Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

POP ups in my browser, + windows update, restore corrupted


  • Please log in to reply
15 replies to this topic

#1 s0ldier

s0ldier

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 07 October 2012 - 10:23 PM

POP ups in my browser, + windows update, restore corrupted,

i recently got rid of some nasty ransom-ware, and it has left my system super buggy affter, it will not allow me to restore back due to volume disk errors? my windows firewall service is stuck on dissabled, i can not update windows, or windows security ess, and now i have new little buddy. pop ups in my lower and left hand corners of my browser. please help

thanks Ricky

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:17 AM

Posted 07 October 2012 - 10:27 PM

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.bleepingcomputer.com/farbar/FSS.exe


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

#3 s0ldier

s0ldier
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 08 October 2012 - 03:54 AM

ESET:

C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe a variant of Win32/CompuTrace.B application cleaned by deleting - quarantined

FSS:

Farbar Service Scanner Version: 07-10-2012
Ran by Rick (administrator) on 07-10-2012 at 20:52:58
Running from "C:\Users\Rick\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

MINITOOLBOX:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Rick (administrator) on 07-10-2012 at 20:57:29
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

::1 localhost








































































































































































































72.29.93.243 www.google-analytics.com.
72.29.93.243 ad-emea.doubleclick.net.
72.29.93.243 www.statcounter.com.
64.27.10.42 www.google-analytics.com.
64.27.10.42 ad-emea.doubleclick.net.
64.27.10.42 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Rick-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F4-6D-04-1A-0D-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 74-F0-6D-C4-E4-B8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 48-5D-60-E4-EA-AA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2c4d:97d9:7c6:7147%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.59.0.205(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Sunday, October 07, 2012 6:13:00 PM
Lease Expires . . . . . . . . . . : Sunday, October 07, 2012 9:05:43 PM
Default Gateway . . . . . . . . . : 10.59.0.1
DHCP Server . . . . . . . . . . . : 10.59.0.1
DHCPv6 IAID . . . . . . . . . . . : 239623520
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-B1-E8-69-48-5D-60-E4-EA-AA
DNS Servers . . . . . . . . . . . : 10.59.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B08FF091-7D27-45E1-895A-8B433075E936}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F4C6A5B9-7F53-4C3B-A51F-CBC74F36CC9D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: rap.nnu.com
Address: 10.59.0.1

Name: google.com
Addresses: 2001:4860:4001:800::1001
74.125.224.36
74.125.224.33
74.125.224.35
74.125.224.40
74.125.224.38
74.125.224.34
74.125.224.41
74.125.224.39
74.125.224.46
74.125.224.32
74.125.224.37


Pinging google.com [74.125.224.33] with 32 bytes of data:
Reply from 74.125.224.33: bytes=32 time=94ms TTL=57
Reply from 74.125.224.33: bytes=32 time=103ms TTL=57

Ping statistics for 74.125.224.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 94ms, Maximum = 103ms, Average = 98ms
Server: rap.nnu.com
Address: 10.59.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Request timed out.
Reply from 98.138.253.109: bytes=32 time=170ms TTL=53

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 170ms, Maximum = 170ms, Average = 170ms
Server: rap.nnu.com
Address: 10.59.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 2ms, Average = 2ms
===========================================================================
Interface List
15...f4 6d 04 1a 0d 05 ......Realtek PCIe GBE Family Controller
14...74 f0 6d c4 e4 b8 ......Bluetooth Device (Personal Area Network)
11...48 5d 60 e4 ea aa ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.59.0.1 10.59.0.205 25
10.59.0.0 255.255.252.0 On-link 10.59.0.205 281
10.59.0.205 255.255.255.255 On-link 10.59.0.205 281
10.59.3.255 255.255.255.255 On-link 10.59.0.205 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.59.0.205 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.59.0.205 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::2c4d:97d9:7c6:7147/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/07/2012 08:43:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/07/2012 08:40:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/07/2012 08:40:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/07/2012 07:50:58 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service Network Inspection System (Network Inspection System) failed. The first DWORD in the Data section contains the error code.

Error: (10/07/2012 07:50:58 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (10/07/2012 07:39:34 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (10/07/2012 06:16:48 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (10/07/2012 06:16:48 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (10/07/2012 01:41:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/06/2012 11:48:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: Origin.exe, version: 9.0.13.2142, time stamp: 0x5058cf35
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x6e0
Faulting application start time: 0xOrigin.exe0
Faulting application path: Origin.exe1
Faulting module path: Origin.exe2
Report Id: Origin.exe3


System errors:
=============
Error: (10/07/2012 08:02:09 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1196.0

Update Source: %NT AUTHORITY59

Update Stage: 4.1.0522.00

Source Path: 4.1.0522.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/07/2012 08:02:09 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1196.0

Update Source: %NT AUTHORITY59

Update Stage: 4.1.0522.00

Source Path: 4.1.0522.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/07/2012 07:51:38 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1196.0

Update Source: %NT AUTHORITY59

Update Stage: 4.1.0522.00

Source Path: 4.1.0522.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/07/2012 07:51:38 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1196.0

Update Source: %NT AUTHORITY59

Update Stage: 4.1.0522.00

Source Path: 4.1.0522.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/07/2012 07:25:28 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1196.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/07/2012 07:25:28 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1196.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/07/2012 07:25:09 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1196.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/07/2012 07:25:09 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1196.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/07/2012 06:21:14 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1196.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/07/2012 06:13:01 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (10/07/2012 08:43:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rick\Downloads\esetsmartinstaller_enu.exe

Error: (10/07/2012 08:40:17 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rick\Downloads\esetsmartinstaller_enu.exe

Error: (10/07/2012 08:40:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Rick\Downloads\esetsmartinstaller_enu.exe

Error: (10/07/2012 07:50:58 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Network Inspection SystemNetwork Inspection System8F20300004D070000

Error: (10/07/2012 07:50:58 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000000000009030000

Error: (10/07/2012 07:39:34 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (10/07/2012 06:16:48 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (10/07/2012 06:16:48 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000000000009030000

Error: (10/07/2012 01:41:53 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (10/06/2012 11:48:38 PM) (Source: Application Error)(User: )
Description: Origin.exe9.0.13.21425058cf35ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c36e001cda3f7cc86c4a7D:\Program Files (x86)\Origin\Origin.exeC:\Windows\SysWOW64\ntdll.dll054e234e-104b-11e2-9cce-74f06dc4e4b8


=========================== Installed Programs ============================

??????? Windows Live Mesh ActiveX ??(????) (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
Ad-Aware Antivirus (Version: 10.2.21.3698)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
ASUS AI Recovery (Version: 1.0.24)
ASUS Live Update (Version: 3.0.6)
ASUS Power4Gear Hybrid (Version: 1.1.42)
ASUS SmartLogon (Version: 1.0.0009)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0031)
ASUS Virtual Camera (Version: 1.0.20)
ASUS WebStorage (Version: 3.0.102.211)
Asus_G73_Screensaver (Version: 1.0.0001)
AsusVibe2.0 (Version: 2.0.5.103)
ATK Package (Version: 1.0.0008)
Bing Bar (Version: 7.0.610.0)
CCleaner (Version: 3.23)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (Version: 1.0.0.0)
Command & Conquer™ 4 Tiberian Twilight (Version: 1.0.0.0)
Command & Conquer™ and The Covert Operations™ (Version: 1.0.0.0)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (Version: 1.0.0.0)
Command & Conquer™ Red Alert, Counterstrike and The Aftermath (Version: 1.0.0.0)
Command & Conquer™ Red Alert™ 3 and Uprising (Version: 1.0.0.0)
Command & Conquer™ The Ultimate Collection
Command & Conquer™ The Ultimate Collection Additional Content (Version: 1.0.0.0)
Command & Conquer™ Tiberian Sun™ and Firestorm™ (Version: 1.0.0.0)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (Version: 15.4.5722.2)
CyberLink LabelPrint (Version: 2.5.1908)
CyberLink Power2Go (Version: 6.1.3602c)
D3DX10 (Version: 15.4.2368.0902)
Darksiders II
DirectX 9 Runtime (Version: 1.00.0000)
ESET Online Scanner v3
ExpressGate Cloud (Version: 2.1.91.412)
Fresco Logic USB3.0 Host Controller (Version: 3.0.114.13)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
GameStop App (Version: 4.00)
Google Chrome (Version: 22.0.1229.79)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Guild Wars
HiJackThis (Version: 1.0.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Turbo Boost Technology Monitor (Version: 1.0.400.4)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Nuance PDF Reader (Version: 6.00.0041)
NVIDIA 3D Vision Driver 296.10 (Version: 296.10)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0613)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
Origin (Version: 9.0.13.2142)
PAYDAY: The Heist
PAYDAY™ The Heist - Wolfpack
Realtek Ethernet Controller Driver (Version: 7.37.1229.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6162)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10001)
Revo Uninstaller 1.94 (Version: 1.94)
Roxio AACS Certificate (Version: 1.0.0)
Roxio Activation Module (Version: 1.0)
Roxio CinePlayer (Version: 5.6)
Roxio CinePlayer (Version: 5.6.221.0)
Skype™ 5.9 (Version: 5.9.115)
Spybot - Search & Destroy (Version: 1.6.2)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1008)
Synaptics Pointing Device Driver (Version: 15.1.18.0)
syncables desktop SE (Version: 5.5.746.11492)
The Elder Scrolls V: Skyrim
THX TruStudio (Version: 1.03.00)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
WebM Media Foundation Components (Version: 1.0.0.0)
WestwoodChat (Version: 1.0.0.0)
WestwoodOnline (Version: 1.0.0.0)
WIDCOMM Bluetooth Software (Version: 6.2.5.600)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419) (Version: 02/25/2010 6.2.0.9419)
Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417) (Version: 01/19/2010 6.2.0.1417)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (Version: 07/29/2009 6.1.7100.0)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash (Version: 2.31.0)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
Wireless Console 3 (Version: 3.0.19)
Yahoo! Messenger

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 8169.17 MB
Available physical RAM: 5088.2 MB
Total Pagefile: 16336.53 MB
Available Pagefile: 12904.55 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.34 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:256 GB) (Free:161.44 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:315.17 GB) (Free:292.27 GB) NTFS

========================= Users: ========================================

User accounts for \\RICK-PC

Administrator Guest Rick
UpdatusUser


**** End of log ****


ADW-CLEANER:

# AdwCleaner v2.004 - Logfile created 10/08/2012 at 01:39:15
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Rick - RICK-PC
# Boot Mode : Normal
# Running from : C:\Users\Rick\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Partner

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\uoqxxau0.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1676 octets] - [07/10/2012 20:59:46]
AdwCleaner[S2].txt - [1623 octets] - [08/10/2012 01:39:15]

########## EOF - C:\AdwCleaner[S2].txt - [1683 octets] ##########


NORMAN-MALEWARECLEANER:

Norman Malware Cleaner v2.05.06
Copyright © 1990 - 2012, Norman ASA.

Norman Scanner Engine Version: 6.08.06
nvcbin.def: Version: 6.08.00, Date: 2012/10/07 02:37:31, Variants: 18775522
nvcmacro.def: Version: 6.08.00, Date: 2011/12/19 02:20:35, Variants: 20465

Operating System: Windows 7 Service Pack 1 x64

Switches: /iagree /cleanrootkit /nosb

Scan started: 2012/10/07 23:53:03

Running pre-scan cleanup routine...
Potentially unwanted registry key: 'HKCR\.exe --> shell'
Remove registry key: HKCR\.exe (--> shell)
Cleaning successful

Number of malicious objects found: 1
Number of malicious objects cleaned: 1
Scanning time: 1s

Scanning running processes and process memory...

Number of objects found: 1275
Number of objects scanned: 1275
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 1m 4s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Running full scan...
C:\Boot\BCD: Error opening file for read: 0x00000020
C:\Boot\BCD.LOG: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\IMpServiceEDB4FA23-53B8-4AFA-8C5D-99752CCA7094.lock: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\CacheManager\MpScanCache-0.bin: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3A4D35A9CD46AA01478E47EBA448DE4B1A278A21.bin.67: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3A4D35A9CD46AA01478E47EBA448DE4B1A278A21.bin.7E: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3A4D35A9CD46AA01478E47EBA448DE4B1A278A21.bin.80: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3A4D35A9CD46AA01478E47EBA448DE4B1A278A21.bin.A0: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3A4D35A9CD46AA01478E47EBA448DE4B1A278A21.bin.VE1: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3A4D35A9CD46AA01478E47EBA448DE4B1A278A21.bin.VE2: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3A4D35A9CD46AA01478E47EBA448DE4B1A278A21.bin.VF: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG1: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG2: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{0B51962D-10F5-11E2-A085-74F06DC4E4B8}.dat: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{0B51962E-10F5-11E2-A085-74F06DC4E4B8}.dat: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{13724AE6-1108-11E2-A085-74F06DC4E4B8}.dat: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{43E38514-1114-11E2-A085-74F06DC4E4B8}.dat: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{716205DA-10FE-11E2-A085-74F06DC4E4B8}.dat: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{77ECAA5F-10F6-11E2-A085-74F06DC4E4B8}.dat: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Temp\fla146F.tmp: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Temp\fla7D90.tmp: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Temp\flaA6C0.tmp: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Temp\flaEBD0.tmp: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Temp\~DF0F61794309035B35.TMP: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Temp\~DFA649143CE1EF99B4.TMP: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Temp\~DFAC00BF118E99B7D3.TMP: Error opening file for read: 0x00000020
C:\Users\Rick\AppData\Local\Temp\~DFBD806998D6D5CC4A.TMP: Error opening file for read: 0x00000020
C:\Users\Rick\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Rick\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Users\Rick\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\UpdatusUser\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Users\UpdatusUser\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\UpdatusUser\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\edb.log: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTSteam Event Tracing.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl: Error opening file for read: 0x00000020
C:\Windows\SysWOW64\log.txt: Error opening file for read: 0x00000020

Number of files found: 169575
Number of archives unpacked: 8897
Number of objects found: 565532
Number of objects scanned: 565445
Number of objects not scanned: 87
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 1h 30m 49s

Running post-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Results:
Total number of files found: 169575
Total number of archives unpacked: 8897
Total number of objects found: 566807
Total number of objects scanned: 566720
Total number of objects not scanned: 87
Total number of malicious objects found: 1
Total number of malicious objects cleaned: 1
Total number of malicious files found: 0
Total number of malicious files cleaned: 0
Total number of objects quarantined: 1
Total scanning time: 1h 31m 54s

#4 s0ldier

s0ldier
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 08 October 2012 - 03:55 AM

still no change affter all the cleaning

~ricky

#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:17 AM

Posted 08 October 2012 - 07:03 AM

Uninstall Spybot it may interfear with the process of disenfecting your machine.


Run the services repair tool post a new Fss log.
http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe


Next.
Your hosts file needs to be fixed.


Open an elevated command prompt then copy and paste the following one at a time hitting enter after each.

cd C:\windows\system32\drivers\etc

takeown /a /f hosts

cacls hosts /p everyone:f

Reply Y Then copy and paste the text below hitting enter after.

attrib -s -h -r hosts

Close the command prompt window.


Go here and run the fix it for the hosts file,as admin.
http://support.microsoft.com/kb/972034

After the fix it runs then reboot,the hosts file should be restored to original

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/

Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe


Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

http://download.sysinternals.com/files/Autoruns.zip

#6 s0ldier

s0ldier
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 08 October 2012 - 12:41 PM

FSS:

Farbar Service Scanner Version: 07-10-2012
Ran by Rick (administrator) on 08-10-2012 at 09:32:39
Running from "C:\Users\Rick\Desktop\New folder (2)"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

TDSKILLER:

09:46:27.0563 5380 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
09:46:28.0109 5380 ============================================================
09:46:28.0109 5380 Current date / time: 2012/10/08 09:46:28.0109
09:46:28.0109 5380 SystemInfo:
09:46:28.0109 5380
09:46:28.0109 5380 OS Version: 6.1.7601 ServicePack: 1.0
09:46:28.0109 5380 Product type: Workstation
09:46:28.0109 5380 ComputerName: RICK-PC
09:46:28.0109 5380 UserName: Rick
09:46:28.0109 5380 Windows directory: C:\Windows
09:46:28.0109 5380 System windows directory: C:\Windows
09:46:28.0109 5380 Running under WOW64
09:46:28.0109 5380 Processor architecture: Intel x64
09:46:28.0109 5380 Number of processors: 8
09:46:28.0109 5380 Page size: 0x1000
09:46:28.0109 5380 Boot type: Normal boot
09:46:28.0109 5380 ============================================================
09:46:29.0419 5380 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:46:29.0419 5380 ============================================================
09:46:29.0419 5380 \Device\Harddisk0\DR0:
09:46:29.0419 5380 MBR partitions:
09:46:29.0419 5380 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x20000000
09:46:29.0419 5380 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23200800, BlocksNum 0x27657000
09:46:29.0419 5380 ============================================================
09:46:29.0451 5380 C: <-> \Device\Harddisk0\DR0\Partition1
09:46:29.0466 5380 D: <-> \Device\Harddisk0\DR0\Partition2
09:46:29.0466 5380 ============================================================
09:46:29.0466 5380 Initialize success
09:46:29.0466 5380 ============================================================
09:46:33.0288 5452 ============================================================
09:46:33.0288 5452 Scan started
09:46:33.0288 5452 Mode: Manual;
09:46:33.0288 5452 ============================================================
09:46:33.0865 5452 ================ Scan system memory ========================
09:46:33.0865 5452 System memory - ok
09:46:33.0865 5452 ================ Scan services =============================
09:46:34.0021 5452 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:46:34.0053 5452 1394ohci - ok
09:46:34.0084 5452 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:46:34.0115 5452 ACPI - ok
09:46:34.0146 5452 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:46:34.0177 5452 AcpiPmi - ok
09:46:34.0287 5452 [ AF9658974154C3B6A333D86DC2E0AAC8 ] Ad-Aware Service D:\Program Files (x86)\AdAwareService.exe
09:46:34.0302 5452 Ad-Aware Service - ok
09:46:34.0427 5452 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:46:34.0536 5452 AdobeFlashPlayerUpdateSvc - ok
09:46:34.0599 5452 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:46:34.0630 5452 adp94xx - ok
09:46:34.0661 5452 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:46:34.0692 5452 adpahci - ok
09:46:34.0723 5452 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:46:34.0739 5452 adpu320 - ok
09:46:34.0786 5452 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:46:34.0801 5452 AeLookupSvc - ok
09:46:34.0864 5452 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:46:34.0911 5452 AFD - ok
09:46:34.0957 5452 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:46:34.0989 5452 agp440 - ok
09:46:35.0020 5452 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:46:35.0067 5452 ALG - ok
09:46:35.0098 5452 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:46:35.0129 5452 aliide - ok
09:46:35.0129 5452 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:46:35.0145 5452 amdide - ok
09:46:35.0176 5452 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:46:35.0207 5452 AmdK8 - ok
09:46:35.0238 5452 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:46:35.0269 5452 AmdPPM - ok
09:46:35.0285 5452 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:46:35.0316 5452 amdsata - ok
09:46:35.0347 5452 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:46:35.0379 5452 amdsbs - ok
09:46:35.0394 5452 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:46:35.0425 5452 amdxata - ok
09:46:35.0503 5452 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:46:35.0519 5452 AppID - ok
09:46:35.0566 5452 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:46:35.0581 5452 AppIDSvc - ok
09:46:35.0613 5452 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:46:35.0628 5452 Appinfo - ok
09:46:35.0675 5452 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:46:35.0706 5452 arc - ok
09:46:35.0753 5452 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:46:35.0769 5452 arcsas - ok
09:46:35.0909 5452 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
09:46:35.0940 5452 ASLDRService - ok
09:46:35.0971 5452 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
09:46:36.0003 5452 ASMMAP64 - ok
09:46:36.0034 5452 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:46:36.0049 5452 AsyncMac - ok
09:46:36.0127 5452 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:46:36.0159 5452 atapi - ok
09:46:36.0268 5452 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:46:36.0876 5452 athr - ok
09:46:36.0892 5452 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
09:46:36.0923 5452 ATKGFNEXSrv - ok
09:46:36.0985 5452 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
09:46:37.0001 5452 ATKWMIACPIIO - ok
09:46:37.0063 5452 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:46:37.0110 5452 AudioEndpointBuilder - ok
09:46:37.0141 5452 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:46:37.0141 5452 AudioSrv - ok
09:46:37.0188 5452 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:46:37.0251 5452 AxInstSV - ok
09:46:37.0282 5452 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:46:37.0329 5452 b06bdrv - ok
09:46:37.0375 5452 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:46:37.0422 5452 b57nd60a - ok
09:46:37.0500 5452 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:46:37.0531 5452 BBSvc - ok
09:46:37.0563 5452 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:46:37.0594 5452 BDESVC - ok
09:46:37.0625 5452 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:46:37.0656 5452 Beep - ok
09:46:37.0734 5452 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:46:37.0781 5452 BFE - ok
09:46:37.0859 5452 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:46:37.0937 5452 BITS - ok
09:46:37.0968 5452 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:46:37.0999 5452 blbdrive - ok
09:46:38.0031 5452 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:46:38.0077 5452 bowser - ok
09:46:38.0124 5452 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:46:38.0140 5452 BrFiltLo - ok
09:46:38.0171 5452 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:46:38.0187 5452 BrFiltUp - ok
09:46:38.0233 5452 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
09:46:38.0280 5452 Browser - ok
09:46:38.0327 5452 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:46:38.0358 5452 Brserid - ok
09:46:38.0389 5452 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:46:38.0421 5452 BrSerWdm - ok
09:46:38.0436 5452 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:46:38.0467 5452 BrUsbMdm - ok
09:46:38.0499 5452 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:46:38.0499 5452 BrUsbSer - ok
09:46:38.0530 5452 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:46:38.0577 5452 BthEnum - ok
09:46:38.0592 5452 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:46:38.0623 5452 BTHMODEM - ok
09:46:38.0655 5452 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:46:38.0655 5452 BthPan - ok
09:46:38.0686 5452 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:46:38.0733 5452 BTHPORT - ok
09:46:38.0779 5452 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:46:38.0795 5452 bthserv - ok
09:46:38.0826 5452 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:46:38.0842 5452 BTHUSB - ok
09:46:38.0889 5452 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
09:46:38.0904 5452 btusbflt - ok
09:46:38.0935 5452 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:46:38.0967 5452 btwaudio - ok
09:46:38.0982 5452 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
09:46:39.0013 5452 btwavdt - ok
09:46:39.0107 5452 [ 4E63C48E7328A11ED0E9075C18FCE782 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:46:39.0169 5452 btwdins - ok
09:46:39.0216 5452 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:46:39.0232 5452 btwl2cap - ok
09:46:39.0279 5452 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:46:39.0310 5452 btwrchid - ok
09:46:39.0325 5452 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:46:39.0372 5452 cdfs - ok
09:46:39.0419 5452 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:46:39.0450 5452 cdrom - ok
09:46:39.0497 5452 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:46:39.0528 5452 CertPropSvc - ok
09:46:39.0559 5452 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:46:39.0591 5452 circlass - ok
09:46:39.0622 5452 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:46:39.0653 5452 CLFS - ok
09:46:39.0840 5452 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:46:39.0871 5452 clr_optimization_v2.0.50727_32 - ok
09:46:40.0043 5452 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:46:40.0074 5452 clr_optimization_v2.0.50727_64 - ok
09:46:40.0152 5452 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:46:40.0230 5452 clr_optimization_v4.0.30319_32 - ok
09:46:40.0261 5452 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:46:40.0277 5452 clr_optimization_v4.0.30319_64 - ok
09:46:40.0324 5452 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:46:40.0355 5452 CmBatt - ok
09:46:40.0386 5452 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:46:40.0402 5452 cmdide - ok
09:46:40.0449 5452 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:46:40.0480 5452 CNG - ok
09:46:40.0527 5452 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:46:40.0542 5452 Compbatt - ok
09:46:40.0573 5452 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:46:40.0589 5452 CompositeBus - ok
09:46:40.0605 5452 COMSysApp - ok
09:46:40.0620 5452 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:46:40.0636 5452 crcdisk - ok
09:46:40.0698 5452 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:46:40.0979 5452 Creative ALchemy AL6 Licensing Service - ok
09:46:41.0010 5452 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:46:41.0088 5452 Creative Audio Engine Licensing Service - ok
09:46:41.0119 5452 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:46:41.0151 5452 CryptSvc - ok
09:46:41.0197 5452 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
09:46:41.0353 5452 dc3d - ok
09:46:41.0431 5452 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:46:41.0431 5452 DcomLaunch - ok
09:46:41.0463 5452 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:46:41.0509 5452 defragsvc - ok
09:46:41.0556 5452 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:46:41.0587 5452 DfsC - ok
09:46:41.0634 5452 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:46:41.0681 5452 Dhcp - ok
09:46:41.0697 5452 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:46:41.0712 5452 discache - ok
09:46:41.0743 5452 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:46:41.0775 5452 Disk - ok
09:46:41.0821 5452 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:46:41.0868 5452 Dnscache - ok
09:46:41.0899 5452 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:46:41.0946 5452 dot3svc - ok
09:46:41.0977 5452 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:46:41.0993 5452 DPS - ok
09:46:42.0024 5452 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:46:42.0055 5452 drmkaud - ok
09:46:42.0102 5452 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:46:42.0118 5452 DXGKrnl - ok
09:46:42.0165 5452 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:46:42.0211 5452 EapHost - ok
09:46:42.0305 5452 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:46:42.0430 5452 ebdrv - ok
09:46:42.0477 5452 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:46:42.0492 5452 EFS - ok
09:46:42.0539 5452 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:46:42.0617 5452 ehRecvr - ok
09:46:42.0633 5452 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:46:42.0679 5452 ehSched - ok
09:46:42.0742 5452 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:46:42.0773 5452 elxstor - ok
09:46:42.0804 5452 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:46:42.0835 5452 ErrDev - ok
09:46:42.0898 5452 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:46:42.0913 5452 EventSystem - ok
09:46:42.0960 5452 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:46:42.0991 5452 exfat - ok
09:46:43.0023 5452 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:46:43.0023 5452 fastfat - ok
09:46:43.0069 5452 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:46:43.0101 5452 Fax - ok
09:46:43.0132 5452 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:46:43.0163 5452 fdc - ok
09:46:43.0210 5452 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:46:43.0241 5452 fdPHost - ok
09:46:43.0257 5452 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:46:43.0288 5452 FDResPub - ok
09:46:43.0319 5452 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:46:43.0335 5452 FileInfo - ok
09:46:43.0350 5452 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:46:43.0397 5452 Filetrace - ok
09:46:43.0428 5452 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:46:43.0444 5452 flpydisk - ok
09:46:43.0475 5452 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:46:43.0491 5452 FltMgr - ok
09:46:43.0537 5452 [ 72893DC6F72EABAEF5AA1013FD189050 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
09:46:43.0693 5452 FLxHCIc - ok
09:46:43.0709 5452 [ A2156628A86450D490A387B9B06FB17D ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
09:46:43.0865 5452 FLxHCIh - ok
09:46:43.0912 5452 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:46:43.0959 5452 FontCache - ok
09:46:44.0005 5452 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:46:44.0021 5452 FontCache3.0.0.0 - ok
09:46:44.0052 5452 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:46:44.0068 5452 FsDepends - ok
09:46:44.0115 5452 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:46:44.0146 5452 fssfltr - ok
09:46:44.0239 5452 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:46:44.0302 5452 fsssvc - ok
09:46:44.0349 5452 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:46:44.0380 5452 Fs_Rec - ok
09:46:44.0427 5452 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:46:44.0442 5452 fvevol - ok
09:46:44.0473 5452 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:46:44.0505 5452 gagp30kx - ok
09:46:44.0551 5452 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:46:44.0614 5452 gpsvc - ok
09:46:44.0707 5452 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:46:44.0739 5452 gupdate - ok
09:46:44.0754 5452 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:46:44.0754 5452 gupdatem - ok
09:46:44.0817 5452 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:46:44.0848 5452 gusvc - ok
09:46:44.0895 5452 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:46:44.0926 5452 hcw85cir - ok
09:46:44.0941 5452 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:46:44.0973 5452 HdAudAddService - ok
09:46:44.0988 5452 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:46:44.0988 5452 HDAudBus - ok
09:46:45.0004 5452 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:46:45.0051 5452 HidBatt - ok
09:46:45.0066 5452 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:46:45.0097 5452 HidBth - ok
09:46:45.0129 5452 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:46:45.0175 5452 HidIr - ok
09:46:45.0207 5452 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:46:45.0222 5452 hidserv - ok
09:46:45.0269 5452 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:46:45.0300 5452 HidUsb - ok
09:46:45.0331 5452 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:46:45.0378 5452 hkmsvc - ok
09:46:45.0394 5452 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:46:45.0425 5452 HomeGroupListener - ok
09:46:45.0456 5452 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:46:45.0472 5452 HomeGroupProvider - ok
09:46:45.0503 5452 Scan interrupted by user!
09:46:45.0503 5452 ================ Scan global ===============================
09:46:45.0503 5452 Scan interrupted by user!
09:46:45.0503 5452 ================ Scan MBR ==================================
09:46:45.0503 5452 Scan interrupted by user!
09:46:45.0503 5452 ================ Scan VBR ==================================
09:46:45.0503 5452 Scan interrupted by user!
09:46:45.0503 5452 ============================================================
09:46:45.0503 5452 Scan finished
09:46:45.0503 5452 ============================================================
09:46:45.0503 5372 Detected object count: 0
09:46:45.0503 5372 Actual detected object count: 0
09:47:09.0621 1020 ============================================================
09:47:09.0621 1020 Scan started
09:47:09.0621 1020 Mode: Manual; TDLFS;
09:47:09.0621 1020 ============================================================
09:47:09.0761 1020 ================ Scan system memory ========================
09:47:09.0761 1020 System memory - ok
09:47:09.0761 1020 ================ Scan services =============================
09:47:09.0886 1020 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:47:09.0886 1020 1394ohci - ok
09:47:09.0901 1020 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:47:09.0901 1020 ACPI - ok
09:47:09.0917 1020 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:47:09.0917 1020 AcpiPmi - ok
09:47:09.0995 1020 [ AF9658974154C3B6A333D86DC2E0AAC8 ] Ad-Aware Service D:\Program Files (x86)\AdAwareService.exe
09:47:10.0011 1020 Ad-Aware Service - ok
09:47:10.0120 1020 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:47:10.0120 1020 AdobeFlashPlayerUpdateSvc - ok
09:47:10.0167 1020 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:47:10.0167 1020 adp94xx - ok
09:47:10.0182 1020 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:47:10.0182 1020 adpahci - ok
09:47:10.0213 1020 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:47:10.0213 1020 adpu320 - ok
09:47:10.0229 1020 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:47:10.0229 1020 AeLookupSvc - ok
09:47:10.0276 1020 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:47:10.0276 1020 AFD - ok
09:47:10.0291 1020 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:47:10.0291 1020 agp440 - ok
09:47:10.0307 1020 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:47:10.0307 1020 ALG - ok
09:47:10.0323 1020 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:47:10.0323 1020 aliide - ok
09:47:10.0323 1020 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:47:10.0323 1020 amdide - ok
09:47:10.0338 1020 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:47:10.0338 1020 AmdK8 - ok
09:47:10.0354 1020 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:47:10.0354 1020 AmdPPM - ok
09:47:10.0354 1020 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:47:10.0354 1020 amdsata - ok
09:47:10.0369 1020 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:47:10.0369 1020 amdsbs - ok
09:47:10.0385 1020 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:47:10.0385 1020 amdxata - ok
09:47:10.0401 1020 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:47:10.0401 1020 AppID - ok
09:47:10.0416 1020 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:47:10.0416 1020 AppIDSvc - ok
09:47:10.0432 1020 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:47:10.0432 1020 Appinfo - ok
09:47:10.0447 1020 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:47:10.0447 1020 arc - ok
09:47:10.0463 1020 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:47:10.0463 1020 arcsas - ok
09:47:10.0525 1020 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
09:47:10.0525 1020 ASLDRService - ok
09:47:10.0541 1020 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
09:47:10.0541 1020 ASMMAP64 - ok
09:47:10.0541 1020 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:47:10.0541 1020 AsyncMac - ok
09:47:10.0572 1020 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:47:10.0572 1020 atapi - ok
09:47:10.0619 1020 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:47:10.0635 1020 athr - ok
09:47:10.0666 1020 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
09:47:10.0666 1020 ATKGFNEXSrv - ok
09:47:10.0697 1020 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
09:47:10.0697 1020 ATKWMIACPIIO - ok
09:47:10.0728 1020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:47:10.0728 1020 AudioEndpointBuilder - ok
09:47:10.0744 1020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:47:10.0744 1020 AudioSrv - ok
09:47:10.0759 1020 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:47:10.0759 1020 AxInstSV - ok
09:47:10.0791 1020 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:47:10.0791 1020 b06bdrv - ok
09:47:10.0822 1020 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:47:10.0822 1020 b57nd60a - ok
09:47:10.0869 1020 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:47:10.0884 1020 BBSvc - ok
09:47:10.0900 1020 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:47:10.0900 1020 BDESVC - ok
09:47:10.0915 1020 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:47:10.0915 1020 Beep - ok
09:47:10.0931 1020 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:47:10.0931 1020 BFE - ok
09:47:10.0962 1020 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:47:10.0978 1020 BITS - ok
09:47:10.0993 1020 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:47:10.0993 1020 blbdrive - ok
09:47:11.0009 1020 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:47:11.0009 1020 bowser - ok
09:47:11.0025 1020 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:47:11.0025 1020 BrFiltLo - ok
09:47:11.0025 1020 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:47:11.0025 1020 BrFiltUp - ok
09:47:11.0056 1020 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
09:47:11.0056 1020 Browser - ok
09:47:11.0071 1020 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:47:11.0071 1020 Brserid - ok
09:47:11.0071 1020 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:47:11.0087 1020 BrSerWdm - ok
09:47:11.0087 1020 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:47:11.0087 1020 BrUsbMdm - ok
09:47:11.0165 1020 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:47:11.0165 1020 BrUsbSer - ok
09:47:11.0196 1020 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:47:11.0196 1020 BthEnum - ok
09:47:11.0212 1020 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:47:11.0212 1020 BTHMODEM - ok
09:47:11.0212 1020 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:47:11.0227 1020 BthPan - ok
09:47:11.0243 1020 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:47:11.0243 1020 BTHPORT - ok
09:47:11.0259 1020 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:47:11.0274 1020 bthserv - ok
09:47:11.0274 1020 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:47:11.0274 1020 BTHUSB - ok
09:47:11.0305 1020 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
09:47:11.0305 1020 btusbflt - ok
09:47:11.0305 1020 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:47:11.0305 1020 btwaudio - ok
09:47:11.0321 1020 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
09:47:11.0321 1020 btwavdt - ok
09:47:11.0383 1020 [ 4E63C48E7328A11ED0E9075C18FCE782 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:47:11.0383 1020 btwdins - ok
09:47:11.0399 1020 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:47:11.0399 1020 btwl2cap - ok
09:47:11.0415 1020 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:47:11.0415 1020 btwrchid - ok
09:47:11.0415 1020 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:47:11.0415 1020 cdfs - ok
09:47:11.0446 1020 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:47:11.0446 1020 cdrom - ok
09:47:11.0461 1020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:47:11.0461 1020 CertPropSvc - ok
09:47:11.0477 1020 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:47:11.0477 1020 circlass - ok
09:47:11.0493 1020 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:47:11.0508 1020 CLFS - ok
09:47:11.0695 1020 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:47:11.0695 1020 clr_optimization_v2.0.50727_32 - ok
09:47:11.0867 1020 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:47:11.0867 1020 clr_optimization_v2.0.50727_64 - ok
09:47:11.0914 1020 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:47:11.0914 1020 clr_optimization_v4.0.30319_32 - ok
09:47:11.0945 1020 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:47:11.0945 1020 clr_optimization_v4.0.30319_64 - ok
09:47:11.0961 1020 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:47:11.0961 1020 CmBatt - ok
09:47:11.0976 1020 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:47:11.0976 1020 cmdide - ok
09:47:11.0992 1020 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:47:11.0992 1020 CNG - ok
09:47:12.0007 1020 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:47:12.0007 1020 Compbatt - ok
09:47:12.0007 1020 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:47:12.0007 1020 CompositeBus - ok
09:47:12.0007 1020 COMSysApp - ok
09:47:12.0023 1020 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:47:12.0023 1020 crcdisk - ok
09:47:12.0070 1020 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:47:12.0070 1020 Creative ALchemy AL6 Licensing Service - ok
09:47:12.0070 1020 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:47:12.0070 1020 Creative Audio Engine Licensing Service - ok
09:47:12.0101 1020 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:47:12.0101 1020 CryptSvc - ok
09:47:12.0117 1020 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
09:47:12.0132 1020 dc3d - ok
09:47:12.0163 1020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:47:12.0163 1020 DcomLaunch - ok
09:47:12.0195 1020 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:47:12.0195 1020 defragsvc - ok
09:47:12.0226 1020 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:47:12.0226 1020 DfsC - ok
09:47:12.0241 1020 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:47:12.0241 1020 Dhcp - ok
09:47:12.0241 1020 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:47:12.0257 1020 discache - ok
09:47:12.0257 1020 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:47:12.0257 1020 Disk - ok
09:47:12.0257 1020 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:47:12.0273 1020 Dnscache - ok
09:47:12.0273 1020 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:47:12.0273 1020 dot3svc - ok
09:47:12.0304 1020 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:47:12.0304 1020 DPS - ok
09:47:12.0319 1020 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:47:12.0319 1020 drmkaud - ok
09:47:12.0351 1020 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:47:12.0351 1020 DXGKrnl - ok
09:47:12.0366 1020 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:47:12.0366 1020 EapHost - ok
09:47:12.0413 1020 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:47:12.0429 1020 ebdrv - ok
09:47:12.0475 1020 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:47:12.0475 1020 EFS - ok
09:47:12.0522 1020 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:47:12.0522 1020 ehRecvr - ok
09:47:12.0538 1020 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:47:12.0538 1020 ehSched - ok
09:47:12.0569 1020 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:47:12.0569 1020 elxstor - ok
09:47:12.0585 1020 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:47:12.0585 1020 ErrDev - ok
09:47:12.0616 1020 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:47:12.0616 1020 EventSystem - ok
09:47:12.0647 1020 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:47:12.0647 1020 exfat - ok
09:47:12.0647 1020 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:47:12.0663 1020 fastfat - ok
09:47:12.0678 1020 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:47:12.0678 1020 Fax - ok
09:47:12.0694 1020 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:47:12.0694 1020 fdc - ok
09:47:12.0694 1020 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:47:12.0694 1020 fdPHost - ok
09:47:12.0709 1020 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:47:12.0709 1020 FDResPub - ok
09:47:12.0709 1020 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:47:12.0725 1020 FileInfo - ok
09:47:12.0741 1020 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:47:12.0741 1020 Filetrace - ok
09:47:12.0756 1020 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:47:12.0756 1020 flpydisk - ok
09:47:12.0772 1020 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:47:12.0772 1020 FltMgr - ok
09:47:12.0803 1020 [ 72893DC6F72EABAEF5AA1013FD189050 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
09:47:12.0803 1020 FLxHCIc - ok
09:47:12.0819 1020 [ A2156628A86450D490A387B9B06FB17D ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
09:47:12.0819 1020 FLxHCIh - ok
09:47:12.0865 1020 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:47:12.0865 1020 FontCache - ok
09:47:12.0912 1020 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:47:12.0912 1020 FontCache3.0.0.0 - ok
09:47:12.0943 1020 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:47:12.0943 1020 FsDepends - ok
09:47:12.0959 1020 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:47:12.0959 1020 fssfltr - ok
09:47:13.0053 1020 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:47:13.0053 1020 fsssvc - ok
09:47:13.0084 1020 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:47:13.0084 1020 Fs_Rec - ok
09:47:13.0084 1020 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:47:13.0084 1020 fvevol - ok
09:47:13.0115 1020 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:47:13.0115 1020 gagp30kx - ok
09:47:13.0162 1020 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:47:13.0162 1020 gpsvc - ok
09:47:13.0209 1020 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:47:13.0209 1020 gupdate - ok
09:47:13.0209 1020 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:47:13.0209 1020 gupdatem - ok
09:47:13.0255 1020 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:47:13.0255 1020 gusvc - ok
09:47:13.0271 1020 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:47:13.0271 1020 hcw85cir - ok
09:47:13.0287 1020 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:47:13.0287 1020 HdAudAddService - ok
09:47:13.0302 1020 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:47:13.0302 1020 HDAudBus - ok
09:47:13.0318 1020 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:47:13.0318 1020 HidBatt - ok
09:47:13.0333 1020 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:47:13.0333 1020 HidBth - ok
09:47:13.0349 1020 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:47:13.0349 1020 HidIr - ok
09:47:13.0380 1020 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:47:13.0380 1020 hidserv - ok
09:47:13.0396 1020 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:47:13.0396 1020 HidUsb - ok
09:47:13.0411 1020 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:47:13.0427 1020 hkmsvc - ok
09:47:13.0443 1020 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:47:13.0443 1020 HomeGroupListener - ok
09:47:13.0474 1020 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:47:13.0474 1020 HomeGroupProvider - ok
09:47:13.0505 1020 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:47:13.0521 1020 HpSAMD - ok
09:47:13.0552 1020 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:47:13.0630 1020 HTTP - ok
09:47:13.0661 1020 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:47:13.0677 1020 hwpolicy - ok
09:47:13.0708 1020 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:47:13.0755 1020 i8042prt - ok
09:47:13.0786 1020 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:47:13.0801 1020 iaStor - ok
09:47:13.0833 1020 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:47:13.0864 1020 iaStorV - ok
09:47:13.0926 1020 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:47:13.0957 1020 idsvc - ok
09:47:14.0004 1020 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:47:14.0035 1020 iirsp - ok
09:47:14.0113 1020 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:47:14.0145 1020 IKEEXT - ok
09:47:14.0238 1020 [ BD9D02F706FCAF28D89F5435F18A4A04 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:47:14.0316 1020 IntcAzAudAddService - ok
09:47:14.0347 1020 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:47:14.0379 1020 intelide - ok
09:47:14.0410 1020 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:47:14.0410 1020 intelppm - ok
09:47:14.0441 1020 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:47:14.0488 1020 IPBusEnum - ok
09:47:14.0519 1020 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:47:14.0550 1020 IpFilterDriver - ok
09:47:14.0613 1020 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:47:14.0644 1020 iphlpsvc - ok
09:47:14.0675 1020 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:47:14.0706 1020 IPMIDRV - ok
09:47:14.0769 1020 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:47:14.0815 1020 IPNAT - ok
09:47:14.0847 1020 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:47:14.0878 1020 IRENUM - ok
09:47:14.0893 1020 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:47:14.0909 1020 isapnp - ok
09:47:14.0940 1020 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:47:14.0971 1020 iScsiPrt - ok
09:47:15.0003 1020 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:47:15.0018 1020 kbdclass - ok
09:47:15.0049 1020 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:47:15.0081 1020 kbdhid - ok
09:47:15.0127 1020 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
09:47:15.0143 1020 kbfiltr - ok
09:47:15.0174 1020 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:47:15.0174 1020 KeyIso - ok
09:47:15.0205 1020 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:47:15.0205 1020 KSecDD - ok
09:47:15.0221 1020 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:47:15.0252 1020 KSecPkg - ok
09:47:15.0283 1020 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:47:15.0315 1020 ksthunk - ok
09:47:15.0377 1020 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:47:15.0424 1020 KtmRm - ok
09:47:15.0455 1020 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
09:47:15.0486 1020 L1C - ok
09:47:15.0533 1020 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:47:15.0595 1020 LanmanServer - ok
09:47:15.0627 1020 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:47:15.0689 1020 LanmanWorkstation - ok
09:47:15.0736 1020 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:47:15.0751 1020 lltdio - ok
09:47:15.0814 1020 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:47:15.0861 1020 lltdsvc - ok
09:47:15.0892 1020 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:47:15.0923 1020 lmhosts - ok
09:47:15.0970 1020 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:47:15.0985 1020 LMS - ok
09:47:16.0032 1020 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:47:16.0048 1020 LSI_FC - ok
09:47:16.0063 1020 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:47:16.0095 1020 LSI_SAS - ok
09:47:16.0126 1020 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:47:16.0141 1020 LSI_SAS2 - ok
09:47:16.0173 1020 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:47:16.0204 1020 LSI_SCSI - ok
09:47:16.0219 1020 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:47:16.0251 1020 luafv - ok
09:47:16.0282 1020 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:47:16.0531 1020 MBAMProtector - ok
09:47:16.0594 1020 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:47:16.0625 1020 MBAMScheduler - ok
09:47:16.0672 1020 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:47:16.0672 1020 MBAMService - ok
09:47:16.0719 1020 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
09:47:16.0750 1020 MBfilt - ok
09:47:16.0781 1020 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:47:16.0812 1020 Mcx2Svc - ok
09:47:16.0828 1020 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:47:16.0859 1020 megasas - ok
09:47:16.0890 1020 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:47:16.0906 1020 MegaSR - ok
09:47:16.0953 1020 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:47:16.0968 1020 MEIx64 - ok
09:47:17.0015 1020 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:47:17.0031 1020 MMCSS - ok
09:47:17.0046 1020 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:47:17.0093 1020 Modem - ok
09:47:17.0109 1020 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:47:17.0109 1020 monitor - ok
09:47:17.0155 1020 [ D69F1E9A944A5F46A494AF901ED41118 ] motandroidusb C:\Windows\system32\Drivers\motoandroid.sys
09:47:17.0155 1020 motandroidusb - ok
09:47:17.0187 1020 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:47:17.0187 1020 mouclass - ok
09:47:17.0218 1020 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:47:17.0249 1020 mouhid - ok
09:47:17.0280 1020 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:47:17.0311 1020 mountmgr - ok
09:47:17.0358 1020 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:47:17.0389 1020 MozillaMaintenance - ok
09:47:17.0436 1020 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:47:17.0483 1020 MpFilter - ok
09:47:17.0514 1020 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:47:17.0545 1020 mpio - ok
09:47:17.0561 1020 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:47:17.0592 1020 mpsdrv - ok
09:47:17.0655 1020 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:47:17.0717 1020 MpsSvc - ok
09:47:17.0748 1020 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:47:17.0779 1020 MRxDAV - ok
09:47:17.0811 1020 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:47:17.0826 1020 mrxsmb - ok
09:47:17.0873 1020 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:47:17.0904 1020 mrxsmb10 - ok
09:47:17.0935 1020 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:47:17.0967 1020 mrxsmb20 - ok
09:47:17.0998 1020 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:47:18.0013 1020 msahci - ok
09:47:18.0045 1020 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:47:18.0076 1020 msdsm - ok
09:47:18.0107 1020 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:47:18.0138 1020 MSDTC - ok
09:47:18.0169 1020 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:47:18.0201 1020 Msfs - ok
09:47:18.0247 1020 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:47:18.0279 1020 mshidkmdf - ok
09:47:18.0279 1020 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:47:18.0294 1020 msisadrv - ok
09:47:18.0325 1020 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:47:18.0357 1020 MSiSCSI - ok
09:47:18.0372 1020 msiserver - ok
09:47:18.0388 1020 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:47:18.0419 1020 MSKSSRV - ok
09:47:18.0497 1020 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:47:18.0497 1020 MsMpSvc - ok
09:47:18.0528 1020 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:47:18.0544 1020 MSPCLOCK - ok
09:47:18.0575 1020 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:47:18.0606 1020 MSPQM - ok
09:47:18.0622 1020 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:47:18.0653 1020 MsRPC - ok
09:47:18.0684 1020 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:47:18.0684 1020 mssmbios - ok
09:47:18.0684 1020 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:47:18.0715 1020 MSTEE - ok
09:47:18.0747 1020 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:47:18.0762 1020 MTConfig - ok
09:47:18.0793 1020 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:47:18.0809 1020 Mup - ok
09:47:18.0856 1020 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:47:18.0856 1020 napagent - ok
09:47:18.0887 1020 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:47:18.0934 1020 NativeWifiP - ok
09:47:18.0996 1020 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:47:18.0996 1020 NDIS - ok
09:47:19.0027 1020 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:47:19.0059 1020 NdisCap - ok
09:47:19.0090 1020 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:47:19.0121 1020 NdisTapi - ok
09:47:19.0137 1020 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:47:19.0152 1020 Ndisuio - ok
09:47:19.0168 1020 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:47:19.0199 1020 NdisWan - ok
09:47:19.0230 1020 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:47:19.0246 1020 NDProxy - ok
09:47:19.0261 1020 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:47:19.0277 1020 NetBIOS - ok
09:47:19.0293 1020 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:47:19.0339 1020 NetBT - ok
09:47:19.0371 1020 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:47:19.0371 1020 Netlogon - ok
09:47:19.0417 1020 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:47:19.0449 1020 Netman - ok
09:47:19.0480 1020 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:47:19.0511 1020 netprofm - ok
09:47:19.0542 1020 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:47:19.0558 1020 NetTcpPortSharing - ok
09:47:19.0605 1020 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:47:19.0605 1020 nfrd960 - ok
09:47:19.0636 1020 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:47:19.0667 1020 NisDrv - ok
09:47:19.0714 1020 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
09:47:19.0745 1020 NisSrv - ok
09:47:19.0792 1020 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:47:19.0807 1020 NlaSvc - ok
09:47:19.0839 1020 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:47:19.0870 1020 Npfs - ok
09:47:19.0901 1020 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:47:19.0948 1020 nsi - ok
09:47:19.0963 1020 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:47:19.0995 1020 nsiproxy - ok
09:47:20.0041 1020 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:47:20.0104 1020 Ntfs - ok
09:47:20.0135 1020 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:47:20.0151 1020 Null - ok
09:47:20.0229 1020 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:47:20.0229 1020 NVHDA - ok
09:47:20.0463 1020 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:47:20.0743 1020 nvlddmkm - ok
09:47:20.0775 1020 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:47:20.0806 1020 nvraid - ok
09:47:20.0837 1020 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:47:20.0868 1020 nvstor - ok
09:47:20.0931 1020 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] NVSvc C:\Windows\system32\nvvsvc.exe
09:47:20.0946 1020 NVSvc - ok
09:47:21.0024 1020 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:47:21.0071 1020 nvUpdatusService - ok
09:47:21.0087 1020 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:47:21.0102 1020 nv_agp - ok
09:47:21.0118 1020 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:47:21.0180 1020 ohci1394 - ok
09:47:21.0211 1020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:47:21.0243 1020 p2pimsvc - ok
09:47:21.0274 1020 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:47:21.0289 1020 p2psvc - ok
09:47:21.0321 1020 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:47:21.0352 1020 Parport - ok
09:47:21.0383 1020 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:47:21.0414 1020 partmgr - ok
09:47:21.0414 1020 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:47:21.0430 1020 PcaSvc - ok
09:47:21.0461 1020 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:47:21.0477 1020 pci - ok
09:47:21.0508 1020 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:47:21.0523 1020 pciide - ok
09:47:21.0555 1020 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:47:21.0586 1020 pcmcia - ok
09:47:21.0586 1020 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:47:21.0586 1020 pcw - ok
09:47:21.0617 1020 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:47:21.0633 1020 PEAUTH - ok
09:47:21.0726 1020 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:47:21.0757 1020 PerfHost - ok
09:47:21.0820 1020 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:47:21.0898 1020 pla - ok
09:47:21.0929 1020 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:47:21.0960 1020 PlugPlay - ok
09:47:21.0976 1020 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:47:22.0007 1020 PNRPAutoReg - ok
09:47:22.0038 1020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:47:22.0038 1020 PNRPsvc - ok
09:47:22.0069 1020 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
09:47:22.0101 1020 Point64 - ok
09:47:22.0147 1020 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:47:22.0147 1020 PolicyAgent - ok
09:47:22.0194 1020 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:47:22.0241 1020 Power - ok
09:47:22.0288 1020 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:47:22.0303 1020 PptpMiniport - ok
09:47:22.0319 1020 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:47:22.0335 1020 Processor - ok
09:47:22.0381 1020 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:47:22.0444 1020 ProfSvc - ok
09:47:22.0459 1020 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:47:22.0459 1020 ProtectedStorage - ok
09:47:22.0491 1020 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:47:22.0537 1020 Psched - ok
09:47:22.0569 1020 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:47:22.0600 1020 PxHlpa64 - ok
09:47:22.0662 1020 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:47:22.0725 1020 ql2300 - ok
09:47:22.0771 1020 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:47:22.0803 1020 ql40xx - ok
09:47:22.0834 1020 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:47:22.0881 1020 QWAVE - ok
09:47:22.0896 1020 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:47:22.0912 1020 QWAVEdrv - ok
09:47:22.0927 1020 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:47:22.0959 1020 RasAcd - ok
09:47:23.0021 1020 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:47:23.0037 1020 RasAgileVpn - ok
09:47:23.0068 1020 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:47:23.0115 1020 RasAuto - ok
09:47:23.0130 1020 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:47:23.0161 1020 Rasl2tp - ok
09:47:23.0193 1020 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:47:23.0239 1020 RasMan - ok
09:47:23.0271 1020 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:47:23.0271 1020 RasPppoe - ok
09:47:23.0286 1020 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:47:23.0317 1020 RasSstp - ok
09:47:23.0349 1020 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:47:23.0395 1020 rdbss - ok
09:47:23.0427 1020 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:47:23.0427 1020 rdpbus - ok
09:47:23.0442 1020 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:47:23.0458 1020 RDPCDD - ok
09:47:23.0473 1020 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:47:23.0473 1020 RDPENCDD - ok
09:47:23.0489 1020 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:47:23.0520 1020 RDPREFMP - ok
09:47:23.0567 1020 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:47:23.0598 1020 RDPWD - ok
09:47:23.0629 1020 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:47:23.0661 1020 rdyboost - ok
09:47:23.0707 1020 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:47:23.0754 1020 RemoteAccess - ok
09:47:23.0785 1020 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:47:23.0801 1020 RemoteRegistry - ok
09:47:23.0832 1020 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:47:23.0863 1020 RFCOMM - ok
09:47:23.0910 1020 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:47:23.0957 1020 RpcEptMapper - ok
09:47:23.0988 1020 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:47:24.0019 1020 RpcLocator - ok
09:47:24.0051 1020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:47:24.0051 1020 RpcSs - ok
09:47:24.0082 1020 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:47:24.0113 1020 rspndr - ok
09:47:24.0175 1020 [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys
09:47:24.0191 1020 RSUSBVSTOR - ok
09:47:24.0222 1020 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:47:24.0253 1020 RTL8167 - ok
09:47:24.0269 1020 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:47:24.0269 1020 SamSs - ok
09:47:24.0378 1020 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc D:\Program Files (x86)\SBAMSvc.exe
09:47:24.0394 1020 SBAMSvc - ok
09:47:24.0472 1020 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
09:47:24.0487 1020 sbapifs - ok
09:47:24.0503 1020 [ B671EEF468D13016B9286F5835A06AE1 ] sbhips C:\Windows\system32\drivers\sbhips.sys
09:47:24.0534 1020 sbhips - ok
09:47:24.0565 1020 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:47:24.0581 1020 sbp2port - ok
09:47:24.0643 1020 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
09:47:24.0643 1020 SBRE - ok
09:47:24.0675 1020 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:47:24.0721 1020 SCardSvr - ok
09:47:24.0737 1020 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:47:24.0753 1020 scfilter - ok
09:47:24.0799 1020 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:47:24.0862 1020 Schedule - ok
09:47:24.0877 1020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:47:24.0877 1020 SCPolicySvc - ok
09:47:24.0893 1020 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:47:24.0940 1020 SDRSVC - ok
09:47:25.0002 1020 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:47:25.0002 1020 SeaPort - ok
09:47:25.0033 1020 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:47:25.0065 1020 secdrv - ok
09:47:25.0096 1020 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:47:25.0127 1020 seclogon - ok
09:47:25.0158 1020 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:47:25.0158 1020 SENS - ok
09:47:25.0174 1020 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:47:25.0205 1020 SensrSvc - ok
09:47:25.0236 1020 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:47:25.0267 1020 Serenum - ok
09:47:25.0299 1020 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:47:25.0345 1020 Serial - ok
09:47:25.0392 1020 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:47:25.0423 1020 sermouse - ok
09:47:25.0455 1020 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:47:25.0501 1020 SessionEnv - ok
09:47:25.0517 1020 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:47:25.0548 1020 sffdisk - ok
09:47:25.0564 1020 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:47:25.0595 1020 sffp_mmc - ok
09:47:25.0626 1020 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:47:25.0657 1020 sffp_sd - ok
09:47:25.0689 1020 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:47:25.0704 1020 sfloppy - ok
09:47:25.0767 1020 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:47:25.0813 1020 SharedAccess - ok
09:47:25.0860 1020 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:47:25.0907 1020 ShellHWDetection - ok
09:47:25.0938 1020 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
09:47:25.0969 1020 SiSGbeLH - ok
09:47:26.0016 1020 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:47:26.0016 1020 SiSRaid2 - ok
09:47:26.0032 1020 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:47:26.0047 1020 SiSRaid4 - ok
09:47:26.0125 1020 [ 579BA0A911FF5EA70CB604CD3B744B0A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:47:26.0125 1020 SkypeUpdate - ok
09:47:26.0157 1020 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:47:26.0188 1020 Smb - ok
09:47:26.0235 1020 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:47:26.0250 1020 SNMPTRAP - ok
09:47:26.0266 1020 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:47:26.0281 1020 spldr - ok
09:47:26.0313 1020 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
09:47:26.0375 1020 Spooler - ok
09:47:26.0453 1020 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:47:26.0469 1020 sppsvc - ok
09:47:26.0484 1020 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:47:26.0515 1020 sppuinotify - ok
09:47:26.0562 1020 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:47:26.0609 1020 srv - ok
09:47:26.0640 1020 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:47:26.0687 1020 srv2 - ok
09:47:26.0687 1020 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:47:26.0734 1020 srvnet - ok
09:47:26.0796 1020 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:47:26.0796 1020 SSDPSRV - ok
09:47:26.0812 1020 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:47:26.0843 1020 SstpSvc - ok
09:47:26.0874 1020 Steam Client Service - ok
09:47:26.0921 1020 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:47:26.0937 1020 Stereo Service - ok
09:47:26.0952 1020 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:47:26.0968 1020 stexstor - ok
09:47:27.0015 1020 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:47:27.0061 1020 stisvc - ok
09:47:27.0077 1020 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:47:27.0108 1020 swenum - ok
09:47:27.0139 1020 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:47:27.0202 1020 swprv - ok
09:47:27.0264 1020 [ BC642D540AEDF9A253C74D10C848EBD2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:47:27.0295 1020 SynTP - ok
09:47:27.0358 1020 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:47:27.0405 1020 SysMain - ok
09:47:27.0436 1020 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:47:27.0467 1020 TabletInputService - ok
09:47:27.0498 1020 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:47:27.0545 1020 TapiSrv - ok
09:47:27.0561 1020 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:47:27.0576 1020 TBS - ok
09:47:27.0639 1020 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:47:27.0701 1020 Tcpip - ok
09:47:27.0763 1020 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:47:27.0779 1020 TCPIP6 - ok
09:47:27.0795 1020 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:47:27.0826 1020 tcpipreg - ok
09:47:27.0857 1020 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:47:27.0873 1020 TDPIPE - ok
09:47:27.0904 1020 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:47:27.0935 1020 TDTCP - ok
09:47:27.0982 1020 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:47:28.0029 1020 tdx - ok
09:47:28.0060 1020 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:47:28.0075 1020 TermDD - ok
09:47:28.0122 1020 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:47:28.0200 1020 TermService - ok
09:47:28.0231 1020 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:47:28.0278 1020 Themes - ok
09:47:28.0309 1020 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:47:28.0309 1020 THREADORDER - ok
09:47:28.0341 1020 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
09:47:28.0372 1020 tmtdi - ok
09:47:28.0403 1020 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:47:28.0403 1020 TrkWks - ok
09:47:28.0450 1020 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:47:28.0481 1020 TrustedInstaller - ok
09:47:28.0497 1020 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:47:28.0528 1020 tssecsrv - ok
09:47:28.0559 1020 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:47:28.0606 1020 TsUsbFlt - ok
09:47:28.0637 1020 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:47:28.0653 1020 TsUsbGD - ok
09:47:28.0699 1020 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:47:28.0715 1020 tunnel - ok
09:47:28.0746 1020 [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
09:47:28.0980 1020 TurboB - ok
09:47:29.0027 1020 [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:47:29.0277 1020 TurboBoost - ok
09:47:29.0308 1020 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:47:29.0323 1020 uagp35 - ok
09:47:29.0355 1020 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:47:29.0401 1020 udfs - ok
09:47:29.0433 1020 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:47:29.0464 1020 UI0Detect - ok
09:47:29.0495 1020 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:47:29.0526 1020 uliagpkx - ok
09:47:29.0557 1020 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:47:29.0589 1020 umbus - ok
09:47:29.0620 1020 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:47:29.0635 1020 UmPass - ok
09:47:29.0713 1020 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:47:29.0729 1020 UNS - ok
09:47:29.0760 1020 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:47:29.0791 1020 upnphost - ok
09:47:29.0823 1020 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:47:29.0854 1020 usbccgp - ok
09:47:29.0885 1020 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:47:29.0932 1020 usbcir - ok
09:47:29.0963 1020 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:47:29.0979 1020 usbehci - ok
09:47:30.0025 1020 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:47:30.0072 1020 usbhub - ok
09:47:30.0103 1020 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:47:30.0135 1020 usbohci - ok
09:47:30.0150 1020 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:47:30.0181 1020 usbprint - ok
09:47:30.0213 1020 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:47:30.0244 1020 USBSTOR - ok
09:47:30.0275 1020 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:47:30.0306 1020 usbuhci - ok
09:47:30.0337 1020 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:47:30.0369 1020 usbvideo - ok
09:47:30.0415 1020 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:47:30.0447 1020 UxSms - ok
09:47:30.0478 1020 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:47:30.0478 1020 VaultSvc - ok
09:47:30.0509 1020 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:47:30.0525 1020 vdrvroot - ok
09:47:30.0571 1020 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:47:30.0618 1020 vds - ok
09:47:30.0649 1020 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:47:30.0681 1020 vga - ok
09:47:30.0696 1020 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:47:30.0727 1020 VgaSave - ok
09:47:30.0774 1020 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:47:30.0805 1020 vhdmp - ok
09:47:30.0837 1020 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:47:30.0852 1020 viaide - ok
09:47:30.0899 1020 [ 0ADF410187B71C9B855721C8D59CEC7A ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
09:47:31.0008 1020 VideAceWindowsService - ok
09:47:31.0039 1020 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:47:31.0039 1020 volmgr - ok
09:47:31.0055 1020 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:47:31.0086 1020 volmgrx - ok
09:47:31.0117 1020 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:47:31.0133 1020 volsnap - ok
09:47:31.0164 1020 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:47:31.0180 1020 vsmraid - ok
09:47:31.0242 1020 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:47:31.0336 1020 VSS - ok
09:47:31.0351 1020 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:47:31.0398 1020 vwifibus - ok
09:47:31.0414 1020 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:47:31.0445 1020 vwififlt - ok
09:47:31.0507 1020 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:47:31.0539 1020 W32Time - ok
09:47:31.0570 1020 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:47:31.0601 1020 WacomPen - ok
09:47:31.0632 1020 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:47:31.0663 1020 WANARP - ok
09:47:31.0695 1020 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:47:31.0695 1020 Wanarpv6 - ok
09:47:31.0741 1020 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:47:31.0773 1020 WatAdminSvc - ok
09:47:31.0819 1020 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:47:31.0960 1020 wbengine - ok
09:47:31.0975 1020 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:47:32.0022 1020 WbioSrvc - ok
09:47:32.0053 1020 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:47:32.0100 1020 wcncsvc - ok
09:47:32.0131 1020 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:47:32.0178 1020 WcsPlugInService - ok
09:47:32.0209 1020 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:47:32.0241 1020 Wd - ok
09:47:32.0272 1020 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:47:32.0319 1020 Wdf01000 - ok
09:47:32.0334 1020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:47:32.0350 1020 WdiServiceHost - ok
09:47:32.0350 1020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:47:32.0365 1020 WdiSystemHost - ok
09:47:32.0397 1020 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:47:32.0428 1020 WebClient - ok
09:47:32.0459 1020 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:47:32.0490 1020 Wecsvc - ok
09:47:32.0506 1020 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:47:32.0553 1020 wercplsupport - ok
09:47:32.0568 1020 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:47:32.0599 1020 WerSvc - ok
09:47:32.0615 1020 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:47:32.0646 1020 WfpLwf - ok
09:47:32.0677 1020 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:47:32.0709 1020 WimFltr - ok
09:47:32.0740 1020 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:47:32.0755 1020 WIMMount - ok
09:47:32.0818 1020 WinDefend - ok
09:47:32.0818 1020 WinHttpAutoProxySvc - ok
09:47:32.0865 1020 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:47:32.0880 1020 Winmgmt - ok
09:47:32.0958 1020 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:47:33.0052 1020 WinRM - ok
09:47:33.0114 1020 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:47:33.0177 1020 Wlansvc - ok
09:47:33.0239 1020 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:47:33.0255 1020 wlcrasvc - ok
09:47:33.0364 1020 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:47:33.0395 1020 wlidsvc - ok
09:47:33.0426 1020 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:47:33.0426 1020 WmiAcpi - ok
09:47:33.0457 1020 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:47:33.0504 1020 wmiApSrv - ok
09:47:33.0535 1020 WMPNetworkSvc - ok
09:47:33.0567 1020 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:47:33.0598 1020 WPCSvc - ok
09:47:33.0629 1020 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:47:33.0645 1020 WPDBusEnum - ok
09:47:33.0676 1020 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:47:33.0707 1020 ws2ifsl - ok
09:47:33.0738 1020 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:47:33.0738 1020 wscsvc - ok
09:47:33.0738 1020 WSearch - ok
09:47:33.0816 1020 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:47:33.0832 1020 wuauserv - ok
09:47:33.0847 1020 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:47:33.0879 1020 WudfPf - ok
09:47:33.0925 1020 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:47:33.0957 1020 WUDFRd - ok
09:47:34.0003 1020 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:47:34.0050 1020 wudfsvc - ok
09:47:34.0066 1020 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:47:34.0097 1020 WwanSvc - ok
09:47:34.0113 1020 ================ Scan global ===============================
09:47:34.0144 1020 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:47:34.0206 1020 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:47:34.0253 1020 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:47:34.0300 1020 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:47:34.0362 1020 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:47:34.0362 1020 [Global] - ok
09:47:34.0362 1020 ================ Scan MBR ==================================
09:47:34.0378 1020 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:47:34.0799 1020 \Device\Harddisk0\DR0 - ok
09:47:34.0799 1020 ================ Scan VBR ==================================
09:47:34.0799 1020 [ ADC25404339A342D419F76D4312D603B ] \Device\Harddisk0\DR0\Partition1
09:47:34.0799 1020 \Device\Harddisk0\DR0\Partition1 - ok
09:47:34.0830 1020 [ 781D94F56C586240DCBBBFA8FC80C89C ] \Device\Harddisk0\DR0\Partition2
09:47:34.0830 1020 \Device\Harddisk0\DR0\Partition2 - ok
09:47:34.0830 1020 ============================================================
09:47:34.0830 1020 Scan finished
09:47:34.0830 1020 ============================================================
09:47:34.0830 2448 Detected object count: 0
09:47:34.0830 2448 Actual detected object count: 0
09:48:27.0636 5416 ============================================================
09:48:27.0636 5416 Scan started
09:48:27.0636 5416 Mode: Manual; TDLFS;
09:48:27.0636 5416 ============================================================
09:48:27.0870 5416 ================ Scan system memory ========================
09:48:27.0870 5416 System memory - ok
09:48:27.0870 5416 ================ Scan services =============================
09:48:27.0980 5416 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:48:27.0980 5416 1394ohci - ok
09:48:27.0995 5416 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:48:27.0995 5416 ACPI - ok
09:48:28.0011 5416 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:48:28.0011 5416 AcpiPmi - ok
09:48:28.0089 5416 [ AF9658974154C3B6A333D86DC2E0AAC8 ] Ad-Aware Service D:\Program Files (x86)\AdAwareService.exe
09:48:28.0104 5416 Ad-Aware Service - ok
09:48:28.0214 5416 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:48:28.0214 5416 AdobeFlashPlayerUpdateSvc - ok
09:48:28.0260 5416 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:48:28.0260 5416 adp94xx - ok
09:48:28.0292 5416 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:48:28.0292 5416 adpahci - ok
09:48:28.0307 5416 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:48:28.0307 5416 adpu320 - ok
09:48:28.0323 5416 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:48:28.0323 5416 AeLookupSvc - ok
09:48:28.0370 5416 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:48:28.0370 5416 AFD - ok
09:48:28.0385 5416 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:48:28.0385 5416 agp440 - ok
09:48:28.0401 5416 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:48:28.0401 5416 ALG - ok
09:48:28.0432 5416 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:48:28.0432 5416 aliide - ok
09:48:28.0432 5416 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:48:28.0432 5416 amdide - ok
09:48:28.0463 5416 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:48:28.0463 5416 AmdK8 - ok
09:48:28.0479 5416 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:48:28.0479 5416 AmdPPM - ok
09:48:28.0494 5416 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:48:28.0494 5416 amdsata - ok
09:48:28.0510 5416 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:48:28.0510 5416 amdsbs - ok
09:48:28.0526 5416 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:48:28.0526 5416 amdxata - ok
09:48:28.0557 5416 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:48:28.0557 5416 AppID - ok
09:48:28.0572 5416 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:48:28.0572 5416 AppIDSvc - ok
09:48:28.0588 5416 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:48:28.0588 5416 Appinfo - ok
09:48:28.0588 5416 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:48:28.0588 5416 arc - ok
09:48:28.0619 5416 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:48:28.0619 5416 arcsas - ok
09:48:28.0697 5416 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
09:48:28.0697 5416 ASLDRService - ok
09:48:28.0697 5416 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
09:48:28.0697 5416 ASMMAP64 - ok
09:48:28.0713 5416 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:48:28.0713 5416 AsyncMac - ok
09:48:28.0728 5416 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:48:28.0728 5416 atapi - ok
09:48:28.0791 5416 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:48:28.0806 5416 athr - ok
09:48:28.0838 5416 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
09:48:28.0838 5416 ATKGFNEXSrv - ok
09:48:28.0853 5416 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
09:48:28.0869 5416 ATKWMIACPIIO - ok
09:48:28.0884 5416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:48:28.0900 5416 AudioEndpointBuilder - ok
09:48:28.0916 5416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:48:28.0916 5416 AudioSrv - ok
09:48:28.0931 5416 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:48:28.0931 5416 AxInstSV - ok
09:48:28.0947 5416 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:48:28.0962 5416 b06bdrv - ok
09:48:28.0994 5416 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:48:28.0994 5416 b57nd60a - ok
09:48:29.0040 5416 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
09:48:29.0040 5416 BBSvc - ok
09:48:29.0087 5416 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:48:29.0087 5416 BDESVC - ok
09:48:29.0087 5416 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:48:29.0087 5416 Beep - ok
09:48:29.0118 5416 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:48:29.0118 5416 BFE - ok
09:48:29.0150 5416 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:48:29.0165 5416 BITS - ok
09:48:29.0196 5416 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:48:29.0196 5416 blbdrive - ok
09:48:29.0196 5416 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:48:29.0196 5416 bowser - ok
09:48:29.0228 5416 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:48:29.0228 5416 BrFiltLo - ok
09:48:29.0243 5416 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:48:29.0243 5416 BrFiltUp - ok
09:48:29.0290 5416 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
09:48:29.0290 5416 Browser - ok
09:48:29.0306 5416 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:48:29.0321 5416 Brserid - ok
09:48:29.0337 5416 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:48:29.0337 5416 BrSerWdm - ok
09:48:29.0368 5416 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:48:29.0368 5416 BrUsbMdm - ok
09:48:29.0384 5416 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:48:29.0384 5416 BrUsbSer - ok
09:48:29.0415 5416 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:48:29.0415 5416 BthEnum - ok
09:48:29.0462 5416 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:48:29.0462 5416 BTHMODEM - ok
09:48:29.0477 5416 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:48:29.0477 5416 BthPan - ok
09:48:29.0586 5416 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:48:29.0586 5416 BTHPORT - ok
09:48:29.0618 5416 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:48:29.0618 5416 bthserv - ok
09:48:29.0664 5416 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:48:29.0664 5416 BTHUSB - ok
09:48:29.0696 5416 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
09:48:29.0696 5416 btusbflt - ok
09:48:29.0727 5416 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:48:29.0727 5416 btwaudio - ok
09:48:29.0758 5416 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
09:48:29.0758 5416 btwavdt - ok
09:48:29.0945 5416 [ 4E63C48E7328A11ED0E9075C18FCE782 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:48:29.0945 5416 btwdins - ok
09:48:29.0992 5416 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:48:29.0992 5416 btwl2cap - ok
09:48:30.0039 5416 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:48:30.0039 5416 btwrchid - ok
09:48:30.0070 5416 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:48:30.0070 5416 cdfs - ok
09:48:30.0086 5416 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:48:30.0086 5416 cdrom - ok
09:48:30.0117 5416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:48:30.0117 5416 CertPropSvc - ok
09:48:30.0132 5416 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:48:30.0132 5416 circlass - ok
09:48:30.0148 5416 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:48:30.0164 5416 CLFS - ok
09:48:30.0242 5416 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:48:30.0242 5416 clr_optimization_v2.0.50727_32 - ok
09:48:30.0288 5416 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:48:30.0288 5416 clr_optimization_v2.0.50727_64 - ok
09:48:30.0866 5416 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:48:30.0866 5416 clr_optimization_v4.0.30319_32 - ok
09:48:30.0928 5416 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:48:30.0928 5416 clr_optimization_v4.0.30319_64 - ok
09:48:30.0959 5416 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:48:30.0959 5416 CmBatt - ok
09:48:31.0131 5416 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:48:31.0131 5416 cmdide - ok
09:48:31.0193 5416 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:48:31.0193 5416 CNG - ok
09:48:31.0209 5416 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:48:31.0209 5416 Compbatt - ok
09:48:31.0240 5416 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:48:31.0240 5416 CompositeBus - ok
09:48:31.0240 5416 COMSysApp - ok
09:48:31.0302 5416 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:48:31.0302 5416 crcdisk - ok
09:48:31.0349 5416 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:48:31.0349 5416 Creative ALchemy AL6 Licensing Service - ok
09:48:31.0380 5416 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:48:31.0380 5416 Creative Audio Engine Licensing Service - ok
09:48:31.0427 5416 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:48:31.0427 5416 CryptSvc - ok
09:48:31.0458 5416 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
09:48:31.0458 5416 dc3d - ok
09:48:31.0536 5416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:48:31.0552 5416 DcomLaunch - ok
09:48:31.0583 5416 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:48:31.0583 5416 defragsvc - ok
09:48:31.0599 5416 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:48:31.0599 5416 DfsC - ok
09:48:31.0614 5416 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:48:31.0614 5416 Dhcp - ok
09:48:31.0614 5416 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:48:31.0614 5416 discache - ok
09:48:31.0661 5416 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:48:31.0661 5416 Disk - ok
09:48:31.0677 5416 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:48:31.0677 5416 Dnscache - ok
09:48:31.0692 5416 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:48:31.0692 5416 dot3svc - ok
09:48:31.0724 5416 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:48:31.0724 5416 DPS - ok
09:48:31.0755 5416 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:48:31.0755 5416 drmkaud - ok
09:48:31.0848 5416 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:48:31.0848 5416 DXGKrnl - ok
09:48:31.0895 5416 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:48:31.0895 5416 EapHost - ok
09:48:32.0004 5416 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:48:32.0020 5416 ebdrv - ok
09:48:32.0051 5416 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:48:32.0051 5416 EFS - ok
09:48:32.0285 5416 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:48:32.0285 5416 ehRecvr - ok
09:48:32.0301 5416 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:48:32.0301 5416 ehSched - ok
09:48:32.0348 5416 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:48:32.0348 5416 elxstor - ok
09:48:32.0394 5416 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:48:32.0394 5416 ErrDev - ok
09:48:32.0441 5416 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:48:32.0441 5416 EventSystem - ok
09:48:32.0488 5416 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:48:32.0488 5416 exfat - ok
09:48:32.0519 5416 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:48:32.0519 5416 fastfat - ok
09:48:32.0628 5416 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:48:32.0628 5416 Fax - ok
09:48:32.0628 5416 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:48:32.0644 5416 fdc - ok
09:48:32.0644 5416 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:48:32.0644 5416 fdPHost - ok
09:48:32.0644 5416 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:48:32.0644 5416 FDResPub - ok
09:48:32.0675 5416 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:48:32.0675 5416 FileInfo - ok
09:48:32.0675 5416 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:48:32.0675 5416 Filetrace - ok
09:48:32.0706 5416 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:48:32.0706 5416 flpydisk - ok
09:48:32.0722 5416 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:48:32.0722 5416 FltMgr - ok
09:48:32.0753 5416 [ 72893DC6F72EABAEF5AA1013FD189050 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
09:48:32.0753 5416 FLxHCIc - ok
09:48:32.0800 5416 [ A2156628A86450D490A387B9B06FB17D ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
09:48:32.0800 5416 FLxHCIh - ok
09:48:32.0831 5416 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:48:32.0847 5416 FontCache - ok
09:48:32.0925 5416 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:48:32.0925 5416 FontCache3.0.0.0 - ok
09:48:32.0972 5416 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:48:32.0972 5416 FsDepends - ok
09:48:33.0003 5416 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:48:33.0018 5416 fssfltr - ok
09:48:33.0128 5416 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
09:48:33.0128 5416 fsssvc - ok
09:48:33.0174 5416 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:48:33.0174 5416 Fs_Rec - ok
09:48:33.0190 5416 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:48:33.0190 5416 fvevol - ok
09:48:33.0237 5416 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:48:33.0237 5416 gagp30kx - ok
09:48:33.0346 5416 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:48:33.0346 5416 gpsvc - ok
09:48:33.0424 5416 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:48:33.0424 5416 gupdate - ok
09:48:33.0424 5416 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:48:33.0424 5416 gupdatem - ok
09:48:33.0471 5416 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:48:33.0471 5416 gusvc - ok
09:48:33.0533 5416 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:48:33.0533 5416 hcw85cir - ok
09:48:33.0564 5416 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:48:33.0580 5416 HdAudAddService - ok
09:48:33.0580 5416 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:48:33.0596 5416 HDAudBus - ok
09:48:33.0596 5416 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:48:33.0596 5416 HidBatt - ok
09:48:33.0642 5416 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:48:33.0642 5416 HidBth - ok
09:48:33.0674 5416 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:48:33.0674 5416 HidIr - ok
09:48:33.0689 5416 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:48:33.0689 5416 hidserv - ok
09:48:33.0705 5416 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:48:33.0705 5416 HidUsb - ok
09:48:33.0752 5416 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:48:33.0752 5416 hkmsvc - ok
09:48:33.0767 5416 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:48:33.0767 5416 HomeGroupListener - ok
09:48:33.0798 5416 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:48:33.0798 5416 HomeGroupProvider - ok
09:48:33.0861 5416 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:48:33.0861 5416 HpSAMD - ok
09:48:33.0923 5416 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:48:33.0923 5416 HTTP - ok
09:48:33.0954 5416 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:48:33.0954 5416 hwpolicy - ok
09:48:33.0954 5416 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:48:33.0954 5416 i8042prt - ok
09:48:34.0001 5416 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:48:34.0001 5416 iaStor - ok
09:48:34.0017 5416 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:48:34.0017 5416 iaStorV - ok
09:48:34.0110 5416 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:48:34.0126 5416 idsvc - ok
09:48:34.0157 5416 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:48:34.0157 5416 iirsp - ok
09:48:34.0266 5416 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:48:34.0282 5416 IKEEXT - ok
09:48:34.0407 5416 [ BD9D02F706FCAF28D89F5435F18A4A04 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:48:34.0422 5416 IntcAzAudAddService - ok
09:48:34.0454 5416 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:48:34.0454 5416 intelide - ok
09:48:34.0485 5416 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:48:34.0485 5416 intelppm - ok
09:48:34.0516 5416 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:48:34.0516 5416 IPBusEnum - ok
09:48:34.0547 5416 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:48:34.0563 5416 IpFilterDriver - ok
09:48:34.0594 5416 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:48:34.0594 5416 iphlpsvc - ok
09:48:34.0610 5416 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:48:34.0610 5416 IPMIDRV - ok
09:48:34.0625 5416 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:48:34.0625 5416 IPNAT - ok
09:48:34.0656 5416 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:48:34.0656 5416 IRENUM - ok
09:48:34.0672 5416 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:48:34.0688 5416 isapnp - ok
09:48:34.0703 5416 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:48:34.0719 5416 iScsiPrt - ok
09:48:34.0734 5416 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:48:34.0734 5416 kbdclass - ok
09:48:34.0750 5416 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:48:34.0750 5416 kbdhid - ok
09:48:34.0781 5416 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
09:48:34.0781 5416 kbfiltr - ok
09:48:34.0797 5416 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:48:34.0797 5416 KeyIso - ok
09:48:34.0828 5416 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:48:34.0828 5416 KSecDD - ok
09:48:34.0859 5416 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:48:34.0859 5416 KSecPkg - ok
09:48:34.0875 5416 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:48:34.0875 5416 ksthunk - ok
09:48:34.0922 5416 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:48:34.0937 5416 KtmRm - ok
09:48:34.0953 5416 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
09:48:34.0953 5416 L1C - ok
09:48:34.0984 5416 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:48:34.0984 5416 LanmanServer - ok
09:48:35.0031 5416 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:48:35.0031 5416 LanmanWorkstation - ok
09:48:35.0062 5416 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:48:35.0062 5416 lltdio - ok
09:48:35.0093 5416 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:48:35.0093 5416 lltdsvc - ok
09:48:35.0109 5416 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:48:35.0109 5416 lmhosts - ok
09:48:35.0218 5416 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:48:35.0234 5416 LMS - ok
09:48:35.0265 5416 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:48:35.0265 5416 LSI_FC - ok
09:48:35.0280 5416 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:48:35.0280 5416 LSI_SAS - ok
09:48:35.0280 5416 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:48:35.0280 5416 LSI_SAS2 - ok
09:48:35.0343 5416 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:48:35.0343 5416 LSI_SCSI - ok
09:48:35.0390 5416 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:48:35.0390 5416 luafv - ok
09:48:35.0421 5416 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:48:35.0421 5416 MBAMProtector - ok
09:48:35.0483 5416 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:48:35.0483 5416 MBAMScheduler - ok
09:48:35.0608 5416 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:48:35.0608 5416 MBAMService - ok
09:48:35.0686 5416 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
09:48:35.0686 5416 MBfilt - ok
09:48:35.0717 5416 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:48:35.0717 5416 Mcx2Svc - ok
09:48:35.0733 5416 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:48:35.0733 5416 megasas - ok
09:48:35.0780 5416 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:48:35.0780 5416 MegaSR - ok
09:48:35.0795 5416 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:48:35.0795 5416 MEIx64 - ok
09:48:35.0826 5416 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:48:35.0826 5416 MMCSS - ok
09:48:35.0873 5416 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:48:35.0873 5416 Modem - ok
09:48:35.0889 5416 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:48:35.0904 5416 monitor - ok
09:48:35.0951 5416 [ D69F1E9A944A5F46A494AF901ED41118 ] motandroidusb C:\Windows\system32\Drivers\motoandroid.sys
09:48:35.0951 5416 motandroidusb - ok
09:48:35.0982 5416 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:48:35.0982 5416 mouclass - ok
09:48:35.0998 5416 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:48:35.0998 5416 mouhid - ok
09:48:36.0014 5416 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:48:36.0014 5416 mountmgr - ok
09:48:36.0060 5416 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:48:36.0060 5416 MozillaMaintenance - ok
09:48:36.0092 5416 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:48:36.0092 5416 MpFilter - ok
09:48:36.0107 5416 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:48:36.0107 5416 mpio - ok
09:48:36.0123 5416 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:48:36.0123 5416 mpsdrv - ok
09:48:36.0201 5416 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:48:36.0201 5416 MpsSvc - ok
09:48:36.0216 5416 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:48:36.0216 5416 MRxDAV - ok
09:48:36.0248 5416 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:48:36.0248 5416 mrxsmb - ok
09:48:36.0326 5416 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:48:36.0326 5416 mrxsmb10 - ok
09:48:36.0341 5416 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:48:36.0341 5416 mrxsmb20 - ok
09:48:36.0357 5416 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:48:36.0357 5416 msahci - ok
09:48:36.0388 5416 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:48:36.0388 5416 msdsm - ok
09:48:36.0435 5416 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:48:36.0435 5416 MSDTC - ok
09:48:36.0450 5416 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:48:36.0450 5416 Msfs - ok
09:48:36.0466 5416 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:48:36.0466 5416 mshidkmdf - ok
09:48:36.0466 5416 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:48:36.0466 5416 msisadrv - ok
09:48:36.0513 5416 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:48:36.0513 5416 MSiSCSI - ok
09:48:36.0513 5416 msiserver - ok
09:48:36.0528 5416 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:48:36.0528 5416 MSKSSRV - ok
09:48:36.0606 5416 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:48:36.0606 5416 MsMpSvc - ok
09:48:36.0638 5416 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:48:36.0638 5416 MSPCLOCK - ok
09:48:36.0669 5416 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:48:36.0669 5416 MSPQM - ok
09:48:36.0700 5416 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:48:36.0700 5416 MsRPC - ok
09:48:36.0731 5416 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:48:36.0731 5416 mssmbios - ok
09:48:36.0778 5416 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:48:36.0778 5416 MSTEE - ok
09:48:36.0825 5416 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:48:36.0825 5416 MTConfig - ok
09:48:36.0840 5416 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:48:36.0840 5416 Mup - ok
09:48:36.0918 5416 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:48:36.0918 5416 napagent - ok
09:48:36.0996 5416 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:48:37.0012 5416 NativeWifiP - ok
09:48:37.0074 5416 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:48:37.0074 5416 NDIS - ok
09:48:37.0152 5416 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:48:37.0152 5416 NdisCap - ok
09:48:37.0168 5416 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:48:37.0168 5416 NdisTapi - ok
09:48:37.0168 5416 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:48:37.0184 5416 Ndisuio - ok
09:48:37.0199 5416 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:48:37.0199 5416 NdisWan - ok
09:48:37.0199 5416 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:48:37.0199 5416 NDProxy - ok
09:48:37.0215 5416 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:48:37.0215 5416 NetBIOS - ok
09:48:37.0230 5416 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:48:37.0230 5416 NetBT - ok
09:48:37.0246 5416 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:48:37.0246 5416 Netlogon - ok
09:48:37.0308 5416 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:48:37.0308 5416 Netman - ok
09:48:37.0355 5416 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:48:37.0355 5416 netprofm - ok
09:48:37.0386 5416 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:48:37.0386 5416 NetTcpPortSharing - ok
09:48:37.0418 5416 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:48:37.0418 5416 nfrd960 - ok
09:48:37.0464 5416 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:48:37.0464 5416 NisDrv - ok
09:48:37.0496 5416 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
09:48:37.0511 5416 NisSrv - ok
09:48:37.0558 5416 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:48:37.0558 5416 NlaSvc - ok
09:48:37.0574 5416 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:48:37.0574 5416 Npfs - ok
09:48:37.0589 5416 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:48:37.0589 5416 nsi - ok
09:48:37.0605 5416 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:48:37.0605 5416 nsiproxy - ok
09:48:37.0854 5416 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:48:37.0854 5416 Ntfs - ok
09:48:37.0870 5416 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:48:37.0870 5416 Null - ok
09:48:37.0917 5416 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:48:37.0917 5416 NVHDA - ok
09:48:38.0900 5416 [ 0EB204639119370F5F8F2871FBF4E14B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:48:38.0962 5416 nvlddmkm - ok
09:48:39.0024 5416 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:48:39.0024 5416 nvraid - ok
09:48:39.0040 5416 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:48:39.0040 5416 nvstor - ok
09:48:39.0087 5416 [ 32FF8EE6DCEE5C0CB91FF892FB1CA364 ] NVSvc C:\Windows\system32\nvvsvc.exe
09:48:39.0087 5416 NVSvc - ok
09:48:39.0305 5416 [ BD012DC22C78BE1071BC21EB125D782F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:48:39.0321 5416 nvUpdatusService - ok
09:48:39.0352 5416 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:48:39.0352 5416 nv_agp - ok
09:48:39.0368 5416 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:48:39.0383 5416 ohci1394 - ok
09:48:39.0399 5416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:48:39.0399 5416 p2pimsvc - ok
09:48:39.0477 5416 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:48:39.0477 5416 p2psvc - ok
09:48:39.0492 5416 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:48:39.0492 5416 Parport - ok
09:48:39.0539 5416 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:48:39.0539 5416 partmgr - ok
09:48:39.0539 5416 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:48:39.0539 5416 PcaSvc - ok
09:48:39.0570 5416 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:48:39.0570 5416 pci - ok
09:48:39.0570 5416 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:48:39.0570 5416 pciide - ok
09:48:39.0586 5416 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:48:39.0586 5416 pcmcia - ok
09:48:39.0586 5416 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:48:39.0586 5416 pcw - ok
09:48:39.0617 5416 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:48:39.0617 5416 PEAUTH - ok
09:48:39.0664 5416 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:48:39.0664 5416 PerfHost - ok
09:48:39.0773 5416 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:48:39.0789 5416 pla - ok
09:48:39.0867 5416 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:48:39.0867 5416 PlugPlay - ok
09:48:39.0882 5416 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:48:39.0882 5416 PNRPAutoReg - ok
09:48:39.0898 5416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:48:39.0898 5416 PNRPsvc - ok
09:48:39.0929 5416 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
09:48:39.0929 5416 Point64 - ok
09:48:39.0976 5416 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:48:39.0992 5416 PolicyAgent - ok
09:48:40.0023 5416 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:48:40.0023 5416 Power - ok
09:48:40.0054 5416 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:48:40.0054 5416 PptpMiniport - ok
09:48:40.0070 5416 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:48:40.0070 5416 Processor - ok
09:48:40.0085 5416 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:48:40.0101 5416 ProfSvc - ok
09:48:40.0116 5416 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:48:40.0116 5416 ProtectedStorage - ok
09:48:40.0132 5416 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:48:40.0148 5416 Psched - ok
09:48:40.0163 5416 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:48:40.0163 5416 PxHlpa64 - ok
09:48:40.0241 5416 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:48:40.0241 5416 ql2300 - ok
09:48:40.0272 5416 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:48:40.0272 5416 ql40xx - ok
09:48:40.0319 5416 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:48:40.0319 5416 QWAVE - ok
09:48:40.0366 5416 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:48:40.0366 5416 QWAVEdrv - ok
09:48:40.0366 5416 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:48:40.0366 5416 RasAcd - ok
09:48:40.0397 5416 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:48:40.0397 5416 RasAgileVpn - ok
09:48:40.0428 5416 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:48:40.0428 5416 RasAuto - ok
09:48:40.0428 5416 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:48:40.0428 5416 Rasl2tp - ok
09:48:40.0475 5416 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:48:40.0475 5416 RasMan - ok
09:48:40.0491 5416 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:48:40.0491 5416 RasPppoe - ok
09:48:40.0491 5416 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:48:40.0491 5416 RasSstp - ok
09:48:40.0553 5416 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:48:40.0553 5416 rdbss - ok
09:48:40.0569 5416 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:48:40.0584 5416 rdpbus - ok
09:48:40.0584 5416 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:48:40.0584 5416 RDPCDD - ok
09:48:40.0616 5416 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:48:40.0616 5416 RDPENCDD - ok
09:48:40.0631 5416 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:48:40.0631 5416 RDPREFMP - ok
09:48:40.0662 5416 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:48:40.0662 5416 RDPWD - ok
09:48:40.0694 5416 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:48:40.0694 5416 rdyboost - ok
09:48:40.0725 5416 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:48:40.0725 5416 RemoteAccess - ok
09:48:40.0772 5416 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:48:40.0772 5416 RemoteRegistry - ok
09:48:40.0787 5416 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:48:40.0787 5416 RFCOMM - ok
09:48:40.0803 5416 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:48:40.0803 5416 RpcEptMapper - ok
09:48:40.0818 5416 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:48:40.0818 5416 RpcLocator - ok
09:48:40.0896 5416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:48:40.0896 5416 RpcSs - ok
09:48:40.0912 5416 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:48:40.0912 5416 rspndr - ok
09:48:40.0959 5416 [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys
09:48:40.0959 5416 RSUSBVSTOR - ok
09:48:41.0021 5416 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:48:41.0021 5416 RTL8167 - ok
09:48:41.0037 5416 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:48:41.0037 5416 SamSs - ok
09:48:41.0333 5416 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc D:\Program Files (x86)\SBAMSvc.exe
09:48:41.0349 5416 SBAMSvc - ok
09:48:41.0396 5416 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
09:48:41.0396 5416 sbapifs - ok
09:48:41.0427 5416 [ B671EEF468D13016B9286F5835A06AE1 ] sbhips C:\Windows\system32\drivers\sbhips.sys
09:48:41.0427 5416 sbhips - ok
09:48:41.0458 5416 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:48:41.0458 5416 sbp2port - ok
09:48:41.0489 5416 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
09:48:41.0489 5416 SBRE - ok
09:48:41.0520 5416 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:48:41.0536 5416 SCardSvr - ok
09:48:41.0552 5416 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:48:41.0552 5416 scfilter - ok
09:48:41.0645 5416 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:48:41.0645 5416 Schedule - ok
09:48:41.0692 5416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:48:41.0692 5416 SCPolicySvc - ok
09:48:41.0708 5416 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:48:41.0708 5416 SDRSVC - ok
09:48:41.0801 5416 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
09:48:41.0801 5416 SeaPort - ok
09:48:41.0832 5416 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:48:41.0848 5416 secdrv - ok
09:48:41.0864 5416 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:48:41.0864 5416 seclogon - ok
09:48:41.0879 5416 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:48:41.0879 5416 SENS - ok
09:48:41.0895 5416 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:48:41.0895 5416 SensrSvc - ok
09:48:41.0926 5416 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:48:41.0926 5416 Serenum - ok
09:48:41.0957 5416 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:48:41.0957 5416 Serial - ok
09:48:41.0973 5416 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:48:41.0973 5416 sermouse - ok
09:48:42.0004 5416 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:48:42.0004 5416 SessionEnv - ok
09:48:42.0020 5416 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:48:42.0020 5416 sffdisk - ok
09:48:42.0020 5416 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:48:42.0020 5416 sffp_mmc - ok
09:48:42.0035 5416 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:48:42.0035 5416 sffp_sd - ok
09:48:42.0066 5416 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:48:42.0066 5416 sfloppy - ok
09:48:42.0098 5416 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:48:42.0113 5416 SharedAccess - ok
09:48:42.0144 5416 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:48:42.0144 5416 ShellHWDetection - ok
09:48:42.0160 5416 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
09:48:42.0160 5416 SiSGbeLH - ok
09:48:42.0176 5416 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:48:42.0176 5416 SiSRaid2 - ok
09:48:42.0207 5416 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:48:42.0207 5416 SiSRaid4 - ok
09:48:42.0332 5416 [ 579BA0A911FF5EA70CB604CD3B744B0A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:48:42.0332 5416 SkypeUpdate - ok
09:48:42.0394 5416 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:48:42.0394 5416 Smb - ok
09:48:42.0441 5416 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:48:42.0441 5416 SNMPTRAP - ok
09:48:42.0441 5416 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:48:42.0441 5416 spldr - ok
09:48:42.0503 5416 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
09:48:42.0503 5416 Spooler - ok
09:48:42.0659 5416 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:48:42.0675 5416 sppsvc - ok
09:48:42.0690 5416 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:48:42.0690 5416 sppuinotify - ok
09:48:42.0800 5416 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:48:42.0800 5416 srv - ok
09:48:42.0831 5416 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:48:42.0831 5416 srv2 - ok
09:48:42.0862 5416 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:48:42.0862 5416 srvnet - ok
09:48:42.0909 5416 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:48:42.0909 5416 SSDPSRV - ok
09:48:42.0924 5416 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:48:42.0924 5416 SstpSvc - ok
09:48:42.0956 5416 Steam Client Service - ok
09:48:43.0112 5416 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:48:43.0112 5416 Stereo Service - ok
09:48:43.0143 5416 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:48:43.0143 5416 stexstor - ok
09:48:43.0221 5416 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:48:43.0221 5416 stisvc - ok
09:48:43.0252 5416 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:48:43.0252 5416 swenum - ok
09:48:43.0330 5416 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:48:43.0330 5416 swprv - ok
09:48:43.0470 5416 [ BC642D540AEDF9A253C74D10C848EBD2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:48:43.0486 5416 SynTP - ok
09:48:43.0626 5416 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:48:43.0642 5416 SysMain - ok
09:48:43.0673 5416 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:48:43.0673 5416 TabletInputService - ok
09:48:43.0704 5416 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:48:43.0704 5416 TapiSrv - ok
09:48:43.0720 5416 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:48:43.0720 5416 TBS - ok
09:48:44.0063 5416 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:48:44.0063 5416 Tcpip - ok
09:48:44.0141 5416 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:48:44.0157 5416 TCPIP6 - ok
09:48:44.0219 5416 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:48:44.0219 5416 tcpipreg - ok
09:48:44.0235 5416 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:48:44.0235 5416 TDPIPE - ok
09:48:44.0266 5416 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:48:44.0266 5416 TDTCP - ok
09:48:44.0282 5416 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:48:44.0282 5416 tdx - ok
09:48:44.0313 5416 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:48:44.0313 5416 TermDD - ok
09:48:44.0360 5416 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:48:44.0375 5416 TermService - ok
09:48:44.0391 5416 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:48:44.0391 5416 Themes - ok
09:48:44.0406 5416 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:48:44.0406 5416 THREADORDER - ok
09:48:44.0453 5416 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
09:48:44.0453 5416 tmtdi - ok
09:48:44.0484 5416 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:48:44.0484 5416 TrkWks - ok
09:48:44.0547 5416 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:48:44.0562 5416 TrustedInstaller - ok
09:48:44.0562 5416 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:48:44.0562 5416 tssecsrv - ok
09:48:44.0578 5416 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:48:44.0578 5416 TsUsbFlt - ok
09:48:44.0640 5416 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:48:44.0640 5416 TsUsbGD - ok
09:48:44.0640 5416 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:48:44.0640 5416 tunnel - ok
09:48:44.0656 5416 [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
09:48:44.0656 5416 TurboB - ok
09:48:44.0703 5416 [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:48:44.0703 5416 TurboBoost - ok
09:48:44.0718 5416 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:48:44.0718 5416 uagp35 - ok
09:48:44.0734 5416 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:48:44.0750 5416 udfs - ok
09:48:44.0765 5416 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:48:44.0765 5416 UI0Detect - ok
09:48:44.0781 5416 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:48:44.0781 5416 uliagpkx - ok
09:48:44.0828 5416 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:48:44.0828 5416 umbus - ok
09:48:44.0828 5416 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:48:44.0828 5416 UmPass - ok
09:48:45.0030 5416 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:48:45.0046 5416 UNS - ok
09:48:45.0062 5416 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:48:45.0062 5416 upnphost - ok
09:48:45.0093 5416 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:48:45.0093 5416 usbccgp - ok
09:48:45.0108 5416 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:48:45.0108 5416 usbcir - ok
09:48:45.0124 5416 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:48:45.0124 5416 usbehci - ok
09:48:45.0186 5416 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:48:45.0186 5416 usbhub - ok
09:48:45.0202 5416 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:48:45.0202 5416 usbohci - ok
09:48:45.0218 5416 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:48:45.0218 5416 usbprint - ok
09:48:45.0233 5416 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:48:45.0233 5416 USBSTOR - ok
09:48:45.0249 5416 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:48:45.0249 5416 usbuhci - ok
09:48:45.0264 5416 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:48:45.0264 5416 usbvideo - ok
09:48:45.0296 5416 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:48:45.0296 5416 UxSms - ok
09:48:45.0296 5416 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:48:45.0296 5416 VaultSvc - ok
09:48:45.0342 5416 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:48:45.0342 5416 vdrvroot - ok
09:48:45.0389 5416 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:48:45.0405 5416 vds - ok
09:48:45.0420 5416 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:48:45.0420 5416 vga - ok
09:48:45.0420 5416 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:48:45.0420 5416 VgaSave - ok
09:48:45.0483 5416 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:48:45.0483 5416 vhdmp - ok
09:48:45.0514 5416 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:48:45.0514 5416 viaide - ok
09:48:45.0545 5416 [ 0ADF410187B71C9B855721C8D59CEC7A ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
09:48:45.0545 5416 VideAceWindowsService - ok
09:48:45.0576 5416 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:48:45.0576 5416 volmgr - ok
09:48:45.0608 5416 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:48:45.0608 5416 volmgrx - ok
09:48:45.0623 5416 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:48:45.0623 5416 volsnap - ok
09:48:45.0654 5416 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:48:45.0654 5416 vsmraid - ok
09:48:45.0779 5416 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:48:45.0795 5416 VSS - ok
09:48:45.0826 5416 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:48:45.0826 5416 vwifibus - ok
09:48:45.0842 5416 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:48:45.0842 5416 vwififlt - ok
09:48:45.0873 5416 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:48:45.0873 5416 W32Time - ok
09:48:45.0904 5416 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:48:45.0904 5416 WacomPen - ok
09:48:45.0904 5416 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:48:45.0920 5416 WANARP - ok
09:48:45.0920 5416 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:48:45.0920 5416 Wanarpv6 - ok
09:48:46.0122 5416 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:48:46.0122 5416 WatAdminSvc - ok
09:48:46.0216 5416 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:48:46.0232 5416 wbengine - ok
09:48:46.0247 5416 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:48:46.0247 5416 WbioSrvc - ok
09:48:46.0278 5416 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:48:46.0278 5416 wcncsvc - ok
09:48:46.0310 5416 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:48:46.0310 5416 WcsPlugInService - ok
09:48:46.0356 5416 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:48:46.0356 5416 Wd - ok
09:48:46.0388 5416 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:48:46.0403 5416 Wdf01000 - ok
09:48:46.0434 5416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:48:46.0434 5416 WdiServiceHost - ok
09:48:46.0450 5416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:48:46.0450 5416 WdiSystemHost - ok
09:48:46.0481 5416 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:48:46.0481 5416 WebClient - ok
09:48:46.0512 5416 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:48:46.0528 5416 Wecsvc - ok
09:48:46.0559 5416 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:48:46.0559 5416 wercplsupport - ok
09:48:46.0559 5416 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:48:46.0559 5416 WerSvc - ok
09:48:46.0575 5416 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:48:46.0575 5416 WfpLwf - ok
09:48:46.0622 5416 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:48:46.0622 5416 WimFltr - ok
09:48:46.0637 5416 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:48:46.0637 5416 WIMMount - ok
09:48:46.0668 5416 WinDefend - ok
09:48:46.0668 5416 WinHttpAutoProxySvc - ok
09:48:46.0762 5416 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:48:46.0762 5416 Winmgmt - ok
09:48:46.0918 5416 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:48:46.0934 5416 WinRM - ok
09:48:47.0043 5416 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:48:47.0058 5416 Wlansvc - ok
09:48:47.0136 5416 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:48:47.0136 5416 wlcrasvc - ok
09:48:47.0370 5416 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:48:47.0386 5416 wlidsvc - ok
09:48:47.0402 5416 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:48:47.0402 5416 WmiAcpi - ok
09:48:47.0448 5416 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:48:47.0448 5416 wmiApSrv - ok
09:48:47.0495 5416 WMPNetworkSvc - ok
09:48:47.0558 5416 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:48:47.0558 5416 WPCSvc - ok
09:48:47.0573 5416 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:48:47.0573 5416 WPDBusEnum - ok
09:48:47.0589 5416 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:48:47.0589 5416 ws2ifsl - ok
09:48:47.0604 5416 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:48:47.0604 5416 wscsvc - ok
09:48:47.0604 5416 WSearch - ok
09:48:47.0792 5416 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:48:47.0792 5416 wuauserv - ok
09:48:47.0854 5416 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:48:47.0854 5416 WudfPf - ok
09:48:47.0885 5416 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:48:47.0885 5416 WUDFRd - ok
09:48:47.0916 5416 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:48:47.0916 5416 wudfsvc - ok
09:48:47.0932 5416 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:48:47.0932 5416 WwanSvc - ok
09:48:47.0948 5416 ================ Scan global ===============================
09:48:47.0963 5416 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:48:48.0010 5416 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:48:48.0010 5416 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:48:48.0041 5416 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:48:48.0119 5416 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:48:48.0119 5416 [Global] - ok
09:48:48.0135 5416 ================ Scan MBR ==================================
09:48:48.0166 5416 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:48:49.0196 5416 \Device\Harddisk0\DR0 - ok
09:48:49.0196 5416 ================ Scan VBR ==================================
09:48:49.0242 5416 [ ADC25404339A342D419F76D4312D603B ] \Device\Harddisk0\DR0\Partition1
09:48:49.0258 5416 \Device\Harddisk0\DR0\Partition1 - ok
09:48:49.0289 5416 [ 781D94F56C586240DCBBBFA8FC80C89C ] \Device\Harddisk0\DR0\Partition2
09:48:49.0289 5416 \Device\Harddisk0\DR0\Partition2 - ok
09:48:49.0289 5416 ============================================================
09:48:49.0289 5416 Scan finished
09:48:49.0289 5416 ============================================================
09:48:49.0289 4300 Detected object count: 0
09:48:49.0289 4300 Actual detected object count: 0

RKILL:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/08/2012 09:55:07 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ACEngSvr.exe (PID: 2172) [WD-HEUR]
* C:\Windows\System32\rpcnetp.exe (PID: 3116) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Rick\Desktop\rkill\rkill-10-08-2012-09-55-11.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/08/2012 09:55:19 AM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)


JRT:

Junkware Removal Tool (JRT) by Thisisu
Version: 1.3.2 (10.08.2012)
OS: Windows 7 Home Premium x64
Ran by Rick on Mon 10/08/2012 at 10:26:32.67
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Mon 10/08/2012 at 10:26:57.67
End of Report

i can not find the option to attach the autoruns.txt

Edited by s0ldier, 08 October 2012 - 12:43 PM.


#7 s0ldier

s0ldier
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 08 October 2012 - 01:09 PM

i will just post it like this for now

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"	""	""	""
+ "rdpclip"	""	""	"File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "IntelliPoint"	"IPoint.exe"	"Microsoft Corporation"	"c:\program files\microsoft intellipoint\ipoint.exe"
+ "IntelTBRunOnce"	""	""	"c:\program files\intel\turboboost\runtbgadgetonce.vbs"
+ "MSC"	"Microsoft Security Client User Interface"	"Microsoft Corporation"	"c:\program files\microsoft security client\msseces.exe"
+ "RtHDVCpl"	"Realtek HD Audio Manager"	"Realtek Semiconductor"	"c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynAsusAcpi"	"Asus Custom Acpi Monitor Application"	"Synaptics Incorporated"	"c:\program files\synaptics\syntp\synasusacpi.exe"
+ "SynTPEnh"	"Synaptics TouchPad Enhancements"	"Synaptics Incorporated"	"c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Ad-Aware Antivirus"	"Ad-Aware Antivirus Launcher"	"Lavasoft Limited"	"d:\program files (x86)\adawarelauncher.exe"
+ "ASUS Screen Saver Protector"	"AsScrPro"	"ASUS"	"c:\windows\asscrpro.exe"
+ "ASUSPRP"	"ASUS Product Register Program"	"ASUSTek Computer Inc."	"c:\program files (x86)\asus\aprp\aprp.exe"
+ "ASUSWebStorage"	"AsusWebStorage"	"ecareme"	"c:\program files (x86)\asus\asus webstorage\3.0.102.211\asuswspanel.exe"
+ "ATKMEDIA"	"ATK Media"	"ASUS"	"c:\program files (x86)\asus\atk package\atk media\dmedia.exe"
+ "ATKOSD2"	"ATKOSD2"	"ASUS"	"c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe"
+ "CLMLServer"	"CyberLink MediaLibray Service"	"CyberLink"	"c:\program files (x86)\cyberlink\power2go\clmlsvc.exe"
+ "CPMonitor"	"CPMonitor Application"	""	"c:\program files (x86)\roxio\cineplayer\5.0\cpmonitor.exe"
+ "FLxHCIm"	"Fresco Logic"	"Windows (R) Win 7 DDK provider"	"c:\program files\fresco logic inc\fresco logic usb3.0 host controller\host\flxhcim.exe"
+ "HControlUser"	"HControlUser"	"ASUS"	"c:\program files (x86)\asus\atk package\atk hotkey\hcontroluser.exe"
+ "Nuance PDF Reader-reminder"	"Ereg"	"Nuance Communications, Inc."	"c:\program files (x86)\nuance\pdf reader\ereg\ereg.exe"
+ "THX TruStudio NB Settings"	"THXAudioNB"	"Creative Technology Ltd"	"c:\program files (x86)\creative\thx trustudio\thxnbset\thxaudnb.exe"
+ "UpdateLBPShortCut"	"MUI StartMenu Application"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe"
+ "UpdateP2GoShortCut"	"MUI StartMenu Application"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe"
+ "UpdReg"	"Creative UpdReg"	"Creative Technology Ltd."	"c:\windows\updreg.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "AsusVibeLauncher.lnk"	"AsusVibe Application"	"ASUSTeK Computer Inc."	"c:\program files (x86)\asus\asusvibe\asusvibelauncher.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "EADM"	"Origin"	"Electronic Arts"	"d:\program files (x86)\origin\origin.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "EPP"	"Microsoft Security Client Shell Extension"	"Microsoft Corporation"	"c:\program files\microsoft security client\shellext.dll"
+ "WinRAR"	""	""	"d:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "WinRAR32"	""	""	"d:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"	""	""	""
+ "AdAwareContextMenu64"	"Ad-Aware Antivirus Shell Extension x64"	"Lavasoft Limited"	"d:\program files (x86)\adawareshellextension64.dll"
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"	""	""	""
+ "AdAwareContextMenu"	"Ad-Aware Antivirus Shell Extension"	"Lavasoft Limited"	"d:\program files (x86)\adawareshellextension.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "EPP"	"Microsoft Security Client Shell Extension"	"Microsoft Corporation"	"c:\program files\microsoft security client\shellext.dll"
+ "WinRAR"	""	""	"d:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "WinRAR32"	""	""	"d:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "WinRAR"	""	""	"d:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "WinRAR32"	""	""	"d:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "Gadgets"	"Sidebar droptarget"	"Microsoft Corporation"	"c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext"	""	"NVIDIA Corporation"	"c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "Gadgets"	"Sidebar droptarget"	"Microsoft Corporation"	"c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR"	""	""	"d:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "WinRAR32"	""	""	"d:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"	""	""	""
+ "WinRAR"	""	""	"d:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"	""	""	""
+ "WinRAR32"	""	""	"d:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "AsusWSShellExt_B"	"AsusWSShellExt64"	"eCareme Technologies, Inc."	"c:\program files (x86)\asus\asus webstorage\3.0.102.211\asuswsshellext64.dll"
+ "AsusWSShellExt_O"	"AsusWSShellExt64"	"eCareme Technologies, Inc."	"c:\program files (x86)\asus\asus webstorage\3.0.102.211\asuswsshellext64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Google Toolbar Helper"	"Google Toolbar"	"Google Inc."	"c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Windows Live ID Sign-in Helper"	"Microsoft® Windows Live ID Login Helper"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Bing Bar Helper"	"Bing Client Extensions"	"Microsoft Corporation."	"c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar Helper"	"Google Toolbar"	"Google Inc."	"c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java(tm) Plug-In SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper"	"Microsoft® Windows Live ID Login Helper"	"Microsoft Corp."	"c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"	""	""	""
+ "Google Toolbar"	"Google Toolbar"	"Google Inc."	"c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"	""	""	""
+ "Bing"	"Bing Client Extensions"	"Microsoft Corporation."	"c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar"	"Google Toolbar"	"Google Inc."	"c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"	""	""	""
+ "&Blog This in Windows Live Writer"	"Windows Live Writer Blog This Extension"	"Microsoft Corporation"	"c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
"Task Scheduler"	""	""	""
+ "\Ad-Aware Antivirus Scheduled Scan"	"Ad-Aware Antivirus Launcher"	"Lavasoft Limited"	"d:\program files (x86)\adawarelauncher.exe"
+ "\ATKOSD2"	"ATKOSD2"	"ASUS"	"c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe"
+ "\CCleanerSkipUAC"	"CCleaner"	"Piriform Ltd"	"c:\program files\ccleaner\ccleaner.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"	"Windows Live Social Object Extractor Engine"	"Microsoft Corporation"	"c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"	""	""	"c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"	"Windows Media Player Network Sharing Service Configuration Application"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe"	"IPoint.exe"	"Microsoft Corporation"	"c:\program files\microsoft intellipoint\ipoint.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "Ad-Aware Service"	"Ad-Aware Service"	"Lavasoft Limited"	"d:\program files (x86)\adawareservice.exe"
+ "AdobeFlashPlayerUpdateSvc"	"This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."	"Adobe Systems Incorporated"	"c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "ASLDRService"	"ASLDR Service"	"ASUS"	"c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe"
+ "ATKGFNEXSrv"	"GFNEXSrv"	"ASUS"	"c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe"
+ "BBSvc"	"Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar."	"Microsoft Corporation."	"c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "btwdins"	"Handles installation and removal of Bluetooth devices."	"Broadcom Corporation."	"c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "Creative ALchemy AL6 Licensing Service"	"Provides licensing services for Creative ALchemy."	"Creative Labs"	"c:\program files (x86)\common files\creative labs shared\service\al6licensing.exe"
+ "Creative Audio Engine Licensing Service"	"Provides licensing services for Creative Audio Engine."	"Creative Labs"	"c:\program files (x86)\common files\creative labs shared\service\ctaelicensing.exe"
+ "fsssvc"	"This service enables Family Safety on the computer. If this service is not running, Family Safety will not work."	"Microsoft Corporation"	"c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "gupdate"	"Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."	"Google Inc."	"c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem"	"Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."	"Google Inc."	"c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc"	"Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work."	"Google"	"c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "LMS"	"Allows applications to access the local Intel(R) Management and Security Application using its locally-available selected network interfaces."	"Intel Corporation"	"c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe"
+ "MBAMScheduler"	"Malwarebytes Anti-Malware scheduler"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService"	"Malwarebytes Anti-Malware service"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance"	"The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."	"Mozilla Foundation"	"c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc"	"Helps protect users from malware and other potentially unwanted software"	"Microsoft Corporation"	"c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv"	"Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols"	"Microsoft Corporation"	"c:\program files\microsoft security client\nissrv.exe"
+ "NVSvc"	"Provides system and desktop level support to the NVIDIA display driver"	"NVIDIA Corporation"	"c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService"	"NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server."	"NVIDIA Corporation"	"c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "SBAMSvc"	"Manages your antispyware and antivirus application"	"GFI Software"	"d:\program files (x86)\sbamsvc.exe"
+ "SeaPort"	"Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar."	"Microsoft Corporation"	"c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "SkypeUpdate"	"Enables the detection, download and installation of updates for Skype."	"Skype Technologies"	"c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service"	"Steam Client Service monitors and updates Steam content"	"Valve Corporation"	"c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service"	"Provides system support for NVIDIA Stereoscopic 3D driver"	"NVIDIA Corporation"	"c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "TurboBoost"	"Intel(R) Turbo Boost Technology Monitor"	"Intel(R) Corporation"	"c:\program files\intel\turboboost\turboboost.exe"
+ "UNS"	"Intel(R) Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel(R) Management and Security Application Device."	"Intel Corporation"	"c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe"
+ "VideAceWindowsService"	""	""	"c:\expressgateutil\vawinservice.exe"
+ "WinDefend"	"Protection against spyware and potentially unwanted software"	"Microsoft Corporation"	"c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"	"Enables Windows Live ID authentication."	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"	"Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "adp94xx"	"Adaptec Windows SAS/SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"	"Adaptec Windows SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"	"Adaptec StorPort Ultra320 SCSI Driver (X64)"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpu320.sys"
+ "aliide"	"ALi mini IDE Driver"	"Acer Laboratories Inc."	"c:\windows\system32\drivers\aliide.sys"
+ "amdsata"	"AHCI 1.2 Device Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"	"AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"	"AMD Technologies Inc."	"c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"	"Storage Filter Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdxata.sys"
+ "arc"	"Adaptec RAID Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arc.sys"
+ "arcsas"	"Adaptec SAS RAID WS03 Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arcsas.sys"
+ "ASMMAP64"	"Memory mapping Driver"	"ASUS"	"c:\program files (x86)\asus\atk package\atkgfnex\asmmap64.sys"
+ "athr"	"Atheros Extensible Wireless LAN device driver"	"Atheros Communications, Inc."	"c:\windows\system32\drivers\athrx.sys"
+ "ATKWMIACPIIO"	"ATK WMIACPI Utility"	"ASUS"	"c:\program files (x86)\asus\atk package\atk wmiacpi\atkwmiacpi64.sys"
+ "b06bdrv"	"Broadcom NetXtreme II GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"	"Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."	"Broadcom Corporation"	"c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo"	"Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"	"Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"	"Brotehr Serial I/F Driver (WDM)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"	"Brother Serial driver (WDM version)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"	"Brother USB MDM Driver "	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"	"Brother USB Serial Driver"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbser.sys"
+ "btusbflt"	"Widcomm Bluetooth USB Filter for Windows XP"	"Broadcom Corporation."	"c:\windows\system32\drivers\btusbflt.sys"
+ "btwaudio"	"Bluetooth Audio Device"	"Broadcom Corporation."	"c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt"	"Broadcom Bluetooth AVDT Service"	"Broadcom Corporation."	"c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap"	"Broadcom Bluetooth L2CAP Service"	"Broadcom Corporation."	"c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid"	"Bluetooth Remote Control HID Minidriver"	"Broadcom Corporation."	"c:\windows\system32\drivers\btwrchid.sys"
+ "cmdide"	"CMD PCI IDE Bus Driver"	"CMD Technology, Inc."	"c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"	"Broadcom NetXtreme II 10 GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\evbda.sys"
+ "elxstor"	"Storport Miniport Driver for LightPulse HBAs"	"Emulex"	"c:\windows\system32\drivers\elxstor.sys"
+ "FLxHCIc"	"xHCI Bus Driver"	"Fresco Logic"	"c:\windows\system32\drivers\flxhcic.sys"
+ "FLxHCIh"	"xHCI Hub Driver"	"Fresco Logic"	"c:\windows\system32\drivers\flxhcih.sys"
+ "hcw85cir"	"Hauppauge WinTV 885 Consumer IR Driver for eHome"	"Hauppauge Computer Works, Inc."	"c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"	"Smart Array SAS/SATA Controller Media Driver"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor"	"Intel Rapid Storage Technology driver - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastor.sys"
+ "iaStorV"	"Intel Matrix Storage Manager driver - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"	"Intel/ICP Raid Storport Driver"	"Intel Corp./ICP vortex GmbH"	"c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"	"Realtek(r) High Definition Audio Function Driver"	"Realtek Semiconductor Corp."	"c:\windows\system32\drivers\rtkvhd64.sys"
+ "kbfiltr"	"Keyboard Filter Driver"	" "	"c:\windows\system32\drivers\kbfiltr.sys"
+ "L1C"	"Atheros L1c PCI-E Gigabit Ethernet Controller"	"Atheros Communications, Inc."	"c:\windows\system32\drivers\l1c62x64.sys"
+ "LSI_FC"	"LSI Fusion-MPT FC Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"	"LSI Fusion-MPT SAS Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"	"LSI SAS Gen2 Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"	"LSI Fusion-MPT SCSI Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\windows\system32\drivers\mbam.sys"
+ "MBfilt"	"Creative Audio Driver"	"Creative Technology Ltd."	"c:\windows\system32\drivers\mbfilt64.sys"
+ "megasas"	"MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"	"LSI Corporation"	"c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"	"LSI MegaRAID Software RAID Driver"	"LSI Corporation, Inc."	"c:\windows\system32\drivers\megasr.sys"
+ "MEIx64"	"Intel(R) Management Engine Interface"	"Intel Corporation"	"c:\windows\system32\drivers\hecix64.sys"
+ "motandroidusb"	"ADB Interface"	"Motorola"	"c:\windows\system32\drivers\motoandroid.sys"
+ "nfrd960"	"IBM ServeRAID Controller Driver"	"IBM Corporation"	"c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA"	"NVIDIA HDMI Audio Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm"	"NVIDIA Windows Kernel Mode Driver, Version 296.10 "	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid"	"NVIDIA® nForce(TM) RAID Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"	"NVIDIA® nForce(TM) Sata Performance Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64"	"Px Engine Device Driver for 64-bit Windows"	"Sonic Solutions"	"c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300"	"QLogic Fibre Channel Stor Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"	"QLogic iSCSI Storport Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBVSTOR"	"Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7"	"Realtek Semiconductor Corp."	"c:\windows\system32\drivers\rtsuvstor.sys"
+ "RTL8167"	"Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                "	"Realtek                                            "	"c:\windows\system32\drivers\rt64win7.sys"
+ "sbapifs"	"GFI Active Protection Filter Driver"	"GFI Software"	"c:\windows\system32\drivers\sbapifs.sys"
+ "sbhips"	"GFI Firewall SDK Host Intrusion Prevention System Driver"	"GFI Software"	"c:\windows\system32\drivers\sbhips.sys"
+ "SBRE"	"GFI Anti-Rootkit Driver"	"GFI Software"	"c:\windows\system32\drivers\sbredrv.sys"
+ "secdrv"	"Macrovision SECURITY Driver"	"Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."	"c:\windows\system32\drivers\secdrv.sys"
+ "Serial"	"Brotehr Serial I/F Driver (WDM)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\serial.sys"
+ "SiSGbeLH"	"NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device"	"Silicon Integrated Systems Corp."	"c:\windows\system32\drivers\sisg664.sys"
+ "SiSRaid2"	"SiS RAID Stor Miniport Driver"	"Silicon Integrated Systems Corp."	"c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"	"SiS AHCI Stor-Miniport Driver"	"Silicon Integrated Systems"	"c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"	"Promise  SuperTrak EX Series Driver for Windows "	"Promise Technology"	"c:\windows\system32\drivers\stexstor.sys"
+ "SynTP"	"Synaptics Touchpad Driver"	"Synaptics Incorporated"	"c:\windows\system32\drivers\syntp.sys"
+ "TurboB"	"Turbo Boost UI Monitor driver"	""	"c:\windows\system32\drivers\turbob.sys"
+ "viaide"	"VIA Generic PCI IDE Bus Driver"	"VIA Technologies, Inc."	"c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"	"VIA RAID DRIVER FOR AMD-X86-64"	"VIA Technologies Inc.,Ltd"	"c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid"	"Cinepak® Codec"	"Radius Inc."	"c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\Filter"	""	""	""
+ "Sonic MP4 Demultiplexer"	"MP4 Demultiplexer Direct Show Filter"	"Sonic Solutions Inc."	"c:\program files (x86)\roxio\cineplayer\5.0\filters\roxio86_demux_mp4_ds.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "ASUS Color Preview Filter"	"ASUS Color Preview Filter"	"ASUSTek"	"c:\program files (x86)\asus\splendid\rgbtran.ax"
+ "Color Convert"	"ASUS Color Preview Filter"	"ASUSTek"	"c:\program files (x86)\asus\splendid\rgbtran.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "ASUS SplitVCam Pump"	""	""	"c:\program files (x86)\asus\virtualcamera\virtualcamera.ax"
+ "ASUS SplitVCam Relayer"	""	""	"c:\program files (x86)\asus\virtualcamera\virtualcamera.ax"
+ "ASUS SplitVCam Renderer"	""	""	"c:\program files (x86)\asus\virtualcamera\splitvcamrenderer.ax"
+ "ASUS Virtual Camera"	""	""	"c:\program files (x86)\asus\virtualcamera\virtualcamera.ax"
+ "Capture File Writer"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Noise Reduction"	"CLAuNR"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler"	"CLAuRsmpl.ax"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster"	"CyberLink Audio Volume Booster Filter"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter"	"CyberLink AudioCD Filter"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter"	"Cyberlink File Dump Dispatch Filter"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter"	"Cyberlink File Dump Filter"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink Editing Service 3.0 (Source)"	"CES Kernel"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)"	"Cyberlink MPEG File Reader"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Load Image Filter"	"CLImage"	"CyberLink"	"c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer"	"CLM2VWriter"	"CyberLink"	"c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper"	"CyberLink MP3 Wrapper"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder"	"CyberLink Video/SP Filter"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer"	"MpgMux"	"CyberLink"	"c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder"	"CyberLink MPEG Video Encoder                               "	"CyberLink Corp.                                            "	"c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter"	"CyberLink MPEG Splitter"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter"	"CyberLink MPEG Splitter"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper"	"CyberLink PCM Wrapper"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink TimeStretch Filter (CES)"	"CLAuTS.ax"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter"	"CyberLink MPEG Splitter"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Video Effect"	"CLVidFx"	"CyberLink"	"c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator"	"CLRGL"	"Cyberlink"	"c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer"	"CLVideoDeShaking"	"CyberLink"	"c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "Logon Effects"	"SmartLogon Filter"	"ASUS"	"c:\program files (x86)\asus\smartlogon\face_filter.ax"
+ "P2G Audio Decoder"	"CyberLink Audio Decoder Filter"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder"	"CyberLink Audio Encoder Filter"	"Cyberlink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder"	"CyberLink Video/SP Filter"	"CyberLink Corp."	"c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator"	"CyberLink Video Regulator"	"CyberLink"	"c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "Record Queue"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Sonic HD Demuxer"	"Sonic HD Demuxer"	""	"c:\program files (x86)\roxio\cineplayer\5.0\filters\sonichddemuxer.dll"
+ "Sonic MP4 Demultiplexer"	"MP4 Demultiplexer Direct Show Filter"	"Sonic Solutions Inc."	"c:\program files (x86)\roxio\cineplayer\5.0\filters\roxio86_demux_mp4_ds.ax"
+ "WM VIH2 Fix"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute"	""	""	""
+ "autocheck autochk *"	""	""	"c:\windows\system32\autochk.exe"
+ "autocheck autochk /r \??\C:"	""	""	"c:\windows\system32\autochk.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"	""	""	""
+ "BtwCredentialProvider"	"BtwCP DLL"	"Broadcom Corporation."	"c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "FaceCredentialProvider64"	"SmartLogon Dynamic Link Library"	"ASUS"	"c:\program files (x86)\asus\smartlogon\system\facecredentialprovider64.dll"
+ "WLIDCredentialProvider"	"Microsoft® Windows Live ID Credential Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"	""	""	""
+ "WindowsLive Local NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"	""	""	""
+ "WindowsLive Local NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"C:\Users\Rick\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"	""	""	""
+ "Power4Gear"	"ASUS Power4Gear Utility"	"ASUSTek Corporation"	"C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\Gadget.xml"


#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:17 AM

Posted 08 October 2012 - 01:10 PM

how about the pop ups?

Edited by InadequateInfirmity, 08 October 2012 - 01:12 PM.


#9 s0ldier

s0ldier
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 08 October 2012 - 01:23 PM

the pop ups seam to have stoped =D :clapping:

#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:17 AM

Posted 08 October 2012 - 01:46 PM

Any more issues?


I suggest you uninstall.

Ad-Aware Antivirus (Version: 10.2.21.3698) You only need one antivirus!!
Ad-Aware Browsing Protection (Version: 0.9.0.2)
ASUS WebStorage (Version: 3.0.102.211) This is known to cause performance issues the choice is yours.
Bing Bar (Version: 7.0.610.0)
Microsoft Security Essentials (Version: 4.1.522.0) Probably what got you in this mess to start with.I am not sure how it gets such good ratings????


Replace Microsoft security Essential with Avast free much much better.
http://www.filehippo.com/download_avast_antivirus/download/1b94c71a1cf72c7d7c77d647fc834999/


Open autoruns and untick the items below.


+ "\Ad-Aware Antivirus Scheduled Scan" "Ad-Aware Antivirus Launcher" "Lavasoft Limited" "d:\program files (x86)\adawarelauncher.exe"

+ "\ATKOSD2" "ATKOSD2" "ASUS" "c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe"

+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"

+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"

+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"

+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"

+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"

+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"

+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"

+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"

+ "SBAMSvc" "Manages your antispyware and antivirus application" "GFI Software" "d:\program files (x86)\sbamsvc.exe"

+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"

+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"

+ "sbapifs" "GFI Active Protection Filter Driver" "GFI Software" "c:\windows\system32\drivers\sbapifs.sys"

+ "sbhips" "GFI Firewall SDK Host Intrusion Prevention System Driver" "GFI Software" "c:\windows\system32\drivers\sbhips.sys"

+ "SBRE" "GFI Anti-Rootkit Driver" "GFI Software" ""c:\windows\system32\drivers\sbredrv.sys



Reboot your machine


Delete the three files below.

c:\windows\system32\drivers\sbredrv.sys

c:\windows\system32\drivers\sbapifs.sys

c:\windows\system32\drivers\sbhips.sys

You should find these left over drivers from sunbelt firewall in the c:\windows\system32\drivers folder

Any issues deleteing these download file assasin input the file paths above one at a time and delete this way.
http://www.softpedia.com/dyn-postdownload.php?p=65993&t=0&i=1


To finalize your steps here run an online F-Secure scan.Just make sure and disable Avast prior to doing so.
http://www.f-secure.com/en/web/labs_global/removal-tools/-/carousel/view/143

Also Run a full Updated scan with Avast.

Let me know if any more issues arise.

Edited by InadequateInfirmity, 08 October 2012 - 01:47 PM.


#11 s0ldier

s0ldier
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 08 October 2012 - 03:10 PM

thank you so much i will besure to let you know

#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:17 AM

Posted 08 October 2012 - 03:15 PM

:thumbup2:

Let me know when you are done we need to delete your retore points and check a couple things.

#13 s0ldier

s0ldier
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 08 October 2012 - 03:25 PM

i decided to keep the mse but im running the f scan now

#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:17 AM

Posted 08 October 2012 - 03:32 PM

:thumbup2:


Just make sure and disable It prior to the scan.

Edited by InadequateInfirmity, 08 October 2012 - 03:32 PM.


#15 s0ldier

s0ldier
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 08 October 2012 - 04:08 PM

ok done it removed 1 malware but i still have disk erros and im pretty sure my restorepoints are bad still




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users