Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Problem


  • Please log in to reply
9 replies to this topic

#1 Airy_One

Airy_One

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 26 September 2012 - 06:00 AM

I'm running Windows 7 Ultimate Sp1. Most of the time while using google i get redirected to other site(like Comedy Central) and another search engine I've never heard of before sometimes. I've run virus programs like M-bytes and Hitman Pro. They found some infections and got rid of them, but the problem still persists. Is there anything I can do?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:35 PM

Posted 26 September 2012 - 06:41 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Airy_One

Airy_One
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 26 September 2012 - 08:44 AM

TDSSKiller:
08:15:05.0994 2864 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:15:06.0284 2864 ============================================================
08:15:06.0284 2864 Current date / time: 2012/09/26 08:15:06.0284
08:15:06.0284 2864 SystemInfo:
08:15:06.0284 2864
08:15:06.0284 2864 OS Version: 6.1.7601 ServicePack: 1.0
08:15:06.0284 2864 Product type: Workstation
08:15:06.0284 2864 ComputerName: TARDIS
08:15:06.0284 2864 UserName: Airy
08:15:06.0284 2864 Windows directory: C:\Windows
08:15:06.0284 2864 System windows directory: C:\Windows
08:15:06.0284 2864 Running under WOW64
08:15:06.0284 2864 Processor architecture: Intel x64
08:15:06.0284 2864 Number of processors: 4
08:15:06.0284 2864 Page size: 0x1000
08:15:06.0284 2864 Boot type: Normal boot
08:15:06.0284 2864 ============================================================
08:15:06.0754 2864 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:15:06.0754 2864 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:15:06.0754 2864 ============================================================
08:15:06.0754 2864 \Device\Harddisk1\DR1:
08:15:06.0754 2864 MBR partitions:
08:15:06.0754 2864 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
08:15:06.0754 2864 \Device\Harddisk0\DR0:
08:15:06.0754 2864 MBR partitions:
08:15:06.0754 2864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:15:06.0754 2864 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE422B0
08:15:06.0754 2864 ============================================================
08:15:06.0754 2864 C: <-> \Device\Harddisk0\DR0\Partition2
08:15:06.0774 2864 A: <-> \Device\Harddisk1\DR1\Partition1
08:15:06.0774 2864 ============================================================
08:15:06.0774 2864 Initialize success
08:15:06.0774 2864 ============================================================
08:15:12.0624 2532 ============================================================
08:15:12.0624 2532 Scan started
08:15:12.0624 2532 Mode: Manual; TDLFS;
08:15:12.0624 2532 ============================================================
08:15:12.0764 2532 ================ Scan system memory ========================
08:15:12.0764 2532 System memory - ok
08:15:12.0764 2532 ================ Scan services =============================
08:15:12.0794 2532 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:15:12.0794 2532 1394ohci - ok
08:15:12.0804 2532 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:15:12.0804 2532 ACPI - ok
08:15:12.0814 2532 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:15:12.0814 2532 AcpiPmi - ok
08:15:12.0814 2532 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:15:12.0814 2532 AdobeARMservice - ok
08:15:12.0824 2532 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:15:12.0824 2532 adp94xx - ok
08:15:12.0834 2532 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:15:12.0834 2532 adpahci - ok
08:15:12.0844 2532 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:15:12.0844 2532 adpu320 - ok
08:15:12.0844 2532 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:15:12.0854 2532 AeLookupSvc - ok
08:15:12.0854 2532 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:15:12.0864 2532 AFD - ok
08:15:12.0864 2532 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:15:12.0864 2532 agp440 - ok
08:15:12.0864 2532 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:15:12.0874 2532 ALG - ok
08:15:12.0874 2532 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:15:12.0874 2532 aliide - ok
08:15:12.0874 2532 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:15:12.0874 2532 amdide - ok
08:15:12.0884 2532 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:15:12.0884 2532 AmdK8 - ok
08:15:12.0884 2532 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:15:12.0884 2532 AmdPPM - ok
08:15:12.0884 2532 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:15:12.0884 2532 amdsata - ok
08:15:12.0894 2532 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:15:12.0894 2532 amdsbs - ok
08:15:12.0894 2532 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:15:12.0894 2532 amdxata - ok
08:15:12.0904 2532 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:15:12.0904 2532 AppID - ok
08:15:12.0904 2532 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:15:12.0904 2532 AppIDSvc - ok
08:15:12.0904 2532 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:15:12.0904 2532 Appinfo - ok
08:15:12.0914 2532 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:15:12.0914 2532 Apple Mobile Device - ok
08:15:12.0914 2532 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
08:15:12.0924 2532 AppMgmt - ok
08:15:12.0924 2532 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:15:12.0924 2532 arc - ok
08:15:12.0924 2532 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:15:12.0934 2532 arcsas - ok
08:15:12.0934 2532 [ 6FE3237C1177E66437E7AD0E8AC1A6E5 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
08:15:12.0934 2532 asmthub3 - ok
08:15:12.0934 2532 [ C4043E39A2ABBC56581CA25DF161E9F7 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
08:15:12.0944 2532 asmtxhci - ok
08:15:12.0944 2532 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:15:12.0954 2532 aspnet_state - ok
08:15:12.0954 2532 [ 912A215CE180A6E7C923C662D7EC777D ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
08:15:12.0954 2532 AsrAppCharger - ok
08:15:12.0954 2532 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:15:12.0954 2532 AsyncMac - ok
08:15:12.0964 2532 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:15:12.0964 2532 atapi - ok
08:15:12.0964 2532 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:15:12.0974 2532 AudioEndpointBuilder - ok
08:15:12.0974 2532 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:15:12.0984 2532 AudioSrv - ok
08:15:12.0984 2532 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:15:12.0984 2532 AxInstSV - ok
08:15:12.0994 2532 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:15:12.0994 2532 b06bdrv - ok
08:15:13.0004 2532 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:15:13.0004 2532 b57nd60a - ok
08:15:13.0004 2532 [ 19998210AF20B0C6881B0062C8AB2030 ] BasicScan Service C:\Program Files (x86)\BasicScan\basicscan.exe
08:15:13.0004 2532 BasicScan Service - ok
08:15:13.0014 2532 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:15:13.0014 2532 BDESVC - ok
08:15:13.0014 2532 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:15:13.0014 2532 Beep - ok
08:15:13.0024 2532 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:15:13.0024 2532 BFE - ok
08:15:13.0034 2532 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:15:13.0044 2532 BITS - ok
08:15:13.0044 2532 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:15:13.0044 2532 blbdrive - ok
08:15:13.0054 2532 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:15:13.0054 2532 Bonjour Service - ok
08:15:13.0054 2532 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:15:13.0054 2532 bowser - ok
08:15:13.0054 2532 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:15:13.0064 2532 BrFiltLo - ok
08:15:13.0064 2532 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:15:13.0064 2532 BrFiltUp - ok
08:15:13.0064 2532 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:15:13.0064 2532 Browser - ok
08:15:13.0074 2532 [ 624FD301A77022F995742840E2A3F736 ] Browser Defender Update Service C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
08:15:13.0074 2532 Browser Defender Update Service - ok
08:15:13.0084 2532 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:15:13.0084 2532 Brserid - ok
08:15:13.0084 2532 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:15:13.0084 2532 BrSerWdm - ok
08:15:13.0094 2532 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:15:13.0094 2532 BrUsbMdm - ok
08:15:13.0094 2532 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:15:13.0094 2532 BrUsbSer - ok
08:15:13.0094 2532 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:15:13.0094 2532 BTHMODEM - ok
08:15:13.0104 2532 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:15:13.0104 2532 bthserv - ok
08:15:13.0104 2532 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:15:13.0104 2532 cdfs - ok
08:15:13.0114 2532 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:15:13.0114 2532 cdrom - ok
08:15:13.0114 2532 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:15:13.0114 2532 CertPropSvc - ok
08:15:13.0124 2532 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:15:13.0124 2532 circlass - ok
08:15:13.0124 2532 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:15:13.0124 2532 CLFS - ok
08:15:13.0134 2532 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:15:13.0134 2532 clr_optimization_v2.0.50727_32 - ok
08:15:13.0134 2532 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:15:13.0144 2532 clr_optimization_v2.0.50727_64 - ok
08:15:13.0144 2532 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:15:13.0154 2532 clr_optimization_v4.0.30319_32 - ok
08:15:13.0164 2532 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:15:13.0164 2532 clr_optimization_v4.0.30319_64 - ok
08:15:13.0164 2532 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:15:13.0174 2532 CmBatt - ok
08:15:13.0174 2532 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:15:13.0174 2532 cmdide - ok
08:15:13.0174 2532 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:15:13.0184 2532 CNG - ok
08:15:13.0184 2532 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:15:13.0184 2532 Compbatt - ok
08:15:13.0184 2532 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:15:13.0184 2532 CompositeBus - ok
08:15:13.0194 2532 COMSysApp - ok
08:15:13.0194 2532 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
08:15:13.0194 2532 cpuz135 - ok
08:15:13.0194 2532 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:15:13.0194 2532 crcdisk - ok
08:15:13.0204 2532 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:15:13.0204 2532 CryptSvc - ok
08:15:13.0214 2532 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
08:15:13.0214 2532 CSC - ok
08:15:13.0224 2532 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
08:15:13.0224 2532 CscService - ok
08:15:13.0224 2532 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
08:15:13.0234 2532 dc3d - ok
08:15:13.0234 2532 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:15:13.0244 2532 DcomLaunch - ok
08:15:13.0244 2532 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:15:13.0244 2532 defragsvc - ok
08:15:13.0254 2532 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:15:13.0254 2532 DfsC - ok
08:15:13.0254 2532 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:15:13.0264 2532 Dhcp - ok
08:15:13.0264 2532 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:15:13.0264 2532 discache - ok
08:15:13.0264 2532 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:15:13.0264 2532 Disk - ok
08:15:13.0274 2532 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:15:13.0274 2532 Dnscache - ok
08:15:13.0274 2532 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:15:13.0274 2532 dot3svc - ok
08:15:13.0284 2532 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:15:13.0284 2532 DPS - ok
08:15:13.0284 2532 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:15:13.0284 2532 drmkaud - ok
08:15:13.0294 2532 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
08:15:13.0294 2532 dtsoftbus01 - ok
08:15:13.0304 2532 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:15:13.0304 2532 DXGKrnl - ok
08:15:13.0304 2532 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:15:13.0314 2532 EapHost - ok
08:15:13.0334 2532 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:15:13.0354 2532 ebdrv - ok
08:15:13.0354 2532 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:15:13.0354 2532 EFS - ok
08:15:13.0364 2532 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:15:13.0374 2532 ehRecvr - ok
08:15:13.0374 2532 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:15:13.0374 2532 ehSched - ok
08:15:13.0384 2532 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:15:13.0384 2532 elxstor - ok
08:15:13.0384 2532 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:15:13.0384 2532 ErrDev - ok
08:15:13.0394 2532 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:15:13.0394 2532 EventSystem - ok
08:15:13.0404 2532 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:15:13.0404 2532 exfat - ok
08:15:13.0404 2532 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:15:13.0414 2532 fastfat - ok
08:15:13.0414 2532 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:15:13.0424 2532 Fax - ok
08:15:13.0424 2532 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:15:13.0424 2532 fdc - ok
08:15:13.0424 2532 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:15:13.0424 2532 fdPHost - ok
08:15:13.0434 2532 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:15:13.0434 2532 FDResPub - ok
08:15:13.0434 2532 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:15:13.0434 2532 FileInfo - ok
08:15:13.0434 2532 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:15:13.0434 2532 Filetrace - ok
08:15:13.0444 2532 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:15:13.0444 2532 flpydisk - ok
08:15:13.0444 2532 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:15:13.0444 2532 FltMgr - ok
08:15:13.0454 2532 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:15:13.0464 2532 FontCache - ok
08:15:13.0464 2532 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:15:13.0474 2532 FontCache3.0.0.0 - ok
08:15:13.0474 2532 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:15:13.0474 2532 FsDepends - ok
08:15:13.0474 2532 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:15:13.0474 2532 Fs_Rec - ok
08:15:13.0484 2532 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:15:13.0484 2532 fvevol - ok
08:15:13.0484 2532 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:15:13.0484 2532 gagp30kx - ok
08:15:13.0494 2532 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:15:13.0494 2532 GEARAspiWDM - ok
08:15:13.0494 2532 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:15:13.0504 2532 gpsvc - ok
08:15:13.0504 2532 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:15:13.0504 2532 hcw85cir - ok
08:15:13.0514 2532 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:15:13.0514 2532 HdAudAddService - ok
08:15:13.0514 2532 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:15:13.0514 2532 HDAudBus - ok
08:15:13.0524 2532 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:15:13.0524 2532 HidBatt - ok
08:15:13.0524 2532 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:15:13.0524 2532 HidBth - ok
08:15:13.0534 2532 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:15:13.0534 2532 HidIr - ok
08:15:13.0534 2532 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:15:13.0534 2532 hidserv - ok
08:15:13.0534 2532 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:15:13.0534 2532 HidUsb - ok
08:15:13.0544 2532 HitmanPro36CrusaderBoot - ok
08:15:13.0544 2532 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:15:13.0544 2532 hkmsvc - ok
08:15:13.0554 2532 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:15:13.0554 2532 HomeGroupListener - ok
08:15:13.0554 2532 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:15:13.0554 2532 HomeGroupProvider - ok
08:15:13.0564 2532 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:15:13.0564 2532 HpSAMD - ok
08:15:13.0574 2532 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:15:13.0574 2532 HTTP - ok
08:15:13.0574 2532 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:15:13.0574 2532 hwpolicy - ok
08:15:13.0584 2532 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:15:13.0584 2532 i8042prt - ok
08:15:13.0594 2532 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:15:13.0594 2532 iaStorV - ok
08:15:13.0604 2532 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:15:13.0604 2532 idsvc - ok
08:15:13.0694 2532 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:15:13.0774 2532 igfx - ok
08:15:13.0774 2532 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:15:13.0774 2532 iirsp - ok
08:15:13.0784 2532 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:15:13.0794 2532 IKEEXT - ok
08:15:13.0814 2532 [ 718A4008EE5DA174400396B27509EF82 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:15:13.0824 2532 IntcAzAudAddService - ok
08:15:13.0834 2532 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:15:13.0834 2532 intelide - ok
08:15:13.0834 2532 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:15:13.0834 2532 intelppm - ok
08:15:13.0834 2532 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:15:13.0834 2532 IPBusEnum - ok
08:15:13.0844 2532 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:15:13.0844 2532 IpFilterDriver - ok
08:15:13.0844 2532 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:15:13.0854 2532 iphlpsvc - ok
08:15:13.0854 2532 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:15:13.0854 2532 IPMIDRV - ok
08:15:13.0854 2532 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:15:13.0864 2532 IPNAT - ok
08:15:13.0864 2532 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:15:13.0874 2532 iPod Service - ok
08:15:13.0874 2532 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:15:13.0874 2532 IRENUM - ok
08:15:13.0884 2532 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:15:13.0884 2532 isapnp - ok
08:15:13.0884 2532 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:15:13.0884 2532 iScsiPrt - ok
08:15:13.0894 2532 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:15:13.0894 2532 kbdclass - ok
08:15:13.0894 2532 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:15:13.0894 2532 kbdhid - ok
08:15:13.0894 2532 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:15:13.0894 2532 KeyIso - ok
08:15:13.0904 2532 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:15:13.0904 2532 KSecDD - ok
08:15:13.0904 2532 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:15:13.0904 2532 KSecPkg - ok
08:15:13.0904 2532 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:15:13.0904 2532 ksthunk - ok
08:15:13.0914 2532 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:15:13.0914 2532 KtmRm - ok
08:15:13.0924 2532 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:15:13.0924 2532 LanmanServer - ok
08:15:13.0924 2532 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:15:13.0924 2532 LanmanWorkstation - ok
08:15:13.0934 2532 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
08:15:13.0934 2532 LBTServ - ok
08:15:13.0944 2532 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
08:15:13.0944 2532 LHidFilt - ok
08:15:13.0944 2532 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:15:13.0944 2532 lltdio - ok
08:15:13.0954 2532 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:15:13.0954 2532 lltdsvc - ok
08:15:13.0954 2532 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:15:13.0954 2532 lmhosts - ok
08:15:13.0964 2532 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
08:15:13.0964 2532 LMouFilt - ok
08:15:13.0964 2532 [ 9AD4BEE2FE76D4CA39AC969B617E94FB ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:15:13.0964 2532 LMS - ok
08:15:13.0974 2532 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:15:13.0974 2532 LSI_FC - ok
08:15:13.0974 2532 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:15:13.0974 2532 LSI_SAS - ok
08:15:13.0984 2532 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:15:13.0984 2532 LSI_SAS2 - ok
08:15:13.0984 2532 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:15:13.0984 2532 LSI_SCSI - ok
08:15:13.0994 2532 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:15:13.0994 2532 luafv - ok
08:15:13.0994 2532 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
08:15:13.0994 2532 LUsbFilt - ok
08:15:13.0994 2532 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
08:15:13.0994 2532 MBfilt - ok
08:15:14.0004 2532 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:15:14.0004 2532 Mcx2Svc - ok
08:15:14.0004 2532 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:15:14.0004 2532 megasas - ok
08:15:14.0004 2532 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:15:14.0014 2532 MegaSR - ok
08:15:14.0014 2532 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
08:15:14.0014 2532 MEIx64 - ok
08:15:14.0014 2532 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:15:14.0024 2532 MMCSS - ok
08:15:14.0024 2532 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:15:14.0024 2532 Modem - ok
08:15:14.0024 2532 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:15:14.0024 2532 monitor - ok
08:15:14.0024 2532 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:15:14.0024 2532 mouclass - ok
08:15:14.0034 2532 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:15:14.0034 2532 mouhid - ok
08:15:14.0034 2532 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:15:14.0034 2532 mountmgr - ok
08:15:14.0034 2532 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:15:14.0044 2532 mpio - ok
08:15:14.0044 2532 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:15:14.0044 2532 mpsdrv - ok
08:15:14.0054 2532 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:15:14.0054 2532 MpsSvc - ok
08:15:14.0064 2532 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:15:14.0064 2532 MRxDAV - ok
08:15:14.0064 2532 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:15:14.0064 2532 mrxsmb - ok
08:15:14.0074 2532 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:15:14.0074 2532 mrxsmb10 - ok
08:15:14.0074 2532 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:15:14.0074 2532 mrxsmb20 - ok
08:15:14.0084 2532 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:15:14.0084 2532 msahci - ok
08:15:14.0084 2532 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:15:14.0084 2532 msdsm - ok
08:15:14.0094 2532 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:15:14.0094 2532 MSDTC - ok
08:15:14.0094 2532 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:15:14.0094 2532 Msfs - ok
08:15:14.0104 2532 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:15:14.0104 2532 mshidkmdf - ok
08:15:14.0104 2532 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:15:14.0104 2532 msisadrv - ok
08:15:14.0104 2532 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:15:14.0104 2532 MSiSCSI - ok
08:15:14.0114 2532 msiserver - ok
08:15:14.0114 2532 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:15:14.0114 2532 MSKSSRV - ok
08:15:14.0114 2532 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:15:14.0114 2532 MSPCLOCK - ok
08:15:14.0124 2532 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:15:14.0124 2532 MSPQM - ok
08:15:14.0124 2532 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:15:14.0124 2532 MsRPC - ok
08:15:14.0134 2532 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:15:14.0134 2532 mssmbios - ok
08:15:14.0134 2532 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:15:14.0134 2532 MSTEE - ok
08:15:14.0134 2532 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:15:14.0134 2532 MTConfig - ok
08:15:14.0144 2532 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:15:14.0144 2532 Mup - ok
08:15:14.0144 2532 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:15:14.0154 2532 napagent - ok
08:15:14.0154 2532 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:15:14.0154 2532 NativeWifiP - ok
08:15:14.0164 2532 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:15:14.0174 2532 NDIS - ok
08:15:14.0174 2532 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:15:14.0174 2532 NdisCap - ok
08:15:14.0174 2532 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:15:14.0174 2532 NdisTapi - ok
08:15:14.0184 2532 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:15:14.0184 2532 Ndisuio - ok
08:15:14.0184 2532 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:15:14.0184 2532 NdisWan - ok
08:15:14.0194 2532 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:15:14.0194 2532 NDProxy - ok
08:15:14.0194 2532 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:15:14.0194 2532 NetBIOS - ok
08:15:14.0194 2532 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:15:14.0204 2532 NetBT - ok
08:15:14.0204 2532 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:15:14.0204 2532 Netlogon - ok
08:15:14.0204 2532 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:15:14.0214 2532 Netman - ok
08:15:14.0214 2532 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:14.0214 2532 NetMsmqActivator - ok
08:15:14.0224 2532 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:14.0224 2532 NetPipeActivator - ok
08:15:14.0224 2532 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:15:14.0234 2532 netprofm - ok
08:15:14.0234 2532 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:14.0234 2532 NetTcpActivator - ok
08:15:14.0234 2532 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:14.0234 2532 NetTcpPortSharing - ok
08:15:14.0244 2532 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:15:14.0244 2532 nfrd960 - ok
08:15:14.0244 2532 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:15:14.0244 2532 NlaSvc - ok
08:15:14.0254 2532 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:15:14.0254 2532 Npfs - ok
08:15:14.0254 2532 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:15:14.0254 2532 nsi - ok
08:15:14.0254 2532 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:15:14.0254 2532 nsiproxy - ok
08:15:14.0274 2532 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:15:14.0284 2532 Ntfs - ok
08:15:14.0284 2532 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
08:15:14.0284 2532 NuidFltr - ok
08:15:14.0284 2532 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:15:14.0284 2532 Null - ok
08:15:14.0294 2532 [ 10204955027011E08A9DC27737A48A54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
08:15:14.0294 2532 NVHDA - ok
08:15:14.0384 2532 [ 9C1996DD3C0469BC8933321F15709F5A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:15:14.0434 2532 nvlddmkm - ok
08:15:14.0434 2532 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:15:14.0434 2532 nvraid - ok
08:15:14.0444 2532 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:15:14.0444 2532 nvstor - ok
08:15:14.0454 2532 [ 8D1D42215100566824D2693D7FF4866D ] nvsvc C:\Windows\system32\nvvsvc.exe
08:15:14.0465 2532 nvsvc - ok
08:15:14.0465 2532 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:15:14.0465 2532 nv_agp - ok
08:15:14.0475 2532 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:15:14.0475 2532 ohci1394 - ok
08:15:14.0475 2532 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:15:14.0475 2532 ose - ok
08:15:14.0515 2532 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:15:14.0545 2532 osppsvc - ok
08:15:14.0555 2532 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:15:14.0555 2532 p2pimsvc - ok
08:15:14.0555 2532 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:15:14.0565 2532 p2psvc - ok
08:15:14.0565 2532 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:15:14.0565 2532 Parport - ok
08:15:14.0575 2532 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:15:14.0575 2532 partmgr - ok
08:15:14.0575 2532 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:15:14.0575 2532 PcaSvc - ok
08:15:14.0585 2532 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:15:14.0585 2532 pci - ok
08:15:14.0585 2532 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:15:14.0585 2532 pciide - ok
08:15:14.0585 2532 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:15:14.0595 2532 pcmcia - ok
08:15:14.0595 2532 [ 7B92F2574A45A99DA507A153C7920E8A ] PCTBD C:\Windows\system32\Drivers\PCTBD64.sys
08:15:14.0595 2532 PCTBD - ok
08:15:14.0595 2532 [ D48BD0FF27AFB97005B33C9B6D26DA3F ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
08:15:14.0605 2532 PCTCore - ok
08:15:14.0605 2532 [ 1335454528ADFA13E1D3C4FA3FDBDC42 ] pctDS C:\Windows\system32\drivers\pctDS64.sys
08:15:14.0615 2532 pctDS - ok
08:15:14.0625 2532 [ DF2A2505F17319DADA4B204688CEC0C2 ] pctEFA C:\Windows\system32\drivers\pctEFA64.sys
08:15:14.0625 2532 pctEFA - ok
08:15:14.0635 2532 [ C99A3EE29F23A5D61BD127B48AC9A64E ] pctgntdi C:\Windows\System32\drivers\pctgntdi64.sys
08:15:14.0635 2532 pctgntdi - ok
08:15:14.0635 2532 [ 73ED285BDCE37B3AB69CC5A371BF3010 ] pctplsg C:\Windows\System32\drivers\pctplsg64.sys
08:15:14.0635 2532 pctplsg - ok
08:15:14.0645 2532 [ 13635FFCAEEBDDBE2CA93B1218D8331F ] PCTSD C:\Windows\system32\Drivers\PCTSD64.sys
08:15:14.0645 2532 PCTSD - ok
08:15:14.0645 2532 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:15:14.0645 2532 pcw - ok
08:15:14.0655 2532 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:15:14.0655 2532 PEAUTH - ok
08:15:14.0665 2532 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
08:15:14.0675 2532 PeerDistSvc - ok
08:15:14.0695 2532 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:15:14.0695 2532 PerfHost - ok
08:15:14.0705 2532 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:15:14.0715 2532 pla - ok
08:15:14.0725 2532 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:15:14.0725 2532 PlugPlay - ok
08:15:14.0725 2532 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:15:14.0735 2532 PNRPAutoReg - ok
08:15:14.0735 2532 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:15:14.0735 2532 PNRPsvc - ok
08:15:14.0745 2532 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:15:14.0745 2532 PolicyAgent - ok
08:15:14.0755 2532 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:15:14.0755 2532 Power - ok
08:15:14.0755 2532 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:15:14.0755 2532 PptpMiniport - ok
08:15:14.0755 2532 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:15:14.0765 2532 Processor - ok
08:15:14.0765 2532 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:15:14.0765 2532 ProfSvc - ok
08:15:14.0765 2532 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:15:14.0765 2532 ProtectedStorage - ok
08:15:14.0775 2532 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:15:14.0775 2532 Psched - ok
08:15:14.0785 2532 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:15:14.0805 2532 ql2300 - ok
08:15:14.0805 2532 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:15:14.0805 2532 ql40xx - ok
08:15:14.0805 2532 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:15:14.0815 2532 QWAVE - ok
08:15:14.0815 2532 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:15:14.0815 2532 QWAVEdrv - ok
08:15:14.0815 2532 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:15:14.0815 2532 RasAcd - ok
08:15:14.0825 2532 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:15:14.0825 2532 RasAgileVpn - ok
08:15:14.0825 2532 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:15:14.0825 2532 RasAuto - ok
08:15:14.0825 2532 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:15:14.0835 2532 Rasl2tp - ok
08:15:14.0835 2532 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:15:14.0835 2532 RasMan - ok
08:15:14.0845 2532 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:15:14.0845 2532 RasPppoe - ok
08:15:14.0845 2532 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:15:14.0845 2532 RasSstp - ok
08:15:14.0855 2532 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:15:14.0855 2532 rdbss - ok
08:15:14.0855 2532 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:15:14.0855 2532 rdpbus - ok
08:15:14.0855 2532 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:15:14.0855 2532 RDPCDD - ok
08:15:14.0865 2532 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:15:14.0865 2532 RDPDR - ok
08:15:14.0865 2532 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:15:14.0865 2532 RDPENCDD - ok
08:15:14.0875 2532 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:15:14.0875 2532 RDPREFMP - ok
08:15:14.0875 2532 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:15:14.0875 2532 RdpVideoMiniport - ok
08:15:14.0885 2532 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:15:14.0885 2532 RDPWD - ok
08:15:14.0885 2532 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:15:14.0885 2532 rdyboost - ok
08:15:14.0895 2532 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:15:14.0895 2532 RemoteAccess - ok
08:15:14.0895 2532 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:15:14.0895 2532 RemoteRegistry - ok
08:15:14.0905 2532 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:15:14.0905 2532 RpcEptMapper - ok
08:15:14.0905 2532 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:15:14.0905 2532 RpcLocator - ok
08:15:14.0915 2532 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:15:14.0915 2532 RpcSs - ok
08:15:14.0915 2532 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:15:14.0915 2532 rspndr - ok
08:15:14.0925 2532 [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:15:14.0925 2532 RTL8167 - ok
08:15:14.0925 2532 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
08:15:14.0925 2532 s3cap - ok
08:15:14.0935 2532 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:15:14.0935 2532 SamSs - ok
08:15:14.0935 2532 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:15:14.0935 2532 sbp2port - ok
08:15:14.0935 2532 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:15:14.0945 2532 SCardSvr - ok
08:15:14.0945 2532 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:15:14.0945 2532 scfilter - ok
08:15:14.0955 2532 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:15:14.0965 2532 Schedule - ok
08:15:14.0965 2532 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:15:14.0965 2532 SCPolicySvc - ok
08:15:14.0975 2532 [ 17D6A03103586D7954BA74C2219CE1BB ] sdAuxService C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
08:15:14.0975 2532 sdAuxService - ok
08:15:14.0985 2532 [ 32828691EF6E3E1CD0C32FBE8617763E ] sdCoreService C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
08:15:14.0995 2532 sdCoreService - ok
08:15:14.0995 2532 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:15:14.0995 2532 SDRSVC - ok
08:15:15.0005 2532 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:15:15.0005 2532 secdrv - ok
08:15:15.0005 2532 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:15:15.0005 2532 seclogon - ok
08:15:15.0005 2532 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:15:15.0015 2532 SENS - ok
08:15:15.0015 2532 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:15:15.0015 2532 SensrSvc - ok
08:15:15.0015 2532 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:15:15.0015 2532 Serenum - ok
08:15:15.0015 2532 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:15:15.0025 2532 Serial - ok
08:15:15.0025 2532 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:15:15.0025 2532 sermouse - ok
08:15:15.0035 2532 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:15:15.0035 2532 SessionEnv - ok
08:15:15.0035 2532 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:15:15.0035 2532 sffdisk - ok
08:15:15.0035 2532 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:15:15.0035 2532 sffp_mmc - ok
08:15:15.0045 2532 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:15:15.0045 2532 sffp_sd - ok
08:15:15.0045 2532 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:15:15.0045 2532 sfloppy - ok
08:15:15.0055 2532 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:15:15.0055 2532 SharedAccess - ok
08:15:15.0055 2532 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:15:15.0065 2532 ShellHWDetection - ok
08:15:15.0065 2532 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:15:15.0065 2532 SiSRaid2 - ok
08:15:15.0065 2532 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:15:15.0075 2532 SiSRaid4 - ok
08:15:15.0075 2532 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:15:15.0075 2532 Smb - ok
08:15:15.0075 2532 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:15:15.0085 2532 SNMPTRAP - ok
08:15:15.0085 2532 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:15:15.0085 2532 spldr - ok
08:15:15.0085 2532 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:15:15.0095 2532 Spooler - ok
08:15:15.0115 2532 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:15:15.0145 2532 sppsvc - ok
08:15:15.0145 2532 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:15:15.0145 2532 sppuinotify - ok
08:15:15.0155 2532 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:15:15.0155 2532 srv - ok
08:15:15.0155 2532 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:15:15.0165 2532 srv2 - ok
08:15:15.0165 2532 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:15:15.0165 2532 srvnet - ok
08:15:15.0175 2532 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:15:15.0175 2532 SSDPSRV - ok
08:15:15.0175 2532 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:15:15.0175 2532 SstpSvc - ok
08:15:15.0185 2532 Steam Client Service - ok
08:15:15.0185 2532 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:15:15.0185 2532 stexstor - ok
08:15:15.0195 2532 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:15:15.0195 2532 stisvc - ok
08:15:15.0195 2532 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
08:15:15.0195 2532 storflt - ok
08:15:15.0205 2532 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
08:15:15.0205 2532 storvsc - ok
08:15:15.0205 2532 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:15:15.0205 2532 swenum - ok
08:15:15.0215 2532 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:15:15.0215 2532 swprv - ok
08:15:15.0215 2532 sxuptp - ok
08:15:15.0225 2532 Synth3dVsc - ok
08:15:15.0235 2532 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:15:15.0245 2532 SysMain - ok
08:15:15.0245 2532 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:15:15.0255 2532 TabletInputService - ok
08:15:15.0255 2532 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:15:15.0255 2532 TapiSrv - ok
08:15:15.0265 2532 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:15:15.0265 2532 TBS - ok
08:15:15.0275 2532 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:15:15.0285 2532 Tcpip - ok
08:15:15.0305 2532 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:15:15.0315 2532 TCPIP6 - ok
08:15:15.0315 2532 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:15:15.0315 2532 tcpipreg - ok
08:15:15.0315 2532 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:15:15.0325 2532 TDPIPE - ok
08:15:15.0325 2532 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:15:15.0325 2532 TDTCP - ok
08:15:15.0325 2532 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:15:15.0325 2532 tdx - ok
08:15:15.0335 2532 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:15:15.0335 2532 TermDD - ok
08:15:15.0335 2532 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:15:15.0345 2532 TermService - ok
08:15:15.0345 2532 [ 9CD5C339754E2310790CA27DBBD31F88 ] TfFsMon C:\Windows\system32\drivers\TfFsMon.sys
08:15:15.0345 2532 TfFsMon - ok
08:15:15.0345 2532 [ 00809507FAFA1BE93DBBACE5029F27BB ] TfNetMon C:\Windows\system32\drivers\TfNetMon.sys
08:15:15.0355 2532 TfNetMon - ok
08:15:15.0355 2532 [ 3593A7B1264FBA24FE9E097A99B3E848 ] TFSysMon C:\Windows\system32\drivers\TfSysMon.sys
08:15:15.0365 2532 TFSysMon - ok
08:15:15.0365 2532 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:15:15.0365 2532 Themes - ok
08:15:15.0365 2532 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:15:15.0365 2532 THREADORDER - ok
08:15:15.0385 2532 ThreatFire - ok
08:15:15.0385 2532 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:15:15.0385 2532 TrkWks - ok
08:15:15.0395 2532 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:15:15.0395 2532 TrustedInstaller - ok
08:15:15.0395 2532 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:15:15.0395 2532 tssecsrv - ok
08:15:15.0405 2532 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:15:15.0405 2532 TsUsbFlt - ok
08:15:15.0405 2532 tsusbhub - ok
08:15:15.0405 2532 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:15:15.0405 2532 tunnel - ok
08:15:15.0415 2532 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:15:15.0415 2532 uagp35 - ok
08:15:15.0415 2532 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:15:15.0425 2532 udfs - ok
08:15:15.0425 2532 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:15:15.0425 2532 UI0Detect - ok
08:15:15.0435 2532 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:15:15.0435 2532 uliagpkx - ok
08:15:15.0435 2532 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
08:15:15.0435 2532 umbus - ok
08:15:15.0435 2532 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:15:15.0435 2532 UmPass - ok
08:15:15.0445 2532 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
08:15:15.0445 2532 UmRdpService - ok
08:15:15.0465 2532 [ CD114CE02A10FA79C229770788106842 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:15:15.0485 2532 UNS - ok
08:15:15.0485 2532 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:15:15.0495 2532 upnphost - ok
08:15:15.0495 2532 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:15:15.0495 2532 usbccgp - ok
08:15:15.0495 2532 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:15:15.0495 2532 usbcir - ok
08:15:15.0505 2532 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:15:15.0505 2532 usbehci - ok
08:15:15.0505 2532 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:15:15.0515 2532 usbhub - ok
08:15:15.0515 2532 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:15:15.0515 2532 usbohci - ok
08:15:15.0515 2532 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:15:15.0515 2532 usbprint - ok
08:15:15.0525 2532 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:15:15.0525 2532 USBSTOR - ok
08:15:15.0525 2532 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:15:15.0525 2532 usbuhci - ok
08:15:15.0525 2532 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:15:15.0525 2532 UxSms - ok
08:15:15.0535 2532 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:15:15.0535 2532 VaultSvc - ok
08:15:15.0535 2532 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:15:15.0535 2532 vdrvroot - ok
08:15:15.0545 2532 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:15:15.0545 2532 vds - ok
08:15:15.0545 2532 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:15:15.0545 2532 vga - ok
08:15:15.0555 2532 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:15:15.0555 2532 VgaSave - ok
08:15:15.0555 2532 VGPU - ok
08:15:15.0555 2532 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:15:15.0565 2532 vhdmp - ok
08:15:15.0565 2532 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:15:15.0565 2532 viaide - ok
08:15:15.0565 2532 [ D7D9E7C0C64350259C355EFE37AD9CE6 ] VirtuWDDM C:\Windows\system32\DRIVERS\VirtuWDDM.sys
08:15:15.0565 2532 VirtuWDDM - ok
08:15:15.0575 2532 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
08:15:15.0575 2532 vmbus - ok
08:15:15.0575 2532 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
08:15:15.0575 2532 VMBusHID - ok
08:15:15.0575 2532 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:15:15.0575 2532 volmgr - ok
08:15:15.0585 2532 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:15:15.0585 2532 volmgrx - ok
08:15:15.0595 2532 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:15:15.0595 2532 volsnap - ok
08:15:15.0595 2532 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:15:15.0595 2532 vsmraid - ok
08:15:15.0615 2532 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:15:15.0625 2532 VSS - ok
08:15:15.0625 2532 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
08:15:15.0625 2532 vwifibus - ok
08:15:15.0635 2532 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:15:15.0635 2532 W32Time - ok
08:15:15.0635 2532 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:15:15.0645 2532 WacomPen - ok
08:15:15.0645 2532 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:15:15.0645 2532 WANARP - ok
08:15:15.0645 2532 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:15:15.0645 2532 Wanarpv6 - ok
08:15:15.0655 2532 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:15:15.0665 2532 WatAdminSvc - ok
08:15:15.0675 2532 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:15:15.0685 2532 wbengine - ok
08:15:15.0695 2532 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:15:15.0695 2532 WbioSrvc - ok
08:15:15.0705 2532 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:15:15.0705 2532 wcncsvc - ok
08:15:15.0705 2532 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:15:15.0705 2532 WcsPlugInService - ok
08:15:15.0715 2532 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:15:15.0715 2532 Wd - ok
08:15:15.0715 2532 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:15:15.0725 2532 Wdf01000 - ok
08:15:15.0725 2532 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:15:15.0725 2532 WdiServiceHost - ok
08:15:15.0735 2532 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:15:15.0735 2532 WdiSystemHost - ok
08:15:15.0735 2532 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:15:15.0735 2532 WebClient - ok
08:15:15.0745 2532 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:15:15.0745 2532 Wecsvc - ok
08:15:15.0745 2532 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:15:15.0755 2532 wercplsupport - ok
08:15:15.0755 2532 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:15:15.0755 2532 WerSvc - ok
08:15:15.0755 2532 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:15:15.0755 2532 WfpLwf - ok
08:15:15.0765 2532 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:15:15.0765 2532 WIMMount - ok
08:15:15.0765 2532 WinDefend - ok
08:15:15.0765 2532 WinHttpAutoProxySvc - ok
08:15:15.0775 2532 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:15:15.0785 2532 Winmgmt - ok
08:15:15.0795 2532 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:15:15.0805 2532 WinRM - ok
08:15:15.0815 2532 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:15:15.0825 2532 Wlansvc - ok
08:15:15.0825 2532 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:15:15.0825 2532 WmiAcpi - ok
08:15:15.0835 2532 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:15:15.0835 2532 wmiApSrv - ok
08:15:15.0835 2532 WMPNetworkSvc - ok
08:15:15.0845 2532 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:15:15.0845 2532 WPCSvc - ok
08:15:15.0845 2532 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:15:15.0845 2532 WPDBusEnum - ok
08:15:15.0845 2532 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:15:15.0845 2532 ws2ifsl - ok
08:15:15.0855 2532 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
08:15:15.0855 2532 wscsvc - ok
08:15:15.0855 2532 WSearch - ok
08:15:15.0875 2532 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:15:15.0895 2532 wuauserv - ok
08:15:15.0895 2532 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:15:15.0895 2532 WudfPf - ok
08:15:15.0895 2532 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:15:15.0905 2532 WUDFRd - ok
08:15:15.0905 2532 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:15:15.0905 2532 wudfsvc - ok
08:15:15.0905 2532 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:15:15.0915 2532 WwanSvc - ok
08:15:15.0915 2532 ================ Scan global ===============================
08:15:15.0915 2532 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:15:15.0925 2532 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:15:15.0925 2532 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:15:15.0925 2532 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:15:15.0935 2532 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:15:15.0935 2532 [Global] - ok
08:15:15.0935 2532 ================ Scan MBR ==================================
08:15:15.0935 2532 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
08:15:15.0985 2532 \Device\Harddisk1\DR1 - ok
08:15:15.0995 2532 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:15:16.0085 2532 \Device\Harddisk0\DR0 - ok
08:15:16.0085 2532 ================ Scan VBR ==================================
08:15:16.0085 2532 [ 6261B8FD7E3212E37FE3361EE8CABE8F ] \Device\Harddisk1\DR1\Partition1
08:15:16.0085 2532 \Device\Harddisk1\DR1\Partition1 - ok
08:15:16.0095 2532 [ 5256A42DB985C4E8B4A0DCA7340D0DC6 ] \Device\Harddisk0\DR0\Partition1
08:15:16.0095 2532 \Device\Harddisk0\DR0\Partition1 - ok
08:15:16.0095 2532 [ 390F5E127845449BC644A39B9FB562F1 ] \Device\Harddisk0\DR0\Partition2
08:15:16.0095 2532 \Device\Harddisk0\DR0\Partition2 - ok
08:15:16.0095 2532 ============================================================
08:15:16.0095 2532 Scan finished
08:15:16.0095 2532 ============================================================
08:15:16.0105 2832 Detected object count: 0
08:15:16.0105 2832 Actual detected object count: 0
08:15:29.0846 4944 ============================================================
08:15:29.0846 4944 Scan started
08:15:29.0846 4944 Mode: Manual; TDLFS;
08:15:29.0846 4944 ============================================================
08:15:29.0946 4944 ================ Scan system memory ========================
08:15:29.0946 4944 System memory - ok
08:15:29.0946 4944 ================ Scan services =============================
08:15:29.0976 4944 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:15:29.0976 4944 1394ohci - ok
08:15:29.0986 4944 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:15:29.0996 4944 ACPI - ok
08:15:29.0996 4944 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:15:29.0996 4944 AcpiPmi - ok
08:15:30.0006 4944 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:15:30.0006 4944 AdobeARMservice - ok
08:15:30.0016 4944 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:15:30.0016 4944 adp94xx - ok
08:15:30.0026 4944 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:15:30.0026 4944 adpahci - ok
08:15:30.0036 4944 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:15:30.0036 4944 adpu320 - ok
08:15:30.0036 4944 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:15:30.0036 4944 AeLookupSvc - ok
08:15:30.0046 4944 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:15:30.0046 4944 AFD - ok
08:15:30.0046 4944 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:15:30.0046 4944 agp440 - ok
08:15:30.0056 4944 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:15:30.0056 4944 ALG - ok
08:15:30.0056 4944 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:15:30.0056 4944 aliide - ok
08:15:30.0056 4944 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:15:30.0056 4944 amdide - ok
08:15:30.0066 4944 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:15:30.0066 4944 AmdK8 - ok
08:15:30.0066 4944 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:15:30.0066 4944 AmdPPM - ok
08:15:30.0066 4944 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:15:30.0066 4944 amdsata - ok
08:15:30.0076 4944 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:15:30.0076 4944 amdsbs - ok
08:15:30.0076 4944 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:15:30.0076 4944 amdxata - ok
08:15:30.0076 4944 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:15:30.0076 4944 AppID - ok
08:15:30.0086 4944 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:15:30.0086 4944 AppIDSvc - ok
08:15:30.0086 4944 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:15:30.0086 4944 Appinfo - ok
08:15:30.0096 4944 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:15:30.0096 4944 Apple Mobile Device - ok
08:15:30.0096 4944 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
08:15:30.0096 4944 AppMgmt - ok
08:15:30.0096 4944 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:15:30.0096 4944 arc - ok
08:15:30.0106 4944 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:15:30.0106 4944 arcsas - ok
08:15:30.0106 4944 [ 6FE3237C1177E66437E7AD0E8AC1A6E5 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
08:15:30.0106 4944 asmthub3 - ok
08:15:30.0116 4944 [ C4043E39A2ABBC56581CA25DF161E9F7 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
08:15:30.0116 4944 asmtxhci - ok
08:15:30.0126 4944 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:15:30.0126 4944 aspnet_state - ok
08:15:30.0126 4944 [ 912A215CE180A6E7C923C662D7EC777D ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
08:15:30.0126 4944 AsrAppCharger - ok
08:15:30.0136 4944 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:15:30.0136 4944 AsyncMac - ok
08:15:30.0136 4944 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:15:30.0136 4944 atapi - ok
08:15:30.0146 4944 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:15:30.0146 4944 AudioEndpointBuilder - ok
08:15:30.0146 4944 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:15:30.0156 4944 AudioSrv - ok
08:15:30.0156 4944 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:15:30.0156 4944 AxInstSV - ok
08:15:30.0166 4944 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:15:30.0166 4944 b06bdrv - ok
08:15:30.0166 4944 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:15:30.0166 4944 b57nd60a - ok
08:15:30.0176 4944 [ 19998210AF20B0C6881B0062C8AB2030 ] BasicScan Service C:\Program Files (x86)\BasicScan\basicscan.exe
08:15:30.0176 4944 BasicScan Service - ok
08:15:30.0176 4944 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:15:30.0176 4944 BDESVC - ok
08:15:30.0176 4944 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:15:30.0176 4944 Beep - ok
08:15:30.0186 4944 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:15:30.0186 4944 BFE - ok
08:15:30.0196 4944 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:15:30.0206 4944 BITS - ok
08:15:30.0206 4944 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:15:30.0206 4944 blbdrive - ok
08:15:30.0206 4944 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:15:30.0216 4944 Bonjour Service - ok
08:15:30.0216 4944 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:15:30.0216 4944 bowser - ok
08:15:30.0216 4944 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:15:30.0216 4944 BrFiltLo - ok
08:15:30.0226 4944 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:15:30.0226 4944 BrFiltUp - ok
08:15:30.0226 4944 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:15:30.0226 4944 Browser - ok
08:15:30.0236 4944 [ 624FD301A77022F995742840E2A3F736 ] Browser Defender Update Service C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
08:15:30.0236 4944 Browser Defender Update Service - ok
08:15:30.0246 4944 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:15:30.0246 4944 Brserid - ok
08:15:30.0246 4944 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:15:30.0246 4944 BrSerWdm - ok
08:15:30.0246 4944 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:15:30.0246 4944 BrUsbMdm - ok
08:15:30.0256 4944 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:15:30.0256 4944 BrUsbSer - ok
08:15:30.0256 4944 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:15:30.0256 4944 BTHMODEM - ok
08:15:30.0256 4944 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:15:30.0256 4944 bthserv - ok
08:15:30.0266 4944 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:15:30.0266 4944 cdfs - ok
08:15:30.0266 4944 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:15:30.0266 4944 cdrom - ok
08:15:30.0266 4944 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:15:30.0266 4944 CertPropSvc - ok
08:15:30.0276 4944 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:15:30.0276 4944 circlass - ok
08:15:30.0276 4944 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:15:30.0276 4944 CLFS - ok
08:15:30.0286 4944 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:15:30.0286 4944 clr_optimization_v2.0.50727_32 - ok
08:15:30.0286 4944 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:15:30.0286 4944 clr_optimization_v2.0.50727_64 - ok
08:15:30.0296 4944 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:15:30.0296 4944 clr_optimization_v4.0.30319_32 - ok
08:15:30.0296 4944 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:15:30.0296 4944 clr_optimization_v4.0.30319_64 - ok
08:15:30.0306 4944 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:15:30.0306 4944 CmBatt - ok
08:15:30.0306 4944 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:15:30.0306 4944 cmdide - ok
08:15:30.0316 4944 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:15:30.0316 4944 CNG - ok
08:15:30.0316 4944 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:15:30.0316 4944 Compbatt - ok
08:15:30.0316 4944 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:15:30.0316 4944 CompositeBus - ok
08:15:30.0316 4944 COMSysApp - ok
08:15:30.0326 4944 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
08:15:30.0326 4944 cpuz135 - ok
08:15:30.0326 4944 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:15:30.0326 4944 crcdisk - ok
08:15:30.0336 4944 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:15:30.0336 4944 CryptSvc - ok
08:15:30.0336 4944 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
08:15:30.0336 4944 CSC - ok
08:15:30.0346 4944 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
08:15:30.0346 4944 CscService - ok
08:15:30.0356 4944 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
08:15:30.0356 4944 dc3d - ok
08:15:30.0356 4944 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:15:30.0366 4944 DcomLaunch - ok
08:15:30.0366 4944 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:15:30.0366 4944 defragsvc - ok
08:15:30.0366 4944 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:15:30.0366 4944 DfsC - ok
08:15:30.0376 4944 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:15:30.0376 4944 Dhcp - ok
08:15:30.0376 4944 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:15:30.0376 4944 discache - ok
08:15:30.0386 4944 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:15:30.0386 4944 Disk - ok
08:15:30.0386 4944 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:15:30.0386 4944 Dnscache - ok
08:15:30.0396 4944 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:15:30.0396 4944 dot3svc - ok
08:15:30.0396 4944 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:15:30.0396 4944 DPS - ok
08:15:30.0396 4944 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:15:30.0396 4944 drmkaud - ok
08:15:30.0406 4944 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
08:15:30.0406 4944 dtsoftbus01 - ok
08:15:30.0416 4944 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:15:30.0416 4944 DXGKrnl - ok
08:15:30.0426 4944 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:15:30.0426 4944 EapHost - ok
08:15:30.0446 4944 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:15:30.0456 4944 ebdrv - ok
08:15:30.0456 4944 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:15:30.0456 4944 EFS - ok
08:15:30.0466 4944 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:15:30.0466 4944 ehRecvr - ok
08:15:30.0476 4944 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:15:30.0476 4944 ehSched - ok
08:15:30.0476 4944 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:15:30.0486 4944 elxstor - ok
08:15:30.0486 4944 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:15:30.0486 4944 ErrDev - ok
08:15:30.0496 4944 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:15:30.0496 4944 EventSystem - ok
08:15:30.0496 4944 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:15:30.0496 4944 exfat - ok
08:15:30.0506 4944 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:15:30.0506 4944 fastfat - ok
08:15:30.0506 4944 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:15:30.0516 4944 Fax - ok
08:15:30.0516 4944 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:15:30.0516 4944 fdc - ok
08:15:30.0516 4944 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:15:30.0516 4944 fdPHost - ok
08:15:30.0516 4944 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:15:30.0526 4944 FDResPub - ok
08:15:30.0526 4944 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:15:30.0526 4944 FileInfo - ok
08:15:30.0526 4944 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:15:30.0526 4944 Filetrace - ok
08:15:30.0526 4944 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:15:30.0526 4944 flpydisk - ok
08:15:30.0536 4944 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:15:30.0536 4944 FltMgr - ok
08:15:30.0546 4944 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:15:30.0546 4944 FontCache - ok
08:15:30.0556 4944 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:15:30.0556 4944 FontCache3.0.0.0 - ok
08:15:30.0556 4944 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:15:30.0556 4944 FsDepends - ok
08:15:30.0556 4944 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:15:30.0556 4944 Fs_Rec - ok
08:15:30.0566 4944 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:15:30.0566 4944 fvevol - ok
08:15:30.0566 4944 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:15:30.0566 4944 gagp30kx - ok
08:15:30.0566 4944 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:15:30.0566 4944 GEARAspiWDM - ok
08:15:30.0576 4944 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:15:30.0576 4944 gpsvc - ok
08:15:30.0586 4944 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:15:30.0586 4944 hcw85cir - ok
08:15:30.0586 4944 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:15:30.0586 4944 HdAudAddService - ok
08:15:30.0596 4944 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:15:30.0596 4944 HDAudBus - ok
08:15:30.0596 4944 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:15:30.0596 4944 HidBatt - ok
08:15:30.0596 4944 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:15:30.0596 4944 HidBth - ok
08:15:30.0606 4944 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:15:30.0606 4944 HidIr - ok
08:15:30.0606 4944 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:15:30.0606 4944 hidserv - ok
08:15:30.0606 4944 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:15:30.0606 4944 HidUsb - ok
08:15:30.0616 4944 HitmanPro36CrusaderBoot - ok
08:15:30.0616 4944 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:15:30.0616 4944 hkmsvc - ok
08:15:30.0616 4944 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:15:30.0626 4944 HomeGroupListener - ok
08:15:30.0626 4944 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:15:30.0626 4944 HomeGroupProvider - ok
08:15:30.0626 4944 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:15:30.0626 4944 HpSAMD - ok
08:15:30.0636 4944 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:15:30.0636 4944 HTTP - ok
08:15:30.0646 4944 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:15:30.0646 4944 hwpolicy - ok
08:15:30.0646 4944 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:15:30.0646 4944 i8042prt - ok
08:15:30.0656 4944 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:15:30.0656 4944 iaStorV - ok
08:15:30.0666 4944 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:15:30.0666 4944 idsvc - ok
08:15:30.0746 4944 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:15:30.0786 4944 igfx - ok
08:15:30.0796 4944 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:15:30.0796 4944 iirsp - ok
08:15:30.0806 4944 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:15:30.0806 4944 IKEEXT - ok
08:15:30.0826 4944 [ 718A4008EE5DA174400396B27509EF82 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:15:30.0836 4944 IntcAzAudAddService - ok
08:15:30.0846 4944 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:15:30.0846 4944 intelide - ok
08:15:30.0846 4944 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:15:30.0846 4944 intelppm - ok
08:15:30.0846 4944 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:15:30.0846 4944 IPBusEnum - ok
08:15:30.0856 4944 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:15:30.0856 4944 IpFilterDriver - ok
08:15:30.0856 4944 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:15:30.0856 4944 iphlpsvc - ok
08:15:30.0866 4944 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:15:30.0866 4944 IPMIDRV - ok
08:15:30.0866 4944 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:15:30.0866 4944 IPNAT - ok
08:15:30.0876 4944 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:15:30.0876 4944 iPod Service - ok
08:15:30.0886 4944 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:15:30.0886 4944 IRENUM - ok
08:15:30.0886 4944 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:15:30.0886 4944 isapnp - ok
08:15:30.0886 4944 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:15:30.0886 4944 iScsiPrt - ok
08:15:30.0896 4944 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:15:30.0896 4944 kbdclass - ok
08:15:30.0896 4944 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:15:30.0896 4944 kbdhid - ok
08:15:30.0896 4944 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:15:30.0896 4944 KeyIso - ok
08:15:30.0906 4944 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:15:30.0906 4944 KSecDD - ok
08:15:30.0906 4944 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:15:30.0906 4944 KSecPkg - ok
08:15:30.0906 4944 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:15:30.0906 4944 ksthunk - ok
08:15:30.0916 4944 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:15:30.0916 4944 KtmRm - ok
08:15:30.0916 4944 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:15:30.0926 4944 LanmanServer - ok
08:15:30.0926 4944 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:15:30.0926 4944 LanmanWorkstation - ok
08:15:30.0936 4944 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
08:15:30.0936 4944 LBTServ - ok
08:15:30.0936 4944 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
08:15:30.0936 4944 LHidFilt - ok
08:15:30.0936 4944 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:15:30.0936 4944 lltdio - ok
08:15:30.0946 4944 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:15:30.0946 4944 lltdsvc - ok
08:15:30.0946 4944 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:15:30.0946 4944 lmhosts - ok
08:15:30.0956 4944 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
08:15:30.0956 4944 LMouFilt - ok
08:15:30.0956 4944 [ 9AD4BEE2FE76D4CA39AC969B617E94FB ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:15:30.0956 4944 LMS - ok
08:15:30.0966 4944 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:15:30.0966 4944 LSI_FC - ok
08:15:30.0966 4944 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:15:30.0966 4944 LSI_SAS - ok
08:15:30.0966 4944 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:15:30.0966 4944 LSI_SAS2 - ok
08:15:30.0976 4944 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:15:30.0976 4944 LSI_SCSI - ok
08:15:30.0976 4944 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:15:30.0976 4944 luafv - ok
08:15:30.0976 4944 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
08:15:30.0976 4944 LUsbFilt - ok
08:15:30.0986 4944 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
08:15:30.0986 4944 MBfilt - ok
08:15:30.0986 4944 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:15:30.0986 4944 Mcx2Svc - ok
08:15:30.0986 4944 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:15:30.0986 4944 megasas - ok
08:15:30.0996 4944 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:15:30.0996 4944 MegaSR - ok
08:15:30.0996 4944 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
08:15:30.0996 4944 MEIx64 - ok
08:15:31.0006 4944 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:15:31.0006 4944 MMCSS - ok
08:15:31.0006 4944 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:15:31.0006 4944 Modem - ok
08:15:31.0006 4944 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:15:31.0006 4944 monitor - ok
08:15:31.0006 4944 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:15:31.0006 4944 mouclass - ok
08:15:31.0016 4944 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:15:31.0016 4944 mouhid - ok
08:15:31.0016 4944 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:15:31.0016 4944 mountmgr - ok
08:15:31.0016 4944 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:15:31.0016 4944 mpio - ok
08:15:31.0026 4944 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:15:31.0026 4944 mpsdrv - ok
08:15:31.0036 4944 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:15:31.0036 4944 MpsSvc - ok
08:15:31.0036 4944 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:15:31.0036 4944 MRxDAV - ok
08:15:31.0046 4944 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:15:31.0046 4944 mrxsmb - ok
08:15:31.0046 4944 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:15:31.0046 4944 mrxsmb10 - ok
08:15:31.0056 4944 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:15:31.0056 4944 mrxsmb20 - ok
08:15:31.0056 4944 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:15:31.0056 4944 msahci - ok
08:15:31.0056 4944 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:15:31.0056 4944 msdsm - ok
08:15:31.0066 4944 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:15:31.0066 4944 MSDTC - ok
08:15:31.0066 4944 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:15:31.0066 4944 Msfs - ok
08:15:31.0066 4944 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:15:31.0076 4944 mshidkmdf - ok
08:15:31.0076 4944 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:15:31.0076 4944 msisadrv - ok
08:15:31.0076 4944 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:15:31.0076 4944 MSiSCSI - ok
08:15:31.0076 4944 msiserver - ok
08:15:31.0086 4944 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:15:31.0086 4944 MSKSSRV - ok
08:15:31.0086 4944 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:15:31.0086 4944 MSPCLOCK - ok
08:15:31.0086 4944 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:15:31.0086 4944 MSPQM - ok
08:15:31.0096 4944 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:15:31.0096 4944 MsRPC - ok
08:15:31.0096 4944 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:15:31.0096 4944 mssmbios - ok
08:15:31.0106 4944 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:15:31.0106 4944 MSTEE - ok
08:15:31.0106 4944 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:15:31.0106 4944 MTConfig - ok
08:15:31.0106 4944 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:15:31.0106 4944 Mup - ok
08:15:31.0116 4944 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:15:31.0116 4944 napagent - ok
08:15:31.0116 4944 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:15:31.0126 4944 NativeWifiP - ok
08:15:31.0126 4944 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:15:31.0136 4944 NDIS - ok
08:15:31.0136 4944 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:15:31.0136 4944 NdisCap - ok
08:15:31.0136 4944 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:15:31.0136 4944 NdisTapi - ok
08:15:31.0146 4944 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:15:31.0146 4944 Ndisuio - ok
08:15:31.0146 4944 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:15:31.0146 4944 NdisWan - ok
08:15:31.0146 4944 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:15:31.0146 4944 NDProxy - ok
08:15:31.0156 4944 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:15:31.0156 4944 NetBIOS - ok
08:15:31.0156 4944 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:15:31.0156 4944 NetBT - ok
08:15:31.0156 4944 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:15:31.0156 4944 Netlogon - ok
08:15:31.0166 4944 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:15:31.0166 4944 Netman - ok
08:15:31.0166 4944 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:31.0166 4944 NetMsmqActivator - ok
08:15:31.0176 4944 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:31.0176 4944 NetPipeActivator - ok
08:15:31.0176 4944 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:15:31.0176 4944 netprofm - ok
08:15:31.0186 4944 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:31.0186 4944 NetTcpActivator - ok
08:15:31.0186 4944 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:31.0186 4944 NetTcpPortSharing - ok
08:15:31.0186 4944 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:15:31.0186 4944 nfrd960 - ok
08:15:31.0196 4944 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:15:31.0196 4944 NlaSvc - ok
08:15:31.0196 4944 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:15:31.0196 4944 Npfs - ok
08:15:31.0206 4944 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:15:31.0206 4944 nsi - ok
08:15:31.0206 4944 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:15:31.0206 4944 nsiproxy - ok
08:15:31.0216 4944 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:15:31.0226 4944 Ntfs - ok
08:15:31.0226 4944 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
08:15:31.0226 4944 NuidFltr - ok
08:15:31.0226 4944 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:15:31.0226 4944 Null - ok
08:15:31.0236 4944 [ 10204955027011E08A9DC27737A48A54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
08:15:31.0236 4944 NVHDA - ok
08:15:31.0336 4944 [ 9C1996DD3C0469BC8933321F15709F5A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:15:31.0386 4944 nvlddmkm - ok
08:15:31.0386 4944 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:15:31.0386 4944 nvraid - ok
08:15:31.0396 4944 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:15:31.0396 4944 nvstor - ok
08:15:31.0406 4944 [ 8D1D42215100566824D2693D7FF4866D ] nvsvc C:\Windows\system32\nvvsvc.exe
08:15:31.0416 4944 nvsvc - ok
08:15:31.0416 4944 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:15:31.0416 4944 nv_agp - ok
08:15:31.0416 4944 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:15:31.0416 4944 ohci1394 - ok
08:15:31.0426 4944 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:15:31.0426 4944 ose - ok
08:15:31.0456 4944 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:15:31.0476 4944 osppsvc - ok
08:15:31.0476 4944 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:15:31.0476 4944 p2pimsvc - ok
08:15:31.0486 4944 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:15:31.0486 4944 p2psvc - ok
08:15:31.0496 4944 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:15:31.0496 4944 Parport - ok
08:15:31.0496 4944 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:15:31.0496 4944 partmgr - ok
08:15:31.0496 4944 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:15:31.0496 4944 PcaSvc - ok
08:15:31.0506 4944 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:15:31.0506 4944 pci - ok
08:15:31.0506 4944 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:15:31.0506 4944 pciide - ok
08:15:31.0516 4944 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:15:31.0516 4944 pcmcia - ok
08:15:31.0516 4944 [ 7B92F2574A45A99DA507A153C7920E8A ] PCTBD C:\Windows\system32\Drivers\PCTBD64.sys
08:15:31.0516 4944 PCTBD - ok
08:15:31.0526 4944 [ D48BD0FF27AFB97005B33C9B6D26DA3F ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
08:15:31.0526 4944 PCTCore - ok
08:15:31.0526 4944 [ 1335454528ADFA13E1D3C4FA3FDBDC42 ] pctDS C:\Windows\system32\drivers\pctDS64.sys
08:15:31.0526 4944 pctDS - ok
08:15:31.0536 4944 [ DF2A2505F17319DADA4B204688CEC0C2 ] pctEFA C:\Windows\system32\drivers\pctEFA64.sys
08:15:31.0546 4944 pctEFA - ok
08:15:31.0546 4944 [ C99A3EE29F23A5D61BD127B48AC9A64E ] pctgntdi C:\Windows\System32\drivers\pctgntdi64.sys
08:15:31.0546 4944 pctgntdi - ok
08:15:31.0556 4944 [ 73ED285BDCE37B3AB69CC5A371BF3010 ] pctplsg C:\Windows\System32\drivers\pctplsg64.sys
08:15:31.0556 4944 pctplsg - ok
08:15:31.0556 4944 [ 13635FFCAEEBDDBE2CA93B1218D8331F ] PCTSD C:\Windows\system32\Drivers\PCTSD64.sys
08:15:31.0556 4944 PCTSD - ok
08:15:31.0556 4944 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:15:31.0556 4944 pcw - ok
08:15:31.0566 4944 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:15:31.0566 4944 PEAUTH - ok
08:15:31.0576 4944 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
08:15:31.0586 4944 PeerDistSvc - ok
08:15:31.0606 4944 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:15:31.0606 4944 PerfHost - ok
08:15:31.0616 4944 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:15:31.0626 4944 pla - ok
08:15:31.0626 4944 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:15:31.0626 4944 PlugPlay - ok
08:15:31.0636 4944 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:15:31.0636 4944 PNRPAutoReg - ok
08:15:31.0636 4944 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:15:31.0636 4944 PNRPsvc - ok
08:15:31.0646 4944 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:15:31.0646 4944 PolicyAgent - ok
08:15:31.0656 4944 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:15:31.0656 4944 Power - ok
08:15:31.0656 4944 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:15:31.0656 4944 PptpMiniport - ok
08:15:31.0656 4944 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:15:31.0656 4944 Processor - ok
08:15:31.0666 4944 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:15:31.0666 4944 ProfSvc - ok
08:15:31.0666 4944 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:15:31.0666 4944 ProtectedStorage - ok
08:15:31.0676 4944 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:15:31.0676 4944 Psched - ok
08:15:31.0686 4944 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:15:31.0686 4944 ql2300 - ok
08:15:31.0696 4944 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:15:31.0696 4944 ql40xx - ok
08:15:31.0696 4944 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:15:31.0696 4944 QWAVE - ok
08:15:31.0696 4944 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:15:31.0706 4944 QWAVEdrv - ok
08:15:31.0706 4944 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:15:31.0706 4944 RasAcd - ok
08:15:31.0706 4944 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:15:31.0706 4944 RasAgileVpn - ok
08:15:31.0706 4944 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:15:31.0716 4944 RasAuto - ok
08:15:31.0716 4944 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:15:31.0716 4944 Rasl2tp - ok
08:15:31.0716 4944 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:15:31.0726 4944 RasMan - ok
08:15:31.0726 4944 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:15:31.0726 4944 RasPppoe - ok
08:15:31.0726 4944 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:15:31.0726 4944 RasSstp - ok
08:15:31.0736 4944 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:15:31.0736 4944 rdbss - ok
08:15:31.0736 4944 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:15:31.0736 4944 rdpbus - ok
08:15:31.0736 4944 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:15:31.0736 4944 RDPCDD - ok
08:15:31.0746 4944 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:15:31.0746 4944 RDPDR - ok
08:15:31.0746 4944 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:15:31.0746 4944 RDPENCDD - ok
08:15:31.0756 4944 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:15:31.0756 4944 RDPREFMP - ok
08:15:31.0756 4944 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:15:31.0756 4944 RdpVideoMiniport - ok
08:15:31.0756 4944 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:15:31.0756 4944 RDPWD - ok
08:15:31.0776 4944 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:15:31.0776 4944 rdyboost - ok
08:15:31.0776 4944 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:15:31.0776 4944 RemoteAccess - ok
08:15:31.0776 4944 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:15:31.0786 4944 RemoteRegistry - ok
08:15:31.0786 4944 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:15:31.0786 4944 RpcEptMapper - ok
08:15:31.0786 4944 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:15:31.0786 4944 RpcLocator - ok
08:15:31.0796 4944 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:15:31.0796 4944 RpcSs - ok
08:15:31.0796 4944 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:15:31.0796 4944 rspndr - ok
08:15:31.0806 4944 [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:15:31.0806 4944 RTL8167 - ok
08:15:31.0806 4944 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
08:15:31.0806 4944 s3cap - ok
08:15:31.0816 4944 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:15:31.0816 4944 SamSs - ok
08:15:31.0816 4944 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:15:31.0816 4944 sbp2port - ok
08:15:31.0816 4944 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:15:31.0816 4944 SCardSvr - ok
08:15:31.0826 4944 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:15:31.0826 4944 scfilter - ok
08:15:31.0836 4944 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:15:31.0836 4944 Schedule - ok
08:15:31.0836 4944 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:15:31.0836 4944 SCPolicySvc - ok
08:15:31.0846 4944 [ 17D6A03103586D7954BA74C2219CE1BB ] sdAuxService C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
08:15:31.0846 4944 sdAuxService - ok
08:15:31.0856 4944 [ 32828691EF6E3E1CD0C32FBE8617763E ] sdCoreService C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
08:15:31.0866 4944 sdCoreService - ok
08:15:31.0866 4944 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:15:31.0866 4944 SDRSVC - ok
08:15:31.0866 4944 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:15:31.0866 4944 secdrv - ok
08:15:31.0876 4944 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:15:31.0876 4944 seclogon - ok
08:15:31.0876 4944 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:15:31.0876 4944 SENS - ok
08:15:31.0876 4944 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:15:31.0876 4944 SensrSvc - ok
08:15:31.0886 4944 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:15:31.0886 4944 Serenum - ok
08:15:31.0886 4944 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:15:31.0886 4944 Serial - ok
08:15:31.0886 4944 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:15:31.0886 4944 sermouse - ok
08:15:31.0896 4944 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:15:31.0896 4944 SessionEnv - ok
08:15:31.0896 4944 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:15:31.0896 4944 sffdisk - ok
08:15:31.0896 4944 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:15:31.0896 4944 sffp_mmc - ok
08:15:31.0906 4944 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:15:31.0906 4944 sffp_sd - ok
08:15:31.0906 4944 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:15:31.0906 4944 sfloppy - ok
08:15:31.0916 4944 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:15:31.0916 4944 SharedAccess - ok
08:15:31.0916 4944 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:15:31.0916 4944 ShellHWDetection - ok
08:15:31.0926 4944 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:15:31.0926 4944 SiSRaid2 - ok
08:15:31.0926 4944 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:15:31.0926 4944 SiSRaid4 - ok
08:15:31.0926 4944 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:15:31.0926 4944 Smb - ok
08:15:31.0936 4944 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:15:31.0936 4944 SNMPTRAP - ok
08:15:31.0936 4944 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:15:31.0936 4944 spldr - ok
08:15:31.0946 4944 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:15:31.0946 4944 Spooler - ok
08:15:31.0966 4944 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:15:31.0986 4944 sppsvc - ok
08:15:31.0986 4944 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:15:31.0986 4944 sppuinotify - ok
08:15:31.0996 4944 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:15:31.0996 4944 srv - ok
08:15:31.0996 4944 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:15:32.0006 4944 srv2 - ok
08:15:32.0006 4944 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:15:32.0006 4944 srvnet - ok
08:15:32.0006 4944 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:15:32.0016 4944 SSDPSRV - ok
08:15:32.0016 4944 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:15:32.0016 4944 SstpSvc - ok
08:15:32.0016 4944 Steam Client Service - ok
08:15:32.0016 4944 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:15:32.0026 4944 stexstor - ok
08:15:32.0026 4944 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:15:32.0026 4944 stisvc - ok
08:15:32.0036 4944 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
08:15:32.0036 4944 storflt - ok
08:15:32.0036 4944 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
08:15:32.0036 4944 storvsc - ok
08:15:32.0036 4944 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:15:32.0036 4944 swenum - ok
08:15:32.0046 4944 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:15:32.0046 4944 swprv - ok
08:15:32.0046 4944 sxuptp - ok
08:15:32.0056 4944 Synth3dVsc - ok
08:15:32.0066 4944 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:15:32.0076 4944 SysMain - ok
08:15:32.0076 4944 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:15:32.0076 4944 TabletInputService - ok
08:15:32.0086 4944 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:15:32.0086 4944 TapiSrv - ok
08:15:32.0086 4944 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:15:32.0086 4944 TBS - ok
08:15:32.0106 4944 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:15:32.0106 4944 Tcpip - ok
08:15:32.0126 4944 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:15:32.0126 4944 TCPIP6 - ok
08:15:32.0136 4944 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:15:32.0136 4944 tcpipreg - ok
08:15:32.0136 4944 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:15:32.0136 4944 TDPIPE - ok
08:15:32.0136 4944 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:15:32.0146 4944 TDTCP - ok
08:15:32.0146 4944 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:15:32.0146 4944 tdx - ok
08:15:32.0146 4944 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:15:32.0146 4944 TermDD - ok
08:15:32.0156 4944 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:15:32.0156 4944 TermService - ok
08:15:32.0156 4944 [ 9CD5C339754E2310790CA27DBBD31F88 ] TfFsMon C:\Windows\system32\drivers\TfFsMon.sys
08:15:32.0166 4944 TfFsMon - ok
08:15:32.0166 4944 [ 00809507FAFA1BE93DBBACE5029F27BB ] TfNetMon C:\Windows\system32\drivers\TfNetMon.sys
08:15:32.0166 4944 TfNetMon - ok
08:15:32.0166 4944 [ 3593A7B1264FBA24FE9E097A99B3E848 ] TFSysMon C:\Windows\system32\drivers\TfSysMon.sys
08:15:32.0176 4944 TFSysMon - ok
08:15:32.0176 4944 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:15:32.0176 4944 Themes - ok
08:15:32.0176 4944 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:15:32.0176 4944 THREADORDER - ok
08:15:32.0186 4944 ThreatFire - ok
08:15:32.0186 4944 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:15:32.0186 4944 TrkWks - ok
08:15:32.0196 4944 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:15:32.0196 4944 TrustedInstaller - ok
08:15:32.0196 4944 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:15:32.0196 4944 tssecsrv - ok
08:15:32.0196 4944 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:15:32.0196 4944 TsUsbFlt - ok
08:15:32.0206 4944 tsusbhub - ok
08:15:32.0206 4944 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:15:32.0206 4944 tunnel - ok
08:15:32.0206 4944 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:15:32.0206 4944 uagp35 - ok
08:15:32.0216 4944 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:15:32.0216 4944 udfs - ok
08:15:32.0216 4944 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:15:32.0226 4944 UI0Detect - ok
08:15:32.0226 4944 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:15:32.0226 4944 uliagpkx - ok
08:15:32.0226 4944 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
08:15:32.0226 4944 umbus - ok
08:15:32.0226 4944 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:15:32.0226 4944 UmPass - ok
08:15:32.0236 4944 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
08:15:32.0236 4944 UmRdpService - ok
08:15:32.0256 4944 [ CD114CE02A10FA79C229770788106842 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:15:32.0266 4944 UNS - ok
08:15:32.0266 4944 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:15:32.0276 4944 upnphost - ok
08:15:32.0276 4944 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:15:32.0276 4944 usbccgp - ok
08:15:32.0276 4944 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:15:32.0276 4944 usbcir - ok
08:15:32.0286 4944 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:15:32.0286 4944 usbehci - ok
08:15:32.0286 4944 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:15:32.0286 4944 usbhub - ok
08:15:32.0286 4944 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:15:32.0296 4944 usbohci - ok
08:15:32.0296 4944 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:15:32.0296 4944 usbprint - ok
08:15:32.0296 4944 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:15:32.0296 4944 USBSTOR - ok
08:15:32.0296 4944 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:15:32.0296 4944 usbuhci - ok
08:15:32.0306 4944 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:15:32.0306 4944 UxSms - ok
08:15:32.0306 4944 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:15:32.0306 4944 VaultSvc - ok
08:15:32.0306 4944 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:15:32.0306 4944 vdrvroot - ok
08:15:32.0316 4944 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:15:32.0316 4944 vds - ok
08:15:32.0316 4944 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:15:32.0316 4944 vga - ok
08:15:32.0326 4944 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:15:32.0326 4944 VgaSave - ok
08:15:32.0326 4944 VGPU - ok
08:15:32.0326 4944 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:15:32.0326 4944 vhdmp - ok
08:15:32.0336 4944 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:15:32.0336 4944 viaide - ok
08:15:32.0336 4944 [ D7D9E7C0C64350259C355EFE37AD9CE6 ] VirtuWDDM C:\Windows\system32\DRIVERS\VirtuWDDM.sys
08:15:32.0336 4944 VirtuWDDM - ok
08:15:32.0336 4944 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
08:15:32.0346 4944 vmbus - ok
08:15:32.0346 4944 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
08:15:32.0346 4944 VMBusHID - ok
08:15:32.0346 4944 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:15:32.0346 4944 volmgr - ok
08:15:32.0356 4944 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:15:32.0356 4944 volmgrx - ok
08:15:32.0356 4944 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:15:32.0356 4944 volsnap - ok
08:15:32.0366 4944 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:15:32.0366 4944 vsmraid - ok
08:15:32.0376 4944 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:15:32.0386 4944 VSS - ok
08:15:32.0386 4944 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
08:15:32.0386 4944 vwifibus - ok
08:15:32.0396 4944 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:15:32.0396 4944 W32Time - ok
08:15:32.0396 4944 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:15:32.0396 4944 WacomPen - ok
08:15:32.0396 4944 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:15:32.0406 4944 WANARP - ok
08:15:32.0406 4944 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:15:32.0406 4944 Wanarpv6 - ok
08:15:32.0416 4944 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:15:32.0416 4944 WatAdminSvc - ok
08:15:32.0426 4944 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:15:32.0436 4944 wbengine - ok
08:15:32.0446 4944 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:15:32.0446 4944 WbioSrvc - ok
08:15:32.0446 4944 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:15:32.0446 4944 wcncsvc - ok
08:15:32.0456 4944 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:15:32.0456 4944 WcsPlugInService - ok
08:15:32.0456 4944 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:15:32.0456 4944 Wd - ok
08:15:32.0466 4944 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:15:32.0466 4944 Wdf01000 - ok
08:15:32.0466 4944 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:15:32.0466 4944 WdiServiceHost - ok
08:15:32.0476 4944 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:15:32.0476 4944 WdiSystemHost - ok
08:15:32.0476 4944 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:15:32.0476 4944 WebClient - ok
08:15:32.0486 4944 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:15:32.0486 4944 Wecsvc - ok
08:15:32.0486 4944 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:15:32.0486 4944 wercplsupport - ok
08:15:32.0486 4944 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:15:32.0496 4944 WerSvc - ok
08:15:32.0496 4944 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:15:32.0496 4944 WfpLwf - ok
08:15:32.0496 4944 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:15:32.0496 4944 WIMMount - ok
08:15:32.0496 4944 WinDefend - ok
08:15:32.0506 4944 WinHttpAutoProxySvc - ok
08:15:32.0506 4944 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:15:32.0506 4944 Winmgmt - ok
08:15:32.0526 4944 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:15:32.0536 4944 WinRM - ok
08:15:32.0546 4944 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:15:32.0546 4944 Wlansvc - ok
08:15:32.0546 4944 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:15:32.0546 4944 WmiAcpi - ok
08:15:32.0556 4944 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:15:32.0556 4944 wmiApSrv - ok
08:15:32.0556 4944 WMPNetworkSvc - ok
08:15:32.0566 4944 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:15:32.0566 4944 WPCSvc - ok
08:15:32.0566 4944 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:15:32.0566 4944 WPDBusEnum - ok
08:15:32.0566 4944 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:15:32.0566 4944 ws2ifsl - ok
08:15:32.0576 4944 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
08:15:32.0576 4944 wscsvc - ok
08:15:32.0576 4944 WSearch - ok
08:15:32.0596 4944 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:15:32.0606 4944 wuauserv - ok
08:15:32.0606 4944 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:15:32.0606 4944 WudfPf - ok
08:15:32.0616 4944 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:15:32.0616 4944 WUDFRd - ok
08:15:32.0616 4944 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:15:32.0616 4944 wudfsvc - ok
08:15:32.0616 4944 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:15:32.0626 4944 WwanSvc - ok
08:15:32.0626 4944 ================ Scan global ===============================
08:15:32.0626 4944 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:15:32.0626 4944 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:15:32.0636 4944 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:15:32.0636 4944 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:15:32.0636 4944 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:15:32.0646 4944 [Global] - ok
08:15:32.0646 4944 ================ Scan MBR ==================================
08:15:32.0656 4944 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
08:15:32.0706 4944 \Device\Harddisk1\DR1 - ok
08:15:32.0706 4944 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:15:32.0816 4944 \Device\Harddisk0\DR0 - ok
08:15:32.0816 4944 ================ Scan VBR ==================================
08:15:32.0846 4944 [ 6261B8FD7E3212E37FE3361EE8CABE8F ] \Device\Harddisk1\DR1\Partition1
08:15:32.0846 4944 \Device\Harddisk1\DR1\Partition1 - ok
08:15:32.0846 4944 [ 5256A42DB985C4E8B4A0DCA7340D0DC6 ] \Device\Harddisk0\DR0\Partition1
08:15:32.0846 4944 \Device\Harddisk0\DR0\Partition1 - ok
08:15:32.0856 4944 [ 390F5E127845449BC644A39B9FB562F1 ] \Device\Harddisk0\DR0\Partition2
08:15:32.0856 4944 \Device\Harddisk0\DR0\Partition2 - ok
08:15:32.0856 4944 ============================================================
08:15:32.0856 4944 Scan finished
08:15:32.0856 4944 ============================================================
08:15:32.0856 3620 Detected object count: 0
08:15:32.0856 3620 Actual detected object count: 0
08:15:35.0157 2752 Deinitialize success

aswMBR:

I couldn't get this to run in safe mode. It kept freezing at the Windows/assembly/FAC_MSIL/Microsoft.Security.ApplicationID.PolicyMan....the rest is cut off.

ESET:
C:\Program Files (x86)\BasicScan\basicscan.dll a variant of Win32/Adware.OneStep.BQ application
C:\Program Files (x86)\BasicScan\basicscan.exe a variant of Win32/Adware.OneStep.BZ application
C:\Users\Airy\AppData\Local\VideoTwisterSA\bin\1.0.5.0\videotwisterSA.exe probably a variant of Win32/Adware.180Solutions application
C:\Users\Airy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\1ebeba77-2dd622bd Java/Exploit.CVE-2012-1723.BJ trojan
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1Z1L31DU\upgrade[1].cab a variant of Win32/Adware.OneStep.BZ application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1Z1L31DU\upgrade[1].cab a variant of Win32/Adware.OneStep.BZ application
Operating memory probably a variant of Win32/Adware.180Solutions application

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:35 PM

Posted 26 September 2012 - 08:48 AM

Run ESET scanner again and make sure to remove the detected infections.

Download Listparts from here

For 64 bit

List parts 64

Launch it,click on SCAN,post the log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#5 Airy_One

Airy_One
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 26 September 2012 - 06:02 PM

List parts:
ListParts by Farbar Version: 25-09-2012
Ran by Airy (administrator) on 26-09-2012 at 17:47:14
Windows 7 (X64)
Running From: C:\Users\Airy\Desktop\New folder
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 44%
Total physical RAM: 8103.52 MB
Available physical RAM: 4479.02 MB
Total Pagefile: 16205.24 MB
Available Pagefile: 13163.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive a: (New Volume) (Fixed) (Total:1863.01 GB) (Free:1770.14 GB) NTFS
2 Drive c: () (Fixed) (Total:119.13 GB) (Free:51.35 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 119 GB 13 MB
Disk 1 Online 1863 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 119 GB 101 MB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partition 119 GB Healthy Boot

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1863 GB 1024 KB

======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 A New Volume NTFS Partition 1863 GB Healthy

======================================================================================================

****** End Of Log ******

Malwarebytes:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.26.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Airy :: TARDIS [administrator]

9/26/2012 5:49:19 PM
mbam-log-2012-09-26 (17-49-19).txt

Scan type: Full scan (A:\|C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 828809
Time elapsed: 45 minute(s), 25 second(s)

Memory Processes Detected: 1
C:\Users\Airy\AppData\Roaming\KB00175615.exe (Trojan.Agent.Gen) -> 6892 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\Software\videotwisterSA (Adware.HotBar.TV) -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\videotwisterSA (Adware.HotBar.TV) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|KB00175615.exe (Trojan.Agent.Gen) -> Data: "C:\Users\Airy\AppData\Roaming\KB00175615.exe" -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 9
C:\Program Files (x86)\BasicScan\BasicScan_deleted_ (Adware.Zwangi) -> Quarantined and deleted successfully.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA\bin (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA\bin\1.0.5.0 (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA\data (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA\bin (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA\bin\1.0.5.0 (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA\data (Adware.HotBar.TV) -> Quarantined and deleted successfully.

Files Detected: 17
C:\Users\Airy\AppData\Local\Temp\0.5747100253290799 (Trojan.Happili) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\Temp\NOD668A.tmp (Adware.Zwangi) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA\bin\1.0.5.0\videotwisterSAHook.dll (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Roaming\KB00175615.exe (Trojan.Agent.Gen) -> Delete on reboot.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA\bin\1.0.5.0\copyright.txt (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA\bin\1.0.5.0\VideoTwisterSACB.exe (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA\bin\1.0.5.0\videotwisterSAHook.dll (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA\bin\1.0.5.0\VideoTwisterUninstaller.exe (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA\data\videotwisterSA.dat (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA\data\VideoTwisterSAau.dat (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\Local Settings\Application Data\VideoTwisterSA\data\VideoTwisterSA_kyf.dat (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA\bin\1.0.5.0\copyright.txt (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA\bin\1.0.5.0\VideoTwisterSACB.exe (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA\bin\1.0.5.0\VideoTwisterUninstaller.exe (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA\data\videotwisterSA.dat (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA\data\VideoTwisterSAau.dat (Adware.HotBar.TV) -> Quarantined and deleted successfully.
C:\Users\Airy\AppData\Local\VideoTwisterSA\data\VideoTwisterSA_kyf.dat (Adware.HotBar.TV) -> Quarantined and deleted successfully.

(end)

mini toolbox:
MiniToolBox by Farbar Version: 23-07-2012
Ran by Airy (administrator) on 26-09-2012 at 18:44:31
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tardis
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : BC-5F-F4-1E-DC-C2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1d19:7520:839b:279%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, September 26, 2012 8:33:12 AM
Lease Expires . . . . . . . . . . : Thursday, September 27, 2012 8:33:12 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 247226356
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-C1-65-7C-BC-5F-F4-1E-DC-C2
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{0412C1B7-217C-4ABD-8F3C-3C01A349BD3E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:308b:3969:3f57:fe98(Preferred)
Link-local IPv6 Address . . . . . : fe80::308b:3969:3f57:fe98%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.utk.edu:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: DD-WRT
Address: 192.168.1.1

Name: google.com
Addresses: 2001:4860:800a::71
74.125.134.100
74.125.134.102
74.125.134.113
74.125.134.139
74.125.134.138
74.125.134.101


Pinging google.com [74.125.134.101] with 32 bytes of data:
Reply from 74.125.134.101: bytes=32 time=21ms TTL=47
Reply from 74.125.134.101: bytes=32 time=21ms TTL=47

Ping statistics for 74.125.134.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 21ms, Average = 21ms
Server: DD-WRT
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=72ms TTL=48
Reply from 98.138.253.109: bytes=32 time=72ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 72ms, Maximum = 72ms, Average = 72ms
Server: DD-WRT
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...bc 5f f4 1e dc c2 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.103 276
192.168.1.103 255.255.255.255 On-link 192.168.1.103 276
192.168.1.255 255.255.255.255 On-link 192.168.1.103 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:9d38:6ab8:308b:3969:3f57:fe98/128
On-link
10 276 fe80::/64 On-link
11 306 fe80::/64 On-link
10 276 fe80::1d19:7520:839b:279/128
On-link
11 306 fe80::308b:3969:3f57:fe98/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447928] (PC Tools Research Pty Ltd.)
x64-Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447928] (PC Tools Research Pty Ltd.)
x64-Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447928] (PC Tools Research Pty Ltd.)
x64-Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447928] (PC Tools Research Pty Ltd.)
x64-Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447928] (PC Tools Research Pty Ltd.)
x64-Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447928] (PC Tools Research Pty Ltd.)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 17 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447928] (PC Tools Research Pty Ltd.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/26/2012 05:58:44 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b8c

Start Time: 01cd9c319c9c13b7

Termination Time: 20

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (09/26/2012 05:23:32 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1a90

Start Time: 01cd9c2d10835068

Termination Time: 50

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (09/26/2012 05:22:41 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1708

Start Time: 01cd9c2cedf1a1c4

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 4bcf8c80-0820-11e2-9631-bc5ff41edcc2

Error: (09/26/2012 05:21:42 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1318

Start Time: 01cd9be34679fb7e

Termination Time: 10

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 2784e314-0820-11e2-9631-bc5ff41edcc2

Error: (09/26/2012 04:42:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/26/2012 10:09:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/26/2012 10:09:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/26/2012 10:09:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/26/2012 09:44:02 AM) (Source: Application Error) (User: )
Description: Faulting application name: aswMBR.exe, version: 0.9.9.1665, time stamp: 0x4f5f9c86
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e41b
Faulting process id: 0x19ec
Faulting application start time: 0xaswMBR.exe0
Faulting application path: aswMBR.exe1
Faulting module path: aswMBR.exe2
Report Id: aswMBR.exe3

Error: (09/26/2012 09:42:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/26/2012 08:33:12 AM) (Source: Service Control Manager) (User: )
Description: The HitmanPro 3.6 Crusader (Boot) service failed to start due to the following error:
%%2

Error: (09/26/2012 08:25:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/26/2012 08:25:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/26/2012 08:25:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/26/2012 08:25:21 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (09/26/2012 08:25:20 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/26/2012 08:25:20 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/26/2012 08:25:20 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/26/2012 08:25:20 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/26/2012 08:25:19 AM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (09/26/2012 05:58:44 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164501b8c01cd9c319c9c13b720C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (09/26/2012 05:23:32 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164501a9001cd9c2d1083506850C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (09/26/2012 05:22:41 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16450170801cd9c2cedf1a1c40C:\Program Files (x86)\Internet Explorer\iexplore.exe4bcf8c80-0820-11e2-9631-bc5ff41edcc2

Error: (09/26/2012 05:21:42 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16450131801cd9be34679fb7e10C:\Program Files (x86)\Internet Explorer\iexplore.exe2784e314-0820-11e2-9631-bc5ff41edcc2

Error: (09/26/2012 04:42:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Airy\Desktop\New folder\esetsmartinstaller_enu.exe

Error: (09/26/2012 10:09:16 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Airy\Desktop\new folder\esetsmartinstaller_enu.exe

Error: (09/26/2012 10:09:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Airy\Desktop\new folder\esetsmartinstaller_enu.exe

Error: (09/26/2012 10:09:00 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/26/2012 09:44:02 AM) (Source: Application Error)(User: )
Description: aswMBR.exe0.9.9.16654f5f9c86ntdll.dll6.1.7601.177254ec49b8fc00000050002e41b19ec01cd9becd5716f96C:\Users\Airy\Desktop\New folder\aswMBR.exeC:\Windows\SysWOW64\ntdll.dll3b0f1ef5-07e0-11e2-9631-bc5ff41edcc2

Error: (09/26/2012 09:42:53 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Airy\Desktop\New folder\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

7-Zip 9.20
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.62)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.10.1.0)
ASRock App Charger v1.0.4
Baldur's Gate
Baldur's Gate Complete
Baldur's Gate II - Shadows of Amn + Throne Bhaal
Bonjour (Version: 3.0.0.10)
Browser Defender 4.0 (Version: 4.0.0.0)
CCleaner (Version: 3.17)
Combined Community Codec Pack 2011-11-11 (Version: 2011.11.11.0)
CPUID HWMonitor 1.19
DAEMON Tools Lite (Version: 4.45.3.0297)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dragon Age: Origins
Dustforce
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
FINAL FANTASY XI: Ultimate Collection - Abyssea Edition
GameStop App (Version: 4.00)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
Icewind Dale
Icewind Dale - Heart of Winter
Icewind Dale Complete
Icewind Dale II
Icewind Dale II (Version: 1.00.000)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2372)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Logitech SetPoint 6.32 (Version: 6.32.20)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
NVIDIA 3D Vision Controller Driver 285.66 (Version: 285.66)
NVIDIA Control Panel 285.66 (Version: 285.66)
NVIDIA Graphics Driver 285.66 (Version: 285.66)
NVIDIA HD Audio Driver 1.2.24.0 (Version: 1.2.24.0)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA PhysX (Version: 9.11.0621)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
PC Tools Spyware Doctor with AntiVirus 9.0 (Version: 9.0)
Realtek Ethernet Controller Driver (Version: 7.44.421.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6392)
Shira Oka - Second Chances
SMPlayer 0.8.0 (Version: 0.8.0)
Steam (Version: 1.0.0.0)
Super Monday Night Combat
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VIRTU 1.2.104 (Version: 1.2.104)

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 8103.52 MB
Available physical RAM: 4216.12 MB
Total Pagefile: 16205.24 MB
Available Pagefile: 12852.66 MB
Total Virtual: 4095.88 MB
Available Virtual: 3949.75 MB

========================= Partitions: =====================================

1 Drive a: (New Volume) (Fixed) (Total:1863.01 GB) (Free:1770.14 GB) NTFS
2 Drive c: () (Fixed) (Total:119.13 GB) (Free:53.47 GB) NTFS

========================= Users: ========================================

User accounts for \\TARDIS

Administrator Airy Guest

========================= Restore Points ==================================

18-09-2012 21:04:31 Installed Microsoft Visual C++ 2005 Redistributable
18-09-2012 21:05:18 Installed Microsoft Visual C++ 2005 Redistributable
18-09-2012 21:06:28 Installed DirectX
20-09-2012 07:00:10 Windows Update
22-09-2012 07:00:12 Windows Update
26-09-2012 06:51:15 Windows Update

**** End of log ****

FSS:
arbar Service Scanner Version: 19-09-2012
Ran by Airy (administrator) on 26-09-2012 at 18:45:52
Running from "C:\Users\Airy\Desktop\New folder"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware Cleaner:
# AdwCleaner v2.003 - Logfile created 09/26/2012 at 18:48:18
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Airy - TARDIS
# Boot Mode : Normal
# Running from : C:\Users\Airy\Desktop\New folder\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\BasicScan

***** [Registry] *****

Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[S1].txt - [1027 octets] - [26/09/2012 18:48:18]

########## EOF - C:\AdwCleaner[S1].txt - [1087 octets] ##########

JRT:
Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.0 (09.26.2012)
OS: Windows 7 Ultimate x64
Ran by Airy on 09/26/2012 Wed at 18:57:06.27
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}



*** Files: 0 Detections



*** Folders: 0 Detections



*** Ask Toolbar: - Remnants removed







*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on 09/26/2012 Wed at 18:57:15.51
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:35 PM

Posted 26 September 2012 - 06:04 PM

Run ESET scanner and malwarebytes once again and post the new logs

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 Airy_One

Airy_One
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 26 September 2012 - 10:10 PM

ESET:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=943cc859dbb02141be1eee39b718937a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-26 01:38:45
# local_time=2012-09-26 09:38:45 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 13627569 100206580 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=654521
# found=7
# cleaned=0
# scan_time=3595
C:\Program Files (x86)\BasicScan\basicscan.dll a variant of Win32/Adware.OneStep.BQ application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\BasicScan\basicscan.exe a variant of Win32/Adware.OneStep.BZ application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Airy\AppData\Local\VideoTwisterSA\bin\1.0.5.0\videotwisterSA.exe probably a variant of Win32/Adware.180Solutions application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Airy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\1ebeba77-2dd622bd Java/Exploit.CVE-2012-1723.BJ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1Z1L31DU\upgrade[1].cab a variant of Win32/Adware.OneStep.BZ application (unable to clean) 00000000000000000000000000000000 I
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1Z1L31DU\upgrade[1].cab a variant of Win32/Adware.OneStep.BZ application (unable to clean) 00000000000000000000000000000000 I
${Memory} probably a variant of Win32/Adware.180Solutions application 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=943cc859dbb02141be1eee39b718937a
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-26 09:45:40
# local_time=2012-09-26 05:45:40 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 13656780 100235791 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=645511
# found=6
# cleaned=5
# scan_time=3599
C:\Program Files (x86)\BasicScan\BasicScan_deleted_\basicscan.dll a variant of Win32/Adware.OneStep.BQ application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\Users\Airy\AppData\Local\Temp\NODBAA.tmp a variant of Win32/Adware.OneStep.BQ application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C
C:\Users\Airy\AppData\Local\VideoTwisterSA\bin\1.0.5.0\videotwisterSA.exe probably a variant of Win32/Adware.180Solutions application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Airy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\1ebeba77-2dd622bd Java/Exploit.CVE-2012-1723.BJ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1Z1L31DU\upgrade[1].cab a variant of Win32/Adware.OneStep.BZ application (deleted - quarantined) 00000000000000000000000000000000 C
${Memory} probably a variant of Win32/AutoRun.Spy.Banker.M worm 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=943cc859dbb02141be1eee39b718937a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-27 01:35:58
# local_time=2012-09-26 09:35:58 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 13670277 100249288 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=642187
# found=0
# cleaned=0
# scan_time=3920
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=943cc859dbb02141be1eee39b718937a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-27 03:05:35
# local_time=2012-09-26 11:05:35 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 13676064 100255075 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=642229
# found=0
# cleaned=0
# scan_time=3510

Malwarebytes:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.26.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Airy :: TARDIS [administrator]

9/26/2012 8:43:31 PM
mbam-log-2012-09-26 (20-43-31).txt

Scan type: Full scan (A:\|C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 828582
Time elapsed: 46 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Rkill:
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/26/2012 10:02:12 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/26/2012 10:02:16 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)

Autoruns:
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EvtMgr6" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpointp\setpoint.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "itype" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\Users\Airy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "GameStop Now.lnk" "GameStop Now" "GameStop Corp." "a:\gamestop app\now\gamestopnow.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "PackageAware" "Microsoft® InfoTech CC Local DLL" "Microsoft Corporation" "c:\users\airy\appdata\local\skyrim\packageaware\fqnqx.dll"
+ "Steam" "Steam" "Valve Corporation" "a:\steam\steam.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "PC Tools Browser Defender BHO" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files (x86)\pc tools\pc tools security\bdt\pctbrowserdefender.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "PC Tools Browser Defender" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files (x86)\pc tools\pc tools security\bdt\pctbrowserdefender.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IType_exe" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "\RunAsStdUser Task" "" "" "File not found: C:\Users\Airy\AppData\Local\videotwisterSA\bin\1.0.5.0\VideoTwisterSA.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Browser Defender Update Service" "Browser Defender Update Service" "Threat Expert Ltd." "c:\program files (x86)\pc tools\pc tools security\bdt\bdtupdateservice.exe"
+ "HitmanPro36CrusaderBoot" "" "" "File not found: C:\Users\Airy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4NNKX4OD\HitmanPro36_x64.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "sdAuxService" "Provides auxiliary PC Tools Security services. If this service is disabled spyware protection will be reduced." "PC Tools" "c:\program files (x86)\pc tools\pc tools security\pctsauxs.exe"
+ "sdCoreService" "Provides spyware and malware protection for the system. If this service is disabled spyware protection will be disabled." "PC Tools" "c:\program files (x86)\pc tools\pc tools security\pctssvc.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "ThreatFire" "The ThreatFire engine responsible for monitoring your system for viruses, spyware, and other malware. Turning this service off makes your machine vulnerable to such attacks." "PC Tools" "c:\program files (x86)\pc tools\pc tools security\tfengine\tfservice.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "asmthub3" "ASMedia USB3 Hub Driver" "ASMedia Technology Inc" "c:\windows\system32\drivers\asmthub3.sys"
+ "asmtxhci" "ASMEDIA XHCI Host Controller Driver" "ASMedia Technology Inc" "c:\windows\system32\drivers\asmtxhci.sys"
+ "AsrAppCharger" "ASRock App Charger Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\asrappcharger.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz135" "CPUID Driver" "CPUID" "c:\windows\system32\drivers\cpuz135_x64.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LUsbFilt" "Logitech USB Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lusbfilt.sys"
+ "MBfilt" "Creative Audio Driver" "Creative Technology Ltd." "c:\windows\system32\drivers\mbfilt64.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 295.73 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PCTBD" "PC Tools BD Driver" "PC Tools" "c:\windows\system32\drivers\pctbd64.sys"
+ "PCTCore" "PC Tools KDS Core Driver" "PC Tools" "c:\windows\system32\drivers\pctcore64.sys"
+ "pctDS" "PC Tools Data Store" "PC Tools" "c:\windows\system32\drivers\pctds64.sys"
+ "pctEFA" "PC Tools Extended File Attributes" "PC Tools" "c:\windows\system32\drivers\pctefa64.sys"
+ "pctgntdi" "PC Tools Generic TDI Driver" "PC Tools" "c:\windows\system32\drivers\pctgntdi64.sys"
+ "pctplsg" "PC Tools SG Plugin Driver" "PC Tools" "c:\windows\system32\drivers\pctplsg64.sys"
+ "PCTSD" "PC Tools SD Driver" "PC Tools" "c:\windows\system32\drivers\pctsd64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "sxuptp" "" "" "File not found: system32\DRIVERS\sxuptp.sys"
+ "Synth3dVsc" "" "" "File not found: System32\drivers\synth3dvsc.sys"
+ "TfFsMon" "ThreatFire Filesystem Monitor" "PC Tools" "c:\windows\system32\drivers\tffsmon.sys"
+ "TfNetMon" "ThreatFire Network Monitor" "PC Tools" "c:\windows\system32\drivers\tfnetmon.sys"
+ "TFSysMon" "ThreatFire System Monitor" "PC Tools" "c:\windows\system32\drivers\tfsysmon.sys"
+ "tsusbhub" "@%SystemRoot%\system32\drivers\tsusbhub.sys,-2" "" "File not found: system32\drivers\tsusbhub.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "VirtuWDDM" "LucidInterop WDDM Driver" "Lucidlogix Inc." "c:\windows\system32\drivers\virtuwddm.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FFDS" "" "" "c:\program files (x86)\combined community codec pack\filters\ffdshow\ff_vfw.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files (x86)\combined community codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "MPC-HC Team" "c:\program files (x86)\combined community codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\combined community codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\combined community codec pack\filters\haali\splitter.ax"
+ "LAV Audio Decoder" "LAV Audio Decoder - DirectShow Audio Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\combined community codec pack\filters\lavfilters\lavaudio.ax"
+ "LAV Splitter" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\combined community codec pack\filters\lavfilters\lavsplitter.ax"
+ "LAV Splitter Source" "LAV Splitter - DirectShow Media Splitter" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\combined community codec pack\filters\lavfilters\lavsplitter.ax"
+ "LAV Video Decoder" "LAV Video Decoder - DirectShow Video Decoder" "1f0.de - Hendrik Leppkes" "c:\program files (x86)\combined community codec pack\filters\lavfilters\lavvideo.ax"
+ "MPC - MPEG-2 Video Decoder (Gabest)" "MPEG-2 Decoder Filter for DirectShow" "MPC-HC Team" "c:\program files (x86)\combined community codec pack\filters\mpeg2decfilter.ax"
+ "PlayOnline Movie File Source" "PlayOnline Viewer polmvf Module" "SQUARE ENIX CO., LTD." "a:\steam\steamapps\common\ffxi\squareenix\playonlineviewer\viewer\ax\polmvfint.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ " C:\PROGRA~1\LUCIDL~1\VIRTU\APPINI~1.DLL" "appinit_dll.dll" "Lucidlogix Inc." "c:\program files\lucidlogix technologies\virtu\appinit_dll.dll"
+ "C:\Windows\system32\nvinitx.dll" "NVIDIA shim initialization dll, Version 295.73 " "NVIDIA Corporation" "c:\windows\system32\nvinitx.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ " C:\Windows\SysWOW64\nvinit.dll" "NVIDIA shim initialization dll, Version 295.73 " "NVIDIA Corporation" "c:\windows\syswow64\nvinit.dll"
+ "C:\PROGRA~1\LUCIDL~1\VIRTU\x86\APPINI~1.DLL" "appinit_dll.dll" "Lucidlogix Inc." "c:\program files\lucidlogix technologies\virtu\x86\appinit_dll.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "PCTOOLS CONTENT FILTER PROVIDER" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [RAW/IP]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [RAW/IPv6]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [TCP/IP]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [TCP/IPv6]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [UDP/IP]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp.dll"
+ "PCTOOLS over [MSAFD Tcpip [UDP/IPv6]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64" "" "" ""
+ "PCTOOLS CONTENT FILTER PROVIDER" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp64.dll"
+ "PCTOOLS over [MSAFD Tcpip [RAW/IP]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp64.dll"
+ "PCTOOLS over [MSAFD Tcpip [RAW/IPv6]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp64.dll"
+ "PCTOOLS over [MSAFD Tcpip [TCP/IP]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp64.dll"
+ "PCTOOLS over [MSAFD Tcpip [TCP/IPv6]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp64.dll"
+ "PCTOOLS over [MSAFD Tcpip [UDP/IP]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp64.dll"
+ "PCTOOLS over [MSAFD Tcpip [UDP/IPv6]]" "PC Tools Layered Service Provider" "PC Tools Research Pty Ltd." "c:\program files (x86)\common files\pc tools\lsp\pctlsp64.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:35 PM

Posted 27 September 2012 - 01:02 AM

Launch Autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "PackageAware" "Microsoft® InfoTech CC Local DLL" "Microsoft Corporation" "c:\users\airy\appdata\local\skyrim\packageaware\fqnqx.dll"

Restart the PC and delete this file

c:\users\airy\appdata\local\skyrim\packageaware\fqnqx.dll

Let me know if you still have redirects

#9 Airy_One

Airy_One
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 27 September 2012 - 02:17 AM

That seemed to have fixed it. I did a bunch of searches and had no redirects. I restarted and still no redirects. Thank you so much for all of your help!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:35 PM

Posted 27 September 2012 - 06:45 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP-http://support.microsoft.com/kb/310405

Vista & windows 7-http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users