Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

VIRUS REMOVAL


  • Please log in to reply
32 replies to this topic

#1 Jonathan M.

Jonathan M.

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 02 October 2012 - 11:01 PM

Hey I recently acquired virus that my ESET smart security 5 detected a GAC_32 desktop.ini trojan...and it wont delete??? Can someone please help me???

Edited by Orange Blossom, 02 October 2012 - 11:07 PM.
Moved to AII from Windows 7. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:31 PM

Posted 02 October 2012 - 11:26 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Jonathan M.

Jonathan M.
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 02 October 2012 - 11:46 PM

00:39:35.0127 5684 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
00:39:35.0625 5684 ============================================================
00:39:35.0625 5684 Current date / time: 2012/10/03 00:39:35.0625
00:39:35.0625 5684 SystemInfo:
00:39:35.0625 5684
00:39:35.0625 5684 OS Version: 6.1.7601 ServicePack: 1.0
00:39:35.0625 5684 Product type: Workstation
00:39:35.0625 5684 ComputerName: AAYDEN-PC
00:39:35.0625 5684 UserName: Aaden
00:39:35.0625 5684 Windows directory: C:\Windows
00:39:35.0625 5684 System windows directory: C:\Windows
00:39:35.0625 5684 Running under WOW64
00:39:35.0625 5684 Processor architecture: Intel x64
00:39:35.0625 5684 Number of processors: 1
00:39:35.0625 5684 Page size: 0x1000
00:39:35.0625 5684 Boot type: Normal boot
00:39:35.0625 5684 ============================================================
00:39:36.0044 5684 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:39:36.0049 5684 ============================================================
00:39:36.0049 5684 \Device\Harddisk0\DR0:
00:39:36.0049 5684 MBR partitions:
00:39:36.0049 5684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000
00:39:36.0049 5684 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x72B7BDB0
00:39:36.0049 5684 ============================================================
00:39:36.0126 5684 C: <-> \Device\Harddisk0\DR0\Partition2
00:39:36.0127 5684 ============================================================
00:39:36.0127 5684 Initialize success
00:39:36.0127 5684 ============================================================
00:40:43.0950 5164 ============================================================
00:40:43.0950 5164 Scan started
00:40:43.0950 5164 Mode: Manual; TDLFS;
00:40:43.0950 5164 ============================================================
00:40:44.0565 5164 ================ Scan system memory ========================
00:40:44.0565 5164 System memory - ok
00:40:44.0567 5164 ================ Scan services =============================
00:40:44.0596 5164 .EsetTrialReset - ok
00:40:44.0954 5164 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:40:44.0955 5164 1394ohci - ok
00:40:44.0982 5164 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
00:40:44.0984 5164 acedrv11 - ok
00:40:45.0020 5164 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:40:45.0023 5164 ACPI - ok
00:40:45.0058 5164 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:40:45.0058 5164 AcpiPmi - ok
00:40:45.0064 5164 Adobe Licensing Console - ok
00:40:45.0091 5164 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:40:45.0094 5164 adp94xx - ok
00:40:45.0118 5164 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:40:45.0121 5164 adpahci - ok
00:40:45.0133 5164 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:40:45.0135 5164 adpu320 - ok
00:40:45.0164 5164 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:40:45.0165 5164 AeLookupSvc - ok
00:40:45.0202 5164 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:40:45.0205 5164 AFD - ok
00:40:45.0225 5164 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:40:45.0226 5164 agp440 - ok
00:40:45.0245 5164 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:40:45.0246 5164 ALG - ok
00:40:45.0270 5164 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:40:45.0271 5164 aliide - ok
00:40:45.0286 5164 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:40:45.0286 5164 amdide - ok
00:40:45.0308 5164 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:40:45.0309 5164 AmdK8 - ok
00:40:45.0326 5164 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:40:45.0327 5164 AmdPPM - ok
00:40:45.0365 5164 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:40:45.0366 5164 amdsata - ok
00:40:45.0391 5164 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:40:45.0393 5164 amdsbs - ok
00:40:45.0408 5164 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:40:45.0409 5164 amdxata - ok
00:40:45.0466 5164 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
00:40:45.0467 5164 AppHostSvc - ok
00:40:45.0508 5164 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:40:45.0510 5164 AppID - ok
00:40:45.0547 5164 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:40:45.0548 5164 AppIDSvc - ok
00:40:45.0584 5164 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:40:45.0585 5164 Appinfo - ok
00:40:45.0680 5164 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:40:45.0682 5164 Apple Mobile Device - ok
00:40:45.0714 5164 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
00:40:45.0715 5164 arc - ok
00:40:45.0724 5164 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:40:45.0725 5164 arcsas - ok
00:40:45.0762 5164 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:40:45.0763 5164 AsyncMac - ok
00:40:45.0786 5164 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:40:45.0787 5164 atapi - ok
00:40:45.0832 5164 [ B07E6681D303A612680223C729B021E2 ] ATITool C:\Windows\system32\DRIVERS\ATITool64.sys
00:40:45.0832 5164 ATITool - ok
00:40:45.0925 5164 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:40:45.0929 5164 AudioEndpointBuilder - ok
00:40:45.0944 5164 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:40:45.0948 5164 AudioSrv - ok
00:40:46.0009 5164 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
00:40:46.0010 5164 avgtp - ok
00:40:46.0054 5164 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:40:46.0056 5164 AxInstSV - ok
00:40:46.0133 5164 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:40:46.0135 5164 b06bdrv - ok
00:40:46.0208 5164 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:40:46.0210 5164 b57nd60a - ok
00:40:46.0366 5164 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
00:40:46.0367 5164 BBSvc - ok
00:40:46.0421 5164 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
00:40:46.0423 5164 BBUpdate - ok
00:40:46.0479 5164 [ 2BC216938A30981473FFEDB251196095 ] bcm C:\Windows\system32\DRIVERS\drxvi314_64.sys
00:40:46.0481 5164 bcm - ok
00:40:46.0518 5164 [ D127A82E01D64B6DD6A838DB710CCEA9 ] bcmbusctr C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys
00:40:46.0519 5164 bcmbusctr - ok
00:40:46.0556 5164 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:40:46.0558 5164 BDESVC - ok
00:40:46.0578 5164 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:40:46.0579 5164 Beep - ok
00:40:46.0599 5164 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:40:46.0599 5164 blbdrive - ok
00:40:46.0681 5164 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:40:46.0684 5164 Bonjour Service - ok
00:40:46.0714 5164 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:40:46.0715 5164 bowser - ok
00:40:46.0736 5164 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:40:46.0736 5164 BrFiltLo - ok
00:40:46.0763 5164 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:40:46.0764 5164 BrFiltUp - ok
00:40:46.0844 5164 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:40:46.0845 5164 Browser - ok
00:40:47.0033 5164 [ 7EFFCCD7B6EA4D3428F5B3ACE8DE8F5A ] Browser Defender Update Service C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
00:40:47.0036 5164 Browser Defender Update Service - ok
00:40:47.0262 5164 [ 29E54364A884FF064B76FA1A2BEA3D60 ] Browser Manager C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
00:40:47.0270 5164 Browser Manager - ok
00:40:47.0351 5164 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:40:47.0353 5164 Brserid - ok
00:40:47.0365 5164 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:40:47.0366 5164 BrSerWdm - ok
00:40:47.0402 5164 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:40:47.0403 5164 BrUsbMdm - ok
00:40:47.0421 5164 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:40:47.0421 5164 BrUsbSer - ok
00:40:47.0453 5164 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:40:47.0454 5164 BTHMODEM - ok
00:40:47.0506 5164 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:40:47.0507 5164 bthserv - ok
00:40:47.0523 5164 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:40:47.0525 5164 cdfs - ok
00:40:47.0587 5164 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:40:47.0588 5164 cdrom - ok
00:40:47.0620 5164 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:40:47.0621 5164 CertPropSvc - ok
00:40:47.0643 5164 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:40:47.0644 5164 circlass - ok
00:40:47.0677 5164 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:40:47.0680 5164 CLFS - ok
00:40:47.0771 5164 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:40:47.0772 5164 clr_optimization_v2.0.50727_32 - ok
00:40:47.0798 5164 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:40:47.0799 5164 clr_optimization_v2.0.50727_64 - ok
00:40:47.0867 5164 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:40:47.0868 5164 clr_optimization_v4.0.30319_32 - ok
00:40:47.0944 5164 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:40:47.0945 5164 clr_optimization_v4.0.30319_64 - ok
00:40:47.0963 5164 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:40:47.0964 5164 CmBatt - ok
00:40:47.0992 5164 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:40:47.0994 5164 cmdide - ok
00:40:48.0034 5164 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
00:40:48.0036 5164 CNG - ok
00:40:48.0125 5164 [ 5DFBD6DCD0568F8CB2355F4B4ED68CB7 ] CodeMeter.exe C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
00:40:48.0134 5164 CodeMeter.exe - ok
00:40:48.0185 5164 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:40:48.0186 5164 Compbatt - ok
00:40:48.0233 5164 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:40:48.0234 5164 CompositeBus - ok
00:40:48.0241 5164 COMSysApp - ok
00:40:48.0268 5164 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:40:48.0269 5164 crcdisk - ok
00:40:48.0308 5164 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:40:48.0310 5164 CryptSvc - ok
00:40:48.0342 5164 [ 20B51198DF64DD6CED07BE75ABC4DF93 ] dalwdmservice C:\Windows\system32\drivers\dalwdm.sys
00:40:48.0344 5164 dalwdmservice - ok
00:40:48.0429 5164 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:40:48.0433 5164 DcomLaunch - ok
00:40:48.0563 5164 [ 2AB40D0F2C34549604C75DC0B54451E7 ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
00:40:48.0565 5164 DefaultTabSearch - ok
00:40:48.0738 5164 [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\Aaden\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
00:40:48.0739 5164 DefaultTabUpdate - ok
00:40:48.0774 5164 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:40:48.0776 5164 defragsvc - ok
00:40:48.0822 5164 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:40:48.0823 5164 DfsC - ok
00:40:48.0905 5164 [ FFE7C108A5211681C21D704C5A467BFD ] DGUSBAP C:\Windows\system32\DRIVERS\dgmbx2.sys
00:40:48.0907 5164 DGUSBAP - ok
00:40:48.0949 5164 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:40:48.0951 5164 Dhcp - ok
00:40:48.0981 5164 [ FAA97C2E28A2A7AFBB156B78FF30F710 ] DigiNet C:\Windows\system32\DRIVERS\diginet.sys
00:40:48.0982 5164 DigiNet - ok
00:40:48.0989 5164 DigiRefresh - ok
00:40:49.0039 5164 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:40:49.0039 5164 discache - ok
00:40:49.0068 5164 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:40:49.0069 5164 Disk - ok
00:40:49.0152 5164 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:40:49.0153 5164 Dnscache - ok
00:40:49.0249 5164 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:40:49.0251 5164 dot3svc - ok
00:40:49.0289 5164 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:40:49.0290 5164 DPS - ok
00:40:49.0308 5164 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:40:49.0308 5164 drmkaud - ok
00:40:49.0363 5164 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
00:40:49.0365 5164 dtsoftbus01 - ok
00:40:49.0515 5164 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:40:49.0520 5164 DXGKrnl - ok
00:40:49.0564 5164 [ 324FCD2DD8A4229DDEF3CC954FF12FA5 ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
00:40:49.0566 5164 e1kexpress - ok
00:40:49.0645 5164 [ 13533557D01B88C83110D5CF749F14D7 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
00:40:49.0647 5164 eamonm - ok
00:40:49.0676 5164 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:40:49.0678 5164 EapHost - ok
00:40:50.0008 5164 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:40:50.0023 5164 ebdrv - ok
00:40:50.0065 5164 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:40:50.0066 5164 EFS - ok
00:40:50.0137 5164 [ E097728129E7B79BF1089D7AEF42332B ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
00:40:50.0139 5164 ehdrv - ok
00:40:50.0462 5164 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:40:50.0466 5164 ehRecvr - ok
00:40:50.0514 5164 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:40:50.0515 5164 ehSched - ok
00:40:50.0741 5164 [ C7BB95CF9631AA401E4ADED1648F6AF7 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
00:40:50.0746 5164 ekrn - ok
00:40:50.0787 5164 [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
00:40:50.0788 5164 ElbyCDIO - ok
00:40:50.0851 5164 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:40:50.0854 5164 elxstor - ok
00:40:50.0881 5164 [ 198C6FBC30BBD9632EA051203DCCF204 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
00:40:50.0882 5164 epfw - ok
00:40:50.0904 5164 [ 56DE463F517710A8AA44EEF82C35B3C9 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
00:40:50.0904 5164 EpfwLWF - ok
00:40:50.0931 5164 [ 710B0442BB2F99278D7B8E02A8849C11 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
00:40:50.0932 5164 epfwwfp - ok
00:40:50.0960 5164 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:40:50.0960 5164 ErrDev - ok
00:40:51.0028 5164 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:40:51.0031 5164 EventSystem - ok
00:40:51.0062 5164 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:40:51.0064 5164 exfat - ok
00:40:51.0097 5164 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:40:51.0099 5164 fastfat - ok
00:40:51.0151 5164 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:40:51.0155 5164 Fax - ok
00:40:51.0207 5164 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:40:51.0208 5164 fdc - ok
00:40:51.0265 5164 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:40:51.0266 5164 fdPHost - ok
00:40:51.0281 5164 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:40:51.0283 5164 FDResPub - ok
00:40:51.0298 5164 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:40:51.0299 5164 FileInfo - ok
00:40:51.0328 5164 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:40:51.0329 5164 Filetrace - ok
00:40:51.0345 5164 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:40:51.0346 5164 flpydisk - ok
00:40:51.0438 5164 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:40:51.0439 5164 FltMgr - ok
00:40:51.0545 5164 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
00:40:51.0551 5164 FontCache - ok
00:40:51.0634 5164 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:40:51.0635 5164 FontCache3.0.0.0 - ok
00:40:51.0682 5164 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:40:51.0683 5164 FsDepends - ok
00:40:51.0724 5164 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
00:40:51.0725 5164 fssfltr - ok
00:40:51.0960 5164 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:40:51.0967 5164 fsssvc - ok
00:40:52.0011 5164 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:40:52.0012 5164 Fs_Rec - ok
00:40:52.0083 5164 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:40:52.0085 5164 fvevol - ok
00:40:52.0131 5164 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:40:52.0132 5164 gagp30kx - ok
00:40:52.0244 5164 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
00:40:52.0245 5164 GamesAppService - ok
00:40:52.0294 5164 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:40:52.0295 5164 GEARAspiWDM - ok
00:40:52.0462 5164 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:40:52.0466 5164 gpsvc - ok
00:40:52.0565 5164 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
00:40:52.0572 5164 Greg_Service - ok
00:40:52.0728 5164 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:40:52.0729 5164 gupdate - ok
00:40:52.0737 5164 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:40:52.0739 5164 gupdatem - ok
00:40:52.0774 5164 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:40:52.0775 5164 hcw85cir - ok
00:40:52.0810 5164 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:40:52.0811 5164 HdAudAddService - ok
00:40:52.0832 5164 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:40:52.0833 5164 HDAudBus - ok
00:40:52.0868 5164 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:40:52.0868 5164 HECIx64 - ok
00:40:52.0888 5164 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:40:52.0889 5164 HidBatt - ok
00:40:52.0918 5164 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:40:52.0919 5164 HidBth - ok
00:40:52.0940 5164 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:40:52.0941 5164 HidIr - ok
00:40:52.0972 5164 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:40:52.0973 5164 hidserv - ok
00:40:53.0003 5164 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:40:53.0003 5164 HidUsb - ok
00:40:53.0036 5164 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:40:53.0038 5164 hkmsvc - ok
00:40:53.0106 5164 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:40:53.0108 5164 HomeGroupListener - ok
00:40:53.0117 5164 HomeGroupListener32 - ok
00:40:53.0179 5164 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:40:53.0182 5164 HomeGroupProvider - ok
00:40:53.0241 5164 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:40:53.0242 5164 HpSAMD - ok
00:40:53.0299 5164 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:40:53.0303 5164 HTTP - ok
00:40:53.0350 5164 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:40:53.0351 5164 hwpolicy - ok
00:40:53.0381 5164 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:40:53.0383 5164 i8042prt - ok
00:40:53.0480 5164 [ 88D26E2881646FAD2B2114CF8C75FC3C ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:40:53.0483 5164 iaStor - ok
00:40:53.0684 5164 [ E649C7C8591D71A0489E356402D16F4C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
00:40:53.0685 5164 IAStorDataMgrSvc - ok
00:40:53.0721 5164 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:40:53.0723 5164 iaStorV - ok
00:40:53.0796 5164 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:40:53.0797 5164 IDriverT - ok
00:40:53.0872 5164 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:40:53.0876 5164 idsvc - ok
00:40:54.0369 5164 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
00:40:54.0428 5164 igfx - ok
00:40:54.0453 5164 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:40:54.0454 5164 iirsp - ok
00:40:54.0620 5164 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:40:54.0625 5164 IKEEXT - ok
00:40:54.0787 5164 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:40:54.0805 5164 IntcAzAudAddService - ok
00:40:54.0934 5164 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:40:54.0936 5164 IntcDAud - ok
00:40:55.0007 5164 [ FE098EF3DB8E8064CF6BE4CA6DD1FDF0 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
00:40:55.0009 5164 Intel® PROSet Monitoring Service - ok
00:40:55.0069 5164 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:40:55.0069 5164 intelide - ok
00:40:55.0111 5164 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:40:55.0112 5164 intelppm - ok
00:40:55.0159 5164 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:40:55.0161 5164 IPBusEnum - ok
00:40:55.0201 5164 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:40:55.0202 5164 IpFilterDriver - ok
00:40:55.0234 5164 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:40:55.0235 5164 IPMIDRV - ok
00:40:55.0266 5164 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:40:55.0268 5164 IPNAT - ok
00:40:55.0362 5164 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:40:55.0367 5164 iPod Service - ok
00:40:55.0387 5164 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:40:55.0388 5164 IRENUM - ok
00:40:55.0409 5164 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:40:55.0409 5164 isapnp - ok
00:40:55.0473 5164 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:40:55.0475 5164 iScsiPrt - ok
00:40:55.0497 5164 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:40:55.0498 5164 kbdclass - ok
00:40:55.0518 5164 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:40:55.0518 5164 kbdhid - ok
00:40:55.0541 5164 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:40:55.0543 5164 KeyIso - ok
00:40:55.0552 5164 KMService - ok
00:40:55.0591 5164 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:40:55.0592 5164 KSecDD - ok
00:40:55.0630 5164 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:40:55.0631 5164 KSecPkg - ok
00:40:55.0650 5164 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:40:55.0652 5164 ksthunk - ok
00:40:55.0691 5164 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:40:55.0694 5164 KtmRm - ok
00:40:55.0726 5164 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:40:55.0728 5164 LanmanServer - ok
00:40:55.0759 5164 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:40:55.0761 5164 LanmanWorkstation - ok
00:40:55.0793 5164 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:40:55.0794 5164 lltdio - ok
00:40:55.0831 5164 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:40:55.0835 5164 lltdsvc - ok
00:40:55.0853 5164 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:40:55.0854 5164 lmhosts - ok
00:40:55.0921 5164 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:40:55.0923 5164 LMS - ok
00:40:55.0972 5164 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:40:55.0973 5164 LSI_FC - ok
00:40:55.0997 5164 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:40:55.0998 5164 LSI_SAS - ok
00:40:56.0015 5164 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:40:56.0016 5164 LSI_SAS2 - ok
00:40:56.0041 5164 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:40:56.0042 5164 LSI_SCSI - ok
00:40:56.0084 5164 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:40:56.0085 5164 luafv - ok
00:40:56.0116 5164 MAUSBMIDI - ok
00:40:56.0147 5164 [ CDBC1E51FF342EAD0CCD7EFB0F27A2EE ] MBX2DFU C:\Windows\system32\DRIVERS\dgmbx2fu.sys
00:40:56.0148 5164 MBX2DFU - ok
00:40:56.0195 5164 [ A8E67055E039356F81C29D25357F22F2 ] MBX2MIDK C:\Windows\system32\drivers\mbx2midk.sys
00:40:56.0195 5164 MBX2MIDK - ok
00:40:56.0257 5164 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:40:56.0259 5164 Mcx2Svc - ok
00:40:56.0295 5164 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:40:56.0296 5164 megasas - ok
00:40:56.0343 5164 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:40:56.0345 5164 MegaSR - ok
00:40:56.0493 5164 Microsoft SharePoint Workspace Audit Service - ok
00:40:56.0516 5164 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:40:56.0518 5164 MMCSS - ok
00:40:56.0560 5164 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:40:56.0561 5164 Modem - ok
00:40:56.0576 5164 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:40:56.0576 5164 monitor - ok
00:40:56.0607 5164 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:40:56.0608 5164 mouclass - ok
00:40:56.0627 5164 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:40:56.0628 5164 mouhid - ok
00:40:56.0656 5164 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:40:56.0657 5164 mountmgr - ok
00:40:56.0727 5164 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:40:56.0728 5164 MozillaMaintenance - ok
00:40:56.0760 5164 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:40:56.0761 5164 mpio - ok
00:40:56.0779 5164 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:40:56.0780 5164 mpsdrv - ok
00:40:56.0823 5164 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:40:56.0824 5164 MRxDAV - ok
00:40:56.0892 5164 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:40:56.0893 5164 mrxsmb - ok
00:40:56.0938 5164 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:40:56.0940 5164 mrxsmb10 - ok
00:40:56.0962 5164 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:40:56.0963 5164 mrxsmb20 - ok
00:40:57.0038 5164 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:40:57.0039 5164 msahci - ok
00:40:57.0138 5164 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:40:57.0139 5164 msdsm - ok
00:40:57.0219 5164 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:40:57.0221 5164 MSDTC - ok
00:40:57.0284 5164 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:40:57.0285 5164 Msfs - ok
00:40:57.0314 5164 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:40:57.0314 5164 mshidkmdf - ok
00:40:57.0350 5164 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:40:57.0351 5164 msisadrv - ok
00:40:57.0404 5164 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:40:57.0406 5164 MSiSCSI - ok
00:40:57.0416 5164 msiserver - ok
00:40:57.0450 5164 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:40:57.0450 5164 MSKSSRV - ok
00:40:57.0503 5164 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:40:57.0503 5164 MSPCLOCK - ok
00:40:57.0522 5164 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:40:57.0522 5164 MSPQM - ok
00:40:57.0634 5164 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:40:57.0636 5164 MsRPC - ok
00:40:57.0692 5164 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:40:57.0693 5164 mssmbios - ok
00:40:57.0727 5164 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:40:57.0727 5164 MSTEE - ok
00:40:57.0754 5164 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:40:57.0755 5164 MTConfig - ok
00:40:57.0782 5164 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:40:57.0782 5164 Mup - ok
00:40:57.0941 5164 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:40:57.0945 5164 napagent - ok
00:40:57.0979 5164 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:40:57.0981 5164 NativeWifiP - ok
00:40:58.0083 5164 [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
00:40:58.0085 5164 NAUpdate - ok
00:40:58.0455 5164 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:40:58.0460 5164 NDIS - ok
00:40:58.0517 5164 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:40:58.0517 5164 NdisCap - ok
00:40:58.0543 5164 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:40:58.0544 5164 NdisTapi - ok
00:40:58.0583 5164 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:40:58.0584 5164 Ndisuio - ok
00:40:58.0656 5164 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:40:58.0657 5164 NdisWan - ok
00:40:58.0695 5164 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:40:58.0695 5164 NDProxy - ok
00:40:58.0865 5164 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
00:40:58.0869 5164 Nero BackItUp Scheduler 4.0 - ok
00:40:58.0930 5164 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:40:58.0931 5164 NetBIOS - ok
00:40:58.0962 5164 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:40:58.0964 5164 NetBT - ok
00:40:58.0985 5164 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:40:58.0987 5164 Netlogon - ok
00:40:59.0023 5164 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:40:59.0026 5164 Netman - ok
00:40:59.0048 5164 [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:40:59.0050 5164 NetMsmqActivator - ok
00:40:59.0061 5164 [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:40:59.0062 5164 NetPipeActivator - ok
00:40:59.0098 5164 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:40:59.0102 5164 netprofm - ok
00:40:59.0113 5164 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:40:59.0114 5164 NetTcpActivator - ok
00:40:59.0125 5164 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:40:59.0126 5164 NetTcpPortSharing - ok
00:40:59.0162 5164 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:40:59.0163 5164 nfrd960 - ok
00:40:59.0328 5164 [ 503C365AA11A0E42A110A6C20632A1E8 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
00:40:59.0350 5164 NIHardwareService - ok
00:40:59.0423 5164 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:40:59.0425 5164 NlaSvc - ok
00:40:59.0551 5164 [ CD2FE9C33CFD0FE0AF124E05907E5C3D ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
00:40:59.0555 5164 nmservice - ok
00:40:59.0571 5164 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:40:59.0572 5164 Npfs - ok
00:40:59.0596 5164 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:40:59.0598 5164 nsi - ok
00:40:59.0623 5164 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:40:59.0623 5164 nsiproxy - ok
00:40:59.0829 5164 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:40:59.0837 5164 Ntfs - ok
00:40:59.0920 5164 [ BD691091AC7D9713D8F0B07C6B099E6C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
00:40:59.0921 5164 NTI IScheduleSvc - ok
00:40:59.0959 5164 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
00:40:59.0960 5164 NTIDrvr - ok
00:40:59.0988 5164 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:40:59.0989 5164 Null - ok
00:41:00.0023 5164 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
00:41:00.0024 5164 NVHDA - ok
00:41:00.0871 5164 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:41:00.0939 5164 nvlddmkm - ok
00:41:00.0983 5164 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:41:00.0984 5164 nvraid - ok
00:41:01.0022 5164 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:41:01.0025 5164 nvstor - ok
00:41:01.0083 5164 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
00:41:01.0088 5164 nvsvc - ok
00:41:01.0249 5164 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:41:01.0255 5164 nvUpdatusService - ok
00:41:01.0277 5164 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:41:01.0278 5164 nv_agp - ok
00:41:01.0311 5164 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:41:01.0312 5164 ohci1394 - ok
00:41:01.0382 5164 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:41:01.0383 5164 ose - ok
00:41:01.0694 5164 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:41:01.0717 5164 osppsvc - ok
00:41:01.0778 5164 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:41:01.0781 5164 p2pimsvc - ok
00:41:01.0882 5164 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:41:01.0886 5164 p2psvc - ok
00:41:01.0995 5164 [ 08525AD1115D8DACF1920B25861FEA78 ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
00:41:02.0009 5164 PaceLicenseDServices - ok
00:41:02.0067 5164 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:41:02.0068 5164 Parport - ok
00:41:02.0109 5164 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:41:02.0111 5164 partmgr - ok
00:41:02.0181 5164 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:41:02.0183 5164 PcaSvc - ok
00:41:02.0244 5164 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
00:41:02.0245 5164 pci - ok
00:41:02.0285 5164 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:41:02.0285 5164 pciide - ok
00:41:02.0306 5164 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:41:02.0309 5164 pcmcia - ok
00:41:02.0366 5164 [ A87932FF09593BA8D197667A13E2A628 ] PCTBD C:\Windows\system32\Drivers\PCTBD64.sys
00:41:02.0367 5164 PCTBD - ok
00:41:02.0440 5164 [ 876FD95B7A3B7FE6179FBD16E7A6486C ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
00:41:02.0443 5164 PCTCore - ok
00:41:02.0469 5164 [ BA1F42A42F405F62CEFF6B69A2797F7C ] pctDS C:\Windows\system32\drivers\pctDS64.sys
00:41:02.0471 5164 pctDS - ok
00:41:02.0483 5164 PCTINDIS5X64 - ok
00:41:02.0519 5164 [ C4775E7F54F3CC6307B73462B1B802C6 ] PCTSD C:\Windows\system32\Drivers\PCTSD64.sys
00:41:02.0521 5164 PCTSD - ok
00:41:02.0554 5164 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:41:02.0554 5164 pcw - ok
00:41:02.0593 5164 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:41:02.0597 5164 PEAUTH - ok
00:41:02.0679 5164 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:41:02.0680 5164 PerfHost - ok
00:41:02.0783 5164 [ 1D22B3B60A03B6B02986C4E3D1B979C1 ] PinnacleUpdateSvc C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe
00:41:02.0785 5164 PinnacleUpdateSvc - ok
00:41:02.0936 5164 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:41:02.0944 5164 pla - ok
00:41:02.0994 5164 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:41:03.0000 5164 PlugPlay - ok
00:41:03.0029 5164 [ 4FF73A83A25D0EEAD4F5E6C841BB6704 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
00:41:03.0030 5164 pnarp - ok
00:41:03.0046 5164 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:41:03.0048 5164 PNRPAutoReg - ok
00:41:03.0067 5164 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:41:03.0069 5164 PNRPsvc - ok
00:41:03.0159 5164 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:41:03.0162 5164 PolicyAgent - ok
00:41:03.0220 5164 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
00:41:03.0222 5164 Power - ok
00:41:03.0260 5164 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:41:03.0261 5164 PptpMiniport - ok
00:41:03.0292 5164 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:41:03.0293 5164 Processor - ok
00:41:03.0360 5164 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:41:03.0362 5164 ProfSvc - ok
00:41:03.0385 5164 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:41:03.0386 5164 ProtectedStorage - ok
00:41:03.0397 5164 ProtectedStorage32 - ok
00:41:03.0449 5164 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:41:03.0450 5164 Psched - ok
00:41:03.0482 5164 [ 9A68A89F10F283A23AFEE2A1BFE4BFFB ] purendis C:\Windows\system32\DRIVERS\purendis.sys
00:41:03.0483 5164 purendis - ok
00:41:03.0529 5164 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:41:03.0536 5164 ql2300 - ok
00:41:03.0560 5164 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:41:03.0562 5164 ql40xx - ok
00:41:03.0597 5164 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:41:03.0600 5164 QWAVE - ok
00:41:03.0621 5164 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:41:03.0622 5164 QWAVEdrv - ok
00:41:03.0645 5164 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:41:03.0645 5164 RasAcd - ok
00:41:03.0680 5164 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:41:03.0681 5164 RasAgileVpn - ok
00:41:03.0702 5164 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:41:03.0704 5164 RasAuto - ok
00:41:03.0737 5164 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:41:03.0738 5164 Rasl2tp - ok
00:41:03.0797 5164 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:41:03.0800 5164 RasMan - ok
00:41:03.0827 5164 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:41:03.0828 5164 RasPppoe - ok
00:41:03.0846 5164 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:41:03.0847 5164 RasSstp - ok
00:41:03.0911 5164 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:41:03.0912 5164 rdbss - ok
00:41:03.0941 5164 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:41:03.0943 5164 rdpbus - ok
00:41:03.0962 5164 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:41:03.0962 5164 RDPCDD - ok
00:41:03.0991 5164 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:41:03.0991 5164 RDPENCDD - ok
00:41:04.0010 5164 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:41:04.0011 5164 RDPREFMP - ok
00:41:04.0077 5164 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:41:04.0078 5164 RDPWD - ok
00:41:04.0145 5164 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:41:04.0146 5164 rdyboost - ok
00:41:04.0204 5164 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:41:04.0206 5164 RemoteAccess - ok
00:41:04.0258 5164 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:41:04.0261 5164 RemoteRegistry - ok
00:41:04.0401 5164 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
00:41:04.0403 5164 RichVideo - ok
00:41:04.0414 5164 RimUsb - ok
00:41:04.0450 5164 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
00:41:04.0451 5164 RimVSerPort - ok
00:41:04.0488 5164 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
00:41:04.0489 5164 ROOTMODEM - ok
00:41:04.0507 5164 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:41:04.0510 5164 RpcEptMapper - ok
00:41:04.0550 5164 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:41:04.0551 5164 RpcLocator - ok
00:41:04.0651 5164 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:41:04.0655 5164 RpcSs - ok
00:41:04.0680 5164 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:41:04.0681 5164 rspndr - ok
00:41:04.0738 5164 [ 87D5781DFF8AC2EF9BD41B60023BAC50 ] RTCore64 C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
00:41:04.0739 5164 RTCore64 - ok
00:41:04.0764 5164 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:41:04.0765 5164 SamSs - ok
00:41:04.0809 5164 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:41:04.0810 5164 sbp2port - ok
00:41:04.0861 5164 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:41:04.0864 5164 SCardSvr - ok
00:41:04.0917 5164 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
00:41:04.0918 5164 SCDEmu - ok
00:41:04.0946 5164 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:41:04.0947 5164 scfilter - ok
00:41:05.0054 5164 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:41:05.0061 5164 Schedule - ok
00:41:05.0108 5164 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:41:05.0109 5164 SCPolicySvc - ok
00:41:05.0389 5164 [ CFEB26A26452D5337C2F3AADD8218FC3 ] sdAuxService C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
00:41:05.0391 5164 sdAuxService - ok
00:41:05.0450 5164 [ B906C04F469060F2DD7FCB84706B4493 ] sdCoreService C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
00:41:05.0456 5164 sdCoreService - ok
00:41:05.0504 5164 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:41:05.0507 5164 SDRSVC - ok
00:41:05.0540 5164 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:41:05.0541 5164 secdrv - ok
00:41:05.0603 5164 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:41:05.0604 5164 seclogon - ok
00:41:05.0641 5164 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:41:05.0643 5164 SENS - ok
00:41:05.0666 5164 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:41:05.0667 5164 SensrSvc - ok
00:41:05.0693 5164 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:41:05.0694 5164 Serenum - ok
00:41:05.0720 5164 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:41:05.0721 5164 Serial - ok
00:41:05.0763 5164 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:41:05.0764 5164 sermouse - ok
00:41:05.0828 5164 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:41:05.0831 5164 SessionEnv - ok
00:41:05.0875 5164 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:41:05.0875 5164 sffdisk - ok
00:41:05.0899 5164 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:41:05.0900 5164 sffp_mmc - ok
00:41:05.0928 5164 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:41:05.0929 5164 sffp_sd - ok
00:41:05.0950 5164 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:41:05.0951 5164 sfloppy - ok
00:41:06.0032 5164 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:41:06.0035 5164 ShellHWDetection - ok
00:41:06.0065 5164 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:41:06.0066 5164 SiSRaid2 - ok
00:41:06.0077 5164 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:41:06.0078 5164 SiSRaid4 - ok
00:41:06.0123 5164 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
00:41:06.0123 5164 SmartDefragDriver - ok
00:41:06.0137 5164 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:41:06.0139 5164 Smb - ok
00:41:06.0194 5164 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:41:06.0197 5164 SNMPTRAP - ok
00:41:06.0212 5164 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:41:06.0213 5164 spldr - ok
00:41:06.0263 5164 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
00:41:06.0267 5164 Spooler - ok
00:41:06.0521 5164 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:41:06.0541 5164 sppsvc - ok
00:41:06.0589 5164 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:41:06.0591 5164 sppuinotify - ok
00:41:06.0667 5164 [ DFC4E2081324E505CA479E473A78D893 ] sptd C:\Windows\System32\Drivers\sptd.sys
00:41:06.0670 5164 sptd - ok
00:41:06.0711 5164 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:41:06.0714 5164 srv - ok
00:41:06.0757 5164 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:41:06.0759 5164 srv2 - ok
00:41:06.0805 5164 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:41:06.0806 5164 srvnet - ok
00:41:06.0846 5164 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:41:06.0849 5164 SSDPSRV - ok
00:41:06.0867 5164 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:41:06.0869 5164 SstpSvc - ok
00:41:06.0905 5164 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:41:06.0907 5164 stexstor - ok
00:41:06.0950 5164 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:41:06.0954 5164 stisvc - ok
00:41:07.0000 5164 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
00:41:07.0001 5164 swenum - ok
00:41:07.0049 5164 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:41:07.0053 5164 swprv - ok
00:41:07.0122 5164 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:41:07.0132 5164 SysMain - ok
00:41:07.0189 5164 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:41:07.0191 5164 TabletInputService - ok
00:41:07.0230 5164 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:41:07.0233 5164 TapiSrv - ok
00:41:07.0259 5164 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:41:07.0261 5164 TBS - ok
00:41:07.0488 5164 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:41:07.0499 5164 Tcpip - ok
00:41:07.0558 5164 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:41:07.0568 5164 TCPIP6 - ok
00:41:07.0635 5164 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:41:07.0635 5164 tcpipreg - ok
00:41:07.0686 5164 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:41:07.0687 5164 TDPIPE - ok
00:41:07.0725 5164 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:41:07.0726 5164 TDTCP - ok
00:41:07.0766 5164 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:41:07.0767 5164 tdx - ok
00:41:07.0815 5164 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:41:07.0816 5164 TermDD - ok
00:41:07.0924 5164 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:41:07.0928 5164 TermService - ok
00:41:07.0970 5164 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes C:\Windows\system32\themeservice.dll
00:41:07.0973 5164 Themes - ok
00:41:08.0000 5164 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:41:08.0002 5164 THREADORDER - ok
00:41:08.0043 5164 [ 8DD33A57339ADAE34CDB12994ACBC50F ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
00:41:08.0044 5164 Tpkd - ok
00:41:08.0096 5164 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:41:08.0098 5164 TrkWks - ok
00:41:08.0208 5164 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:41:08.0209 5164 TrustedInstaller - ok
00:41:08.0261 5164 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:41:08.0262 5164 tssecsrv - ok
00:41:08.0307 5164 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:41:08.0308 5164 TsUsbFlt - ok
00:41:08.0473 5164 [ 8DD1F81749A966EA5A96CB2D89C9670C ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
00:41:08.0483 5164 TuneUp.UtilitiesSvc - ok
00:41:08.0521 5164 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
00:41:08.0522 5164 TuneUpUtilitiesDrv - ok
00:41:08.0553 5164 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:41:08.0554 5164 tunnel - ok
00:41:08.0600 5164 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:41:08.0601 5164 uagp35 - ok
00:41:08.0617 5164 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
00:41:08.0618 5164 UBHelper - ok
00:41:08.0704 5164 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:41:08.0708 5164 udfs - ok
00:41:08.0776 5164 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:41:08.0778 5164 UI0Detect - ok
00:41:08.0830 5164 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:41:08.0832 5164 uliagpkx - ok
00:41:08.0873 5164 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
00:41:08.0874 5164 umbus - ok
00:41:08.0898 5164 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:41:08.0900 5164 UmPass - ok
00:41:09.0080 5164 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:41:09.0091 5164 UNS - ok
00:41:09.0156 5164 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
00:41:09.0159 5164 Updater Service - ok
00:41:09.0194 5164 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:41:09.0197 5164 upnphost - ok
00:41:09.0237 5164 [ F724B03C3DFAACF08D17D38BF3333583 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:41:09.0238 5164 USBAAPL64 - ok
00:41:09.0292 5164 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:41:09.0293 5164 usbaudio - ok
00:41:09.0330 5164 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:41:09.0331 5164 usbccgp - ok
00:41:09.0374 5164 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:41:09.0375 5164 usbcir - ok
00:41:09.0406 5164 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:41:09.0407 5164 usbehci - ok
00:41:09.0437 5164 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:41:09.0439 5164 usbhub - ok
00:41:09.0479 5164 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:41:09.0480 5164 usbohci - ok
00:41:09.0520 5164 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:41:09.0521 5164 usbprint - ok
00:41:09.0577 5164 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
00:41:09.0578 5164 USBS3S4Detection - ok
00:41:09.0618 5164 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:41:09.0619 5164 usbscan - ok
00:41:09.0653 5164 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:41:09.0654 5164 USBSTOR - ok
00:41:09.0678 5164 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:41:09.0679 5164 usbuhci - ok
00:41:09.0732 5164 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:41:09.0734 5164 UxSms - ok
00:41:09.0771 5164 [ 1CA2321789A7188A36F376905DAF9C0A ] UxTuneUp C:\Windows\System32\uxtuneup.dll
00:41:09.0773 5164 UxTuneUp - ok
00:41:09.0796 5164 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:41:09.0798 5164 VaultSvc - ok
00:41:09.0836 5164 [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
00:41:09.0837 5164 VClone - ok
00:41:09.0874 5164 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:41:09.0874 5164 vdrvroot - ok
00:41:09.0933 5164 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:41:09.0938 5164 vds - ok
00:41:09.0983 5164 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:41:09.0984 5164 vga - ok
00:41:10.0009 5164 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:41:10.0010 5164 VgaSave - ok
00:41:10.0072 5164 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
00:41:10.0074 5164 vhdmp - ok
00:41:10.0108 5164 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:41:10.0109 5164 viaide - ok
00:41:10.0122 5164 vmci - ok
00:41:10.0134 5164 VMnetAdapter - ok
00:41:10.0192 5164 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:41:10.0193 5164 volmgr - ok
00:41:10.0247 5164 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:41:10.0249 5164 volmgrx - ok
00:41:10.0296 5164 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:41:10.0298 5164 volsnap - ok
00:41:10.0365 5164 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:41:10.0366 5164 vsmraid - ok
00:41:10.0790 5164 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:41:10.0799 5164 VSS - ok
00:41:10.0956 5164 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
00:41:10.0960 5164 vToolbarUpdater12.2.6 - ok
00:41:10.0988 5164 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
00:41:10.0990 5164 vwifibus - ok
00:41:11.0047 5164 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:41:11.0051 5164 W32Time - ok
00:41:11.0150 5164 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
00:41:11.0153 5164 W3SVC - ok
00:41:11.0191 5164 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:41:11.0192 5164 WacomPen - ok
00:41:11.0231 5164 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:41:11.0232 5164 WANARP - ok
00:41:11.0245 5164 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:41:11.0246 5164 Wanarpv6 - ok
00:41:11.0273 5164 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
00:41:11.0275 5164 WAS - ok
00:41:11.0457 5164 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:41:11.0463 5164 WatAdminSvc - ok
00:41:11.0599 5164 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:41:11.0608 5164 wbengine - ok
00:41:11.0669 5164 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:41:11.0672 5164 WbioSrvc - ok
00:41:11.0775 5164 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:41:11.0778 5164 wcncsvc - ok
00:41:11.0832 5164 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:41:11.0834 5164 WcsPlugInService - ok
00:41:11.0869 5164 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:41:11.0870 5164 Wd - ok
00:41:11.0989 5164 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:41:11.0994 5164 Wdf01000 - ok
00:41:12.0027 5164 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:41:12.0029 5164 WdiServiceHost - ok
00:41:12.0042 5164 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:41:12.0044 5164 WdiSystemHost - ok
00:41:12.0112 5164 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:41:12.0115 5164 WebClient - ok
00:41:12.0147 5164 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:41:12.0150 5164 Wecsvc - ok
00:41:12.0172 5164 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:41:12.0175 5164 wercplsupport - ok
00:41:12.0198 5164 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:41:12.0201 5164 WerSvc - ok
00:41:12.0224 5164 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:41:12.0225 5164 WfpLwf - ok
00:41:12.0258 5164 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:41:12.0259 5164 WIMMount - ok
00:41:12.0282 5164 WinHttpAutoProxySvc - ok
00:41:12.0347 5164 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:41:12.0349 5164 Winmgmt - ok
00:41:12.0449 5164 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
00:41:12.0450 5164 WinRing0_1_2_0 - ok
00:41:12.0637 5164 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:41:12.0648 5164 WinRM - ok
00:41:12.0731 5164 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:41:12.0733 5164 WinUsb - ok
00:41:12.0811 5164 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:41:12.0817 5164 Wlansvc - ok
00:41:12.0887 5164 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:41:12.0888 5164 wlcrasvc - ok
00:41:13.0004 5164 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:41:13.0015 5164 wlidsvc - ok
00:41:13.0060 5164 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:41:13.0060 5164 WmiAcpi - ok
00:41:13.0124 5164 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:41:13.0126 5164 wmiApSrv - ok
00:41:13.0226 5164 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
00:41:13.0230 5164 WMPNetworkSvc - ok
00:41:13.0263 5164 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:41:13.0266 5164 WPCSvc - ok
00:41:13.0308 5164 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:41:13.0310 5164 WPDBusEnum - ok
00:41:13.0347 5164 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:41:13.0348 5164 ws2ifsl - ok
00:41:13.0362 5164 WSearch - ok
00:41:13.0427 5164 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:41:13.0428 5164 WudfPf - ok
00:41:13.0443 5164 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:41:13.0444 5164 WUDFRd - ok
00:41:13.0501 5164 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:41:13.0503 5164 wudfsvc - ok
00:41:13.0634 5164 [ C088056DFBA2B3A6955EA596EE5CC507 ] WUSB54GCv3 C:\Windows\system32\DRIVERS\WUSB54GCv3.sys
00:41:13.0639 5164 WUSB54GCv3 - ok
00:41:13.0680 5164 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:41:13.0683 5164 WwanSvc - ok
00:41:13.0739 5164 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
00:41:13.0740 5164 xusb21 - ok
00:41:13.0771 5164 ================ Scan global ===============================
00:41:13.0812 5164 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:41:13.0860 5164 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:41:13.0870 5164 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:41:13.0905 5164 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:41:14.0001 5164 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
00:41:14.0007 5164 Suspicious file (NoAccess): C:\Windows\system32\services.exe. md5: 50BEA589F7D7958BDD2528A8F69D05CC
00:41:14.0008 5164 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
00:41:14.0008 5164 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
00:41:14.0011 5164 ================ Scan MBR ==================================
00:41:14.0091 5164 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:41:14.0847 5164 \Device\Harddisk0\DR0 - ok
00:41:14.0849 5164 ================ Scan VBR ==================================
00:41:14.0874 5164 [ B57F793D31CCF623B804A8D8D8DA0EDC ] \Device\Harddisk0\DR0\Partition1
00:41:14.0875 5164 \Device\Harddisk0\DR0\Partition1 - ok
00:41:14.0900 5164 [ 478B5E5A69E490ED07715AB7FA0CECB0 ] \Device\Harddisk0\DR0\Partition2
00:41:14.0901 5164 \Device\Harddisk0\DR0\Partition2 - ok
00:41:14.0904 5164 ============================================================
00:41:14.0904 5164 Scan finished
00:41:14.0904 5164 ============================================================
00:41:14.0916 1228 Detected object count: 1
00:41:14.0916 1228 Actual detected object count: 1

#4 Jonathan M.

Jonathan M.
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 03 October 2012 - 01:12 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-03 00:43:39
-----------------------------
00:43:39.464 OS Version: Windows x64 6.1.7601 Service Pack 1
00:43:39.464 Number of processors: 1 586 0x2502
00:43:39.465 ComputerName: AAYDEN-PC UserName: Aaden
00:43:45.190 Initialize success
00:44:50.599 AVAST engine defs: 12100300
00:44:55.262 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:44:55.265 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
00:44:55.280 Disk 0 MBR read successfully
00:44:55.282 Disk 0 MBR scan
00:44:55.288 Disk 0 Windows 7 default MBR code
00:44:55.291 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14000 MB offset 2048
00:44:55.311 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 28674048
00:44:55.326 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 939767 MB offset 28878848
00:44:55.358 Disk 0 scanning C:\Windows\system32\drivers
00:45:30.842 Service scanning
00:46:16.896 Modules scanning
00:46:16.904 Disk 0 trace - called modules:
00:46:16.920 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys iaStor.sys sptd.sys
00:46:16.924 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007a1d790]
00:46:16.931 3 CLASSPNP.SYS[fffff88001ea343f] -> nt!IofCallDriver -> [0xfffffa8007a1c7b0]
00:46:16.937 5 PCTCore64.sys[fffff88001706720] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005257050]
00:46:19.367 AVAST engine scan C:\Windows
00:46:29.232 AVAST engine scan C:\Windows\system32
00:54:09.635 AVAST engine scan C:\Windows\system32\drivers
00:55:26.028 AVAST engine scan C:\Users\Aaden
01:02:41.804 File: C:\Users\Aaden\AppData\Local\Temp\Intel_Drivers_Update_Utility_2_7_keygen.exe **INFECTED** Win32:MalOb-HU [Cryp]
01:53:04.625 AVAST engine scan C:\ProgramData
02:08:25.309 Scan finished successfully
02:08:46.372 Disk 0 MBR has been saved successfully to "C:\Users\Aaden\Desktop\MBR.dat"
02:08:46.382 The log file has been saved successfully to "C:\Users\Aaden\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:31 PM

Posted 03 October 2012 - 01:33 AM

00:41:14.0008 5164 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
00:41:14.0008 5164 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)


Run TDSSkiller again and select CURE for Virus.Win64.ZAccess.a ,post the new log

#6 Jonathan M.

Jonathan M.
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 03 October 2012 - 02:28 PM

C:\Windows\reset.exe Win32/RiskWare.HackAV.EG application cleaned by deleting - quarantined
C:\Windows\Installer\{c9603364-f6df-36b5-55a3-9c88025412f3}\U\80000032.@ probably a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory multiple threats

#7 Jonathan M.

Jonathan M.
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 03 October 2012 - 02:38 PM

15:27:09.0332 6372 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:27:09.0832 6372 ============================================================
15:27:09.0832 6372 Current date / time: 2012/10/03 15:27:09.0832
15:27:09.0832 6372 SystemInfo:
15:27:09.0832 6372
15:27:09.0833 6372 OS Version: 6.1.7601 ServicePack: 1.0
15:27:09.0833 6372 Product type: Workstation
15:27:09.0833 6372 ComputerName: AAYDEN-PC
15:27:09.0833 6372 UserName: Aaden
15:27:09.0833 6372 Windows directory: C:\Windows
15:27:09.0833 6372 System windows directory: C:\Windows
15:27:09.0833 6372 Running under WOW64
15:27:09.0833 6372 Processor architecture: Intel x64
15:27:09.0833 6372 Number of processors: 1
15:27:09.0833 6372 Page size: 0x1000
15:27:09.0833 6372 Boot type: Normal boot
15:27:09.0833 6372 ============================================================
15:27:10.0133 6372 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:27:10.0379 6372 ============================================================
15:27:10.0379 6372 \Device\Harddisk0\DR0:
15:27:10.0400 6372 MBR partitions:
15:27:10.0400 6372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000
15:27:10.0400 6372 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x72B7BDB0
15:27:10.0400 6372 ============================================================
15:27:10.0482 6372 C: <-> \Device\Harddisk0\DR0\Partition2
15:27:10.0523 6372 ============================================================
15:27:10.0523 6372 Initialize success
15:27:10.0523 6372 ============================================================
15:27:17.0716 5820 ============================================================
15:27:17.0716 5820 Scan started
15:27:17.0716 5820 Mode: Manual; TDLFS;
15:27:17.0716 5820 ============================================================
15:27:21.0622 5820 ================ Scan system memory ========================
15:27:21.0622 5820 System memory - ok
15:27:21.0624 5820 ================ Scan services =============================
15:27:22.0633 5820 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:27:22.0635 5820 1394ohci - ok
15:27:22.0673 5820 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
15:27:22.0711 5820 acedrv11 - ok
15:27:22.0800 5820 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:27:22.0810 5820 ACPI - ok
15:27:22.0848 5820 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:27:22.0864 5820 AcpiPmi - ok
15:27:22.0871 5820 Adobe Licensing Console - ok
15:27:22.0937 5820 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:27:23.0016 5820 adp94xx - ok
15:27:23.0042 5820 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:27:23.0098 5820 adpahci - ok
15:27:23.0135 5820 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:27:23.0139 5820 adpu320 - ok
15:27:23.0177 5820 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:27:23.0179 5820 AeLookupSvc - ok
15:27:23.0215 5820 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:27:23.0236 5820 AFD - ok
15:27:23.0260 5820 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:27:23.0295 5820 agp440 - ok
15:27:23.0345 5820 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:27:23.0347 5820 ALG - ok
15:27:23.0372 5820 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:27:23.0374 5820 aliide - ok
15:27:23.0410 5820 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:27:23.0411 5820 amdide - ok
15:27:23.0432 5820 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:27:23.0448 5820 AmdK8 - ok
15:27:23.0472 5820 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:27:23.0491 5820 AmdPPM - ok
15:27:23.0522 5820 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:27:23.0552 5820 amdsata - ok
15:27:23.0582 5820 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:27:23.0616 5820 amdsbs - ok
15:27:23.0643 5820 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:27:23.0660 5820 amdxata - ok
15:27:23.0723 5820 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
15:27:23.0725 5820 AppHostSvc - ok
15:27:23.0765 5820 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:27:23.0767 5820 AppID - ok
15:27:23.0805 5820 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:27:23.0808 5820 AppIDSvc - ok
15:27:23.0841 5820 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:27:23.0843 5820 Appinfo - ok
15:27:24.0182 5820 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:27:24.0183 5820 Apple Mobile Device - ok
15:27:24.0216 5820 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:27:24.0233 5820 arc - ok
15:27:24.0242 5820 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:27:24.0245 5820 arcsas - ok
15:27:24.0297 5820 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:27:24.0330 5820 AsyncMac - ok
15:27:24.0354 5820 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:27:24.0372 5820 atapi - ok
15:27:24.0433 5820 [ B07E6681D303A612680223C729B021E2 ] ATITool C:\Windows\system32\DRIVERS\ATITool64.sys
15:27:24.0449 5820 ATITool - ok
15:27:24.0494 5820 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:27:24.0517 5820 AudioEndpointBuilder - ok
15:27:24.0529 5820 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:27:24.0533 5820 AudioSrv - ok
15:27:24.0588 5820 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
15:27:24.0591 5820 avgtp - ok
15:27:24.0634 5820 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:27:24.0636 5820 AxInstSV - ok
15:27:24.0679 5820 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:27:24.0684 5820 b06bdrv - ok
15:27:24.0776 5820 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:27:24.0780 5820 b57nd60a - ok
15:27:24.0935 5820 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
15:27:24.0940 5820 BBSvc - ok
15:27:25.0001 5820 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
15:27:25.0003 5820 BBUpdate - ok
15:27:25.0036 5820 [ 2BC216938A30981473FFEDB251196095 ] bcm C:\Windows\system32\DRIVERS\drxvi314_64.sys
15:27:25.0043 5820 bcm - ok
15:27:25.0076 5820 [ D127A82E01D64B6DD6A838DB710CCEA9 ] bcmbusctr C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys
15:27:25.0142 5820 bcmbusctr - ok
15:27:25.0202 5820 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:27:25.0205 5820 BDESVC - ok
15:27:25.0246 5820 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:27:25.0249 5820 Beep - ok
15:27:25.0278 5820 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:27:25.0317 5820 blbdrive - ok
15:27:25.0471 5820 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:27:25.0476 5820 Bonjour Service - ok
15:27:25.0515 5820 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:27:25.0545 5820 bowser - ok
15:27:25.0583 5820 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:27:25.0586 5820 BrFiltLo - ok
15:27:25.0608 5820 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:27:25.0610 5820 BrFiltUp - ok
15:27:25.0655 5820 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:27:25.0661 5820 Browser - ok
15:27:26.0000 5820 [ 7EFFCCD7B6EA4D3428F5B3ACE8DE8F5A ] Browser Defender Update Service C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
15:27:26.0005 5820 Browser Defender Update Service - ok
15:27:26.0396 5820 [ 29E54364A884FF064B76FA1A2BEA3D60 ] Browser Manager C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
15:27:26.0406 5820 Browser Manager - ok
15:27:26.0485 5820 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:27:26.0504 5820 Brserid - ok
15:27:26.0522 5820 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:27:26.0539 5820 BrSerWdm - ok
15:27:26.0570 5820 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:27:26.0586 5820 BrUsbMdm - ok
15:27:26.0610 5820 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:27:26.0612 5820 BrUsbSer - ok
15:27:26.0631 5820 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:27:26.0660 5820 BTHMODEM - ok
15:27:26.0708 5820 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:27:26.0732 5820 bthserv - ok
15:27:26.0746 5820 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:27:26.0748 5820 cdfs - ok
15:27:26.0788 5820 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:27:26.0824 5820 cdrom - ok
15:27:26.0865 5820 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:27:26.0867 5820 CertPropSvc - ok
15:27:26.0887 5820 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:27:26.0890 5820 circlass - ok
15:27:26.0989 5820 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:27:26.0994 5820 CLFS - ok
15:27:27.0222 5820 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:27:27.0224 5820 clr_optimization_v2.0.50727_32 - ok
15:27:27.0265 5820 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:27:27.0267 5820 clr_optimization_v2.0.50727_64 - ok
15:27:27.0334 5820 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:27:27.0337 5820 clr_optimization_v4.0.30319_32 - ok
15:27:27.0455 5820 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:27:27.0458 5820 clr_optimization_v4.0.30319_64 - ok
15:27:27.0486 5820 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:27:27.0500 5820 CmBatt - ok
15:27:27.0548 5820 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:27:27.0550 5820 cmdide - ok
15:27:27.0612 5820 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:27:27.0617 5820 CNG - ok
15:27:27.0940 5820 [ 5DFBD6DCD0568F8CB2355F4B4ED68CB7 ] CodeMeter.exe C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
15:27:27.0955 5820 CodeMeter.exe - ok
15:27:27.0985 5820 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:27:28.0002 5820 Compbatt - ok
15:27:28.0045 5820 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:27:28.0047 5820 CompositeBus - ok
15:27:28.0055 5820 COMSysApp - ok
15:27:28.0080 5820 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:27:28.0082 5820 crcdisk - ok
15:27:28.0142 5820 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:27:28.0145 5820 CryptSvc - ok
15:27:28.0176 5820 [ 20B51198DF64DD6CED07BE75ABC4DF93 ] dalwdmservice C:\Windows\system32\drivers\dalwdm.sys
15:27:28.0182 5820 dalwdmservice - ok
15:27:28.0230 5820 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:27:28.0315 5820 DcomLaunch - ok
15:27:28.0540 5820 [ 2AB40D0F2C34549604C75DC0B54451E7 ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
15:27:28.0548 5820 DefaultTabSearch - ok
15:27:28.0772 5820 [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\Aaden\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
15:27:28.0773 5820 DefaultTabUpdate - ok
15:27:28.0830 5820 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:27:28.0842 5820 defragsvc - ok
15:27:28.0878 5820 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:27:28.0880 5820 DfsC - ok
15:27:28.0917 5820 [ FFE7C108A5211681C21D704C5A467BFD ] DGUSBAP C:\Windows\system32\DRIVERS\dgmbx2.sys
15:27:28.0935 5820 DGUSBAP - ok
15:27:28.0994 5820 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:27:28.0998 5820 Dhcp - ok
15:27:29.0039 5820 [ FAA97C2E28A2A7AFBB156B78FF30F710 ] DigiNet C:\Windows\system32\DRIVERS\diginet.sys
15:27:29.0055 5820 DigiNet - ok
15:27:29.0062 5820 DigiRefresh - ok
15:27:29.0126 5820 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:27:29.0147 5820 discache - ok
15:27:29.0181 5820 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:27:29.0198 5820 Disk - ok
15:27:29.0243 5820 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:27:29.0246 5820 Dnscache - ok
15:27:29.0283 5820 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:27:29.0287 5820 dot3svc - ok
15:27:29.0324 5820 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:27:29.0347 5820 DPS - ok
15:27:29.0365 5820 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:27:29.0383 5820 drmkaud - ok
15:27:29.0442 5820 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:27:29.0445 5820 dtsoftbus01 - ok
15:27:29.0618 5820 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:27:29.0627 5820 DXGKrnl - ok
15:27:29.0732 5820 [ 324FCD2DD8A4229DDEF3CC954FF12FA5 ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
15:27:29.0779 5820 e1kexpress - ok
15:27:29.0835 5820 [ 13533557D01B88C83110D5CF749F14D7 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
15:27:29.0842 5820 eamonm - ok
15:27:29.0878 5820 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:27:29.0881 5820 EapHost - ok
15:27:29.0944 5820 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:27:30.0021 5820 ebdrv - ok
15:27:30.0065 5820 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:27:30.0067 5820 EFS - ok
15:27:30.0106 5820 [ E097728129E7B79BF1089D7AEF42332B ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
15:27:30.0123 5820 ehdrv - ok
15:27:30.0319 5820 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:27:30.0326 5820 ehRecvr - ok
15:27:30.0371 5820 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:27:30.0374 5820 ehSched - ok
15:27:30.0665 5820 [ C7BB95CF9631AA401E4ADED1648F6AF7 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
15:27:30.0674 5820 ekrn - ok
15:27:30.0711 5820 [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
15:27:30.0728 5820 ElbyCDIO - ok
15:27:30.0819 5820 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:27:30.0826 5820 elxstor - ok
15:27:30.0860 5820 [ 198C6FBC30BBD9632EA051203DCCF204 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
15:27:30.0866 5820 epfw - ok
15:27:30.0894 5820 [ 56DE463F517710A8AA44EEF82C35B3C9 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
15:27:30.0926 5820 EpfwLWF - ok
15:27:30.0955 5820 [ 710B0442BB2F99278D7B8E02A8849C11 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
15:27:31.0061 5820 epfwwfp - ok
15:27:31.0150 5820 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:27:31.0193 5820 ErrDev - ok
15:27:31.0340 5820 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:27:31.0541 5820 EventSystem - ok
15:27:31.0619 5820 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:27:31.0991 5820 exfat - ok
15:27:32.0339 5820 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:27:32.0478 5820 fastfat - ok
15:27:32.0775 5820 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:27:34.0241 5820 Fax - ok
15:27:34.0297 5820 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:27:34.0326 5820 fdc - ok
15:27:34.0388 5820 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:27:34.0390 5820 fdPHost - ok
15:27:34.0416 5820 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:27:34.0418 5820 FDResPub - ok
15:27:34.0443 5820 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:27:34.0451 5820 FileInfo - ok
15:27:34.0485 5820 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:27:34.0504 5820 Filetrace - ok
15:27:34.0536 5820 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:27:34.0539 5820 flpydisk - ok
15:27:34.0584 5820 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:27:34.0590 5820 FltMgr - ok
15:27:34.0813 5820 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:27:34.0865 5820 FontCache - ok
15:27:34.0946 5820 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:27:34.0948 5820 FontCache3.0.0.0 - ok
15:27:34.0983 5820 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:27:34.0985 5820 FsDepends - ok
15:27:35.0026 5820 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:27:35.0042 5820 fssfltr - ok
15:27:35.0262 5820 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:27:35.0318 5820 fsssvc - ok
15:27:35.0357 5820 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:27:35.0359 5820 Fs_Rec - ok
15:27:35.0396 5820 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:27:35.0409 5820 fvevol - ok
15:27:35.0433 5820 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:27:35.0476 5820 gagp30kx - ok
15:27:35.0645 5820 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:27:35.0648 5820 GamesAppService - ok
15:27:35.0684 5820 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:27:35.0772 5820 GEARAspiWDM - ok
15:27:35.0853 5820 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:27:35.0860 5820 gpsvc - ok
15:27:36.0123 5820 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
15:27:36.0138 5820 Greg_Service - ok
15:27:36.0296 5820 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:27:36.0297 5820 gupdate - ok
15:27:36.0306 5820 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:27:36.0307 5820 gupdatem - ok
15:27:36.0341 5820 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:27:36.0344 5820 hcw85cir - ok
15:27:36.0389 5820 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:27:36.0396 5820 HdAudAddService - ok
15:27:36.0421 5820 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:27:36.0422 5820 HDAudBus - ok
15:27:36.0469 5820 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:27:36.0532 5820 HECIx64 - ok
15:27:36.0556 5820 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:27:36.0586 5820 HidBatt - ok
15:27:36.0619 5820 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:27:36.0635 5820 HidBth - ok
15:27:36.0664 5820 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:27:36.0695 5820 HidIr - ok
15:27:36.0728 5820 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:27:36.0730 5820 hidserv - ok
15:27:36.0759 5820 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:27:36.0777 5820 HidUsb - ok
15:27:36.0815 5820 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:27:36.0817 5820 hkmsvc - ok
15:27:36.0861 5820 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:27:36.0866 5820 HomeGroupListener - ok
15:27:36.0875 5820 HomeGroupListener32 - ok
15:27:36.0903 5820 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:27:36.0906 5820 HomeGroupProvider - ok
15:27:36.0928 5820 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:27:36.0931 5820 HpSAMD - ok
15:27:37.0067 5820 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:27:37.0074 5820 HTTP - ok
15:27:37.0129 5820 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:27:37.0159 5820 hwpolicy - ok
15:27:37.0193 5820 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:27:37.0196 5820 i8042prt - ok
15:27:37.0337 5820 [ 88D26E2881646FAD2B2114CF8C75FC3C ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:27:37.0358 5820 iaStor - ok
15:27:37.0519 5820 [ E649C7C8591D71A0489E356402D16F4C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:27:37.0520 5820 IAStorDataMgrSvc - ok
15:27:37.0667 5820 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:27:37.0692 5820 iaStorV - ok
15:27:37.0833 5820 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:27:37.0835 5820 IDriverT - ok
15:27:37.0891 5820 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:27:37.0901 5820 idsvc - ok
15:27:38.0726 5820 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:27:38.0939 5820 igfx - ok
15:27:38.0977 5820 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:27:38.0980 5820 iirsp - ok
15:27:39.0022 5820 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:27:39.0047 5820 IKEEXT - ok
15:27:39.0200 5820 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:27:39.0318 5820 IntcAzAudAddService - ok
15:27:39.0369 5820 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:27:39.0389 5820 IntcDAud - ok
15:27:39.0464 5820 [ FE098EF3DB8E8064CF6BE4CA6DD1FDF0 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
15:27:39.0468 5820 Intel® PROSet Monitoring Service - ok
15:27:39.0514 5820 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:27:39.0517 5820 intelide - ok
15:27:39.0545 5820 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:27:39.0546 5820 intelppm - ok
15:27:39.0583 5820 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:27:39.0586 5820 IPBusEnum - ok
15:27:39.0624 5820 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:27:39.0626 5820 IpFilterDriver - ok
15:27:39.0657 5820 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:27:39.0660 5820 IPMIDRV - ok
15:27:39.0678 5820 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:27:39.0681 5820 IPNAT - ok
15:27:39.0753 5820 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:27:39.0762 5820 iPod Service - ok
15:27:39.0799 5820 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:27:39.0801 5820 IRENUM - ok
15:27:39.0832 5820 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:27:39.0849 5820 isapnp - ok
15:27:39.0903 5820 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:27:39.0941 5820 iScsiPrt - ok
15:27:39.0976 5820 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:27:39.0978 5820 kbdclass - ok
15:27:40.0007 5820 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:27:40.0010 5820 kbdhid - ok
15:27:40.0031 5820 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:27:40.0033 5820 KeyIso - ok
15:27:40.0043 5820 KMService - ok
15:27:40.0081 5820 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:27:40.0083 5820 KSecDD - ok
15:27:40.0120 5820 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:27:40.0123 5820 KSecPkg - ok
15:27:40.0140 5820 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:27:40.0142 5820 ksthunk - ok
15:27:40.0181 5820 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:27:40.0187 5820 KtmRm - ok
15:27:40.0227 5820 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:27:40.0241 5820 LanmanServer - ok
15:27:40.0271 5820 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:27:40.0274 5820 LanmanWorkstation - ok
15:27:40.0305 5820 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:27:40.0307 5820 lltdio - ok
15:27:40.0344 5820 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:27:40.0363 5820 lltdsvc - ok
15:27:40.0375 5820 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:27:40.0377 5820 lmhosts - ok
15:27:40.0434 5820 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:27:40.0440 5820 LMS - ok
15:27:40.0484 5820 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:27:40.0502 5820 LSI_FC - ok
15:27:40.0531 5820 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:27:40.0548 5820 LSI_SAS - ok
15:27:40.0583 5820 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:27:40.0600 5820 LSI_SAS2 - ok
15:27:40.0630 5820 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:27:40.0647 5820 LSI_SCSI - ok
15:27:40.0674 5820 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:27:40.0676 5820 luafv - ok
15:27:40.0694 5820 MAUSBMIDI - ok
15:27:40.0715 5820 [ CDBC1E51FF342EAD0CCD7EFB0F27A2EE ] MBX2DFU C:\Windows\system32\DRIVERS\dgmbx2fu.sys
15:27:40.0732 5820 MBX2DFU - ok
15:27:40.0774 5820 [ A8E67055E039356F81C29D25357F22F2 ] MBX2MIDK C:\Windows\system32\drivers\mbx2midk.sys
15:27:40.0805 5820 MBX2MIDK - ok
15:27:40.0869 5820 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:27:40.0873 5820 Mcx2Svc - ok
15:27:40.0896 5820 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:27:40.0926 5820 megasas - ok
15:27:40.0939 5820 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:27:40.0960 5820 MegaSR - ok
15:27:41.0038 5820 Microsoft SharePoint Workspace Audit Service - ok
15:27:41.0067 5820 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:27:41.0071 5820 MMCSS - ok
15:27:41.0083 5820 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:27:41.0085 5820 Modem - ok
15:27:41.0102 5820 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:27:41.0102 5820 monitor - ok
15:27:41.0142 5820 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:27:41.0144 5820 mouclass - ok
15:27:41.0153 5820 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:27:41.0155 5820 mouhid - ok
15:27:41.0190 5820 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:27:41.0192 5820 mountmgr - ok
15:27:41.0262 5820 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:27:41.0264 5820 MozillaMaintenance - ok
15:27:41.0294 5820 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:27:41.0297 5820 mpio - ok
15:27:41.0325 5820 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:27:41.0332 5820 mpsdrv - ok
15:27:41.0369 5820 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:27:41.0373 5820 MRxDAV - ok
15:27:41.0415 5820 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:27:41.0417 5820 mrxsmb - ok
15:27:41.0462 5820 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:27:41.0466 5820 mrxsmb10 - ok
15:27:41.0496 5820 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:27:41.0499 5820 mrxsmb20 - ok
15:27:41.0517 5820 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:27:41.0519 5820 msahci - ok
15:27:41.0562 5820 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:27:41.0564 5820 msdsm - ok
15:27:41.0598 5820 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:27:41.0602 5820 MSDTC - ok
15:27:41.0641 5820 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:27:41.0643 5820 Msfs - ok
15:27:41.0659 5820 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:27:41.0661 5820 mshidkmdf - ok
15:27:41.0696 5820 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:27:41.0713 5820 msisadrv - ok
15:27:41.0761 5820 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:27:41.0774 5820 MSiSCSI - ok
15:27:41.0787 5820 msiserver - ok
15:27:41.0817 5820 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:27:41.0819 5820 MSKSSRV - ok
15:27:41.0837 5820 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:27:41.0839 5820 MSPCLOCK - ok
15:27:41.0856 5820 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:27:41.0858 5820 MSPQM - ok
15:27:41.0901 5820 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:27:41.0906 5820 MsRPC - ok
15:27:41.0960 5820 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:27:41.0961 5820 mssmbios - ok
15:27:41.0983 5820 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:27:41.0985 5820 MSTEE - ok
15:27:42.0011 5820 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:27:42.0012 5820 MTConfig - ok
15:27:42.0039 5820 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:27:42.0041 5820 Mup - ok
15:27:42.0087 5820 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:27:42.0093 5820 napagent - ok
15:27:42.0135 5820 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:27:42.0153 5820 NativeWifiP - ok
15:27:42.0284 5820 [ E4534BCCDD1EA7A7A256BB9D6688A5FC ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:27:42.0290 5820 NAUpdate - ok
15:27:42.0345 5820 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:27:42.0354 5820 NDIS - ok
15:27:42.0396 5820 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:27:42.0397 5820 NdisCap - ok
15:27:42.0422 5820 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:27:42.0424 5820 NdisTapi - ok
15:27:42.0462 5820 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:27:42.0464 5820 Ndisuio - ok
15:27:42.0501 5820 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:27:42.0504 5820 NdisWan - ok
15:27:42.0540 5820 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:27:42.0542 5820 NDProxy - ok
15:27:42.0678 5820 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
15:27:42.0683 5820 Nero BackItUp Scheduler 4.0 - ok
15:27:42.0709 5820 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:27:42.0711 5820 NetBIOS - ok
15:27:42.0752 5820 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:27:42.0756 5820 NetBT - ok
15:27:42.0775 5820 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:27:42.0777 5820 Netlogon - ok
15:27:42.0813 5820 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:27:42.0818 5820 Netman - ok
15:27:42.0861 5820 [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:27:42.0868 5820 NetMsmqActivator - ok
15:27:42.0879 5820 [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:27:42.0880 5820 NetPipeActivator - ok
15:27:42.0944 5820 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:27:42.0949 5820 netprofm - ok
15:27:42.0962 5820 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:27:42.0963 5820 NetTcpActivator - ok
15:27:42.0974 5820 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:27:42.0975 5820 NetTcpPortSharing - ok
15:27:43.0008 5820 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:27:43.0010 5820 nfrd960 - ok
15:27:43.0295 5820 [ 503C365AA11A0E42A110A6C20632A1E8 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
15:27:43.0375 5820 NIHardwareService - ok
15:27:43.0491 5820 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:27:43.0495 5820 NlaSvc - ok
15:27:43.0586 5820 [ CD2FE9C33CFD0FE0AF124E05907E5C3D ] nmservice C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
15:27:43.0593 5820 nmservice - ok
15:27:43.0639 5820 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:27:43.0640 5820 Npfs - ok
15:27:43.0653 5820 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:27:43.0655 5820 nsi - ok
15:27:43.0691 5820 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:27:43.0692 5820 nsiproxy - ok
15:27:43.0762 5820 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:27:43.0804 5820 Ntfs - ok
15:27:43.0887 5820 [ BD691091AC7D9713D8F0B07C6B099E6C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
15:27:43.0891 5820 NTI IScheduleSvc - ok
15:27:43.0905 5820 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
15:27:43.0959 5820 NTIDrvr - ok
15:27:43.0989 5820 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:27:43.0991 5820 Null - ok
15:27:44.0023 5820 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:27:44.0028 5820 NVHDA - ok
15:27:44.0320 5820 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:27:44.0670 5820 nvlddmkm - ok
15:27:44.0719 5820 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:27:44.0721 5820 nvraid - ok
15:27:44.0757 5820 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:27:44.0760 5820 nvstor - ok
15:27:44.0807 5820 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:27:44.0829 5820 nvsvc - ok
15:27:44.0903 5820 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:27:44.0913 5820 nvUpdatusService - ok
15:27:44.0933 5820 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:27:44.0968 5820 nv_agp - ok
15:27:45.0012 5820 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:27:45.0028 5820 ohci1394 - ok
15:27:45.0141 5820 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:27:45.0145 5820 ose - ok
15:27:45.0297 5820 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:27:45.0381 5820 osppsvc - ok
15:27:45.0446 5820 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:27:45.0450 5820 p2pimsvc - ok
15:27:45.0484 5820 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:27:45.0490 5820 p2psvc - ok
15:27:45.0619 5820 [ 08525AD1115D8DACF1920B25861FEA78 ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
15:27:45.0704 5820 PaceLicenseDServices - ok
15:27:45.0750 5820 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:27:45.0755 5820 Parport - ok
15:27:45.0799 5820 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:27:45.0802 5820 partmgr - ok
15:27:45.0836 5820 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:27:45.0841 5820 PcaSvc - ok
15:27:45.0878 5820 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:27:45.0945 5820 pci - ok
15:27:45.0997 5820 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:27:45.0998 5820 pciide - ok
15:27:46.0011 5820 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:27:46.0014 5820 pcmcia - ok
15:27:46.0068 5820 [ A87932FF09593BA8D197667A13E2A628 ] PCTBD C:\Windows\system32\Drivers\PCTBD64.sys
15:27:46.0072 5820 PCTBD - ok
15:27:46.0166 5820 [ 876FD95B7A3B7FE6179FBD16E7A6486C ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
15:27:46.0243 5820 PCTCore - ok
15:27:46.0281 5820 [ BA1F42A42F405F62CEFF6B69A2797F7C ] pctDS C:\Windows\system32\drivers\pctDS64.sys
15:27:46.0339 5820 pctDS - ok
15:27:46.0349 5820 PCTINDIS5X64 - ok
15:27:46.0398 5820 [ C4775E7F54F3CC6307B73462B1B802C6 ] PCTSD C:\Windows\system32\Drivers\PCTSD64.sys
15:27:46.0406 5820 PCTSD - ok
15:27:46.0433 5820 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:27:46.0435 5820 pcw - ok
15:27:46.0470 5820 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:27:46.0490 5820 PEAUTH - ok
15:27:46.0581 5820 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:27:46.0583 5820 PerfHost - ok
15:27:46.0685 5820 [ 1D22B3B60A03B6B02986C4E3D1B979C1 ] PinnacleUpdateSvc C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe
15:27:46.0706 5820 PinnacleUpdateSvc - ok
15:27:46.0771 5820 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:27:46.0785 5820 pla - ok
15:27:46.0851 5820 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:27:46.0857 5820 PlugPlay - ok
15:27:46.0889 5820 [ 4FF73A83A25D0EEAD4F5E6C841BB6704 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
15:27:46.0892 5820 pnarp - ok
15:27:46.0915 5820 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:27:46.0993 5820 PNRPAutoReg - ok
15:27:47.0013 5820 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:27:47.0016 5820 PNRPsvc - ok
15:27:47.0059 5820 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:27:47.0065 5820 PolicyAgent - ok
15:27:47.0122 5820 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:27:47.0125 5820 Power - ok
15:27:47.0163 5820 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:27:47.0165 5820 PptpMiniport - ok
15:27:47.0209 5820 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:27:47.0226 5820 Processor - ok
15:27:47.0284 5820 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:27:47.0290 5820 ProfSvc - ok
15:27:47.0332 5820 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:27:47.0333 5820 ProtectedStorage - ok
15:27:47.0343 5820 ProtectedStorage32 - ok
15:27:47.0406 5820 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:27:47.0408 5820 Psched - ok
15:27:47.0440 5820 [ 9A68A89F10F283A23AFEE2A1BFE4BFFB ] purendis C:\Windows\system32\DRIVERS\purendis.sys
15:27:47.0450 5820 purendis - ok
15:27:47.0508 5820 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:27:47.0522 5820 ql2300 - ok
15:27:47.0552 5820 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:27:47.0554 5820 ql40xx - ok
15:27:47.0594 5820 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:27:47.0599 5820 QWAVE - ok
15:27:47.0656 5820 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:27:47.0665 5820 QWAVEdrv - ok
15:27:47.0692 5820 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:27:47.0694 5820 RasAcd - ok
15:27:47.0760 5820 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:27:47.0763 5820 RasAgileVpn - ok
15:27:47.0793 5820 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:27:47.0796 5820 RasAuto - ok
15:27:47.0839 5820 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:27:47.0842 5820 Rasl2tp - ok
15:27:47.0888 5820 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:27:47.0893 5820 RasMan - ok
15:27:47.0918 5820 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:27:47.0920 5820 RasPppoe - ok
15:27:47.0941 5820 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:27:47.0946 5820 RasSstp - ok
15:27:48.0048 5820 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:27:48.0052 5820 rdbss - ok
15:27:48.0088 5820 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:27:48.0090 5820 rdpbus - ok
15:27:48.0108 5820 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:27:48.0110 5820 RDPCDD - ok
15:27:48.0137 5820 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:27:48.0139 5820 RDPENCDD - ok
15:27:48.0156 5820 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:27:48.0160 5820 RDPREFMP - ok
15:27:48.0257 5820 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:27:48.0276 5820 RDPWD - ok
15:27:48.0330 5820 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:27:48.0334 5820 rdyboost - ok
15:27:48.0428 5820 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:27:48.0432 5820 RemoteAccess - ok
15:27:48.0448 5820 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:27:48.0452 5820 RemoteRegistry - ok
15:27:48.0547 5820 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
15:27:48.0549 5820 RichVideo - ok
15:27:48.0561 5820 RimUsb - ok
15:27:48.0595 5820 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:27:48.0598 5820 RimVSerPort - ok
15:27:48.0656 5820 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:27:48.0658 5820 ROOTMODEM - ok
15:27:48.0686 5820 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:27:48.0695 5820 RpcEptMapper - ok
15:27:48.0731 5820 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:27:48.0733 5820 RpcLocator - ok
15:27:48.0787 5820 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:27:48.0790 5820 RpcSs - ok
15:27:48.0848 5820 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:27:48.0850 5820 rspndr - ok
15:27:48.0906 5820 [ 87D5781DFF8AC2EF9BD41B60023BAC50 ] RTCore64 C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
15:27:48.0922 5820 RTCore64 - ok
15:27:48.0954 5820 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:27:48.0955 5820 SamSs - ok
15:27:48.0999 5820 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:27:49.0021 5820 sbp2port - ok
15:27:49.0062 5820 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:27:49.0070 5820 SCardSvr - ok
15:27:49.0108 5820 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
15:27:49.0131 5820 SCDEmu - ok
15:27:49.0169 5820 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:27:49.0171 5820 scfilter - ok
15:27:49.0222 5820 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:27:49.0252 5820 Schedule - ok
15:27:49.0298 5820 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:27:49.0299 5820 SCPolicySvc - ok
15:27:49.0679 5820 [ CFEB26A26452D5337C2F3AADD8218FC3 ] sdAuxService C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
15:27:49.0688 5820 sdAuxService - ok
15:27:49.0740 5820 [ B906C04F469060F2DD7FCB84706B4493 ] sdCoreService C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
15:27:49.0753 5820 sdCoreService - ok
15:27:49.0906 5820 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:27:49.0931 5820 SDRSVC - ok
15:27:49.0964 5820 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:27:49.0980 5820 secdrv - ok
15:27:50.0048 5820 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:27:50.0051 5820 seclogon - ok
15:27:50.0109 5820 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:27:50.0146 5820 SENS - ok
15:27:50.0200 5820 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:27:50.0218 5820 SensrSvc - ok
15:27:50.0261 5820 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:27:50.0263 5820 Serenum - ok
15:27:50.0288 5820 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:27:50.0290 5820 Serial - ok
15:27:50.0331 5820 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:27:50.0347 5820 sermouse - ok
15:27:50.0440 5820 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:27:50.0443 5820 SessionEnv - ok
15:27:50.0487 5820 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:27:50.0512 5820 sffdisk - ok
15:27:50.0548 5820 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:27:50.0551 5820 sffp_mmc - ok
15:27:50.0574 5820 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:27:50.0576 5820 sffp_sd - ok
15:27:50.0629 5820 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:27:50.0646 5820 sfloppy - ok
15:27:50.0745 5820 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:27:50.0750 5820 ShellHWDetection - ok
15:27:50.0777 5820 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:27:50.0779 5820 SiSRaid2 - ok
15:27:50.0791 5820 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:27:50.0808 5820 SiSRaid4 - ok
15:27:50.0885 5820 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
15:27:50.0903 5820 SmartDefragDriver - ok
15:27:50.0979 5820 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:27:50.0981 5820 Smb - ok
15:27:51.0051 5820 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:27:51.0075 5820 SNMPTRAP - ok
15:27:51.0102 5820 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:27:51.0103 5820 spldr - ok
15:27:51.0208 5820 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:27:51.0215 5820 Spooler - ok
15:27:51.0676 5820 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:27:51.0756 5820 sppsvc - ok
15:27:51.0812 5820 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:27:51.0815 5820 sppuinotify - ok
15:27:51.0868 5820 [ DFC4E2081324E505CA479E473A78D893 ] sptd C:\Windows\System32\Drivers\sptd.sys
15:27:51.0926 5820 sptd - ok
15:27:52.0073 5820 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:27:52.0078 5820 srv - ok
15:27:52.0124 5820 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:27:52.0144 5820 srv2 - ok
15:27:52.0195 5820 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:27:52.0215 5820 srvnet - ok
15:27:52.0259 5820 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:27:52.0281 5820 SSDPSRV - ok
15:27:52.0314 5820 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:27:52.0388 5820 SstpSvc - ok
15:27:52.0448 5820 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:27:52.0477 5820 stexstor - ok
15:27:52.0590 5820 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:27:52.0647 5820 stisvc - ok
15:27:52.0712 5820 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:27:52.0729 5820 swenum - ok
15:27:52.0798 5820 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:27:52.0829 5820 swprv - ok
15:27:52.0955 5820 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:27:53.0002 5820 SysMain - ok
15:27:53.0046 5820 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:27:53.0079 5820 TabletInputService - ok
15:27:53.0421 5820 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:27:53.0426 5820 TapiSrv - ok
15:27:53.0471 5820 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:27:53.0473 5820 TBS - ok
15:27:53.0578 5820 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:27:53.0619 5820 Tcpip - ok
15:27:53.0649 5820 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:27:53.0658 5820 TCPIP6 - ok
15:27:53.0747 5820 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:27:53.0748 5820 tcpipreg - ok
15:27:53.0798 5820 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:27:53.0800 5820 TDPIPE - ok
15:27:53.0837 5820 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:27:53.0839 5820 TDTCP - ok
15:27:53.0878 5820 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:27:53.0880 5820 tdx - ok
15:27:53.0916 5820 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:27:53.0933 5820 TermDD - ok
15:27:54.0047 5820 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:27:54.0068 5820 TermService - ok
15:27:54.0105 5820 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes C:\Windows\system32\themeservice.dll
15:27:54.0108 5820 Themes - ok
15:27:54.0145 5820 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:27:54.0147 5820 THREADORDER - ok
15:27:54.0188 5820 [ 8DD33A57339ADAE34CDB12994ACBC50F ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
15:27:54.0206 5820 Tpkd - ok
15:27:54.0274 5820 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:27:54.0278 5820 TrkWks - ok
15:27:54.0342 5820 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:27:54.0345 5820 TrustedInstaller - ok
15:27:54.0396 5820 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:27:54.0398 5820 tssecsrv - ok
15:27:54.0430 5820 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:27:54.0432 5820 TsUsbFlt - ok
15:27:54.0519 5820 [ 8DD1F81749A966EA5A96CB2D89C9670C ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
15:27:54.0561 5820 TuneUp.UtilitiesSvc - ok
15:27:54.0622 5820 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
15:27:54.0635 5820 TuneUpUtilitiesDrv - ok
15:27:54.0690 5820 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:27:54.0696 5820 tunnel - ok
15:27:54.0737 5820 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:27:54.0758 5820 uagp35 - ok
15:27:54.0815 5820 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
15:27:54.0869 5820 UBHelper - ok
15:27:54.0949 5820 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:27:54.0954 5820 udfs - ok
15:27:55.0000 5820 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:27:55.0003 5820 UI0Detect - ok
15:27:55.0043 5820 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:27:55.0059 5820 uliagpkx - ok
15:27:55.0108 5820 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:27:55.0109 5820 umbus - ok
15:27:55.0132 5820 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:27:55.0134 5820 UmPass - ok
15:27:55.0237 5820 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:27:55.0294 5820 UNS - ok
15:27:55.0357 5820 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
15:27:55.0359 5820 Updater Service - ok
15:27:55.0384 5820 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:27:55.0389 5820 upnphost - ok
15:27:55.0682 5820 [ F724B03C3DFAACF08D17D38BF3333583 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:27:55.0719 5820 USBAAPL64 - ok
15:27:55.0971 5820 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:27:55.0991 5820 usbaudio - ok
15:27:56.0076 5820 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:27:56.0078 5820 usbccgp - ok
15:27:56.0113 5820 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:27:56.0115 5820 usbcir - ok
15:27:56.0374 5820 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:27:56.0396 5820 usbehci - ok
15:27:56.0534 5820 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:27:56.0558 5820 usbhub - ok
15:27:56.0657 5820 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:27:56.0691 5820 usbohci - ok
15:27:56.0799 5820 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:27:56.0801 5820 usbprint - ok
15:27:57.0133 5820 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
15:27:57.0134 5820 USBS3S4Detection - ok
15:27:57.0404 5820 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:27:57.0406 5820 usbscan - ok
15:27:57.0443 5820 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:27:57.0445 5820 USBSTOR - ok
15:27:57.0479 5820 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:27:57.0481 5820 usbuhci - ok
15:27:57.0511 5820 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:27:57.0514 5820 UxSms - ok
15:27:57.0550 5820 [ 1CA2321789A7188A36F376905DAF9C0A ] UxTuneUp C:\Windows\System32\uxtuneup.dll
15:27:57.0553 5820 UxTuneUp - ok
15:27:57.0576 5820 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:27:57.0577 5820 VaultSvc - ok
15:27:57.0614 5820 [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
15:27:57.0631 5820 VClone - ok
15:27:57.0674 5820 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:27:57.0704 5820 vdrvroot - ok
15:27:57.0777 5820 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:27:57.0784 5820 vds - ok
15:27:57.0840 5820 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:27:57.0842 5820 vga - ok
15:27:57.0865 5820 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:27:57.0867 5820 VgaSave - ok
15:27:57.0907 5820 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:27:57.0910 5820 vhdmp - ok
15:27:57.0954 5820 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:27:57.0956 5820 viaide - ok
15:27:57.0968 5820 vmci - ok
15:27:57.0980 5820 VMnetAdapter - ok
15:27:58.0026 5820 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:27:58.0055 5820 volmgr - ok
15:27:58.0115 5820 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:27:58.0119 5820 volmgrx - ok
15:27:58.0163 5820 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:27:58.0167 5820 volsnap - ok
15:27:58.0210 5820 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:27:58.0213 5820 vsmraid - ok
15:27:58.0279 5820 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:27:58.0300 5820 VSS - ok
15:27:58.0413 5820 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
15:27:58.0417 5820 vToolbarUpdater12.2.6 - ok
15:27:58.0445 5820 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:27:58.0459 5820 vwifibus - ok
15:27:58.0515 5820 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:27:58.0520 5820 W32Time - ok
15:27:58.0574 5820 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
15:27:58.0578 5820 W3SVC - ok
15:27:58.0603 5820 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:27:58.0608 5820 WacomPen - ok
15:27:58.0654 5820 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:27:58.0656 5820 WANARP - ok
15:27:58.0668 5820 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:27:58.0669 5820 Wanarpv6 - ok
15:27:58.0687 5820 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
15:27:58.0689 5820 WAS - ok
15:27:58.0746 5820 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:27:58.0766 5820 WatAdminSvc - ok
15:27:58.0845 5820 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:27:58.0860 5820 wbengine - ok
15:27:58.0890 5820 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:27:58.0894 5820 WbioSrvc - ok
15:27:58.0943 5820 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:27:58.0948 5820 wcncsvc - ok
15:27:58.0988 5820 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:27:59.0006 5820 WcsPlugInService - ok
15:27:59.0018 5820 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:27:59.0021 5820 Wd - ok
15:27:59.0057 5820 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:27:59.0064 5820 Wdf01000 - ok
15:27:59.0106 5820 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:27:59.0109 5820 WdiServiceHost - ok
15:27:59.0121 5820 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:27:59.0123 5820 WdiSystemHost - ok
15:27:59.0180 5820 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:27:59.0184 5820 WebClient - ok
15:27:59.0214 5820 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:27:59.0219 5820 Wecsvc - ok
15:27:59.0240 5820 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:27:59.0243 5820 wercplsupport - ok
15:27:59.0264 5820 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:27:59.0267 5820 WerSvc - ok
15:27:59.0292 5820 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:27:59.0293 5820 WfpLwf - ok
15:27:59.0306 5820 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:27:59.0308 5820 WIMMount - ok
15:27:59.0329 5820 WinHttpAutoProxySvc - ok
15:27:59.0415 5820 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:27:59.0418 5820 Winmgmt - ok
15:28:00.0117 5820 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
15:28:00.0132 5820 WinRing0_1_2_0 - ok
15:28:00.0461 5820 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:28:00.0480 5820 WinRM - ok
15:28:00.0743 5820 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:28:00.0764 5820 WinUsb - ok
15:28:00.0957 5820 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:28:00.0966 5820 Wlansvc - ok
15:28:01.0033 5820 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:28:01.0037 5820 wlcrasvc - ok
15:28:01.0829 5820 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:28:01.0872 5820 wlidsvc - ok
15:28:01.0916 5820 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:28:01.0917 5820 WmiAcpi - ok
15:28:01.0958 5820 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:28:01.0961 5820 wmiApSrv - ok
15:28:02.0225 5820 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
15:28:02.0259 5820 WMPNetworkSvc - ok
15:28:02.0320 5820 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:28:02.0396 5820 WPCSvc - ok
15:28:02.0453 5820 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:28:02.0475 5820 WPDBusEnum - ok
15:28:02.0537 5820 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:28:02.0570 5820 ws2ifsl - ok
15:28:02.0584 5820 WSearch - ok
15:28:02.0639 5820 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:28:02.0677 5820 WudfPf - ok
15:28:02.0732 5820 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:28:02.0751 5820 WUDFRd - ok
15:28:02.0802 5820 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:28:02.0805 5820 wudfsvc - ok
15:28:02.0902 5820 [ C088056DFBA2B3A6955EA596EE5CC507 ] WUSB54GCv3 C:\Windows\system32\DRIVERS\WUSB54GCv3.sys
15:28:03.0058 5820 WUSB54GCv3 - ok
15:28:03.0103 5820 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:28:03.0107 5820 WwanSvc - ok
15:28:03.0195 5820 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:28:03.0222 5820 xusb21 - ok
15:28:03.0252 5820 ================ Scan global ===============================
15:28:03.0324 5820 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:28:03.0471 5820 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:28:03.0488 5820 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:28:03.0528 5820 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:28:03.0579 5820 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
15:28:03.0587 5820 Suspicious file (NoAccess): C:\Windows\system32\services.exe. md5: 50BEA589F7D7958BDD2528A8F69D05CC
15:28:03.0587 5820 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
15:28:03.0587 5820 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
15:28:03.0590 5820 ================ Scan MBR ==================================
15:28:03.0670 5820 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:28:10.0259 5820 \Device\Harddisk0\DR0 - ok
15:28:10.0262 5820 ================ Scan VBR ==================================
15:28:10.0297 5820 [ B57F793D31CCF623B804A8D8D8DA0EDC ] \Device\Harddisk0\DR0\Partition1
15:28:10.0298 5820 \Device\Harddisk0\DR0\Partition1 - ok
15:28:10.0312 5820 [ 478B5E5A69E490ED07715AB7FA0CECB0 ] \Device\Harddisk0\DR0\Partition2
15:28:10.0313 5820 \Device\Harddisk0\DR0\Partition2 - ok
15:28:10.0316 5820 ============================================================
15:28:10.0316 5820 Scan finished
15:28:10.0316 5820 ============================================================
15:28:10.0327 5300 Detected object count: 1
15:28:10.0327 5300 Actual detected object count: 1
15:28:16.0676 5300 C:\Windows\system32\services.exe - copied to quarantine
15:28:18.0616 5300 C:\Windows\installer\{c9603364-f6df-36b5-55a3-9c88025412f3}\@ - copied to quarantine
15:28:18.0630 5300 C:\Windows\installer\{c9603364-f6df-36b5-55a3-9c88025412f3}\L\00000004.@ - copied to quarantine
15:28:18.0634 5300 C:\Windows\installer\{c9603364-f6df-36b5-55a3-9c88025412f3}\L\201d3dde - copied to quarantine
15:28:18.0647 5300 C:\Windows\installer\{c9603364-f6df-36b5-55a3-9c88025412f3}\U\80000032.@ - copied to quarantine
15:28:20.0201 5300 C:\Windows\installer\{c9603364-f6df-36b5-55a3-9c88025412f3}\U\80000064.@ - copied to quarantine
15:28:46.0895 5300 Backup copy not found, trying to cure infected file..
15:28:46.0897 5300 C:\Windows\system32\services.exe - Cure failed (FFFFFFFF)
15:28:46.0897 5300 C:\Windows\system32\services.exe - processing error
15:28:46.0897 5300 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:31 PM

Posted 03 October 2012 - 03:58 PM

ASWMBR log?

#9 Jonathan M.

Jonathan M.
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 03 October 2012 - 05:02 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-03 00:43:39
-----------------------------
00:43:39.464 OS Version: Windows x64 6.1.7601 Service Pack 1
00:43:39.464 Number of processors: 1 586 0x2502
00:43:39.465 ComputerName: AAYDEN-PC UserName: Aaden
00:43:45.190 Initialize success
00:44:50.599 AVAST engine defs: 12100300
00:44:55.262 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:44:55.265 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
00:44:55.280 Disk 0 MBR read successfully
00:44:55.282 Disk 0 MBR scan
00:44:55.288 Disk 0 Windows 7 default MBR code
00:44:55.291 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14000 MB offset 2048
00:44:55.311 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 28674048
00:44:55.326 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 939767 MB offset 28878848
00:44:55.358 Disk 0 scanning C:\Windows\system32\drivers
00:45:30.842 Service scanning
00:46:16.896 Modules scanning
00:46:16.904 Disk 0 trace - called modules:
00:46:16.920 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys iaStor.sys sptd.sys
00:46:16.924 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007a1d790]
00:46:16.931 3 CLASSPNP.SYS[fffff88001ea343f] -> nt!IofCallDriver -> [0xfffffa8007a1c7b0]
00:46:16.937 5 PCTCore64.sys[fffff88001706720] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005257050]
00:46:19.367 AVAST engine scan C:\Windows
00:46:29.232 AVAST engine scan C:\Windows\system32
00:54:09.635 AVAST engine scan C:\Windows\system32\drivers
00:55:26.028 AVAST engine scan C:\Users\Aaden
01:02:41.804 File: C:\Users\Aaden\AppData\Local\Temp\Intel_Drivers_Update_Utility_2_7_keygen.exe **INFECTED** Win32:MalOb-HU [Cryp]
01:53:04.625 AVAST engine scan C:\ProgramData
02:08:25.309 Scan finished successfully
02:08:46.372 Disk 0 MBR has been saved successfully to "C:\Users\Aaden\Desktop\MBR.dat"
02:08:46.382 The log file has been saved successfully to "C:\Users\Aaden\Desktop\aswMBR.txt"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:31 PM

Posted 03 October 2012 - 05:09 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#11 Jonathan M.

Jonathan M.
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 03 October 2012 - 07:35 PM

MINI TOOLBAR RESULTS

MiniToolBox by Farbar Version: 23-07-2012
Ran by Aaden (administrator) on 03-10-2012 at 20:29:24
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=http://www.naughtyamerica.com:8080

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Compact Wireless-G USB Network Adapter = Wireless Network Connection (Connected)
Intel® 82578DC Gigabit Network Connection = Local Area Connection (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Aayden-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ga.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.ga.comcast.net.
Description . . . . . . . . . . . : Compact Wireless-G USB Network Adapter
Physical Address. . . . . . . . . : 00-25-9C-72-21-77
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f08e:d176:21b6:bc9c%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 02, 2012 11:06:44 PM
Lease Expires . . . . . . . . . . : Thursday, October 04, 2012 11:06:43 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 385885033
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-28-DF-AA-90-FB-A6-30-7A-D1
DNS Servers . . . . . . . . . . . : 107.6.133.8
23.23.180.210
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82578DC Gigabit Network Connection
Physical Address. . . . . . . . . : 90-FB-A6-30-7A-D1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.ga.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.225.129] with 32 bytes of data:
Reply from 74.125.225.129: bytes=32 time=60ms TTL=52
Reply from 74.125.225.129: bytes=32 time=50ms TTL=52

Ping statistics for 74.125.225.129:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 60ms, Average = 55ms

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=58ms TTL=48
Reply from 98.139.183.24: bytes=32 time=77ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 58ms, Maximum = 77ms, Average = 67ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 25 9c 72 21 77 ......Compact Wireless-G USB Network Adapter
10...90 fb a6 30 7a d1 ......Intel® 82578DC Gigabit Network Connection
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 281
192.168.1.101 255.255.255.255 On-link 192.168.1.101 281
192.168.1.255 255.255.255.255 On-link 192.168.1.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::f08e:d176:21b6:bc9c/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
x64-Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
x64-Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
x64-Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
x64-Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
x64-Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog9 12 mswsock.dll [File Not found] ()
x64-Catalog9 13 mswsock.dll [File Not found] ()
x64-Catalog9 14 mswsock.dll [File Not found] ()
x64-Catalog9 15 mswsock.dll [File Not found] ()
x64-Catalog9 16 mswsock.dll [File Not found] ()
x64-Catalog9 17 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/08/2011 05:22:11 AM) (Source: Application Error) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Registry Mechanic 5.2 because of this error.

Program: Registry Mechanic 5.2
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (02/08/2011 05:22:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: RegMech.exe, version: 5.2.0.310, time stamp: 0x4432173c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000096
Fault offset: 0x00e88edd
Faulting process id: 0xb60
Faulting application start time: 0xRegMech.exe0
Faulting application path: RegMech.exe1
Faulting module path: RegMech.exe2
Report Id: RegMech.exe3

Error: (02/08/2011 05:21:51 AM) (Source: Application Error) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Registry Mechanic 5.2 because of this error.

Program: Registry Mechanic 5.2
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (02/08/2011 05:21:51 AM) (Source: Application Error) (User: )
Description: Faulting application name: regmech.exe, version: 5.2.0.310, time stamp: 0x4432173c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000096
Fault offset: 0x002d8edd
Faulting process id: 0xc7c
Faulting application start time: 0xregmech.exe0
Faulting application path: regmech.exe1
Faulting module path: regmech.exe2
Report Id: regmech.exe3

Error: (02/08/2011 05:18:29 AM) (Source: Application Error) (User: )
Description: Faulting application name: RegMech.exe, version: 9.0.0.120, time stamp: 0x4b048f34
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x75094cad
Faulting process id: 0x920
Faulting application start time: 0xRegMech.exe0
Faulting application path: RegMech.exe1
Faulting module path: RegMech.exe2
Report Id: RegMech.exe3

Error: (02/08/2011 05:18:15 AM) (Source: Application Error) (User: )
Description: Faulting application name: regmech.exe, version: 9.0.0.120, time stamp: 0x4b048f34
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x75094cad
Faulting process id: 0xc60
Faulting application start time: 0xregmech.exe0
Faulting application path: regmech.exe1
Faulting module path: regmech.exe2
Report Id: regmech.exe3

Error: (02/08/2011 05:17:07 AM) (Source: Application Error) (User: )
Description: Faulting application name: RegMech.exe, version: 9.0.0.120, time stamp: 0x4b048f34
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x75094cad
Faulting process id: 0x1200
Faulting application start time: 0xRegMech.exe0
Faulting application path: RegMech.exe1
Faulting module path: RegMech.exe2
Report Id: RegMech.exe3

Error: (02/08/2011 05:16:47 AM) (Source: Application Error) (User: )
Description: Faulting application name: regmech.exe, version: 9.0.0.120, time stamp: 0x4b048f34
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x75094cad
Faulting process id: 0x1248
Faulting application start time: 0xregmech.exe0
Faulting application path: regmech.exe1
Faulting module path: regmech.exe2
Report Id: regmech.exe3

Error: (02/08/2011 05:12:25 AM) (Source: Application Error) (User: )
Description: Faulting application name: RegMech.exe, version: 9.0.0.120, time stamp: 0x4b048f34
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x73a04cad
Faulting process id: 0x1284
Faulting application start time: 0xRegMech.exe0
Faulting application path: RegMech.exe1
Faulting module path: RegMech.exe2
Report Id: RegMech.exe3

Error: (02/08/2011 05:11:29 AM) (Source: Application Error) (User: )
Description: Faulting application name: RegMech.exe, version: 9.0.0.120, time stamp: 0x4b048f34
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x73a04cad
Faulting process id: 0x1364
Faulting application start time: 0xRegMech.exe0
Faulting application path: RegMech.exe1
Faulting module path: RegMech.exe2
Report Id: RegMech.exe3


System errors:
=============
Error: (02/08/2011 05:14:05 AM) (Source: Service Control Manager) (User: )
Description: Digidesign MME Refresh Service%%2

Error: (02/08/2011 05:14:04 AM) (Source: Service Control Manager) (User: )
Description: Eset Trial Reset%%1053

Error: (02/08/2011 05:14:04 AM) (Source: Service Control Manager) (User: )
Description: 30000Eset Trial Reset

Error: (02/08/2011 05:14:03 AM) (Source: Service Control Manager) (User: )
Description: Link-Layer Topology Discovery Responder%%1058

Error: (02/07/2011 02:04:05 PM) (Source: Service Control Manager) (User: )
Description: Windows Search

Error: (02/07/2011 01:59:19 PM) (Source: Service Control Manager) (User: )
Description: Digidesign MME Refresh Service%%2

Error: (02/07/2011 01:59:18 PM) (Source: Service Control Manager) (User: )
Description: Eset Trial Reset%%1053

Error: (02/07/2011 01:59:18 PM) (Source: Service Control Manager) (User: )
Description: 30000Eset Trial Reset

Error: (02/07/2011 01:59:16 PM) (Source: Service Control Manager) (User: )
Description: Link-Layer Topology Discovery Responder%%1058

Error: (02/07/2011 08:36:04 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer LORRAINE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{EC455086-67E4-45D4-8417-5BABF9F4D5C3}.
The master browser is stopping or an election is being forced.


Microsoft Office Sessions:
=========================
Error: (02/08/2011 05:22:11 AM) (Source: Application Error)(User: )
Description: Registry Mechanic 5.2000000000

Error: (02/08/2011 05:22:11 AM) (Source: Application Error)(User: )
Description: RegMech.exe5.2.0.3104432173cunknown0.0.0.000000000c000009600e88eddb6001cbc771aa2a6c92C:\Program Files (x86)\Registry Mechanic\RegMech.exeunknowne7e0cb3f-3364-11e0-b341-90fba6307ad1

Error: (02/08/2011 05:21:51 AM) (Source: Application Error)(User: )
Description: Registry Mechanic 5.2000000000

Error: (02/08/2011 05:21:51 AM) (Source: Application Error)(User: )
Description: regmech.exe5.2.0.3104432173cunknown0.0.0.000000000c0000096002d8eddc7c01cbc7719e596332C:\Program Files (x86)\Registry Mechanic\regmech.exeunknowndc17ff5e-3364-11e0-b341-90fba6307ad1

Error: (02/08/2011 05:18:29 AM) (Source: Application Error)(User: )
Description: RegMech.exe9.0.0.1204b048f34unknown0.0.0.000000000c000041d75094cad92001cbc7712516ba03C:\Program Files (x86)\Registry Mechanic\RegMech.exeunknown6381b2fa-3364-11e0-b341-90fba6307ad1

Error: (02/08/2011 05:18:15 AM) (Source: Application Error)(User: )
Description: regmech.exe9.0.0.1204b048f34unknown0.0.0.000000000c000041d75094cadc6001cbc7711ce5bcf0C:\Program Files (x86)\Registry Mechanic\regmech.exeunknown5b9f4350-3364-11e0-b341-90fba6307ad1

Error: (02/08/2011 05:17:07 AM) (Source: Application Error)(User: )
Description: RegMech.exe9.0.0.1204b048f34unknown0.0.0.000000000c000041d75094cad120001cbc770f482bb06C:\Program Files (x86)\Registry Mechanic\RegMech.exeunknown32edb3fc-3364-11e0-b341-90fba6307ad1

Error: (02/08/2011 05:16:47 AM) (Source: Application Error)(User: )
Description: regmech.exe9.0.0.1204b048f34unknown0.0.0.000000000c000041d75094cad124801cbc770e4c27f34C:\Program Files (x86)\Registry Mechanic\regmech.exeunknown27153a1d-3364-11e0-b341-90fba6307ad1

Error: (02/08/2011 05:12:25 AM) (Source: Application Error)(User: )
Description: RegMech.exe9.0.0.1204b048f34unknown0.0.0.000000000c000041d73a04cad128401cbc7704c2f8455C:\Program Files (x86)\Registry Mechanic\RegMech.exeunknown8a95204f-3363-11e0-a0c0-90fba6307ad1

Error: (02/08/2011 05:11:29 AM) (Source: Application Error)(User: )
Description: RegMech.exe9.0.0.1204b048f34unknown0.0.0.000000000c000041d73a04cad136401cbc7702aafec8dC:\Program Files (x86)\Registry Mechanic\RegMech.exeunknown692632d6-3363-11e0-a0c0-90fba6307ad1


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
911 - First Responders (Version: 1.03.001)
Acrobat.com (Version: 1.6.65)
Active@ ISO Burner (Version: 2.1.0)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.62)
Adobe Reader 9.4.7 MUI (Version: 9.4.7)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
Advertising Center (Version: 0.0.0.2)
Alcor Micro USB Card Reader (Version: 1.7.17.25416)
Antares Autotune Evo VST RTAS v6.0.9
Antares Autotune VST RTAS TDM v5.08
Antares AVOX Evo VST RTAS v3.0.2
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL (Version: 2.10)
ATITool Overclocking Utility (Version: 0.27)
Audio Converter Plus 4.5.0.0 (Version: 4.5.0.0)
Authorizer 1.0f2 (Version: 1.0f2)
AVG Security Toolbar (Version: 12.2.5.34)
Avid Effects (Version: 10.3)
Avid HD Driver (x64) (Version: 10.3)
Avid Pro Tools (Version: 10.3)
AVOX Evo RTAS (Version: 3.0.0)
AVOX Evo VST (Version: 3.0.0)
AVS Audio Converter version 6.1
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.3
B1Manager
Backup Manager Advance (Version: 2.0.2.19)
Bing Bar (Version: 7.1.391.0)
BitZipper 2010
Bonjour (Version: 3.0.0.10)
Brainworx BX Control VST RTAS v2.0.1
Brainworx BX Digital VST v1.09
Browser Guard 4.0 (Version: 4.0.0.1606)
Browser Manager
Cakewalk SONAR X1 Production Suite x64 (Version: 18.1)
Canon MX340 series MP Drivers
CCleaner (remove only)
CDCheck
Chat Messenger
CodeMeter Runtime Kit v4.01 (Version: 4.1.169.500)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink MediaShow (Version: 4.1.3029)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.3.0297)
DefaultTab (Version: 1.2.8.0)
DefaultTab Chrome (Version: 1.1.8)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Digidesign Audio Drivers (x64) (Version: 8.0.3)
DivX Setup (Version: 2.6.1.9)
DolbyFiles (Version: 2.0)
Driver Checker v2.7.4 (Version: 2.7.4)
Driver Genius Professional Edition (Version: 11.0)
DriverUpdate (Version: 2.2.23798)
eGames Toolbar
ESET Online Scanner v3
ESET Smart Security (Version: 5.0.94.0)
EVGA Precision 2.0.0 (Version: 2.0.0)
EVGA Precision X 3.0.2 (Version: 3.0.2)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
File Type Assistant
FileHunter
FL Studio 10
FoxTab PDF Converter
Free File Viewer 2011
Frontline Registry Cleaner (Version: 2.0)
Game Booster 3 (Version: 3.4)
Gateway Games (Version: 1.0.3.0)
Gateway InfoCentre (Version: 3.02.3000)
Gateway MyBackup (Version: 2.0.2.19)
Gateway Photo Frame 4.2.3.7 (Version: 4.2.3.7)
Gateway Recovery Management (Version: 4.05.3005)
Gateway Registration (Version: 1.02.3006)
Gateway ScreenSaver (Version: 1.1.0812)
Gateway Updater (Version: 1.01.3017)
Geeks3D.com FurMark 1.10.1
GetDataBack for NTFS (Version: 4.02.000)
Google Chrome (Version: 22.0.1229.79)
Google Talk (remove only)
Google Update Helper (Version: 1.3.21.123)
Grand Theft Auto IV (Version: 1.0.0013.131)
Harmony Engine Evo RTAS (Version: 3.0.0)
Harmony Engine Evo VST (Version: 3.0.0)
High-Definition Video Playback 10 (Version: 7.0.11400.29.0)
iCloud (Version: 1.1.0.40)
Identity Card (Version: 1.00.3002)
IL Download Manager
iLivid (Version: 1.92.0.118480)
ImagXpress (Version: 7.0.74.0)
Intel® Control Center (Version: 1.2.1.1008)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Network Connections (Version: 17.1.0.0)
Intel® Network Connections 17.1.55.0 (Version: 17.1.55.0)
Intel® Processor Graphics (Version: 8.15.10.2291)
Intel® Rapid Storage Technology (Version: 11.1.5.1001)
Interlok driver setup x64 (Version: 5.8.13)
Internet TV for Windows Media Center (Version: 3.2.1.0)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Jojo's Fashion Show 2 - Las Cruces (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
KeyboardLocker Evaluation 2.7 (Version: 2.7)
Kid-Key-Lock 2.1.0.0
License Support (Version: 1.1.1.1524)
Linksys Wireless Manager (Version: 4.9.9047.0)
Loki ActiveX Control (Version: 3.1.0.05)
LPK25 Editor
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Massey Plugins Demos [Remove only]
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
ML4000 Native (Version: 1.2.5)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 6.0 (x86 en-US) (Version: 6.0)
Mozilla Maintenance Service (Version: 15.0.1)
MSI Afterburner 2.2.0 (Version: 2.2.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Native Instruments Bandstand
Native Instruments Controller Editor (Version: 1.1.1.189)
Native Instruments Service Center (Version: 2.2.0.367)
Nero 10 Menu TemplatePack 1 (Version: 10.0.10600.6.0)
Nero 10 Menu TemplatePack 2 (Version: 10.0.10600.6.0)
Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0)
Nero BackItUp 10 (Version: 5.4.11600.19.100)
Nero BackItUp 10 Help (CHM) (Version: 1.0.10700)
Nero Burning ROM 10 (Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (Version: 1.0.10700)
Nero BurnRights (Version: 3.4.13.100)
Nero BurnRights 10 (Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (Version: 1.0.10600)
Nero BurnRights Help (Version: 3.4.4.100)
Nero Control Center 10 (Version: 10.0.12000.1.4)
Nero ControlCenter (Version: 9.0.0.1)
Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700)
Nero Core Components 10 (Version: 2.0.13700.0.1)
Nero CoverDesigner (Version: 4.4.12.100)
Nero CoverDesigner 10 (Version: 5.0.10900.11.100)
Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600)
Nero CoverDesigner Help (Version: 4.4.9.100)
Nero Disc Copy Gadget (Version: 2.4.34.0)
Nero Disc Copy Gadget Help (Version: 2.4.22.0)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed 10 (Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero Dolby Files 10 (Version: 2.0.11000.0.10)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express 10 (Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (Version: 1.0.10700)
Nero Express Help (Version: 9.4.14.100)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool 10 (Version: 7.0.10800.8.100)
Nero InfoTool 10 Help (CHM) (Version: 1.0.10600)
Nero InfoTool Help (Version: 6.4.4.100)
Nero MediaHub 10 (Version: 1.0.13400.11.100)
Nero MediaHub 10 Help (CHM) (Version: 1.0.10700)
Nero Multimedia Suite 10 (Version: 10.0.13100)
Nero Online Upgrade (Version: 1.3.0.0)
Nero PhotoSnap (Version: 2.4.28.0)
Nero PhotoSnap Help (Version: 1.53.2.0)
Nero Recode (Version: 4.4.38.1)
Nero Recode 10 (Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (Version: 1.0.10600)
Nero Recode Help (Version: 4.4.22.0)
Nero RescueAgent 10 (Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700)
Nero ShowTime (Version: 5.4.0.100)
Nero ShowTime (Version: 5.4.21.100)
Nero SoundTrax 10 (Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600)
Nero StartSmart (Version: 9.4.19.100)
Nero StartSmart 10 (Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (Version: 1.0.10700)
Nero StartSmart Help (Version: 9.4.11.100)
Nero StartSmart OEM (Version: 9.4.10.100)
Nero Update (Version: 1.0.0017)
Nero Vision (Version: 6.4.16.100)
Nero Vision 10 (Version: 7.0.11100.8.100)
Nero Vision 10 Help (CHM) (Version: 1.0.10600)
Nero Vision Help (Version: 6.4.8.100)
Nero WaveEditor 10 (Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600)
NeroExpress (Version: 9.4.26.100)
neroxml (Version: 1.0.0)
Netbits Contextual Tracking
Netflix in Windows Media Center (Version: 3.3.101.0)
Network Stumbler 0.4.0 (remove only)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Display Control Panel (Version: 6.14.12.5936)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
OpenAL
PC Speed Maximizer v3.0 (Version: 3.0)
PC Tools Spyware Doctor 9.0 (Version: 9.0)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
PhotoPad Image Editor
PhotoStage Slideshow Producer
Pinnacle Game Profiler (Version: 5.0.0)
Pixillion Image Converter
PowerISO (Version: 4.7)
ProtectDisc Driver, Version 11 (Version: 11.0.0.14)
Pultec Bundle
Pure Networks Platform (Version: 11.1.9044.0)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6662)
Reason 5.0 (Version: 5.0)
ReCycle 2.1.2 (Version: 2.1.2)
reFX Nexus VSTi RTAS v2.2.0
Registry Mechanic 5.2 (Version: 5.2)
Safari (Version: 5.33.19.4)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.550.0)
Slate Digital FG-X Mastering Processor VST RTAS v1.1.2
Smart Defrag 2 (Version: 2.3)
SmartUndelete (Version: 2.9)
Speeding Up My PC v2.2 (Version: 2.2)
Steinberg Hypersonic 2
Syncrosoft's License Control
SyncroSoft Emu (Remove only)
System Requirements Lab CYRI (Version: 4.4.21.0)
System Requirements Lab for Intel (Version: 4.4.21.0)
T-RackS 3 Deluxe (Version: 1.0.0)
TechPowerUp GPU-Z
The Weather Channel Desktop 6
Torq LE 1.0.7 (Build 017 - 03 Oct 2008)
TuneUp Utilities 2012 (Version: 12.0.3600.104)
TuneUp Utilities Language Pack (en-US) (Version: 12.0.3600.104)
Uniblue DriverScanner (Version: 4.0.3.4)
Uniblue RegistryBooster (Version: 6.0.10.7)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
Update Installer for WildTangent Games App
uTorrentBar Toolbar (Version: 6.2.6.0)
uTorrentControl2 Toolbar (Version: 6.9.0.16)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VD64Inst (Version: 1.00.0000)
VirtualCloneDrive
Visual C++ Redistributables (Version: 1.00.0000)
VLC media player 2.0.1 (Version: 2.0.1)
VMeters (Version: 1.0.2)
Vuze Remote Toolbar (Version: 6.2.2.4)
Waves Complete v8.0.11
Waves Complete VST RTAS TDM v7.1.16
Waves Diamond Bundle v5.2
WildTangent Games App (Gateway Games) (Version: 4.0.5.37)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows iLivid Toolbar (Version: 3.0.0.107554)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 3.1.1.0)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
WinZip 15.0 (Version: 15.0.9302)
Wondershare DVD Ripper Platinum(Build 4.6.1.0)
YourFileDownloader (Version: 1.0.3)
YouTube Player
YTD YouTube Downloader & Converter 3.6

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 5047.09 MB
Available physical RAM: 1546.46 MB
Total Pagefile: 10092.38 MB
Available Pagefile: 6800.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.15 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:917.74 GB) (Free:321.93 GB) NTFS

========================= Users: ========================================

User accounts for \\AAYDEN-PC

A505D1FE3F714B33A71C Aaden Administrator
AE7019AE5F92457FBC2C Guest UpdatusUser

========================= Restore Points ==================================

26-09-2012 18:33:18 Before installing new drivers - 9/26/2012 2:33:17 PM
26-09-2012 18:36:59 Installed Alcor Micro USB Card Reader
26-09-2012 18:42:08 ?????????????
26-09-2012 19:10:47 Before installing new drivers - 9/26/2012 3:10:38 PM
02-10-2012 16:57:22 Windows Modules Installer
02-10-2012 19:49:57 Restore Operation

**** End of log ****

#12 Jonathan M.

Jonathan M.
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 03 October 2012 - 07:43 PM

FSS RESULTS

Farbar Service Scanner Version: 19-09-2012
Ran by Aaden (administrator) on 03-10-2012 at 20:39:57
Running from "C:\Users\Aaden\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:31 PM

Posted 03 October 2012 - 08:37 PM

Other logs?

#14 Jonathan M.

Jonathan M.
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 04 October 2012 - 01:30 AM

Still waiting on malware...

#15 Jonathan M.

Jonathan M.
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:31 AM

Posted 04 October 2012 - 10:25 AM

MALWARE RESULTS

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.03.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Aaden :: AAYDEN-PC [administrator]

Protection: Enabled

10/3/2012 8:27:38 PM
mbam-log-2012-10-03 (20-27-38).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 1085507
Time elapsed: 7 hour(s), 29 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 25
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD} (PUP.PlayBryte) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileHunter (PUP.FileHunter) -> No action taken.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Adobe Licensing Console (Trojan.Clicker.CT) -> Quarantined and deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{6d5ae610-803a-e578-8b93-ee9ce23be350} (Adware.Dymanet) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\397cfdb2-a465-0e26-7ee3-708a49127c82 (Adware.MediaPass) -> Quarantined and deleted successfully.
HKCR\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5eaf17ab-7d97-9873-479f-7594c45cf90a} (Adware.MediaPass) -> Quarantined and deleted successfully.
HKCR\CLSID\{5eaf17ab-7d97-9873-479f-7594c45cf90a} (Adware.MediaPass) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EAF17AB-7D97-9873-479F-7594C45CF90A} (Adware.MediaPass) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 8
C:\Users\Aaden\AppData\Roaming\FileHunter (PUP.FileHunter) -> No action taken.
C:\Users\Aaden\AppData\Roaming\FileHunter\downloads (PUP.FileHunter) -> No action taken.
C:\Users\Aaden\AppData\Roaming\FileHunter\metafiles (PUP.FileHunter) -> No action taken.
C:\Users\Aaden\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com (PUP.PlaySushi) -> No action taken.
C:\Users\Aaden\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com\chrome (PUP.PlaySushi) -> No action taken.
C:\Users\Aaden\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com\components (PUP.PlaySushi) -> No action taken.
C:\ProgramData\775640778 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\Aaden\AppData\Roaming\SysWin (Trojan.Agent) -> Quarantined and deleted successfully.

Files Detected: 18
C:\Users\Aaden\AppData\Local\Temp\Mutilpatch dgtsoft.com_Patch.exe (PUP.Hacktool.Patcher) -> No action taken.
C:\Users\Aaden\AppData\Roaming\FileHunter\pumpa.state (PUP.FileHunter) -> No action taken.
C:\Users\Aaden\AppData\Roaming\FileHunter\extensions-1.exe (PUP.FileHunter) -> No action taken.
C:\Users\Aaden\AppData\Roaming\FileHunter\pumpa.exe (PUP.FileHunter) -> No action taken.
C:\Users\Aaden\AppData\Roaming\FileHunter\uninstall.exe (PUP.FileHunter) -> No action taken.
C:\Users\Aaden\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com\chrome.manifest (PUP.PlaySushi) -> No action taken.
C:\Users\Aaden\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com\install.rdf (PUP.PlaySushi) -> No action taken.
C:\Users\Aaden\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com\chrome\pstextlinks.jar (PUP.PlaySushi) -> No action taken.
C:\Users\Aaden\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com\components\PlaySushiFF.dll (PUP.PlaySushi) -> No action taken.
C:\Users\Aaden\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com\components\PlaySushiFF.xpt (PUP.PlaySushi) -> No action taken.
C:\Windows\System32\msvfd32.exe (Trojan.Clicker.CT) -> Quarantined and deleted successfully.
C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Roaming\8427.tmp (Trojan.Tracur.S) -> Quarantined and deleted successfully.
C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Roaming\A8FC.tmp (Trojan.Tracur.S) -> Quarantined and deleted successfully.
C:\Users\Aaden\Downloads\KeyGen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Users\Aaden\Downloads\ADELE - Someone Like You\Batman.Arkham.City.STEAM.UNLOCKED-ALI213\ÓÎÏÀÍøNETSHOW.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\397cfdb2-a465-0e26-7ee3-708a49127c82.exe (Adware.MediaPass) -> Quarantined and deleted successfully.
C:\Windows\System32\GnuHashes.ini (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\GnuHashes.ini (Trojan.Tracur) -> Quarantined and deleted successfully.

(end)

Edited by Jonathan M., 04 October 2012 - 10:48 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users