Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Alert Popping up every 2-3 minutes


  • Please log in to reply
13 replies to this topic

#1 xtcvv2

xtcvv2

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 19 October 2012 - 05:11 AM

So I have comodo internet security premium and every 2-3 minutes a warning about malware pops up...

Usually it says something like 'c:\Windows\assembly\temp\U\000000c0.$ | Malware@2m8a6f44xbnfc'. I have scanned my computer with Super Anti Spyware and malwarebytes, both have removed a few viruses but not the one that keeps getting "removed" by comodo.

This staretd after I installed a game which I shouldn't have since comodo did warn me that it was a virus but I installed it anyways so yeah...I have since un-installed the game and done these scans.

What should I do to get rid of this?

Edited by xtcvv2, 19 October 2012 - 05:16 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:49 AM

Posted 19 October 2012 - 05:47 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 xtcvv2

xtcvv2
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 19 October 2012 - 10:46 AM

TDSSkiller seems to have removed the infection but I ran the other scans anyway. aswMBR just made my system freeze so I didn't want to waste my time with that.

14:34:38.0456 1864 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
14:34:38.0706 1864 ============================================================
14:34:38.0706 1864 Current date / time: 2012/10/19 14:34:38.0706
14:34:38.0706 1864 SystemInfo:
14:34:38.0706 1864
14:34:38.0706 1864 OS Version: 6.1.7601 ServicePack: 1.0
14:34:38.0706 1864 Product type: Workstation
14:34:38.0706 1864 ComputerName: PC
14:34:38.0706 1864 UserName: Admin
14:34:38.0706 1864 Windows directory: C:\Windows
14:34:38.0706 1864 System windows directory: C:\Windows
14:34:38.0706 1864 Running under WOW64
14:34:38.0706 1864 Processor architecture: Intel x64
14:34:38.0706 1864 Number of processors: 4
14:34:38.0706 1864 Page size: 0x1000
14:34:38.0706 1864 Boot type: Normal boot
14:34:38.0706 1864 ============================================================
14:34:39.0706 1864 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:34:39.0706 1864 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:34:43.0346 1864 ============================================================
14:34:43.0346 1864 \Device\Harddisk0\DR0:
14:34:43.0346 1864 MBR partitions:
14:34:43.0346 1864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:34:43.0346 1864 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
14:34:43.0346 1864 \Device\Harddisk1\DR1:
14:34:43.0346 1864 MBR partitions:
14:34:43.0346 1864 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
14:34:43.0346 1864 ============================================================
14:34:43.0376 1864 C: <-> \Device\Harddisk0\DR0\Partition2
14:34:43.0396 1864 E: <-> \Device\Harddisk1\DR1\Partition1
14:34:43.0396 1864 ============================================================
14:34:43.0396 1864 Initialize success
14:34:43.0396 1864 ============================================================
14:35:06.0297 4384 ============================================================
14:35:06.0297 4384 Scan started
14:35:06.0297 4384 Mode: Manual; TDLFS;
14:35:06.0297 4384 ============================================================
14:35:07.0677 4384 ================ Scan system memory ========================
14:35:07.0677 4384 System memory - ok
14:35:07.0677 4384 ================ Scan services =============================
14:35:07.0747 4384 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:35:07.0747 4384 !SASCORE - ok
14:35:07.0867 4384 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:35:07.0867 4384 1394ohci - ok
14:35:07.0887 4384 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:35:07.0887 4384 ACPI - ok
14:35:07.0907 4384 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:35:07.0907 4384 AcpiPmi - ok
14:35:07.0917 4384 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:35:07.0927 4384 adp94xx - ok
14:35:07.0927 4384 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:35:07.0927 4384 adpahci - ok
14:35:07.0947 4384 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:35:07.0947 4384 adpu320 - ok
14:35:07.0967 4384 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:35:07.0967 4384 AeLookupSvc - ok
14:35:07.0997 4384 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:35:07.0997 4384 AFD - ok
14:35:08.0017 4384 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:35:08.0017 4384 agp440 - ok
14:35:08.0027 4384 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:35:08.0037 4384 ALG - ok
14:35:08.0047 4384 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:35:08.0047 4384 aliide - ok
14:35:08.0087 4384 ALSysIO - ok
14:35:08.0097 4384 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:35:08.0097 4384 amdide - ok
14:35:08.0097 4384 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:35:08.0107 4384 AmdK8 - ok
14:35:08.0117 4384 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:35:08.0117 4384 AmdPPM - ok
14:35:08.0147 4384 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:35:08.0147 4384 amdsata - ok
14:35:08.0177 4384 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:35:08.0177 4384 amdsbs - ok
14:35:08.0207 4384 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:35:08.0207 4384 amdxata - ok
14:35:08.0217 4384 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:35:08.0217 4384 AppID - ok
14:35:08.0227 4384 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:35:08.0227 4384 AppIDSvc - ok
14:35:08.0237 4384 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:35:08.0237 4384 Appinfo - ok
14:35:08.0247 4384 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:35:08.0257 4384 arc - ok
14:35:08.0277 4384 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:35:08.0277 4384 arcsas - ok
14:35:08.0367 4384 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:35:08.0367 4384 aspnet_state - ok
14:35:08.0377 4384 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:35:08.0377 4384 AsyncMac - ok
14:35:08.0377 4384 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:35:08.0377 4384 atapi - ok
14:35:08.0417 4384 [ 36322190763845975E0D001E90687BF2 ] athur C:\Windows\system32\DRIVERS\athurx.sys
14:35:08.0437 4384 athur - ok
14:35:08.0437 4384 ATP - ok
14:35:08.0457 4384 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:35:08.0467 4384 AudioEndpointBuilder - ok
14:35:08.0477 4384 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:35:08.0477 4384 AudioSrv - ok
14:35:08.0487 4384 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:35:08.0487 4384 AxInstSV - ok
14:35:08.0497 4384 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:35:08.0507 4384 b06bdrv - ok
14:35:08.0527 4384 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:35:08.0527 4384 b57nd60a - ok
14:35:08.0537 4384 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:35:08.0537 4384 BDESVC - ok
14:35:08.0547 4384 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:35:08.0557 4384 Beep - ok
14:35:08.0587 4384 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:35:08.0597 4384 BITS - ok
14:35:08.0607 4384 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:35:08.0617 4384 blbdrive - ok
14:35:08.0637 4384 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:35:08.0637 4384 bowser - ok
14:35:08.0637 4384 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:35:08.0647 4384 BrFiltLo - ok
14:35:08.0647 4384 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:35:08.0647 4384 BrFiltUp - ok
14:35:08.0687 4384 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:35:08.0687 4384 Browser - ok
14:35:08.0697 4384 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:35:08.0707 4384 Brserid - ok
14:35:08.0717 4384 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:35:08.0717 4384 BrSerWdm - ok
14:35:08.0727 4384 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:35:08.0727 4384 BrUsbMdm - ok
14:35:08.0737 4384 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:35:08.0737 4384 BrUsbSer - ok
14:35:08.0757 4384 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:35:08.0757 4384 BTHMODEM - ok
14:35:08.0757 4384 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:35:08.0757 4384 bthserv - ok
14:35:08.0797 4384 [ DC22832C7A65054129DEFE8BC0C6E2B6 ] camfilt2 C:\Windows\system32\DRIVERS\camfilt2.sys
14:35:08.0797 4384 camfilt2 - ok
14:35:08.0817 4384 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:35:08.0817 4384 cdfs - ok
14:35:08.0837 4384 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:35:08.0837 4384 cdrom - ok
14:35:08.0847 4384 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:35:08.0847 4384 CertPropSvc - ok
14:35:08.0857 4384 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:35:08.0857 4384 circlass - ok
14:35:08.0877 4384 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:35:08.0887 4384 CLFS - ok
14:35:08.0927 4384 [ 882E3973505C441CE000133C821D0EDD ] CLPSLS C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
14:35:08.0937 4384 CLPSLS - ok
14:35:08.0967 4384 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:35:08.0967 4384 clr_optimization_v2.0.50727_32 - ok
14:35:09.0007 4384 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:35:09.0007 4384 clr_optimization_v2.0.50727_64 - ok
14:35:09.0067 4384 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:35:09.0067 4384 clr_optimization_v4.0.30319_32 - ok
14:35:09.0077 4384 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:35:09.0077 4384 clr_optimization_v4.0.30319_64 - ok
14:35:09.0087 4384 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:35:09.0097 4384 CmBatt - ok
14:35:09.0167 4384 [ CEE48CCC4D561DDB19C72F9FB55D28D5 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
14:35:09.0197 4384 cmdAgent - ok
14:35:09.0237 4384 [ 7EAC5E62F0B93262984D450E0D497B61 ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
14:35:09.0247 4384 cmderd - ok
14:35:09.0287 4384 [ 0599D5A458D4E0E37AB84E9D1C5C73E5 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
14:35:09.0297 4384 cmdGuard - ok
14:35:09.0317 4384 [ 2D3E08C7106F748F9EFF3DEC14142D3E ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
14:35:09.0317 4384 cmdHlp - ok
14:35:09.0337 4384 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:35:09.0337 4384 cmdide - ok
14:35:09.0377 4384 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:35:09.0387 4384 CNG - ok
14:35:09.0407 4384 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:35:09.0407 4384 Compbatt - ok
14:35:09.0417 4384 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:35:09.0417 4384 CompositeBus - ok
14:35:09.0427 4384 COMSysApp - ok
14:35:09.0437 4384 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:35:09.0437 4384 crcdisk - ok
14:35:09.0477 4384 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:35:09.0477 4384 CryptSvc - ok
14:35:09.0497 4384 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:35:09.0507 4384 DcomLaunch - ok
14:35:09.0517 4384 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:35:09.0517 4384 defragsvc - ok
14:35:09.0537 4384 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:35:09.0537 4384 DfsC - ok
14:35:09.0547 4384 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:35:09.0547 4384 Dhcp - ok
14:35:09.0557 4384 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:35:09.0557 4384 discache - ok
14:35:09.0567 4384 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:35:09.0577 4384 Disk - ok
14:35:09.0607 4384 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:35:09.0607 4384 Dnscache - ok
14:35:09.0627 4384 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:35:09.0637 4384 dot3svc - ok
14:35:09.0647 4384 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:35:09.0647 4384 DPS - ok
14:35:09.0657 4384 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:35:09.0667 4384 drmkaud - ok
14:35:09.0687 4384 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:35:09.0697 4384 DXGKrnl - ok
14:35:09.0707 4384 EagleX64 - ok
14:35:09.0717 4384 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:35:09.0717 4384 EapHost - ok
14:35:09.0777 4384 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:35:09.0827 4384 ebdrv - ok
14:35:09.0837 4384 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:35:09.0837 4384 EFS - ok
14:35:09.0887 4384 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:35:09.0887 4384 ehRecvr - ok
14:35:09.0897 4384 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:35:09.0907 4384 ehSched - ok
14:35:09.0917 4384 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:35:09.0927 4384 elxstor - ok
14:35:09.0937 4384 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:35:09.0937 4384 ErrDev - ok
14:35:09.0967 4384 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:35:09.0977 4384 EventSystem - ok
14:35:09.0977 4384 ewusbnet - ok
14:35:09.0977 4384 ew_hwusbdev - ok
14:35:09.0987 4384 ew_usbenumfilter - ok
14:35:09.0997 4384 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:35:10.0007 4384 exfat - ok
14:35:10.0027 4384 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:35:10.0027 4384 fastfat - ok
14:35:10.0057 4384 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:35:10.0057 4384 Fax - ok
14:35:10.0077 4384 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:35:10.0077 4384 fdc - ok
14:35:10.0077 4384 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:35:10.0077 4384 fdPHost - ok
14:35:10.0087 4384 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:35:10.0087 4384 FDResPub - ok
14:35:10.0107 4384 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:35:10.0107 4384 FileInfo - ok
14:35:10.0127 4384 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:35:10.0127 4384 Filetrace - ok
14:35:10.0127 4384 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:35:10.0127 4384 flpydisk - ok
14:35:10.0157 4384 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:35:10.0157 4384 FltMgr - ok
14:35:10.0187 4384 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:35:10.0197 4384 FontCache - ok
14:35:10.0227 4384 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:35:10.0227 4384 FontCache3.0.0.0 - ok
14:35:10.0247 4384 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:35:10.0247 4384 FsDepends - ok
14:35:10.0287 4384 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:35:10.0287 4384 Fs_Rec - ok
14:35:10.0297 4384 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:35:10.0297 4384 fvevol - ok
14:35:10.0297 4384 Fwleaf - ok
14:35:10.0317 4384 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:35:10.0317 4384 gagp30kx - ok
14:35:10.0337 4384 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:35:10.0347 4384 gpsvc - ok
14:35:10.0427 4384 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:35:10.0437 4384 gupdate - ok
14:35:10.0437 4384 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:35:10.0437 4384 gupdatem - ok
14:35:10.0457 4384 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:35:10.0467 4384 hamachi - ok
14:35:10.0547 4384 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:35:10.0607 4384 Hamachi2Svc - ok
14:35:10.0657 4384 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:35:10.0657 4384 hcw85cir - ok
14:35:10.0687 4384 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:35:10.0697 4384 HdAudAddService - ok
14:35:10.0707 4384 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:35:10.0707 4384 HDAudBus - ok
14:35:10.0707 4384 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:35:10.0707 4384 HidBatt - ok
14:35:10.0717 4384 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:35:10.0717 4384 HidBth - ok
14:35:10.0727 4384 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:35:10.0727 4384 HidIr - ok
14:35:10.0737 4384 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:35:10.0737 4384 hidserv - ok
14:35:10.0747 4384 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:35:10.0747 4384 HidUsb - ok
14:35:10.0817 4384 [ FD1837DEE0A1D7F180D7B301C0656511 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
14:35:10.0817 4384 HiPatchService - ok
14:35:10.0857 4384 [ 105C4376B682DF3FE6C9B45252BE9DB7 ] hipeer20 C:\Windows\system32\DRIVERS\remobo64.sys
14:35:10.0857 4384 hipeer20 - ok
14:35:10.0877 4384 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:35:10.0877 4384 hkmsvc - ok
14:35:10.0887 4384 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:35:10.0897 4384 HomeGroupListener - ok
14:35:10.0907 4384 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:35:10.0917 4384 HomeGroupProvider - ok
14:35:10.0927 4384 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:35:10.0927 4384 HpSAMD - ok
14:35:10.0947 4384 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:35:10.0947 4384 HTTP - ok
14:35:10.0957 4384 huawei_enumerator - ok
14:35:10.0957 4384 hwdatacard - ok
14:35:10.0977 4384 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:35:10.0977 4384 hwpolicy - ok
14:35:10.0997 4384 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:35:11.0007 4384 i8042prt - ok
14:35:11.0027 4384 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:35:11.0037 4384 iaStorV - ok
14:35:11.0077 4384 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:35:11.0077 4384 IDriverT - ok
14:35:11.0117 4384 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:35:11.0117 4384 idsvc - ok
14:35:11.0137 4384 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:35:11.0137 4384 iirsp - ok
14:35:11.0157 4384 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:35:11.0157 4384 IKEEXT - ok
14:35:11.0187 4384 [ EFFF0AFD27CC97BF0E5E0BAB78419DE7 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
14:35:11.0187 4384 inspect - ok
14:35:11.0207 4384 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:35:11.0207 4384 intelide - ok
14:35:11.0217 4384 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
14:35:11.0217 4384 intelppm - ok
14:35:11.0237 4384 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:35:11.0237 4384 IPBusEnum - ok
14:35:11.0237 4384 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:35:11.0247 4384 IpFilterDriver - ok
14:35:11.0257 4384 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:35:11.0257 4384 IPMIDRV - ok
14:35:11.0277 4384 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:35:11.0277 4384 IPNAT - ok
14:35:11.0287 4384 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:35:11.0287 4384 IRENUM - ok
14:35:11.0297 4384 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:35:11.0297 4384 isapnp - ok
14:35:11.0317 4384 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:35:11.0327 4384 iScsiPrt - ok
14:35:11.0337 4384 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:35:11.0337 4384 kbdclass - ok
14:35:11.0347 4384 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:35:11.0347 4384 kbdhid - ok
14:35:11.0367 4384 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:35:11.0367 4384 KeyIso - ok
14:35:11.0387 4384 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:35:11.0387 4384 KSecDD - ok
14:35:11.0407 4384 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:35:11.0407 4384 KSecPkg - ok
14:35:11.0417 4384 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:35:11.0417 4384 ksthunk - ok
14:35:11.0437 4384 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:35:11.0437 4384 KtmRm - ok
14:35:11.0467 4384 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:35:11.0477 4384 LanmanServer - ok
14:35:11.0477 4384 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:35:11.0487 4384 LanmanWorkstation - ok
14:35:11.0517 4384 [ 83EC58ED3ACA5028919028667BABF490 ] leafnets C:\Windows\system32\DRIVERS\leafnets.sys
14:35:11.0517 4384 leafnets - ok
14:35:11.0527 4384 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:35:11.0527 4384 lltdio - ok
14:35:11.0547 4384 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:35:11.0547 4384 lltdsvc - ok
14:35:11.0557 4384 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:35:11.0567 4384 lmhosts - ok
14:35:11.0597 4384 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:35:11.0597 4384 LSI_FC - ok
14:35:11.0607 4384 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:35:11.0617 4384 LSI_SAS - ok
14:35:11.0617 4384 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:35:11.0617 4384 LSI_SAS2 - ok
14:35:11.0627 4384 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:35:11.0627 4384 LSI_SCSI - ok
14:35:11.0647 4384 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:35:11.0647 4384 luafv - ok
14:35:11.0687 4384 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
14:35:11.0687 4384 ManyCam - ok
14:35:11.0697 4384 massfilter - ok
14:35:11.0717 4384 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:35:11.0717 4384 MBAMProtector - ok
14:35:11.0777 4384 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:35:11.0777 4384 MBAMScheduler - ok
14:35:11.0857 4384 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:35:11.0857 4384 MBAMService - ok
14:35:11.0877 4384 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
14:35:11.0877 4384 mcaudrv_simple - ok
14:35:11.0897 4384 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:35:11.0907 4384 Mcx2Svc - ok
14:35:11.0907 4384 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:35:11.0907 4384 megasas - ok
14:35:11.0927 4384 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:35:11.0927 4384 MegaSR - ok
14:35:11.0937 4384 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:35:11.0937 4384 MMCSS - ok
14:35:11.0957 4384 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:35:11.0957 4384 Modem - ok
14:35:11.0977 4384 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:35:11.0977 4384 monitor - ok
14:35:11.0987 4384 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:35:11.0987 4384 mouclass - ok
14:35:11.0987 4384 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:35:11.0987 4384 mouhid - ok
14:35:11.0997 4384 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:35:11.0997 4384 mountmgr - ok
14:35:12.0007 4384 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:35:12.0017 4384 mpio - ok
14:35:12.0027 4384 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:35:12.0027 4384 mpsdrv - ok
14:35:12.0047 4384 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:35:12.0047 4384 MRxDAV - ok
14:35:12.0067 4384 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:35:12.0067 4384 mrxsmb - ok
14:35:12.0077 4384 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:35:12.0077 4384 mrxsmb10 - ok
14:35:12.0087 4384 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:35:12.0087 4384 mrxsmb20 - ok
14:35:12.0107 4384 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:35:12.0107 4384 msahci - ok
14:35:12.0117 4384 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:35:12.0117 4384 msdsm - ok
14:35:12.0137 4384 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:35:12.0137 4384 MSDTC - ok
14:35:12.0147 4384 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:35:12.0147 4384 Msfs - ok
14:35:12.0147 4384 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:35:12.0147 4384 mshidkmdf - ok
14:35:12.0167 4384 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:35:12.0167 4384 msisadrv - ok
14:35:12.0187 4384 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:35:12.0197 4384 MSiSCSI - ok
14:35:12.0197 4384 msiserver - ok
14:35:12.0207 4384 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:35:12.0217 4384 MSKSSRV - ok
14:35:12.0217 4384 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:35:12.0217 4384 MSPCLOCK - ok
14:35:12.0217 4384 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:35:12.0217 4384 MSPQM - ok
14:35:12.0237 4384 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:35:12.0237 4384 MsRPC - ok
14:35:12.0247 4384 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:35:12.0247 4384 mssmbios - ok
14:35:12.0257 4384 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:35:12.0257 4384 MSTEE - ok
14:35:12.0277 4384 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:35:12.0277 4384 MTConfig - ok
14:35:12.0287 4384 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:35:12.0287 4384 MTsensor - ok
14:35:12.0307 4384 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:35:12.0307 4384 Mup - ok
14:35:12.0337 4384 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:35:12.0347 4384 napagent - ok
14:35:12.0357 4384 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:35:12.0357 4384 NativeWifiP - ok
14:35:12.0407 4384 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:35:12.0407 4384 NDIS - ok
14:35:12.0417 4384 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:35:12.0417 4384 NdisCap - ok
14:35:12.0437 4384 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:35:12.0437 4384 NdisTapi - ok
14:35:12.0437 4384 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:35:12.0447 4384 Ndisuio - ok
14:35:12.0457 4384 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:35:12.0457 4384 NdisWan - ok
14:35:12.0477 4384 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:35:12.0477 4384 NDProxy - ok
14:35:12.0487 4384 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:35:12.0487 4384 NetBIOS - ok
14:35:12.0497 4384 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:35:12.0497 4384 NetBT - ok
14:35:12.0517 4384 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:35:12.0517 4384 Netlogon - ok
14:35:12.0537 4384 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:35:12.0547 4384 Netman - ok
14:35:12.0577 4384 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:35:12.0577 4384 NetMsmqActivator - ok
14:35:12.0597 4384 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:35:12.0597 4384 NetPipeActivator - ok
14:35:12.0617 4384 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:35:12.0617 4384 netprofm - ok
14:35:12.0627 4384 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:35:12.0627 4384 NetTcpActivator - ok
14:35:12.0627 4384 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:35:12.0627 4384 NetTcpPortSharing - ok
14:35:12.0647 4384 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:35:12.0647 4384 nfrd960 - ok
14:35:12.0717 4384 [ 39645FF63EE21582D40704C2CAAC1252 ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
14:35:12.0727 4384 NitroReaderDriverReadSpool2 - ok
14:35:12.0727 4384 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:35:12.0737 4384 NlaSvc - ok
14:35:12.0737 4384 NLNdisMP - ok
14:35:12.0737 4384 NLNdisPT - ok
14:35:12.0747 4384 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:35:12.0747 4384 Npfs - ok
14:35:12.0757 4384 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:35:12.0757 4384 nsi - ok
14:35:12.0777 4384 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:35:12.0777 4384 nsiproxy - ok
14:35:12.0827 4384 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:35:12.0827 4384 Ntfs - ok
14:35:12.0847 4384 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:35:12.0847 4384 Null - ok
14:35:12.0877 4384 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:35:12.0877 4384 NVHDA - ok
14:35:13.0067 4384 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:35:13.0257 4384 nvlddmkm - ok
14:35:13.0267 4384 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:35:13.0267 4384 nvraid - ok
14:35:13.0287 4384 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:35:13.0287 4384 nvstor - ok
14:35:13.0317 4384 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] NVSvc C:\Windows\system32\nvvsvc.exe
14:35:13.0327 4384 NVSvc - ok
14:35:13.0377 4384 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:35:13.0497 4384 nvUpdatusService - ok
14:35:13.0517 4384 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:35:13.0517 4384 nv_agp - ok
14:35:13.0527 4384 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:35:13.0527 4384 ohci1394 - ok
14:35:13.0567 4384 [ FA5D730CE3F3A3BD21C1040E212230D4 ] OM0530 C:\Windows\system32\Drivers\ov530vx.sys
14:35:13.0577 4384 OM0530 - ok
14:35:13.0657 4384 [ 01B14F4D64BC70E93734211C3D324099 ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
14:35:13.0717 4384 OverwolfUpdaterService - ok
14:35:13.0747 4384 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:35:13.0757 4384 p2pimsvc - ok
14:35:13.0767 4384 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:35:13.0767 4384 p2psvc - ok
14:35:13.0787 4384 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:35:13.0787 4384 Parport - ok
14:35:13.0807 4384 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:35:13.0807 4384 partmgr - ok
14:35:13.0827 4384 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:35:13.0827 4384 PcaSvc - ok
14:35:13.0847 4384 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:35:13.0847 4384 pci - ok
14:35:13.0857 4384 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:35:13.0857 4384 pciide - ok
14:35:13.0887 4384 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:35:13.0887 4384 pcmcia - ok
14:35:13.0897 4384 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:35:13.0897 4384 pcw - ok
14:35:13.0917 4384 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:35:13.0917 4384 PEAUTH - ok
14:35:13.0967 4384 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:35:13.0967 4384 PerfHost - ok
14:35:14.0017 4384 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:35:14.0027 4384 pla - ok
14:35:14.0057 4384 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:35:14.0057 4384 PlugPlay - ok
14:35:14.0067 4384 PnkBstrA - ok
14:35:14.0087 4384 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:35:14.0087 4384 PNRPAutoReg - ok
14:35:14.0087 4384 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:35:14.0087 4384 PNRPsvc - ok
14:35:14.0117 4384 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:35:14.0117 4384 PolicyAgent - ok
14:35:14.0147 4384 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:35:14.0147 4384 Power - ok
14:35:14.0167 4384 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:35:14.0167 4384 PptpMiniport - ok
14:35:14.0167 4384 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:35:14.0167 4384 Processor - ok
14:35:14.0217 4384 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:35:14.0217 4384 ProfSvc - ok
14:35:14.0217 4384 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:35:14.0217 4384 ProtectedStorage - ok
14:35:14.0227 4384 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:35:14.0227 4384 Psched - ok
14:35:14.0267 4384 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:35:14.0277 4384 ql2300 - ok
14:35:14.0297 4384 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:35:14.0297 4384 ql40xx - ok
14:35:14.0317 4384 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:35:14.0317 4384 QWAVE - ok
14:35:14.0327 4384 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:35:14.0327 4384 QWAVEdrv - ok
14:35:14.0337 4384 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:35:14.0337 4384 RasAcd - ok
14:35:14.0347 4384 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:35:14.0347 4384 RasAgileVpn - ok
14:35:14.0367 4384 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:35:14.0367 4384 RasAuto - ok
14:35:14.0387 4384 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:35:14.0397 4384 Rasl2tp - ok
14:35:14.0397 4384 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:35:14.0407 4384 RasMan - ok
14:35:14.0417 4384 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:35:14.0417 4384 RasPppoe - ok
14:35:14.0427 4384 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:35:14.0427 4384 RasSstp - ok
14:35:14.0447 4384 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:35:14.0447 4384 rdbss - ok
14:35:14.0457 4384 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:35:14.0457 4384 rdpbus - ok
14:35:14.0477 4384 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:35:14.0477 4384 RDPCDD - ok
14:35:14.0477 4384 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:35:14.0477 4384 RDPENCDD - ok
14:35:14.0487 4384 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:35:14.0487 4384 RDPREFMP - ok
14:35:14.0527 4384 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:35:14.0527 4384 RDPWD - ok
14:35:14.0547 4384 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:35:14.0547 4384 rdyboost - ok
14:35:14.0587 4384 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:35:14.0587 4384 RemoteAccess - ok
14:35:14.0607 4384 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:35:14.0607 4384 RemoteRegistry - ok
14:35:14.0617 4384 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:35:14.0617 4384 RpcEptMapper - ok
14:35:14.0637 4384 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:35:14.0637 4384 RpcLocator - ok
14:35:14.0647 4384 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:35:14.0647 4384 RpcSs - ok
14:35:14.0657 4384 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:35:14.0657 4384 rspndr - ok
14:35:14.0687 4384 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:35:14.0697 4384 RTL8167 - ok
14:35:14.0717 4384 [ C72181510AA3EA09BC09B8FEBB39D75F ] rzdaendpt C:\Windows\system32\DRIVERS\rzdaendpt.sys
14:35:14.0717 4384 rzdaendpt - ok
14:35:14.0737 4384 [ 602FCF9D91BD47721B248B81F816C267 ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
14:35:14.0737 4384 rzendpt - ok
14:35:14.0767 4384 [ F71EEA505290B0AAD48850F0D750702D ] RzSynapse C:\Windows\system32\DRIVERS\RzSynapse.sys
14:35:14.0777 4384 RzSynapse - ok
14:35:14.0797 4384 [ 672CA863751E96F0A800215C11FD496F ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
14:35:14.0797 4384 rzudd - ok
14:35:14.0827 4384 [ 54336C078A60D07C613B9C044C501766 ] rzvkeyboard C:\Windows\system32\DRIVERS\rzvkeyboard.sys
14:35:14.0827 4384 rzvkeyboard - ok
14:35:14.0827 4384 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:35:14.0827 4384 SamSs - ok
14:35:14.0887 4384 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:35:14.0897 4384 SASDIFSV - ok
14:35:14.0917 4384 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:35:14.0927 4384 SASKUTIL - ok
14:35:14.0947 4384 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:35:14.0947 4384 sbp2port - ok
14:35:14.0967 4384 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:35:14.0967 4384 SCardSvr - ok
14:35:15.0007 4384 [ C81EB41E9FFC35560E5025891DC01A6E ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
14:35:15.0017 4384 SCDEmu - ok
14:35:15.0017 4384 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:35:15.0017 4384 scfilter - ok
14:35:15.0037 4384 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:35:15.0047 4384 Schedule - ok
14:35:15.0077 4384 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:35:15.0077 4384 SCPolicySvc - ok
14:35:15.0087 4384 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:35:15.0097 4384 SDRSVC - ok
14:35:15.0107 4384 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:35:15.0107 4384 secdrv - ok
14:35:15.0117 4384 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:35:15.0117 4384 seclogon - ok
14:35:15.0127 4384 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:35:15.0127 4384 SENS - ok
14:35:15.0137 4384 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:35:15.0137 4384 SensrSvc - ok
14:35:15.0147 4384 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:35:15.0147 4384 Serenum - ok
14:35:15.0157 4384 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:35:15.0157 4384 Serial - ok
14:35:15.0167 4384 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:35:15.0167 4384 sermouse - ok
14:35:15.0177 4384 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:35:15.0177 4384 SessionEnv - ok
14:35:15.0197 4384 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:35:15.0197 4384 sffdisk - ok
14:35:15.0207 4384 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:35:15.0207 4384 sffp_mmc - ok
14:35:15.0217 4384 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:35:15.0227 4384 sffp_sd - ok
14:35:15.0237 4384 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:35:15.0237 4384 sfloppy - ok
14:35:15.0257 4384 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:35:15.0267 4384 SharedAccess - ok
14:35:15.0287 4384 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:35:15.0287 4384 ShellHWDetection - ok
14:35:15.0307 4384 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:35:15.0307 4384 SiSRaid2 - ok
14:35:15.0337 4384 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:35:15.0337 4384 SiSRaid4 - ok
14:35:15.0387 4384 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:35:15.0387 4384 SkypeUpdate - ok
14:35:15.0397 4384 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:35:15.0397 4384 Smb - ok
14:35:15.0407 4384 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:35:15.0407 4384 SNMPTRAP - ok
14:35:15.0417 4384 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:35:15.0417 4384 spldr - ok
14:35:15.0447 4384 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:35:15.0457 4384 Spooler - ok
14:35:15.0517 4384 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:35:15.0527 4384 sppsvc - ok
14:35:15.0557 4384 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:35:15.0557 4384 sppuinotify - ok
14:35:15.0587 4384 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:35:15.0587 4384 srv - ok
14:35:15.0597 4384 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:35:15.0607 4384 srv2 - ok
14:35:15.0617 4384 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:35:15.0617 4384 srvnet - ok
14:35:15.0627 4384 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:35:15.0627 4384 SSDPSRV - ok
14:35:15.0637 4384 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:35:15.0647 4384 SstpSvc - ok
14:35:15.0677 4384 Steam Client Service - ok
14:35:15.0717 4384 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:35:15.0717 4384 Stereo Service - ok
14:35:15.0737 4384 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:35:15.0737 4384 stexstor - ok
14:35:15.0757 4384 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:35:15.0767 4384 stisvc - ok
14:35:15.0777 4384 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:35:15.0777 4384 swenum - ok
14:35:15.0837 4384 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:35:15.0847 4384 SwitchBoard - ok
14:35:15.0857 4384 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:35:15.0857 4384 swprv - ok
14:35:15.0897 4384 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:35:15.0897 4384 SysMain - ok
14:35:15.0917 4384 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:35:15.0917 4384 TabletInputService - ok
14:35:15.0957 4384 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
14:35:15.0957 4384 tap0901t - ok
14:35:15.0967 4384 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:35:15.0967 4384 TapiSrv - ok
14:35:15.0987 4384 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:35:15.0987 4384 TBS - ok
14:35:16.0037 4384 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:35:16.0037 4384 Tcpip - ok
14:35:16.0067 4384 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:35:16.0077 4384 TCPIP6 - ok
14:35:16.0107 4384 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:35:16.0107 4384 tcpipreg - ok
14:35:16.0127 4384 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:35:16.0127 4384 TDPIPE - ok
14:35:16.0167 4384 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:35:16.0167 4384 TDTCP - ok
14:35:16.0177 4384 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:35:16.0177 4384 tdx - ok
14:35:16.0187 4384 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:35:16.0187 4384 TermDD - ok
14:35:16.0217 4384 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:35:16.0217 4384 TermService - ok
14:35:16.0247 4384 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes C:\Windows\system32\themeservice.dll
14:35:16.0247 4384 Themes - ok
14:35:16.0267 4384 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:35:16.0277 4384 THREADORDER - ok
14:35:16.0287 4384 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:35:16.0287 4384 TrkWks - ok
14:35:16.0337 4384 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:35:16.0337 4384 TrustedInstaller - ok
14:35:16.0347 4384 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:35:16.0347 4384 tssecsrv - ok
14:35:16.0367 4384 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:35:16.0367 4384 TsUsbFlt - ok
14:35:16.0377 4384 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:35:16.0377 4384 TsUsbGD - ok
14:35:16.0397 4384 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:35:16.0397 4384 tunnel - ok
14:35:16.0457 4384 [ 3DB1CE045A552161EF7252988752C65F ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
14:35:16.0627 4384 TunngleService - ok
14:35:16.0637 4384 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:35:16.0637 4384 uagp35 - ok
14:35:16.0667 4384 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:35:16.0667 4384 udfs - ok
14:35:16.0677 4384 UI0Detect - ok
14:35:16.0697 4384 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:35:16.0697 4384 uliagpkx - ok
14:35:16.0707 4384 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:35:16.0707 4384 umbus - ok
14:35:16.0717 4384 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:35:16.0717 4384 UmPass - ok
14:35:16.0767 4384 [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
14:35:16.0767 4384 UnlockerDriver5 - ok
14:35:16.0787 4384 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:35:16.0787 4384 upnphost - ok
14:35:16.0837 4384 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:35:16.0847 4384 usbaudio - ok
14:35:16.0877 4384 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:35:16.0877 4384 usbccgp - ok
14:35:16.0887 4384 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:35:16.0897 4384 usbcir - ok
14:35:16.0917 4384 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:35:16.0917 4384 usbehci - ok
14:35:16.0957 4384 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:35:16.0967 4384 usbhub - ok
14:35:16.0997 4384 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:35:16.0997 4384 usbohci - ok
14:35:17.0007 4384 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:35:17.0007 4384 usbprint - ok
14:35:17.0037 4384 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:35:17.0037 4384 USBSTOR - ok
14:35:17.0057 4384 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:35:17.0057 4384 usbuhci - ok
14:35:17.0077 4384 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:35:17.0077 4384 UxSms - ok
14:35:17.0097 4384 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:35:17.0097 4384 VaultSvc - ok
14:35:17.0127 4384 [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6 ] vcd10bus C:\Windows\system32\DRIVERS\vcd10bus.sys
14:35:17.0137 4384 vcd10bus - ok
14:35:17.0267 4384 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:35:17.0267 4384 vdrvroot - ok
14:35:17.0287 4384 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:35:17.0297 4384 vds - ok
14:35:17.0337 4384 [ 00C7DF4F50962BA218AB60D32869100B ] vflt C:\Windows\system32\DRIVERS\vfilter.sys
14:35:17.0337 4384 vflt - ok
14:35:17.0357 4384 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:35:17.0357 4384 vga - ok
14:35:17.0367 4384 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:35:17.0367 4384 VgaSave - ok
14:35:17.0377 4384 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:35:17.0377 4384 vhdmp - ok
14:35:17.0447 4384 [ 84FFC3CCA60A1B52A021BC894D529735 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:35:17.0477 4384 VIAHdAudAddService - ok
14:35:17.0497 4384 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:35:17.0497 4384 viaide - ok
14:35:17.0527 4384 [ F4310278E6CE1C507B5555B662369E26 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
14:35:17.0527 4384 VIAKaraokeService - ok
14:35:17.0557 4384 [ A99CA064AD11266FE7067A79BF78BBB5 ] vnet C:\Windows\system32\DRIVERS\virtualnet.sys
14:35:17.0557 4384 vnet - ok
14:35:17.0577 4384 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:35:17.0577 4384 volmgr - ok
14:35:17.0597 4384 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:35:17.0597 4384 volmgrx - ok
14:35:17.0617 4384 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:35:17.0617 4384 volsnap - ok
14:35:17.0637 4384 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:35:17.0647 4384 vsmraid - ok
14:35:17.0667 4384 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:35:17.0677 4384 VSS - ok
14:35:17.0687 4384 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:35:17.0687 4384 vwifibus - ok
14:35:17.0697 4384 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:35:17.0697 4384 vwififlt - ok
14:35:17.0707 4384 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:35:17.0707 4384 vwifimp - ok
14:35:17.0727 4384 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:35:17.0727 4384 W32Time - ok
14:35:17.0747 4384 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:35:17.0747 4384 WacomPen - ok
14:35:17.0757 4384 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:35:17.0757 4384 WANARP - ok
14:35:17.0757 4384 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:35:17.0757 4384 Wanarpv6 - ok
14:35:17.0797 4384 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:35:17.0807 4384 WatAdminSvc - ok
14:35:17.0837 4384 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:35:17.0847 4384 wbengine - ok
14:35:17.0867 4384 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:35:17.0867 4384 WbioSrvc - ok
14:35:17.0887 4384 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:35:17.0887 4384 wcncsvc - ok
14:35:17.0897 4384 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:35:17.0897 4384 WcsPlugInService - ok
14:35:17.0937 4384 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:35:17.0937 4384 Wd - ok
14:35:17.0977 4384 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
14:35:17.0977 4384 WDC_SAM - ok
14:35:17.0997 4384 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:35:18.0007 4384 Wdf01000 - ok
14:35:18.0017 4384 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:35:18.0017 4384 WdiServiceHost - ok
14:35:18.0027 4384 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:35:18.0027 4384 WdiSystemHost - ok
14:35:18.0047 4384 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:35:18.0047 4384 WebClient - ok
14:35:18.0067 4384 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:35:18.0067 4384 Wecsvc - ok
14:35:18.0087 4384 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:35:18.0087 4384 wercplsupport - ok
14:35:18.0097 4384 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:35:18.0097 4384 WerSvc - ok
14:35:18.0107 4384 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:35:18.0107 4384 WfpLwf - ok
14:35:18.0127 4384 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:35:18.0127 4384 WIMMount - ok
14:35:18.0137 4384 WinHttpAutoProxySvc - ok
14:35:18.0167 4384 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:35:18.0167 4384 Winmgmt - ok
14:35:18.0217 4384 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:35:18.0227 4384 WinRM - ok
14:35:18.0267 4384 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:35:18.0277 4384 WinUsb - ok
14:35:18.0317 4384 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:35:18.0317 4384 Wlansvc - ok
14:35:18.0397 4384 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:35:18.0447 4384 wlidsvc - ok
14:35:18.0457 4384 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:35:18.0457 4384 WmiAcpi - ok
14:35:18.0477 4384 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:35:18.0477 4384 wmiApSrv - ok
14:35:18.0497 4384 WMPNetworkSvc - ok
14:35:18.0507 4384 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:35:18.0507 4384 WPCSvc - ok
14:35:18.0517 4384 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:35:18.0517 4384 WPDBusEnum - ok
14:35:18.0517 4384 WPRO_41_1742 - ok
14:35:18.0527 4384 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:35:18.0527 4384 ws2ifsl - ok
14:35:18.0537 4384 WSearch - ok
14:35:18.0597 4384 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:35:18.0597 4384 wuauserv - ok
14:35:18.0617 4384 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:35:18.0617 4384 WudfPf - ok
14:35:18.0637 4384 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:35:18.0637 4384 WUDFRd - ok
14:35:18.0657 4384 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:35:18.0657 4384 wudfsvc - ok
14:35:18.0667 4384 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:35:18.0667 4384 WwanSvc - ok
14:35:18.0677 4384 ZTEusbmdm6k - ok
14:35:18.0677 4384 ZTEusbnmea - ok
14:35:18.0687 4384 ZTEusbser6k - ok
14:35:18.0697 4384 ================ Scan global ===============================
14:35:18.0747 4384 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:35:18.0767 4384 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:35:18.0807 4384 [ 4D7CDE615A0F534BD5E359951829554B ] C:\Windows\system32\consrv.dll
14:35:19.0267 4384 Suspicious file (NoAccess): C:\Windows\system32\consrv.dll. md5: 4D7CDE615A0F534BD5E359951829554B
14:35:19.0297 4384 C:\Windows\system32\consrv.dll ( Backdoor.Multi.ZAccess.genb ) - infected
14:35:19.0297 4384 C:\Windows\system32\consrv.dll - detected Backdoor.Multi.ZAccess.genb (0)
14:35:19.0317 4384 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:35:19.0317 4384 ================ Scan MBR ==================================
14:35:19.0337 4384 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:35:19.0807 4384 \Device\Harddisk0\DR0 - ok
14:35:19.0827 4384 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk1\DR1
14:35:19.0897 4384 \Device\Harddisk1\DR1 - ok
14:35:19.0897 4384 ================ Scan VBR ==================================
14:35:19.0897 4384 [ A8B81E079F73E3C439C5B215603D9164 ] \Device\Harddisk0\DR0\Partition1
14:35:19.0897 4384 \Device\Harddisk0\DR0\Partition1 - ok
14:35:19.0917 4384 [ 10FD2F999887A771098ADA33BF3CD3B0 ] \Device\Harddisk0\DR0\Partition2
14:35:19.0917 4384 \Device\Harddisk0\DR0\Partition2 - ok
14:35:19.0927 4384 [ AAF12FDDA52E2EBE86F6EFDEED0D23F2 ] \Device\Harddisk1\DR1\Partition1
14:35:19.0927 4384 \Device\Harddisk1\DR1\Partition1 - ok
14:35:19.0927 4384 ============================================================
14:35:19.0927 4384 Scan finished
14:35:19.0927 4384 ============================================================
14:35:19.0937 4116 Detected object count: 1
14:35:19.0937 4116 Actual detected object count: 1
14:35:41.0590 4116 C:\Windows\system32\consrv.dll - copied to quarantine
14:35:41.0830 4116 C:\Windows\assembly\temp\U\00000001.@ - copied to quarantine
14:35:41.0830 4116 C:\Windows\assembly\temp\U\00000004.@ - copied to quarantine
14:35:41.0830 4116 C:\Windows\assembly\temp\U\000000cb.@ - copied to quarantine
14:35:41.0830 4116 C:\Windows\assembly\temp\U\000000cf.@ - copied to quarantine
14:35:41.0860 4116 C:\Windows\assembly\temp\U\80000000.@ - copied to quarantine
14:35:41.0860 4116 C:\Windows\assembly\temp\U\80000004.@ - copied to quarantine
14:35:41.0900 4116 C:\Windows\assembly\temp\U\80000064.@ - copied to quarantine
14:35:41.0910 4116 C:\Windows\assembly\temp\U\800000c0.@ - copied to quarantine
14:35:41.0910 4116 C:\Windows\assembly\temp\U\800000cb.@ - copied to quarantine
14:35:41.0910 4116 C:\Windows\assembly\temp\U\800000cf.@ - copied to quarantine
14:35:42.0500 4116 C:\Windows\assembly\temp\@ - copied to quarantine
14:35:42.0510 4116 C:\Windows\assembly\temp\cfg.ini - copied to quarantine
14:35:42.0950 4116 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems:Windows - will be cured on reboot
14:35:42.0950 4116 C:\Windows\system32\consrv.dll - will be deleted on reboot
14:35:43.0020 4116 C:\Windows\assembly\temp\U\00000001.@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\U\00000004.@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\U\000000cb.@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\U\000000cf.@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\U\80000000.@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\U\80000004.@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\U\80000064.@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\U\800000c0.@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\U\800000cb.@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\U\800000cf.@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\@ - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\assembly\temp\cfg.ini - will be deleted on reboot
14:35:43.0030 4116 C:\Windows\system32\consrv.dll ( Backdoor.Multi.ZAccess.genb ) - User select action: Delete
14:36:06.0680 1340 Deinitialize success
----------------------------------------
ESET Online Scanner

C:\TDSSKiller_Quarantine\19.10.2012_14.34.38\zasubsys0000\zafs0000\tsk0006.dta a variant of Win64/Sirefef.AN trojan cleaned by deleting - quarantined
C:\Users\Admin\AppData\Roaming\TicnoTemp\homepage.exe Win32/TicnoTab.AA application cleaned by deleting - quarantined
C:\Users\Admin\Documents\Games\Dirt3\paul.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined
C:\Users\Admin\Documents\Games\Dirt3\SKIDROW.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:49 AM

Posted 19 October 2012 - 12:48 PM

Run TDSSkiller again and post the log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 xtcvv2

xtcvv2
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 20 October 2012 - 12:25 PM

TDSSkiller

14:24:12.0231 4568 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
14:24:12.0544 4568 ============================================================
14:24:12.0544 4568 Current date / time: 2012/10/20 14:24:12.0544
14:24:12.0544 4568 SystemInfo:
14:24:12.0544 4568
14:24:12.0544 4568 OS Version: 6.1.7601 ServicePack: 1.0
14:24:12.0544 4568 Product type: Workstation
14:24:12.0544 4568 ComputerName: PC
14:24:12.0544 4568 UserName: Admin
14:24:12.0544 4568 Windows directory: C:\Windows
14:24:12.0544 4568 System windows directory: C:\Windows
14:24:12.0544 4568 Running under WOW64
14:24:12.0544 4568 Processor architecture: Intel x64
14:24:12.0544 4568 Number of processors: 4
14:24:12.0544 4568 Page size: 0x1000
14:24:12.0544 4568 Boot type: Normal boot
14:24:12.0544 4568 ============================================================
14:24:14.0017 4568 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:24:14.0019 4568 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:24:17.0674 4568 ============================================================
14:24:17.0674 4568 \Device\Harddisk0\DR0:
14:24:17.0674 4568 MBR partitions:
14:24:17.0674 4568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:24:17.0674 4568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
14:24:17.0674 4568 \Device\Harddisk1\DR1:
14:24:17.0675 4568 MBR partitions:
14:24:17.0675 4568 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
14:24:17.0675 4568 ============================================================
14:24:17.0713 4568 C: <-> \Device\Harddisk0\DR0\Partition2
14:24:17.0713 4568 E: <-> \Device\Harddisk1\DR1\Partition1
14:24:17.0713 4568 ============================================================
14:24:17.0714 4568 Initialize success
14:24:17.0714 4568 ============================================================
14:24:22.0723 4732 ============================================================
14:24:22.0723 4732 Scan started
14:24:22.0723 4732 Mode: Manual; TDLFS;
14:24:22.0723 4732 ============================================================
14:24:24.0167 4732 ================ Scan system memory ========================
14:24:24.0167 4732 System memory - ok
14:24:24.0167 4732 ================ Scan services =============================
14:24:24.0236 4732 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:24:24.0237 4732 !SASCORE - ok
14:24:24.0337 4732 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:24:24.0339 4732 1394ohci - ok
14:24:24.0353 4732 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:24:24.0356 4732 ACPI - ok
14:24:24.0375 4732 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:24:24.0376 4732 AcpiPmi - ok
14:24:24.0386 4732 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:24:24.0391 4732 adp94xx - ok
14:24:24.0397 4732 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:24:24.0401 4732 adpahci - ok
14:24:24.0416 4732 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:24:24.0418 4732 adpu320 - ok
14:24:24.0443 4732 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:24:24.0444 4732 AeLookupSvc - ok
14:24:24.0477 4732 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:24:24.0480 4732 AFD - ok
14:24:24.0495 4732 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:24:24.0497 4732 agp440 - ok
14:24:24.0512 4732 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:24:24.0514 4732 ALG - ok
14:24:24.0530 4732 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:24:24.0530 4732 aliide - ok
14:24:24.0568 4732 ALSysIO - ok
14:24:24.0576 4732 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:24:24.0577 4732 amdide - ok
14:24:24.0583 4732 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:24:24.0584 4732 AmdK8 - ok
14:24:24.0595 4732 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:24:24.0596 4732 AmdPPM - ok
14:24:24.0616 4732 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:24:24.0618 4732 amdsata - ok
14:24:24.0634 4732 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:24:24.0636 4732 amdsbs - ok
14:24:24.0660 4732 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:24:24.0661 4732 amdxata - ok
14:24:24.0675 4732 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:24:24.0708 4732 AppID - ok
14:24:24.0757 4732 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:24:24.0758 4732 AppIDSvc - ok
14:24:24.0828 4732 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:24:24.0829 4732 Appinfo - ok
14:24:24.0899 4732 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:24:24.0944 4732 arc - ok
14:24:24.0957 4732 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:24:24.0959 4732 arcsas - ok
14:24:25.0048 4732 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:24:25.0049 4732 aspnet_state - ok
14:24:25.0063 4732 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:24:25.0063 4732 AsyncMac - ok
14:24:25.0066 4732 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:24:25.0067 4732 atapi - ok
14:24:25.0098 4732 [ 36322190763845975E0D001E90687BF2 ] athur C:\Windows\system32\DRIVERS\athurx.sys
14:24:25.0123 4732 athur - ok
14:24:25.0127 4732 ATP - ok
14:24:25.0145 4732 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:24:25.0150 4732 AudioEndpointBuilder - ok
14:24:25.0158 4732 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:24:25.0161 4732 AudioSrv - ok
14:24:25.0186 4732 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:24:25.0188 4732 AxInstSV - ok
14:24:25.0195 4732 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:24:25.0199 4732 b06bdrv - ok
14:24:25.0221 4732 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:24:25.0223 4732 b57nd60a - ok
14:24:25.0229 4732 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:24:25.0230 4732 BDESVC - ok
14:24:25.0249 4732 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:24:25.0249 4732 Beep - ok
14:24:25.0282 4732 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:24:25.0290 4732 BITS - ok
14:24:25.0308 4732 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:24:25.0309 4732 blbdrive - ok
14:24:25.0333 4732 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:24:25.0335 4732 bowser - ok
14:24:25.0338 4732 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:24:25.0339 4732 BrFiltLo - ok
14:24:25.0345 4732 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:24:25.0346 4732 BrFiltUp - ok
14:24:25.0370 4732 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:24:25.0371 4732 Browser - ok
14:24:25.0386 4732 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:24:25.0389 4732 Brserid - ok
14:24:25.0399 4732 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:24:25.0400 4732 BrSerWdm - ok
14:24:25.0407 4732 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:24:25.0408 4732 BrUsbMdm - ok
14:24:25.0421 4732 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:24:25.0421 4732 BrUsbSer - ok
14:24:25.0437 4732 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:24:25.0439 4732 BTHMODEM - ok
14:24:25.0444 4732 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:24:25.0445 4732 bthserv - ok
14:24:25.0485 4732 [ DC22832C7A65054129DEFE8BC0C6E2B6 ] camfilt2 C:\Windows\system32\DRIVERS\camfilt2.sys
14:24:25.0487 4732 camfilt2 - ok
14:24:25.0500 4732 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:24:25.0501 4732 cdfs - ok
14:24:25.0524 4732 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:24:25.0526 4732 cdrom - ok
14:24:25.0543 4732 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:24:25.0545 4732 CertPropSvc - ok
14:24:25.0556 4732 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:24:25.0557 4732 circlass - ok
14:24:25.0576 4732 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:24:25.0580 4732 CLFS - ok
14:24:25.0624 4732 [ 882E3973505C441CE000133C821D0EDD ] CLPSLS C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
14:24:25.0629 4732 CLPSLS - ok
14:24:25.0666 4732 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:24:25.0668 4732 clr_optimization_v2.0.50727_32 - ok
14:24:25.0701 4732 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:24:25.0702 4732 clr_optimization_v2.0.50727_64 - ok
14:24:25.0767 4732 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:24:25.0768 4732 clr_optimization_v4.0.30319_32 - ok
14:24:25.0780 4732 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:24:25.0781 4732 clr_optimization_v4.0.30319_64 - ok
14:24:25.0800 4732 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:24:25.0801 4732 CmBatt - ok
14:24:25.0885 4732 [ CEE48CCC4D561DDB19C72F9FB55D28D5 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
14:24:25.0894 4732 cmdAgent - ok
14:24:25.0938 4732 [ 7EAC5E62F0B93262984D450E0D497B61 ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
14:24:25.0939 4732 cmderd - ok
14:24:25.0984 4732 [ 0599D5A458D4E0E37AB84E9D1C5C73E5 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
14:24:25.0986 4732 cmdGuard - ok
14:24:26.0015 4732 [ 2D3E08C7106F748F9EFF3DEC14142D3E ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
14:24:26.0016 4732 cmdHlp - ok
14:24:26.0023 4732 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:24:26.0024 4732 cmdide - ok
14:24:26.0066 4732 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:24:26.0072 4732 CNG - ok
14:24:26.0087 4732 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:24:26.0088 4732 Compbatt - ok
14:24:26.0106 4732 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:24:26.0107 4732 CompositeBus - ok
14:24:26.0110 4732 COMSysApp - ok
14:24:26.0119 4732 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:24:26.0120 4732 crcdisk - ok
14:24:26.0160 4732 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:24:26.0162 4732 CryptSvc - ok
14:24:26.0184 4732 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:24:26.0189 4732 DcomLaunch - ok
14:24:26.0200 4732 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:24:26.0203 4732 defragsvc - ok
14:24:26.0217 4732 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:24:26.0219 4732 DfsC - ok
14:24:26.0234 4732 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:24:26.0237 4732 Dhcp - ok
14:24:26.0244 4732 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:24:26.0245 4732 discache - ok
14:24:26.0257 4732 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:24:26.0257 4732 Disk - ok
14:24:26.0282 4732 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:24:26.0285 4732 Dnscache - ok
14:24:26.0303 4732 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:24:26.0306 4732 dot3svc - ok
14:24:26.0318 4732 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:24:26.0320 4732 DPS - ok
14:24:26.0346 4732 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:24:26.0347 4732 drmkaud - ok
14:24:26.0374 4732 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:24:26.0377 4732 DXGKrnl - ok
14:24:26.0389 4732 EagleX64 - ok
14:24:26.0405 4732 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:24:26.0406 4732 EapHost - ok
14:24:26.0462 4732 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:24:26.0509 4732 ebdrv - ok
14:24:26.0536 4732 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:24:26.0537 4732 EFS - ok
14:24:26.0579 4732 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:24:26.0586 4732 ehRecvr - ok
14:24:26.0599 4732 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:24:26.0600 4732 ehSched - ok
14:24:26.0615 4732 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:24:26.0620 4732 elxstor - ok
14:24:26.0634 4732 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:24:26.0635 4732 ErrDev - ok
14:24:26.0667 4732 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:24:26.0670 4732 EventSystem - ok
14:24:26.0674 4732 ewusbnet - ok
14:24:26.0678 4732 ew_hwusbdev - ok
14:24:26.0681 4732 ew_usbenumfilter - ok
14:24:26.0697 4732 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:24:26.0699 4732 exfat - ok
14:24:26.0711 4732 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:24:26.0713 4732 fastfat - ok
14:24:26.0750 4732 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:24:26.0756 4732 Fax - ok
14:24:26.0769 4732 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:24:26.0770 4732 fdc - ok
14:24:26.0801 4732 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:24:26.0801 4732 fdPHost - ok
14:24:26.0804 4732 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:24:26.0805 4732 FDResPub - ok
14:24:26.0814 4732 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:24:26.0815 4732 FileInfo - ok
14:24:26.0831 4732 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:24:26.0832 4732 Filetrace - ok
14:24:26.0839 4732 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:24:26.0840 4732 flpydisk - ok
14:24:26.0850 4732 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:24:26.0852 4732 FltMgr - ok
14:24:26.0881 4732 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:24:26.0891 4732 FontCache - ok
14:24:26.0925 4732 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:24:26.0985 4732 FontCache3.0.0.0 - ok
14:24:26.0999 4732 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:24:27.0000 4732 FsDepends - ok
14:24:27.0027 4732 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:24:27.0028 4732 Fs_Rec - ok
14:24:27.0040 4732 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:24:27.0041 4732 fvevol - ok
14:24:27.0044 4732 Fwleaf - ok
14:24:27.0058 4732 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:24:27.0059 4732 gagp30kx - ok
14:24:27.0084 4732 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:24:27.0091 4732 gpsvc - ok
14:24:27.0150 4732 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:24:27.0152 4732 gupdate - ok
14:24:27.0155 4732 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:24:27.0156 4732 gupdatem - ok
14:24:27.0184 4732 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:24:27.0185 4732 hamachi - ok
14:24:27.0257 4732 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:24:27.0265 4732 Hamachi2Svc - ok
14:24:27.0280 4732 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:24:27.0281 4732 hcw85cir - ok
14:24:27.0292 4732 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:24:27.0296 4732 HdAudAddService - ok
14:24:27.0306 4732 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:24:27.0307 4732 HDAudBus - ok
14:24:27.0310 4732 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:24:27.0311 4732 HidBatt - ok
14:24:27.0320 4732 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:24:27.0321 4732 HidBth - ok
14:24:27.0328 4732 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:24:27.0329 4732 HidIr - ok
14:24:27.0336 4732 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:24:27.0337 4732 hidserv - ok
14:24:27.0346 4732 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:24:27.0347 4732 HidUsb - ok
14:24:27.0407 4732 [ FD1837DEE0A1D7F180D7B301C0656511 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
14:24:27.0464 4732 HiPatchService - ok
14:24:27.0494 4732 [ 105C4376B682DF3FE6C9B45252BE9DB7 ] hipeer20 C:\Windows\system32\DRIVERS\remobo64.sys
14:24:27.0496 4732 hipeer20 - ok
14:24:27.0515 4732 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:24:27.0517 4732 hkmsvc - ok
14:24:27.0540 4732 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:24:27.0543 4732 HomeGroupListener - ok
14:24:27.0559 4732 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:24:27.0561 4732 HomeGroupProvider - ok
14:24:27.0573 4732 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:24:27.0575 4732 HpSAMD - ok
14:24:27.0593 4732 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:24:27.0600 4732 HTTP - ok
14:24:27.0603 4732 huawei_enumerator - ok
14:24:27.0610 4732 hwdatacard - ok
14:24:27.0624 4732 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:24:27.0624 4732 hwpolicy - ok
14:24:27.0637 4732 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:24:27.0639 4732 i8042prt - ok
14:24:27.0668 4732 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:24:27.0672 4732 iaStorV - ok
14:24:27.0709 4732 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:24:27.0711 4732 IDriverT - ok
14:24:27.0749 4732 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:24:27.0757 4732 idsvc - ok
14:24:27.0770 4732 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:24:27.0771 4732 iirsp - ok
14:24:27.0792 4732 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:24:27.0800 4732 IKEEXT - ok
14:24:27.0823 4732 [ EFFF0AFD27CC97BF0E5E0BAB78419DE7 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
14:24:27.0824 4732 inspect - ok
14:24:27.0842 4732 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:24:27.0842 4732 intelide - ok
14:24:27.0857 4732 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
14:24:27.0858 4732 intelppm - ok
14:24:27.0873 4732 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:24:27.0875 4732 IPBusEnum - ok
14:24:27.0878 4732 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:24:27.0880 4732 IpFilterDriver - ok
14:24:27.0894 4732 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:24:27.0895 4732 IPMIDRV - ok
14:24:27.0913 4732 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:24:27.0914 4732 IPNAT - ok
14:24:27.0928 4732 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:24:27.0928 4732 IRENUM - ok
14:24:27.0931 4732 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:24:27.0932 4732 isapnp - ok
14:24:27.0946 4732 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:24:27.0949 4732 iScsiPrt - ok
14:24:27.0960 4732 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:24:27.0960 4732 kbdclass - ok
14:24:27.0970 4732 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:24:27.0971 4732 kbdhid - ok
14:24:27.0988 4732 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:24:27.0988 4732 KeyIso - ok
14:24:28.0024 4732 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:24:28.0025 4732 KSecDD - ok
14:24:28.0042 4732 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:24:28.0044 4732 KSecPkg - ok
14:24:28.0055 4732 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:24:28.0055 4732 ksthunk - ok
14:24:28.0072 4732 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:24:28.0076 4732 KtmRm - ok
14:24:28.0107 4732 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:24:28.0110 4732 LanmanServer - ok
14:24:28.0118 4732 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:24:28.0120 4732 LanmanWorkstation - ok
14:24:28.0151 4732 [ 83EC58ED3ACA5028919028667BABF490 ] leafnets C:\Windows\system32\DRIVERS\leafnets.sys
14:24:28.0152 4732 leafnets - ok
14:24:28.0162 4732 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:24:28.0163 4732 lltdio - ok
14:24:28.0181 4732 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:24:28.0185 4732 lltdsvc - ok
14:24:28.0198 4732 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:24:28.0199 4732 lmhosts - ok
14:24:28.0221 4732 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:24:28.0222 4732 LSI_FC - ok
14:24:28.0236 4732 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:24:28.0237 4732 LSI_SAS - ok
14:24:28.0241 4732 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:24:28.0242 4732 LSI_SAS2 - ok
14:24:28.0250 4732 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:24:28.0251 4732 LSI_SCSI - ok
14:24:28.0270 4732 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:24:28.0272 4732 luafv - ok
14:24:28.0326 4732 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
14:24:28.0328 4732 ManyCam - ok
14:24:28.0332 4732 massfilter - ok
14:24:28.0360 4732 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:24:28.0360 4732 MBAMProtector - ok
14:24:28.0412 4732 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:24:28.0487 4732 MBAMScheduler - ok
14:24:28.0576 4732 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:24:28.0659 4732 MBAMService - ok
14:24:28.0670 4732 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
14:24:28.0671 4732 mcaudrv_simple - ok
14:24:28.0693 4732 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:24:28.0695 4732 Mcx2Svc - ok
14:24:28.0703 4732 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:24:28.0704 4732 megasas - ok
14:24:28.0720 4732 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:24:28.0723 4732 MegaSR - ok
14:24:28.0732 4732 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:24:28.0733 4732 MMCSS - ok
14:24:28.0745 4732 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:24:28.0746 4732 Modem - ok
14:24:28.0766 4732 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:24:28.0766 4732 monitor - ok
14:24:28.0776 4732 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:24:28.0777 4732 mouclass - ok
14:24:28.0780 4732 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:24:28.0781 4732 mouhid - ok
14:24:28.0790 4732 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:24:28.0791 4732 mountmgr - ok
14:24:28.0804 4732 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:24:28.0806 4732 mpio - ok
14:24:28.0821 4732 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:24:28.0822 4732 mpsdrv - ok
14:24:28.0835 4732 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:24:28.0837 4732 MRxDAV - ok
14:24:28.0856 4732 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:24:28.0858 4732 mrxsmb - ok
14:24:28.0871 4732 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:24:28.0874 4732 mrxsmb10 - ok
14:24:28.0882 4732 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:24:28.0884 4732 mrxsmb20 - ok
14:24:28.0900 4732 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:24:28.0901 4732 msahci - ok
14:24:28.0912 4732 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:24:28.0913 4732 msdsm - ok
14:24:28.0928 4732 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:24:28.0931 4732 MSDTC - ok
14:24:28.0938 4732 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:24:28.0939 4732 Msfs - ok
14:24:28.0946 4732 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:24:28.0947 4732 mshidkmdf - ok
14:24:28.0949 4732 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:24:28.0950 4732 msisadrv - ok
14:24:28.0972 4732 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:24:28.0975 4732 MSiSCSI - ok
14:24:28.0977 4732 msiserver - ok
14:24:28.0993 4732 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:24:28.0993 4732 MSKSSRV - ok
14:24:28.0998 4732 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:24:28.0999 4732 MSPCLOCK - ok
14:24:29.0001 4732 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:24:29.0002 4732 MSPQM - ok
14:24:29.0015 4732 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:24:29.0018 4732 MsRPC - ok
14:24:29.0036 4732 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:24:29.0037 4732 mssmbios - ok
14:24:29.0047 4732 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:24:29.0048 4732 MSTEE - ok
14:24:29.0053 4732 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:24:29.0054 4732 MTConfig - ok
14:24:29.0071 4732 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:24:29.0072 4732 MTsensor - ok
14:24:29.0078 4732 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:24:29.0079 4732 Mup - ok
14:24:29.0108 4732 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:24:29.0113 4732 napagent - ok
14:24:29.0126 4732 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:24:29.0129 4732 NativeWifiP - ok
14:24:29.0173 4732 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:24:29.0178 4732 NDIS - ok
14:24:29.0198 4732 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:24:29.0200 4732 NdisCap - ok
14:24:29.0214 4732 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:24:29.0215 4732 NdisTapi - ok
14:24:29.0222 4732 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:24:29.0224 4732 Ndisuio - ok
14:24:29.0236 4732 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:24:29.0238 4732 NdisWan - ok
14:24:29.0254 4732 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:24:29.0255 4732 NDProxy - ok
14:24:29.0270 4732 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:24:29.0271 4732 NetBIOS - ok
14:24:29.0292 4732 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:24:29.0294 4732 NetBT - ok
14:24:29.0308 4732 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:24:29.0308 4732 Netlogon - ok
14:24:29.0334 4732 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:24:29.0337 4732 Netman - ok
14:24:29.0368 4732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:29.0371 4732 NetMsmqActivator - ok
14:24:29.0389 4732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:29.0390 4732 NetPipeActivator - ok
14:24:29.0411 4732 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:24:29.0416 4732 netprofm - ok
14:24:29.0420 4732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:29.0421 4732 NetTcpActivator - ok
14:24:29.0424 4732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:29.0425 4732 NetTcpPortSharing - ok
14:24:29.0441 4732 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:24:29.0443 4732 nfrd960 - ok
14:24:29.0527 4732 [ 39645FF63EE21582D40704C2CAAC1252 ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
14:24:29.0528 4732 NitroReaderDriverReadSpool2 - ok
14:24:29.0548 4732 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:24:29.0552 4732 NlaSvc - ok
14:24:29.0555 4732 NLNdisMP - ok
14:24:29.0558 4732 NLNdisPT - ok
14:24:29.0575 4732 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:24:29.0577 4732 Npfs - ok
14:24:29.0600 4732 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:24:29.0601 4732 nsi - ok
14:24:29.0615 4732 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:24:29.0616 4732 nsiproxy - ok
14:24:29.0664 4732 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:24:29.0683 4732 Ntfs - ok
14:24:29.0720 4732 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:24:29.0720 4732 Null - ok
14:24:29.0765 4732 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:24:29.0766 4732 NVHDA - ok
14:24:29.0956 4732 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:24:30.0004 4732 nvlddmkm - ok
14:24:30.0023 4732 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:24:30.0025 4732 nvraid - ok
14:24:30.0045 4732 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:24:30.0047 4732 nvstor - ok
14:24:30.0070 4732 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] NVSvc C:\Windows\system32\nvvsvc.exe
14:24:30.0074 4732 NVSvc - ok
14:24:30.0117 4732 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:24:30.0229 4732 nvUpdatusService - ok
14:24:30.0247 4732 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:24:30.0249 4732 nv_agp - ok
14:24:30.0262 4732 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:24:30.0263 4732 ohci1394 - ok
14:24:30.0292 4732 [ FA5D730CE3F3A3BD21C1040E212230D4 ] OM0530 C:\Windows\system32\Drivers\ov530vx.sys
14:24:30.0294 4732 OM0530 - ok
14:24:30.0379 4732 [ 01B14F4D64BC70E93734211C3D324099 ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
14:24:30.0431 4732 OverwolfUpdaterService - ok
14:24:30.0459 4732 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:24:30.0462 4732 p2pimsvc - ok
14:24:30.0477 4732 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:24:30.0481 4732 p2psvc - ok
14:24:30.0497 4732 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:24:30.0498 4732 Parport - ok
14:24:30.0518 4732 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:24:30.0520 4732 partmgr - ok
14:24:30.0535 4732 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:24:30.0537 4732 PcaSvc - ok
14:24:30.0552 4732 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:24:30.0554 4732 pci - ok
14:24:30.0569 4732 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:24:30.0569 4732 pciide - ok
14:24:30.0579 4732 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:24:30.0582 4732 pcmcia - ok
14:24:30.0585 4732 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:24:30.0586 4732 pcw - ok
14:24:30.0612 4732 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:24:30.0618 4732 PEAUTH - ok
14:24:30.0673 4732 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:24:30.0730 4732 PerfHost - ok
14:24:30.0773 4732 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:24:30.0786 4732 pla - ok
14:24:30.0824 4732 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:24:30.0828 4732 PlugPlay - ok
14:24:30.0840 4732 PnkBstrA - ok
14:24:30.0851 4732 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:24:30.0853 4732 PNRPAutoReg - ok
14:24:30.0859 4732 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:24:30.0861 4732 PNRPsvc - ok
14:24:30.0881 4732 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:24:30.0886 4732 PolicyAgent - ok
14:24:30.0903 4732 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:24:30.0906 4732 Power - ok
14:24:30.0919 4732 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:24:30.0920 4732 PptpMiniport - ok
14:24:30.0927 4732 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:24:30.0928 4732 Processor - ok
14:24:30.0970 4732 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:24:30.0972 4732 ProfSvc - ok
14:24:30.0975 4732 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:24:30.0976 4732 ProtectedStorage - ok
14:24:30.0987 4732 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:24:30.0988 4732 Psched - ok
14:24:31.0022 4732 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:24:31.0035 4732 ql2300 - ok
14:24:31.0052 4732 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:24:31.0054 4732 ql40xx - ok
14:24:31.0063 4732 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:24:31.0066 4732 QWAVE - ok
14:24:31.0070 4732 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:24:31.0071 4732 QWAVEdrv - ok
14:24:31.0079 4732 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:24:31.0079 4732 RasAcd - ok
14:24:31.0095 4732 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:24:31.0096 4732 RasAgileVpn - ok
14:24:31.0114 4732 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:24:31.0116 4732 RasAuto - ok
14:24:31.0136 4732 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:24:31.0138 4732 Rasl2tp - ok
14:24:31.0146 4732 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:24:31.0150 4732 RasMan - ok
14:24:31.0162 4732 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:24:31.0164 4732 RasPppoe - ok
14:24:31.0174 4732 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:24:31.0175 4732 RasSstp - ok
14:24:31.0189 4732 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:24:31.0192 4732 rdbss - ok
14:24:31.0202 4732 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:24:31.0203 4732 rdpbus - ok
14:24:31.0218 4732 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:24:31.0218 4732 RDPCDD - ok
14:24:31.0223 4732 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:24:31.0223 4732 RDPENCDD - ok
14:24:31.0245 4732 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:24:31.0246 4732 RDPREFMP - ok
14:24:31.0283 4732 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:24:31.0285 4732 RDPWD - ok
14:24:31.0305 4732 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:24:31.0306 4732 rdyboost - ok
14:24:31.0347 4732 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:24:31.0349 4732 RemoteAccess - ok
14:24:31.0359 4732 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:24:31.0362 4732 RemoteRegistry - ok
14:24:31.0372 4732 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:24:31.0374 4732 RpcEptMapper - ok
14:24:31.0391 4732 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:24:31.0392 4732 RpcLocator - ok
14:24:31.0403 4732 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:24:31.0406 4732 RpcSs - ok
14:24:31.0413 4732 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:24:31.0415 4732 rspndr - ok
14:24:31.0444 4732 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:24:31.0446 4732 RTL8167 - ok
14:24:31.0460 4732 [ C72181510AA3EA09BC09B8FEBB39D75F ] rzdaendpt C:\Windows\system32\DRIVERS\rzdaendpt.sys
14:24:31.0461 4732 rzdaendpt - ok
14:24:31.0478 4732 [ 602FCF9D91BD47721B248B81F816C267 ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
14:24:31.0479 4732 rzendpt - ok
14:24:31.0515 4732 [ F71EEA505290B0AAD48850F0D750702D ] RzSynapse C:\Windows\system32\DRIVERS\RzSynapse.sys
14:24:31.0517 4732 RzSynapse - ok
14:24:31.0544 4732 [ 672CA863751E96F0A800215C11FD496F ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
14:24:31.0546 4732 rzudd - ok
14:24:31.0570 4732 [ 54336C078A60D07C613B9C044C501766 ] rzvkeyboard C:\Windows\system32\DRIVERS\rzvkeyboard.sys
14:24:31.0584 4732 rzvkeyboard - ok
14:24:31.0587 4732 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:24:31.0588 4732 SamSs - ok
14:24:31.0648 4732 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:24:31.0648 4732 SASDIFSV - ok
14:24:31.0678 4732 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:24:31.0679 4732 SASKUTIL - ok
14:24:31.0702 4732 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:24:31.0704 4732 sbp2port - ok
14:24:31.0724 4732 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:24:31.0727 4732 SCardSvr - ok
14:24:31.0755 4732 [ C81EB41E9FFC35560E5025891DC01A6E ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
14:24:31.0756 4732 SCDEmu - ok
14:24:31.0765 4732 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:24:31.0766 4732 scfilter - ok
14:24:31.0786 4732 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:24:31.0796 4732 Schedule - ok
14:24:31.0819 4732 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:24:31.0819 4732 SCPolicySvc - ok
14:24:31.0835 4732 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:24:31.0838 4732 SDRSVC - ok
14:24:31.0847 4732 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:24:31.0848 4732 secdrv - ok
14:24:31.0860 4732 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:24:31.0861 4732 seclogon - ok
14:24:31.0868 4732 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:24:31.0869 4732 SENS - ok
14:24:31.0883 4732 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:24:31.0885 4732 SensrSvc - ok
14:24:31.0891 4732 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:24:31.0892 4732 Serenum - ok
14:24:31.0898 4732 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:24:31.0899 4732 Serial - ok
14:24:31.0914 4732 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:24:31.0915 4732 sermouse - ok
14:24:31.0929 4732 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:24:31.0932 4732 SessionEnv - ok
14:24:31.0954 4732 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:24:31.0955 4732 sffdisk - ok
14:24:31.0963 4732 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:24:31.0964 4732 sffp_mmc - ok
14:24:31.0978 4732 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:24:31.0979 4732 sffp_sd - ok
14:24:31.0992 4732 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:24:31.0993 4732 sfloppy - ok
14:24:32.0017 4732 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:24:32.0021 4732 SharedAccess - ok
14:24:32.0051 4732 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:24:32.0055 4732 ShellHWDetection - ok
14:24:32.0078 4732 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:24:32.0079 4732 SiSRaid2 - ok
14:24:32.0104 4732 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:24:32.0106 4732 SiSRaid4 - ok
14:24:32.0152 4732 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:24:32.0153 4732 SkypeUpdate - ok
14:24:32.0162 4732 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:24:32.0164 4732 Smb - ok
14:24:32.0176 4732 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:24:32.0177 4732 SNMPTRAP - ok
14:24:32.0186 4732 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:24:32.0187 4732 spldr - ok
14:24:32.0232 4732 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:24:32.0236 4732 Spooler - ok
14:24:32.0294 4732 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:24:32.0306 4732 sppsvc - ok
14:24:32.0339 4732 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:24:32.0341 4732 sppuinotify - ok
14:24:32.0364 4732 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:24:32.0369 4732 srv - ok
14:24:32.0382 4732 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:24:32.0386 4732 srv2 - ok
14:24:32.0395 4732 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:24:32.0397 4732 srvnet - ok
14:24:32.0407 4732 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:24:32.0410 4732 SSDPSRV - ok
14:24:32.0421 4732 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:24:32.0423 4732 SstpSvc - ok
14:24:32.0455 4732 Steam Client Service - ok
14:24:32.0511 4732 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:24:32.0591 4732 Stereo Service - ok
14:24:32.0603 4732 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:24:32.0604 4732 stexstor - ok
14:24:32.0625 4732 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:24:32.0630 4732 stisvc - ok
14:24:32.0639 4732 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:24:32.0639 4732 swenum - ok
14:24:32.0700 4732 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:24:32.0703 4732 SwitchBoard - ok
14:24:32.0723 4732 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:24:32.0728 4732 swprv - ok
14:24:32.0757 4732 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:24:32.0772 4732 SysMain - ok
14:24:32.0789 4732 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:24:32.0791 4732 TabletInputService - ok
14:24:32.0829 4732 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
14:24:32.0830 4732 tap0901t - ok
14:24:32.0843 4732 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:24:32.0847 4732 TapiSrv - ok
14:24:32.0860 4732 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:24:32.0862 4732 TBS - ok
14:24:32.0923 4732 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:24:32.0961 4732 Tcpip - ok
14:24:32.0988 4732 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:24:32.0995 4732 TCPIP6 - ok
14:24:33.0008 4732 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:24:33.0010 4732 tcpipreg - ok
14:24:33.0029 4732 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:24:33.0030 4732 TDPIPE - ok
14:24:33.0055 4732 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:24:33.0056 4732 TDTCP - ok
14:24:33.0065 4732 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:24:33.0067 4732 tdx - ok
14:24:33.0076 4732 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:24:33.0077 4732 TermDD - ok
14:24:33.0101 4732 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:24:33.0108 4732 TermService - ok
14:24:33.0131 4732 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes C:\Windows\system32\themeservice.dll
14:24:33.0132 4732 Themes - ok
14:24:33.0159 4732 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:24:33.0160 4732 THREADORDER - ok
14:24:33.0174 4732 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:24:33.0176 4732 TrkWks - ok
14:24:33.0221 4732 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:24:33.0222 4732 TrustedInstaller - ok
14:24:33.0238 4732 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:24:33.0240 4732 tssecsrv - ok
14:24:33.0254 4732 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:24:33.0255 4732 TsUsbFlt - ok
14:24:33.0266 4732 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:24:33.0267 4732 TsUsbGD - ok
14:24:33.0288 4732 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:24:33.0290 4732 tunnel - ok
14:24:33.0341 4732 [ 3DB1CE045A552161EF7252988752C65F ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
14:24:33.0453 4732 TunngleService - ok
14:24:33.0468 4732 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:24:33.0469 4732 uagp35 - ok
14:24:33.0483 4732 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:24:33.0486 4732 udfs - ok
14:24:33.0492 4732 UI0Detect - ok
14:24:33.0511 4732 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:24:33.0512 4732 uliagpkx - ok
14:24:33.0521 4732 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:24:33.0523 4732 umbus - ok
14:24:33.0532 4732 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:24:33.0533 4732 UmPass - ok
14:24:33.0572 4732 [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
14:24:33.0572 4732 UnlockerDriver5 - ok
14:24:33.0588 4732 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:24:33.0592 4732 upnphost - ok
14:24:33.0645 4732 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:24:33.0647 4732 usbaudio - ok
14:24:33.0677 4732 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:24:33.0679 4732 usbccgp - ok
14:24:33.0696 4732 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:24:33.0698 4732 usbcir - ok
14:24:33.0718 4732 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:24:33.0719 4732 usbehci - ok
14:24:33.0754 4732 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:24:33.0757 4732 usbhub - ok
14:24:33.0788 4732 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:24:33.0788 4732 usbohci - ok
14:24:33.0799 4732 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:24:33.0800 4732 usbprint - ok
14:24:33.0825 4732 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:24:33.0827 4732 USBSTOR - ok
14:24:33.0851 4732 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:24:33.0852 4732 usbuhci - ok
14:24:33.0869 4732 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:24:33.0870 4732 UxSms - ok
14:24:33.0879 4732 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:24:33.0880 4732 VaultSvc - ok
14:24:33.0912 4732 [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6 ] vcd10bus C:\Windows\system32\DRIVERS\vcd10bus.sys
14:24:33.0913 4732 vcd10bus - ok
14:24:34.0046 4732 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:24:34.0047 4732 vdrvroot - ok
14:24:34.0055 4732 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:24:34.0060 4732 vds - ok
14:24:34.0092 4732 [ 00C7DF4F50962BA218AB60D32869100B ] vflt C:\Windows\system32\DRIVERS\vfilter.sys
14:24:34.0093 4732 vflt - ok
14:24:34.0110 4732 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:24:34.0111 4732 vga - ok
14:24:34.0118 4732 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:24:34.0119 4732 VgaSave - ok
14:24:34.0130 4732 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:24:34.0132 4732 vhdmp - ok
14:24:34.0186 4732 [ 84FFC3CCA60A1B52A021BC894D529735 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:24:34.0194 4732 VIAHdAudAddService - ok
14:24:34.0202 4732 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:24:34.0203 4732 viaide - ok
14:24:34.0233 4732 [ F4310278E6CE1C507B5555B662369E26 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
14:24:34.0234 4732 VIAKaraokeService - ok
14:24:34.0266 4732 [ A99CA064AD11266FE7067A79BF78BBB5 ] vnet C:\Windows\system32\DRIVERS\virtualnet.sys
14:24:34.0267 4732 vnet - ok
14:24:34.0280 4732 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:24:34.0281 4732 volmgr - ok
14:24:34.0303 4732 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:24:34.0306 4732 volmgrx - ok
14:24:34.0325 4732 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:24:34.0327 4732 volsnap - ok
14:24:34.0337 4732 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:24:34.0339 4732 vsmraid - ok
14:24:34.0367 4732 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:24:34.0386 4732 VSS - ok
14:24:34.0397 4732 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:24:34.0398 4732 vwifibus - ok
14:24:34.0408 4732 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:24:34.0410 4732 vwififlt - ok
14:24:34.0418 4732 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:24:34.0418 4732 vwifimp - ok
14:24:34.0432 4732 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:24:34.0436 4732 W32Time - ok
14:24:34.0453 4732 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:24:34.0454 4732 WacomPen - ok
14:24:34.0465 4732 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:24:34.0466 4732 WANARP - ok
14:24:34.0469 4732 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:24:34.0470 4732 Wanarpv6 - ok
14:24:34.0502 4732 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:24:34.0512 4732 WatAdminSvc - ok
14:24:34.0543 4732 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:24:34.0557 4732 wbengine - ok
14:24:34.0573 4732 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:24:34.0576 4732 WbioSrvc - ok
14:24:34.0595 4732 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:24:34.0599 4732 wcncsvc - ok
14:24:34.0608 4732 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:24:34.0610 4732 WcsPlugInService - ok
14:24:34.0619 4732 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:24:34.0620 4732 Wd - ok
14:24:34.0646 4732 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
14:24:34.0647 4732 WDC_SAM - ok
14:24:34.0673 4732 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:24:34.0678 4732 Wdf01000 - ok
14:24:34.0691 4732 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:24:34.0693 4732 WdiServiceHost - ok
14:24:34.0696 4732 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:24:34.0697 4732 WdiSystemHost - ok
14:24:34.0709 4732 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:24:34.0712 4732 WebClient - ok
14:24:34.0728 4732 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:24:34.0731 4732 Wecsvc - ok
14:24:34.0745 4732 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:24:34.0747 4732 wercplsupport - ok
14:24:34.0756 4732 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:24:34.0757 4732 WerSvc - ok
14:24:34.0769 4732 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:24:34.0770 4732 WfpLwf - ok
14:24:34.0786 4732 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:24:34.0787 4732 WIMMount - ok
14:24:34.0793 4732 WinHttpAutoProxySvc - ok
14:24:34.0826 4732 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:24:34.0828 4732 Winmgmt - ok
14:24:34.0901 4732 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:24:34.0935 4732 WinRM - ok
14:24:34.0979 4732 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:24:34.0981 4732 WinUsb - ok
14:24:35.0021 4732 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:24:35.0029 4732 Wlansvc - ok
14:24:35.0104 4732 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:24:35.0112 4732 wlidsvc - ok
14:24:35.0128 4732 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:24:35.0129 4732 WmiAcpi - ok
14:24:35.0145 4732 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:24:35.0149 4732 wmiApSrv - ok
14:24:35.0168 4732 WMPNetworkSvc - ok
14:24:35.0178 4732 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:24:35.0180 4732 WPCSvc - ok
14:24:35.0188 4732 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:24:35.0190 4732 WPDBusEnum - ok
14:24:35.0193 4732 WPRO_41_1742 - ok
14:24:35.0214 4732 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:24:35.0215 4732 ws2ifsl - ok
14:24:35.0219 4732 WSearch - ok
14:24:35.0276 4732 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:24:35.0310 4732 wuauserv - ok
14:24:35.0328 4732 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:24:35.0330 4732 WudfPf - ok
14:24:35.0348 4732 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:24:35.0350 4732 WUDFRd - ok
14:24:35.0364 4732 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:24:35.0366 4732 wudfsvc - ok
14:24:35.0378 4732 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:24:35.0381 4732 WwanSvc - ok
14:24:35.0386 4732 ZTEusbmdm6k - ok
14:24:35.0390 4732 ZTEusbnmea - ok
14:24:35.0394 4732 ZTEusbser6k - ok
14:24:35.0412 4732 ================ Scan global ===============================
14:24:35.0431 4732 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:24:35.0467 4732 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:24:35.0473 4732 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:24:35.0503 4732 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:24:35.0523 4732 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:24:35.0525 4732 [Global] - ok
14:24:35.0526 4732 ================ Scan MBR ==================================
14:24:35.0544 4732 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:24:35.0752 4732 \Device\Harddisk0\DR0 - ok
14:24:35.0754 4732 [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk1\DR1
14:24:35.0817 4732 \Device\Harddisk1\DR1 - ok
14:24:35.0817 4732 ================ Scan VBR ==================================
14:24:35.0832 4732 [ A8B81E079F73E3C439C5B215603D9164 ] \Device\Harddisk0\DR0\Partition1
14:24:35.0833 4732 \Device\Harddisk0\DR0\Partition1 - ok
14:24:35.0848 4732 [ 10FD2F999887A771098ADA33BF3CD3B0 ] \Device\Harddisk0\DR0\Partition2
14:24:35.0848 4732 \Device\Harddisk0\DR0\Partition2 - ok
14:24:35.0851 4732 [ AAF12FDDA52E2EBE86F6EFDEED0D23F2 ] \Device\Harddisk1\DR1\Partition1
14:24:35.0852 4732 \Device\Harddisk1\DR1\Partition1 - ok
14:24:35.0852 4732 ============================================================
14:24:35.0852 4732 Scan finished
14:24:35.0852 4732 ============================================================
14:24:35.0858 4724 Detected object count: 0
14:24:35.0858 4724 Actual detected object count: 0
14:24:43.0302 4552 Deinitialize success

-----------------------------
Malwarebytes

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.19.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Admin :: PC [administrator]

Protection: Disabled

20.10.2012 14:25:21
mbam-log-2012-10-20 (14-25-21).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 555328
Time elapsed: 1 hour(s), 26 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
-----------------------------
Mini Toolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Admin (administrator) on 20-10-2012 at 15:58:43
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
# Any other entries you had go here (new line no # no space);
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

========================= IP Configuration: ================================

TP-LINK 150Mbps Wireless Lite N Adapter = Wireless Network Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=5.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : B6-48-7A-8E-8E-A2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Tunngle:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
Physical Address. . . . . . . . . : 00-FF-FE-FE-85-30
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TP-LINK 150Mbps Wireless Lite N Adapter
Physical Address. . . . . . . . . : B0-48-7A-8E-8E-A2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::44fc:18c1:bf36:7daa%13(Preferred)
IPv4 Address. . . . . . . . . . . : 1**.1**.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 20. lokakuuta 2012 13:41:40
Lease Expires . . . . . . . . . . : 21. lokakuuta 2012 13:41:40
Default Gateway . . . . . . . . . : 1**.1**.1.1
DHCP Server . . . . . . . . . . . : 1**.1**.1.1
DHCPv6 IAID . . . . . . . . . . . : 581978234
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-CB-23-F0-F4-6D-04-CE-30-A2
DNS Servers . . . . . . . . . . . : 1**.1**.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F4-6D-04-CE-30-A2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Hamachi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-00-00-00-00
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::5ad:605d(Preferred)
Link-local IPv6 Address . . . . . : fe80::4064:7595:ecd6:90a3%20(Preferred)
IPv4 Address. . . . . . . . . . . : 5.173.96.93(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : 20. lokakuuta 2012 13:41:38
Lease Expires . . . . . . . . . . : 20. lokakuuta 2013 13:43:44
Default Gateway . . . . . . . . . : 5.0.0.1
DHCP Server . . . . . . . . . . . : 5.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 695892362
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-CB-23-F0-F4-6D-04-CE-30-A2
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6EA932C3-AE8E-45AF-82D8-909BFB28CCE5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:400f:800::1002
173.194.32.5
173.194.32.6
173.194.32.7
173.194.32.8
173.194.32.9
173.194.32.14
173.194.32.0
173.194.32.1
173.194.32.2
173.194.32.3
173.194.32.4


Pinging google.com [173.194.32.7] with 32 bytes of data:
Reply from 173.194.32.7: bytes=32 time=23ms TTL=53
Reply from 173.194.32.7: bytes=32 time=24ms TTL=53

Ping statistics for 173.194.32.7:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 24ms, Average = 23ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=1105ms TTL=50
Reply from 72.30.38.140: bytes=32 time=1523ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1105ms, Maximum = 1523ms, Average = 1314ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...b6 48 7a 8e 8e a2 ......Microsoft Virtual WiFi Miniport Adapter
14...00 ff fe fe 85 30 ......TAP-Win32 Adapter V9 (Tunngle)
13...b0 48 7a 8e 8e a2 ......TP-LINK 150Mbps Wireless Lite N Adapter
11...f4 6d 04 ce 30 a2 ......Realtek PCIe GBE Family Controller
20...7a 79 00 00 00 00 ......Hamachi Network Interface
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 5.0.0.1 5.173.96.93 9256
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
5.0.0.0 255.0.0.0 On-link 5.173.96.93 9256
5.173.96.93 255.255.255.255 On-link 5.173.96.93 9256
5.255.255.255 255.255.255.255 On-link 5.173.96.93 9256
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 5.173.96.93 9256
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 5.173.96.93 9256
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
20 276 2620:9b::/96 On-link
20 276 2620:9b::5ad:605d/128 On-link
20 276 fe80::/64 On-link
13 281 fe80::/64 On-link
20 276 fe80::4064:7595:ecd6:90a3/128
On-link
13 281 fe80::44fc:18c1:bf36:7daa/128
On-link
1 306 ff00::/8 On-link
20 276 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
0 4294967295 2620:9b::/96 On-link
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/20/2012 02:23:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.62.0.140, time stamp: 0x5036941e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x74e74f0d
Faulting process id: 0xe2c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3

Error: (10/20/2012 01:43:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2012 09:58:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/19/2012 09:56:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2012 09:45:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2012 09:38:23 PM) (Source: Application Hang) (User: )
Description: The program explorer.exe version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1014

Start Time: 01cdae28c6c5a305

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: 24f8ea41-1a1c-11e2-ab0f-f46d04ce30a2

Error: (10/19/2012 09:30:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/19/2012 09:24:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2012 07:57:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/19/2012 07:34:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/20/2012 01:44:01 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (10/20/2012 01:44:01 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (10/20/2012 01:42:58 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (10/20/2012 01:42:58 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (10/20/2012 01:42:53 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/20/2012 01:41:52 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
vflt

Error: (10/20/2012 01:41:43 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (10/20/2012 01:41:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/20/2012 01:41:40 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (10/20/2012 01:41:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\athExt.dll
Error Code: 126


Microsoft Office Sessions:
=========================
Error: (10/20/2012 02:23:52 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.1405036941eunknown0.0.0.000000000c000041d74e74f0de2c01cdaeb49ed042b0C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeunknowna0263f16-1aa8-11e2-a8e3-f46d04ce30a2

Error: (10/20/2012 01:43:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2012 09:58:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Downloads\esetsmartinstaller_enu.exe

Error: (10/19/2012 09:56:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2012 09:45:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2012 09:38:23 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.1.7601.17567101401cdae28c6c5a3050C:\Windows\explorer.exe24f8ea41-1a1c-11e2-ab0f-f46d04ce30a2

Error: (10/19/2012 09:30:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Downloads\esetsmartinstaller_enu.exe

Error: (10/19/2012 09:24:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2012 07:57:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Admin\downloads\esetsmartinstaller_enu.exe

Error: (10/19/2012 07:34:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Actual Multiple Monitors 4.2 (Version: 4.2)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Photoshop CS5.1 (Version: 12.1)
Allods Online 3.0.04.39 (Version: 3.0.04.39)
Amnesia - The Dark Descent (Version: 1.0.0)
APB Reloaded
Assassin's Creed Revelations 1.02 (Version: 1.02)
ASUS nVidia Driver (Version: 1.00.0000)
µTorrent (Version: 3.1.3)
Bandisoft MPEG-1 Decoder
Battlefield 3™ (Version: 1.4.0.0)
Battlelog Web Plugins (Version: 1.138.0)
CCleaner (Version: 3.20)
ClassicPro© v1.15 (Version: 1.15)
COMODO GeekBuddy (Version: 3.3.217083.59)
COMODO Internet Security (Version: 5.10.31649.2253)
Dawn of War - Dark Crusade (Version: 1.00.0000)
Dawn Of War - Winter Assault (Version: 1.4)
DawnOfWar (Version: 1.00.00000)
DiRT 3 (Version: 1.0.0000.130)
Dungeon Defenders
Empire: Total War
ESN Sonar (Version: 0.70.4)
FL Studio 10
Fraps (remove only)
Google Chrome (Version: 22.0.1229.94)
Google Update Helper (Version: 1.3.21.123)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
Hunted: The Demon's Forge version 1.0 (Version: 1.0)
IL Download Manager
IMVU Avatar Chat Software
Java™ 7 Update 5 (64-bit) (Version: 7.0.50)
Kingdoms of Amalur Reckoning
Last.fm 1.5.4.27091
LogMeIn Hamachi (Version: 2.1.0.215)
MacType (Version: 1.12.0406)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
ManyCam 3.0.80 (remove only) (Version: 3.0.80)
MaxMax 1.31 (32/64 bit) (Version: 1.31 (32/64 bit))
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mirror's Edge™ (Version: 1.0.1.0)
MSVCRT Redists (Version: 1.0)
My Game Long Name
Napoleon: Total War
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
nCleaner second 2.3.4.0 (Version: 2.3.4.0)
Nexon Game Manager
Nitro Reader 2 (Version: 2.5.0.41)
NVIDIA 3D Vision Controller Driver (Version: 267.67)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
ObjectDock Plus (Version: 2.01)
OCCT 4.3.1 (Version: 4.3.1)
OpenAL
Orcs Must Die!
Origin (Version: 8.5.0.4550)
Overwolf (Version: 0.36.212)
PDF Settings CS5 (Version: 10.0)
Platform (Version: 1.36)
PowerISO (Version: 5.0)
PunkBuster Services (Version: 0.993)
Rainmeter (Version: 2.4 beta r1674)
Rapture3D 2.4.8 Game
Razer Synapse 2.0 (Version: 1.4.13)
Red Orchestra: Ostfront 41-45
RegClean Pro (Version: 6.21)
Rome - Total War - Gold Edition (Version: 1.6)
Serious Samurize
Skype™ 5.10 (Version: 5.10.116)
Speccy (Version: 1.15)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1012)
Syndicate
System Requirements Lab CYRI (Version: 4.5.1.0)
Theme Resource Changer X64 v1.0
TP-LINK Wireless Client Utility (Version: 7.0)
Tribes Ascend (Version: 1.0.1082.1)
Tunngle beta
Ubisoft Game Launcher (Version: 1.0.0.0)
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Waterfox (Version: 15.0)
Vegas Pro 10.0 (64-bit) (Version: 10.0.470)
VIA Ohjelmistoalustan laitehallinta (Version: 1.36)
Winamp (Version: 5.621 )
Vindictus EU
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.10 (64-bit) (Version: 4.10.0)
VLC media player 2.0.0 (Version: 2.0.0)
Xvid Video Codec (Version: 1.3.2)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 8190.18 MB
Available physical RAM: 4850.48 MB
Total Pagefile: 16378.54 MB
Available Pagefile: 12831.91 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.88 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:549.09 GB) NTFS
3 Drive e: (Local Disk) (Fixed) (Total:465.76 GB) (Free:151.98 GB) NTFS

========================= Users: ========================================

User accounts for \\PC

Admin Administrator Guest
UpdatusUser

========================= Restore Points ==================================

19-10-2012 18:28:52 Removed LogMeIn Hamachi
19-10-2012 18:31:06 Installed LogMeIn Hamachi
19-10-2012 18:34:55 Removed LogMeIn Hamachi
19-10-2012 18:35:20 Removed LogMeIn Hamachi
19-10-2012 18:58:29 Installed LogMeIn Hamachi
20-10-2012 12:57:19 Derp

**** End of log ****

-----------------------------

FSS

Farbar Service Scanner Version: 19-10-2012
Ran by Admin (administrator) on 20-10-2012 at 16:00:41
Running from "C:\Users\Admin\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

-----------------------------

AdwCleaner

# AdwCleaner v2.005 - Logfile created 10/20/2012 at 16:02:02
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Admin - PC
# Boot Mode : Normal
# Running from : C:\Users\Admin\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Admin\AppData\Local\Conduit
Folder Deleted : C:\Users\Admin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Admin\AppData\Roaming\Ticno

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

Profile name : default
File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yitkrkir.default\prefs.js

Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=2&q=[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1892 octets] - [20/10/2012 16:02:02]

########## EOF - C:\AdwCleaner[S1].txt - [1952 octets] ##########

-----------------------------

JRT

Junkware Removal Tool (JRT) by Thisisu
Version: 1.8.2 (10.20.2012)
OS: Windows 7 Home Premium x64
Ran by Admin on la 20.10.2012 at 17:46:25,79
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files:

Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.1049.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.1049.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\Admin\AppData\Roaming\yourfiledownloader"



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on la 20.10.2012 at 20:15:07,06
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:49 AM

Posted 20 October 2012 - 12:29 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 xtcvv2

xtcvv2
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 20 October 2012 - 02:50 PM

Farbar Service Scanner Version: 19-10-2012
Ran by Admin (administrator) on 20-10-2012 at 22:44:33
Running from "C:\Users\Admin\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

------------------------------------------------------------------

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/20/2012 10:45:27 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Admin\Documents\Object Dock\Dock64.exe (PID: 3280) [UP-HEUR]
* C:\Users\Admin\Documents\Object Dock\ObjectDockTray.exe (PID: 3740) [UP-HEUR]

2 proccesses terminated!

Possibly Patched Files.

* C:\Windows\Explorer.EXE

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Admin\Desktop\rkill\rkill-10-20-2012-10-45-31.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* C:\Windows\System32\UxTheme.dll [NoSig]
+-> C:\Windows\system64\uxtheme.dll : 332 288 : 07/11/2012 07:31 PM : 8bf20c54ffb37cfb960f708ffa813fa7 [Pos Repl]
+-> C:\Windows\SysWOW64\uxtheme.dll : 245 760 : 07/14/2009 07:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332 288 : 07/14/2009 00:41 AM : d29e998e8277666982b4f0303bf4e7af [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245 760 : 07/14/2009 00:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]

* C:\Windows\explorer.exe [NoSig]
+-> C:\Windows\SysWOW64\explorer.exe : 2 616 320 : 02/25/2011 07:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe : 2 872 320 : 11/21/2010 00:24 AM : ac4c51eb24aa95b77f705ab159189e24 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe : 2 871 808 : 02/25/2011 00:19 AM : 332feab1435662fc6c672e25beb37be3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe : 2 871 808 : 02/26/2011 00:14 AM : 3b69712041f3d63605529bd66dc00c48 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe : 2 616 320 : 11/21/2010 00:24 AM : 40d777b7a95e00593eb1568c68514493 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe : 2 616 320 : 02/25/2011 00:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe : 2 616 320 : 02/26/2011 00:19 AM : 0fb9c74046656d1579a64660ad67b746 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

Program finished at: 10/20/2012 10:46:04 PM
Execution time: 0 hours(s), 0 minute(s), and 37 seconds(s)

------------------------------------------------------------------

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "COMODO Internet Security" "COMODO Internet Security" "COMODO" "c:\program files\comodo\comodo internet security\cfp.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HDAudDeck" "VIA HD Audio CPL" "VIA" "c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe"
+ "LogMeIn Hamachi Ui" "Hamachi Client Application" "LogMeIn Inc." "c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe"
+ "Razer Synapse" "Razer Synapse" "Razer USA Ltd" "c:\program files (x86)\razer\synapse\rzsynapse.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "WinampAgent" "Winamp Agent" "Nullsoft, Inc." "c:\program files (x86)\winamp\winampa.exe"
"C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Rainmeter.lnk" "" "" "c:\program files\rainmeter\rainmeter.exe"
+ "Samurize.lnk" "" "Samurize.com" "c:\program files (x86)\samurize\client.exe"
+ "Stardock ObjectDock.lnk" "ObjectDock" "Stardock" "c:\users\admin\documents\object dock\objectdock.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Actual Multiple Monitors" "Actual Multiple Monitors" "Actual Tools" "c:\program files (x86)\actual multiple monitors\actualmultiplemonitorscenter.exe"
+ "MaxMaxMN" "MaxMax" "Marcin Nowok" "c:\program files\maxmax\maxmax.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler" "" "" ""
+ "Theme Resource Changer" "" "" "File not found: \Program Files\Theme Resource Changer\ThemeResourceChanger.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "Comodo Antivirus" "COMODO Internet Security" "COMODO" "c:\program files\comodo\comodo internet security\cavshell.dll"
+ "PowerISO" "PowerISOShell DLL" "Power Software Ltd" "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "PowerISO" "PowerISOShell DLL" "Power Software Ltd" "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Actual Multiple Monitors" "Actual Multiple Monitors Shell Extension Library" "Actual Tools" "c:\program files (x86)\actual multiple monitors\actualmultiplemonitorsshellextension64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Actual Multiple Monitors" "Actual Multiple Monitors Shell Extension Library" "Actual Tools" "c:\program files (x86)\actual multiple monitors\actualmultiplemonitorsshellextension.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Comodo Antivirus" "COMODO Internet Security" "COMODO" "c:\program files\comodo\comodo internet security\cavshell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "PowerISO" "PowerISOShell DLL" "Power Software Ltd" "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Run IMVU" "" "" "c:\users\admin\appdata\roaming\microsoft\windows\start menu\programs\imvu\run imvu.lnk"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Moo0 TransparentMenu 1.12" "" "" "File not found: C:\Program Files (x86)\Moo0\TransparentMenu 1.12\TransparentMenu.exe"
+ "\RegClean Pro_DEFAULT" "RegClean Pro" "Systweak Inc" "c:\program files (x86)\regclean pro\regcleanpro.exe"
X "\RegClean Pro_UPDATES" "RegClean Pro" "Systweak Inc" "c:\program files (x86)\regclean pro\regcleanpro.exe"
+ "\RegClean Prosch" "RegClean Pro" "Systweak Inc" "c:\program files (x86)\regclean pro\regcleanpro.exe"
+ "\SUPERAntiSpyware Scheduled Task 14810130-3a7b-4f7b-9e98-179de5b2d91b" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "c:\program files\superantispyware\sastask.exe"
+ "\SUPERAntiSpyware Scheduled Task 3efc292f-1970-4dbd-a9b2-c3f4ab271819" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "c:\program files\superantispyware\sastask.exe"
X "\Your File Updater" "" "" "File not found: C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "CLPSLS" "COMODO livePCsupport Service" "COMODO" "c:\program files\comodo\comodo geekbuddy\clpsls.exe"
+ "cmdAgent" "COMODO Internet Security Helper Service" "COMODO" "c:\program files\comodo\comodo internet security\cmdagent.exe"
+ "gupdate" "Pitää Google-ohjelmistot päivitettyinä. Jos tämä palvelu poistetaan käytöstä tai pysäytetään, Google-ohjelmistoja ei päivitetä. Mahdollisesti ilmeneviä tietoturva-aukkoja ei tällöin voida korjata eivätkä jotkin ominaisuudet välttämättä toimi. Tämä palvelu poistetaan automaattisesti, kun sitä käyttäviä Google-ohjelmistoja ei ole asennettuna." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Pitää Google-ohjelmistot päivitettyinä. Jos tämä palvelu poistetaan käytöstä tai pysäytetään, Google-ohjelmistoja ei päivitetä. Mahdollisesti ilmeneviä tietoturva-aukkoja ei tällöin voida korjata eivätkä jotkin ominaisuudet välttämättä toimi. Tämä palvelu poistetaan automaattisesti, kun sitä käyttäviä Google-ohjelmistoja ei ole asennettuna." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "Hamachi2Svc" "Hamachi Client Tunneling Engine" "LogMeIn Inc." "c:\program files (x86)\logmein hamachi\hamachi-2.exe"
+ "HiPatchService" "HiPatchService" "Hi-Rez Studios" "c:\program files (x86)\hi-rez studios\hipatchservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "NitroReaderDriverReadSpool2" "Nitro Reader Driver Read Spool 2" "Nitro PDF Software" "c:\program files\common files\nitro pdf\reader\2.0\nitropdfreaderdriverservice2x64.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "OverwolfUpdaterService" "OWService" "Overwolf Ltd" "c:\program files (x86)\overwolf\overwolfupdater.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1036] http://www.evenbalance.com" "" "c:\windows\syswow64\pnkbstra.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "TunngleService" "Tunngle Service" "Tunngle.net GmbH" "c:\program files (x86)\tunngle\tnglctrl.exe"
+ "UI0Detect" "@%SystemRoot%\system32\ui0detect.exe,-102" "" "File not found: C:\Windows\system32\UI0Detect.exe"
+ "VIAKaraokeService" "Service binary" "VIA Technologies, Inc." "c:\windows\system32\viakaraokesrv.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "ALSysIO" "" "" "File not found: C:\Users\Admin\AppData\Local\Temp\ALSysIO64.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athur" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athurx.sys"
+ "ATP" "" "" "File not found: system32\DRIVERS\cmdatp.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "camfilt2" "Filter Driver for the Hercules Webcams (MJPG)" "Guillemot Corporation" "c:\windows\system32\drivers\camfilt2.sys"
+ "cmderd" "COMODO Internet Security Eradication Driver" "COMODO" "c:\windows\system32\drivers\cmderd.sys"
+ "cmdGuard" "COMODO Internet Security Sandbox Driver" "COMODO" "c:\windows\system32\drivers\cmdguard.sys"
+ "cmdHlp" "COMODO Internet Security Helper Driver" "COMODO" "c:\windows\system32\drivers\cmdhlp.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "EagleX64" "" "" "File not found: C:\Windows\system32\drivers\EagleX64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "ew_hwusbdev" "" "" "File not found: system32\DRIVERS\ew_hwusbdev.sys"
+ "ew_usbenumfilter" "" "" "File not found: system32\DRIVERS\ew_usbenumfilter.sys"
+ "ewusbnet" "" "" "File not found: system32\DRIVERS\ewusbnet.sys"
+ "Fwleaf" "" "" "File not found: system32\DRIVERS\fwleaf.sys"
+ "hamachi" "Hamachi Virtual Network Interface Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\hamachi.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hipeer20" "Remobo Virtual Interface" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\remobo64.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "huawei_enumerator" "" "" "File not found: system32\DRIVERS\ew_jubusenum.sys"
+ "hwdatacard" "" "" "File not found: system32\DRIVERS\ewusbmdm.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "inspect" "COMODO Internet Security Firewall Driver" "COMODO" "c:\windows\system32\drivers\inspect.sys"
+ "leafnets" "Leaf Networks Network Adapter" "Leaf Networks" "c:\windows\system32\drivers\leafnets.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "ManyCam" "ManyCam Virtual Webcam" "ManyCam LLC" "c:\windows\system32\drivers\mcvidrv_x64.sys"
+ "massfilter" "" "" "File not found: system32\drivers\massfilter.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mcaudrv_simple" "ManyCam Virtual Microphone" "ManyCam LLC" "c:\windows\system32\drivers\mcaudrv_x64.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NLNdisMP" "" "" "File not found: system32\DRIVERS\nlndis.sys"
+ "NLNdisPT" "" "" "File not found: system32\DRIVERS\nlndis.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 301.42 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "OM0530" "Video streaming and Capture Device Driver" "OmniVision Technology Inc." "c:\windows\system32\drivers\ov530vx.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "rzdaendpt" "Razer RzEndPt" "Razer USA Ltd" "c:\windows\system32\drivers\rzdaendpt.sys"
+ "rzendpt" "Razer RzEndPt" "Razer USA Ltd" "c:\windows\system32\drivers\rzendpt.sys"
+ "RzSynapse" "Razer Synapse Engine" "Razer USA Ltd" "c:\windows\system32\drivers\rzsynapse.sys"
+ "rzudd" "Razer Rzudd Engine" "Razer USA Ltd" "c:\windows\system32\drivers\rzudd.sys"
+ "rzvkeyboard" "Razer Keyboard Device" "Razer USA Ltd" "c:\windows\system32\drivers\rzvkeyboard.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "SCDEmu" "PowerISO Virtual Drive" "Power Software Ltd" "c:\windows\system32\drivers\scdemu.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "tap0901t" "TAP-Win32 Virtual Network Driver" "Tunngle.net" "c:\windows\system32\drivers\tap0901t.sys"
+ "vcd10bus" "Virtual CD - BusEnumerator 64-Bit Driver" "H+H Software GmbH" "c:\windows\system32\drivers\vcd10bus.sys"
+ "vflt" "Shrew Soft Lightweight Filter" "Shrew Soft Inc" "c:\windows\system32\drivers\vfilter.sys"
+ "VIAHdAudAddService" "VIA High Definition Audio Function Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viahduaa.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vnet" "Shrew Soft Virtual Adapter" "Shrew Soft Inc" "c:\windows\system32\drivers\virtualnet.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
+ "WPRO_41_1742" "" "" "File not found: system32\drivers\WPRO_41_1742.sys"
+ "ZTEusbmdm6k" "" "" "File not found: system32\DRIVERS\ZTEusbmdm6k.sys"
+ "ZTEusbnmea" "" "" "File not found: system32\DRIVERS\ZTEusbnmea.sys"
+ "ZTEusbser6k" "" "" "File not found: system32\DRIVERS\ZTEusbser6k.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.bdmpeg" "" "" "c:\windows\system32\bdmpega64.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\system32\frapsv64.dll"
+ "vidc.mjpg" "" "" "c:\windows\system32\bdmjpeg64.dll"
+ "vidc.mpeg" "" "" "c:\windows\system32\bdmpegv64.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid64.dll"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.bdmpeg" "" "" "c:\windows\syswow64\bdmpega.acm"
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "msacm.vorbis" "Ogg Vorbis CODEC for MSACM" "HMS http://hp.vector.co.jp/authors/VA012897/" "c:\windows\syswow64\vorbis.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\syswow64\frapsvid.dll"
+ "vidc.mjpg" "" "" "c:\windows\syswow64\bdmjpeg.dll"
+ "vidc.mpeg" "" "" "c:\windows\syswow64\bdmpegv.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "IL FL Studio DXi" "" "Image-Line" "c:\program files (x86)\image-line\fl studio 10\system\plugin\dxi\fl studio dxi.dll"
+ "IL Multi FL Studio DXi" "" "Image-Line" "c:\program files (x86)\image-line\fl studio 10\system\plugin\dxi\fl studio dxi (multi).dll"
+ "iZotope Consumer Restoration" "iZotope Consumer Restoration" "iZotope, Inc." "c:\program files (x86)\common files\techsmith shared\izotope\izotope_consumerrestoration.dll"
+ "iZotope Vocal Enhancement" "iZotope Vocal Enhancement" "iZotope, Inc." "c:\program files (x86)\common files\techsmith shared\izotope\izotope_vocalenhancement.dll"
+ "NI Massive" "Massive" "Native Instruments GmbH" "c:\program files (x86)\native instruments\massive\dxi\massivedxi.dll"
+ "Sony Amplitude Modulation" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"
+ "Sony Chorus" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"
+ "Sony Distortion" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"
+ "Sony Dither" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sftrkfx1_x64.dll"
+ "Sony ExpressFX Amplitude Modulation" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx2_x64.dll"
+ "Sony ExpressFX Audio Restoration" "Sony ExpressFX Audio Restoration" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\xpvinyl_x64.dll"
+ "Sony ExpressFX Chorus" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx2_x64.dll"
+ "Sony ExpressFX Delay" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx2_x64.dll"
+ "Sony ExpressFX Distortion" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx1_x64.dll"
+ "Sony ExpressFX Dynamics" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx3_x64.dll"
+ "Sony ExpressFX Equalization" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx2_x64.dll"
+ "Sony ExpressFX Flange/Wah-Wah" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx1_x64.dll"
+ "Sony ExpressFX Graphic EQ" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx3_x64.dll"
+ "Sony ExpressFX Noise Gate" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx3_x64.dll"
+ "Sony ExpressFX Reverb" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx1_x64.dll"
+ "Sony ExpressFX Stutter" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx1_x64.dll"
+ "Sony ExpressFX Time Stretch" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfxpfx3_x64.dll"
+ "Sony Flange/Wah-wah" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"
+ "Sony Gapper/Snipper" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"
+ "Sony Graphic Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"
+ "Sony Graphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"
+ "Sony Multi-Band Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"
+ "Sony Multi-Tap Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"
+ "Sony Noise Gate" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"
+ "Sony Pan" "Sound Forge Pro Pan and Volume 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sffrgpnv_x64.dll"
+ "Sony Paragraphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"
+ "Sony Parametric EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack2_x64.dll"
+ "Sony Pitch Shift" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"
+ "Sony Resonant Filter" "Sony Resonant Filter" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfresfilter_x64.dll"
+ "Sony Reverb" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"
+ "Sony Simple Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"
+ "Sony Smooth/Enhance" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"
+ "Sony Time Stretch" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack1_x64.dll"
+ "Sony Track Compressor" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sftrkfx1_x64.dll"
+ "Sony Track EQ" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sftrkfx1_x64.dll"
+ "Sony Track Noise Gate" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sftrkfx1_x64.dll"
+ "Sony Vibrato" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfppack3_x64.dll"
+ "Sony Volume" "Sound Forge Pro Pan and Volume 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\sffrgpnv_x64.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Bandisoft MPEG-1 Audio Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters64.dll"
+ "Bandisoft MPEG-1 Video Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters64.dll"
+ "Sony Wave Hammer Surround" "Sony Wave Hammer 5.1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio_x64\mchammer_x64.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Bandisoft MPEG-1 Audio Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll"
+ "Bandisoft MPEG-1 Video Decoder" "Bandisoft Directshow Filter" "www.Bandisoft.com" "c:\program files (x86)\bandimpeg1\bdfilters.dll"
+ "Video Memory Render Filter" "" "" "c:\program files (x86)\image-line\fl studio 10\plugins\fruity\effects\zgameeditor visualizer\videomemoryrenderfilter.ax"
+ "WebM Muxer Filter" "WebM Multiplexer Filter" "Google" "c:\program files (x86)\manycam\bin\webmmux.dll"
+ "WebM Source Filter" "WebM Source Filter" "Google" "c:\program files (x86)\manycam\bin\webmsource.dll"
+ "WebM Splitter Filter" "Webm Splitter Filter" "Google" "c:\program files (x86)\manycam\bin\webmsplit.dll"
+ "WebM VP8 Decoder Filter" "WebM VP8 Decoder Filter" "Google" "c:\program files (x86)\manycam\bin\vp8decoder.dll"
+ "WebM VP8 Encoder Filter" "WebM VP8 Encoder Filter" "Google" "c:\program files (x86)\manycam\bin\vp8encoder.dll"
+ "Xiph.Org Vorbis Decoder" "" "" "c:\program files (x86)\manycam\bin\dsfvorbisdecoder.dll"
+ "Xiph.Org Vorbis Encoder" "" "" "c:\program files (x86)\manycam\bin\dsfvorbisencoder.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
+ "YUV Transform" "YUV-RGB Converter" "GDCL (http://www.gdcl.co.uk)" "c:\program files (x86)\manycam\bin\yuvxfm.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ " C:\Windows\system32\guard64.dll" "COMODO Internet Security" "COMODO" "c:\windows\system32\guard64.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\Windows\SysWOW64\guard32.dll" "COMODO Internet Security" "COMODO" "c:\windows\syswow64\guard32.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Nitro PDF Port Monitor" "Windows NT Nitro Print PDF Interface Driver" "Nitro PDF Software" "c:\windows\system32\nitrolocalmon2.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:49 AM

Posted 20 October 2012 - 02:59 PM

Click on startmenu and type

cmd

Right click on it,select run as administrator and run this command

sfc /scanfile=c:\windows\explorer.exe

After scan finishes run this command

sfc /scanfile=c:\windows\system32\uxtheme.dll

Restart the PC after scan and post the new RKILL log

#9 xtcvv2

xtcvv2
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 20 October 2012 - 03:11 PM

uxtheme.dll is patched so that I can use custom themes.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:49 AM

Posted 20 October 2012 - 03:15 PM

ok then ignore UXTHEME.DLL ,just run the command for explorer.exe alone.

#11 xtcvv2

xtcvv2
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 20 October 2012 - 03:34 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/20/2012 11:31:02 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Admin\Documents\Object Dock\Dock64.exe (PID: 3760) [UP-HEUR]
* C:\Users\Admin\Documents\Object Dock\ObjectDockTray.exe (PID: 3460) [UP-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* C:\Windows\System32\UxTheme.dll [NoSig]
+-> C:\Windows\system64\uxtheme.dll : 332 288 : 07/11/2012 07:31 PM : 8bf20c54ffb37cfb960f708ffa813fa7 [Pos Repl]
+-> C:\Windows\SysWOW64\uxtheme.dll : 245 760 : 07/14/2009 07:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332 288 : 07/14/2009 00:41 AM : d29e998e8277666982b4f0303bf4e7af [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245 760 : 07/14/2009 00:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

Program finished at: 10/20/2012 11:31:59 PM
Execution time: 0 hours(s), 0 minute(s), and 56 seconds(s)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:49 AM

Posted 20 October 2012 - 03:37 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#13 xtcvv2

xtcvv2
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 20 October 2012 - 03:41 PM

Thanks for the help, really appreciated it. :D

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:49 AM

Posted 20 October 2012 - 03:43 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users