Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

backdoor.win64.zaccess and adobe pop up.


  • Please log in to reply
19 replies to this topic

#1 zaid90

zaid90

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 30 August 2012 - 08:21 PM

so i was reading an article about metal gear(video game), i clicked on a link in the article and opend the link in a new tab(i never actuary went to the tab itself). as soon as the tab was open, i got a windows pop up saying CMD is requesting permission to change files, this was odd so i declined. i had to decline it about 10 times, then a windows prompt for "adobe flash player is requesting permission" kept appearing (i declined it permission each time). it says the file location for adobe update was "downloaded from internet", i got worried.

at that point, my Norton had expired and i went and downloaded kaskpesky and malwarebytes. after 4 hours of cleaning and restarting, my infection got narrowed down to a "backdoor.win64.zaccess" that keeps infecting explorer.exe but kaskpesky keeps deleting that virus. and the windows prompt for adobe requesting permission keeps appearing.

TDSSkiller found nothing. this http://www.uninstall-tool.com/how-to-remove-backdoor-win64-zaccess-bt-on-services-exe-manual-removal-guides/ did not help me at all.

i really dont want to reinstall windows, please help me!

my os: windows 7 64 bit

Edited by zaid90, 30 August 2012 - 08:22 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:50 PM

Posted 30 August 2012 - 08:29 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 zaid90

zaid90
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 30 August 2012 - 11:20 PM

TSSDkiller log:
19:34:36.0540 5944 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
19:34:37.0170 5944 ============================================================
19:34:37.0170 5944 Current date / time: 2012/08/30 19:34:37.0170
19:34:37.0170 5944 SystemInfo:
19:34:37.0170 5944
19:34:37.0170 5944 OS Version: 6.1.7601 ServicePack: 1.0
19:34:37.0170 5944 Product type: Workstation
19:34:37.0170 5944 ComputerName: ZAIDI7-PC
19:34:37.0170 5944 UserName: zaid i7
19:34:37.0170 5944 Windows directory: C:\Windows
19:34:37.0170 5944 System windows directory: C:\Windows
19:34:37.0170 5944 Running under WOW64
19:34:37.0170 5944 Processor architecture: Intel x64
19:34:37.0170 5944 Number of processors: 4
19:34:37.0170 5944 Page size: 0x1000
19:34:37.0170 5944 Boot type: Normal boot
19:34:37.0170 5944 ============================================================
19:34:37.0190 5944 BG loaded
19:34:37.0290 5944 Drive \Device\Harddisk0\DR0 - Size: 0x5780000000 (350.00 Gb), SectorSize: 0x200, Cylinders: 0xB279, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:34:37.0290 5944 Drive \Device\Harddisk1\DR1 - Size: 0x105D1500000 (1047.27 Gb), SectorSize: 0x200, Cylinders: 0x21608, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:34:37.0290 5944 Drive \Device\Harddisk2\DR2 - Size: 0x29EB906000 (167.68 Gb), SectorSize: 0x200, Cylinders: 0x5581, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:34:37.0290 5944 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:34:37.0300 5944 ============================================================
19:34:37.0300 5944 \Device\Harddisk0\DR0:
19:34:37.0300 5944 MBR partitions:
19:34:37.0300 5944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:34:37.0300 5944 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2BBCC800
19:34:37.0300 5944 \Device\Harddisk1\DR1:
19:34:37.0300 5944 MBR partitions:
19:34:37.0300 5944 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x82E89000
19:34:37.0300 5944 \Device\Harddisk2\DR2:
19:34:37.0300 5944 MBR partitions:
19:34:37.0300 5944 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x14F5B800
19:34:37.0300 5944 \Device\Harddisk3\DR3:
19:34:37.0300 5944 MBR partitions:
19:34:37.0300 5944 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC624C06
19:34:37.0300 5944 \Device\Harddisk3\DR3\Partition2: MBR, Type 0x7, StartLBA 0xC624C45, BlocksNum 0x680E0D7C
19:34:37.0300 5944 ============================================================
19:34:37.0300 5944 C: <-> \Device\Harddisk2\DR2\Partition1
19:34:37.0300 5944 D: <-> \Device\Harddisk3\DR3\Partition1
19:34:37.0300 5944 E: <-> \Device\Harddisk0\DR0\Partition2
19:34:37.0300 5944 F: <-> \Device\Harddisk3\DR3\Partition2
19:34:37.0300 5944 I: <-> \Device\Harddisk1\DR1\Partition1
19:34:37.0300 5944 ============================================================
19:34:37.0300 5944 Initialize success
19:34:37.0300 5944 ============================================================
19:34:49.0700 7092 ============================================================
19:34:49.0700 7092 Scan started
19:34:49.0700 7092 Mode: Manual; TDLFS;
19:34:49.0700 7092 ============================================================
19:34:49.0760 7092 ================ Scan system memory ========================
19:34:49.0760 7092 System memory - ok
19:34:49.0760 7092 ================ Scan services =============================
19:34:49.0780 7092 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:34:49.0790 7092 1394ohci - ok
19:34:49.0790 7092 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:34:49.0790 7092 ACPI - ok
19:34:49.0790 7092 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:34:49.0790 7092 AcpiPmi - ok
19:34:49.0800 7092 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:34:49.0800 7092 AdobeARMservice - ok
19:34:49.0800 7092 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:34:49.0800 7092 adp94xx - ok
19:34:49.0810 7092 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:34:49.0810 7092 adpahci - ok
19:34:49.0810 7092 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:34:49.0810 7092 adpu320 - ok
19:34:49.0810 7092 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:34:49.0810 7092 AeLookupSvc - ok
19:34:49.0820 7092 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:34:49.0820 7092 AFD - ok
19:34:49.0820 7092 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:34:49.0820 7092 agp440 - ok
19:34:49.0830 7092 [ A41B855EDC1F141851E27F984827942C ] AiCharger C:\Windows\syswow64\drivers\AiCharger.sys
19:34:49.0830 7092 AiCharger - ok
19:34:49.0840 7092 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:34:49.0840 7092 ALG - ok
19:34:49.0840 7092 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:34:49.0840 7092 aliide - ok
19:34:49.0840 7092 [ B671C7A0E9016D9FD7474DF119D333D3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:34:49.0840 7092 AMD External Events Utility - ok
19:34:49.0840 7092 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:34:49.0840 7092 amdide - ok
19:34:49.0840 7092 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:34:49.0850 7092 AmdK8 - ok
19:34:49.0900 7092 [ FC6F21B3CD934A66BF865BA2EA2759B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:34:49.0930 7092 amdkmdag - ok
19:34:49.0930 7092 [ 942D61F9E8BD1000DF06C387828DF910 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:34:49.0930 7092 amdkmdap - ok
19:34:49.0940 7092 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:34:49.0940 7092 AmdPPM - ok
19:34:49.0940 7092 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:34:49.0940 7092 amdsata - ok
19:34:49.0940 7092 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:34:49.0940 7092 amdsbs - ok
19:34:49.0940 7092 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:34:49.0940 7092 amdxata - ok
19:34:49.0950 7092 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:34:49.0950 7092 AppID - ok
19:34:49.0950 7092 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:34:49.0950 7092 AppIDSvc - ok
19:34:49.0950 7092 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:34:49.0950 7092 Appinfo - ok
19:34:49.0950 7092 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:34:49.0950 7092 AppMgmt - ok
19:34:49.0960 7092 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:34:49.0960 7092 arc - ok
19:34:49.0960 7092 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:34:49.0960 7092 arcsas - ok
19:34:49.0960 7092 [ EB6DC008A1F36DFD7999EB57E97EAACE ] asahci64 C:\Windows\system32\DRIVERS\asahci64.sys
19:34:49.0960 7092 asahci64 - ok
19:34:49.0970 7092 [ F7692E60147E56A1CEEE144974F41830 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
19:34:49.0970 7092 asComSvc - ok
19:34:49.0980 7092 [ 0466B91EE5767A769E9F8EDB8EF94DDB ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
19:34:49.0980 7092 asHmComSvc - ok
19:34:49.0980 7092 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:34:49.0980 7092 AsIO - ok
19:34:49.0990 7092 [ 22842362DF890F5492F85AA60916A697 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
19:34:49.0990 7092 asmthub3 - ok
19:34:49.0990 7092 [ 08E2D77766CC05E75A0707207D9FC684 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
19:34:49.0990 7092 asmtxhci - ok
19:34:50.0000 7092 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:34:50.0000 7092 aspnet_state - ok
19:34:50.0000 7092 [ 5C31DFB196CB3A488A041881634D86D2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
19:34:50.0010 7092 AsSysCtrlService - ok
19:34:50.0010 7092 [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
19:34:50.0010 7092 AsUpIO - ok
19:34:50.0020 7092 [ BA2C5406E0AEB30EC7DBFAECB597E3A0 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.28\AsusFanControlService.exe
19:34:50.0020 7092 AsusFanControlService - ok
19:34:50.0030 7092 [ A5E4CDB420540095D1293C874B5F89AA ] ASUSFILTER C:\Windows\syswow64\drivers\ASUSFILTER.sys
19:34:50.0030 7092 ASUSFILTER - ok
19:34:50.0030 7092 [ 7882BB401553008C3D17251D98474412 ] ASUSstpt C:\Windows\system32\DRIVERS\ASUSstpt.sys
19:34:50.0030 7092 ASUSstpt - ok
19:34:50.0030 7092 [ 23041D6FADF1287457E12CDBE2466554 ] ASUSumsc C:\Windows\system32\DRIVERS\ASUSumsc.sys
19:34:50.0030 7092 ASUSumsc - ok
19:34:50.0030 7092 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:34:50.0030 7092 AsyncMac - ok
19:34:50.0030 7092 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:34:50.0030 7092 atapi - ok
19:34:50.0040 7092 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:34:50.0040 7092 AtiHDAudioService - ok
19:34:50.0040 7092 [ B07E6681D303A612680223C729B021E2 ] ATITool C:\Windows\system32\DRIVERS\ATITool64.sys
19:34:50.0040 7092 ATITool - ok
19:34:50.0050 7092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:34:50.0050 7092 AudioEndpointBuilder - ok
19:34:50.0050 7092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:34:50.0050 7092 AudioSrv - ok
19:34:50.0060 7092 [ 2718DC27571BD1E37813F5759D2DC118 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
19:34:50.0060 7092 AVP - ok
19:34:50.0060 7092 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
19:34:50.0070 7092 AxAutoMntSrv - ok
19:34:50.0070 7092 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:34:50.0070 7092 AxInstSV - ok
19:34:50.0070 7092 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:34:50.0070 7092 b06bdrv - ok
19:34:50.0080 7092 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:34:50.0080 7092 b57nd60a - ok
19:34:50.0080 7092 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:34:50.0080 7092 BDESVC - ok
19:34:50.0080 7092 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:34:50.0080 7092 Beep - ok
19:34:50.0090 7092 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:34:50.0090 7092 BFE - ok
19:34:50.0090 7092 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:34:50.0090 7092 blbdrive - ok
19:34:50.0100 7092 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:34:50.0100 7092 bowser - ok
19:34:50.0100 7092 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:34:50.0100 7092 BrFiltLo - ok
19:34:50.0100 7092 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:34:50.0100 7092 BrFiltUp - ok
19:34:50.0100 7092 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:34:50.0100 7092 Browser - ok
19:34:50.0110 7092 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:34:50.0110 7092 Brserid - ok
19:34:50.0110 7092 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:34:50.0110 7092 BrSerWdm - ok
19:34:50.0110 7092 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:34:50.0110 7092 BrUsbMdm - ok
19:34:50.0110 7092 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:34:50.0110 7092 BrUsbSer - ok
19:34:50.0110 7092 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:34:50.0120 7092 BTHMODEM - ok
19:34:50.0120 7092 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:34:50.0120 7092 bthserv - ok
19:34:50.0120 7092 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:34:50.0120 7092 cdfs - ok
19:34:50.0120 7092 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:34:50.0120 7092 cdrom - ok
19:34:50.0130 7092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:34:50.0130 7092 CertPropSvc - ok
19:34:50.0130 7092 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:34:50.0130 7092 circlass - ok
19:34:50.0130 7092 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:34:50.0130 7092 CLFS - ok
19:34:50.0140 7092 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:34:50.0140 7092 clr_optimization_v2.0.50727_32 - ok
19:34:50.0140 7092 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:34:50.0140 7092 clr_optimization_v2.0.50727_64 - ok
19:34:50.0150 7092 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:34:50.0150 7092 clr_optimization_v4.0.30319_32 - ok
19:34:50.0150 7092 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:34:50.0150 7092 clr_optimization_v4.0.30319_64 - ok
19:34:50.0150 7092 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:34:50.0150 7092 CmBatt - ok
19:34:50.0150 7092 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:34:50.0150 7092 cmdide - ok
19:34:50.0160 7092 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:34:50.0160 7092 CNG - ok
19:34:50.0160 7092 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:34:50.0160 7092 Compbatt - ok
19:34:50.0160 7092 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:34:50.0160 7092 CompositeBus - ok
19:34:50.0160 7092 COMSysApp - ok
19:34:50.0170 7092 [ A0050420B91E097C178DFC3C0598F67B ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:34:50.0170 7092 cphs - ok
19:34:50.0170 7092 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:34:50.0170 7092 crcdisk - ok
19:34:50.0180 7092 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:34:50.0180 7092 CryptSvc - ok
19:34:50.0180 7092 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:34:50.0180 7092 CSC - ok
19:34:50.0190 7092 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:34:50.0190 7092 CscService - ok
19:34:50.0190 7092 [ 003626F7CA17C204F16CD5047AF0703A ] danewFltr C:\Windows\system32\drivers\danew.sys
19:34:50.0190 7092 danewFltr - ok
19:34:50.0200 7092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:34:50.0200 7092 DcomLaunch - ok
19:34:50.0200 7092 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:34:50.0200 7092 defragsvc - ok
19:34:50.0210 7092 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:34:50.0210 7092 DfsC - ok
19:34:50.0210 7092 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:34:50.0210 7092 Dhcp - ok
19:34:50.0210 7092 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:34:50.0210 7092 discache - ok
19:34:50.0220 7092 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:34:50.0220 7092 Disk - ok
19:34:50.0220 7092 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:34:50.0220 7092 dmvsc - ok
19:34:50.0220 7092 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:34:50.0220 7092 Dnscache - ok
19:34:50.0220 7092 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:34:50.0230 7092 dot3svc - ok
19:34:50.0230 7092 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:34:50.0230 7092 DPS - ok
19:34:50.0230 7092 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:34:50.0230 7092 drmkaud - ok
19:34:50.0240 7092 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:34:50.0240 7092 DXGKrnl - ok
19:34:50.0250 7092 [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
19:34:50.0250 7092 e1cexpress - ok
19:34:50.0250 7092 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:34:50.0250 7092 EapHost - ok
19:34:50.0270 7092 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:34:50.0280 7092 ebdrv - ok
19:34:50.0280 7092 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:34:50.0280 7092 EFS - ok
19:34:50.0290 7092 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:34:50.0290 7092 ehRecvr - ok
19:34:50.0290 7092 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:34:50.0290 7092 ehSched - ok
19:34:50.0300 7092 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:34:50.0300 7092 elxstor - ok
19:34:50.0300 7092 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:34:50.0300 7092 ErrDev - ok
19:34:50.0300 7092 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:34:50.0310 7092 EventSystem - ok
19:34:50.0310 7092 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:34:50.0310 7092 exfat - ok
19:34:50.0310 7092 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:34:50.0310 7092 fastfat - ok
19:34:50.0320 7092 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:34:50.0320 7092 Fax - ok
19:34:50.0320 7092 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:34:50.0320 7092 fdc - ok
19:34:50.0320 7092 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:34:50.0320 7092 fdPHost - ok
19:34:50.0330 7092 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:34:50.0330 7092 FDResPub - ok
19:34:50.0330 7092 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:34:50.0330 7092 FileInfo - ok
19:34:50.0330 7092 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:34:50.0330 7092 Filetrace - ok
19:34:50.0330 7092 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:34:50.0330 7092 flpydisk - ok
19:34:50.0340 7092 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:34:50.0340 7092 FltMgr - ok
19:34:50.0340 7092 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:34:50.0350 7092 FontCache - ok
19:34:50.0350 7092 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:34:50.0350 7092 FontCache3.0.0.0 - ok
19:34:50.0350 7092 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:34:50.0350 7092 FsDepends - ok
19:34:50.0350 7092 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:34:50.0350 7092 Fs_Rec - ok
19:34:50.0360 7092 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:34:50.0360 7092 fvevol - ok
19:34:50.0360 7092 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:34:50.0360 7092 gagp30kx - ok
19:34:50.0370 7092 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:34:50.0370 7092 gpsvc - ok
19:34:50.0370 7092 GPU-Z - ok
19:34:50.0380 7092 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:34:50.0380 7092 gupdate - ok
19:34:50.0380 7092 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:34:50.0380 7092 gupdatem - ok
19:34:50.0380 7092 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:34:50.0380 7092 hcw85cir - ok
19:34:50.0390 7092 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:34:50.0390 7092 HdAudAddService - ok
19:34:50.0390 7092 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:34:50.0390 7092 HDAudBus - ok
19:34:50.0390 7092 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:34:50.0390 7092 HidBatt - ok
19:34:50.0390 7092 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:34:50.0390 7092 HidBth - ok
19:34:50.0400 7092 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:34:50.0400 7092 HidIr - ok
19:34:50.0400 7092 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:34:50.0400 7092 hidserv - ok
19:34:50.0400 7092 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:34:50.0400 7092 HidUsb - ok
19:34:50.0400 7092 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:34:50.0400 7092 hkmsvc - ok
19:34:50.0410 7092 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:34:50.0410 7092 HomeGroupListener - ok
19:34:50.0410 7092 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:34:50.0410 7092 HomeGroupProvider - ok
19:34:50.0410 7092 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:34:50.0410 7092 HpSAMD - ok
19:34:50.0420 7092 [ BEF7D9760E0B00973E0F7EFCE68875C1 ] hshld C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
19:34:50.0420 7092 hshld - ok
19:34:50.0420 7092 [ BBC89DA4065BDCE34257BE95B2F636EE ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
19:34:50.0420 7092 HssDRV6 - ok
19:34:50.0430 7092 [ 01947D3CBAFCFEF066E1EB45DADC182D ] HssSrv C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
19:34:50.0430 7092 HssSrv - ok
19:34:50.0430 7092 [ 5527CF1FF457E819112EAC7DC0AA69CB ] HssTrayService C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
19:34:50.0430 7092 HssTrayService - ok
19:34:50.0440 7092 [ F4C1B3C4847BBA031ACFDCE5A3F0CFCB ] HssWd C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
19:34:50.0440 7092 HssWd - ok
19:34:50.0440 7092 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:34:50.0440 7092 HTCAND64 - ok
19:34:50.0440 7092 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:34:50.0450 7092 HTTP - ok
19:34:50.0450 7092 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:34:50.0450 7092 hwpolicy - ok
19:34:50.0450 7092 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:34:50.0450 7092 i8042prt - ok
19:34:50.0460 7092 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:34:50.0460 7092 iaStor - ok
19:34:50.0460 7092 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:34:50.0460 7092 IAStorDataMgrSvc - ok
19:34:50.0470 7092 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:34:50.0470 7092 iaStorV - ok
19:34:50.0470 7092 [ 90D95B25F8413F937A2E155F196D892C ] ICCS C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
19:34:50.0470 7092 ICCS - ok
19:34:50.0470 7092 [ C1010ADD3DDAE1196ED21057AF7B2AAE ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys
19:34:50.0470 7092 ICCWDT - ok
19:34:50.0470 7092 [ 2A63036283B36B3B68CDC6F85A7D53ED ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
19:34:50.0470 7092 IDMWFP - ok
19:34:50.0480 7092 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:34:50.0480 7092 idsvc - ok
19:34:50.0560 7092 [ 0638D16029B1C800908D965AC78970C7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:34:50.0600 7092 igfx - ok
19:34:50.0610 7092 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:34:50.0610 7092 iirsp - ok
19:34:50.0610 7092 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:34:50.0620 7092 IKEEXT - ok
19:34:50.0640 7092 [ D830262519DDCDFC8BE34EB7047C22DC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:34:50.0660 7092 IntcAzAudAddService - ok
19:34:50.0660 7092 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:34:50.0660 7092 IntcDAud - ok
19:34:50.0670 7092 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:34:50.0670 7092 Intel® Capability Licensing Service Interface - ok
19:34:50.0670 7092 [ D0E680E2F30FE6611895F2F34324A67C ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:34:50.0670 7092 Intel® PROSet Monitoring Service - ok
19:34:50.0670 7092 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:34:50.0670 7092 intelide - ok
19:34:50.0680 7092 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:34:50.0680 7092 intelppm - ok
19:34:50.0680 7092 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:34:50.0680 7092 IPBusEnum - ok
19:34:50.0680 7092 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:34:50.0680 7092 IpFilterDriver - ok
19:34:50.0690 7092 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:34:50.0690 7092 iphlpsvc - ok
19:34:50.0690 7092 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:34:50.0690 7092 IPMIDRV - ok
19:34:50.0690 7092 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:34:50.0690 7092 IPNAT - ok
19:34:50.0700 7092 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:34:50.0700 7092 IRENUM - ok
19:34:50.0700 7092 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:34:50.0700 7092 isapnp - ok
19:34:50.0700 7092 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:34:50.0700 7092 iScsiPrt - ok
19:34:50.0700 7092 [ 8E4577C6E0D3114170509159DE658907 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
19:34:50.0700 7092 iusb3hcs - ok
19:34:50.0710 7092 [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
19:34:50.0710 7092 iusb3hub - ok
19:34:50.0710 7092 [ 1008CD90DA2198FFD250298DEB9DF160 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:34:50.0720 7092 iusb3xhc - ok
19:34:50.0720 7092 [ 604A8615BB3D7064197A0563C799B938 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
19:34:50.0720 7092 jhi_service - ok
19:34:50.0720 7092 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:34:50.0720 7092 kbdclass - ok
19:34:50.0720 7092 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:34:50.0720 7092 kbdhid - ok
19:34:50.0730 7092 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:34:50.0730 7092 KeyIso - ok
19:34:50.0730 7092 [ E656FE10D6D27794AFA08136685A69E8 ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
19:34:50.0730 7092 KL1 - ok
19:34:50.0730 7092 [ D865DD8B0448E3F963D68C04C532858F ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
19:34:50.0730 7092 kl2 - ok
19:34:50.0740 7092 [ C7D4F357C482DD37E2B05F34093B7B0C ] KLIF C:\Windows\system32\DRIVERS\klif.sys
19:34:50.0740 7092 KLIF - ok
19:34:50.0740 7092 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
19:34:50.0740 7092 KLIM6 - ok
19:34:50.0750 7092 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
19:34:50.0750 7092 klmouflt - ok
19:34:50.0750 7092 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:34:50.0750 7092 KSecDD - ok
19:34:50.0750 7092 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:34:50.0750 7092 KSecPkg - ok
19:34:50.0750 7092 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:34:50.0750 7092 ksthunk - ok
19:34:50.0760 7092 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:34:50.0760 7092 KtmRm - ok
19:34:50.0770 7092 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:34:50.0770 7092 LanmanServer - ok
19:34:50.0770 7092 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:34:50.0770 7092 LanmanWorkstation - ok
19:34:50.0770 7092 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:34:50.0770 7092 lltdio - ok
19:34:50.0780 7092 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:34:50.0780 7092 lltdsvc - ok
19:34:50.0780 7092 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:34:50.0780 7092 lmhosts - ok
19:34:50.0780 7092 [ AB41542FA180CB3317F597ED7E7D5C5D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:34:50.0780 7092 LMS - ok
19:34:50.0790 7092 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:34:50.0790 7092 LSI_FC - ok
19:34:50.0790 7092 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:34:50.0790 7092 LSI_SAS - ok
19:34:50.0790 7092 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:34:50.0790 7092 LSI_SAS2 - ok
19:34:50.0790 7092 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:34:50.0790 7092 LSI_SCSI - ok
19:34:50.0800 7092 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:34:50.0800 7092 luafv - ok
19:34:50.0800 7092 [ E5ECF40E5FD459141E5F6685FFD51804 ] Lycosa C:\Windows\system32\drivers\Lycosa.sys
19:34:50.0800 7092 Lycosa - ok
19:34:50.0800 7092 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:34:50.0800 7092 MBAMProtector - ok
19:34:50.0810 7092 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:34:50.0810 7092 MBAMService - ok
19:34:50.0810 7092 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:34:50.0810 7092 Mcx2Svc - ok
19:34:50.0810 7092 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:34:50.0810 7092 megasas - ok
19:34:50.0820 7092 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:34:50.0820 7092 MegaSR - ok
19:34:50.0820 7092 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:34:50.0820 7092 MEIx64 - ok
19:34:50.0830 7092 Microsoft SharePoint Workspace Audit Service - ok
19:34:50.0830 7092 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:34:50.0830 7092 MMCSS - ok
19:34:50.0830 7092 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:34:50.0830 7092 Modem - ok
19:34:50.0830 7092 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:34:50.0830 7092 monitor - ok
19:34:50.0830 7092 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:34:50.0830 7092 mouclass - ok
19:34:50.0840 7092 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:34:50.0840 7092 mouhid - ok
19:34:50.0840 7092 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:34:50.0840 7092 mountmgr - ok
19:34:50.0840 7092 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:34:50.0840 7092 MozillaMaintenance - ok
19:34:50.0840 7092 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:34:50.0840 7092 mpio - ok
19:34:50.0850 7092 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:34:50.0850 7092 mpsdrv - ok
19:34:50.0850 7092 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:34:50.0860 7092 MpsSvc - ok
19:34:50.0860 7092 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:34:50.0860 7092 MRxDAV - ok
19:34:50.0860 7092 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:34:50.0860 7092 mrxsmb - ok
19:34:50.0860 7092 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:34:50.0870 7092 mrxsmb10 - ok
19:34:50.0870 7092 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:34:50.0870 7092 mrxsmb20 - ok
19:34:50.0870 7092 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:34:50.0870 7092 msahci - ok
19:34:50.0870 7092 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:34:50.0870 7092 msdsm - ok
19:34:50.0880 7092 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:34:50.0880 7092 MSDTC - ok
19:34:50.0880 7092 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:34:50.0880 7092 Msfs - ok
19:34:50.0880 7092 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:34:50.0880 7092 mshidkmdf - ok
19:34:50.0880 7092 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:34:50.0880 7092 msisadrv - ok
19:34:50.0890 7092 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:34:50.0890 7092 MSiSCSI - ok
19:34:50.0890 7092 msiserver - ok
19:34:50.0890 7092 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:34:50.0890 7092 MSKSSRV - ok
19:34:50.0890 7092 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:34:50.0890 7092 MSPCLOCK - ok
19:34:50.0890 7092 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:34:50.0890 7092 MSPQM - ok
19:34:50.0900 7092 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:34:50.0900 7092 MsRPC - ok
19:34:50.0900 7092 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:34:50.0900 7092 mssmbios - ok
19:34:50.0900 7092 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:34:50.0900 7092 MSTEE - ok
19:34:50.0900 7092 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:34:50.0900 7092 MTConfig - ok
19:34:50.0900 7092 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:34:50.0910 7092 Mup - ok
19:34:50.0910 7092 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:34:50.0910 7092 napagent - ok
19:34:50.0910 7092 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:34:50.0920 7092 NativeWifiP - ok
19:34:50.0920 7092 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:34:50.0930 7092 NDIS - ok
19:34:50.0930 7092 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:34:50.0930 7092 NdisCap - ok
19:34:50.0930 7092 [ DE4CEF317628F50B576673964A8C712B ] ndisrd C:\Windows\system32\DRIVERS\ndisrd.sys
19:34:50.0930 7092 ndisrd - ok
19:34:50.0930 7092 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:34:50.0930 7092 NdisTapi - ok
19:34:50.0930 7092 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:34:50.0930 7092 Ndisuio - ok
19:34:50.0940 7092 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:34:50.0940 7092 NdisWan - ok
19:34:50.0940 7092 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:34:50.0940 7092 NDProxy - ok
19:34:50.0940 7092 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:34:50.0940 7092 NetBIOS - ok
19:34:50.0940 7092 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:34:50.0940 7092 NetBT - ok
19:34:50.0950 7092 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:34:50.0950 7092 Netlogon - ok
19:34:50.0950 7092 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:34:50.0950 7092 Netman - ok
19:34:50.0960 7092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:34:50.0960 7092 NetMsmqActivator - ok
19:34:50.0960 7092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:34:50.0960 7092 NetPipeActivator - ok
19:34:50.0970 7092 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:34:50.0970 7092 netprofm - ok
19:34:50.0970 7092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:34:50.0970 7092 NetTcpActivator - ok
19:34:50.0970 7092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:34:50.0970 7092 NetTcpPortSharing - ok
19:34:50.0970 7092 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:34:50.0970 7092 nfrd960 - ok
19:34:50.0980 7092 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:34:50.0980 7092 NlaSvc - ok
19:34:50.0980 7092 Norton PC Checkup Application Launcher - ok
19:34:50.0980 7092 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:34:50.0980 7092 Npfs - ok
19:34:50.0980 7092 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:34:50.0990 7092 nsi - ok
19:34:50.0990 7092 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:34:50.0990 7092 nsiproxy - ok
19:34:51.0000 7092 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:34:51.0000 7092 Ntfs - ok
19:34:51.0000 7092 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:34:51.0010 7092 Null - ok
19:34:51.0010 7092 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:34:51.0010 7092 nvraid - ok
19:34:51.0010 7092 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:34:51.0010 7092 nvstor - ok
19:34:51.0010 7092 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:34:51.0010 7092 nv_agp - ok
19:34:51.0020 7092 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:34:51.0020 7092 ohci1394 - ok
19:34:51.0020 7092 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:34:51.0020 7092 ose64 - ok
19:34:51.0050 7092 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:34:51.0060 7092 osppsvc - ok
19:34:51.0070 7092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:34:51.0070 7092 p2pimsvc - ok
19:34:51.0070 7092 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:34:51.0080 7092 p2psvc - ok
19:34:51.0080 7092 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:34:51.0080 7092 Parport - ok
19:34:51.0080 7092 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:34:51.0080 7092 partmgr - ok
19:34:51.0080 7092 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:34:51.0080 7092 PcaSvc - ok
19:34:51.0090 7092 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
19:34:51.0090 7092 PCCUJobMgr - ok
19:34:51.0090 7092 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:34:51.0090 7092 pci - ok
19:34:51.0090 7092 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:34:51.0090 7092 pciide - ok
19:34:51.0090 7092 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:34:51.0100 7092 pcmcia - ok
19:34:51.0100 7092 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:34:51.0100 7092 pcw - ok
19:34:51.0100 7092 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:34:51.0100 7092 PEAUTH - ok
19:34:51.0110 7092 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:34:51.0120 7092 PeerDistSvc - ok
19:34:51.0130 7092 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:34:51.0130 7092 PerfHost - ok
19:34:51.0140 7092 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:34:51.0150 7092 pla - ok
19:34:51.0150 7092 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:34:51.0150 7092 PlugPlay - ok
19:34:51.0160 7092 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:34:51.0160 7092 PNRPAutoReg - ok
19:34:51.0160 7092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:34:51.0160 7092 PNRPsvc - ok
19:34:51.0170 7092 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:34:51.0170 7092 PolicyAgent - ok
19:34:51.0170 7092 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:34:51.0170 7092 Power - ok
19:34:51.0170 7092 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:34:51.0170 7092 PptpMiniport - ok
19:34:51.0180 7092 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:34:51.0180 7092 Processor - ok
19:34:51.0180 7092 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:34:51.0180 7092 ProfSvc - ok
19:34:51.0180 7092 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:34:51.0180 7092 ProtectedStorage - ok
19:34:51.0190 7092 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:34:51.0190 7092 Psched - ok
19:34:51.0200 7092 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:34:51.0200 7092 ql2300 - ok
19:34:51.0200 7092 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:34:51.0200 7092 ql40xx - ok
19:34:51.0210 7092 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:34:51.0210 7092 QWAVE - ok
19:34:51.0210 7092 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:34:51.0210 7092 QWAVEdrv - ok
19:34:51.0210 7092 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:34:51.0210 7092 RasAcd - ok
19:34:51.0210 7092 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:34:51.0210 7092 RasAgileVpn - ok
19:34:51.0220 7092 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:34:51.0220 7092 RasAuto - ok
19:34:51.0220 7092 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:34:51.0220 7092 Rasl2tp - ok
19:34:51.0220 7092 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:34:51.0230 7092 RasMan - ok
19:34:51.0230 7092 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:34:51.0230 7092 RasPppoe - ok
19:34:51.0230 7092 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:34:51.0230 7092 RasSstp - ok
19:34:51.0230 7092 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:34:51.0240 7092 rdbss - ok
19:34:51.0240 7092 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:34:51.0240 7092 rdpbus - ok
19:34:51.0240 7092 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:34:51.0240 7092 RDPCDD - ok
19:34:51.0240 7092 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:34:51.0240 7092 RDPDR - ok
19:34:51.0240 7092 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:34:51.0240 7092 RDPENCDD - ok
19:34:51.0250 7092 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:34:51.0250 7092 RDPREFMP - ok
19:34:51.0250 7092 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:34:51.0250 7092 RdpVideoMiniport - ok
19:34:51.0250 7092 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:34:51.0250 7092 RDPWD - ok
19:34:51.0260 7092 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:34:51.0260 7092 rdyboost - ok
19:34:51.0260 7092 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:34:51.0260 7092 RemoteAccess - ok
19:34:51.0260 7092 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:34:51.0260 7092 RemoteRegistry - ok
19:34:51.0270 7092 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:34:51.0270 7092 RpcEptMapper - ok
19:34:51.0270 7092 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:34:51.0270 7092 RpcLocator - ok
19:34:51.0270 7092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:34:51.0270 7092 RpcSs - ok
19:34:51.0280 7092 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:34:51.0280 7092 rspndr - ok
19:34:51.0280 7092 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:34:51.0280 7092 s3cap - ok
19:34:51.0280 7092 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:34:51.0280 7092 SamSs - ok
19:34:51.0280 7092 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:34:51.0280 7092 sbp2port - ok
19:34:51.0290 7092 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:34:51.0290 7092 SCardSvr - ok
19:34:51.0290 7092 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:34:51.0290 7092 scfilter - ok
19:34:51.0300 7092 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:34:51.0300 7092 Schedule - ok
19:34:51.0300 7092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:34:51.0300 7092 SCPolicySvc - ok
19:34:51.0310 7092 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:34:51.0310 7092 SDRSVC - ok
19:34:51.0310 7092 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:34:51.0310 7092 secdrv - ok
19:34:51.0310 7092 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:34:51.0310 7092 seclogon - ok
19:34:51.0310 7092 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:34:51.0310 7092 SENS - ok
19:34:51.0320 7092 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:34:51.0320 7092 SensrSvc - ok
19:34:51.0320 7092 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:34:51.0320 7092 Serenum - ok
19:34:51.0320 7092 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:34:51.0320 7092 Serial - ok
19:34:51.0320 7092 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:34:51.0320 7092 sermouse - ok
19:34:51.0330 7092 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:34:51.0330 7092 SessionEnv - ok
19:34:51.0330 7092 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:34:51.0330 7092 sffdisk - ok
19:34:51.0330 7092 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:34:51.0330 7092 sffp_mmc - ok
19:34:51.0330 7092 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:34:51.0330 7092 sffp_sd - ok
19:34:51.0340 7092 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:34:51.0340 7092 sfloppy - ok
19:34:51.0340 7092 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:34:51.0340 7092 SharedAccess - ok
19:34:51.0340 7092 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:34:51.0350 7092 ShellHWDetection - ok
19:34:51.0350 7092 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:34:51.0350 7092 SiSRaid2 - ok
19:34:51.0350 7092 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:34:51.0350 7092 SiSRaid4 - ok
19:34:51.0350 7092 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:34:51.0350 7092 SkypeUpdate - ok
19:34:51.0360 7092 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:34:51.0360 7092 Smb - ok
19:34:51.0360 7092 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:34:51.0360 7092 SNMPTRAP - ok
19:34:51.0360 7092 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:34:51.0360 7092 spldr - ok
19:34:51.0370 7092 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:34:51.0370 7092 Spooler - ok
19:34:51.0390 7092 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:34:51.0400 7092 sppsvc - ok
19:34:51.0400 7092 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:34:51.0400 7092 sppuinotify - ok
19:34:51.0410 7092 [ A15860E920B02C9A7CE8F3A6C2FF1E3A ] sptd C:\Windows\System32\Drivers\sptd.sys
19:34:51.0410 7092 sptd - ok
19:34:51.0420 7092 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:34:51.0420 7092 srv - ok
19:34:51.0420 7092 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:34:51.0420 7092 srv2 - ok
19:34:51.0420 7092 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:34:51.0420 7092 srvnet - ok
19:34:51.0430 7092 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:34:51.0430 7092 SSDPSRV - ok
19:34:51.0430 7092 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:34:51.0430 7092 SstpSvc - ok
19:34:51.0440 7092 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
19:34:51.0440 7092 StarWindServiceAE - ok
19:34:51.0440 7092 Steam Client Service - ok
19:34:51.0440 7092 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:34:51.0440 7092 stexstor - ok
19:34:51.0450 7092 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:34:51.0450 7092 stisvc - ok
19:34:51.0450 7092 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:34:51.0450 7092 storflt - ok
19:34:51.0450 7092 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:34:51.0450 7092 storvsc - ok
19:34:51.0460 7092 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:34:51.0460 7092 swenum - ok
19:34:51.0460 7092 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:34:51.0460 7092 swprv - ok
19:34:51.0460 7092 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
19:34:51.0460 7092 Synth3dVsc - ok
19:34:51.0480 7092 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:34:51.0480 7092 SysMain - ok
19:34:51.0480 7092 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:34:51.0480 7092 TabletInputService - ok
19:34:51.0490 7092 [ B70DF208E97536CA9F29289E609F5B16 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
19:34:51.0490 7092 taphss - ok
19:34:51.0490 7092 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:34:51.0490 7092 TapiSrv - ok
19:34:51.0490 7092 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:34:51.0490 7092 TBS - ok
19:34:51.0510 7092 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:34:51.0510 7092 Tcpip - ok
19:34:51.0520 7092 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:34:51.0530 7092 TCPIP6 - ok
19:34:51.0530 7092 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:34:51.0530 7092 tcpipreg - ok
19:34:51.0540 7092 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:34:51.0540 7092 TDPIPE - ok
19:34:51.0540 7092 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:34:51.0540 7092 TDTCP - ok
19:34:51.0540 7092 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:34:51.0540 7092 tdx - ok
19:34:51.0540 7092 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:34:51.0540 7092 TermDD - ok
19:34:51.0540 7092 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
19:34:51.0540 7092 terminpt - ok
19:34:51.0550 7092 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:34:51.0550 7092 TermService - ok
19:34:51.0550 7092 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:34:51.0560 7092 Themes - ok
19:34:51.0560 7092 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:34:51.0560 7092 THREADORDER - ok
19:34:51.0560 7092 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:34:51.0560 7092 TrkWks - ok
19:34:51.0560 7092 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:34:51.0570 7092 TrustedInstaller - ok
19:34:51.0570 7092 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:34:51.0570 7092 tssecsrv - ok
19:34:51.0570 7092 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:34:51.0570 7092 TsUsbFlt - ok
19:34:51.0570 7092 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:34:51.0570 7092 TsUsbGD - ok
19:34:51.0570 7092 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
19:34:51.0570 7092 tsusbhub - ok
19:34:51.0590 7092 [ 0DF0076BD0758969E8ACC1581EEC1F79 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
19:34:51.0600 7092 TuneUp.UtilitiesSvc - ok
19:34:51.0600 7092 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
19:34:51.0600 7092 TuneUpUtilitiesDrv - ok
19:34:51.0600 7092 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:34:51.0600 7092 tunnel - ok
19:34:51.0600 7092 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:34:51.0600 7092 uagp35 - ok
19:34:51.0610 7092 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:34:51.0610 7092 udfs - ok
19:34:51.0610 7092 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:34:51.0610 7092 UI0Detect - ok
19:34:51.0610 7092 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:34:51.0610 7092 uliagpkx - ok
19:34:51.0620 7092 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:34:51.0620 7092 umbus - ok
19:34:51.0620 7092 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:34:51.0620 7092 UmPass - ok
19:34:51.0620 7092 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:34:51.0620 7092 UmRdpService - ok
19:34:51.0630 7092 [ 182BBA1B43898D5DA0938D2E9A526B31 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:34:51.0630 7092 UNS - ok
19:34:51.0630 7092 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:34:51.0630 7092 upnphost - ok
19:34:51.0640 7092 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:34:51.0640 7092 usbccgp - ok
19:34:51.0640 7092 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:34:51.0640 7092 usbcir - ok
19:34:51.0640 7092 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:34:51.0640 7092 usbehci - ok
19:34:51.0640 7092 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:34:51.0650 7092 usbhub - ok
19:34:51.0650 7092 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:34:51.0650 7092 usbohci - ok
19:34:51.0650 7092 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:34:51.0650 7092 usbprint - ok
19:34:51.0650 7092 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:34:51.0650 7092 USBSTOR - ok
19:34:51.0650 7092 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:34:51.0650 7092 usbuhci - ok
19:34:51.0660 7092 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
19:34:51.0660 7092 usb_rndisx - ok
19:34:51.0660 7092 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:34:51.0660 7092 UxSms - ok
19:34:51.0660 7092 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:34:51.0660 7092 VaultSvc - ok
19:34:51.0660 7092 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:34:51.0660 7092 vdrvroot - ok
19:34:51.0670 7092 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:34:51.0670 7092 vds - ok
19:34:51.0670 7092 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:34:51.0670 7092 vga - ok
19:34:51.0670 7092 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:34:51.0670 7092 VgaSave - ok
19:34:51.0680 7092 VGPU - ok
19:34:51.0680 7092 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:34:51.0680 7092 vhdmp - ok
19:34:51.0680 7092 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:34:51.0680 7092 viaide - ok
19:34:51.0680 7092 [ 0CDB2633712FF61A7DC486A78A807842 ] VirtuWDDM C:\Windows\system32\DRIVERS\VirtuWDDM.sys
19:34:51.0680 7092 VirtuWDDM - ok
19:34:51.0690 7092 [ 3B59BB6D10CF969DBE4DB93D9EAD7FB4 ] VKbms C:\Windows\system32\DRIVERS\VKbms.sys
19:34:51.0690 7092 VKbms - ok
19:34:51.0690 7092 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:34:51.0690 7092 vmbus - ok
19:34:51.0690 7092 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:34:51.0690 7092 VMBusHID - ok
19:34:51.0690 7092 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:34:51.0690 7092 volmgr - ok
19:34:51.0700 7092 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:34:51.0700 7092 volmgrx - ok
19:34:51.0700 7092 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:34:51.0700 7092 volsnap - ok
19:34:51.0710 7092 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:34:51.0710 7092 vsmraid - ok
19:34:51.0720 7092 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:34:51.0720 7092 VSS - ok
19:34:51.0730 7092 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:34:51.0730 7092 vwifibus - ok
19:34:51.0730 7092 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:34:51.0730 7092 W32Time - ok
19:34:51.0730 7092 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:34:51.0730 7092 WacomPen - ok
19:34:51.0740 7092 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:34:51.0740 7092 WANARP - ok
19:34:51.0740 7092 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:34:51.0740 7092 Wanarpv6 - ok
19:34:51.0750 7092 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:34:51.0750 7092 WatAdminSvc - ok
19:34:51.0760 7092 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:34:51.0770 7092 wbengine - ok
19:34:51.0770 7092 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:34:51.0770 7092 WbioSrvc - ok
19:34:51.0780 7092 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:34:51.0780 7092 wcncsvc - ok
19:34:51.0780 7092 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:34:51.0780 7092 WcsPlugInService - ok
19:34:51.0780 7092 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:34:51.0780 7092 Wd - ok
19:34:51.0790 7092 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:34:51.0790 7092 Wdf01000 - ok
19:34:51.0790 7092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:34:51.0790 7092 WdiServiceHost - ok
19:34:51.0790 7092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:34:51.0790 7092 WdiSystemHost - ok
19:34:51.0800 7092 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:34:51.0800 7092 WebClient - ok
19:34:51.0800 7092 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:34:51.0800 7092 Wecsvc - ok
19:34:51.0810 7092 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:34:51.0810 7092 wercplsupport - ok
19:34:51.0810 7092 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:34:51.0810 7092 WerSvc - ok
19:34:51.0810 7092 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:34:51.0810 7092 WfpLwf - ok
19:34:51.0820 7092 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:34:51.0820 7092 WIMMount - ok
19:34:51.0820 7092 WinDefend - ok
19:34:51.0820 7092 WinHttpAutoProxySvc - ok
19:34:51.0820 7092 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:34:51.0830 7092 Winmgmt - ok
19:34:51.0840 7092 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:34:51.0840 7092 WinRM - ok
19:34:51.0850 7092 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:34:51.0860 7092 Wlansvc - ok
19:34:51.0870 7092 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:34:51.0880 7092 wlidsvc - ok
19:34:51.0880 7092 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:34:51.0880 7092 WmiAcpi - ok
19:34:51.0880 7092 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:34:51.0890 7092 wmiApSrv - ok
19:34:51.0890 7092 WMPNetworkSvc - ok
19:34:51.0890 7092 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:34:51.0890 7092 WPCSvc - ok
19:34:51.0890 7092 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:34:51.0890 7092 WPDBusEnum - ok
19:34:51.0890 7092 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:34:51.0890 7092 ws2ifsl - ok
19:34:51.0900 7092 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:34:51.0900 7092 wscsvc - ok
19:34:51.0900 7092 WSearch - ok
19:34:51.0900 7092 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:34:51.0900 7092 WudfPf - ok
19:34:51.0910 7092 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:34:51.0910 7092 WUDFRd - ok
19:34:51.0910 7092 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:34:51.0910 7092 wudfsvc - ok
19:34:51.0910 7092 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:34:51.0910 7092 WwanSvc - ok
19:34:51.0920 7092 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:34:51.0920 7092 xusb21 - ok
19:34:51.0920 7092 ================ Scan global ===============================
19:34:51.0920 7092 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:34:51.0930 7092 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:34:51.0930 7092 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:34:51.0930 7092 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:34:51.0930 7092 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:34:51.0940 7092 [Global] - ok
19:34:51.0940 7092 ================ Scan MBR ==================================
19:34:51.0940 7092 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:34:51.0950 7092 \Device\Harddisk0\DR0 - ok
19:34:51.0950 7092 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:34:51.0950 7092 \Device\Harddisk1\DR1 - ok
19:34:51.0960 7092 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:34:51.0960 7092 \Device\Harddisk2\DR2 - ok
19:34:51.0960 7092 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
19:34:52.0100 7092 \Device\Harddisk3\DR3 - ok
19:34:52.0100 7092 ================ Scan VBR ==================================
19:34:52.0100 7092 [ 556D158BC7CED901CB2D28CD599C440D ] \Device\Harddisk0\DR0\Partition1
19:34:52.0100 7092 \Device\Harddisk0\DR0\Partition1 - ok
19:34:52.0100 7092 [ 83BF3F82DE4CE774A8A3CADB626469F5 ] \Device\Harddisk0\DR0\Partition2
19:34:52.0100 7092 \Device\Harddisk0\DR0\Partition2 - ok
19:34:52.0110 7092 [ 5585131F99E3AD1CFF1462C06C4CC0CD ] \Device\Harddisk1\DR1\Partition1
19:34:52.0110 7092 \Device\Harddisk1\DR1\Partition1 - ok
19:34:52.0110 7092 [ 7907C85F98BC25EF804D12EFD90CDFEA ] \Device\Harddisk2\DR2\Partition1
19:34:52.0110 7092 \Device\Harddisk2\DR2\Partition1 - ok
19:34:52.0110 7092 [ 5A4F1458CD65A93C2EE546879A113D08 ] \Device\Harddisk3\DR3\Partition1
19:34:52.0110 7092 \Device\Harddisk3\DR3\Partition1 - ok
19:34:52.0110 7092 [ 9D0ACC461EBECD0275D7ED30353F33F9 ] \Device\Harddisk3\DR3\Partition2
19:34:52.0110 7092 \Device\Harddisk3\DR3\Partition2 - ok
19:34:52.0110 7092 ============================================================
19:34:52.0110 7092 Scan finished
19:34:52.0110 7092 ============================================================
19:34:52.0120 7044 Detected object count: 0
19:34:52.0120 7044 Actual detected object count: 0

Avast log:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-30 19:41:11
-----------------------------
19:41:11.200 OS Version: Windows x64 6.1.7601 Service Pack 1
19:41:11.200 Number of processors: 4 586 0x3A09
19:41:11.200 ComputerName: ZAIDI7-PC UserName: zaid i7
19:41:11.620 Initialize success
19:42:10.239 AVAST engine defs: 12083001
19:42:38.275 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
19:42:38.276 Disk 0 Vendor: Intel___ 1.0. Size: 358400MB BusType: 8
19:42:38.277 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-3
19:42:38.278 Disk 1 Vendor: Intel___ 1.0. Size: 1072405MB BusType: 8
19:42:38.280 Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-0
19:42:38.281 Disk 2 Vendor: INTEL_SS 300i Size: 171705MB BusType: 8
19:42:38.282 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IAAStorageDevice-1
19:42:38.284 Disk 3 Vendor: ST310005 CC46 Size: 953869MB BusType: 8
19:42:38.286 Disk 2 MBR read successfully
19:42:38.288 Disk 2 MBR scan
19:42:38.290 Disk 2 Windows 7 default MBR code
19:42:38.292 Disk 2 Partition 1 00 07 HPFS/NTFS NTFS 171703 MB offset 2048
19:42:38.296 Disk 2 scanning C:\Windows\system32\drivers
19:42:40.124 Service scanning
19:42:46.111 Modules scanning
19:42:46.111 Disk 2 trace - called modules:
19:42:46.121
19:42:46.321 AVAST engine scan C:\Windows
19:42:46.671 AVAST engine scan C:\Windows\system32
19:43:31.028 AVAST engine scan C:\Windows\system32\drivers
19:43:33.814 AVAST engine scan C:\Users\zaid i7
19:44:47.356 AVAST engine scan C:\ProgramData
19:45:08.426 Scan finished successfully
19:45:56.753 Disk 2 MBR has been saved successfully to "C:\MBR.dat"
19:45:56.756 The log file has been saved successfully to "C:\aswMBR.txt"


ESET log:


C:\ProgramData\Codec\runtime.dll Win32/GenUpdater application
C:\ProgramData\GBox\runtime.dll Win32/GenUpdater application
C:\Users\All Users\Codec\runtime.dll Win32/GenUpdater application
C:\Users\All Users\GBox\runtime.dll Win32/GenUpdater application
C:\Users\zaid i7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJQK6G11\mx_nan_a[1].htm HTML/Iframe.B.Gen virus
C:\Windows\KMSEmulator.exe a variant of Win32/HackKMS.A application
C:\Windows\AutoKMS\AutoKMS.exe a variant of Win32/HackKMS.B application
F:\Program Files\Registry Easy\RegEasyCleaner.exe a variant of Win32/Adware.RegistryEasy application
F:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe a variant of Win32/HotSpotShield application
F:\Users\All Users\Codec\runtime.dll Win32/GenUpdater application
F:\Users\All Users\GBox\runtime.dll Win32/GenUpdater application
F:\Users\zaid\Desktop\olddddd\HSS-1.49-install-anchorfree-243-ask3.exe a variant of Win32/HotSpotShield application
F:\Users\zaid\Downloads\HSS-1.37-install-anchorfree-76-conduit.exe a variant of Win32/HotSpotShield application
F:\Users\zaid\Downloads\media.player.codec.pack.v3.9.6.setup.exe Win32/Toolbar.Widgi application
F:\Users\zaid\Downloads\RegistryEasy.exe a variant of Win32/Adware.RegistryEasy application
F:\Users\zaid\Downloads\SoftonicDownloader53346.exe a variant of Win32/SoftonicDownloader.A application
I:\downloads\Codec-V.exe Win32/InstallMate.D application



Drive F is my old windows, are any of thoes files a threat?

i know hotspot shield and it is safe, but there are some infections in my current windows. how should i proceed from here?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:50 PM

Posted 30 August 2012 - 11:32 PM

C:\Users\zaid i7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJQK6G11\mx_nan_a[1].htm HTML/Iframe.B.Gen virus
C:\Windows\KMSEmulator.exe a variant of Win32/HackKMS.A application
C:\Windows\AutoKMS\AutoKMS.exe a variant of Win32/HackKMS.B application

Remove these infections

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 zaid90

zaid90
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 30 August 2012 - 11:58 PM

I ran malwarebytes full scan ONLY on drive C, it found nothing.

minitoolbox log :
MiniToolBox by Farbar Version: 23-07-2012
Ran by zaid i7 (administrator) on 30-08-2012 at 22:52:31
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : zaidi7-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Raven

Ethernet adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hshld.com
Description . . . . . . . . . . . : Anchorfree HSS Adapter
Physical Address. . . . . . . . . : 00-FF-02-35-6B-5F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Raven
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : C8-60-00-A1-A2-E1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::99fe:591d:7ebf:9a13%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.198(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, August 30, 2012 10:38:10 PM
Lease Expires . . . . . . . . . . : Friday, August 31, 2012 10:38:10 PM
Default Gateway . . . . . . . . . : 192.168.1.5
DHCP Server . . . . . . . . . . . : 192.168.1.5
DHCPv6 IAID . . . . . . . . . . . : 248012800
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-41-A7-3E-C8-60-00-A1-A2-E1
DNS Servers . . . . . . . . . . . : 192.168.1.5
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Raven:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Raven
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:308f:27dd:9fcc:bc61(Preferred)
Link-local IPv6 Address . . . . . : fe80::308f:27dd:9fcc:bc61%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hshld.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.5

Name: google.com
Addresses: 2607:f8b0:400a:800::1001
173.194.33.33
173.194.33.34
173.194.33.38
173.194.33.32
173.194.33.41
173.194.33.40
173.194.33.39
173.194.33.46
173.194.33.35
173.194.33.37
173.194.33.36


Pinging google.com [173.194.33.33] with 32 bytes of data:
Reply from 173.194.33.33: bytes=32 time=32ms TTL=57
Reply from 173.194.33.33: bytes=32 time=33ms TTL=57

Ping statistics for 173.194.33.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 33ms, Average = 32ms
Server: UnKnown
Address: 192.168.1.5

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=631ms TTL=55
Reply from 72.30.38.140: bytes=32 time=460ms TTL=55

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 460ms, Maximum = 631ms, Average = 545ms
Server: UnKnown
Address: 192.168.1.5

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms
===========================================================================
Interface List
17...00 ff 02 35 6b 5f ......Anchorfree HSS Adapter
11...c8 60 00 a1 a2 e1 ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.5 192.168.1.198 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.198 276
192.168.1.198 255.255.255.255 On-link 192.168.1.198 276
192.168.1.255 255.255.255.255 On-link 192.168.1.198 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.198 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.198 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:308f:27dd:9fcc:bc61/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::308f:27dd:9fcc:bc61/128
On-link
11 276 fe80::99fe:591d:7ebf:9a13/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/30/2012 10:39:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/30/2012 10:38:11 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (08/30/2012 08:15:02 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (08/30/2012 08:15:02 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (08/30/2012 07:59:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/30/2012 07:58:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 07:58:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 07:58:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 07:58:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/30/2012 07:58:07 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.


System errors:
=============
Error: (08/30/2012 10:38:14 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/30/2012 08:28:16 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (08/30/2012 07:58:10 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/30/2012 07:58:08 PM) (Source: BugCheck) (User: )
Description: 0x00000109 (0xa3a039d8abf6156d, 0xb3b7465efe7450bb, 0xfffff80000b95080, 0x0000000000000002)C:\Windows\Minidump\083012-17752-01.dmp083012-17752-01

Error: (08/30/2012 07:58:07 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:55:59 PM on ?8/?30/?2012 was unexpected.

Error: (08/30/2012 06:55:09 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/30/2012 06:52:34 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (08/30/2012 06:52:34 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (08/30/2012 06:51:47 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/30/2012 06:28:59 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (08/30/2012 10:39:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/30/2012 10:38:11 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (08/30/2012 08:15:02 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (08/30/2012 08:15:02 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000B42000009030000

Error: (08/30/2012 07:59:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/30/2012 07:58:56 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Firefox downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 07:58:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Firefox downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 07:58:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Firefox downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 07:58:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Firefox downloads\esetsmartinstaller_enu.exe

Error: (08/30/2012 07:58:07 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AI Suite II (Version: 1.02.27)
Akamai NetSession Interface
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70626.1232)
Amnesia - The Dark Descent (Version: 1.2)
Application Profiles (Version: 2.0.4560.34681)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.3.0)
Asmedia ASM106x SATA Host Controller Driver (Version: 1.3.4.000)
ATITool Overclocking Utility (Version: 0.26)
Bandicam
Bandisoft MPEG-1 Decoder
Batman Arkham City 1.0 (Version: 1.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0626.1157.19430)
Catalyst Control Center Graphics Previews Common (Version: 2012.0626.1157.19430)
Catalyst Control Center InstallProxy (Version: 2012.0626.1157.19430)
Catalyst Control Center Localization All (Version: 2012.0626.1157.19430)
ccc-utility64 (Version: 2012.0626.1157.19430)
CCC Help Chinese Standard (Version: 2012.0626.1156.19430)
CCC Help Chinese Traditional (Version: 2012.0626.1156.19430)
CCC Help Czech (Version: 2012.0626.1156.19430)
CCC Help Danish (Version: 2012.0626.1156.19430)
CCC Help Dutch (Version: 2012.0626.1156.19430)
CCC Help English (Version: 2012.0626.1156.19430)
CCC Help Finnish (Version: 2012.0626.1156.19430)
CCC Help French (Version: 2012.0626.1156.19430)
CCC Help German (Version: 2012.0626.1156.19430)
CCC Help Greek (Version: 2012.0626.1156.19430)
CCC Help Hungarian (Version: 2012.0626.1156.19430)
CCC Help Italian (Version: 2012.0626.1156.19430)
CCC Help Japanese (Version: 2012.0626.1156.19430)
CCC Help Korean (Version: 2012.0626.1156.19430)
CCC Help Norwegian (Version: 2012.0626.1156.19430)
CCC Help Polish (Version: 2012.0626.1156.19430)
CCC Help Portuguese (Version: 2012.0626.1156.19430)
CCC Help Russian (Version: 2012.0626.1156.19430)
CCC Help Spanish (Version: 2012.0626.1156.19430)
CCC Help Swedish (Version: 2012.0626.1156.19430)
CCC Help Thai (Version: 2012.0626.1156.19430)
CCC Help Turkish (Version: 2012.0626.1156.19430)
CCleaner (Version: 3.19)
Codecv (Version: )
Counter-Strike: Global Offensive
CPUID CPU-Z 1.60.1
CrystalDiskMark 3.0.1c (Version: 3.0.1c)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Diablo II
Diablo III (Version: 1.0.3.10485)
Driver Sweeper version 3.2.0 (Version: 3.2.0)
Dxtory version 2.0.117 (Version: 2.0.117)
ESET Online Scanner v3
FAHClient (Version: 7.1.52)
FIFA 12 (Version: 1.6.0.0)
Fraps
Geeks3D.com FurMark 1.10.1
Google Chrome (Version: 21.0.1180.83)
Google Update Helper (Version: 1.3.21.115)
HandBrake 0.9.6 (Version: 0.9.6)
Heroes of Newerth (Version: 2.3.0)
Hotspot Shield 2.67 (Version: 2.67)
HTC Driver Installer (Version: 2.0.7.018)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.1.1399)
Intel® Network Connections 16.6.126.0 (Version: 16.6.126.0)
Intel® OpenCL CPU Runtime
Intel® Processor Graphics (Version: 8.15.10.2598)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.1.209)
Intel® Trusted Connect Service Client (Version: 1.23.219.2)
Intel® Watchdog Timer Driver (Intel® WDT)
Internet Download Manager
Java Auto Updater (Version: 2.1.6.0)
Java SE Development Kit 7 Update 4 (64-bit) (Version: 1.7.0.40)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.0 (64-bit) (Version: 2.1.0)
JavaFX 2.1.0 SDK (64-bit) (Version: 2.1.0)
JavaFX 2.1.1 (Version: 2.1.1)
Kaspersky Internet Security 2012 (Version: 12.0.0.374)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Max Payne 3 version 1.02 (Version: 1.02)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSI Afterburner 2.2.0 (Version: 2.2.0)
Nexus Mod Manager (Version: 0.18.9)
Norton PC Checkup (Version: 2.0.15.96)
NVIDIA PhysX (Version: 9.11.1107)
OCCT 4.3.1 (Version: 4.3.1)
Origin (Version: 8.6.0.357)
PAYDAY: The Heist
Portal 2
Portforward Static IP Address 1.0.47 (Version: 1.0.47)
Pro Evolution Soccer 2013 DEMO (Version: 1.00.0000)
Razer DeathAdder™ Mouse (Version: 3.05)
Razer Lycosa (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6543)
Rockstar Games Social Club (Version: 1.0.9.7)
Skype™ 5.10 (Version: 5.10.116)
SopCast 3.5.0 (Version: 3.5.0)
SProtector 1.62
Star Wars® Knights of the Old Republic® II: The Sith Lords™ (Version: 1.00.0000)
StarCraft II (Version: 1.5.2.22875)
Steam (Version: 1.0.0.0)
System Requirements Lab CYRI (Version: 4.5.1.0)
The Elder Scrolls V Skyrim - High Resolution Texture Pack
Trillian
TuneUp Utilities 2012 (Version: 12.0.2020.22)
TuneUp Utilities Language Pack (en-US) (Version: 12.0.2020.22)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
VIRTU MVP 2.1.115 (Version: 2.1.115)
VLC media player 2.0.1 (Version: 2.0.1)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.20 beta 1 (64-bit) (Version: 4.20.1)

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 16072.46 MB
Available physical RAM: 11289.57 MB
Total Pagefile: 16270.66 MB
Available Pagefile: 11017.21 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.76 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:167.68 GB) (Free:7.13 GB) NTFS
2 Drive d: (System Reserved) (Fixed) (Total:99.07 GB) (Free:19.97 GB) NTFS
3 Drive e: (Storage fast) (Fixed) (Total:349.9 GB) (Free:324.83 GB) NTFS
4 Drive f: () (Fixed) (Total:832.44 GB) (Free:49.94 GB) NTFS
5 Drive i: (BiG storage) (Fixed) (Total:1047.27 GB) (Free:571.13 GB) NTFS

========================= Users: ========================================

User accounts for \\ZAIDI7-PC

Administrator Guest zaid i7


**** End of log ****


FSS log:
Farbar Service Scanner Version: 06-08-2012
Ran by zaid i7 (administrator) on 30-08-2012 at 22:53:29
Running from "C:\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware cleaner log:

# AdwCleaner v2.000 - Logfile created 08/30/2012 at 22:54:57
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : zaid i7 - ZAIDI7-PC
# Boot Mode : Normal
# Running from : C:\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.gboxapp.com/ --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.gboxapp.com/ --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\zaid i7\AppData\Roaming\Mozilla\Firefox\Profiles\hcdvs043.default\prefs.js

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.gboxapp.com/?q=");
Deleted : user_pref("extensions.503a8e74be826.scode", "(function(){try{if('mystart.incredibar.com,premiumrepor[...]
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("extensions.mediaplayerconnectivity.activityViewPoint", false);
Deleted : user_pref("extensions.mediaplayerconnectivity.enableAutoplayViewPoint", false);
Deleted : user_pref("extensions.mediaplayerconnectivity.enableContextMenuViewPoint", true);
Deleted : user_pref("extensions.mediaplayerconnectivity.enableEmbedViewPoint", true);
Deleted : user_pref("extensions.mediaplayerconnectivity.enableFileViewPoint", true);
Deleted : user_pref("extensions.mediaplayerconnectivity.playerparamsviewpoint", "%f");
Deleted : user_pref("extensions.mediaplayerconnectivity.playerviewpoint", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v21.0.1180.83

File : C:\Users\zaid i7\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.2177] : urls_to_restore_on_startup ="urls_to_restore_on_startup" : [ "hxxp://search.gboxapp.com/" ]

*************************

AdwCleaner[S1].txt - [4765 octets] - [30/08/2012 22:54:57]

########## EOF - C:\AdwCleaner[S1].txt - [4825 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:50 PM

Posted 31 August 2012 - 12:00 AM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 zaid90

zaid90
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 31 August 2012 - 12:02 AM

RKILL log:
Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/30/2012 11:01:05 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\zaid i7\Desktop\rkill\rkill-08-30-2012-11-01-39.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* BITS [Missing Service]
* wuauserv [Missing Service]

Searching for Missing Digital Signatures:

* C:\Windows\System32\user32.dll [NoSig]
+-> C:\Windows\SysWOW64\user32.dll : 833,024 : 05/13/2012 00:57 AM : 861c4346f9281dc0380de72c8d55d6be [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll : 1,008,128 : 11/20/2010 08:24 PM : fe70103391a64039a921dbfff9c7ab1b [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll : 833,024 : 11/20/2010 08:24 PM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl]

Program finished at: 08/30/2012 11:01:45 PM
Execution time: 0 hours(s), 0 minute(s), and 40 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:50 PM

Posted 31 August 2012 - 12:10 AM

Click on startmenu and type

cmd

Right click on it and select run as administrator and run this command

sfc /scanfile=c:\windows\system32\user32.dll

After scan,restart the PC,post the new RKILL log

#9 zaid90

zaid90
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 31 August 2012 - 12:15 AM

it said user32.dll was corrupt and repair, i rebooted. Kaspersky is still constantly detecting an infection in explorer.exe and deleting it.

heres the new RKILL log:

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/30/2012 11:13:53 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* BITS [Missing Service]
* wuauserv [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 08/30/2012 11:13:57 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

Edited by zaid90, 31 August 2012 - 12:16 AM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:50 PM

Posted 31 August 2012 - 12:20 AM

I ran malwarebytes full scan ONLY on drive C, it found nothing.


Did you update it before running?

Let me know if kaspersky still detects infections

Edited by narenxp, 31 August 2012 - 08:23 AM.


#11 zaid90

zaid90
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 31 August 2012 - 12:33 AM

yes malwarebytes was updated before the scan (currently running the full scan again on drive c). Rouge killer found 2 issues and i deleted them.

unfortunately the Adobe popup is still randomly appearing and kaskersky is still detecting that explorer.exe trojan and deleting it.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:50 PM

Posted 31 August 2012 - 12:37 AM

Download

http://download.sysinternals.com/files/ProcessExplorer.zip

Extract and launch it.

Press CTRL+D key and click on EXPLORER.EXE process

Take a screenshot of processes running explorer.exe like this

Posted Image

Post the screenshot here

#13 zaid90

zaid90
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 31 August 2012 - 12:48 AM

Malwarebytes full scan found nothing.

i wasn't 100% sure what info you wanted from process explorer, so i complied all the info into 1 picture.

Posted Image

Edited by zaid90, 31 August 2012 - 12:48 AM.


#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:50 PM

Posted 31 August 2012 - 12:50 AM

Please click on EXPLORER.EXE under winlogon.exe

Now post the screenshot of lower tab similar to my screenshot

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

Edited by narenxp, 31 August 2012 - 12:51 AM.


#15 zaid90

zaid90
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 31 August 2012 - 01:00 AM

i had to play with the options in process explorer to get that lower tab to appear, i hope its the right one.

the lower tab seems to have a massive list (5-6 screenshots worth) this is only the top portion. should i get the rest and compile them into 1 long screenshot?
Posted Image


here is the autoruns log:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files\microsoft office\office14\bcssync.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rtkngui64.exe"
+ "VIRTU MVP" "Virtu MVP Control Panel" "" "c:\program files\lucidlogix technologies\virtu mvp\mvpcontrolpanel.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AMD AVT" "" "" "File not found: start"
+ "ASUS AiChargerPlus Execute" "AiChargerPlus MFC Application" "ASUSTek Computer Inc." "c:\program files (x86)\installshield installation information\{e6931688-da2b-4e16-8539-3d323d69c677}\aichargerplus.exe"
+ "AVP" "Kaspersky Anti-Virus" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\avp.exe"
+ "DeathAdder" "razerhid MFC Application" "" "c:\program files (x86)\razer\deathadder\razerhid.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "Lycosa" "razerhid MFC Application" "Razer USA Ltd." "c:\program files (x86)\razer\lycosa\razerhid.exe"
+ "Malwarebytes' Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "USB3MON" "Intel® USB 3.0 Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel® usb 3.0 extensible host controller driver\application\iusb3mon.exe"
"C:\Users\zaid i7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Trillian.lnk" "Trillian" "Cerulean Studios" "c:\program files (x86)\trillian\trillian.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AlcoholAutomount" "Alcohol Virtual Drive Auto-mount Service" "Alcohol Soft Development Team" "c:\program files (x86)\alcohol soft\alcohol 120\axautomntsrv.exe"
+ "IDMan" "Internet Download Manager (IDM)" "Tonec Inc." "c:\program files (x86)\internet download manager\idman.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "Steam" "Steam" "Valve Corporation" "c:\program files (x86)\steam\steam.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\shellex.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2012\sdshelex-x64.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "e:\programfiles\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\shellex.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2012\sdshelex-win32.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "e:\programfiles\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\shellex.dll"
+ "TuneUp Disk Space Explorer Shell Extension" "TuneUp Disk Space Explorer Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2012\dseshext-x64.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2012\sdshelex-x64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\shellex.dll"
+ "TuneUp Disk Space Explorer Shell Extension" "TuneUp Disk Space Explorer Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2012\dseshext-x86.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2012\sdshelex-win32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\shellex.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "e:\programfiles\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\shellex.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "e:\programfiles\rarext32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "e:\programfiles\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "e:\programfiles\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "IDM Shell Extension" "Internet Download Manager module" "Tonec Inc." "c:\program files (x86)\internet download manager\idmshellext64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "FilterBHO Class" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\klwtbbho.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "IDM integration (IDMIEHlprObj Class)" "IDM Browser Helper Object" "Internet Download Manager, Tonec Inc." "c:\program files (x86)\internet download manager\idmiecc64.dll"
+ "IEVkbdBHO Class" "IE Virtual Keyboard" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\ievkbd.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "FilterBHO Class" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "IDM integration (IDMIEHlprObj Class)" "IDM Browser Helper Object" "Internet Download Manager, Tonec Inc." "c:\program files (x86)\internet download manager\idmiecc.dll"
+ "IEVkbdBHO Class" "IE Virtual Keyboard" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\ievkbd.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"Task Scheduler" "" "" ""
+ "\ASUS\ASUS AI Suite II Execute" "ASUS Routine Controller" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\ai suite ii\asroutinecontroller.exe"
+ "\ASUS\ASUS DigiPowerControl Help" "Digi+ Power Control Help" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\ai suite ii\digi+ power control\powercontrolhelp.exe"
+ "\ASUS\ASUS Network iControl Help Execute" "NetSvcHelpEntry" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\ai suite ii\network icontrol\netsvchelp\netsvchelpentry.exe"
+ "\ASUS\USB 3.0 Boost Service" "U3Checker MFC Application" "" "c:\program files (x86)\asus\ai suite ii\usb 3.0 boost\u3boostsvr.exe"
+ "\Google Updater and Installer" "Google Installer" "Google Inc." "c:\users\zaid i7\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3836750576-2954566382-157075328-1000Core" "Google Installer" "Google Inc." "c:\users\zaid i7\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3836750576-2954566382-157075328-1000UA" "Google Installer" "Google Inc." "c:\users\zaid i7\appdata\local\google\update\googleupdate.exe"
+ "\Java Update Scheduler" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sidebar.exe"
+ "\TuneUpUtilities_Task_BkGndMaintenance2012" "TuneUp 1-Click Maintenance" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2012\oneclick.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "asComSvc" "" "" "c:\program files (x86)\asus\axsp\1.00.18\atkexcomsvc.exe"
+ "asHmComSvc" "" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\aahm\1.00.20\aahmsvc.exe"
+ "AsSysCtrlService" "" "" "c:\program files (x86)\asus\assysctrlservice\1.00.11\assysctrlservice.exe"
+ "AsusFanControlService" "ASUS Motherboard Fan Control Service" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\asusfancontrolservice\1.00.28\asusfancontrolservice.exe"
+ "AVP" "Provides computer protection against viruses, dangerous software, network attacks, internet fraud and spam." "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\avp.exe"
+ "AxAutoMntSrv" "Alcohol Virtual Drive Auto-mount Service, this service automatically mounts your image files following a reboot. This service is self starting after a reboot. It is set as Automatic by default and the startup type should not be altered." "Alcohol Soft Development Team" "c:\program files (x86)\alcohol soft\alcohol 120\axautomntsrv.exe"
+ "cphs" "Intel® Content Protection HECI Service - enables communication with the Content Protection FW" "Intel Corporation" "c:\windows\syswow64\intelcphecisvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "hshld" "" "" "c:\program files (x86)\hotspot shield\bin\openvpnas.exe"
+ "HssSrv" "" "AnchorFree Inc." "c:\program files (x86)\hotspot shield\hsswpr\hsssrv.exe"
+ "HssTrayService" "" "" "c:\program files (x86)\hotspot shield\bin\hsstrayservice.exe"
+ "HssWd" "" "" "c:\program files (x86)\hotspot shield\bin\hsswd.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "ICCS" "Intel® Integrated Clock Controller Service - Intel® ICCS" "Intel Corporation" "c:\program files (x86)\intel\intel® integrated clock controller service\iccproxy.exe"
+ "Intel® Capability Licensing Service Interface" "Version: 1.23.219.2" "Intel® Corporation" "c:\program files\intel\icls client\heciserver.exe"
+ "Intel® PROSet Monitoring Service" "The Intel® PROSet Monitoring Service actively monitors changes to the system and updates affected network devices to keep them running in optimal condition. Stopping this service may negatively affect the performance of the network devices on the system." "Intel Corporation" "c:\windows\system32\iprosetmonitor.exe"
+ "jhi_service" "Intel® Dynamic Application Loader Host Interface Service - Allows applications to access the local Intel ® DAL" "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "Norton PC Checkup Application Launcher" "Provides consolidated application launching facility" "Symantec Corporation" "c:\program files (x86)\norton pc checkup\engine\2.0.15.96\symcpcculaunchsvc.exe"
+ "ose64" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PCCUJobMgr" "Job Manager service for common client services" "Symantec Corporation" "c:\program files (x86)\norton pc checkup\engine\2.0.15.96\ccsvchst.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "StarWindServiceAE" "Enables network access to local burners via iSCSI protocol." "StarWind Software" "c:\program files (x86)\alcohol soft\alcohol 120\starwind\starwindserviceae.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "TuneUp.UtilitiesSvc" "This service analyzes the usage of your computer in the background, enabling automatic usage-dependent optimizations. All of its functions can be set in TuneUp Utilities. If you stop or disable this service, parts of TuneUp Utilities will not work anymore." "TuneUp Software" "c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesservice64.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "a0eswonp" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\a0eswonp.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AiCharger" "ASUS Charger driver" "ASUSTek Computer Inc." "c:\windows\syswow64\drivers\aicharger.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "asahci64" "Asmedia 106x SATA Host Controller Driver" "Asmedia Technology" "c:\windows\system32\drivers\asahci64.sys"
+ "AsIO" "" "" "c:\windows\syswow64\drivers\asio.sys"
+ "asmthub3" "ASMedia USB3 Hub Driver" "ASMedia Technology Inc" "c:\windows\system32\drivers\asmthub3.sys"
+ "asmtxhci" "ASMEDIA XHCI Host Controller Driver" "ASMedia Technology Inc" "c:\windows\system32\drivers\asmtxhci.sys"
+ "AsUpIO" "" "" "c:\windows\syswow64\drivers\asupio.sys"
+ "ASUSFILTER" "ASUS USB Hub filter driver" "MCCI Corporation" "c:\windows\syswow64\drivers\asusfilter.sys"
+ "ASUSstpt" "ASUS USB 3.0 Boost Storage Driver (Storport)" "MCCI Corporation" "c:\windows\system32\drivers\asusstpt.sys"
+ "ASUSumsc" "ASUS USB 3.0 Boost Storage Driver" "MCCI Corporation" "c:\windows\system32\drivers\asusumsc.sys"
+ "AtiHDAudioService" "AMD High Definition Audio Function Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\atihdw76.sys"
+ "ATITool" "Low-Level Driver" "" "c:\windows\system32\drivers\atitool64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "danewFltr" "Razer DeathAdder USB Optical Mouse Driver" "Razer (Asia-Pacific) Pte Ltd" "c:\windows\system32\drivers\danew.sys"
+ "e1cexpress" "Intel® Gigabit Adapter NDIS 6.x driver" "Intel Corporation" "c:\windows\system32\drivers\e1c62x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GPU-Z" "" "" "File not found: C:\Users\ZAIDI7~1\AppData\Local\Temp\GPU-Z.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HssDRV6" "Hotspot Shield Routing Driver 6" "AnchorFree Inc." "c:\windows\system32\drivers\hssdrv6.sys"
+ "HTCAND64" "ADB Interface" "HTC, Corporation" "c:\windows\system32\drivers\androidusb.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "ICCWDT" "Intel® Watchdog Timer Driver (Intel® WDT)" "Intel Corporation" "c:\windows\system32\drivers\iccwdt.sys"
+ "IDMWFP" "Internet Download Manager WFP Driver" "Tonec Inc." "c:\windows\system32\drivers\idmwfp.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "iusb3hcs" "Intel® USB 3.0 Host Controller Switch Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3hcs.sys"
+ "iusb3hub" "Intel® USB 3.0 Hub Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3hub.sys"
+ "iusb3xhc" "Intel® USB 3.0 eXtensible Host Controller Driver" "Intel Corporation" "c:\windows\system32\drivers\iusb3xhc.sys"
+ "KL1" "Kaspersky Unified Driver" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\kl1.sys"
+ "kl2" "Kaspersky Unified Driver" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\kl2.sys"
+ "KLIF" "Kaspersky Lab Interceptor and Filter" "Kaspersky Lab" "c:\windows\system32\drivers\klif.sys"
+ "KLIM6" "Kaspersky Anti-Virus NDIS 6 Filter" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\klim6.sys"
+ "klmouflt" "Kaspersky Lab Mouse Class Filter" "Kaspersky Lab" "c:\windows\system32\drivers\klmouflt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "Lycosa" "Razer Tarantula Keyboard Driver" "Razer USA Ltd." "c:\windows\system32\drivers\lycosa.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "ndisrd" "WinpkFilter LightWeight Filter" "NT Kernel Resources" "c:\windows\system32\drivers\ndisrd.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sptd" "SCSI Pass Through Direct Host" "Duplex Secure Ltd." "c:\windows\system32\drivers\sptd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "taphss" "TAP-Win32 Virtual Network Driver" "AnchorFree Inc" "c:\windows\system32\drivers\taphss.sys"
+ "TuneUpUtilitiesDrv" "TuneUp Utilities Driver" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesdriver64.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "VirtuWDDM" "LucidVirtu WDDM Driver" "Lucidlogix Inc." "c:\windows\system32\drivers\virtuwddm.sys"
+ "VKbms" "HID mini driver for USB Fx2 Device" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\vkbms.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.bdmpeg" "" "" "c:\windows\system32\bdmpega64.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\system32\frapsv64.dll"
+ "vidc.mjpg" "" "" "c:\windows\system32\bdmjpeg64.dll"
+ "vidc.mpeg" "" "" "c:\windows\system32\bdmpegv64.dll"
+ "vidc.xtor" "Dxtory DirectShow and VFW Decoder" "Dxtory Software" "c:\windows\system32\dxtorycodec64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.bdmpeg" "" "" "c:\windows\syswow64\bdmpega.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\syswow64\frapsvid.dll"
+ "vidc.mjpg" "" "" "c:\windows\syswow64\bdmjpeg.dll"
+ "vidc.mpeg" "" "" "c:\windows\syswow64\bdmpegv.dll"
+ "VIDC.RTV1" "" "" "c:\windows\syswow64\rtvcvfw32.dll"
+ "vidc.xtor" "Dxtory DirectShow and VFW Decoder" "Dxtory Software" "c:\windows\syswow64\dxtorycodec.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "Bandisoft MPEG-1 Audio Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters64.dll"
+ "Bandisoft MPEG-1 Video Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters64.dll"
+ "Dxtory Video Decoder" "Dxtory DirectShow and VFW Decoder" "Dxtory Software" "c:\windows\system32\dxtorycodec64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "Bandisoft MPEG-1 Audio Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll"
+ "Bandisoft MPEG-1 Video Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll"
+ "Dxtory Video Decoder" "Dxtory DirectShow and VFW Decoder" "Dxtory Software" "c:\windows\syswow64\dxtorycodec.dll"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\Windows\system32\appinit_dll.dll" "appinit_dll.dll" "Lucidlogix Inc." "c:\windows\system32\appinit_dll.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "c:\windows\syswow64\appinit_dll.dll c:\progra~2\sprote~1\sprote~1.dll" "appinit_dll.dll" "Lucidlogix Inc." "c:\windows\syswow64\appinit_dll.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "klogon" "Logon Visualizer" "Kaspersky Lab ZAO" "c:\windows\system32\klogon.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"

Edited by zaid90, 31 August 2012 - 01:01 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users