23:44:46.0637 1532 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:44:46.0638 1532 i8042prt - ok
23:44:46.0683 1532 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
23:44:46.0685 1532 iaStor - ok
23:44:46.0748 1532 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:44:46.0757 1532 iaStorV - ok
23:44:46.0858 1532 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:44:46.0862 1532 idsvc - ok
23:44:46.0890 1532 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
23:44:46.0892 1532 iirsp - ok
23:44:46.0965 1532 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:44:46.0991 1532 IKEEXT - ok
23:44:47.0232 1532 IntcAzAudAddService (602788bf364d43e5878aa1b4f85c232b) C:\Windows\system32\drivers\RTKVHD64.sys
23:44:47.0296 1532 IntcAzAudAddService - ok
23:44:47.0392 1532 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:44:47.0393 1532 intelide - ok
23:44:47.0410 1532 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:44:47.0411 1532 intelppm - ok
23:44:47.0443 1532 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:44:47.0445 1532 IPBusEnum - ok
23:44:47.0462 1532 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:44:47.0463 1532 IpFilterDriver - ok
23:44:47.0475 1532 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:44:47.0477 1532 IPMIDRV - ok
23:44:47.0502 1532 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:44:47.0504 1532 IPNAT - ok
23:44:47.0592 1532 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
23:44:47.0596 1532 iPod Service - ok
23:44:47.0622 1532 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:44:47.0623 1532 IRENUM - ok
23:44:47.0644 1532 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:44:47.0645 1532 isapnp - ok
23:44:47.0674 1532 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:44:47.0683 1532 iScsiPrt - ok
23:44:47.0709 1532 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:44:47.0711 1532 kbdclass - ok
23:44:47.0731 1532 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
23:44:47.0732 1532 kbdhid - ok
23:44:47.0764 1532 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
23:44:47.0765 1532 kbfiltr - ok
23:44:47.0789 1532 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:44:47.0789 1532 KeyIso - ok
23:44:47.0821 1532 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
23:44:47.0822 1532 KSecDD - ok
23:44:47.0846 1532 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
23:44:47.0854 1532 KSecPkg - ok
23:44:47.0876 1532 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:44:47.0877 1532 ksthunk - ok
23:44:47.0908 1532 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:44:47.0912 1532 KtmRm - ok
23:44:47.0948 1532 L1C (033b4aed2c5519072c0d81e00804d003) C:\Windows\system32\DRIVERS\L1C62x64.sys
23:44:47.0950 1532 L1C - ok
23:44:47.0986 1532 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
23:44:47.0992 1532 LanmanServer - ok
23:44:48.0013 1532 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:44:48.0015 1532 LanmanWorkstation - ok
23:44:48.0040 1532 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:44:48.0041 1532 lltdio - ok
23:44:48.0083 1532 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:44:48.0097 1532 lltdsvc - ok
23:44:48.0118 1532 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:44:48.0119 1532 lmhosts - ok
23:44:48.0191 1532 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:44:48.0193 1532 LMS - ok
23:44:48.0249 1532 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
23:44:48.0250 1532 LSI_FC - ok
23:44:48.0265 1532 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
23:44:48.0266 1532 LSI_SAS - ok
23:44:48.0277 1532 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
23:44:48.0278 1532 LSI_SAS2 - ok
23:44:48.0296 1532 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
23:44:48.0298 1532 LSI_SCSI - ok
23:44:48.0312 1532 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:44:48.0314 1532 luafv - ok
23:44:48.0360 1532 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
23:44:48.0361 1532 MBAMProtector - ok
23:44:48.0428 1532 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:44:48.0432 1532 MBAMService - ok
23:44:48.0452 1532 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
23:44:48.0453 1532 MBfilt - ok
23:44:48.0471 1532 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:44:48.0473 1532 Mcx2Svc - ok
23:44:48.0481 1532 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
23:44:48.0482 1532 megasas - ok
23:44:48.0512 1532 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
23:44:48.0522 1532 MegaSR - ok
23:44:48.0544 1532 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
23:44:48.0545 1532 MEIx64 - ok
23:44:48.0557 1532 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:44:48.0558 1532 MMCSS - ok
23:44:48.0572 1532 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:44:48.0572 1532 Modem - ok
23:44:48.0592 1532 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:44:48.0593 1532 monitor - ok
23:44:48.0625 1532 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:44:48.0626 1532 mouclass - ok
23:44:48.0649 1532 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:44:48.0650 1532 mouhid - ok
23:44:48.0663 1532 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:44:48.0664 1532 mountmgr - ok
23:44:48.0726 1532 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:44:48.0727 1532 MozillaMaintenance - ok
23:44:48.0746 1532 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:44:48.0753 1532 mpio - ok
23:44:48.0766 1532 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:44:48.0767 1532 mpsdrv - ok
23:44:48.0782 1532 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:44:48.0783 1532 MRxDAV - ok
23:44:48.0811 1532 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:44:48.0822 1532 mrxsmb - ok
23:44:48.0851 1532 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:44:48.0854 1532 mrxsmb10 - ok
23:44:48.0876 1532 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:44:48.0877 1532 mrxsmb20 - ok
23:44:48.0887 1532 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:44:48.0888 1532 msahci - ok
23:44:48.0911 1532 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:44:48.0913 1532 msdsm - ok
23:44:48.0941 1532 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:44:48.0947 1532 MSDTC - ok
23:44:48.0968 1532 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:44:48.0969 1532 Msfs - ok
23:44:48.0981 1532 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:44:48.0982 1532 mshidkmdf - ok
23:44:48.0988 1532 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:44:48.0989 1532 msisadrv - ok
23:44:49.0016 1532 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:44:49.0018 1532 MSiSCSI - ok
23:44:49.0020 1532 msiserver - ok
23:44:49.0035 1532 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:44:49.0036 1532 MSKSSRV - ok
23:44:49.0046 1532 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:44:49.0046 1532 MSPCLOCK - ok
23:44:49.0057 1532 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:44:49.0058 1532 MSPQM - ok
23:44:49.0086 1532 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:44:49.0096 1532 MsRPC - ok
23:44:49.0116 1532 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
23:44:49.0117 1532 mssmbios - ok
23:44:49.0134 1532 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:44:49.0134 1532 MSTEE - ok
23:44:49.0146 1532 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
23:44:49.0147 1532 MTConfig - ok
23:44:49.0154 1532 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:44:49.0154 1532 Mup - ok
23:44:49.0201 1532 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:44:49.0223 1532 napagent - ok
23:44:49.0259 1532 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:44:49.0282 1532 NativeWifiP - ok
23:44:49.0373 1532 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
23:44:49.0399 1532 NDIS - ok
23:44:49.0422 1532 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:44:49.0423 1532 NdisCap - ok
23:44:49.0446 1532 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:44:49.0446 1532 NdisTapi - ok
23:44:49.0462 1532 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:44:49.0463 1532 Ndisuio - ok
23:44:49.0483 1532 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:44:49.0485 1532 NdisWan - ok
23:44:49.0503 1532 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:44:49.0504 1532 NDProxy - ok
23:44:49.0517 1532 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:44:49.0518 1532 NetBIOS - ok
23:44:49.0542 1532 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:44:49.0554 1532 NetBT - ok
23:44:49.0580 1532 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:44:49.0581 1532 Netlogon - ok
23:44:49.0626 1532 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:44:49.0639 1532 Netman - ok
23:44:49.0680 1532 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:44:49.0703 1532 netprofm - ok
23:44:49.0763 1532 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:44:49.0764 1532 NetTcpPortSharing - ok
23:44:49.0792 1532 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
23:44:49.0793 1532 nfrd960 - ok
23:44:49.0829 1532 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:44:49.0865 1532 NlaSvc - ok
23:44:49.0876 1532 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:44:49.0878 1532 Npfs - ok
23:44:49.0903 1532 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:44:49.0904 1532 nsi - ok
23:44:49.0919 1532 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:44:49.0919 1532 nsiproxy - ok
23:44:50.0028 1532 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:44:50.0052 1532 Ntfs - ok
23:44:50.0104 1532 ntk_PowerDVD (7420b2e1f65642129b6e23bd42f752aa) D:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
23:44:50.0104 1532 ntk_PowerDVD - ok
23:44:50.0191 1532 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:44:50.0192 1532 Null - ok
23:44:50.0240 1532 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
23:44:50.0246 1532 NVHDA - ok
23:44:50.0806 1532 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:44:50.0978 1532 nvlddmkm - ok
23:44:51.0121 1532 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:44:51.0129 1532 nvraid - ok
23:44:51.0149 1532 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:44:51.0157 1532 nvstor - ok
23:44:51.0251 1532 NVSvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
23:44:51.0276 1532 NVSvc - ok
23:44:51.0431 1532 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:44:51.0441 1532 nvUpdatusService - ok
23:44:51.0540 1532 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:44:51.0542 1532 nv_agp - ok
23:44:51.0556 1532 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:44:51.0557 1532 ohci1394 - ok
23:44:51.0611 1532 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:44:51.0612 1532 ose - ok
23:44:51.0859 1532 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:44:51.0914 1532 osppsvc - ok
23:44:51.0995 1532 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:44:51.0999 1532 p2pimsvc - ok
23:44:52.0047 1532 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:44:52.0074 1532 p2psvc - ok
23:44:52.0097 1532 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
23:44:52.0099 1532 Parport - ok
23:44:52.0131 1532 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
23:44:52.0132 1532 partmgr - ok
23:44:52.0147 1532 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:44:52.0150 1532 PcaSvc - ok
23:44:52.0178 1532 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:44:52.0185 1532 pci - ok
23:44:52.0191 1532 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:44:52.0192 1532 pciide - ok
23:44:52.0215 1532 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
23:44:52.0227 1532 pcmcia - ok
23:44:52.0245 1532 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:44:52.0246 1532 pcw - ok
23:44:52.0291 1532 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:44:52.0308 1532 PEAUTH - ok
23:44:52.0400 1532 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:44:52.0401 1532 PerfHost - ok
23:44:52.0495 1532 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:44:52.0531 1532 pla - ok
23:44:52.0613 1532 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:44:52.0626 1532 PlugPlay - ok
23:44:52.0641 1532 PnkBstrA - ok
23:44:52.0654 1532 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:44:52.0656 1532 PNRPAutoReg - ok
23:44:52.0682 1532 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:44:52.0684 1532 PNRPsvc - ok
23:44:52.0749 1532 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:44:52.0779 1532 PolicyAgent - ok
23:44:52.0811 1532 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:44:52.0820 1532 Power - ok
23:44:52.0858 1532 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:44:52.0860 1532 PptpMiniport - ok
23:44:52.0876 1532 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
23:44:52.0877 1532 Processor - ok
23:44:52.0903 1532 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
23:44:52.0916 1532 ProfSvc - ok
23:44:52.0939 1532 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:44:52.0940 1532 ProtectedStorage - ok
23:44:52.0959 1532 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:44:52.0961 1532 Psched - ok
23:44:53.0010 1532 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
23:44:53.0025 1532 PxHlpa64 - ok
23:44:53.0131 1532 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
23:44:53.0155 1532 ql2300 - ok
23:44:53.0249 1532 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
23:44:53.0250 1532 ql40xx - ok
23:44:53.0284 1532 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:44:53.0294 1532 QWAVE - ok
23:44:53.0302 1532 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:44:53.0303 1532 QWAVEdrv - ok
23:44:53.0317 1532 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:44:53.0317 1532 RasAcd - ok
23:44:53.0349 1532 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:44:53.0350 1532 RasAgileVpn - ok
23:44:53.0369 1532 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:44:53.0371 1532 RasAuto - ok
23:44:53.0393 1532 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:44:53.0395 1532 Rasl2tp - ok
23:44:53.0437 1532 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:44:53.0440 1532 RasMan - ok
23:44:53.0458 1532 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:44:53.0459 1532 RasPppoe - ok
23:44:53.0477 1532 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:44:53.0478 1532 RasSstp - ok
23:44:53.0508 1532 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:44:53.0511 1532 rdbss - ok
23:44:53.0533 1532 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
23:44:53.0534 1532 rdpbus - ok
23:44:53.0544 1532 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:44:53.0545 1532 RDPCDD - ok
23:44:53.0558 1532 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:44:53.0558 1532 RDPENCDD - ok
23:44:53.0565 1532 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:44:53.0565 1532 RDPREFMP - ok
23:44:53.0597 1532 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
23:44:53.0603 1532 RDPWD - ok
23:44:53.0629 1532 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:44:53.0632 1532 rdyboost - ok
23:44:53.0649 1532 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:44:53.0651 1532 RemoteAccess - ok
23:44:53.0677 1532 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:44:53.0684 1532 RemoteRegistry - ok
23:44:53.0710 1532 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
23:44:53.0716 1532 RFCOMM - ok
23:44:53.0727 1532 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:44:53.0729 1532 RpcEptMapper - ok
23:44:53.0746 1532 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:44:53.0746 1532 RpcLocator - ok
23:44:53.0785 1532 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:44:53.0789 1532 RpcSs - ok
23:44:53.0812 1532 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:44:53.0813 1532 rspndr - ok
23:44:53.0850 1532 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys
23:44:53.0862 1532 RSUSBVSTOR - ok
23:44:53.0904 1532 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:44:53.0913 1532 RTL8167 - ok
23:44:53.0946 1532 RzSynapse (f71eea505290b0aad48850f0d750702d) C:\Windows\system32\DRIVERS\RzSynapse.sys
23:44:53.0954 1532 RzSynapse - ok
23:44:53.0971 1532 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:44:53.0972 1532 SamSs - ok
23:44:54.0023 1532 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:44:54.0024 1532 SASDIFSV - ok
23:44:54.0042 1532 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:44:54.0043 1532 SASKUTIL - ok
23:44:54.0060 1532 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:44:54.0062 1532 sbp2port - ok
23:44:54.0084 1532 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:44:54.0090 1532 SCardSvr - ok
23:44:54.0158 1532 SCDEmu (efd61bd67e5ce72ca5ce8bb6ad3e1fdb) C:\Windows\system32\drivers\SCDEmu.sys
23:44:54.0166 1532 SCDEmu - ok
23:44:54.0178 1532 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:44:54.0179 1532 scfilter - ok
23:44:54.0229 1532 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:44:54.0248 1532 Schedule - ok
23:44:54.0280 1532 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:44:54.0280 1532 SCPolicySvc - ok
23:44:54.0306 1532 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:44:54.0308 1532 SDRSVC - ok
23:44:54.0392 1532 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:44:54.0394 1532 SeaPort - ok
23:44:54.0425 1532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:44:54.0426 1532 secdrv - ok
23:44:54.0439 1532 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:44:54.0441 1532 seclogon - ok
23:44:54.0456 1532 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:44:54.0458 1532 SENS - ok
23:44:54.0471 1532 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:44:54.0472 1532 SensrSvc - ok
23:44:54.0485 1532 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
23:44:54.0486 1532 Serenum - ok
23:44:54.0507 1532 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
23:44:54.0509 1532 Serial - ok
23:44:54.0534 1532 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
23:44:54.0535 1532 sermouse - ok
23:44:54.0546 1532 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:44:54.0548 1532 SessionEnv - ok
23:44:54.0560 1532 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:44:54.0560 1532 sffdisk - ok
23:44:54.0566 1532 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:44:54.0567 1532 sffp_mmc - ok
23:44:54.0582 1532 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:44:54.0583 1532 sffp_sd - ok
23:44:54.0598 1532 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
23:44:54.0599 1532 sfloppy - ok
23:44:54.0677 1532 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
23:44:54.0694 1532 Sftfs - ok
23:44:54.0774 1532 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:44:54.0776 1532 sftlist - ok
23:44:54.0804 1532 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:44:54.0815 1532 Sftplay - ok
23:44:54.0829 1532 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:44:54.0830 1532 Sftredir - ok
23:44:54.0840 1532 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
23:44:54.0841 1532 Sftvol - ok
23:44:54.0865 1532 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:44:54.0866 1532 sftvsa - ok
23:44:54.0906 1532 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:44:54.0916 1532 ShellHWDetection - ok
23:44:54.0951 1532 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
23:44:54.0952 1532 SiSGbeLH - ok
23:44:54.0971 1532 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
23:44:54.0972 1532 SiSRaid2 - ok
23:44:54.0988 1532 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
23:44:54.0990 1532 SiSRaid4 - ok
23:44:55.0191 1532 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:44:55.0204 1532 Skype C2C Service - ok
23:44:55.0258 1532 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files (x86)\Skype\Updater\Updater.exe
23:44:55.0259 1532 SkypeUpdate - ok
23:44:55.0347 1532 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:44:55.0348 1532 Smb - ok
23:44:55.0387 1532 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:44:55.0388 1532 SNMPTRAP - ok
23:44:55.0459 1532 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
23:44:55.0460 1532 speedfan - ok
23:44:55.0469 1532 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:44:55.0469 1532 spldr - ok
23:44:55.0506 1532 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:44:55.0513 1532 Spooler - ok
23:44:55.0678 1532 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:44:55.0726 1532 sppsvc - ok
23:44:55.0793 1532 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:44:55.0795 1532 sppuinotify - ok
23:44:55.0839 1532 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:44:55.0843 1532 srv - ok
23:44:55.0892 1532 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:44:55.0897 1532 srv2 - ok
23:44:55.0920 1532 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:44:55.0922 1532 srvnet - ok
23:44:55.0946 1532 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:44:55.0952 1532 SSDPSRV - ok
23:44:55.0958 1532 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:44:55.0960 1532 SstpSvc - ok
23:44:56.0018 1532 Steam Client Service - ok
23:44:56.0031 1532 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
23:44:56.0032 1532 stexstor - ok
23:44:56.0084 1532 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:44:56.0107 1532 stisvc - ok
23:44:56.0120 1532 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
23:44:56.0121 1532 swenum - ok
23:44:56.0160 1532 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:44:56.0191 1532 swprv - ok
23:44:56.0310 1532 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:44:56.0339 1532 SysMain - ok
23:44:56.0432 1532 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:44:56.0434 1532 TabletInputService - ok
23:44:56.0478 1532 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:44:56.0491 1532 TapiSrv - ok
23:44:56.0508 1532 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:44:56.0509 1532 TBS - ok
23:44:56.0628 1532 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
23:44:56.0661 1532 Tcpip - ok
23:44:56.0872 1532 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
23:44:56.0881 1532 TCPIP6 - ok
23:44:56.0932 1532 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:44:56.0933 1532 tcpipreg - ok
23:44:56.0945 1532 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:44:56.0946 1532 TDPIPE - ok
23:44:56.0960 1532 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:44:56.0961 1532 TDTCP - ok
23:44:56.0978 1532 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:44:56.0980 1532 tdx - ok
23:44:57.0006 1532 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
23:44:57.0007 1532 TermDD - ok
23:44:57.0059 1532 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:44:57.0089 1532 TermService - ok
23:44:57.0095 1532 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:44:57.0096 1532 Themes - ok
23:44:57.0123 1532 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:44:57.0124 1532 THREADORDER - ok
23:44:57.0172 1532 TiMiniService (69d76ce06bb629b69165c81d83a4b03e) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
23:44:57.0174 1532 TiMiniService - ok
23:44:57.0208 1532 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
23:44:57.0210 1532 tmactmon - ok
23:44:57.0224 1532 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
23:44:57.0226 1532 tmcomm - ok
23:44:57.0242 1532 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
23:44:57.0244 1532 tmevtmgr - ok
23:44:57.0262 1532 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
23:44:57.0264 1532 tmtdi - ok
23:44:57.0281 1532 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:44:57.0284 1532 TrkWks - ok
23:44:57.0330 1532 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:44:57.0331 1532 TrustedInstaller - ok
23:44:57.0354 1532 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:44:57.0355 1532 tssecsrv - ok
23:44:57.0374 1532 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:44:57.0375 1532 TsUsbFlt - ok
23:44:57.0391 1532 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
23:44:57.0393 1532 TsUsbGD - ok
23:44:57.0423 1532 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:44:57.0424 1532 tunnel - ok
23:44:57.0441 1532 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
23:44:57.0442 1532 TurboB - ok
23:44:57.0475 1532 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
23:44:57.0476 1532 TurboBoost - ok
23:44:57.0493 1532 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
23:44:57.0494 1532 uagp35 - ok
23:44:57.0525 1532 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:44:57.0528 1532 udfs - ok
23:44:57.0566 1532 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:44:57.0567 1532 UI0Detect - ok
23:44:57.0582 1532 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:44:57.0583 1532 uliagpkx - ok
23:44:57.0601 1532 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:44:57.0602 1532 umbus - ok
23:44:57.0621 1532 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
23:44:57.0622 1532 UmPass - ok
23:44:57.0821 1532 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:44:57.0833 1532 UNS - ok
23:44:57.0926 1532 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:44:57.0950 1532 upnphost - ok
23:44:57.0997 1532 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
23:44:57.0999 1532 USBAAPL64 - ok
23:44:58.0017 1532 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
23:44:58.0018 1532 usbaudio - ok
23:44:58.0041 1532 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:44:58.0043 1532 usbccgp - ok
23:44:58.0057 1532 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:44:58.0059 1532 usbcir - ok
23:44:58.0078 1532 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
23:44:58.0079 1532 usbehci - ok
23:44:58.0114 1532 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:44:58.0120 1532 usbhub - ok
23:44:58.0133 1532 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:44:58.0135 1532 usbohci - ok
23:44:58.0150 1532 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
23:44:58.0151 1532 usbprint - ok
23:44:58.0173 1532 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:44:58.0175 1532 USBSTOR - ok
23:44:58.0185 1532 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:44:58.0187 1532 usbuhci - ok
23:44:58.0228 1532 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
23:44:58.0240 1532 usbvideo - ok
23:44:58.0256 1532 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:44:58.0258 1532 UxSms - ok
23:44:58.0280 1532 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:44:58.0281 1532 VaultSvc - ok
23:44:58.0292 1532 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:44:58.0293 1532 vdrvroot - ok
23:44:58.0326 1532 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:44:58.0352 1532 vds - ok
23:44:58.0377 1532 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:44:58.0378 1532 vga - ok
23:44:58.0393 1532 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:44:58.0394 1532 VgaSave - ok
23:44:58.0416 1532 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:44:58.0420 1532 vhdmp - ok
23:44:58.0429 1532 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:44:58.0430 1532 viaide - ok
23:44:58.0473 1532 VideAceWindowsService (c37ce43fb54066ffb540729c6e6e194e) C:\ExpressGateUtil\VAWinService.exe
23:44:58.0473 1532 VideAceWindowsService - ok
23:44:58.0500 1532 VKbms (3b59bb6d10cf969dbe4db93d9ead7fb4) C:\Windows\system32\DRIVERS\VKbms.sys
23:44:58.0501 1532 VKbms - ok
23:44:58.0523 1532 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:44:58.0524 1532 volmgr - ok
23:44:58.0553 1532 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:44:58.0556 1532 volmgrx - ok
23:44:58.0593 1532 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:44:58.0612 1532 volsnap - ok
23:44:58.0630 1532 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
23:44:58.0633 1532 vsmraid - ok
23:44:58.0728 1532 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:44:58.0760 1532 VSS - ok
23:44:58.0892 1532 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
23:44:58.0896 1532 vToolbarUpdater11.2.0 - ok
23:44:58.0981 1532 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:44:58.0982 1532 vwifibus - ok
23:44:58.0994 1532 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:44:58.0995 1532 vwififlt - ok
23:44:59.0030 1532 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:44:59.0035 1532 W32Time - ok
23:44:59.0056 1532 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
23:44:59.0057 1532 WacomPen - ok
23:44:59.0082 1532 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:44:59.0084 1532 WANARP - ok
23:44:59.0086 1532 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:44:59.0086 1532 Wanarpv6 - ok
23:44:59.0178 1532 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
23:44:59.0205 1532 WatAdminSvc - ok
23:44:59.0317 1532 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:44:59.0345 1532 wbengine - ok
23:44:59.0427 1532 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:44:59.0434 1532 WbioSrvc - ok
23:44:59.0461 1532 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:44:59.0469 1532 wcncsvc - ok
23:44:59.0479 1532 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:44:59.0481 1532 WcsPlugInService - ok
23:44:59.0501 1532 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
23:44:59.0502 1532 Wd - ok
23:44:59.0550 1532 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:44:59.0557 1532 Wdf01000 - ok
23:44:59.0576 1532 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:44:59.0578 1532 WdiServiceHost - ok
23:44:59.0580 1532 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:44:59.0582 1532 WdiSystemHost - ok
23:44:59.0597 1532 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:44:59.0600 1532 WebClient - ok
23:44:59.0630 1532 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:44:59.0640 1532 Wecsvc - ok
23:44:59.0653 1532 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:44:59.0655 1532 wercplsupport - ok
23:44:59.0680 1532 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:44:59.0682 1532 WerSvc - ok
23:44:59.0709 1532 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:44:59.0710 1532 WfpLwf - ok
23:44:59.0738 1532 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
23:44:59.0744 1532 WimFltr - ok
23:44:59.0753 1532 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:44:59.0754 1532 WIMMount - ok
23:44:59.0756 1532 WinHttpAutoProxySvc - ok
23:44:59.0812 1532 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:44:59.0815 1532 Winmgmt - ok
23:44:59.0933 1532 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:44:59.0966 1532 WinRM - ok
23:45:00.0072 1532 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
23:45:00.0073 1532 WinUsb - ok
23:45:00.0138 1532 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:45:00.0150 1532 Wlansvc - ok
23:45:00.0201 1532 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:45:00.0201 1532 wlcrasvc - ok
23:45:00.0343 1532 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:45:00.0371 1532 wlidsvc - ok
23:45:00.0430 1532 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:45:00.0431 1532 WmiAcpi - ok
23:45:00.0478 1532 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:45:00.0482 1532 wmiApSrv - ok
23:45:00.0513 1532 WMPNetworkSvc - ok
23:45:00.0521 1532 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:45:00.0523 1532 WPCSvc - ok
23:45:00.0537 1532 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:45:00.0538 1532 WPDBusEnum - ok
23:45:00.0550 1532 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:45:00.0551 1532 ws2ifsl - ok
23:45:00.0553 1532 WSearch - ok
23:45:00.0572 1532 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:45:00.0573 1532 WudfPf - ok
23:45:00.0599 1532 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:45:00.0601 1532 WUDFRd - ok
23:45:00.0617 1532 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:45:00.0619 1532 wudfsvc - ok
23:45:00.0644 1532 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:45:00.0646 1532 WwanSvc - ok
23:45:00.0685 1532 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
23:45:00.0687 1532 xusb21 - ok
23:45:00.0748 1532 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (1870a74ee2901ca09ffbfe79a5ee0e94) D:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl
23:45:00.0749 1532 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
23:45:00.0791 1532 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:45:00.0981 1532 \Device\Harddisk0\DR0 - ok
23:45:00.0983 1532 Boot (0x1200) (134af79d956c7368b5c0828774a56b1c) \Device\Harddisk0\DR0\Partition0
23:45:00.0984 1532 \Device\Harddisk0\DR0\Partition0 - ok
23:45:01.0003 1532 Boot (0x1200) (bffa971f88d95b5137f51739de8adacc) \Device\Harddisk0\DR0\Partition1
23:45:01.0009 1532 \Device\Harddisk0\DR0\Partition1 - ok
23:45:01.0011 1532 ============================================================
23:45:01.0011 1532 Scan finished
23:45:01.0011 1532 ============================================================
23:45:01.0019 5444 Detected object count: 0
23:45:01.0019 5444 Actual detected object count: 0
23:46:44.0581 6948 ============================================================
23:46:44.0581 6948 Scan started
23:46:44.0581 6948 Mode: Manual; TDLFS;
23:46:44.0581 6948 ============================================================
23:46:45.0002 6948 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:46:45.0008 6948 1394ohci - ok
23:46:45.0044 6948 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:46:45.0056 6948 ACPI - ok
23:46:45.0068 6948 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:46:45.0069 6948 AcpiPmi - ok
23:46:45.0164 6948 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:46:45.0165 6948 AdobeFlashPlayerUpdateSvc - ok
23:46:45.0203 6948 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
23:46:45.0209 6948 adp94xx - ok
23:46:45.0229 6948 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
23:46:45.0232 6948 adpahci - ok
23:46:45.0259 6948 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
23:46:45.0264 6948 adpu320 - ok
23:46:45.0294 6948 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:46:45.0296 6948 AeLookupSvc - ok
23:46:45.0339 6948 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:46:45.0348 6948 AFD - ok
23:46:45.0368 6948 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:46:45.0369 6948 agp440 - ok
23:46:45.0385 6948 AiCharger (16f6f6b7903b913ab41ab848c8bb5658) C:\Windows\system32\DRIVERS\AiCharger.sys
23:46:45.0386 6948 AiCharger - ok
23:46:45.0400 6948 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:46:45.0402 6948 ALG - ok
23:46:45.0414 6948 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:46:45.0415 6948 aliide - ok
23:46:45.0418 6948 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:46:45.0419 6948 amdide - ok
23:46:45.0435 6948 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
23:46:45.0436 6948 AmdK8 - ok
23:46:45.0451 6948 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
23:46:45.0452 6948 AmdPPM - ok
23:46:45.0475 6948 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:46:45.0477 6948 amdsata - ok
23:46:45.0504 6948 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
23:46:45.0508 6948 amdsbs - ok
23:46:45.0534 6948 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:46:45.0535 6948 amdxata - ok
23:46:45.0592 6948 Amsp (e8494519bcb9e3b1b72e5604993a76e3) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
23:46:45.0593 6948 Amsp - ok
23:46:45.0603 6948 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:46:45.0604 6948 AppID - ok
23:46:45.0615 6948 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:46:45.0616 6948 AppIDSvc - ok
23:46:45.0628 6948 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:46:45.0630 6948 Appinfo - ok
23:46:45.0682 6948 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:46:45.0683 6948 Apple Mobile Device - ok
23:46:45.0703 6948 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
23:46:45.0704 6948 arc - ok
23:46:45.0720 6948 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
23:46:45.0722 6948 arcsas - ok
23:46:45.0772 6948 ASLDRService (a3626c6d3f2dc95497f3f61842d7fd89) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
23:46:45.0772 6948 ASLDRService - ok
23:46:45.0788 6948 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:46:45.0789 6948 ASMMAP64 - ok
23:46:45.0812 6948 AsusUacSvc (b6ef28ecee73b624d56df30ad562ae8d) C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
23:46:45.0812 6948 AsusUacSvc - ok
23:46:45.0823 6948 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:46:45.0824 6948 AsyncMac - ok
23:46:45.0837 6948 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:46:45.0837 6948 atapi - ok
23:46:45.0860 6948 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
23:46:45.0861 6948 AthBTPort - ok
23:46:45.0902 6948 Atheros Bt&Wlan Coex Agent (4c4a576818ea028257c624ae36ff7a03) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
23:46:45.0909 6948 Atheros Bt&Wlan Coex Agent - ok
23:46:45.0926 6948 AtherosSvc (21753130331188c4b474e1d3b396e629) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
23:46:45.0927 6948 AtherosSvc - ok
23:46:46.0077 6948 athr (b4174564ad5834a1680610572477878c) C:\Windows\system32\DRIVERS\athrx.sys
23:46:46.0112 6948 athr - ok
23:46:46.0156 6948 ATKGFNEXSrv (dbc598e47e7a382e60e2a4745d41fef9) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:46:46.0157 6948 ATKGFNEXSrv - ok
23:46:46.0184 6948 ATKWMIACPIIO_ (41ceaffcf3550785e59e3ec9bee8d97a) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
23:46:46.0184 6948 ATKWMIACPIIO_ - ok
23:46:46.0306 6948 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:46:46.0316 6948 AudioEndpointBuilder - ok
23:46:46.0321 6948 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:46:46.0324 6948 AudioSrv - ok
23:46:46.0341 6948 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:46:46.0343 6948 AxInstSV - ok
23:46:46.0395 6948 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
23:46:46.0401 6948 b06bdrv - ok
23:46:46.0432 6948 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:46:46.0440 6948 b57nd60a - ok
23:46:46.0476 6948 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
23:46:46.0477 6948 BBSvc - ok
23:46:46.0492 6948 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:46:46.0494 6948 BDESVC - ok
23:46:46.0499 6948 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:46:46.0499 6948 Beep - ok
23:46:46.0508 6948 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:46:46.0509 6948 blbdrive - ok
23:46:46.0568 6948 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
23:46:46.0570 6948 Bonjour Service - ok
23:46:46.0597 6948 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:46:46.0599 6948 bowser - ok
23:46:46.0615 6948 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
23:46:46.0616 6948 BrFiltLo - ok
23:46:46.0627 6948 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
23:46:46.0628 6948 BrFiltUp - ok
23:46:46.0648 6948 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:46:46.0655 6948 Browser - ok
23:46:46.0678 6948 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:46:46.0681 6948 Brserid - ok
23:46:46.0693 6948 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:46:46.0694 6948 BrSerWdm - ok
23:46:46.0696 6948 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:46:46.0697 6948 BrUsbMdm - ok
23:46:46.0699 6948 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:46:46.0700 6948 BrUsbSer - ok
23:46:46.0733 6948 BTATH_A2DP (fe70889a85c57a9268101b2db0474509) C:\Windows\system32\drivers\btath_a2dp.sys
23:46:46.0740 6948 BTATH_A2DP - ok
23:46:46.0754 6948 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
23:46:46.0756 6948 BTATH_BUS - ok
23:46:46.0783 6948 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
23:46:46.0795 6948 BTATH_HCRP - ok
23:46:46.0811 6948 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
23:46:46.0812 6948 BTATH_LWFLT - ok
23:46:46.0832 6948 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
23:46:46.0840 6948 BTATH_RCP - ok
23:46:46.0863 6948 BtFilter (aa0f5afcf077c5246589b32eceeae566) C:\Windows\system32\DRIVERS\btfilter.sys
23:46:46.0868 6948 BtFilter - ok
23:46:46.0891 6948 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
23:46:46.0892 6948 BthEnum - ok
23:46:46.0905 6948 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
23:46:46.0906 6948 BTHMODEM - ok
23:46:46.0926 6948 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
23:46:46.0928 6948 BthPan - ok
23:46:46.0969 6948 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
23:46:46.0980 6948 BTHPORT - ok
23:46:46.0993 6948 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:46:46.0995 6948 bthserv - ok
23:46:47.0010 6948 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
23:46:47.0011 6948 BTHUSB - ok
23:46:47.0037 6948 busenum (55913573c41cf091f93a1ac07965ea7e) C:\Windows\system32\DRIVERS\SteelBus64.sys
23:46:47.0038 6948 busenum - ok
23:46:47.0055 6948 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:46:47.0057 6948 cdfs - ok
23:46:47.0080 6948 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
23:46:47.0086 6948 cdrom - ok
23:46:47.0098 6948 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:46:47.0099 6948 CertPropSvc - ok
23:46:47.0114 6948 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
23:46:47.0115 6948 circlass - ok
23:46:47.0148 6948 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:46:47.0160 6948 CLFS - ok
23:46:47.0162 6948 CLHNServiceForPowerDVD (db26c2ba2ac0ab6be1cfa59f61ce22da) D:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
23:46:47.0163 6948 CLHNServiceForPowerDVD - ok
23:46:47.0219 6948 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:46:47.0219 6948 clr_optimization_v2.0.50727_32 - ok
23:46:47.0249 6948 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:46:47.0249 6948 clr_optimization_v2.0.50727_64 - ok
23:46:47.0294 6948 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:46:47.0295 6948 clr_optimization_v4.0.30319_32 - ok
23:46:47.0309 6948 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:46:47.0310 6948 clr_optimization_v4.0.30319_64 - ok
23:46:47.0333 6948 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:46:47.0334 6948 CmBatt - ok
23:46:47.0346 6948 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:46:47.0347 6948 cmdide - ok
23:46:47.0387 6948 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
23:46:47.0389 6948 CNG - ok
23:46:47.0395 6948 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
23:46:47.0396 6948 Compbatt - ok
23:46:47.0411 6948 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:46:47.0411 6948 CompositeBus - ok
23:46:47.0413 6948 COMSysApp - ok
23:46:47.0427 6948 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
23:46:47.0428 6948 crcdisk - ok
23:46:47.0479 6948 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
23:46:47.0480 6948 Creative ALchemy AL6 Licensing Service - ok
23:46:47.0496 6948 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
23:46:47.0496 6948 Creative Audio Engine Licensing Service - ok
23:46:47.0529 6948 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
23:46:47.0530 6948 CryptSvc - ok
23:46:47.0596 6948 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:46:47.0600 6948 cvhsvc - ok
23:46:47.0602 6948 CyberLink PowerDVD 11.0 Monitor Service (e27d60e5a51eedf9a57f5b69a9a6457d) D:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
23:46:47.0603 6948 CyberLink PowerDVD 11.0 Monitor Service - ok
23:46:47.0606 6948 CyberLink PowerDVD 11.0 Service (857943a77b06ac056771a3b12cd318dd) D:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
23:46:47.0607 6948 CyberLink PowerDVD 11.0 Service - ok
23:46:47.0628 6948 danewFltr (003626f7ca17c204f16cd5047af0703a) C:\Windows\system32\drivers\danew.sys
23:46:47.0629 6948 danewFltr - ok
23:46:47.0674 6948 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:46:47.0677 6948 DcomLaunch - ok
23:46:47.0724 6948 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:46:47.0725 6948 defragsvc - ok
23:46:47.0743 6948 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:46:47.0744 6948 DfsC - ok
23:46:47.0772 6948 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:46:47.0774 6948 Dhcp - ok
23:46:47.0785 6948 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:46:47.0786 6948 discache - ok
23:46:47.0801 6948 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
23:46:47.0801 6948 Disk - ok
23:46:47.0826 6948 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:46:47.0827 6948 Dnscache - ok
23:46:47.0854 6948 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:46:47.0856 6948 dot3svc - ok
23:46:47.0876 6948 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:46:47.0877 6948 DPS - ok
23:46:47.0890 6948 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:46:47.0890 6948 drmkaud - ok
23:46:47.0951 6948 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:46:47.0960 6948 DXGKrnl - ok
23:46:47.0982 6948 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:46:47.0983 6948 EapHost - ok
23:46:48.0135 6948 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
23:46:48.0149 6948 ebdrv - ok
23:46:48.0249 6948 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:46:48.0250 6948 EFS - ok
23:46:48.0330 6948 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:46:48.0333 6948 ehRecvr - ok
23:46:48.0356 6948 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:46:48.0356 6948 ehSched - ok
23:46:48.0405 6948 ekrn - ok
23:46:48.0448 6948 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
23:46:48.0451 6948 elxstor - ok
23:46:48.0462 6948 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:46:48.0462 6948 ErrDev - ok
23:46:48.0510 6948 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:46:48.0512 6948 EventSystem - ok
23:46:48.0534 6948 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:46:48.0536 6948 exfat - ok
23:46:48.0558 6948 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:46:48.0559 6948 fastfat - ok
23:46:48.0609 6948 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:46:48.0613 6948 Fax - ok
23:46:48.0626 6948 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
23:46:48.0627 6948 fdc - ok
23:46:48.0637 6948 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:46:48.0637 6948 fdPHost - ok
23:46:48.0651 6948 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:46:48.0652 6948 FDResPub - ok
23:46:48.0662 6948 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:46:48.0662 6948 FileInfo - ok
23:46:48.0672 6948 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:46:48.0672 6948 Filetrace - ok
23:46:48.0696 6948 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
23:46:48.0697 6948 flpydisk - ok
23:46:48.0727 6948 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:46:48.0729 6948 FltMgr - ok
23:46:48.0768 6948 FLxHCIc (bfda4d45d7c3e278d46f5bb0e5348c56) C:\Windows\system32\DRIVERS\FLxHCIc.sys
23:46:48.0769 6948 FLxHCIc - ok
23:46:48.0796 6948 FLxHCIh (7dab83e54f868806d919384ac3def762) C:\Windows\system32\DRIVERS\FLxHCIh.sys
23:46:48.0797 6948 FLxHCIh - ok
23:46:48.0874 6948 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:46:48.0879 6948 FontCache - ok
23:46:48.0925 6948 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:46:48.0925 6948 FontCache3.0.0.0 - ok
23:46:48.0940 6948 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:46:48.0940 6948 FsDepends - ok
23:46:48.0953 6948 fspad_win764 (3dfa8d4e50d608f8f732014614c84dd2) C:\Windows\system32\DRIVERS\fspad_win764.sys
23:46:48.0953 6948 fspad_win764 - ok
23:46:48.0969 6948 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
23:46:48.0969 6948 fssfltr - ok
23:46:49.0119 6948 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:46:49.0126 6948 fsssvc - ok
23:46:49.0215 6948 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
23:46:49.0217 6948 Fs_Rec - ok
23:46:49.0245 6948 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:46:49.0246 6948 fvevol - ok
23:46:49.0262 6948 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
23:46:49.0263 6948 gagp30kx - ok
23:46:49.0287 6948 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:46:49.0288 6948 GEARAspiWDM - ok
23:46:49.0342 6948 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:46:49.0346 6948 gpsvc - ok
23:46:49.0387 6948 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:46:49.0388 6948 gusvc - ok
23:46:49.0404 6948 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:46:49.0405 6948 hcw85cir - ok
23:46:49.0434 6948 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:46:49.0436 6948 HdAudAddService - ok
23:46:49.0459 6948 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:46:49.0459 6948 HDAudBus - ok
23:46:49.0475 6948 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
23:46:49.0475 6948 HidBatt - ok
23:46:49.0493 6948 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
23:46:49.0494 6948 HidBth - ok
23:46:49.0506 6948 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
23:46:49.0506 6948 HidIr - ok
23:46:49.0517 6948 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:46:49.0518 6948 hidserv - ok
23:46:49.0533 6948 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:46:49.0534 6948 HidUsb - ok
23:46:49.0559 6948 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:46:49.0560 6948 hkmsvc - ok
23:46:49.0581 6948 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:46:49.0582 6948 HomeGroupListener - ok
23:46:49.0613 6948 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:46:49.0614 6948 HomeGroupProvider - ok
23:46:49.0632 6948 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:46:49.0633 6948 HpSAMD - ok
23:46:49.0691 6948 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:46:49.0695 6948 HTTP - ok
23:46:49.0701 6948 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:46:49.0702 6948 hwpolicy - ok
23:46:49.0721 6948 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:46:49.0721 6948 i8042prt - ok
23:46:49.0762 6948 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
23:46:49.0771 6948 iaStor - ok
23:46:49.0820 6948 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:46:49.0822 6948 iaStorV - ok
23:46:49.0922 6948 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:46:49.0926 6948 idsvc - ok
23:46:49.0941 6948 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
23:46:49.0942 6948 iirsp - ok
23:46:50.0009 6948 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:46:50.0013 6948 IKEEXT - ok
23:46:50.0242 6948 IntcAzAudAddService (602788bf364d43e5878aa1b4f85c232b) C:\Windows\system32\drivers\RTKVHD64.sys
23:46:50.0305 6948 IntcAzAudAddService - ok
23:46:50.0402 6948 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:46:50.0403 6948 intelide - ok
23:46:50.0420 6948 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:46:50.0421 6948 intelppm - ok
23:46:50.0435 6948 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:46:50.0436 6948 IPBusEnum - ok
23:46:50.0455 6948 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:46:50.0455 6948 IpFilterDriver - ok
23:46:50.0468 6948 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:46:50.0469 6948 IPMIDRV - ok
23:46:50.0489 6948 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:46:50.0490 6948 IPNAT - ok
23:46:50.0566 6948 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
23:46:50.0570 6948 iPod Service - ok
23:46:50.0583 6948 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:46:50.0583 6948 IRENUM - ok
23:46:50.0595 6948 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:46:50.0596 6948 isapnp - ok
23:46:50.0623 6948 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:46:50.0625 6948 iScsiPrt - ok
23:46:50.0644 6948 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:46:50.0645 6948 kbdclass - ok
23:46:50.0657 6948 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
23:46:50.0658 6948 kbdhid - ok
23:46:50.0675 6948 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
23:46:50.0676 6948 kbfiltr - ok
23:46:50.0714 6948 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:46:50.0714 6948 KeyIso - ok
23:46:50.0736 6948 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
23:46:50.0737 6948 KSecDD - ok
23:46:50.0760 6948 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
23:46:50.0761 6948 KSecPkg - ok
23:46:50.0769 6948 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:46:50.0769 6948 ksthunk - ok
23:46:50.0803 6948 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:46:50.0805 6948 KtmRm - ok
23:46:50.0817 6948 L1C (033b4aed2c5519072c0d81e00804d003) C:\Windows\system32\DRIVERS\L1C62x64.sys
23:46:50.0817 6948 L1C - ok
23:46:50.0854 6948 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
23:46:50.0855 6948 LanmanServer - ok
23:46:50.0879 6948 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:46:50.0880 6948 LanmanWorkstation - ok
23:46:50.0891 6948 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:46:50.0892 6948 lltdio - ok
23:46:50.0928 6948 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:46:50.0930 6948 lltdsvc - ok
23:46:50.0946 6948 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:46:50.0946 6948 lmhosts - ok
23:46:51.0008 6948 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:46:51.0010 6948 LMS - ok
23:46:51.0033 6948 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
23:46:51.0034 6948 LSI_FC - ok
23:46:51.0052 6948 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
23:46:51.0053 6948 LSI_SAS - ok
23:46:51.0063 6948 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
23:46:51.0063 6948 LSI_SAS2 - ok
23:46:51.0080 6948 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
23:46:51.0081 6948 LSI_SCSI - ok
23:46:51.0097 6948 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:46:51.0098 6948 luafv - ok
23:46:51.0112 6948 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
23:46:51.0113 6948 MBAMProtector - ok
23:46:51.0176 6948 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:46:51.0179 6948 MBAMService - ok
23:46:51.0188 6948 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
23:46:51.0189 6948 MBfilt - ok
23:46:51.0208 6948 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:46:51.0209 6948 Mcx2Svc - ok
23:46:51.0216 6948 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
23:46:51.0216 6948 megasas - ok
23:46:51.0245 6948 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
23:46:51.0247 6948 MegaSR - ok
23:46:51.0264 6948 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
23:46:51.0265 6948 MEIx64 - ok
23:46:51.0284 6948 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:46:51.0285 6948 MMCSS - ok
23:46:51.0298 6948 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:46:51.0299 6948 Modem - ok
23:46:51.0311 6948 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:46:51.0312 6948 monitor - ok
23:46:51.0326 6948 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:46:51.0327 6948 mouclass - ok
23:46:51.0333 6948 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:46:51.0334 6948 mouhid - ok
23:46:51.0349 6948 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:46:51.0350 6948 mountmgr - ok
23:46:51.0395 6948 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:46:51.0396 6948 MozillaMaintenance - ok
23:46:51.0414 6948 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:46:51.0415 6948 mpio - ok
23:46:51.0428 6948 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:46:51.0429 6948 mpsdrv - ok
23:46:51.0450 6948 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:46:51.0451 6948 MRxDAV - ok
23:46:51.0481 6948 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:46:51.0482 6948 mrxsmb - ok
23:46:51.0508 6948 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:46:51.0509 6948 mrxsmb10 - ok
23:46:51.0528 6948 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:46:51.0528 6948 mrxsmb20 - ok
23:46:51.0538 6948 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:46:51.0539 6948 msahci - ok
23:46:51.0565 6948 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:46:51.0566 6948 msdsm - ok
23:46:51.0584 6948 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:46:51.0585 6948 MSDTC - ok
23:46:51.0608 6948 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:46:51.0608 6948 Msfs - ok
23:46:51.0616 6948 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:46:51.0617 6948 mshidkmdf - ok
23:46:51.0622 6948 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:46:51.0623 6948 msisadrv - ok
23:46:51.0654 6948 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:46:51.0656 6948 MSiSCSI - ok
23:46:51.0658 6948 msiserver - ok
23:46:51.0696 6948 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:46:51.0696 6948 MSKSSRV - ok
23:46:51.0706 6948 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:46:51.0707 6948 MSPCLOCK - ok
23:46:51.0717 6948 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:46:51.0718 6948 MSPQM - ok
23:46:51.0752 6948 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:46:51.0754 6948 MsRPC - ok
23:46:51.0768 6948 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
23:46:51.0769 6948 mssmbios - ok
23:46:51.0778 6948 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:46:51.0778 6948 MSTEE - ok
23:46:51.0789 6948 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
23:46:51.0790 6948 MTConfig - ok
23:46:51.0796 6948 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:46:51.0797 6948 Mup - ok
23:46:51.0840 6948 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:46:51.0843 6948 napagent - ok
23:46:51.0879 6948 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:46:51.0880 6948 NativeWifiP - ok
23:46:51.0943 6948 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
23:46:51.0948 6948 NDIS - ok
23:46:51.0964 6948 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:46:51.0964 6948 NdisCap - ok
23:46:51.0973 6948 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:46:51.0974 6948 NdisTapi - ok
23:46:51.0988 6948 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:46:51.0989 6948 Ndisuio - ok
23:46:52.0009 6948 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:46:52.0010 6948 NdisWan - ok
23:46:52.0021 6948 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:46:52.0021 6948 NDProxy - ok
23:46:52.0035 6948 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:46:52.0036 6948 NetBIOS - ok
23:46:52.0065 6948 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:46:52.0066 6948 NetBT - ok
23:46:52.0090 6948 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:46:52.0091 6948 Netlogon - ok
23:46:52.0121 6948 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:46:52.0123 6948 Netman - ok
23:46:52.0155 6948 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:46:52.0158 6948 netprofm - ok
23:46:52.0216 6948 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:46:52.0217 6948 NetTcpPortSharing - ok
23:46:52.0235 6948 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
23:46:52.0235 6948 nfrd960 - ok
23:46:52.0266 6948 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:46:52.0268 6948 NlaSvc - ok
23:46:52.0286 6948 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:46:52.0287 6948 Npfs - ok
23:46:52.0313 6948 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:46:52.0314 6948 nsi - ok
23:46:52.0321 6948 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:46:52.0321 6948 nsiproxy - ok
23:46:52.0430 6948 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:46:52.0437 6948 Ntfs - ok
23:46:52.0440 6948 ntk_PowerDVD (7420b2e1f65642129b6e23bd42f752aa) D:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
23:46:52.0440 6948 ntk_PowerDVD - ok
23:46:52.0517 6948 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:46:52.0518 6948 Null - ok
23:46:52.0549 6948 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
23:46:52.0556 6948 NVHDA - ok
23:46:53.0089 6948 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:46:53.0253 6948 nvlddmkm - ok
23:46:53.0331 6948 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:46:53.0332 6948 nvraid - ok
23:46:53.0353 6948 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:46:53.0354 6948 nvstor - ok
23:46:53.0434 6948 NVSvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
23:46:53.0439 6948 NVSvc - ok
23:46:53.0593 6948 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:46:53.0603 6948 nvUpdatusService - ok
23:46:53.0670 6948 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:46:53.0670 6948 nv_agp - ok
23:46:53.0683 6948 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:46:53.0684 6948 ohci1394 - ok
23:46:53.0729 6948 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:46:53.0730 6948 ose - ok
23:46:53.0980 6948 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:46:54.0001 6948 osppsvc - ok
23:46:54.0071 6948 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:46:54.0073 6948 p2pimsvc - ok
23:46:54.0116 6948 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:46:54.0119 6948 p2psvc - ok
23:46:54.0144 6948 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
23:46:54.0144 6948 Parport - ok
23:46:54.0175 6948 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
23:46:54.0176 6948 partmgr - ok
23:46:54.0191 6948 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:46:54.0192 6948 PcaSvc - ok
23:46:54.0216 6948 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:46:54.0217 6948 pci - ok
23:46:54.0226 6948 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:46:54.0227 6948 pciide - ok
23:46:54.0251 6948 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
23:46:54.0252 6948 pcmcia - ok
23:46:54.0264 6948 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:46:54.0266 6948 pcw - ok
23:46:54.0307 6948 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:46:54.0310 6948 PEAUTH - ok
23:46:54.0376 6948 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:46:54.0377 6948 PerfHost - ok
23:46:54.0464 6948 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:46:54.0471 6948 pla - ok
23:46:54.0506 6948 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:46:54.0509 6948 PlugPlay - ok
23:46:54.0511 6948 PnkBstrA - ok
23:46:54.0523 6948 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:46:54.0524 6948 PNRPAutoReg - ok
23:46:54.0545 6948 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:46:54.0548 6948 PNRPsvc - ok
23:46:54.0591 6948 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:46:54.0593 6948 PolicyAgent - ok
23:46:54.0622 6948 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:46:54.0623 6948 Power - ok
23:46:54.0661 6948 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:46:54.0662 6948 PptpMiniport - ok
23:46:54.0678 6948 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
23:46:54.0679 6948 Processor - ok
23:46:54.0707 6948 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
23:46:54.0709 6948 ProfSvc - ok
23:46:54.0732 6948 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:46:54.0733 6948 ProtectedStorage - ok
23:46:54.0754 6948 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:46:54.0755 6948 Psched - ok
23:46:54.0771 6948 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
23:46:54.0772 6948 PxHlpa64 - ok
23:46:54.0849 6948 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
23:46:54.0856 6948 ql2300 - ok
23:46:54.0952 6948 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
23:46:54.0953 6948 ql40xx - ok
23:46:54.0982 6948 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:46:54.0984 6948 QWAVE - ok
23:46:54.0996 6948 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:46:54.0996 6948 QWAVEdrv - ok
23:46:55.0010 6948 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:46:55.0011 6948 RasAcd - ok
23:46:55.0034 6948 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:46:55.0035 6948 RasAgileVpn - ok
23:46:55.0054 6948 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:46:55.0055 6948 RasAuto - ok
23:46:55.0071 6948 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:46:55.0071 6948 Rasl2tp - ok
23:46:55.0106 6948 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:46:55.0108 6948 RasMan - ok
23:46:55.0129 6948 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:46:55.0129 6948 RasPppoe - ok
23:46:55.0145 6948 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:46:55.0146 6948 RasSstp - ok
23:46:55.0173 6948 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:46:55.0174 6948 rdbss - ok
23:46:55.0185 6948 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
23:46:55.0185 6948 rdpbus - ok
23:46:55.0196 6948 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:46:55.0197 6948 RDPCDD - ok
23:46:55.0210 6948 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:46:55.0210 6948 RDPENCDD - ok
23:46:55.0217 6948 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:46:55.0217 6948 RDPREFMP - ok
23:46:55.0251 6948 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
23:46:55.0252 6948 RDPWD - ok
23:46:55.0275 6948 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:46:55.0276 6948 rdyboost - ok
23:46:55.0300 6948 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:46:55.0301 6948 RemoteAccess - ok
23:46:55.0322 6948 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:46:55.0323 6948 RemoteRegistry - ok
23:46:55.0346 6948 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
23:46:55.0347 6948 RFCOMM - ok
23:46:55.0362 6948 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:46:55.0364 6948 RpcEptMapper - ok
23:46:55.0372 6948 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:46:55.0373 6948 RpcLocator - ok
23:46:55.0415 6948 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:46:55.0419 6948 RpcSs - ok
23:46:55.0433 6948 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:46:55.0434 6948 rspndr - ok
23:46:55.0474 6948 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys
23:46:55.0476 6948 RSUSBVSTOR - ok
23:46:55.0506 6948 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:46:55.0514 6948 RTL8167 - ok
23:46:55.0542 6948 RzSynapse (f71eea505290b0aad48850f0d750702d) C:\Windows\system32\DRIVERS\RzSynapse.sys
23:46:55.0543 6948 RzSynapse - ok
23:46:55.0566 6948 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:46:55.0567 6948 SamSs - ok
23:46:55.0617 6948 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:46:55.0617 6948 SASDIFSV - ok
23:46:55.0628 6948 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:46:55.0628 6948 SASKUTIL - ok
23:46:55.0647 6948 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:46:55.0648 6948 sbp2port - ok
23:46:55.0668 6948 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:46:55.0670 6948 SCardSvr - ok
23:46:55.0702 6948 SCDEmu (efd61bd67e5ce72ca5ce8bb6ad3e1fdb) C:\Windows\system32\drivers\SCDEmu.sys
23:46:55.0710 6948 SCDEmu - ok
23:46:55.0722 6948 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:46:55.0723 6948 scfilter - ok
23:46:55.0792 6948 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:46:55.0798 6948 Schedule - ok
23:46:55.0832 6948 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:46:55.0832 6948 SCPolicySvc - ok
23:46:55.0847 6948 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:46:55.0849 6948 SDRSVC - ok
23:46:55.0913 6948 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:46:55.0914 6948 SeaPort - ok
23:46:55.0985 6948 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:46:55.0986 6948 secdrv - ok
23:46:55.0998 6948 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:46:56.0000 6948 seclogon - ok
23:46:56.0016 6948 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:46:56.0018 6948 SENS - ok
23:46:56.0030 6948 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:46:56.0031 6948 SensrSvc - ok
23:46:56.0045 6948 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
23:46:56.0045 6948 Serenum - ok
23:46:56.0059 6948 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
23:46:56.0060 6948 Serial - ok
23:46:56.0069 6948 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
23:46:56.0070 6948 sermouse - ok
23:46:56.0082 6948 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:46:56.0083 6948 SessionEnv - ok
23:46:56.0112 6948 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:46:56.0112 6948 sffdisk - ok
23:46:56.0118 6948 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:46:56.0118 6948 sffp_mmc - ok
23:46:56.0134 6948 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:46:56.0134 6948 sffp_sd - ok
23:46:56.0149 6948 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
23:46:56.0150 6948 sfloppy - ok
23:46:56.0205 6948 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
23:46:56.0214 6948 Sftfs - ok
23:46:56.0260 6948 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:46:56.0263 6948 sftlist - ok
23:46:56.0290 6948 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:46:56.0300 6948 Sftplay - ok
23:46:56.0314 6948 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:46:56.0315 6948 Sftredir - ok
23:46:56.0326 6948 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
23:46:56.0327 6948 Sftvol - ok
23:46:56.0353 6948 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:46:56.0355 6948 sftvsa - ok
23:46:56.0387 6948 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:46:56.0390 6948 ShellHWDetection - ok
23:46:56.0404 6948 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
23:46:56.0405 6948 SiSGbeLH - ok
23:46:56.0415 6948 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
23:46:56.0415 6948 SiSRaid2 - ok
23:46:56.0430 6948 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
23:46:56.0431 6948 SiSRaid4 - ok
23:46:56.0608 6948 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:46:56.0645 6948 Skype C2C Service - ok
23:46:56.0685 6948 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files (x86)\Skype\Updater\Updater.exe
23:46:56.0686 6948 SkypeUpdate - ok
23:46:56.0785 6948 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:46:56.0786 6948 Smb - ok
23:46:56.0798 6948 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:46:56.0799 6948 SNMPTRAP - ok
23:46:56.0870 6948 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
23:46:56.0871 6948 speedfan - ok
23:46:56.0879 6948 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:46:56.0880 6948 spldr - ok
23:46:56.0917 6948 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:46:56.0921 6948 Spooler - ok
23:46:57.0131 6948 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:46:57.0146 6948 sppsvc - ok
23:46:57.0237 6948 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:46:57.0238 6948 sppuinotify - ok
23:46:57.0299 6948 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:46:57.0302 6948 srv - ok
23:46:57.0332 6948 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:46:57.0334 6948 srv2 - ok
23:46:57.0356 6948 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:46:57.0357 6948 srvnet - ok
23:46:57.0383 6948 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:46:57.0385 6948 SSDPSRV - ok
23:46:57.0391 6948 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:46:57.0392 6948 SstpSvc - ok
23:46:57.0420 6948 Steam Client Service - ok
23:46:57.0433 6948 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
23:46:57.0433 6948 stexstor - ok
23:46:57.0478 6948 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:46:57.0482 6948 stisvc - ok
23:46:57.0489 6948 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
23:46:57.0490 6948 swenum - ok
23:46:57.0527 6948 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:46:57.0531 6948 swprv - ok
23:46:57.0613 6948 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:46:57.0622 6948 SysMain - ok
23:46:57.0660 6948 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:46:57.0662 6948 TabletInputService - ok
23:46:57.0694 6948 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:46:57.0697 6948 TapiSrv - ok
23:46:57.0709 6948 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:46:57.0711 6948 TBS - ok
23:46:57.0838 6948 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
23:46:57.0847 6948 Tcpip - ok
23:46:57.0995 6948 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
23:46:58.0003 6948 TCPIP6 - ok
23:46:58.0041 6948 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:46:58.0042 6948 tcpipreg - ok
23:46:58.0056 6948 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:46:58.0056 6948 TDPIPE - ok
23:46:58.0071 6948 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:46:58.0072 6948 TDTCP - ok
23:46:58.0087 6948 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:46:58.0088 6948 tdx - ok
23:46:58.0105 6948 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
23:46:58.0106 6948 TermDD - ok
23:46:58.0149 6948 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:46:58.0153 6948 TermService - ok
23:46:58.0158 6948 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:46:58.0159 6948 Themes - ok
23:46:58.0183 6948 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:46:58.0184 6948 THREADORDER - ok
23:46:58.0228 6948 TiMiniService (69d76ce06bb629b69165c81d83a4b03e) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
23:46:58.0229 6948 TiMiniService - ok
23:46:58.0254 6948 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
23:46:58.0255 6948 tmactmon - ok
23:46:58.0271 6948 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
23:46:58.0278 6948 tmcomm - ok
23:46:58.0296 6948 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
23:46:58.0298 6948 tmevtmgr - ok
23:46:58.0316 6948 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
23:46:58.0317 6948 tmtdi - ok
23:46:58.0336 6948 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:46:58.0337 6948 TrkWks - ok
23:46:58.0377 6948 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:46:58.0378 6948 TrustedInstaller - ok
23:46:58.0391 6948 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:46:58.0391 6948 tssecsrv - ok
23:46:58.0402 6948 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:46:58.0403 6948 TsUsbFlt - ok
23:46:58.0411 6948 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
23:46:58.0411 6948 TsUsbGD - ok
23:46:58.0434 6948 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:46:58.0435 6948 tunnel - ok
23:46:58.0451 6948 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
23:46:58.0452 6948 TurboB - ok
23:46:58.0486 6948 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
23:46:58.0487 6948 TurboBoost - ok
23:46:58.0503 6948 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
23:46:58.0503 6948 uagp35 - ok
23:46:58.0531 6948 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:46:58.0533 6948 udfs - ok
23:46:58.0558 6948 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:46:58.0559 6948 UI0Detect - ok
23:46:58.0574 6948 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:46:58.0574 6948 uliagpkx - ok
23:46:58.0585 6948 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:46:58.0585 6948 umbus - ok
23:46:58.0598 6948 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
23:46:58.0598 6948 UmPass - ok
23:46:58.0776 6948 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:46:58.0788 6948 UNS - ok
23:46:58.0865 6948 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:46:58.0867 6948 upnphost - ok
23:46:58.0908 6948 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
23:46:58.0908 6948 USBAAPL64 - ok
23:46:58.0927 6948 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
23:46:58.0928 6948 usbaudio - ok
23:46:58.0952 6948 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:46:58.0953 6948 usbccgp - ok
23:46:58.0969 6948 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:46:58.0970 6948 usbcir - ok
23:46:58.0988 6948 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
23:46:58.0989 6948 usbehci - ok
23:46:59.0022 6948 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:46:59.0024 6948 usbhub - ok
23:46:59.0035 6948 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:46:59.0036 6948 usbohci - ok
23:46:59.0051 6948 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
23:46:59.0052 6948 usbprint - ok
23:46:59.0075 6948 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:46:59.0076 6948 USBSTOR - ok
23:46:59.0087 6948 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:46:59.0088 6948 usbuhci - ok
23:46:59.0112 6948 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
23:46:59.0113 6948 usbvideo - ok
23:46:59.0125 6948 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:46:59.0126 6948 UxSms - ok
23:46:59.0149 6948 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:46:59.0150 6948 VaultSvc - ok
23:46:59.0169 6948 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:46:59.0170 6948 vdrvroot - ok
23:46:59.0207 6948 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:46:59.0210 6948 vds - ok
23:46:59.0229 6948 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:46:59.0229 6948 vga - ok
23:46:59.0245 6948 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:46:59.0246 6948 VgaSave - ok
23:46:59.0257 6948 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:46:59.0259 6948 vhdmp - ok
23:46:59.0280 6948 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:46:59.0281 6948 viaide - ok
23:46:59.0317 6948 VideAceWindowsService (c37ce43fb54066ffb540729c6e6e194e) C:\ExpressGateUtil\VAWinService.exe
23:46:59.0317 6948 VideAceWindowsService - ok
23:46:59.0335 6948 VKbms (3b59bb6d10cf969dbe4db93d9ead7fb4) C:\Windows\system32\DRIVERS\VKbms.sys
23:46:59.0336 6948 VKbms - ok
23:46:59.0350 6948 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:46:59.0351 6948 volmgr - ok
23:46:59.0384 6948 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:46:59.0386 6948 volmgrx - ok
23:46:59.0417 6948 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:46:59.0418 6948 volsnap - ok
23:46:59.0430 6948 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
23:46:59.0432 6948 vsmraid - ok
23:46:59.0530 6948 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:46:59.0538 6948 VSS - ok
23:46:59.0656 6948 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
23:46:59.0660 6948 vToolbarUpdater11.2.0 - ok
23:46:59.0750 6948 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:46:59.0750 6948 vwifibus - ok
23:46:59.0764 6948 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:46:59.0765 6948 vwififlt - ok
23:46:59.0799 6948 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:46:59.0802 6948 W32Time - ok
23:46:59.0816 6948 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
23:46:59.0817 6948 WacomPen - ok
23:46:59.0834 6948 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:46:59.0835 6948 WANARP - ok
23:46:59.0837 6948 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:46:59.0838 6948 Wanarpv6 - ok
23:46:59.0917 6948 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
23:46:59.0923 6948 WatAdminSvc - ok
23:47:00.0013 6948 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:47:00.0021 6948 wbengine - ok
23:47:00.0081 6948 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:47:00.0083 6948 WbioSrvc - ok
23:47:00.0117 6948 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:47:00.0120 6948 wcncsvc - ok
23:47:00.0132 6948 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:47:00.0133 6948 WcsPlugInService - ok
23:47:00.0153 6948 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
23:47:00.0153 6948 Wd - ok
23:47:00.0200 6948 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:47:00.0204 6948 Wdf01000 - ok
23:47:00.0218 6948 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:47:00.0219 6948 WdiServiceHost - ok
23:47:00.0221 6948 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:47:00.0223 6948 WdiSystemHost - ok
23:47:00.0237 6948 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:47:00.0239 6948 WebClient - ok
23:47:00.0264 6948 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:47:00.0266 6948 Wecsvc - ok
23:47:00.0279 6948 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:47:00.0280 6948 wercplsupport - ok
23:47:00.0292 6948 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:47:00.0294 6948 WerSvc - ok
23:47:00.0311 6948 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:47:00.0311 6948 WfpLwf - ok
23:47:00.0338 6948 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
23:47:00.0339 6948 WimFltr - ok
23:47:00.0346 6948 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:47:00.0346 6948 WIMMount - ok
23:47:00.0349 6948 WinHttpAutoProxySvc - ok
23:47:00.0406 6948 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:47:00.0407 6948 Winmgmt - ok
23:47:00.0529 6948 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:47:00.0539 6948 WinRM - ok
23:47:00.0616 6948 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
23:47:00.0617 6948 WinUsb - ok
23:47:00.0685 6948 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:47:00.0690 6948 Wlansvc - ok
23:47:00.0753 6948 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:47:00.0754 6948 wlcrasvc - ok
23:47:00.0903 6948 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:47:00.0913 6948 wlidsvc - ok
23:47:00.0966 6948 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:47:00.0967 6948 WmiAcpi - ok
23:47:00.0998 6948 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:47:00.0999 6948 wmiApSrv - ok
23:47:01.0032 6948 WMPNetworkSvc - ok
23:47:01.0040 6948 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:47:01.0041 6948 WPCSvc - ok
23:47:01.0056 6948 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:47:01.0059 6948 WPDBusEnum - ok
23:47:01.0069 6948 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:47:01.0069 6948 ws2ifsl - ok
23:47:01.0071 6948 WSearch - ok
23:47:01.0091 6948 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:47:01.0092 6948 WudfPf - ok
23:47:01.0117 6948 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:47:01.0118 6948 WUDFRd - ok
23:47:01.0137 6948 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:47:01.0138 6948 wudfsvc - ok
23:47:01.0167 6948 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:47:01.0177 6948 WwanSvc - ok
23:47:01.0204 6948 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
23:47:01.0205 6948 xusb21 - ok
23:47:01.0207 6948 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (1870a74ee2901ca09ffbfe79a5ee0e94) D:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl
23:47:01.0208 6948 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
23:47:01.0226 6948 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:47:01.0577 6948 \Device\Harddisk0\DR0 - ok
23:47:01.0579 6948 Boot (0x1200) (134af79d956c7368b5c0828774a56b1c) \Device\Harddisk0\DR0\Partition0
23:47:01.0580 6948 \Device\Harddisk0\DR0\Partition0 - ok
23:47:01.0605 6948 Boot (0x1200) (bffa971f88d95b5137f51739de8adacc) \Device\Harddisk0\DR0\Partition1
23:47:01.0607 6948 \Device\Harddisk0\DR0\Partition1 - ok
23:47:01.0608 6948 ============================================================
23:47:01.0608 6948 Scan finished
23:47:01.0608 6948 ============================================================
23:47:01.0613 4200 Detected object count: 0
23:47:01.0613 4200 Actual detected object count: 0
23:52:06.0795 2364 Deinitialize success

ESET

C:\Users\Ian\AppData\Local\Temp\NODD9B0.tmp a variant of Win32/Kryptik.AJLB trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Ian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\4a85aa2f-1a9c54bf multiple threats deleted - quarantined
C:\Windows\Installer\{80aa28bd-953b-0d79-ac52-59b01480de54}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{80aa28bd-953b-0d79-ac52-59b01480de54}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Windows\Installer\{80aa28bd-953b-0d79-ac52-59b01480de54}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Windows\Installer\{80aa28bd-953b-0d79-ac52-59b01480de54}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
D:\Program Files (x86)\LIMBO\limbo_lang.exe a variant of Win32/Kryptik.EIF trojan cleaned by deleting - quarantined
D:\Users\Ian\Downloads\Assassins.Creed.II-SKIDROW\sr-acii.iso a variant of Win32/Packed.VMProtect.AAA trojan deleted - quarantined
D:\Users\Ian\Downloads\The Elder Scrolls V Skyrim Dawnguard\Dawnguard\rld-skyru9\reloaded\SkyrimLauncher.exe multiple threats deleted - quarantined
D:\Users\Ian\Downloads\The Elder Scrolls V Skyrim Dawnguard\Dawnguard\skyiu10_17706\TESV.exe multiple threats deleted - quarantined
D:\Users\Ian\Downloads\The.Witcher.2.Assassins.of.Kings-SKIDROW\sr-tw2b.iso a variant of Win32/Packed.VMProtect.AAA trojan deleted - quarantined
Operating memory multiple threats

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:19 PM

Posted 07 August 2012 - 08:47 AM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{80aa28bd-953b-0d79-ac52-59b01480de54}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 StupidMalware

StupidMalware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 07 August 2012 - 04:44 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{80aa28bd-953b-0d79-ac52-59b01480de54}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

System Look:

SystemLook 30.07.11 by jpshortstuff
Log created at 15:49 on 07/08/2012 by Ian
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 329216 bytes [23:19 13/07/2009] [01:39 14/07/2009] 50BEA589F7D7958BDD2528A8F69D05CC
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{80aa28bd-953b-0d79-ac52-59b01480de54}"
C:\Windows\Installer\{80aa28bd-953b-0d79-ac52-59b01480de54} d--hs-- [01:03 18/02/2012]

-= EOF =-

Mini Toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Ian (administrator) on 07-08-2012 at 16:34:49
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9002WB-1NG Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ian-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 74-2F-68-82-B5-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 14-DA-E9-C2-4F-DA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9002WB-1NG Wireless Network Adapter
Physical Address. . . . . . . . . : 74-2F-68-82-1D-FC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::259b:5b03:36db:65df%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, August 07, 2012 4:24:07 PM
Lease Expires . . . . . . . . . . : Wednesday, August 08, 2012 4:24:11 PM
Default Gateway . . . . . . . . . : 10.0.0.2
DHCP Server . . . . . . . . . . . : 10.0.0.2
DHCPv6 IAID . . . . . . . . . . . : 242495336
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-E3-3C-33-74-2F-68-82-1D-FC
DNS Servers . . . . . . . . . . . : 10.0.0.2
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{3E9F7662-5E79-497B-8C66-F50792C0F836}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A4A2DE91-2580-4380-BB00-C75BC9EEA37F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7A897F15-0B5B-48E5-A804-9E3A6D0EEBAB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.227.39] with 32 bytes of data:
Reply from 74.125.227.39: bytes=32 time=24ms TTL=52
Reply from 74.125.227.39: bytes=32 time=32ms TTL=52

Ping statistics for 74.125.227.39:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 24ms, Maximum = 32ms, Average = 28ms

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=156ms TTL=43
Reply from 98.139.183.24: bytes=32 time=106ms TTL=45

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 106ms, Maximum = 156ms, Average = 131ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...74 2f 68 82 b5 9a ......Bluetooth Device (Personal Area Network)
12...14 da e9 c2 4f da ......Realtek PCIe GBE Family Controller
11...74 2f 68 82 1d fc ......Atheros AR9002WB-1NG Wireless Network Adapter
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.2 10.0.0.10 25
10.0.0.0 255.255.255.0 On-link 10.0.0.10 281
10.0.0.10 255.255.255.255 On-link 10.0.0.10 281
10.0.0.255 255.255.255.255 On-link 10.0.0.10 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.10 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.10 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::259b:5b03:36db:65df/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/07/2012 04:34:06 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/07/2012 03:46:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25567379

Error: (08/07/2012 03:46:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25567379

Error: (08/07/2012 03:46:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2012 08:40:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13011

Error: (08/07/2012 08:40:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13011

Error: (08/07/2012 08:40:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2012 08:40:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12013

Error: (08/07/2012 08:40:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12013

Error: (08/07/2012 08:40:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (08/07/2012 04:24:28 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/07/2012 04:24:28 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/07/2012 04:24:04 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/07/2012 04:24:04 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/07/2012 04:24:03 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/07/2012 04:24:01 PM) (Source: Service Control Manager) (User: )
Description: The ESET Service service failed to start due to the following error:
%%2

Error: (08/07/2012 04:23:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/07/2012 03:46:42 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/07/2012 03:46:42 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/07/2012 08:40:23 AM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 11.0 Service service terminated unexpectedly. It has done this 2 time(s).


Microsoft Office Sessions:
=========================
Error: (08/07/2012 04:34:06 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/07/2012 03:46:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25567379

Error: (08/07/2012 03:46:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25567379

Error: (08/07/2012 03:46:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2012 08:40:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13011

Error: (08/07/2012 08:40:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13011

Error: (08/07/2012 08:40:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2012 08:40:38 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12013

Error: (08/07/2012 08:40:38 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12013

Error: (08/07/2012 08:40:38 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

??????? Windows Live Mesh ActiveX ??(????) (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
µTorrent (Version: 3.1.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
AION Free-To-Play (Version: 2.70.0000)
Amnesia - The Dark Descent (Version: 1.0.0)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Assassin's Creed II (Version: 1.01)
Assassin's Creed Revelations (Version: 1.00)
ASUS AI Recovery (Version: 1.0.23)
ASUS FaceLogon (Version: 1.0.0013)
ASUS Live Update (Version: 3.1.2)
ASUS Power4Gear Hybrid (Version: 1.2.0)
ASUS USB Charger Plus (Version: 2.0.8)
ASUS Virtual Camera (Version: 1.0.25)
ASUS WebStorage (Version: 3.0.84.161)
AsusScr_G74 Series_ENG (Version: 1.0.0001)
AsusVibe2.0 (Version: 2.0.4.617)
Atheros Client Installation Program (Version: 7.0)
ATK Package (Version: 1.0.0015)
AVG Security Toolbar (Version: 11.1.0.12)
Battlefield 3™ (Version: 1.0.0.0)
Battlefield: Bad Company™ 2 (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 1.122.0)
Bing Bar (Version: 7.0.610.0)
Bluetooth Win7 Suite (64) (Version: 7.2.0.65)
Bonjour (Version: 3.0.0.10)
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Dedicated Server
Call of Duty: Modern Warfare 3 - Multiplayer
Camtasia Studio 7 (Version: 7.1.1)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (Version: 15.4.5722.2)
Creation Kit
Crysis® 2 (Version: 1.0.0.0)
CyberLink LabelPrint (Version: 2.5.1908)
CyberLink Power2Go (Version: 6.1.3602c)
CyberLink PowerDVD 11 (Version: 11.0.2024.53)
D3DX10 (Version: 15.4.2368.0902)
DirectX 9 Runtime (Version: 1.00.0000)
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
ExpressGateCloud (Version: 2.6.27.160)
Fallout 3 (Version: 1.00.0000)
Fallout Mod Manager 0.13.21
Fallout: New Vegas
Finger Sensing Pad Driver (Version: 9.1.3.5)
FixCleaner (Version: 2.0.4419)
Fraps (remove only)
Fresco Logic USB3.0 Host Controller (Version: 3.5.30.0)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
GameFast.exe (Version: 1.0.0.1)
Google Chrome (Version: 21.0.1180.60)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Gyazo 1.0
HandBrake 0.9.6 (Version: 0.9.6)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
iTunes (Version: 10.6.0.40)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
LIMBO
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mass Effect™ 3 (Version: 1.01.0.0)
Max Payne 3 (Version: 1.0.0.0)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
NC Launcher (GameForge)
Nexus Mod Manager (Version: 0.19.0)
Nuance PDF Reader (Version: 6.00.0041)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
Oblivion - Knights of the Nine (Version: 1.00.0000)
Oblivion - Orrery (Version: 1.00.0000)
Oblivion - Thieves Den (Version: 1.00.0000)
Oblivion - Wizard's Tower (Version: 1.00.0000)
Oblivion (Version: 1.00.0000)
Origin (Version: 8.5.0.4550)
Path of Exile (Version: 0.9.10.17445)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
PowerISO (Version: 5.2)
PunkBuster Services (Version: 0.991)
QuickTime (Version: 7.71.80.42)
Razer BlackWidow Ultimate (Version: 1.04.04)
Razer DeathAdder™ Mouse (Version: 3.05)
Razer Naga (Version: 3.03.01)
Realtek Ethernet Controller Driver (Version: 7.44.421.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6564)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10001)
Rockstar Games Social Club (Version: 1.0.9.5)
Rotation Desktop for G Series.exe (Version: 1.0.0.9)
Roxio AACS Certificate (Version: 1.0.0)
Roxio CinePlayer (Version: 5.8)
Roxio CinePlayer (Version: 5.8.58232.1)
Skype Click to Call (Version: 6.1.10441)
Skype™ 5.9 (Version: 5.9.115)
Sophos Virus Removal Tool (Version: 2.1)
SpeedFan (remove only)
Star Wars: The Old Republic (Version: 1.00)
Steam (Version: 1.0.0.0)
SteelSeries Engine (Version: 2.2.927.31327)
syncables desktop SE (Version: 5.5.746.11492)
The Elder Scrolls V: Skyrim
The Witcher 2 (Version: 1.00.0000)
THX TruStudio (Version: 1.03.01)
Torchlight (Version: 0.0.66.192)
Trend Micro Titanium Internet Security (Version: 3.0)
Trend Micro Titanium Internet Security (Version: 3.00)
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VLC media player 2.0.0 (Version: 2.0.0)
Wallpapers (Version: 1.0.0)
Wallpapers by Wallpapers.com (Version: 1.0.0)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash (Version: 2.32.0)
WinRAR 4.10 (64-bit) (Version: 4.10.0)
Wireless Console 3 (Version: 3.0.27)

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 12265.16 MB
Available physical RAM: 9730.79 MB
Total Pagefile: 24528.51 MB
Available Pagefile: 21731.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.75 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:122.83 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:394.18 GB) (Free:176.13 GB) NTFS

========================= Users: ========================================

User accounts for \\IAN-PC

Administrator Guest Ian
UpdatusUser


**** End of log ****

FSS:

Farbar Service Scanner Version: 06-08-2012
Ran by Ian (administrator) on 07-08-2012 at 16:36:13
Running from "C:\Users\Ian\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

AdWare:

# AdwCleaner v1.800 - Logfile created 08/07/2012 at 16:36:51
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Ian - IAN-PC
# Running from : C:\Users\Ian\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : vToolbarUpdater11.2.0

***** [Files / Folders] *****

Folder Deleted : C:\Users\Ian\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki
Folder Deleted : C:\Users\Ian\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\Ian\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Ian\AppData\LocalLow\Funmoods
Folder Deleted : C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\6oc8qwtg.default\extensions\ffxtlbr@funmoods.com
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Funmoods
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\Funmoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[x64] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4f73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\6oc8qwtg.default\prefs.js

C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\6oc8qwtg.default\user.js ... Deleted !

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\11.1.0.12");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("extensions.enabledAddons", "ffxtlbr@funmoods.com:1.5.0,avg@toolbar:11.1.0.12,{8C6B2376-DD[...]
Deleted : user_pref("extensions.funmoods.aflt", "axl");
Deleted : user_pref("extensions.funmoods.autoRvrt", false);
Deleted : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Deleted : user_pref("extensions.funmoods.cntry", "US");
Deleted : user_pref("extensions.funmoods.cv", "cv5");
Deleted : user_pref("extensions.funmoods.dfltLng", "");
Deleted : user_pref("extensions.funmoods.dfltSrch", false);
Deleted : user_pref("extensions.funmoods.dfltlng", "en");
Deleted : user_pref("extensions.funmoods.dfltsrch", "false");
Deleted : user_pref("extensions.funmoods.dnsErr", true);
Deleted : user_pref("extensions.funmoods.envrmnt", "production");
Deleted : user_pref("extensions.funmoods.excTlbr", false);
Deleted : user_pref("extensions.funmoods.hdrMd5", "85620AF0B9C414C5D905787B303FCA05");
Deleted : user_pref("extensions.funmoods.hmpg", false);
Deleted : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzutAtN2[...]
Deleted : user_pref("extensions.funmoods.hrdid", "2484ebdd000000000000742f6882b59a");
Deleted : user_pref("extensions.funmoods.id", "2484ebdd000000000000742f6882b59a");
Deleted : user_pref("extensions.funmoods.instlDay", "15485");
Deleted : user_pref("extensions.funmoods.instlRef", "axl");
Deleted : user_pref("extensions.funmoods.instlday", "15485");
Deleted : user_pref("extensions.funmoods.instlref", "axl");
Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true);
Deleted : user_pref("extensions.funmoods.keywordurl", "");
Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2211:1:9");
Deleted : user_pref("extensions.funmoods.logicsmngrdailyreporttime", "01-07-2012");
Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Deleted : user_pref("extensions.funmoods.newTab", false);
Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzutAt[...]
Deleted : user_pref("extensions.funmoods.newtab", "false");
Deleted : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzutAt[...]
Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrid", "funmoods");
Deleted : user_pref("extensions.funmoods.savedVrsnTs", "1");
Deleted : user_pref("extensions.funmoods.sg", "none");
Deleted : user_pref("extensions.funmoods.similarsitesstorage-pid2", "d4c68ff174e53aff");
Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Deleted : user_pref("extensions.funmoods.smplgrp", "none");
Deleted : user_pref("extensions.funmoods.srch", "");
Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods.srchprvdr", "Search");
Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "");
Deleted : user_pref("extensions.funmoods.tlbrid", "base");
Deleted : user_pref("extensions.funmoods.tlbrsrchurl", "");
Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2211:1:9");
Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Deleted : user_pref("extensions.funmoods.vrsnts", "1.5.23.2211:1:9");
Deleted : user_pref("extensions.funmoods_i.newTab", false);
Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2211:1:9");
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B73af2479-4653-41d9-9700-4a84fc514367%[...]

-\\ Google Chrome v21.0.1180.60

File : C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "homepage": "hxxp://isearch.avg.com/?cid={B4C97EB0-37B1-43D4-9D7B-803EFE0EEA0C}&mid=ffe0def5a6[...]
Deleted : "description": "The fastest way to search the web.",
Deleted : "default_icon": "funmoods/img/16.png",
Deleted : "default_popup": "funmoods/dropdown.html",
Deleted : "128": "funmoods/img/128.png",
Deleted : "32": "funmoods/img/32.png",
Deleted : "48": "funmoods/img/48.png"
Deleted : "name": "Funmoods",
Deleted : "update_url": "hxxp://funmoods.com/public/download/chrome/update.xml",
Deleted : "homepage": "hxxp://isearch.avg.com/?cid={B4C97EB0-37B1-43D4-9D7B-803EFE0EEA0C}&mid=ffe0def5a6b04[...]

*************************

AdwCleaner[S1].txt - [14783 octets] - [07/08/2012 16:36:51]

########## EOF - C:\AdwCleaner[S1].txt - [14912 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:19 PM

Posted 07 August 2012 - 04:54 PM

Press Windows+R key and type

notepad and click ok

copy this script and paste in notepad
@echo off
cd c:\windows\system32
takeown /a /f services.exe
cacls services.exe /g administrators:f
ren services.exe services.exe.old
COPY /Y C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\WINDOWS\system32
DEL %0

Click on FILE>> save as

filename:sevices.bat
Save as type:All types

Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER

Restart the PC

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Windows\Installer\{80aa28bd-953b-0d79-ac52-59b01480de54}

delete the folder

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the new FSS log

#7 StupidMalware

StupidMalware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 07 August 2012 - 05:28 PM

Press Windows+R key and type

notepad and click ok

copy this script and paste in notepad

@echo off
cd c:\windows\system32
takeown /a /f services.exe
cacls services.exe /g administrators:f
ren services.exe services.exe.old
COPY /Y C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\WINDOWS\system32
DEL %0

Click on FILE>> save as

filename:sevices.bat
Save as type:All types

Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER

Restart the PC

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Windows\Installer\{80aa28bd-953b-0d79-ac52-59b01480de54}

delete the folder

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the new FSS log

FSS

Farbar Service Scanner Version: 06-08-2012
Ran by Ian (administrator) on 07-08-2012 at 17:25:39
Running from "C:\Users\Ian\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:19 PM

Posted 07 August 2012 - 05:40 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{80aa28bd-953b-0d79-ac52-59b01480de54}

Click on LOOK,post the generated log

Download

BITS
Windefend
wuauserv

Launch them,click YES

Restart the PC,post the new FSS log

#9 StupidMalware

StupidMalware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 07 August 2012 - 05:51 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{80aa28bd-953b-0d79-ac52-59b01480de54}

Click on LOOK,post the generated log

Download

BITS
Windefend
wuauserv

Launch them,click YES

Restart the PC,post the new FSS log

Farbar Service Scanner Version: 06-08-2012
Ran by Ian (administrator) on 07-08-2012 at 17:50:16
Running from "C:\Users\Ian\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:19 PM

Posted 07 August 2012 - 05:53 PM

Do not quote my posts.Still need the system look log

#11 StupidMalware

StupidMalware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 07 August 2012 - 05:57 PM

Cant generate look log it say scripts required.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:19 PM

Posted 07 August 2012 - 05:59 PM

Please read the instructions again

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{80aa28bd-953b-0d79-ac52-59b01480de54}

Click on LOOK,post the generated log

#13 StupidMalware

StupidMalware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 07 August 2012 - 06:00 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 17:59 on 07/08/2012 by Ian
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{80aa28bd-953b-0d79-ac52-59b01480de54}"
No folders found.

-= EOF =-

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:19 PM

Posted 07 August 2012 - 06:02 PM

Delete this file

C:\windows\system32\services.exe.old

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#15 StupidMalware

StupidMalware
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 07 August 2012 - 08:49 PM

Thanks!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users