Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected? - C:\Windows\system32\HDtt52.com in Task Scheduler


  • Please log in to reply
6 replies to this topic

#1 David_VI

David_VI

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:50 PM

Posted 07 September 2012 - 10:42 AM

Hi guys.

I thought i'd be safer, rather than sorry.

Was doing a bit of cleanup on my system using Ccleaner as per usual but this time took a look in the Startup section. Under the Scheduled Tasks tab I noticed a list of unfamiliar items which I can't delete. I googled the filename and didn't get many results except links to places like this, which makes it seem suspicious.

So in Ccleaner I have this list


Yes Task Ad-Aware Update (Weekly) Lavasoft Limited C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent repair
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task At26 C:\Windows\system32\HDtt52.com
Yes Task At28 C:\Windows\system32\HDtt52.com
Yes Task At30 C:\Windows\system32\HDtt52.com
Yes Task At32 C:\Windows\system32\HDtt52.com
Yes Task At34 C:\Windows\system32\HDtt52.com
Yes Task At36 C:\Windows\system32\HDtt52.com
Yes Task At38 C:\Windows\system32\HDtt52.com
Yes Task At40 C:\Windows\system32\HDtt52.com
Yes Task At42 C:\Windows\system32\HDtt52.com
Yes Task At44 C:\Windows\system32\HDtt52.com
Yes Task At46 C:\Windows\system32\HDtt52.com
Yes Task At48 C:\Windows\system32\HDtt52.com
Yes Task At50 C:\Windows\system32\HDtt52.com
Yes Task At52 C:\Windows\system32\HDtt52.com
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task Core Temp Autostart David "C:\Program Files\Core Temp\Core Temp.exe"
Yes Task ESI-updater.exe Caphyon LTD g:\Earth Simulations\ESInstaller\ESI-Update.exe /silent
Yes Task MSIAfterburner C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
Yes Task {2A8E81E3-E8DA-4552-BF1E-E2B2D93F922E} Microsoft Corporation C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Yes Task {931D5691-8A1A-427F-80ED-7681097685D2} Microsoft Corporation C:\Windows\system32\pcalua.exe -a L:\setup.exe -d L:\


It's all the "HDtt52.com" files that concern me.

Is this a sign of a threat?

Thanks for your help
David

Using W7 64bit
MSE & Ad-aware are my only security programs.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:50 AM

Posted 07 September 2012 - 12:30 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 David_VI

David_VI
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:50 PM

Posted 08 September 2012 - 09:40 AM

20:26:09.0078 4520 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
20:26:09.0165 4520 ============================================================
20:26:09.0165 4520 Current date / time: 2012/09/07 20:26:09.0165
20:26:09.0165 4520 SystemInfo:
20:26:09.0165 4520
20:26:09.0165 4520 OS Version: 6.1.7601 ServicePack: 1.0
20:26:09.0165 4520 Product type: Workstation
20:26:09.0165 4520 ComputerName: DAVID-PC
20:26:09.0165 4520 UserName: David
20:26:09.0165 4520 Windows directory: C:\Windows
20:26:09.0165 4520 System windows directory: C:\Windows
20:26:09.0165 4520 Running under WOW64
20:26:09.0165 4520 Processor architecture: Intel x64
20:26:09.0165 4520 Number of processors: 4
20:26:09.0165 4520 Page size: 0x1000
20:26:09.0165 4520 Boot type: Normal boot
20:26:09.0165 4520 ============================================================
20:26:11.0242 4520 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
20:26:18.0534 4520 Drive \Device\Harddisk3\DR3 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:26:18.0541 4520 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:26:25.0596 4520 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:26:25.0599 4520 ============================================================
20:26:25.0599 4520 \Device\Harddisk2\DR2:
20:26:25.0599 4520 MBR partitions:
20:26:25.0599 4520 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747055D1
20:26:25.0599 4520 \Device\Harddisk3\DR3:
20:26:25.0599 4520 MBR partitions:
20:26:25.0599 4520 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2447163F
20:26:25.0599 4520 \Device\Harddisk1\DR1:
20:26:25.0599 4520 MBR partitions:
20:26:25.0599 4520 \Device\Harddisk0\DR0:
20:26:25.0599 4520 MBR partitions:
20:26:25.0600 4520 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2E937C82
20:26:25.0600 4520 ============================================================
20:26:25.0601 4520 C: <-> \Device\Harddisk2\DR2\Partition1
20:26:25.0628 4520 E: <-> \Device\Harddisk0\DR0\Partition1
20:26:25.0637 4520 G: <-> \Device\Harddisk3\DR3\Partition1
20:26:25.0637 4520 ============================================================
20:26:25.0637 4520 Initialize success
20:26:25.0637 4520 ============================================================
20:26:47.0007 2892 ============================================================
20:26:47.0007 2892 Scan started
20:26:47.0007 2892 Mode: Manual; TDLFS;
20:26:47.0007 2892 ============================================================
20:26:48.0583 2892 ================ Scan system memory ========================
20:26:48.0583 2892 System memory - ok
20:26:48.0584 2892 ================ Scan services =============================
20:26:48.0837 2892 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:26:48.0841 2892 1394ohci - ok
20:26:48.0882 2892 [ 13E1A369554605CC92BC6D66A8C9754B ] 3xHybr64 C:\Windows\system32\DRIVERS\3xHybr64.sys
20:26:49.0100 2892 3xHybr64 - ok
20:26:49.0122 2892 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:26:49.0127 2892 ACPI - ok
20:26:49.0165 2892 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:26:49.0166 2892 AcpiPmi - ok
20:26:49.0272 2892 [ AF9658974154C3B6A333D86DC2E0AAC8 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
20:26:49.0297 2892 Ad-Aware Service - ok
20:26:49.0449 2892 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:26:49.0450 2892 AdobeFlashPlayerUpdateSvc - ok
20:26:49.0474 2892 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:26:49.0481 2892 adp94xx - ok
20:26:49.0513 2892 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:26:49.0519 2892 adpahci - ok
20:26:49.0574 2892 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:26:49.0577 2892 adpu320 - ok
20:26:49.0608 2892 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:26:49.0608 2892 AeLookupSvc - ok
20:26:49.0634 2892 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:26:49.0636 2892 AFD - ok
20:26:49.0664 2892 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:26:49.0666 2892 agp440 - ok
20:26:49.0709 2892 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:26:49.0711 2892 ALG - ok
20:26:49.0731 2892 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:26:49.0733 2892 aliide - ok
20:26:49.0843 2892 ALSysIO - ok
20:26:49.0845 2892 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:26:49.0847 2892 amdide - ok
20:26:49.0869 2892 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:26:49.0991 2892 AmdK8 - ok
20:26:50.0050 2892 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:26:50.0117 2892 AmdPPM - ok
20:26:50.0170 2892 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:26:50.0173 2892 amdsata - ok
20:26:50.0185 2892 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:26:50.0189 2892 amdsbs - ok
20:26:50.0208 2892 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:26:50.0209 2892 amdxata - ok
20:26:50.0239 2892 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:26:50.0242 2892 AppID - ok
20:26:50.0275 2892 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:26:50.0277 2892 AppIDSvc - ok
20:26:50.0293 2892 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:26:50.0295 2892 Appinfo - ok
20:26:50.0345 2892 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
20:26:50.0355 2892 AppleCharger - ok
20:26:50.0367 2892 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
20:26:50.0498 2892 AppleChargerSrv - ok
20:26:50.0527 2892 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:26:50.0530 2892 arc - ok
20:26:50.0540 2892 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:26:50.0543 2892 arcsas - ok
20:26:50.0661 2892 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:26:50.0663 2892 aspnet_state - ok
20:26:50.0709 2892 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:26:50.0711 2892 AsyncMac - ok
20:26:50.0733 2892 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:26:50.0734 2892 atapi - ok
20:26:50.0761 2892 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
20:26:50.0853 2892 atksgt - ok
20:26:50.0895 2892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:26:50.0903 2892 AudioEndpointBuilder - ok
20:26:50.0910 2892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:26:50.0912 2892 AudioSrv - ok
20:26:50.0935 2892 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:26:50.0938 2892 AxInstSV - ok
20:26:50.0970 2892 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:26:50.0976 2892 b06bdrv - ok
20:26:50.0992 2892 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:26:50.0996 2892 b57nd60a - ok
20:26:51.0016 2892 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:26:51.0018 2892 BDESVC - ok
20:26:51.0029 2892 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:26:51.0030 2892 Beep - ok
20:26:51.0065 2892 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:26:51.0074 2892 BFE - ok
20:26:51.0094 2892 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:26:51.0104 2892 BITS - ok
20:26:51.0112 2892 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:26:51.0113 2892 blbdrive - ok
20:26:51.0147 2892 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:26:51.0149 2892 bowser - ok
20:26:51.0167 2892 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:26:51.0169 2892 BrFiltLo - ok
20:26:51.0181 2892 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:26:51.0183 2892 BrFiltUp - ok
20:26:51.0248 2892 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:26:51.0251 2892 Browser - ok
20:26:51.0278 2892 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:26:51.0282 2892 Brserid - ok
20:26:51.0307 2892 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:26:51.0309 2892 BrSerWdm - ok
20:26:51.0325 2892 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:26:51.0326 2892 BrUsbMdm - ok
20:26:51.0382 2892 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:26:51.0384 2892 BrUsbSer - ok
20:26:51.0392 2892 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:26:51.0394 2892 BTHMODEM - ok
20:26:51.0422 2892 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:26:51.0424 2892 bthserv - ok
20:26:51.0447 2892 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:26:51.0449 2892 cdfs - ok
20:26:51.0501 2892 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:26:51.0511 2892 cdrom - ok
20:26:51.0520 2892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:26:51.0522 2892 CertPropSvc - ok
20:26:51.0544 2892 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:26:51.0546 2892 circlass - ok
20:26:51.0587 2892 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:26:51.0588 2892 CLFS - ok
20:26:51.0636 2892 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:26:51.0638 2892 clr_optimization_v2.0.50727_32 - ok
20:26:51.0701 2892 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:26:51.0703 2892 clr_optimization_v2.0.50727_64 - ok
20:26:51.0789 2892 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:26:51.0792 2892 clr_optimization_v4.0.30319_32 - ok
20:26:51.0808 2892 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:26:51.0811 2892 clr_optimization_v4.0.30319_64 - ok
20:26:51.0829 2892 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:26:51.0831 2892 CmBatt - ok
20:26:51.0832 2892 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:26:51.0834 2892 cmdide - ok
20:26:51.0889 2892 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:26:51.0895 2892 CNG - ok
20:26:51.0913 2892 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:26:51.0914 2892 Compbatt - ok
20:26:51.0943 2892 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:26:51.0945 2892 CompositeBus - ok
20:26:51.0946 2892 COMSysApp - ok
20:26:51.0987 2892 [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
20:26:51.0990 2892 cpuz135 - ok
20:26:52.0037 2892 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:26:52.0038 2892 crcdisk - ok
20:26:52.0079 2892 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:26:52.0080 2892 CryptSvc - ok
20:26:52.0107 2892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:26:52.0109 2892 DcomLaunch - ok
20:26:52.0159 2892 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:26:52.0164 2892 defragsvc - ok
20:26:52.0224 2892 [ FDC0C5ADDE1CDE6EDB0BEF78F0699AF3 ] DES2 Service C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
20:26:52.0245 2892 DES2 Service - ok
20:26:52.0274 2892 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:26:52.0277 2892 DfsC - ok
20:26:52.0288 2892 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:26:52.0292 2892 Dhcp - ok
20:26:52.0304 2892 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:26:52.0304 2892 discache - ok
20:26:52.0322 2892 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:26:52.0324 2892 Disk - ok
20:26:52.0343 2892 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:26:52.0346 2892 Dnscache - ok
20:26:52.0366 2892 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:26:52.0370 2892 dot3svc - ok
20:26:52.0381 2892 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:26:52.0384 2892 DPS - ok
20:26:52.0429 2892 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:26:52.0431 2892 drmkaud - ok
20:26:52.0490 2892 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:26:52.0497 2892 dtsoftbus01 - ok
20:26:52.0527 2892 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:26:52.0539 2892 DXGKrnl - ok
20:26:52.0617 2892 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:26:52.0620 2892 EapHost - ok
20:26:52.0680 2892 [ 2EA8CCC4AF7D9223DD397D8CCB636F5D ] EASEUS Agent C:\Program Files (x86)\EASEUS\Todo Backup 2.0\bin\Agent.exe
20:26:52.0693 2892 EASEUS Agent - ok
20:26:52.0767 2892 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:26:52.0802 2892 ebdrv - ok
20:26:52.0828 2892 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:26:52.0829 2892 EFS - ok
20:26:52.0881 2892 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:26:52.0890 2892 ehRecvr - ok
20:26:52.0902 2892 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:26:52.0905 2892 ehSched - ok
20:26:52.0923 2892 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
20:26:53.0095 2892 ElbyCDIO - ok
20:26:53.0125 2892 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:26:53.0132 2892 elxstor - ok
20:26:53.0176 2892 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:26:53.0178 2892 ErrDev - ok
20:26:53.0210 2892 [ 84486624268E078255BC7AA47F0960BC ] etdrv C:\Windows\etdrv.sys
20:26:53.0219 2892 etdrv - ok
20:26:53.0244 2892 [ 74A88F4B1F22F394E27792A0195505D1 ] EUBAKUP C:\Windows\system32\drivers\eubakup.sys
20:26:53.0431 2892 EUBAKUP - ok
20:26:53.0439 2892 [ 5A720EACFE8DB9D8D28C691C09269A58 ] EUDSKACS C:\Windows\system32\drivers\eudskacs.sys
20:26:53.0626 2892 EUDSKACS - ok
20:26:53.0637 2892 [ 84F2D1D52BB527A8477B2DB2C220DD0D ] EUFS C:\Windows\system32\drivers\eufs.sys
20:26:53.0820 2892 EUFS - ok
20:26:53.0849 2892 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:26:53.0855 2892 EventSystem - ok
20:26:53.0873 2892 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:26:53.0876 2892 exfat - ok
20:26:53.0894 2892 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:26:53.0897 2892 fastfat - ok
20:26:53.0940 2892 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:26:53.0948 2892 Fax - ok
20:26:53.0966 2892 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:26:53.0969 2892 fdc - ok
20:26:54.0005 2892 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:26:54.0007 2892 fdPHost - ok
20:26:54.0012 2892 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:26:54.0013 2892 FDResPub - ok
20:26:54.0031 2892 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:26:54.0033 2892 FileInfo - ok
20:26:54.0041 2892 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:26:54.0043 2892 Filetrace - ok
20:26:54.0067 2892 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:26:54.0069 2892 flpydisk - ok
20:26:54.0096 2892 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:26:54.0101 2892 FltMgr - ok
20:26:54.0153 2892 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:26:54.0166 2892 FontCache - ok
20:26:54.0256 2892 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:26:54.0258 2892 FontCache3.0.0.0 - ok
20:26:54.0323 2892 [ 07AF7870ABF051EBBAE8A8A92FF34ABE ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
20:26:54.0327 2892 FreeAgentGoNext Service - ok
20:26:54.0338 2892 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:26:54.0340 2892 FsDepends - ok
20:26:54.0388 2892 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:26:54.0390 2892 Fs_Rec - ok
20:26:54.0508 2892 [ 0D015D3584704EC814A58276232F143B ] Futuremark SystemInfo Service C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
20:26:54.0531 2892 Futuremark SystemInfo Service - ok
20:26:54.0552 2892 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:26:54.0553 2892 fvevol - ok
20:26:54.0582 2892 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:26:54.0584 2892 gagp30kx - ok
20:26:54.0608 2892 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
20:26:54.0611 2892 gdrv - ok
20:26:54.0627 2892 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:26:54.0637 2892 gpsvc - ok
20:26:54.0683 2892 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:26:54.0686 2892 gupdate - ok
20:26:54.0688 2892 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:26:54.0689 2892 gupdatem - ok
20:26:54.0735 2892 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:26:54.0738 2892 gusvc - ok
20:26:54.0775 2892 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
20:26:54.0784 2892 GVTDrv64 - ok
20:26:54.0805 2892 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
20:26:54.0807 2892 hamachi - ok
20:26:54.0862 2892 [ CE77BC37BDD36C9DC50C3591EBAC3FA3 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:26:54.0886 2892 Hamachi2Svc - ok
20:26:54.0896 2892 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:26:54.0898 2892 hcw85cir - ok
20:26:54.0921 2892 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:26:54.0923 2892 HDAudBus - ok
20:26:54.0939 2892 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:26:54.0941 2892 HidBatt - ok
20:26:54.0951 2892 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:26:54.0996 2892 HidBth - ok
20:26:55.0036 2892 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:26:55.0038 2892 HidIr - ok
20:26:55.0047 2892 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:26:55.0049 2892 hidserv - ok
20:26:55.0069 2892 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:26:55.0077 2892 HidUsb - ok
20:26:55.0098 2892 [ C6FF685E2EA55C3AC5C90B9E7D6930C0 ] hitmanpro35 C:\Windows\system32\drivers\hitmanpro35.sys
20:26:55.0101 2892 hitmanpro35 - ok
20:26:55.0128 2892 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:26:55.0130 2892 hkmsvc - ok
20:26:55.0157 2892 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:26:55.0161 2892 HomeGroupListener - ok
20:26:55.0183 2892 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:26:55.0187 2892 HomeGroupProvider - ok
20:26:55.0207 2892 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:26:55.0209 2892 HpSAMD - ok
20:26:55.0264 2892 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:26:55.0278 2892 HPSLPSVC - ok
20:26:55.0315 2892 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:26:55.0323 2892 HTTP - ok
20:26:55.0334 2892 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:26:55.0335 2892 hwpolicy - ok
20:26:55.0371 2892 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:26:55.0374 2892 i8042prt - ok
20:26:55.0421 2892 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:26:55.0426 2892 iaStorV - ok
20:26:55.0489 2892 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:26:55.0492 2892 IDriverT - ok
20:26:55.0556 2892 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:26:55.0566 2892 idsvc - ok
20:26:55.0595 2892 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:26:55.0597 2892 iirsp - ok
20:26:55.0623 2892 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:26:55.0634 2892 IKEEXT - ok
20:26:55.0697 2892 [ 88798B4381FD58FAE2DA07880C177C5C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:26:55.0725 2892 IntcAzAudAddService - ok
20:26:55.0739 2892 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:26:55.0740 2892 intelide - ok
20:26:55.0753 2892 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:26:55.0754 2892 intelppm - ok
20:26:55.0766 2892 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:26:55.0799 2892 IPBusEnum - ok
20:26:55.0866 2892 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:26:55.0868 2892 IpFilterDriver - ok
20:26:55.0897 2892 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:26:55.0905 2892 iphlpsvc - ok
20:26:55.0922 2892 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:26:55.0924 2892 IPMIDRV - ok
20:26:55.0933 2892 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:26:55.0936 2892 IPNAT - ok
20:26:55.0952 2892 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:26:55.0954 2892 IRENUM - ok
20:26:56.0004 2892 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:26:56.0006 2892 isapnp - ok
20:26:56.0030 2892 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:26:56.0034 2892 iScsiPrt - ok
20:26:56.0056 2892 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:26:56.0058 2892 kbdclass - ok
20:26:56.0074 2892 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:26:56.0084 2892 kbdhid - ok
20:26:56.0139 2892 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:26:56.0140 2892 KeyIso - ok
20:26:56.0262 2892 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:26:56.0280 2892 KSecDD - ok
20:26:56.0312 2892 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:26:56.0366 2892 KSecPkg - ok
20:26:56.0386 2892 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:26:56.0387 2892 ksthunk - ok
20:26:56.0413 2892 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:26:56.0419 2892 KtmRm - ok
20:26:56.0439 2892 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:26:56.0443 2892 LanmanServer - ok
20:26:56.0459 2892 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:26:56.0462 2892 LanmanWorkstation - ok
20:26:56.0568 2892 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:26:56.0573 2892 LBTServ - ok
20:26:56.0619 2892 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:26:56.0624 2892 LHidFilt - ok
20:26:56.0658 2892 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
20:26:56.0740 2892 lirsgt - ok
20:26:56.0768 2892 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:26:56.0770 2892 lltdio - ok
20:26:56.0791 2892 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:26:56.0796 2892 lltdsvc - ok
20:26:56.0804 2892 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:26:56.0806 2892 lmhosts - ok
20:26:56.0832 2892 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:26:56.0836 2892 LMouFilt - ok
20:26:56.0849 2892 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:26:56.0852 2892 LSI_FC - ok
20:26:56.0877 2892 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:26:56.0880 2892 LSI_SAS - ok
20:26:56.0906 2892 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:26:56.0909 2892 LSI_SAS2 - ok
20:26:56.0949 2892 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:26:56.0951 2892 LSI_SCSI - ok
20:26:56.0968 2892 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:26:56.0971 2892 luafv - ok
20:26:57.0004 2892 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
20:26:57.0008 2892 LUsbFilt - ok
20:26:57.0059 2892 [ B2085E335F2B57077B0CBADB6F1245CD ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
20:26:57.0063 2892 lvpopf64 - ok
20:26:57.0102 2892 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
20:26:57.0132 2892 LVPr2M64 - ok
20:26:57.0159 2892 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
20:26:57.0159 2892 LVPr2Mon - ok
20:26:57.0198 2892 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
20:26:57.0200 2892 LVPrcS64 - ok
20:26:57.0223 2892 [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
20:26:57.0228 2892 LVRS64 - ok
20:26:57.0306 2892 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
20:26:57.0364 2892 LVUVC64 - ok
20:26:57.0408 2892 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:26:57.0410 2892 Mcx2Svc - ok
20:26:57.0424 2892 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:26:57.0425 2892 megasas - ok
20:26:57.0450 2892 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:26:57.0455 2892 MegaSR - ok
20:26:57.0483 2892 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:26:57.0486 2892 MEIx64 - ok
20:26:57.0505 2892 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:26:57.0506 2892 MMCSS - ok
20:26:57.0543 2892 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:26:57.0545 2892 Modem - ok
20:26:57.0584 2892 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:26:57.0585 2892 monitor - ok
20:26:57.0594 2892 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:26:57.0596 2892 mouclass - ok
20:26:57.0614 2892 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:26:57.0623 2892 mouhid - ok
20:26:57.0640 2892 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:26:57.0642 2892 mountmgr - ok
20:26:57.0671 2892 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:26:57.0675 2892 MpFilter - ok
20:26:57.0678 2892 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:26:57.0681 2892 mpio - ok
20:26:57.0694 2892 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:26:57.0696 2892 mpsdrv - ok
20:26:57.0722 2892 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:26:57.0732 2892 MpsSvc - ok
20:26:57.0735 2892 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:26:57.0738 2892 MRxDAV - ok
20:26:57.0758 2892 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:26:57.0761 2892 mrxsmb - ok
20:26:57.0772 2892 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:26:57.0776 2892 mrxsmb10 - ok
20:26:57.0787 2892 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:26:57.0790 2892 mrxsmb20 - ok
20:26:57.0799 2892 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:26:57.0801 2892 msahci - ok
20:26:57.0814 2892 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:26:57.0817 2892 msdsm - ok
20:26:57.0838 2892 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:26:57.0841 2892 MSDTC - ok
20:26:57.0862 2892 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:26:57.0864 2892 Msfs - ok
20:26:57.0884 2892 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:26:57.0885 2892 mshidkmdf - ok
20:26:57.0897 2892 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:26:57.0899 2892 msisadrv - ok
20:26:57.0933 2892 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:26:57.0936 2892 MSiSCSI - ok
20:26:57.0938 2892 msiserver - ok
20:26:57.0980 2892 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:26:57.0981 2892 MSKSSRV - ok
20:26:58.0031 2892 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:26:58.0032 2892 MsMpSvc - ok
20:26:58.0042 2892 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:26:58.0043 2892 MSPCLOCK - ok
20:26:58.0052 2892 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:26:58.0053 2892 MSPQM - ok
20:26:58.0064 2892 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:26:58.0069 2892 MsRPC - ok
20:26:58.0081 2892 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:26:58.0082 2892 mssmbios - ok
20:26:58.0089 2892 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:26:58.0090 2892 MSTEE - ok
20:26:58.0105 2892 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:26:58.0106 2892 MTConfig - ok
20:26:58.0127 2892 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:26:58.0129 2892 Mup - ok
20:26:58.0150 2892 [ E53D9AB63917338D7FFE12E85310A636 ] mv91cons C:\Windows\system32\DRIVERS\mv91cons.sys
20:26:58.0152 2892 mv91cons - ok
20:26:58.0175 2892 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:26:58.0177 2892 napagent - ok
20:26:58.0220 2892 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:26:58.0225 2892 NativeWifiP - ok
20:26:58.0256 2892 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:26:58.0267 2892 NDIS - ok
20:26:58.0289 2892 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:26:58.0292 2892 NdisCap - ok
20:26:58.0346 2892 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:26:58.0348 2892 NdisTapi - ok
20:26:58.0369 2892 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:26:58.0371 2892 Ndisuio - ok
20:26:58.0392 2892 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:26:58.0395 2892 NdisWan - ok
20:26:58.0414 2892 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:26:58.0416 2892 NDProxy - ok
20:26:58.0434 2892 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:26:58.0436 2892 Net Driver HPZ12 - ok
20:26:58.0465 2892 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:26:58.0467 2892 NetBIOS - ok
20:26:58.0475 2892 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:26:58.0478 2892 NetBT - ok
20:26:58.0491 2892 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:26:58.0491 2892 Netlogon - ok
20:26:58.0516 2892 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:26:58.0521 2892 Netman - ok
20:26:58.0578 2892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:26:58.0581 2892 NetMsmqActivator - ok
20:26:58.0606 2892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:26:58.0607 2892 NetPipeActivator - ok
20:26:58.0622 2892 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:26:58.0624 2892 netprofm - ok
20:26:58.0627 2892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:26:58.0628 2892 NetTcpActivator - ok
20:26:58.0630 2892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:26:58.0631 2892 NetTcpPortSharing - ok
20:26:58.0702 2892 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:26:58.0704 2892 nfrd960 - ok
20:26:58.0736 2892 [ 473AB3856CA286A616998CB34762EB6D ] nHancer C:\Program Files\nHancer\nHancerService.exe
20:26:58.0868 2892 nHancer - ok
20:26:58.0892 2892 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:26:58.0895 2892 NisDrv - ok
20:26:58.0937 2892 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
20:26:58.0942 2892 NisSrv - ok
20:26:58.0973 2892 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:26:58.0978 2892 NlaSvc - ok
20:26:58.0986 2892 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:26:58.0988 2892 Npfs - ok
20:26:59.0002 2892 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:26:59.0004 2892 nsi - ok
20:26:59.0015 2892 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:26:59.0016 2892 nsiproxy - ok
20:26:59.0060 2892 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:26:59.0078 2892 Ntfs - ok
20:26:59.0087 2892 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:26:59.0088 2892 Null - ok
20:26:59.0100 2892 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:26:59.0103 2892 nusb3hub - ok
20:26:59.0118 2892 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:26:59.0121 2892 nusb3xhc - ok
20:26:59.0172 2892 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:26:59.0175 2892 NVHDA - ok
20:26:59.0337 2892 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:26:59.0569 2892 nvlddmkm - ok
20:26:59.0592 2892 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:26:59.0595 2892 nvraid - ok
20:26:59.0634 2892 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:26:59.0637 2892 nvstor - ok
20:26:59.0711 2892 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:26:59.0723 2892 nvsvc - ok
20:26:59.0826 2892 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:26:59.0844 2892 nvUpdatusService - ok
20:26:59.0924 2892 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:26:59.0927 2892 nv_agp - ok
20:26:59.0974 2892 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:26:59.0980 2892 odserv - ok
20:27:00.0064 2892 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:27:00.0066 2892 ohci1394 - ok
20:27:00.0098 2892 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:27:00.0101 2892 ose - ok
20:27:00.0125 2892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:27:00.0130 2892 p2pimsvc - ok
20:27:00.0142 2892 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:27:00.0148 2892 p2psvc - ok
20:27:00.0165 2892 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:27:00.0168 2892 Parport - ok
20:27:00.0188 2892 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:27:00.0190 2892 partmgr - ok
20:27:00.0203 2892 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:27:00.0206 2892 PcaSvc - ok
20:27:00.0213 2892 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:27:00.0217 2892 pci - ok
20:27:00.0239 2892 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:27:00.0240 2892 pciide - ok
20:27:00.0243 2892 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:27:00.0247 2892 pcmcia - ok
20:27:00.0258 2892 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:27:00.0260 2892 pcw - ok
20:27:00.0286 2892 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:27:00.0294 2892 PEAUTH - ok
20:27:00.0364 2892 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:27:00.0366 2892 PerfHost - ok
20:27:00.0420 2892 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:27:00.0435 2892 pla - ok
20:27:00.0514 2892 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:27:00.0520 2892 PlugPlay - ok
20:27:00.0571 2892 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:27:00.0574 2892 Pml Driver HPZ12 - ok
20:27:00.0582 2892 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:27:00.0584 2892 PNRPAutoReg - ok
20:27:00.0588 2892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:27:00.0589 2892 PNRPsvc - ok
20:27:00.0621 2892 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:27:00.0628 2892 PolicyAgent - ok
20:27:00.0656 2892 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:27:00.0659 2892 Power - ok
20:27:00.0677 2892 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:27:00.0680 2892 PptpMiniport - ok
20:27:00.0691 2892 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:27:00.0693 2892 Processor - ok
20:27:00.0734 2892 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:27:00.0738 2892 ProfSvc - ok
20:27:00.0751 2892 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:27:00.0751 2892 ProtectedStorage - ok
20:27:00.0768 2892 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:27:00.0770 2892 Psched - ok
20:27:00.0804 2892 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:27:00.0821 2892 ql2300 - ok
20:27:00.0823 2892 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:27:00.0826 2892 ql40xx - ok
20:27:00.0849 2892 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:27:00.0853 2892 QWAVE - ok
20:27:00.0862 2892 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:27:00.0864 2892 QWAVEdrv - ok
20:27:00.0875 2892 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:27:00.0876 2892 RasAcd - ok
20:27:00.0907 2892 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:27:00.0910 2892 RasAgileVpn - ok
20:27:00.0918 2892 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:27:00.0921 2892 RasAuto - ok
20:27:00.0947 2892 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:27:00.0949 2892 Rasl2tp - ok
20:27:00.0964 2892 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:27:00.0969 2892 RasMan - ok
20:27:00.0977 2892 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:27:00.0979 2892 RasPppoe - ok
20:27:00.0981 2892 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:27:00.0983 2892 RasSstp - ok
20:27:00.0997 2892 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:27:01.0002 2892 rdbss - ok
20:27:01.0010 2892 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:27:01.0011 2892 rdpbus - ok
20:27:01.0022 2892 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:27:01.0022 2892 RDPCDD - ok
20:27:01.0040 2892 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:27:01.0040 2892 RDPENCDD - ok
20:27:01.0077 2892 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:27:01.0078 2892 RDPREFMP - ok
20:27:01.0097 2892 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:27:01.0101 2892 RDPWD - ok
20:27:01.0117 2892 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:27:01.0120 2892 rdyboost - ok
20:27:01.0138 2892 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:27:01.0141 2892 RemoteAccess - ok
20:27:01.0157 2892 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:27:01.0160 2892 RemoteRegistry - ok
20:27:01.0217 2892 [ A10B40CF9EB57D24E44717A2D38A00F4 ] RivaTuner64 C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
20:27:01.0219 2892 RivaTuner64 - ok
20:27:01.0244 2892 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:27:01.0246 2892 RpcEptMapper - ok
20:27:01.0268 2892 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:27:01.0270 2892 RpcLocator - ok
20:27:01.0281 2892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:27:01.0283 2892 RpcSs - ok
20:27:01.0319 2892 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:27:01.0321 2892 rspndr - ok
20:27:01.0357 2892 [ 712944C0A377E9B8743F95BD83E882D4 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:27:01.0368 2892 RTL8167 - ok
20:27:01.0393 2892 [ 45C0B193065219189772A038E6C29D49 ] SaiH0763 C:\Windows\system32\DRIVERS\SaiH0763.sys
20:27:01.0399 2892 SaiH0763 - ok
20:27:01.0424 2892 [ 231A3700154B1A49C2F05CB0DA4B2747 ] SaiH0BAC C:\Windows\system32\DRIVERS\SaiH0BAC.sys
20:27:01.0427 2892 SaiH0BAC - ok
20:27:01.0452 2892 [ 9E7E53891D1747A01F491AB25B95135D ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys
20:27:01.0459 2892 SaiMini - ok
20:27:01.0483 2892 [ B3B86BE19A0CAF025F679C39FD21E735 ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys
20:27:01.0493 2892 SaiNtBus - ok
20:27:01.0495 2892 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:27:01.0495 2892 SamSs - ok
20:27:01.0610 2892 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
20:27:01.0621 2892 SBAMSvc - ok
20:27:01.0698 2892 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
20:27:01.0709 2892 sbapifs - ok
20:27:01.0780 2892 [ B671EEF468D13016B9286F5835A06AE1 ] sbhips C:\Windows\system32\drivers\sbhips.sys
20:27:01.0789 2892 sbhips - ok
20:27:01.0820 2892 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:27:01.0823 2892 sbp2port - ok
20:27:01.0882 2892 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
20:27:01.0892 2892 SBRE - ok
20:27:01.0928 2892 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:27:01.0932 2892 SCardSvr - ok
20:27:01.0937 2892 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:27:01.0939 2892 scfilter - ok
20:27:01.0958 2892 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:27:01.0972 2892 Schedule - ok
20:27:02.0002 2892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:27:02.0003 2892 SCPolicySvc - ok
20:27:02.0017 2892 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:27:02.0021 2892 SDRSVC - ok
20:27:02.0043 2892 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:27:02.0045 2892 secdrv - ok
20:27:02.0057 2892 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:27:02.0059 2892 seclogon - ok
20:27:02.0083 2892 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:27:02.0085 2892 SENS - ok
20:27:02.0148 2892 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:27:02.0150 2892 SensrSvc - ok
20:27:02.0162 2892 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:27:02.0164 2892 Serenum - ok
20:27:02.0187 2892 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:27:02.0189 2892 Serial - ok
20:27:02.0210 2892 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:27:02.0211 2892 sermouse - ok
20:27:02.0232 2892 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:27:02.0234 2892 SessionEnv - ok
20:27:02.0244 2892 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:27:02.0245 2892 sffdisk - ok
20:27:02.0252 2892 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:27:02.0254 2892 sffp_mmc - ok
20:27:02.0265 2892 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:27:02.0266 2892 sffp_sd - ok
20:27:02.0275 2892 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:27:02.0277 2892 sfloppy - ok
20:27:02.0292 2892 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:27:02.0297 2892 SharedAccess - ok
20:27:02.0317 2892 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:27:02.0322 2892 ShellHWDetection - ok
20:27:02.0337 2892 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:27:02.0338 2892 SiSRaid2 - ok
20:27:02.0404 2892 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:27:02.0406 2892 SiSRaid4 - ok
20:27:02.0558 2892 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:27:02.0609 2892 Skype C2C Service - ok
20:27:02.0659 2892 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:27:02.0662 2892 SkypeUpdate - ok
20:27:02.0688 2892 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:27:02.0690 2892 Smb - ok
20:27:02.0738 2892 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:27:02.0740 2892 SNMPTRAP - ok
20:27:02.0794 2892 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
20:27:02.0797 2892 Sony PC Companion - ok
20:27:02.0819 2892 [ 7455ED832A33FEF453407F5411C3342D ] speedfan C:\Windows\syswow64\speedfan.sys
20:27:02.0823 2892 speedfan - ok
20:27:02.0872 2892 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:27:02.0873 2892 spldr - ok
20:27:02.0893 2892 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:27:02.0897 2892 Spooler - ok
20:27:02.0984 2892 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:27:03.0018 2892 sppsvc - ok
20:27:03.0035 2892 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:27:03.0037 2892 sppuinotify - ok
20:27:03.0064 2892 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:27:03.0071 2892 srv - ok
20:27:03.0082 2892 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:27:03.0089 2892 srv2 - ok
20:27:03.0095 2892 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:27:03.0098 2892 srvnet - ok
20:27:03.0119 2892 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:27:03.0122 2892 SSDPSRV - ok
20:27:03.0127 2892 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:27:03.0130 2892 SstpSvc - ok
20:27:03.0139 2892 Steam Client Service - ok
20:27:03.0153 2892 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:27:03.0155 2892 stexstor - ok
20:27:03.0188 2892 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:27:03.0196 2892 stisvc - ok
20:27:03.0210 2892 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:27:03.0211 2892 swenum - ok
20:27:03.0223 2892 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:27:03.0230 2892 swprv - ok
20:27:03.0260 2892 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:27:03.0279 2892 SysMain - ok
20:27:03.0286 2892 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:27:03.0289 2892 TabletInputService - ok
20:27:03.0303 2892 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:27:03.0308 2892 TapiSrv - ok
20:27:03.0343 2892 [ 40AEF344E856C4FC7DF9A9F3793B2CBE ] TASCAM_US122144 C:\Windows\system32\Drivers\tascusb2.sys
20:27:03.0385 2892 TASCAM_US122144 - ok
20:27:03.0410 2892 [ 6E8FBD86A8873193BD7418AEFE04D466 ] TASCAM_US144_MIDI C:\Windows\system32\drivers\tscusb2m.sys
20:27:03.0437 2892 TASCAM_US144_MIDI - ok
20:27:03.0459 2892 [ 2D7944EF798E9276AFFA3A896B97AA11 ] TASCAM_US144_WDM C:\Windows\system32\drivers\tscusb2a.sys
20:27:03.0488 2892 TASCAM_US144_WDM - ok
20:27:03.0494 2892 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:27:03.0496 2892 TBS - ok
20:27:03.0536 2892 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:27:03.0556 2892 Tcpip - ok
20:27:03.0581 2892 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:27:03.0587 2892 TCPIP6 - ok
20:27:03.0602 2892 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:27:03.0604 2892 tcpipreg - ok
20:27:03.0617 2892 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:27:03.0618 2892 TDPIPE - ok
20:27:03.0635 2892 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:27:03.0637 2892 TDTCP - ok
20:27:03.0644 2892 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:27:03.0647 2892 tdx - ok
20:27:03.0654 2892 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:27:03.0656 2892 TermDD - ok
20:27:03.0671 2892 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:27:03.0675 2892 TermService - ok
20:27:03.0684 2892 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:27:03.0686 2892 Themes - ok
20:27:03.0707 2892 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:27:03.0708 2892 THREADORDER - ok
20:27:03.0721 2892 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:27:03.0724 2892 TrkWks - ok
20:27:03.0765 2892 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:27:03.0768 2892 TrustedInstaller - ok
20:27:03.0790 2892 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:27:03.0792 2892 tssecsrv - ok
20:27:03.0807 2892 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:27:03.0808 2892 TsUsbFlt - ok
20:27:03.0822 2892 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:27:03.0824 2892 TsUsbGD - ok
20:27:03.0853 2892 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:27:03.0856 2892 tunnel - ok
20:27:03.0872 2892 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:27:03.0874 2892 uagp35 - ok
20:27:03.0888 2892 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:27:03.0893 2892 udfs - ok
20:27:03.0908 2892 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:27:03.0910 2892 UI0Detect - ok
20:27:03.0925 2892 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:27:03.0927 2892 uliagpkx - ok
20:27:03.0987 2892 [ 694BCF23662F97D987CF4C6739C35F8B ] UltraMonUtility C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
20:27:03.0989 2892 UltraMonUtility - ok
20:27:04.0026 2892 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:27:04.0028 2892 umbus - ok
20:27:04.0055 2892 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:27:04.0056 2892 UmPass - ok
20:27:04.0096 2892 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys
20:27:04.0097 2892 UnlockerDriver5 - ok
20:27:04.0137 2892 [ 8F387A1CC015A3F5020700C657A0FC85 ] UnsignedThemes C:\Windows\UnsignedThemesSvc.exe
20:27:04.0143 2892 UnsignedThemes - ok
20:27:04.0182 2892 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:27:04.0187 2892 upnphost - ok
20:27:04.0215 2892 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:27:04.0218 2892 usbaudio - ok
20:27:04.0255 2892 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:27:04.0262 2892 usbccgp - ok
20:27:04.0288 2892 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:27:04.0291 2892 usbcir - ok
20:27:04.0293 2892 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:27:04.0295 2892 usbehci - ok
20:27:04.0311 2892 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:27:04.0316 2892 usbhub - ok
20:27:04.0334 2892 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:27:04.0335 2892 usbohci - ok
20:27:04.0380 2892 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:27:04.0386 2892 usbprint - ok
20:27:04.0435 2892 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:27:04.0442 2892 USBSTOR - ok
20:27:04.0454 2892 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:27:04.0456 2892 usbuhci - ok
20:27:04.0472 2892 [ 297EE9C666FC8BB96A232DB0DDBA1E49 ] uxpatch C:\Windows\system32\drivers\uxpatch.sys
20:27:04.0479 2892 uxpatch - ok
20:27:04.0490 2892 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:27:04.0492 2892 UxSms - ok
20:27:04.0502 2892 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:27:04.0503 2892 VaultSvc - ok
20:27:04.0526 2892 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
20:27:04.0693 2892 VClone - ok
20:27:04.0727 2892 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:27:04.0729 2892 vdrvroot - ok
20:27:04.0745 2892 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:27:04.0753 2892 vds - ok
20:27:04.0776 2892 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:27:04.0777 2892 vga - ok
20:27:04.0795 2892 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:27:04.0796 2892 VgaSave - ok
20:27:04.0851 2892 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:27:04.0855 2892 vhdmp - ok
20:27:04.0875 2892 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:27:04.0876 2892 viaide - ok
20:27:04.0900 2892 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:27:04.0902 2892 volmgr - ok
20:27:04.0913 2892 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:27:04.0914 2892 volmgrx - ok
20:27:04.0972 2892 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:27:04.0976 2892 volsnap - ok
20:27:05.0012 2892 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:27:05.0015 2892 vsmraid - ok
20:27:05.0060 2892 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:27:05.0077 2892 VSS - ok
20:27:05.0089 2892 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:27:05.0091 2892 vwifibus - ok
20:27:05.0105 2892 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:27:05.0110 2892 W32Time - ok
20:27:05.0129 2892 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:27:05.0131 2892 WacomPen - ok
20:27:05.0155 2892 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:27:05.0158 2892 WANARP - ok
20:27:05.0160 2892 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:27:05.0160 2892 Wanarpv6 - ok
20:27:05.0217 2892 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:27:05.0232 2892 WatAdminSvc - ok
20:27:05.0263 2892 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:27:05.0280 2892 wbengine - ok
20:27:05.0288 2892 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:27:05.0292 2892 WbioSrvc - ok
20:27:05.0304 2892 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:27:05.0310 2892 wcncsvc - ok
20:27:05.0318 2892 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:27:05.0321 2892 WcsPlugInService - ok
20:27:05.0343 2892 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:27:05.0345 2892 Wd - ok
20:27:05.0368 2892 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:27:05.0376 2892 Wdf01000 - ok
20:27:05.0385 2892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:27:05.0388 2892 WdiServiceHost - ok
20:27:05.0390 2892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:27:05.0391 2892 WdiSystemHost - ok
20:27:05.0404 2892 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:27:05.0409 2892 WebClient - ok
20:27:05.0417 2892 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:27:05.0421 2892 Wecsvc - ok
20:27:05.0434 2892 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:27:05.0436 2892 wercplsupport - ok
20:27:05.0443 2892 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:27:05.0446 2892 WerSvc - ok
20:27:05.0459 2892 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:27:05.0461 2892 WfpLwf - ok
20:27:05.0491 2892 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:27:05.0493 2892 WIMMount - ok
20:27:05.0516 2892 WinDefend - ok
20:27:05.0531 2892 WinHttpAutoProxySvc - ok
20:27:05.0583 2892 [ 66C365B542195C1F6E2FF4A7D8F3827C ] WinI2C-DDC C:\Windows\system32\drivers\DDCDrv.sys
20:27:05.0585 2892 WinI2C-DDC - ok
20:27:05.0649 2892 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:27:05.0653 2892 Winmgmt - ok
20:27:05.0758 2892 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Users\David\Desktop\Overclocking\Realtemp\WinRing0x64.sys
20:27:05.0764 2892 WinRing0_1_2_0 - ok
20:27:05.0812 2892 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:27:05.0834 2892 WinRM - ok
20:27:05.0896 2892 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:27:05.0897 2892 WinUsb - ok
20:27:05.0917 2892 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:27:05.0927 2892 Wlansvc - ok
20:27:06.0048 2892 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:27:06.0066 2892 wlidsvc - ok
20:27:06.0111 2892 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:27:06.0112 2892 WmiAcpi - ok
20:27:06.0169 2892 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:27:06.0172 2892 wmiApSrv - ok
20:27:06.0184 2892 WMPNetworkSvc - ok
20:27:06.0191 2892 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:27:06.0193 2892 WPCSvc - ok
20:27:06.0198 2892 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:27:06.0201 2892 WPDBusEnum - ok
20:27:06.0223 2892 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:27:06.0224 2892 ws2ifsl - ok
20:27:06.0232 2892 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:27:06.0235 2892 wscsvc - ok
20:27:06.0264 2892 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
20:27:06.0266 2892 WSDPrintDevice - ok
20:27:06.0267 2892 WSearch - ok
20:27:06.0323 2892 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:27:06.0330 2892 wuauserv - ok
20:27:06.0338 2892 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:27:06.0340 2892 WudfPf - ok
20:27:06.0355 2892 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:27:06.0358 2892 WUDFRd - ok
20:27:06.0370 2892 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:27:06.0373 2892 wudfsvc - ok
20:27:06.0386 2892 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:27:06.0390 2892 WwanSvc - ok
20:27:06.0419 2892 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
20:27:06.0490 2892 xusb21 - ok
20:27:06.0492 2892 ================ Scan global ===============================
20:27:06.0511 2892 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:27:06.0535 2892 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:27:06.0542 2892 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:27:06.0558 2892 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:27:06.0585 2892 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:27:06.0587 2892 [Global] - ok
20:27:06.0588 2892 ================ Scan MBR ==================================
20:27:06.0597 2892 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
20:27:06.0767 2892 \Device\Harddisk2\DR2 - ok
20:27:06.0770 2892 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
20:27:06.0853 2892 \Device\Harddisk3\DR3 - ok
20:27:06.0855 2892 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:27:06.0911 2892 \Device\Harddisk1\DR1 - ok
20:27:06.0912 2892 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:27:07.0037 2892 \Device\Harddisk0\DR0 - ok
20:27:07.0037 2892 ================ Scan VBR ==================================
20:27:07.0038 2892 [ 8B5BBBB3C428B0F6AEBE5340B8359B1D ] \Device\Harddisk2\DR2\Partition1
20:27:07.0039 2892 \Device\Harddisk2\DR2\Partition1 - ok
20:27:07.0040 2892 [ BC38EA87A8110E2B908D7C871A06E10B ] \Device\Harddisk3\DR3\Partition1
20:27:07.0040 2892 \Device\Harddisk3\DR3\Partition1 - ok
20:27:07.0041 2892 [ D52FF3DA2ABA8866E978F25A0A23D6C5 ] \Device\Harddisk0\DR0\Partition1
20:27:07.0043 2892 \Device\Harddisk0\DR0\Partition1 - ok
20:27:07.0043 2892 ============================================================
20:27:07.0043 2892 Scan finished
20:27:07.0043 2892 ============================================================
20:27:07.0048 5600 Detected object count: 0
20:27:07.0048 5600 Actual detected object count: 0






aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-07 20:36:55
-----------------------------
20:36:55.775 OS Version: Windows x64 6.1.7601 Service Pack 1
20:36:55.775 Number of processors: 4 586 0x2A07
20:36:55.775 ComputerName: DAVID-PC UserName: David
20:36:57.633 Initialize success
20:38:53.903 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP13T0L0-d
20:38:53.904 Disk 0 Vendor: WDC_WD4000AAJS-00TKA0 12.01C01 Size: 381554MB BusType: 11
20:38:53.905 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP11T0L0-b
20:38:53.906 Disk 1 Vendor: SAMSUNG_HD103SJ 1AJ10004 Size: 953869MB BusType: 11
20:38:53.907 Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP8T0L0-8
20:38:53.908 Disk 2 Vendor: SAMSUNG_HD103SJ 1AJ10004 Size: 953869MB BusType: 11
20:38:53.909 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IdeDeviceP10T0L0-a
20:38:53.911 Disk 3 Vendor: Hitachi_HDT725032VLA380 V54OA7BA Size: 305245MB BusType: 11
20:38:53.938 Disk 2 MBR read successfully
20:38:53.940 Disk 2 MBR scan
20:38:53.941 Disk 2 Windows 7 default MBR code
20:38:53.943 Disk 2 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953866 MB offset 63
20:38:53.972 Disk 2 scanning C:\Windows\system32\drivers
20:39:03.257 Service scanning
20:39:20.772 Modules scanning
20:39:20.776 Disk 2 trace - called modules:
20:39:20.779 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
20:39:20.786 1 nt!IofCallDriver -> \Device\Harddisk2\DR2[0xfffffa800795d060]
20:39:20.790 3 CLASSPNP.SYS[fffff880019cc43f] -> nt!IofCallDriver -> [0xfffffa80070c87f0]
20:39:20.800 5 ACPI.sys[fffff88000d837a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP8T0L0-8[0xfffffa80075e4680]
20:39:20.808 Scan finished successfully
20:41:16.319 Disk 2 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
20:41:16.322 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR.txt"


====================


C:\Users\David\Desktop\SoftonicDownloader_for_cue-splitter.exe a variant of Win32/SoftonicDownloader.D application cleaned by deleting - quarantined
C:\Users\David\Downloads\Setup-MsgPlus-511.exe a variant of Win32/MessengerPlus.A application deleted - quarantined
C:\Users\David\Downloads\Setup-MsgPlus-550.exe a variant of Win32/MessengerPlus.A application deleted - quarantined
C:\Windows\System32\flt1chk3.dll Win32/SuspLibLoad.B trojan cleaned - quarantined


==

Thanks for your help!

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:50 AM

Posted 08 September 2012 - 09:41 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 David_VI

David_VI
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:50 PM

Posted 11 September 2012 - 01:12 PM

For some reason when I paste my logs the forum tells me I don't have permission to reply. Yet this message is fine? I'll try post them separately maybe. Probably have to do some of them again due to this!

#6 David_VI

David_VI
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:50 PM

Posted 11 September 2012 - 01:14 PM

Ok heres one. I tried pasting minitoolbox but that gave me the forum message, this one is fine however :\. Another edit, posted FSS under.



# AdwCleaner v2.001 - Logfile created 09/09/2012 at 17:34:08
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : David - DAVID-PC
# Boot Mode : Normal
# Running from : C:\Users\David\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\David\AppData\Local\APN
Folder Deleted : C:\Users\David\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-21-4023631005-1775378413-3646532931-1009\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\tu47hnnt.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Recording\AppData\Roaming\Mozilla\Firefox\Profiles\3pf3cbof.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Recording\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3683 octets] - [09/09/2012 17:34:08]

########## EOF - C:\AdwCleaner[S1].txt - [3743 octets] ##########


Farbar Service Scanner Version: 06-08-2012
Ran by David (administrator) on 09-09-2012 at 17:45:25
Running from "C:\Users\David\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Farbar Service Scanner Version: 06-08-2012
Ran by David (administrator) on 11-09-2012 at 19:15:35
Running from "C:\Users\David\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by David_VI, 11 September 2012 - 01:16 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:50 AM

Posted 11 September 2012 - 04:26 PM

Malwarebytes log?

Minitoolbox log?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users