Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help, commercial/movie trailer audio in background


  • Please log in to reply
9 replies to this topic

#1 s14lenny

s14lenny

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 25 November 2012 - 12:25 PM

I've been having some problem with this for sometime now. Whenever my computer is just sitting idle, it'll just randomly start to play audio ranging from movie trailers to just commercials. Can anyone help?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:43 PM

Posted 25 November 2012 - 12:43 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 s14lenny

s14lenny
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 25 November 2012 - 03:30 PM

TdssKiller:


13:35:58.0421 6788 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:35:58.0963 6788 ============================================================
13:35:58.0963 6788 Current date / time: 2012/11/25 13:35:58.0963
13:35:58.0963 6788 SystemInfo:
13:35:58.0963 6788
13:35:58.0963 6788 OS Version: 6.1.7601 ServicePack: 1.0
13:35:58.0963 6788 Product type: Workstation
13:35:58.0963 6788 ComputerName: LENNY-PC
13:35:58.0963 6788 UserName: lenny
13:35:58.0963 6788 Windows directory: C:\Windows
13:35:58.0963 6788 System windows directory: C:\Windows
13:35:58.0963 6788 Running under WOW64
13:35:58.0963 6788 Processor architecture: Intel x64
13:35:58.0963 6788 Number of processors: 4
13:35:58.0963 6788 Page size: 0x1000
13:35:58.0963 6788 Boot type: Normal boot
13:35:58.0963 6788 ============================================================
13:35:59.0186 6788 Drive \Device\Harddisk1\DR1 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x204E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
13:35:59.0186 6788 Drive \Device\Harddisk2\DR2 - Size: 0x45DD71DE00 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:36:08.0248 6788 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:36:17.0441 6788 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:36:21.0251 6788 Drive \Device\Harddisk4\DR4 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:36:21.0251 6788 Drive \Device\Harddisk5\DR5 - Size: 0x1E1400000 (7.52 Gb), SectorSize: 0x200, Cylinders: 0x3D5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:36:21.0261 6788 ============================================================
13:36:21.0261 6788 \Device\Harddisk1\DR1:
13:36:21.0261 6788 MBR partitions:
13:36:21.0261 6788 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x773F800
13:36:21.0261 6788 \Device\Harddisk2\DR2:
13:36:21.0261 6788 MBR partitions:
13:36:21.0261 6788 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22EEA800
13:36:21.0261 6788 \Device\Harddisk3\DR3:
13:36:21.0271 6788 GPT partitions:
13:36:21.0271 6788 \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {5808C8AA-7E8F-42E0-85D2-E1E90434CFB3}, UniqueGUID: {07259065-6B97-11DF-884F-001FD08E81A0}, Name: LDM metadata partition, StartLBA 0x22, BlocksNum 0x800
13:36:21.0271 6788 \Device\Harddisk3\DR3\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A259091F-B6CA-4457-AA40-36D70FD165F8}, Name: Microsoft reserved partition, StartLBA 0x822, BlocksNum 0x3F800
13:36:21.0271 6788 \Device\Harddisk3\DR3\Partition3: GPT, TypeGUID: {AF9B60A0-1431-4F62-BC68-3311714A69AD}, UniqueGUID: {07259068-6B97-11DF-884F-001FD08E81A0}, Name: LDM data partition, StartLBA 0x40022, BlocksNum 0x746C6D6D
13:36:21.0271 6788 MBR partitions:
13:36:21.0271 6788 \Device\Harddisk0\DR0:
13:36:21.0281 6788 MBR partitions:
13:36:21.0281 6788 \Device\Harddisk4\DR4:
13:36:21.0281 6788 MBR partitions:
13:36:21.0281 6788 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
13:36:21.0281 6788 \Device\Harddisk5\DR5:
13:36:21.0281 6788 MBR partitions:
13:36:21.0281 6788 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xF07956
13:36:21.0281 6788 ============================================================
13:36:21.0281 6788 C: <-> \Device\Harddisk1\DR1\Partition1
13:36:21.0291 6788 F: <-> \Device\Harddisk2\DR2\Partition1
13:36:21.0321 6788 H: <-> \Device\Harddisk4\DR4\Partition1
13:36:21.0321 6788 ============================================================
13:36:21.0321 6788 Initialize success
13:36:21.0321 6788 ============================================================
13:37:02.0817 6360 ============================================================
13:37:02.0817 6360 Scan started
13:37:02.0817 6360 Mode: Manual; TDLFS;
13:37:02.0817 6360 ============================================================
13:37:03.0102 6360 ================ Scan system memory ========================
13:37:03.0102 6360 System memory - ok
13:37:03.0102 6360 ================ Scan services =============================
13:37:03.0131 6360 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:37:03.0133 6360 1394ohci - ok
13:37:03.0138 6360 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:37:03.0141 6360 ACPI - ok
13:37:03.0143 6360 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:37:03.0144 6360 AcpiPmi - ok
13:37:03.0148 6360 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:37:03.0149 6360 AdobeARMservice - ok
13:37:03.0154 6360 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:37:03.0158 6360 adp94xx - ok
13:37:03.0162 6360 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:37:03.0165 6360 adpahci - ok
13:37:03.0168 6360 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:37:03.0170 6360 adpu320 - ok
13:37:03.0173 6360 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:37:03.0174 6360 AeLookupSvc - ok
13:37:03.0179 6360 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:37:03.0183 6360 AFD - ok
13:37:03.0186 6360 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:37:03.0187 6360 agp440 - ok
13:37:03.0190 6360 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:37:03.0191 6360 ALG - ok
13:37:03.0193 6360 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:37:03.0193 6360 aliide - ok
13:37:03.0196 6360 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:37:03.0196 6360 amdide - ok
13:37:03.0199 6360 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:37:03.0200 6360 AmdK8 - ok
13:37:03.0202 6360 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:37:03.0203 6360 AmdPPM - ok
13:37:03.0205 6360 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:37:03.0206 6360 amdsata - ok
13:37:03.0210 6360 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:37:03.0212 6360 amdsbs - ok
13:37:03.0214 6360 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:37:03.0214 6360 amdxata - ok
13:37:03.0217 6360 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:37:03.0218 6360 AppID - ok
13:37:03.0221 6360 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:37:03.0221 6360 AppIDSvc - ok
13:37:03.0224 6360 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:37:03.0225 6360 Appinfo - ok
13:37:03.0229 6360 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:37:03.0230 6360 Apple Mobile Device - ok
13:37:03.0232 6360 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
13:37:03.0233 6360 AppleCharger - ok
13:37:03.0235 6360 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
13:37:03.0235 6360 AppleChargerSrv - ok
13:37:03.0238 6360 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:37:03.0239 6360 arc - ok
13:37:03.0241 6360 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:37:03.0242 6360 arcsas - ok
13:37:03.0244 6360 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:37:03.0245 6360 AsyncMac - ok
13:37:03.0247 6360 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:37:03.0247 6360 atapi - ok
13:37:03.0254 6360 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:37:03.0259 6360 AudioEndpointBuilder - ok
13:37:03.0265 6360 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:37:03.0268 6360 AudioSrv - ok
13:37:03.0270 6360 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:37:03.0272 6360 AxInstSV - ok
13:37:03.0277 6360 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:37:03.0280 6360 b06bdrv - ok
13:37:03.0285 6360 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:37:03.0287 6360 b57nd60a - ok
13:37:03.0291 6360 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:37:03.0292 6360 BDESVC - ok
13:37:03.0294 6360 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:37:03.0294 6360 Beep - ok
13:37:03.0296 6360 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:37:03.0297 6360 blbdrive - ok
13:37:03.0302 6360 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:37:03.0304 6360 Bonjour Service - ok
13:37:03.0307 6360 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:37:03.0308 6360 bowser - ok
13:37:03.0310 6360 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:37:03.0311 6360 BrFiltLo - ok
13:37:03.0312 6360 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:37:03.0313 6360 BrFiltUp - ok
13:37:03.0317 6360 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
13:37:03.0318 6360 Browser - ok
13:37:03.0322 6360 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:37:03.0325 6360 Brserid - ok
13:37:03.0327 6360 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:37:03.0328 6360 BrSerWdm - ok
13:37:03.0331 6360 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:37:03.0331 6360 BrUsbMdm - ok
13:37:03.0333 6360 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:37:03.0334 6360 BrUsbSer - ok
13:37:03.0336 6360 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:37:03.0337 6360 BTHMODEM - ok
13:37:03.0340 6360 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:37:03.0342 6360 bthserv - ok
13:37:03.0344 6360 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:37:03.0345 6360 cdfs - ok
13:37:03.0348 6360 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:37:03.0350 6360 cdrom - ok
13:37:03.0353 6360 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:37:03.0354 6360 CertPropSvc - ok
13:37:03.0356 6360 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:37:03.0357 6360 circlass - ok
13:37:03.0361 6360 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:37:03.0364 6360 CLFS - ok
13:37:03.0370 6360 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:37:03.0370 6360 clr_optimization_v2.0.50727_32 - ok
13:37:03.0376 6360 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:37:03.0376 6360 clr_optimization_v2.0.50727_64 - ok
13:37:03.0383 6360 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:37:03.0384 6360 clr_optimization_v4.0.30319_32 - ok
13:37:03.0391 6360 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:37:03.0392 6360 clr_optimization_v4.0.30319_64 - ok
13:37:03.0394 6360 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:37:03.0395 6360 CmBatt - ok
13:37:03.0397 6360 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:37:03.0398 6360 cmdide - ok
13:37:03.0403 6360 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:37:03.0406 6360 CNG - ok
13:37:03.0408 6360 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:37:03.0409 6360 Compbatt - ok
13:37:03.0411 6360 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:37:03.0412 6360 CompositeBus - ok
13:37:03.0413 6360 COMSysApp - ok
13:37:03.0420 6360 cpuz135 - ok
13:37:03.0422 6360 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:37:03.0423 6360 crcdisk - ok
13:37:03.0427 6360 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:37:03.0429 6360 CryptSvc - ok
13:37:03.0508 6360 [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc f:\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe
13:37:03.0509 6360 DAUpdaterSvc - ok
13:37:03.0515 6360 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:37:03.0520 6360 DcomLaunch - ok
13:37:03.0524 6360 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:37:03.0527 6360 defragsvc - ok
13:37:03.0529 6360 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:37:03.0530 6360 DfsC - ok
13:37:03.0535 6360 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:37:03.0538 6360 Dhcp - ok
13:37:03.0540 6360 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:37:03.0541 6360 discache - ok
13:37:03.0543 6360 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:37:03.0544 6360 Disk - ok
13:37:03.0546 6360 dldt_device - ok
13:37:03.0550 6360 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:37:03.0552 6360 Dnscache - ok
13:37:03.0556 6360 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:37:03.0558 6360 dot3svc - ok
13:37:03.0561 6360 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:37:03.0563 6360 DPS - ok
13:37:03.0565 6360 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:37:03.0566 6360 drmkaud - ok
13:37:03.0574 6360 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:37:03.0578 6360 DXGKrnl - ok
13:37:03.0581 6360 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:37:03.0583 6360 EapHost - ok
13:37:03.0584 6360 easytether - ok
13:37:03.0609 6360 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:37:03.0631 6360 ebdrv - ok
13:37:03.0634 6360 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:37:03.0635 6360 EFS - ok
13:37:03.0642 6360 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:37:03.0645 6360 ehRecvr - ok
13:37:03.0648 6360 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:37:03.0649 6360 ehSched - ok
13:37:03.0654 6360 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:37:03.0658 6360 elxstor - ok
13:37:03.0661 6360 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:37:03.0661 6360 ErrDev - ok
13:37:03.0665 6360 [ DB6AEC32FAF5BD002D9ED6C38692D42B ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
13:37:03.0665 6360 EtronHub3 - ok
13:37:03.0668 6360 [ 9CC2F24274741E12F9DF92125EA6D6D8 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
13:37:03.0669 6360 EtronXHCI - ok
13:37:03.0674 6360 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:37:03.0677 6360 EventSystem - ok
13:37:03.0681 6360 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:37:03.0682 6360 exfat - ok
13:37:03.0686 6360 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:37:03.0688 6360 fastfat - ok
13:37:03.0695 6360 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:37:03.0700 6360 Fax - ok
13:37:03.0702 6360 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:37:03.0703 6360 fdc - ok
13:37:03.0705 6360 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:37:03.0705 6360 fdPHost - ok
13:37:03.0708 6360 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:37:03.0708 6360 FDResPub - ok
13:37:03.0711 6360 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:37:03.0711 6360 FileInfo - ok
13:37:03.0713 6360 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:37:03.0714 6360 Filetrace - ok
13:37:03.0716 6360 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:37:03.0717 6360 flpydisk - ok
13:37:03.0721 6360 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:37:03.0723 6360 FltMgr - ok
13:37:03.0733 6360 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:37:03.0743 6360 FontCache - ok
13:37:03.0746 6360 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:37:03.0746 6360 FontCache3.0.0.0 - ok
13:37:03.0749 6360 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:37:03.0750 6360 FsDepends - ok
13:37:03.0752 6360 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:37:03.0753 6360 Fs_Rec - ok
13:37:03.0756 6360 [ 0D015D3584704EC814A58276232F143B ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
13:37:03.0756 6360 Futuremark SystemInfo Service - ok
13:37:03.0759 6360 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:37:03.0761 6360 fvevol - ok
13:37:03.0764 6360 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:37:03.0764 6360 gagp30kx - ok
13:37:03.0766 6360 gdrv - ok
13:37:03.0768 6360 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:37:03.0769 6360 GEARAspiWDM - ok
13:37:03.0776 6360 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:37:03.0782 6360 gpsvc - ok
13:37:03.0784 6360 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:37:03.0785 6360 hcw85cir - ok
13:37:03.0789 6360 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:37:03.0792 6360 HdAudAddService - ok
13:37:03.0795 6360 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:37:03.0796 6360 HDAudBus - ok
13:37:03.0798 6360 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:37:03.0799 6360 HidBatt - ok
13:37:03.0802 6360 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:37:03.0803 6360 HidBth - ok
13:37:03.0806 6360 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:37:03.0806 6360 HidIr - ok
13:37:03.0809 6360 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:37:03.0809 6360 hidserv - ok
13:37:03.0812 6360 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:37:03.0812 6360 HidUsb - ok
13:37:03.0815 6360 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:37:03.0816 6360 hkmsvc - ok
13:37:03.0819 6360 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:37:03.0822 6360 HomeGroupListener - ok
13:37:03.0825 6360 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:37:03.0827 6360 HomeGroupProvider - ok
13:37:03.0831 6360 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:37:03.0832 6360 HpSAMD - ok
13:37:03.0834 6360 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
13:37:03.0835 6360 HTCAND64 - ok
13:37:03.0838 6360 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
13:37:03.0839 6360 htcnprot - ok
13:37:03.0845 6360 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:37:03.0851 6360 HTTP - ok
13:37:03.0853 6360 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:37:03.0853 6360 hwpolicy - ok
13:37:03.0856 6360 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:37:03.0857 6360 i8042prt - ok
13:37:03.0863 6360 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:37:03.0867 6360 iaStorV - ok
13:37:03.0875 6360 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:37:03.0879 6360 idsvc - ok
13:37:03.0958 6360 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:37:04.0032 6360 igfx - ok
13:37:04.0036 6360 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:37:04.0037 6360 iirsp - ok
13:37:04.0045 6360 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:37:04.0051 6360 IKEEXT - ok
13:37:04.0073 6360 [ 98F4E841EA43ED5A442F0DC60CAB4326 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:37:04.0085 6360 IntcAzAudAddService - ok
13:37:04.0089 6360 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:37:04.0092 6360 IntcDAud - ok
13:37:04.0094 6360 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:37:04.0094 6360 intelide - ok
13:37:04.0106 6360 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:37:04.0106 6360 intelppm - ok
13:37:04.0109 6360 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:37:04.0110 6360 IPBusEnum - ok
13:37:04.0113 6360 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:37:04.0113 6360 IpFilterDriver - ok
13:37:04.0116 6360 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:37:04.0118 6360 IPMIDRV - ok
13:37:04.0120 6360 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:37:04.0122 6360 IPNAT - ok
13:37:04.0130 6360 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:37:04.0134 6360 iPod Service - ok
13:37:04.0136 6360 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:37:04.0137 6360 IRENUM - ok
13:37:04.0139 6360 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:37:04.0140 6360 isapnp - ok
13:37:04.0144 6360 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:37:04.0147 6360 iScsiPrt - ok
13:37:04.0150 6360 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:37:04.0151 6360 kbdclass - ok
13:37:04.0153 6360 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:37:04.0154 6360 kbdhid - ok
13:37:04.0156 6360 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:37:04.0156 6360 KeyIso - ok
13:37:04.0160 6360 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:37:04.0160 6360 KSecDD - ok
13:37:04.0163 6360 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:37:04.0165 6360 KSecPkg - ok
13:37:04.0167 6360 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:37:04.0167 6360 ksthunk - ok
13:37:04.0171 6360 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:37:04.0175 6360 KtmRm - ok
13:37:04.0178 6360 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:37:04.0181 6360 LanmanServer - ok
13:37:04.0184 6360 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:37:04.0185 6360 LanmanWorkstation - ok
13:37:04.0189 6360 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:37:04.0190 6360 lltdio - ok
13:37:04.0194 6360 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:37:04.0197 6360 lltdsvc - ok
13:37:04.0199 6360 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:37:04.0200 6360 lmhosts - ok
13:37:04.0203 6360 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:37:04.0204 6360 LSI_FC - ok
13:37:04.0207 6360 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:37:04.0208 6360 LSI_SAS - ok
13:37:04.0210 6360 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:37:04.0211 6360 LSI_SAS2 - ok
13:37:04.0214 6360 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:37:04.0215 6360 LSI_SCSI - ok
13:37:04.0218 6360 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:37:04.0219 6360 luafv - ok
13:37:04.0221 6360 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:37:04.0222 6360 Mcx2Svc - ok
13:37:04.0224 6360 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:37:04.0225 6360 megasas - ok
13:37:04.0229 6360 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:37:04.0231 6360 MegaSR - ok
13:37:04.0234 6360 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:37:04.0234 6360 MEIx64 - ok
13:37:04.0237 6360 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:37:04.0238 6360 MMCSS - ok
13:37:04.0240 6360 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:37:04.0241 6360 Modem - ok
13:37:04.0243 6360 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:37:04.0243 6360 monitor - ok
13:37:04.0246 6360 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:37:04.0246 6360 mouclass - ok
13:37:04.0248 6360 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:37:04.0249 6360 mouhid - ok
13:37:04.0251 6360 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:37:04.0252 6360 mountmgr - ok
13:37:04.0255 6360 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:37:04.0257 6360 mpio - ok
13:37:04.0259 6360 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:37:04.0260 6360 mpsdrv - ok
13:37:04.0263 6360 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:37:04.0264 6360 MRxDAV - ok
13:37:04.0268 6360 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:37:04.0269 6360 mrxsmb - ok
13:37:04.0273 6360 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:37:04.0276 6360 mrxsmb10 - ok
13:37:04.0279 6360 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:37:04.0280 6360 mrxsmb20 - ok
13:37:04.0282 6360 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:37:04.0283 6360 msahci - ok
13:37:04.0286 6360 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:37:04.0288 6360 msdsm - ok
13:37:04.0291 6360 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:37:04.0292 6360 MSDTC - ok
13:37:04.0296 6360 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:37:04.0297 6360 Msfs - ok
13:37:04.0299 6360 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:37:04.0299 6360 mshidkmdf - ok
13:37:04.0301 6360 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:37:04.0302 6360 msisadrv - ok
13:37:04.0305 6360 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:37:04.0307 6360 MSiSCSI - ok
13:37:04.0308 6360 msiserver - ok
13:37:04.0311 6360 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:37:04.0312 6360 MSKSSRV - ok
13:37:04.0313 6360 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:37:04.0314 6360 MSPCLOCK - ok
13:37:04.0316 6360 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:37:04.0316 6360 MSPQM - ok
13:37:04.0321 6360 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:37:04.0324 6360 MsRPC - ok
13:37:04.0327 6360 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:37:04.0327 6360 mssmbios - ok
13:37:04.0329 6360 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:37:04.0330 6360 MSTEE - ok
13:37:04.0332 6360 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:37:04.0332 6360 MTConfig - ok
13:37:04.0334 6360 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:37:04.0335 6360 Mup - ok
13:37:04.0340 6360 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:37:04.0344 6360 napagent - ok
13:37:04.0348 6360 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:37:04.0351 6360 NativeWifiP - ok
13:37:04.0360 6360 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:37:04.0366 6360 NDIS - ok
13:37:04.0369 6360 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:37:04.0370 6360 NdisCap - ok
13:37:04.0372 6360 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:37:04.0373 6360 NdisTapi - ok
13:37:04.0375 6360 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:37:04.0376 6360 Ndisuio - ok
13:37:04.0380 6360 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:37:04.0381 6360 NdisWan - ok
13:37:04.0384 6360 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:37:04.0385 6360 NDProxy - ok
13:37:04.0387 6360 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:37:04.0388 6360 NetBIOS - ok
13:37:04.0391 6360 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:37:04.0393 6360 NetBT - ok
13:37:04.0396 6360 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:37:04.0396 6360 Netlogon - ok
13:37:04.0401 6360 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:37:04.0404 6360 Netman - ok
13:37:04.0409 6360 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:37:04.0413 6360 netprofm - ok
13:37:04.0415 6360 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:37:04.0416 6360 NetTcpPortSharing - ok
13:37:04.0418 6360 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:37:04.0419 6360 nfrd960 - ok
13:37:04.0423 6360 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:37:04.0426 6360 NlaSvc - ok
13:37:04.0428 6360 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:37:04.0429 6360 Npfs - ok
13:37:04.0431 6360 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:37:04.0432 6360 nsi - ok
13:37:04.0435 6360 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:37:04.0435 6360 nsiproxy - ok
13:37:04.0450 6360 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:37:04.0462 6360 Ntfs - ok
13:37:04.0464 6360 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:37:04.0465 6360 Null - ok
13:37:04.0468 6360 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
13:37:04.0469 6360 NVHDA - ok
13:37:04.0560 6360 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:37:04.0612 6360 nvlddmkm - ok
13:37:04.0617 6360 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:37:04.0620 6360 nvraid - ok
13:37:04.0623 6360 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:37:04.0626 6360 nvstor - ok
13:37:04.0633 6360 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:37:04.0640 6360 nvsvc - ok
13:37:04.0651 6360 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:37:04.0655 6360 nvUpdatusService - ok
13:37:04.0659 6360 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:37:04.0660 6360 nv_agp - ok
13:37:04.0663 6360 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:37:04.0664 6360 ohci1394 - ok
13:37:04.0668 6360 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:37:04.0672 6360 p2pimsvc - ok
13:37:04.0677 6360 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:37:04.0681 6360 p2psvc - ok
13:37:04.0684 6360 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:37:04.0686 6360 Parport - ok
13:37:04.0688 6360 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:37:04.0689 6360 partmgr - ok
13:37:04.0692 6360 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
13:37:04.0692 6360 PassThru Service - ok
13:37:04.0695 6360 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:37:04.0698 6360 PcaSvc - ok
13:37:04.0701 6360 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:37:04.0703 6360 pci - ok
13:37:04.0705 6360 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:37:04.0705 6360 pciide - ok
13:37:04.0709 6360 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:37:04.0711 6360 pcmcia - ok
13:37:04.0713 6360 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:37:04.0713 6360 pcw - ok
13:37:04.0719 6360 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:37:04.0723 6360 PEAUTH - ok
13:37:04.0742 6360 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:37:04.0743 6360 PerfHost - ok
13:37:04.0756 6360 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:37:04.0766 6360 pla - ok
13:37:04.0771 6360 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:37:04.0776 6360 PlugPlay - ok
13:37:04.0778 6360 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:37:04.0779 6360 PNRPAutoReg - ok
13:37:04.0784 6360 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:37:04.0785 6360 PNRPsvc - ok
13:37:04.0791 6360 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:37:04.0795 6360 PolicyAgent - ok
13:37:04.0799 6360 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:37:04.0801 6360 Power - ok
13:37:04.0804 6360 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:37:04.0805 6360 PptpMiniport - ok
13:37:04.0807 6360 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:37:04.0808 6360 Processor - ok
13:37:04.0812 6360 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:37:04.0814 6360 ProfSvc - ok
13:37:04.0817 6360 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:37:04.0817 6360 ProtectedStorage - ok
13:37:04.0820 6360 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:37:04.0821 6360 Psched - ok
13:37:04.0833 6360 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:37:04.0844 6360 ql2300 - ok
13:37:04.0847 6360 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:37:04.0848 6360 ql40xx - ok
13:37:04.0852 6360 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:37:04.0855 6360 QWAVE - ok
13:37:04.0857 6360 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:37:04.0858 6360 QWAVEdrv - ok
13:37:04.0860 6360 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:37:04.0860 6360 RasAcd - ok
13:37:04.0863 6360 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:37:04.0864 6360 RasAgileVpn - ok
13:37:04.0866 6360 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:37:04.0868 6360 RasAuto - ok
13:37:04.0871 6360 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:37:04.0872 6360 Rasl2tp - ok
13:37:04.0876 6360 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:37:04.0879 6360 RasMan - ok
13:37:04.0882 6360 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:37:04.0883 6360 RasPppoe - ok
13:37:04.0885 6360 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:37:04.0886 6360 RasSstp - ok
13:37:04.0890 6360 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:37:04.0893 6360 rdbss - ok
13:37:04.0895 6360 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:37:04.0896 6360 rdpbus - ok
13:37:04.0897 6360 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:37:04.0898 6360 RDPCDD - ok
13:37:04.0901 6360 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:37:04.0901 6360 RDPENCDD - ok
13:37:04.0904 6360 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:37:04.0905 6360 RDPREFMP - ok
13:37:04.0908 6360 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:37:04.0910 6360 RDPWD - ok
13:37:04.0914 6360 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:37:04.0915 6360 rdyboost - ok
13:37:04.0918 6360 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:37:04.0919 6360 RemoteAccess - ok
13:37:04.0923 6360 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:37:04.0925 6360 RemoteRegistry - ok
13:37:04.0927 6360 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:37:04.0929 6360 RpcEptMapper - ok
13:37:04.0931 6360 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:37:04.0932 6360 RpcLocator - ok
13:37:04.0937 6360 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:37:04.0939 6360 RpcSs - ok
13:37:04.0943 6360 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:37:04.0944 6360 rspndr - ok
13:37:04.0949 6360 [ 0039DE6A0A1293889A3F21ECC473263D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:37:04.0951 6360 RTL8167 - ok
13:37:04.0954 6360 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:37:04.0954 6360 SamSs - ok
13:37:04.0957 6360 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:37:04.0958 6360 sbp2port - ok
13:37:04.0962 6360 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:37:04.0965 6360 SCardSvr - ok
13:37:04.0967 6360 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:37:04.0968 6360 scfilter - ok
13:37:04.0976 6360 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:37:04.0985 6360 Schedule - ok
13:37:04.0988 6360 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:37:04.0988 6360 SCPolicySvc - ok
13:37:04.0991 6360 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:37:04.0993 6360 SDRSVC - ok
13:37:04.0995 6360 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:37:04.0996 6360 secdrv - ok
13:37:04.0998 6360 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:37:04.0999 6360 seclogon - ok
13:37:05.0002 6360 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:37:05.0003 6360 SENS - ok
13:37:05.0005 6360 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:37:05.0006 6360 SensrSvc - ok
13:37:05.0008 6360 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:37:05.0009 6360 Serenum - ok
13:37:05.0011 6360 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:37:05.0012 6360 Serial - ok
13:37:05.0014 6360 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:37:05.0015 6360 sermouse - ok
13:37:05.0020 6360 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:37:05.0022 6360 SessionEnv - ok
13:37:05.0024 6360 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:37:05.0025 6360 sffdisk - ok
13:37:05.0027 6360 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:37:05.0027 6360 sffp_mmc - ok
13:37:05.0029 6360 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:37:05.0030 6360 sffp_sd - ok
13:37:05.0032 6360 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:37:05.0032 6360 sfloppy - ok
13:37:05.0038 6360 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:37:05.0041 6360 ShellHWDetection - ok
13:37:05.0044 6360 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:37:05.0045 6360 SiSRaid2 - ok
13:37:05.0047 6360 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:37:05.0048 6360 SiSRaid4 - ok
13:37:05.0051 6360 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:37:05.0052 6360 Smb - ok
13:37:05.0056 6360 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:37:05.0057 6360 SNMPTRAP - ok
13:37:05.0059 6360 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:37:05.0059 6360 spldr - ok
13:37:05.0065 6360 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
13:37:05.0069 6360 Spooler - ok
13:37:05.0094 6360 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:37:05.0117 6360 sppsvc - ok
13:37:05.0120 6360 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:37:05.0121 6360 sppuinotify - ok
13:37:05.0127 6360 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:37:05.0131 6360 srv - ok
13:37:05.0137 6360 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:37:05.0141 6360 srv2 - ok
13:37:05.0144 6360 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:37:05.0146 6360 srvnet - ok
13:37:05.0150 6360 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:37:05.0152 6360 SSDPSRV - ok
13:37:05.0155 6360 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:37:05.0156 6360 SstpSvc - ok
13:37:05.0159 6360 Steam Client Service - ok
13:37:05.0164 6360 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:37:05.0166 6360 Stereo Service - ok
13:37:05.0168 6360 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:37:05.0169 6360 stexstor - ok
13:37:05.0174 6360 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:37:05.0179 6360 stisvc - ok
13:37:05.0181 6360 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:37:05.0181 6360 swenum - ok
13:37:05.0187 6360 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:37:05.0191 6360 swprv - ok
13:37:05.0205 6360 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:37:05.0216 6360 SysMain - ok
13:37:05.0219 6360 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:37:05.0221 6360 TabletInputService - ok
13:37:05.0225 6360 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:37:05.0228 6360 TapiSrv - ok
13:37:05.0231 6360 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:37:05.0233 6360 TBS - ok
13:37:05.0247 6360 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:37:05.0259 6360 Tcpip - ok
13:37:05.0274 6360 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:37:05.0281 6360 TCPIP6 - ok
13:37:05.0284 6360 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:37:05.0285 6360 tcpipreg - ok
13:37:05.0288 6360 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:37:05.0288 6360 TDPIPE - ok
13:37:05.0291 6360 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:37:05.0291 6360 TDTCP - ok
13:37:05.0294 6360 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:37:05.0295 6360 tdx - ok
13:37:05.0297 6360 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:37:05.0298 6360 TermDD - ok
13:37:05.0304 6360 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:37:05.0309 6360 TermService - ok
13:37:05.0312 6360 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:37:05.0313 6360 Themes - ok
13:37:05.0316 6360 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:37:05.0316 6360 THREADORDER - ok
13:37:05.0319 6360 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:37:05.0321 6360 TrkWks - ok
13:37:05.0324 6360 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:37:05.0325 6360 TrustedInstaller - ok
13:37:05.0328 6360 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:37:05.0329 6360 tssecsrv - ok
13:37:05.0331 6360 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:37:05.0332 6360 TsUsbFlt - ok
13:37:05.0335 6360 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:37:05.0336 6360 tunnel - ok
13:37:05.0338 6360 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:37:05.0339 6360 uagp35 - ok
13:37:05.0343 6360 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:37:05.0346 6360 udfs - ok
13:37:05.0350 6360 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:37:05.0352 6360 UI0Detect - ok
13:37:05.0354 6360 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:37:05.0355 6360 uliagpkx - ok
13:37:05.0357 6360 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:37:05.0358 6360 umbus - ok
13:37:05.0361 6360 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:37:05.0362 6360 UmPass - ok
13:37:05.0366 6360 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:37:05.0370 6360 upnphost - ok
13:37:05.0373 6360 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:37:05.0375 6360 usbaudio - ok
13:37:05.0377 6360 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:37:05.0379 6360 usbccgp - ok
13:37:05.0381 6360 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:37:05.0383 6360 usbcir - ok
13:37:05.0385 6360 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:37:05.0386 6360 usbehci - ok
13:37:05.0391 6360 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:37:05.0394 6360 usbhub - ok
13:37:05.0396 6360 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:37:05.0397 6360 usbohci - ok
13:37:05.0399 6360 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:37:05.0400 6360 usbprint - ok
13:37:05.0403 6360 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:37:05.0404 6360 usbscan - ok
13:37:05.0407 6360 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:37:05.0408 6360 USBSTOR - ok
13:37:05.0410 6360 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:37:05.0411 6360 usbuhci - ok
13:37:05.0413 6360 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:37:05.0414 6360 UxSms - ok
13:37:05.0417 6360 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:37:05.0418 6360 VaultSvc - ok
13:37:05.0421 6360 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:37:05.0421 6360 vdrvroot - ok
13:37:05.0426 6360 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:37:05.0431 6360 vds - ok
13:37:05.0434 6360 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:37:05.0434 6360 vga - ok
13:37:05.0436 6360 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:37:05.0437 6360 VgaSave - ok
13:37:05.0440 6360 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:37:05.0442 6360 vhdmp - ok
13:37:05.0444 6360 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:37:05.0445 6360 viaide - ok
13:37:05.0447 6360 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:37:05.0448 6360 volmgr - ok
13:37:05.0453 6360 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:37:05.0455 6360 volmgrx - ok
13:37:05.0459 6360 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:37:05.0461 6360 volsnap - ok
13:37:05.0464 6360 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:37:05.0466 6360 vsmraid - ok
13:37:05.0479 6360 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:37:05.0490 6360 VSS - ok
13:37:05.0493 6360 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:37:05.0493 6360 vwifibus - ok
13:37:05.0498 6360 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:37:05.0501 6360 W32Time - ok
13:37:05.0505 6360 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:37:05.0506 6360 WacomPen - ok
13:37:05.0508 6360 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:37:05.0509 6360 WANARP - ok
13:37:05.0511 6360 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:37:05.0512 6360 Wanarpv6 - ok
13:37:05.0524 6360 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:37:05.0533 6360 WatAdminSvc - ok
13:37:05.0545 6360 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:37:05.0556 6360 wbengine - ok
13:37:05.0560 6360 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:37:05.0562 6360 WbioSrvc - ok
13:37:05.0567 6360 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:37:05.0570 6360 wcncsvc - ok
13:37:05.0572 6360 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:37:05.0574 6360 WcsPlugInService - ok
13:37:05.0576 6360 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:37:05.0576 6360 Wd - ok
13:37:05.0583 6360 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:37:05.0587 6360 Wdf01000 - ok
13:37:05.0589 6360 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:37:05.0591 6360 WdiServiceHost - ok
13:37:05.0594 6360 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:37:05.0595 6360 WdiSystemHost - ok
13:37:05.0598 6360 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:37:05.0601 6360 WebClient - ok
13:37:05.0605 6360 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:37:05.0607 6360 Wecsvc - ok
13:37:05.0610 6360 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:37:05.0611 6360 wercplsupport - ok
13:37:05.0614 6360 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:37:05.0615 6360 WerSvc - ok
13:37:05.0617 6360 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:37:05.0618 6360 WfpLwf - ok
13:37:05.0619 6360 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:37:05.0620 6360 WIMMount - ok
13:37:05.0622 6360 WinHttpAutoProxySvc - ok
13:37:05.0630 6360 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:37:05.0632 6360 Winmgmt - ok
13:37:05.0648 6360 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:37:05.0662 6360 WinRM - ok
13:37:05.0666 6360 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:37:05.0667 6360 WinUsb - ok
13:37:05.0675 6360 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:37:05.0681 6360 Wlansvc - ok
13:37:05.0684 6360 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:37:05.0684 6360 WmiAcpi - ok
13:37:05.0688 6360 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:37:05.0690 6360 wmiApSrv - ok
13:37:05.0692 6360 WMPNetworkSvc - ok
13:37:05.0694 6360 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:37:05.0696 6360 WPCSvc - ok
13:37:05.0698 6360 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:37:05.0700 6360 WPDBusEnum - ok
13:37:05.0703 6360 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:37:05.0704 6360 ws2ifsl - ok
13:37:05.0705 6360 WSearch - ok
13:37:05.0709 6360 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:37:05.0710 6360 WudfPf - ok
13:37:05.0713 6360 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:37:05.0715 6360 WUDFRd - ok
13:37:05.0717 6360 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:37:05.0719 6360 wudfsvc - ok
13:37:05.0722 6360 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:37:05.0725 6360 WwanSvc - ok
13:37:05.0729 6360 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
13:37:05.0730 6360 xusb21 - ok
13:37:05.0731 6360 ================ Scan global ===============================
13:37:05.0733 6360 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:37:05.0737 6360 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:37:05.0743 6360 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:37:05.0746 6360 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:37:05.0750 6360 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
13:37:05.0754 6360 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
13:37:05.0754 6360 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
13:37:05.0755 6360 ================ Scan MBR ==================================
13:37:05.0756 6360 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:37:05.0835 6360 \Device\Harddisk1\DR1 - ok
13:37:05.0837 6360 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
13:37:05.0888 6360 \Device\Harddisk2\DR2 - ok
13:37:05.0899 6360 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
13:37:05.0951 6360 \Device\Harddisk3\DR3 - ok
13:37:05.0967 6360 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:37:06.0032 6360 \Device\Harddisk0\DR0 - ok
13:37:06.0048 6360 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk4\DR4
13:37:06.0338 6360 \Device\Harddisk4\DR4 - ok
13:37:06.0342 6360 [ 2BDBC086F60BC3CA3E44F97D87AB1E64 ] \Device\Harddisk5\DR5
13:37:06.0458 6360 \Device\Harddisk5\DR5 - ok
13:37:06.0458 6360 ================ Scan VBR ==================================
13:37:06.0460 6360 [ B95D4B6189B8484A63FD897854D463D3 ] \Device\Harddisk1\DR1\Partition1
13:37:06.0462 6360 \Device\Harddisk1\DR1\Partition1 - ok
13:37:06.0464 6360 [ DDD1BC96BA20F9570054D25391C7DF09 ] \Device\Harddisk2\DR2\Partition1
13:37:06.0465 6360 \Device\Harddisk2\DR2\Partition1 - ok
13:37:06.0467 6360 [ 376ACBE056870CEC153D9634D39C642E ] \Device\Harddisk3\DR3\Partition1
13:37:06.0467 6360 \Device\Harddisk3\DR3\Partition1 - ok
13:37:06.0490 6360 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk3\DR3\Partition2
13:37:06.0491 6360 \Device\Harddisk3\DR3\Partition2 - ok
13:37:06.0497 6360 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk3\DR3\Partition3
13:37:06.0497 6360 \Device\Harddisk3\DR3\Partition3 - ok
13:37:06.0499 6360 [ 2D54243F24336BC12737301A1B058227 ] \Device\Harddisk4\DR4\Partition1
13:37:06.0500 6360 \Device\Harddisk4\DR4\Partition1 - ok
13:37:06.0503 6360 [ 0BCD58488CE57426D7A9686667057073 ] \Device\Harddisk5\DR5\Partition1
13:37:06.0504 6360 \Device\Harddisk5\DR5\Partition1 - ok
13:37:06.0505 6360 ============================================================
13:37:06.0505 6360 Scan finished
13:37:06.0505 6360 ============================================================
13:37:06.0511 6364 Detected object count: 1
13:37:06.0511 6364 Actual detected object count: 1
13:37:38.0782 6364 C:\Windows\system32\services.exe - copied to quarantine
13:37:38.0857 6364 C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\@ - copied to quarantine
13:37:38.0857 6364 C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\U\00000001.@ - copied to quarantine
13:37:38.0858 6364 C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\U\80000000.@ - copied to quarantine
13:37:38.0858 6364 C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\U\800000cb.@ - copied to quarantine
13:37:38.0859 6364 C:\Users\lenny\AppData\Local\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\@ - copied to quarantine
13:37:38.0862 6364 C:\Users\lenny\AppData\Local\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\n - copied to quarantine
13:37:39.0984 6364 Backup copy found, using it..
13:37:40.0013 6364 C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\@ - will be deleted on reboot
13:37:40.0013 6364 C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\U\00000001.@ - will be deleted on reboot
13:37:40.0013 6364 C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\U\80000000.@ - will be deleted on reboot
13:37:40.0014 6364 C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\U\800000cb.@ - will be deleted on reboot
13:37:40.0014 6364 C:\Users\lenny\AppData\Local\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\@ - will be deleted on reboot
13:37:40.0014 6364 C:\Users\lenny\AppData\Local\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\n - will be deleted on reboot
13:37:40.0015 6364 C:\Windows\system32\services.exe - will be cured on reboot
13:37:40.0015 6364 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure


aswMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-25 13:46:04
-----------------------------
13:46:04.954 OS Version: Windows x64 6.1.7601 Service Pack 1
13:46:04.954 Number of processors: 4 586 0x2A07
13:46:04.954 ComputerName: LENNY-PC UserName: lenny
13:46:05.109 Initialize success
13:47:08.473 AVAST engine defs: 12112501
13:47:14.083 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-7
13:47:14.093 Disk 0 Vendor: WDC_WD1001FALS-00J7B0 05.00K05 Size: 953869MB BusType: 3
13:47:14.093 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
13:47:14.093 Disk 1 Vendor: M4-CT064M4SSD2 0009 Size: 61057MB BusType: 3
13:47:14.093 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP2T1L0-5
13:47:14.103 Disk 2 Vendor: WDC_WD3000HLFS-01G6U0 04.04V01 Size: 286167MB BusType: 3
13:47:14.103 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IdeDeviceP3T1L0-b
13:47:14.103 Disk 3 Vendor: WDC_WD1001FALS-00J7B0 05.00K05 Size: 953869MB BusType: 3
13:47:14.103 Disk 4 \Device\Harddisk4\DR4 -> \Device\Ide\IdeDeviceP5T0L0-8
13:47:14.113 Disk 4 Vendor: WDC_WD1600AAJS-00B4A0 01.03A01 Size: 152627MB BusType: 3
13:47:14.133 Disk 1 MBR read successfully
13:47:14.133 Disk 1 MBR scan
13:47:14.143 Disk 1 Windows 7 default MBR code
13:47:14.153 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 61055 MB offset 2048
13:47:14.173 Disk 1 scanning C:\Windows\system32\drivers
13:47:16.093 Service scanning
13:47:16.493 Service 78037191 C:\Windows\system32\drivers\57213326.sys **HIDDEN**
13:47:21.364 Modules scanning
13:47:21.364 Disk 1 trace - called modules:
13:47:21.374 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:47:21.384 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800cf8f060]
13:47:21.384 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa800cd894a0]
13:47:21.394 5 ACPI.sys[fffff88000f7f7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa800cd81060]
13:47:21.654 AVAST engine scan C:\Windows
13:47:21.974 AVAST engine scan C:\Windows\system32
13:47:43.038 File: C:\Windows\system32\services.exe **INFECTED** Win32:Patched-AKC [Trj]
13:48:05.782 AVAST engine scan C:\Windows\system32\drivers
13:48:07.912 AVAST engine scan C:\Users\lenny
13:48:19.083 File: C:\Users\lenny\AppData\Local\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\n **INFECTED** Win64:Sirefef-F [Rtk]
13:48:25.994 AVAST engine scan C:\ProgramData
13:48:28.944 Scan finished successfully
13:48:42.455 Disk 1 MBR has been saved successfully to "C:\Users\lenny\Documents\MBR.dat"
13:48:42.455 The log file has been saved successfully to "C:\Users\lenny\Documents\aswMBR.txt"


ESET:

C:\TDSSKiller_Quarantine\25.11.2012_13.35.58\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\25.11.2012_13.35.58\zasubsys0000\zafs0000\tsk0002.dta Win64/Sirefef.AW trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.11.2012_13.35.58\zasubsys0000\zafs0000\tsk0003.dta Win64/Sirefef.AH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.11.2012_13.35.58\zasubsys0000\zafs0000\tsk0005.dta Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\Users\lenny\AppData\Local\Temp\V.class a variant of Java/Exploit.CVE-2011-3544.BQ trojan cleaned by deleting - quarantined
C:\Users\lenny\AppData\Local\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\n Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\lenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\4513968c-3c049474 Java/Exploit.CVE-2012-1723.AU trojan cleaned by deleting - quarantined
C:\Users\lenny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\579efd69-329d9bfb Java/Exploit.CVE-2012-1723.AU trojan cleaned by deleting - quarantined
C:\Users\lenny\AppData\Roaming\Mozilla\Firefox\Profiles\0dlbdseo.default\user.js JS/SecurityDisabler.A.Gen application cleaned by deleting - quarantined
C:\Windows\Installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\U\80000000.@ Win64/Sirefef.AW trojan cleaned by deleting - quarantined
C:\Windows\Installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\U\800000cb.@ Win64/Sirefef.AH trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:43 PM

Posted 25 November 2012 - 03:39 PM

Reboot and run TDSSkiller again and post the log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 s14lenny

s14lenny
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 25 November 2012 - 08:03 PM

TDss:

15:20:26.0640 2796 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:20:27.0277 2796 ============================================================
15:20:27.0277 2796 Current date / time: 2012/11/25 15:20:27.0277
15:20:27.0277 2796 SystemInfo:
15:20:27.0277 2796
15:20:27.0277 2796 OS Version: 6.1.7601 ServicePack: 1.0
15:20:27.0277 2796 Product type: Workstation
15:20:27.0277 2796 ComputerName: LENNY-PC
15:20:27.0277 2796 UserName: lenny
15:20:27.0277 2796 Windows directory: C:\Windows
15:20:27.0277 2796 System windows directory: C:\Windows
15:20:27.0277 2796 Running under WOW64
15:20:27.0277 2796 Processor architecture: Intel x64
15:20:27.0277 2796 Number of processors: 4
15:20:27.0277 2796 Page size: 0x1000
15:20:27.0277 2796 Boot type: Normal boot
15:20:27.0277 2796 ============================================================
15:20:31.0505 2796 BG loaded
15:20:31.0645 2796 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x204E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
15:20:31.0645 2796 Drive \Device\Harddisk1\DR1 - Size: 0x45DD71DE00 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:20:31.0676 2796 Drive \Device\Harddisk4\DR4 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:20:31.0676 2796 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:20:31.0692 2796 Drive \Device\Harddisk3\DR3 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:20:31.0692 2796 Drive \Device\Harddisk5\DR5 - Size: 0x1E1400000 (7.52 Gb), SectorSize: 0x200, Cylinders: 0x3D5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:20:31.0692 2796 ============================================================
15:20:31.0692 2796 \Device\Harddisk0\DR0:
15:20:31.0692 2796 MBR partitions:
15:20:31.0692 2796 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x773F800
15:20:31.0692 2796 \Device\Harddisk1\DR1:
15:20:31.0692 2796 MBR partitions:
15:20:31.0692 2796 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22EEA800
15:20:31.0692 2796 \Device\Harddisk4\DR4:
15:20:31.0692 2796 GPT partitions:
15:20:31.0692 2796 \Device\Harddisk4\DR4\Partition1: GPT, TypeGUID: {5808C8AA-7E8F-42E0-85D2-E1E90434CFB3}, UniqueGUID: {07259065-6B97-11DF-884F-001FD08E81A0}, Name: LDM metadata partition, StartLBA 0x22, BlocksNum 0x800
15:20:31.0692 2796 \Device\Harddisk4\DR4\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A259091F-B6CA-4457-AA40-36D70FD165F8}, Name: Microsoft reserved partition, StartLBA 0x822, BlocksNum 0x3F800
15:20:31.0692 2796 \Device\Harddisk4\DR4\Partition3: GPT, TypeGUID: {AF9B60A0-1431-4F62-BC68-3311714A69AD}, UniqueGUID: {07259068-6B97-11DF-884F-001FD08E81A0}, Name: LDM data partition, StartLBA 0x40022, BlocksNum 0x746C6D6D
15:20:31.0692 2796 MBR partitions:
15:20:31.0692 2796 \Device\Harddisk2\DR2:
15:20:31.0692 2796 MBR partitions:
15:20:31.0692 2796 \Device\Harddisk3\DR3:
15:20:31.0708 2796 MBR partitions:
15:20:31.0708 2796 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
15:20:31.0708 2796 \Device\Harddisk5\DR5:
15:20:31.0708 2796 MBR partitions:
15:20:31.0708 2796 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xF07956
15:20:31.0708 2796 ============================================================
15:20:31.0708 2796 C: <-> \Device\Harddisk0\DR0\Partition1
15:20:31.0723 2796 F: <-> \Device\Harddisk1\DR1\Partition1
15:20:31.0754 2796 H: <-> \Device\Harddisk3\DR3\Partition1
15:20:31.0754 2796 ============================================================
15:20:31.0754 2796 Initialize success
15:20:31.0754 2796 ============================================================
15:20:53.0454 3820 ============================================================
15:20:53.0454 3820 Scan started
15:20:53.0454 3820 Mode: Manual; TDLFS;
15:20:53.0454 3820 ============================================================
15:20:53.0626 3820 ================ Scan system memory ========================
15:20:53.0626 3820 System memory - ok
15:20:53.0626 3820 ================ Scan services =============================
15:20:53.0657 3820 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:20:53.0657 3820 1394ohci - ok
15:20:53.0672 3820 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:20:53.0672 3820 ACPI - ok
15:20:53.0672 3820 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:20:53.0672 3820 AcpiPmi - ok
15:20:53.0672 3820 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:20:53.0672 3820 AdobeARMservice - ok
15:20:53.0688 3820 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:20:53.0688 3820 adp94xx - ok
15:20:53.0688 3820 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:20:53.0688 3820 adpahci - ok
15:20:53.0704 3820 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:20:53.0704 3820 adpu320 - ok
15:20:53.0704 3820 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:20:53.0704 3820 AeLookupSvc - ok
15:20:53.0704 3820 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:20:53.0704 3820 AFD - ok
15:20:53.0704 3820 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:20:53.0719 3820 agp440 - ok
15:20:53.0719 3820 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:20:53.0719 3820 ALG - ok
15:20:53.0719 3820 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:20:53.0719 3820 aliide - ok
15:20:53.0719 3820 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:20:53.0719 3820 amdide - ok
15:20:53.0719 3820 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:20:53.0719 3820 AmdK8 - ok
15:20:53.0719 3820 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:20:53.0735 3820 AmdPPM - ok
15:20:53.0735 3820 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:20:53.0735 3820 amdsata - ok
15:20:53.0735 3820 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:20:53.0735 3820 amdsbs - ok
15:20:53.0735 3820 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:20:53.0735 3820 amdxata - ok
15:20:53.0735 3820 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:20:53.0750 3820 AppID - ok
15:20:53.0750 3820 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:20:53.0750 3820 AppIDSvc - ok
15:20:53.0750 3820 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:20:53.0750 3820 Appinfo - ok
15:20:53.0750 3820 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:20:53.0750 3820 Apple Mobile Device - ok
15:20:53.0750 3820 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
15:20:53.0750 3820 AppleCharger - ok
15:20:53.0766 3820 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
15:20:53.0766 3820 AppleChargerSrv - ok
15:20:53.0766 3820 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:20:53.0766 3820 arc - ok
15:20:53.0766 3820 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:20:53.0766 3820 arcsas - ok
15:20:53.0766 3820 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:20:53.0766 3820 AsyncMac - ok
15:20:53.0766 3820 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:20:53.0766 3820 atapi - ok
15:20:53.0782 3820 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:20:53.0782 3820 AudioEndpointBuilder - ok
15:20:53.0782 3820 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:20:53.0782 3820 AudioSrv - ok
15:20:53.0797 3820 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:20:53.0797 3820 AxInstSV - ok
15:20:53.0797 3820 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:20:53.0797 3820 b06bdrv - ok
15:20:53.0813 3820 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:20:53.0813 3820 b57nd60a - ok
15:20:53.0813 3820 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:20:53.0813 3820 BDESVC - ok
15:20:53.0813 3820 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:20:53.0813 3820 Beep - ok
15:20:53.0813 3820 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:20:53.0813 3820 blbdrive - ok
15:20:53.0828 3820 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:20:53.0828 3820 Bonjour Service - ok
15:20:53.0828 3820 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:20:53.0828 3820 bowser - ok
15:20:53.0828 3820 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:20:53.0828 3820 BrFiltLo - ok
15:20:53.0828 3820 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:20:53.0828 3820 BrFiltUp - ok
15:20:53.0844 3820 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
15:20:53.0844 3820 Browser - ok
15:20:53.0844 3820 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:20:53.0844 3820 Brserid - ok
15:20:53.0844 3820 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:20:53.0844 3820 BrSerWdm - ok
15:20:53.0844 3820 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:20:53.0844 3820 BrUsbMdm - ok
15:20:53.0860 3820 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:20:53.0860 3820 BrUsbSer - ok
15:20:53.0860 3820 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:20:53.0860 3820 BTHMODEM - ok
15:20:53.0860 3820 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:20:53.0860 3820 bthserv - ok
15:20:53.0860 3820 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:20:53.0860 3820 cdfs - ok
15:20:53.0860 3820 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:20:53.0860 3820 cdrom - ok
15:20:53.0875 3820 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:20:53.0875 3820 CertPropSvc - ok
15:20:53.0875 3820 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:20:53.0875 3820 circlass - ok
15:20:53.0875 3820 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:20:53.0875 3820 CLFS - ok
15:20:53.0891 3820 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:20:53.0891 3820 clr_optimization_v2.0.50727_32 - ok
15:20:53.0891 3820 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:20:53.0891 3820 clr_optimization_v2.0.50727_64 - ok
15:20:53.0906 3820 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:20:53.0906 3820 clr_optimization_v4.0.30319_32 - ok
15:20:53.0922 3820 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:20:53.0922 3820 clr_optimization_v4.0.30319_64 - ok
15:20:53.0922 3820 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:20:53.0922 3820 CmBatt - ok
15:20:53.0922 3820 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:20:53.0922 3820 cmdide - ok
15:20:53.0938 3820 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:20:53.0938 3820 CNG - ok
15:20:53.0938 3820 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:20:53.0938 3820 Compbatt - ok
15:20:53.0938 3820 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:20:53.0938 3820 CompositeBus - ok
15:20:53.0938 3820 COMSysApp - ok
15:20:53.0953 3820 cpuz135 - ok
15:20:53.0953 3820 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:20:53.0953 3820 crcdisk - ok
15:20:53.0984 3820 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:20:53.0984 3820 CryptSvc - ok
15:20:54.0047 3820 [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc f:\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe
15:20:54.0047 3820 DAUpdaterSvc - ok
15:20:54.0047 3820 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:20:54.0062 3820 DcomLaunch - ok
15:20:54.0062 3820 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:20:54.0062 3820 defragsvc - ok
15:20:54.0062 3820 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:20:54.0062 3820 DfsC - ok
15:20:54.0062 3820 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:20:54.0078 3820 Dhcp - ok
15:20:54.0078 3820 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:20:54.0078 3820 discache - ok
15:20:54.0078 3820 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:20:54.0078 3820 Disk - ok
15:20:54.0078 3820 dldt_device - ok
15:20:54.0078 3820 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:20:54.0078 3820 Dnscache - ok
15:20:54.0094 3820 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:20:54.0094 3820 dot3svc - ok
15:20:54.0094 3820 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:20:54.0094 3820 DPS - ok
15:20:54.0094 3820 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:20:54.0094 3820 drmkaud - ok
15:20:54.0109 3820 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:20:54.0109 3820 DXGKrnl - ok
15:20:54.0109 3820 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:20:54.0109 3820 EapHost - ok
15:20:54.0109 3820 easytether - ok
15:20:54.0140 3820 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:20:54.0156 3820 ebdrv - ok
15:20:54.0172 3820 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:20:54.0172 3820 EFS - ok
15:20:54.0172 3820 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:20:54.0172 3820 ehRecvr - ok
15:20:54.0187 3820 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:20:54.0187 3820 ehSched - ok
15:20:54.0187 3820 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:20:54.0187 3820 elxstor - ok
15:20:54.0203 3820 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:20:54.0203 3820 ErrDev - ok
15:20:54.0203 3820 [ DB6AEC32FAF5BD002D9ED6C38692D42B ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
15:20:54.0203 3820 EtronHub3 - ok
15:20:54.0203 3820 [ 9CC2F24274741E12F9DF92125EA6D6D8 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
15:20:54.0203 3820 EtronXHCI - ok
15:20:54.0203 3820 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:20:54.0203 3820 EventSystem - ok
15:20:54.0218 3820 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:20:54.0218 3820 exfat - ok
15:20:54.0218 3820 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:20:54.0218 3820 fastfat - ok
15:20:54.0218 3820 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:20:54.0234 3820 Fax - ok
15:20:54.0234 3820 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:20:54.0234 3820 fdc - ok
15:20:54.0234 3820 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:20:54.0234 3820 fdPHost - ok
15:20:54.0234 3820 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:20:54.0234 3820 FDResPub - ok
15:20:54.0234 3820 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:20:54.0234 3820 FileInfo - ok
15:20:54.0234 3820 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:20:54.0234 3820 Filetrace - ok
15:20:54.0250 3820 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:20:54.0250 3820 flpydisk - ok
15:20:54.0250 3820 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:20:54.0250 3820 FltMgr - ok
15:20:54.0265 3820 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:20:54.0265 3820 FontCache - ok
15:20:54.0265 3820 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:20:54.0265 3820 FontCache3.0.0.0 - ok
15:20:54.0265 3820 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:20:54.0265 3820 FsDepends - ok
15:20:54.0281 3820 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:20:54.0281 3820 Fs_Rec - ok
15:20:54.0281 3820 [ 0D015D3584704EC814A58276232F143B ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
15:20:54.0281 3820 Futuremark SystemInfo Service - ok
15:20:54.0281 3820 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:20:54.0281 3820 fvevol - ok
15:20:54.0281 3820 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:20:54.0281 3820 gagp30kx - ok
15:20:54.0296 3820 gdrv - ok
15:20:54.0296 3820 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:20:54.0296 3820 GEARAspiWDM - ok
15:20:54.0296 3820 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:20:54.0296 3820 gpsvc - ok
15:20:54.0312 3820 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:20:54.0312 3820 hcw85cir - ok
15:20:54.0312 3820 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:20:54.0312 3820 HdAudAddService - ok
15:20:54.0312 3820 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:20:54.0312 3820 HDAudBus - ok
15:20:54.0312 3820 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:20:54.0312 3820 HidBatt - ok
15:20:54.0328 3820 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:20:54.0328 3820 HidBth - ok
15:20:54.0328 3820 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:20:54.0328 3820 HidIr - ok
15:20:54.0328 3820 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:20:54.0328 3820 hidserv - ok
15:20:54.0328 3820 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:20:54.0328 3820 HidUsb - ok
15:20:54.0328 3820 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:20:54.0343 3820 hkmsvc - ok
15:20:54.0343 3820 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:20:54.0343 3820 HomeGroupListener - ok
15:20:54.0343 3820 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:20:54.0343 3820 HomeGroupProvider - ok
15:20:54.0343 3820 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:20:54.0343 3820 HpSAMD - ok
15:20:54.0359 3820 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:20:54.0359 3820 HTCAND64 - ok
15:20:54.0359 3820 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
15:20:54.0359 3820 htcnprot - ok
15:20:54.0359 3820 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:20:54.0359 3820 HTTP - ok
15:20:54.0374 3820 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:20:54.0374 3820 hwpolicy - ok
15:20:54.0374 3820 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:20:54.0374 3820 i8042prt - ok
15:20:54.0374 3820 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:20:54.0390 3820 iaStorV - ok
15:20:54.0390 3820 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:20:54.0390 3820 idsvc - ok
15:20:54.0484 3820 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:20:54.0546 3820 igfx - ok
15:20:54.0562 3820 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:20:54.0562 3820 iirsp - ok
15:20:54.0562 3820 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:20:54.0562 3820 IKEEXT - ok
15:20:54.0593 3820 [ 98F4E841EA43ED5A442F0DC60CAB4326 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:20:54.0593 3820 IntcAzAudAddService - ok
15:20:54.0608 3820 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:20:54.0608 3820 IntcDAud - ok
15:20:54.0608 3820 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:20:54.0608 3820 intelide - ok
15:20:54.0608 3820 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:20:54.0608 3820 intelppm - ok
15:20:54.0608 3820 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:20:54.0624 3820 IPBusEnum - ok
15:20:54.0624 3820 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:20:54.0624 3820 IpFilterDriver - ok
15:20:54.0624 3820 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:20:54.0624 3820 IPMIDRV - ok
15:20:54.0624 3820 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:20:54.0624 3820 IPNAT - ok
15:20:54.0640 3820 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:20:54.0640 3820 iPod Service - ok
15:20:54.0640 3820 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:20:54.0640 3820 IRENUM - ok
15:20:54.0640 3820 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:20:54.0640 3820 isapnp - ok
15:20:54.0655 3820 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:20:54.0655 3820 iScsiPrt - ok
15:20:54.0655 3820 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:20:54.0655 3820 kbdclass - ok
15:20:54.0655 3820 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:20:54.0655 3820 kbdhid - ok
15:20:54.0655 3820 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:20:54.0655 3820 KeyIso - ok
15:20:54.0655 3820 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:20:54.0655 3820 KSecDD - ok
15:20:54.0671 3820 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:20:54.0671 3820 KSecPkg - ok
15:20:54.0671 3820 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:20:54.0671 3820 ksthunk - ok
15:20:54.0671 3820 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:20:54.0671 3820 KtmRm - ok
15:20:54.0686 3820 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:20:54.0686 3820 LanmanServer - ok
15:20:54.0686 3820 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:20:54.0686 3820 LanmanWorkstation - ok
15:20:54.0686 3820 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:20:54.0686 3820 lltdio - ok
15:20:54.0686 3820 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:20:54.0702 3820 lltdsvc - ok
15:20:54.0702 3820 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:20:54.0702 3820 lmhosts - ok
15:20:54.0702 3820 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:20:54.0702 3820 LSI_FC - ok
15:20:54.0702 3820 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:20:54.0702 3820 LSI_SAS - ok
15:20:54.0702 3820 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:20:54.0702 3820 LSI_SAS2 - ok
15:20:54.0718 3820 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:20:54.0718 3820 LSI_SCSI - ok
15:20:54.0718 3820 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:20:54.0718 3820 luafv - ok
15:20:54.0718 3820 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:20:54.0718 3820 Mcx2Svc - ok
15:20:54.0718 3820 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:20:54.0718 3820 megasas - ok
15:20:54.0733 3820 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:20:54.0733 3820 MegaSR - ok
15:20:54.0733 3820 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:20:54.0733 3820 MEIx64 - ok
15:20:54.0733 3820 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:20:54.0733 3820 MMCSS - ok
15:20:54.0733 3820 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:20:54.0733 3820 Modem - ok
15:20:54.0733 3820 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:20:54.0733 3820 monitor - ok
15:20:54.0733 3820 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:20:54.0733 3820 mouclass - ok
15:20:54.0749 3820 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:20:54.0749 3820 mouhid - ok
15:20:54.0749 3820 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:20:54.0749 3820 mountmgr - ok
15:20:54.0749 3820 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:20:54.0749 3820 mpio - ok
15:20:54.0749 3820 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:20:54.0749 3820 mpsdrv - ok
15:20:54.0764 3820 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:20:54.0764 3820 MRxDAV - ok
15:20:54.0764 3820 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:20:54.0764 3820 mrxsmb - ok
15:20:54.0764 3820 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:20:54.0764 3820 mrxsmb10 - ok
15:20:54.0764 3820 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:20:54.0764 3820 mrxsmb20 - ok
15:20:54.0780 3820 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:20:54.0780 3820 msahci - ok
15:20:54.0780 3820 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:20:54.0780 3820 msdsm - ok
15:20:54.0780 3820 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:20:54.0780 3820 MSDTC - ok
15:20:54.0780 3820 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:20:54.0780 3820 Msfs - ok
15:20:54.0796 3820 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:20:54.0796 3820 mshidkmdf - ok
15:20:54.0796 3820 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:20:54.0796 3820 msisadrv - ok
15:20:54.0796 3820 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:20:54.0796 3820 MSiSCSI - ok
15:20:54.0796 3820 msiserver - ok
15:20:54.0796 3820 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:20:54.0796 3820 MSKSSRV - ok
15:20:54.0811 3820 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:20:54.0811 3820 MSPCLOCK - ok
15:20:54.0811 3820 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:20:54.0811 3820 MSPQM - ok
15:20:54.0811 3820 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:20:54.0811 3820 MsRPC - ok
15:20:54.0811 3820 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:20:54.0811 3820 mssmbios - ok
15:20:54.0811 3820 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:20:54.0827 3820 MSTEE - ok
15:20:54.0827 3820 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:20:54.0827 3820 MTConfig - ok
15:20:54.0827 3820 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:20:54.0827 3820 Mup - ok
15:20:54.0827 3820 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:20:54.0827 3820 napagent - ok
15:20:54.0842 3820 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:20:54.0842 3820 NativeWifiP - ok
15:20:54.0842 3820 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:20:54.0858 3820 NDIS - ok
15:20:54.0858 3820 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:20:54.0858 3820 NdisCap - ok
15:20:54.0858 3820 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:20:54.0858 3820 NdisTapi - ok
15:20:54.0858 3820 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:20:54.0858 3820 Ndisuio - ok
15:20:54.0858 3820 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:20:54.0858 3820 NdisWan - ok
15:20:54.0874 3820 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:20:54.0874 3820 NDProxy - ok
15:20:54.0874 3820 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:20:54.0874 3820 NetBIOS - ok
15:20:54.0874 3820 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:20:54.0874 3820 NetBT - ok
15:20:54.0874 3820 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:20:54.0874 3820 Netlogon - ok
15:20:54.0889 3820 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:20:54.0889 3820 Netman - ok
15:20:54.0889 3820 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:20:54.0889 3820 netprofm - ok
15:20:54.0889 3820 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:20:54.0889 3820 NetTcpPortSharing - ok
15:20:54.0905 3820 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:20:54.0905 3820 nfrd960 - ok
15:20:54.0905 3820 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:20:54.0905 3820 NlaSvc - ok
15:20:54.0905 3820 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:20:54.0905 3820 Npfs - ok
15:20:54.0905 3820 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:20:54.0905 3820 nsi - ok
15:20:54.0905 3820 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:20:54.0905 3820 nsiproxy - ok
15:20:54.0920 3820 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:20:54.0936 3820 Ntfs - ok
15:20:54.0936 3820 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:20:54.0936 3820 Null - ok
15:20:54.0936 3820 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:20:54.0936 3820 NVHDA - ok
15:20:55.0030 3820 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:20:55.0076 3820 nvlddmkm - ok
15:20:55.0092 3820 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:20:55.0092 3820 nvraid - ok
15:20:55.0092 3820 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:20:55.0092 3820 nvstor - ok
15:20:55.0108 3820 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:20:55.0108 3820 nvsvc - ok
15:20:55.0123 3820 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:20:55.0123 3820 nvUpdatusService - ok
15:20:55.0123 3820 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:20:55.0123 3820 nv_agp - ok
15:20:55.0123 3820 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:20:55.0139 3820 ohci1394 - ok
15:20:55.0139 3820 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:20:55.0139 3820 p2pimsvc - ok
15:20:55.0139 3820 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:20:55.0154 3820 p2psvc - ok
15:20:55.0154 3820 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:20:55.0154 3820 Parport - ok
15:20:55.0154 3820 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:20:55.0154 3820 partmgr - ok
15:20:55.0154 3820 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:20:55.0154 3820 PassThru Service - ok
15:20:55.0154 3820 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:20:55.0170 3820 PcaSvc - ok
15:20:55.0170 3820 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:20:55.0170 3820 pci - ok
15:20:55.0170 3820 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:20:55.0170 3820 pciide - ok
15:20:55.0170 3820 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:20:55.0170 3820 pcmcia - ok
15:20:55.0186 3820 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:20:55.0186 3820 pcw - ok
15:20:55.0186 3820 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:20:55.0186 3820 PEAUTH - ok
15:20:55.0201 3820 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:20:55.0201 3820 PerfHost - ok
15:20:55.0217 3820 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:20:55.0232 3820 pla - ok
15:20:55.0232 3820 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:20:55.0232 3820 PlugPlay - ok
15:20:55.0232 3820 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:20:55.0248 3820 PNRPAutoReg - ok
15:20:55.0248 3820 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:20:55.0248 3820 PNRPsvc - ok
15:20:55.0248 3820 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:20:55.0264 3820 PolicyAgent - ok
15:20:55.0264 3820 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:20:55.0264 3820 Power - ok
15:20:55.0264 3820 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:20:55.0264 3820 PptpMiniport - ok
15:20:55.0264 3820 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:20:55.0264 3820 Processor - ok
15:20:55.0264 3820 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:20:55.0279 3820 ProfSvc - ok
15:20:55.0279 3820 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:20:55.0279 3820 ProtectedStorage - ok
15:20:55.0279 3820 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:20:55.0279 3820 Psched - ok
15:20:55.0295 3820 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:20:55.0295 3820 ql2300 - ok
15:20:55.0310 3820 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:20:55.0310 3820 ql40xx - ok
15:20:55.0310 3820 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:20:55.0310 3820 QWAVE - ok
15:20:55.0310 3820 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:20:55.0310 3820 QWAVEdrv - ok
15:20:55.0310 3820 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:20:55.0310 3820 RasAcd - ok
15:20:55.0326 3820 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:20:55.0326 3820 RasAgileVpn - ok
15:20:55.0326 3820 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:20:55.0326 3820 RasAuto - ok
15:20:55.0326 3820 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:20:55.0326 3820 Rasl2tp - ok
15:20:55.0326 3820 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:20:55.0326 3820 RasMan - ok
15:20:55.0342 3820 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:20:55.0342 3820 RasPppoe - ok
15:20:55.0342 3820 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:20:55.0342 3820 RasSstp - ok
15:20:55.0342 3820 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:20:55.0342 3820 rdbss - ok
15:20:55.0342 3820 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:20:55.0342 3820 rdpbus - ok
15:20:55.0342 3820 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:20:55.0342 3820 RDPCDD - ok
15:20:55.0357 3820 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:20:55.0357 3820 RDPENCDD - ok
15:20:55.0357 3820 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:20:55.0357 3820 RDPREFMP - ok
15:20:55.0357 3820 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:20:55.0357 3820 RDPWD - ok
15:20:55.0357 3820 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:20:55.0373 3820 rdyboost - ok
15:20:55.0373 3820 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:20:55.0373 3820 RemoteAccess - ok
15:20:55.0373 3820 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:20:55.0373 3820 RemoteRegistry - ok
15:20:55.0373 3820 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:20:55.0373 3820 RpcEptMapper - ok
15:20:55.0373 3820 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:20:55.0388 3820 RpcLocator - ok
15:20:55.0388 3820 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:20:55.0388 3820 RpcSs - ok
15:20:55.0388 3820 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:20:55.0388 3820 rspndr - ok
15:20:55.0404 3820 [ 0039DE6A0A1293889A3F21ECC473263D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:20:55.0404 3820 RTL8167 - ok
15:20:55.0404 3820 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:20:55.0404 3820 SamSs - ok
15:20:55.0404 3820 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:20:55.0404 3820 sbp2port - ok
15:20:55.0404 3820 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:20:55.0404 3820 SCardSvr - ok
15:20:55.0420 3820 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:20:55.0420 3820 scfilter - ok
15:20:55.0420 3820 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:20:55.0420 3820 Schedule - ok
15:20:55.0435 3820 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:20:55.0435 3820 SCPolicySvc - ok
15:20:55.0435 3820 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:20:55.0435 3820 SDRSVC - ok
15:20:55.0435 3820 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:20:55.0435 3820 secdrv - ok
15:20:55.0435 3820 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:20:55.0435 3820 seclogon - ok
15:20:55.0435 3820 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:20:55.0451 3820 SENS - ok
15:20:55.0451 3820 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:20:55.0451 3820 SensrSvc - ok
15:20:55.0451 3820 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:20:55.0451 3820 Serenum - ok
15:20:55.0451 3820 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:20:55.0451 3820 Serial - ok
15:20:55.0451 3820 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:20:55.0451 3820 sermouse - ok
15:20:55.0466 3820 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:20:55.0466 3820 SessionEnv - ok
15:20:55.0466 3820 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:20:55.0466 3820 sffdisk - ok
15:20:55.0466 3820 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:20:55.0466 3820 sffp_mmc - ok
15:20:55.0466 3820 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:20:55.0466 3820 sffp_sd - ok
15:20:55.0466 3820 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:20:55.0466 3820 sfloppy - ok
15:20:55.0482 3820 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:20:55.0482 3820 ShellHWDetection - ok
15:20:55.0482 3820 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:20:55.0482 3820 SiSRaid2 - ok
15:20:55.0482 3820 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:20:55.0482 3820 SiSRaid4 - ok
15:20:55.0482 3820 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:20:55.0482 3820 Smb - ok
15:20:55.0498 3820 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:20:55.0498 3820 SNMPTRAP - ok
15:20:55.0498 3820 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:20:55.0498 3820 spldr - ok
15:20:55.0498 3820 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
15:20:55.0498 3820 Spooler - ok
15:20:55.0529 3820 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:20:55.0544 3820 sppsvc - ok
15:20:55.0544 3820 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:20:55.0560 3820 sppuinotify - ok
15:20:55.0560 3820 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:20:55.0560 3820 srv - ok
15:20:55.0560 3820 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:20:55.0560 3820 srv2 - ok
15:20:55.0576 3820 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:20:55.0576 3820 srvnet - ok
15:20:55.0576 3820 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:20:55.0576 3820 SSDPSRV - ok
15:20:55.0576 3820 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:20:55.0576 3820 SstpSvc - ok
15:20:55.0591 3820 Steam Client Service - ok
15:20:55.0591 3820 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:20:55.0591 3820 Stereo Service - ok
15:20:55.0591 3820 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:20:55.0591 3820 stexstor - ok
15:20:55.0607 3820 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:20:55.0607 3820 stisvc - ok
15:20:55.0607 3820 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:20:55.0607 3820 swenum - ok
15:20:55.0607 3820 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:20:55.0607 3820 swprv - ok
15:20:55.0622 3820 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:20:55.0638 3820 SysMain - ok
15:20:55.0638 3820 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:20:55.0638 3820 TabletInputService - ok
15:20:55.0638 3820 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:20:55.0654 3820 TapiSrv - ok
15:20:55.0654 3820 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:20:55.0654 3820 TBS - ok
15:20:55.0669 3820 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:20:55.0685 3820 Tcpip - ok
15:20:55.0685 3820 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:20:55.0700 3820 TCPIP6 - ok
15:20:55.0700 3820 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:20:55.0700 3820 tcpipreg - ok
15:20:55.0700 3820 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:20:55.0700 3820 TDPIPE - ok
15:20:55.0716 3820 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:20:55.0716 3820 TDTCP - ok
15:20:55.0716 3820 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:20:55.0716 3820 tdx - ok
15:20:55.0716 3820 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:20:55.0716 3820 TermDD - ok
15:20:55.0716 3820 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:20:55.0732 3820 TermService - ok
15:20:55.0732 3820 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:20:55.0732 3820 Themes - ok
15:20:55.0732 3820 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:20:55.0732 3820 THREADORDER - ok
15:20:55.0732 3820 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:20:55.0732 3820 TrkWks - ok
15:20:55.0732 3820 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:20:55.0747 3820 TrustedInstaller - ok
15:20:55.0747 3820 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:20:55.0747 3820 tssecsrv - ok
15:20:55.0747 3820 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:20:55.0747 3820 TsUsbFlt - ok
15:20:55.0747 3820 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:20:55.0747 3820 tunnel - ok
15:20:55.0747 3820 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:20:55.0747 3820 uagp35 - ok
15:20:55.0763 3820 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:20:55.0763 3820 udfs - ok
15:20:55.0763 3820 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:20:55.0763 3820 UI0Detect - ok
15:20:55.0763 3820 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:20:55.0763 3820 uliagpkx - ok
15:20:55.0778 3820 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:20:55.0778 3820 umbus - ok
15:20:55.0778 3820 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:20:55.0778 3820 UmPass - ok
15:20:55.0778 3820 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:20:55.0778 3820 upnphost - ok
15:20:55.0778 3820 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:20:55.0794 3820 usbaudio - ok
15:20:55.0794 3820 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:20:55.0794 3820 usbccgp - ok
15:20:55.0794 3820 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:20:55.0794 3820 usbcir - ok
15:20:55.0794 3820 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:20:55.0794 3820 usbehci - ok
15:20:55.0794 3820 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:20:55.0810 3820 usbhub - ok
15:20:55.0810 3820 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:20:55.0810 3820 usbohci - ok
15:20:55.0810 3820 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:20:55.0810 3820 usbprint - ok
15:20:55.0810 3820 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:20:55.0810 3820 usbscan - ok
15:20:55.0810 3820 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:20:55.0810 3820 USBSTOR - ok
15:20:55.0810 3820 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:20:55.0810 3820 usbuhci - ok
15:20:55.0825 3820 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:20:55.0825 3820 UxSms - ok
15:20:55.0825 3820 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:20:55.0825 3820 VaultSvc - ok
15:20:55.0825 3820 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:20:55.0825 3820 vdrvroot - ok
15:20:55.0825 3820 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:20:55.0841 3820 vds - ok
15:20:55.0841 3820 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:20:55.0841 3820 vga - ok
15:20:55.0841 3820 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:20:55.0841 3820 VgaSave - ok
15:20:55.0841 3820 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:20:55.0841 3820 vhdmp - ok
15:20:55.0841 3820 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:20:55.0841 3820 viaide - ok
15:20:55.0856 3820 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:20:55.0856 3820 volmgr - ok
15:20:55.0856 3820 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:20:55.0856 3820 volmgrx - ok
15:20:55.0856 3820 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:20:55.0872 3820 volsnap - ok
15:20:55.0872 3820 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:20:55.0872 3820 vsmraid - ok
15:20:55.0888 3820 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:20:55.0888 3820 VSS - ok
15:20:55.0888 3820 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:20:55.0888 3820 vwifibus - ok
15:20:55.0903 3820 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:20:55.0903 3820 W32Time - ok
15:20:55.0903 3820 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:20:55.0903 3820 WacomPen - ok
15:20:55.0903 3820 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:20:55.0903 3820 WANARP - ok
15:20:55.0903 3820 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:20:55.0903 3820 Wanarpv6 - ok
15:20:55.0919 3820 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:20:55.0934 3820 WatAdminSvc - ok
15:20:55.0950 3820 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:20:55.0950 3820 wbengine - ok
15:20:55.0950 3820 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:20:55.0966 3820 WbioSrvc - ok
15:20:55.0966 3820 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:20:55.0966 3820 wcncsvc - ok
15:20:55.0966 3820 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:20:55.0966 3820 WcsPlugInService - ok
15:20:55.0966 3820 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:20:55.0966 3820 Wd - ok
15:20:55.0981 3820 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:20:55.0981 3820 Wdf01000 - ok
15:20:55.0981 3820 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:20:55.0981 3820 WdiServiceHost - ok
15:20:55.0981 3820 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:20:55.0997 3820 WdiSystemHost - ok
15:20:55.0997 3820 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:20:55.0997 3820 WebClient - ok
15:20:55.0997 3820 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:20:55.0997 3820 Wecsvc - ok
15:20:55.0997 3820 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:20:56.0012 3820 wercplsupport - ok
15:20:56.0012 3820 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:20:56.0012 3820 WerSvc - ok
15:20:56.0012 3820 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:20:56.0012 3820 WfpLwf - ok
15:20:56.0012 3820 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:20:56.0012 3820 WIMMount - ok
15:20:56.0012 3820 WinHttpAutoProxySvc - ok
15:20:56.0028 3820 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:20:56.0028 3820 Winmgmt - ok
15:20:56.0044 3820 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:20:56.0059 3820 WinRM - ok
15:20:56.0059 3820 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:20:56.0059 3820 WinUsb - ok
15:20:56.0059 3820 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:20:56.0075 3820 Wlansvc - ok
15:20:56.0075 3820 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:20:56.0075 3820 WmiAcpi - ok
15:20:56.0075 3820 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:20:56.0075 3820 wmiApSrv - ok
15:20:56.0075 3820 WMPNetworkSvc - ok
15:20:56.0090 3820 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:20:56.0090 3820 WPCSvc - ok
15:20:56.0090 3820 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:20:56.0090 3820 WPDBusEnum - ok
15:20:56.0090 3820 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:20:56.0090 3820 ws2ifsl - ok
15:20:56.0090 3820 WSearch - ok
15:20:56.0090 3820 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:20:56.0090 3820 WudfPf - ok
15:20:56.0106 3820 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:20:56.0106 3820 WUDFRd - ok
15:20:56.0106 3820 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:20:56.0106 3820 wudfsvc - ok
15:20:56.0106 3820 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:20:56.0122 3820 WwanSvc - ok
15:20:56.0122 3820 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:20:56.0122 3820 xusb21 - ok
15:20:56.0122 3820 ================ Scan global ===============================
15:20:56.0122 3820 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:20:56.0122 3820 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:20:56.0137 3820 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:20:56.0137 3820 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:20:56.0137 3820 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:20:56.0137 3820 [Global] - ok
15:20:56.0137 3820 ================ Scan MBR ==================================
15:20:56.0137 3820 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:20:56.0215 3820 \Device\Harddisk0\DR0 - ok
15:20:56.0278 3820 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:20:56.0371 3820 \Device\Harddisk1\DR1 - ok
15:20:56.0371 3820 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
15:20:56.0434 3820 \Device\Harddisk4\DR4 - ok
15:20:56.0465 3820 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
15:20:56.0527 3820 \Device\Harddisk2\DR2 - ok
15:20:56.0543 3820 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk3\DR3
15:20:56.0824 3820 \Device\Harddisk3\DR3 - ok
15:20:56.0824 3820 [ 2BDBC086F60BC3CA3E44F97D87AB1E64 ] \Device\Harddisk5\DR5
15:20:56.0933 3820 \Device\Harddisk5\DR5 - ok
15:20:56.0933 3820 ================ Scan VBR ==================================
15:20:56.0933 3820 [ B95D4B6189B8484A63FD897854D463D3 ] \Device\Harddisk0\DR0\Partition1
15:20:56.0933 3820 \Device\Harddisk0\DR0\Partition1 - ok
15:20:56.0933 3820 [ DDD1BC96BA20F9570054D25391C7DF09 ] \Device\Harddisk1\DR1\Partition1
15:20:56.0933 3820 \Device\Harddisk1\DR1\Partition1 - ok
15:20:56.0933 3820 [ 376ACBE056870CEC153D9634D39C642E ] \Device\Harddisk4\DR4\Partition1
15:20:56.0933 3820 \Device\Harddisk4\DR4\Partition1 - ok
15:20:56.0948 3820 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk4\DR4\Partition2
15:20:56.0948 3820 \Device\Harddisk4\DR4\Partition2 - ok
15:20:56.0964 3820 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk4\DR4\Partition3
15:20:56.0964 3820 \Device\Harddisk4\DR4\Partition3 - ok
15:20:56.0964 3820 [ 2D54243F24336BC12737301A1B058227 ] \Device\Harddisk3\DR3\Partition1
15:20:56.0964 3820 \Device\Harddisk3\DR3\Partition1 - ok
15:20:56.0964 3820 [ 0BCD58488CE57426D7A9686667057073 ] \Device\Harddisk5\DR5\Partition1
15:20:56.0964 3820 \Device\Harddisk5\DR5\Partition1 - ok
15:20:56.0964 3820 ============================================================
15:20:56.0964 3820 Scan finished
15:20:56.0964 3820 ============================================================
15:20:56.0964 3812 Detected object count: 0
15:20:56.0964 3812 Actual detected object count: 0
15:21:01.0410 3888 ============================================================
15:21:01.0410 3888 Scan started
15:21:01.0410 3888 Mode: Manual; TDLFS;
15:21:01.0410 3888 ============================================================
15:21:01.0488 3888 ================ Scan system memory ========================
15:21:01.0488 3888 System memory - ok
15:21:01.0488 3888 ================ Scan services =============================
15:21:01.0504 3888 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:21:01.0519 3888 1394ohci - ok
15:21:01.0519 3888 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:21:01.0519 3888 ACPI - ok
15:21:01.0519 3888 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:21:01.0519 3888 AcpiPmi - ok
15:21:01.0519 3888 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:21:01.0519 3888 AdobeARMservice - ok
15:21:01.0535 3888 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:21:01.0535 3888 adp94xx - ok
15:21:01.0535 3888 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:21:01.0535 3888 adpahci - ok
15:21:01.0535 3888 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:21:01.0550 3888 adpu320 - ok
15:21:01.0550 3888 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:21:01.0550 3888 AeLookupSvc - ok
15:21:01.0550 3888 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:21:01.0550 3888 AFD - ok
15:21:01.0550 3888 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:21:01.0550 3888 agp440 - ok
15:21:01.0566 3888 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:21:01.0566 3888 ALG - ok
15:21:01.0566 3888 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:21:01.0566 3888 aliide - ok
15:21:01.0566 3888 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:21:01.0566 3888 amdide - ok
15:21:01.0566 3888 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:21:01.0566 3888 AmdK8 - ok
15:21:01.0566 3888 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:21:01.0566 3888 AmdPPM - ok
15:21:01.0566 3888 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:21:01.0566 3888 amdsata - ok
15:21:01.0582 3888 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:21:01.0582 3888 amdsbs - ok
15:21:01.0582 3888 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:21:01.0582 3888 amdxata - ok
15:21:01.0582 3888 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:21:01.0582 3888 AppID - ok
15:21:01.0582 3888 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:21:01.0582 3888 AppIDSvc - ok
15:21:01.0582 3888 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:21:01.0582 3888 Appinfo - ok
15:21:01.0597 3888 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:21:01.0597 3888 Apple Mobile Device - ok
15:21:01.0597 3888 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
15:21:01.0597 3888 AppleCharger - ok
15:21:01.0597 3888 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
15:21:01.0597 3888 AppleChargerSrv - ok
15:21:01.0597 3888 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:21:01.0597 3888 arc - ok
15:21:01.0597 3888 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:21:01.0597 3888 arcsas - ok
15:21:01.0597 3888 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:21:01.0597 3888 AsyncMac - ok
15:21:01.0613 3888 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:21:01.0613 3888 atapi - ok
15:21:01.0613 3888 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:21:01.0613 3888 AudioEndpointBuilder - ok
15:21:01.0613 3888 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:21:01.0628 3888 AudioSrv - ok
15:21:01.0628 3888 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:21:01.0628 3888 AxInstSV - ok
15:21:01.0628 3888 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:21:01.0628 3888 b06bdrv - ok
15:21:01.0644 3888 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:21:01.0644 3888 b57nd60a - ok
15:21:01.0644 3888 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:21:01.0644 3888 BDESVC - ok
15:21:01.0644 3888 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:21:01.0644 3888 Beep - ok
15:21:01.0644 3888 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:21:01.0644 3888 blbdrive - ok
15:21:01.0660 3888 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:21:01.0660 3888 Bonjour Service - ok
15:21:01.0660 3888 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:21:01.0660 3888 bowser - ok
15:21:01.0660 3888 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:21:01.0660 3888 BrFiltLo - ok
15:21:01.0660 3888 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:21:01.0660 3888 BrFiltUp - ok
15:21:01.0660 3888 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
15:21:01.0660 3888 Browser - ok
15:21:01.0675 3888 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:21:01.0675 3888 Brserid - ok
15:21:01.0675 3888 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:21:01.0675 3888 BrSerWdm - ok
15:21:01.0675 3888 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:21:01.0675 3888 BrUsbMdm - ok
15:21:01.0675 3888 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:21:01.0675 3888 BrUsbSer - ok
15:21:01.0675 3888 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:21:01.0675 3888 BTHMODEM - ok
15:21:01.0675 3888 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:21:01.0675 3888 bthserv - ok
15:21:01.0691 3888 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:21:01.0691 3888 cdfs - ok
15:21:01.0691 3888 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:21:01.0691 3888 cdrom - ok
15:21:01.0691 3888 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:21:01.0691 3888 CertPropSvc - ok
15:21:01.0691 3888 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:21:01.0691 3888 circlass - ok
15:21:01.0706 3888 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:21:01.0706 3888 CLFS - ok
15:21:01.0706 3888 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:21:01.0706 3888 clr_optimization_v2.0.50727_32 - ok
15:21:01.0706 3888 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:21:01.0706 3888 clr_optimization_v2.0.50727_64 - ok
15:21:01.0722 3888 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:21:01.0722 3888 clr_optimization_v4.0.30319_32 - ok
15:21:01.0722 3888 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:21:01.0722 3888 clr_optimization_v4.0.30319_64 - ok
15:21:01.0738 3888 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:21:01.0738 3888 CmBatt - ok
15:21:01.0738 3888 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:21:01.0738 3888 cmdide - ok
15:21:01.0738 3888 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:21:01.0738 3888 CNG - ok
15:21:01.0738 3888 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:21:01.0738 3888 Compbatt - ok
15:21:01.0738 3888 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:21:01.0753 3888 CompositeBus - ok
15:21:01.0753 3888 COMSysApp - ok
15:21:01.0753 3888 cpuz135 - ok
15:21:01.0753 3888 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:21:01.0753 3888 crcdisk - ok
15:21:01.0753 3888 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:21:01.0769 3888 CryptSvc - ok
15:21:01.0769 3888 [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc f:\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe
15:21:01.0769 3888 DAUpdaterSvc - ok
15:21:01.0769 3888 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:21:01.0769 3888 DcomLaunch - ok
15:21:01.0784 3888 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:21:01.0784 3888 defragsvc - ok
15:21:01.0784 3888 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:21:01.0784 3888 DfsC - ok
15:21:01.0784 3888 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:21:01.0784 3888 Dhcp - ok
15:21:01.0800 3888 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:21:01.0800 3888 discache - ok
15:21:01.0800 3888 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:21:01.0800 3888 Disk - ok
15:21:01.0800 3888 dldt_device - ok
15:21:01.0800 3888 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:21:01.0800 3888 Dnscache - ok
15:21:01.0800 3888 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:21:01.0800 3888 dot3svc - ok
15:21:01.0816 3888 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:21:01.0816 3888 DPS - ok
15:21:01.0816 3888 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:21:01.0816 3888 drmkaud - ok
15:21:01.0816 3888 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:21:01.0831 3888 DXGKrnl - ok
15:21:01.0831 3888 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:21:01.0831 3888 EapHost - ok
15:21:01.0831 3888 easytether - ok
15:21:01.0847 3888 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:21:01.0862 3888 ebdrv - ok
15:21:01.0862 3888 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:21:01.0862 3888 EFS - ok
15:21:01.0878 3888 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:21:01.0878 3888 ehRecvr - ok
15:21:01.0878 3888 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:21:01.0878 3888 ehSched - ok
15:21:01.0894 3888 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:21:01.0894 3888 elxstor - ok
15:21:01.0894 3888 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:21:01.0894 3888 ErrDev - ok
15:21:01.0894 3888 [ DB6AEC32FAF5BD002D9ED6C38692D42B ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
15:21:01.0894 3888 EtronHub3 - ok
15:21:01.0894 3888 [ 9CC2F24274741E12F9DF92125EA6D6D8 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
15:21:01.0894 3888 EtronXHCI - ok
15:21:01.0909 3888 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:21:01.0909 3888 EventSystem - ok
15:21:01.0909 3888 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:21:01.0909 3888 exfat - ok
15:21:01.0909 3888 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:21:01.0909 3888 fastfat - ok
15:21:01.0925 3888 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:21:01.0925 3888 Fax - ok
15:21:01.0925 3888 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:21:01.0925 3888 fdc - ok
15:21:01.0925 3888 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:21:01.0925 3888 fdPHost - ok
15:21:01.0925 3888 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:21:01.0925 3888 FDResPub - ok
15:21:01.0940 3888 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:21:01.0940 3888 FileInfo - ok
15:21:01.0940 3888 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:21:01.0940 3888 Filetrace - ok
15:21:01.0940 3888 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:21:01.0940 3888 flpydisk - ok
15:21:01.0940 3888 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:21:01.0940 3888 FltMgr - ok
15:21:01.0956 3888 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:21:01.0956 3888 FontCache - ok
15:21:01.0956 3888 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:21:01.0956 3888 FontCache3.0.0.0 - ok
15:21:01.0972 3888 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:21:01.0972 3888 FsDepends - ok
15:21:01.0972 3888 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:21:01.0972 3888 Fs_Rec - ok
15:21:01.0972 3888 [ 0D015D3584704EC814A58276232F143B ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
15:21:01.0972 3888 Futuremark SystemInfo Service - ok
15:21:01.0972 3888 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:21:01.0972 3888 fvevol - ok
15:21:01.0972 3888 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:21:01.0972 3888 gagp30kx - ok
15:21:01.0972 3888 gdrv - ok
15:21:01.0987 3888 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:21:01.0987 3888 GEARAspiWDM - ok
15:21:01.0987 3888 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:21:01.0987 3888 gpsvc - ok
15:21:01.0987 3888 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:21:01.0987 3888 hcw85cir - ok
15:21:02.0003 3888 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:21:02.0003 3888 HdAudAddService - ok
15:21:02.0003 3888 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:21:02.0003 3888 HDAudBus - ok
15:21:02.0003 3888 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:21:02.0003 3888 HidBatt - ok
15:21:02.0003 3888 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:21:02.0003 3888 HidBth - ok
15:21:02.0018 3888 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:21:02.0018 3888 HidIr - ok
15:21:02.0018 3888 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:21:02.0018 3888 hidserv - ok
15:21:02.0018 3888 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:21:02.0018 3888 HidUsb - ok
15:21:02.0018 3888 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:21:02.0018 3888 hkmsvc - ok
15:21:02.0018 3888 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:21:02.0018 3888 HomeGroupListener - ok
15:21:02.0034 3888 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:21:02.0034 3888 HomeGroupProvider - ok
15:21:02.0034 3888 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:21:02.0034 3888 HpSAMD - ok
15:21:02.0034 3888 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:21:02.0034 3888 HTCAND64 - ok
15:21:02.0034 3888 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
15:21:02.0034 3888 htcnprot - ok
15:21:02.0050 3888 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:21:02.0050 3888 HTTP - ok
15:21:02.0050 3888 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:21:02.0050 3888 hwpolicy - ok
15:21:02.0050 3888 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:21:02.0050 3888 i8042prt - ok
15:21:02.0065 3888 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:21:02.0065 3888 iaStorV - ok
15:21:02.0065 3888 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:21:02.0065 3888 idsvc - ok
15:21:02.0159 3888 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:21:02.0190 3888 igfx - ok
15:21:02.0190 3888 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:21:02.0206 3888 iirsp - ok
15:21:02.0206 3888 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:21:02.0206 3888 IKEEXT - ok
15:21:02.0237 3888 [ 98F4E841EA43ED5A442F0DC60CAB4326 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:21:02.0237 3888 IntcAzAudAddService - ok
15:21:02.0252 3888 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:21:02.0252 3888 IntcDAud - ok
15:21:02.0252 3888 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:21:02.0252 3888 intelide - ok
15:21:02.0252 3888 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:21:02.0252 3888 intelppm - ok
15:21:02.0252 3888 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:21:02.0252 3888 IPBusEnum - ok
15:21:02.0252 3888 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:21:02.0252 3888 IpFilterDriver - ok
15:21:02.0268 3888 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:21:02.0268 3888 IPMIDRV - ok
15:21:02.0268 3888 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:21:02.0268 3888 IPNAT - ok
15:21:02.0268 3888 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:21:02.0268 3888 iPod Service - ok
15:21:02.0284 3888 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:21:02.0284 3888 IRENUM - ok
15:21:02.0284 3888 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:21:02.0284 3888 isapnp - ok
15:21:02.0284 3888 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:21:02.0284 3888 iScsiPrt - ok
15:21:02.0284 3888 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:21:02.0284 3888 kbdclass - ok
15:21:02.0284 3888 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:21:02.0284 3888 kbdhid - ok
15:21:02.0299 3888 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:21:02.0299 3888 KeyIso - ok
15:21:02.0299 3888 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:21:02.0299 3888 KSecDD - ok
15:21:02.0299 3888 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:21:02.0299 3888 KSecPkg - ok
15:21:02.0299 3888 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:21:02.0299 3888 ksthunk - ok
15:21:02.0299 3888 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:21:02.0315 3888 KtmRm - ok
15:21:02.0315 3888 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:21:02.0315 3888 LanmanServer - ok
15:21:02.0315 3888 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:21:02.0315 3888 LanmanWorkstation - ok
15:21:02.0315 3888 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:21:02.0315 3888 lltdio - ok
15:21:02.0330 3888 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:21:02.0330 3888 lltdsvc - ok
15:21:02.0330 3888 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:21:02.0330 3888 lmhosts - ok
15:21:02.0330 3888 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:21:02.0330 3888 LSI_FC - ok
15:21:02.0330 3888 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:21:02.0330 3888 LSI_SAS - ok
15:21:02.0330 3888 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:21:02.0330 3888 LSI_SAS2 - ok
15:21:02.0346 3888 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:21:02.0346 3888 LSI_SCSI - ok
15:21:02.0346 3888 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:21:02.0346 3888 luafv - ok
15:21:02.0346 3888 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:21:02.0346 3888 Mcx2Svc - ok
15:21:02.0346 3888 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:21:02.0346 3888 megasas - ok
15:21:02.0346 3888 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:21:02.0346 3888 MegaSR - ok
15:21:02.0362 3888 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:21:02.0362 3888 MEIx64 - ok
15:21:02.0362 3888 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:21:02.0362 3888 MMCSS - ok
15:21:02.0362 3888 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:21:02.0362 3888 Modem - ok
15:21:02.0362 3888 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:21:02.0362 3888 monitor - ok
15:21:02.0362 3888 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:21:02.0362 3888 mouclass - ok
15:21:02.0362 3888 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:21:02.0362 3888 mouhid - ok
15:21:02.0377 3888 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:21:02.0377 3888 mountmgr - ok
15:21:02.0377 3888 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:21:02.0377 3888 mpio - ok
15:21:02.0377 3888 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:21:02.0377 3888 mpsdrv - ok
15:21:02.0377 3888 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:21:02.0377 3888 MRxDAV - ok
15:21:02.0393 3888 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:21:02.0393 3888 mrxsmb - ok
15:21:02.0393 3888 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:21:02.0393 3888 mrxsmb10 - ok
15:21:02.0393 3888 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:21:02.0393 3888 mrxsmb20 - ok
15:21:02.0393 3888 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:21:02.0393 3888 msahci - ok
15:21:02.0393 3888 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:21:02.0393 3888 msdsm - ok
15:21:02.0408 3888 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:21:02.0408 3888 MSDTC - ok
15:21:02.0408 3888 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:21:02.0408 3888 Msfs - ok
15:21:02.0408 3888 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:21:02.0408 3888 mshidkmdf - ok
15:21:02.0408 3888 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:21:02.0408 3888 msisadrv - ok
15:21:02.0408 3888 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:21:02.0408 3888 MSiSCSI - ok
15:21:02.0424 3888 msiserver - ok
15:21:02.0424 3888 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:21:02.0424 3888 MSKSSRV - ok
15:21:02.0424 3888 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:21:02.0424 3888 MSPCLOCK - ok
15:21:02.0424 3888 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:21:02.0424 3888 MSPQM - ok
15:21:02.0424 3888 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:21:02.0424 3888 MsRPC - ok
15:21:02.0440 3888 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:21:02.0440 3888 mssmbios - ok
15:21:02.0440 3888 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:21:02.0440 3888 MSTEE - ok
15:21:02.0440 3888 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:21:02.0440 3888 MTConfig - ok
15:21:02.0440 3888 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:21:02.0440 3888 Mup - ok
15:21:02.0440 3888 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:21:02.0440 3888 napagent - ok
15:21:02.0455 3888 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:21:02.0455 3888 NativeWifiP - ok
15:21:02.0455 3888 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:21:02.0471 3888 NDIS - ok
15:21:02.0471 3888 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:21:02.0471 3888 NdisCap - ok
15:21:02.0471 3888 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:21:02.0471 3888 NdisTapi - ok
15:21:02.0471 3888 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:21:02.0471 3888 Ndisuio - ok
15:21:02.0471 3888 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:21:02.0471 3888 NdisWan - ok
15:21:02.0471 3888 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:21:02.0471 3888 NDProxy - ok
15:21:02.0486 3888 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:21:02.0486 3888 NetBIOS - ok
15:21:02.0486 3888 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:21:02.0486 3888 NetBT - ok
15:21:02.0486 3888 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:21:02.0486 3888 Netlogon - ok
15:21:02.0486 3888 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:21:02.0486 3888 Netman - ok
15:21:02.0502 3888 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:21:02.0502 3888 netprofm - ok
15:21:02.0502 3888 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:21:02.0502 3888 NetTcpPortSharing - ok
15:21:02.0502 3888 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:21:02.0502 3888 nfrd960 - ok
15:21:02.0518 3888 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:21:02.0518 3888 NlaSvc - ok
15:21:02.0518 3888 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:21:02.0518 3888 Npfs - ok
15:21:02.0518 3888 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:21:02.0518 3888 nsi - ok
15:21:02.0518 3888 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:21:02.0518 3888 nsiproxy - ok
15:21:02.0533 3888 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:21:02.0533 3888 Ntfs - ok
15:21:02.0549 3888 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:21:02.0549 3888 Null - ok
15:21:02.0549 3888 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:21:02.0549 3888 NVHDA - ok
15:21:02.0627 3888 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:21:02.0689 3888 nvlddmkm - ok
15:21:02.0689 3888 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:21:02.0689 3888 nvraid - ok
15:21:02.0689 3888 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:21:02.0689 3888 nvstor - ok
15:21:02.0705 3888 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:21:02.0705 3888 nvsvc - ok
15:21:02.0720 3888 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:21:02.0720 3888 nvUpdatusService - ok
15:21:02.0720 3888 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:21:02.0720 3888 nv_agp - ok
15:21:02.0720 3888 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:21:02.0720 3888 ohci1394 - ok
15:21:02.0736 3888 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:21:02.0736 3888 p2pimsvc - ok
15:21:02.0736 3888 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:21:02.0736 3888 p2psvc - ok
15:21:02.0736 3888 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:21:02.0736 3888 Parport - ok
15:21:02.0736 3888 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:21:02.0736 3888 partmgr - ok
15:21:02.0752 3888 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:21:02.0752 3888 PassThru Service - ok
15:21:02.0752 3888 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:21:02.0752 3888 PcaSvc - ok
15:21:02.0752 3888 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:21:02.0752 3888 pci - ok
15:21:02.0752 3888 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:21:02.0752 3888 pciide - ok
15:21:02.0767 3888 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:21:02.0767 3888 pcmcia - ok
15:21:02.0767 3888 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:21:02.0767 3888 pcw - ok
15:21:02.0767 3888 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:21:02.0767 3888 PEAUTH - ok
15:21:02.0798 3888 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:21:02.0798 3888 PerfHost - ok
15:21:02.0798 3888 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:21:02.0814 3888 pla - ok
15:21:02.0814 3888 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:21:02.0814 3888 PlugPlay - ok
15:21:02.0814 3888 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:21:02.0814 3888 PNRPAutoReg - ok
15:21:02.0830 3888 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:21:02.0830 3888 PNRPsvc - ok
15:21:02.0830 3888 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:21:02.0830 3888 PolicyAgent - ok
15:21:02.0845 3888 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:21:02.0845 3888 Power - ok
15:21:02.0845 3888 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:21:02.0845 3888 PptpMiniport - ok
15:21:02.0845 3888 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:21:02.0845 3888 Processor - ok
15:21:02.0845 3888 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:21:02.0845 3888 ProfSvc - ok
15:21:02.0845 3888 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:21:02.0845 3888 ProtectedStorage - ok
15:21:02.0861 3888 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:21:02.0861 3888 Psched - ok
15:21:02.0861 3888 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:21:02.0876 3888 ql2300 - ok
15:21:02.0876 3888 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:21:02.0876 3888 ql40xx - ok
15:21:02.0876 3888 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:21:02.0876 3888 QWAVE - ok
15:21:02.0876 3888 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:21:02.0892 3888 QWAVEdrv - ok
15:21:02.0892 3888 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:21:02.0892 3888 RasAcd - ok
15:21:02.0892 3888 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:21:02.0892 3888 RasAgileVpn - ok
15:21:02.0892 3888 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:21:02.0892 3888 RasAuto - ok
15:21:02.0892 3888 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:21:02.0892 3888 Rasl2tp - ok
15:21:02.0892 3888 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:21:02.0908 3888 RasMan - ok
15:21:02.0908 3888 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:21:02.0908 3888 RasPppoe - ok
15:21:02.0908 3888 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:21:02.0908 3888 RasSstp - ok
15:21:02.0908 3888 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:21:02.0908 3888 rdbss - ok
15:21:02.0908 3888 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:21:02.0908 3888 rdpbus - ok
15:21:02.0923 3888 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:21:02.0923 3888 RDPCDD - ok
15:21:02.0923 3888 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:21:02.0923 3888 RDPENCDD - ok
15:21:02.0923 3888 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:21:02.0923 3888 RDPREFMP - ok
15:21:02.0923 3888 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:21:02.0923 3888 RDPWD - ok
15:21:02.0923 3888 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:21:02.0923 3888 rdyboost - ok
15:21:02.0939 3888 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:21:02.0939 3888 RemoteAccess - ok
15:21:02.0939 3888 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:21:02.0939 3888 RemoteRegistry - ok
15:21:02.0939 3888 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:21:02.0939 3888 RpcEptMapper - ok
15:21:02.0939 3888 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:21:02.0939 3888 RpcLocator - ok
15:21:02.0954 3888 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:21:02.0954 3888 RpcSs - ok
15:21:02.0954 3888 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:21:02.0954 3888 rspndr - ok
15:21:02.0954 3888 [ 0039DE6A0A1293889A3F21ECC473263D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:21:02.0954 3888 RTL8167 - ok
15:21:02.0970 3888 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:21:02.0970 3888 SamSs - ok
15:21:02.0970 3888 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:21:02.0970 3888 sbp2port - ok
15:21:02.0970 3888 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:21:02.0970 3888 SCardSvr - ok
15:21:02.0970 3888 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:21:02.0970 3888 scfilter - ok
15:21:02.0986 3888 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:21:02.0986 3888 Schedule - ok
15:21:02.0986 3888 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:21:02.0986 3888 SCPolicySvc - ok
15:21:02.0986 3888 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:21:03.0001 3888 SDRSVC - ok
15:21:03.0001 3888 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:21:03.0001 3888 secdrv - ok
15:21:03.0001 3888 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:21:03.0001 3888 seclogon - ok
15:21:03.0001 3888 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:21:03.0001 3888 SENS - ok
15:21:03.0001 3888 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:21:03.0001 3888 SensrSvc - ok
15:21:03.0001 3888 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:21:03.0001 3888 Serenum - ok
15:21:03.0001 3888 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:21:03.0017 3888 Serial - ok
15:21:03.0017 3888 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:21:03.0017 3888 sermouse - ok
15:21:03.0017 3888 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:21:03.0017 3888 SessionEnv - ok
15:21:03.0017 3888 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:21:03.0017 3888 sffdisk - ok
15:21:03.0017 3888 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:21:03.0017 3888 sffp_mmc - ok
15:21:03.0017 3888 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:21:03.0017 3888 sffp_sd - ok
15:21:03.0032 3888 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:21:03.0032 3888 sfloppy - ok
15:21:03.0032 3888 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:21:03.0032 3888 ShellHWDetection - ok
15:21:03.0032 3888 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:21:03.0032 3888 SiSRaid2 - ok
15:21:03.0032 3888 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:21:03.0032 3888 SiSRaid4 - ok
15:21:03.0048 3888 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:21:03.0048 3888 Smb - ok
15:21:03.0048 3888 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:21:03.0048 3888 SNMPTRAP - ok
15:21:03.0048 3888 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:21:03.0048 3888 spldr - ok
15:21:03.0048 3888 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
15:21:03.0064 3888 Spooler - ok
15:21:03.0079 3888 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:21:03.0095 3888 sppsvc - ok
15:21:03.0095 3888 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:21:03.0095 3888 sppuinotify - ok
15:21:03.0110 3888 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:21:03.0110 3888 srv - ok
15:21:03.0110 3888 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:21:03.0110 3888 srv2 - ok
15:21:03.0110 3888 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:21:03.0110 3888 srvnet - ok
15:21:03.0126 3888 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:21:03.0126 3888 SSDPSRV - ok
15:21:03.0126 3888 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:21:03.0126 3888 SstpSvc - ok
15:21:03.0126 3888 Steam Client Service - ok
15:21:03.0126 3888 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:21:03.0126 3888 Stereo Service - ok
15:21:03.0142 3888 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:21:03.0142 3888 stexstor - ok
15:21:03.0142 3888 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:21:03.0142 3888 stisvc - ok
15:21:03.0142 3888 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:21:03.0142 3888 swenum - ok
15:21:03.0157 3888 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:21:03.0157 3888 swprv - ok
15:21:03.0173 3888 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:21:03.0173 3888 SysMain - ok
15:21:03.0173 3888 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:21:03.0173 3888 TabletInputService - ok
15:21:03.0188 3888 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:21:03.0188 3888 TapiSrv - ok
15:21:03.0188 3888 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:21:03.0188 3888 TBS - ok
15:21:03.0204 3888 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:21:03.0204 3888 Tcpip - ok
15:21:03.0220 3888 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:21:03.0220 3888 TCPIP6 - ok
15:21:03.0235 3888 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:21:03.0235 3888 tcpipreg - ok
15:21:03.0235 3888 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:21:03.0235 3888 TDPIPE - ok
15:21:03.0235 3888 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:21:03.0235 3888 TDTCP - ok
15:21:03.0235 3888 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:21:03.0235 3888 tdx - ok
15:21:03.0235 3888 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:21:03.0235 3888 TermDD - ok
15:21:03.0251 3888 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:21:03.0251 3888 TermService - ok
15:21:03.0251 3888 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:21:03.0251 3888 Themes - ok
15:21:03.0251 3888 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:21:03.0251 3888 THREADORDER - ok
15:21:03.0266 3888 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:21:03.0266 3888 TrkWks - ok
15:21:03.0266 3888 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:21:03.0266 3888 TrustedInstaller - ok
15:21:03.0266 3888 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:21:03.0266 3888 tssecsrv - ok
15:21:03.0266 3888 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:21:03.0266 3888 TsUsbFlt - ok
15:21:03.0266 3888 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:21:03.0282 3888 tunnel - ok
15:21:03.0282 3888 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:21:03.0282 3888 uagp35 - ok
15:21:03.0282 3888 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:21:03.0282 3888 udfs - ok
15:21:03.0282 3888 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:21:03.0282 3888 UI0Detect - ok
15:21:03.0282 3888 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:21:03.0282 3888 uliagpkx - ok
15:21:03.0298 3888 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:21:03.0298 3888 umbus - ok
15:21:03.0298 3888 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:21:03.0298 3888 UmPass - ok
15:21:03.0298 3888 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:21:03.0298 3888 upnphost - ok
15:21:03.0298 3888 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:21:03.0298 3888 usbaudio - ok
15:21:03.0313 3888 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:21:03.0313 3888 usbccgp - ok
15:21:03.0313 3888 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:21:03.0313 3888 usbcir - ok
15:21:03.0313 3888 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:21:03.0313 3888 usbehci - ok
15:21:03.0313 3888 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:21:03.0313 3888 usbhub - ok
15:21:03.0329 3888 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:21:03.0329 3888 usbohci - ok
15:21:03.0329 3888 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:21:03.0329 3888 usbprint - ok
15:21:03.0329 3888 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:21:03.0329 3888 usbscan - ok
15:21:03.0329 3888 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:21:03.0329 3888 USBSTOR - ok
15:21:03.0329 3888 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:21:03.0329 3888 usbuhci - ok
15:21:03.0329 3888 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:21:03.0329 3888 UxSms - ok
15:21:03.0344 3888 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:21:03.0344 3888 VaultSvc - ok
15:21:03.0344 3888 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:21:03.0344 3888 vdrvroot - ok
15:21:03.0344 3888 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:21:03.0344 3888 vds - ok
15:21:03.0344 3888 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:21:03.0344 3888 vga - ok
15:21:03.0360 3888 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:21:03.0360 3888 VgaSave - ok
15:21:03.0360 3888 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:21:03.0360 3888 vhdmp - ok
15:21:03.0360 3888 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:21:03.0360 3888 viaide - ok
15:21:03.0360 3888 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:21:03.0360 3888 volmgr - ok
15:21:03.0360 3888 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:21:03.0376 3888 volmgrx - ok
15:21:03.0376 3888 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:21:03.0376 3888 volsnap - ok
15:21:03.0376 3888 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:21:03.0376 3888 vsmraid - ok
15:21:03.0391 3888 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:21:03.0391 3888 VSS - ok
15:21:03.0391 3888 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:21:03.0391 3888 vwifibus - ok
15:21:03.0407 3888 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:21:03.0407 3888 W32Time - ok
15:21:03.0407 3888 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:21:03.0407 3888 WacomPen - ok
15:21:03.0407 3888 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:21:03.0407 3888 WANARP - ok
15:21:03.0407 3888 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:21:03.0407 3888 Wanarpv6 - ok
15:21:03.0422 3888 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:21:03.0422 3888 WatAdminSvc - ok
15:21:03.0438 3888 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:21:03.0438 3888 wbengine - ok
15:21:03.0454 3888 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:21:03.0454 3888 WbioSrvc - ok
15:21:03.0454 3888 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:21:03.0454 3888 wcncsvc - ok
15:21:03.0454 3888 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:21:03.0454 3888 WcsPlugInService - ok
15:21:03.0469 3888 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:21:03.0469 3888 Wd - ok
15:21:03.0469 3888 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:21:03.0469 3888 Wdf01000 - ok
15:21:03.0469 3888 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:21:03.0469 3888 WdiServiceHost - ok
15:21:03.0469 3888 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:21:03.0485 3888 WdiSystemHost - ok
15:21:03.0485 3888 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:21:03.0485 3888 WebClient - ok
15:21:03.0485 3888 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:21:03.0485 3888 Wecsvc - ok
15:21:03.0485 3888 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:21:03.0485 3888 wercplsupport - ok
15:21:03.0500 3888 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:21:03.0500 3888 WerSvc - ok
15:21:03.0500 3888 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:21:03.0500 3888 WfpLwf - ok
15:21:03.0500 3888 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:21:03.0500 3888 WIMMount - ok
15:21:03.0500 3888 WinHttpAutoProxySvc - ok
15:21:03.0516 3888 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:21:03.0516 3888 Winmgmt - ok
15:21:03.0516 3888 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:21:03.0532 3888 WinRM - ok
15:21:03.0532 3888 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:21:03.0532 3888 WinUsb - ok
15:21:03.0547 3888 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:21:03.0547 3888 Wlansvc - ok
15:21:03.0547 3888 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:21:03.0547 3888 WmiAcpi - ok
15:21:03.0547 3888 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:21:03.0563 3888 wmiApSrv - ok
15:21:03.0563 3888 WMPNetworkSvc - ok
15:21:03.0563 3888 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:21:03.0563 3888 WPCSvc - ok
15:21:03.0563 3888 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:21:03.0563 3888 WPDBusEnum - ok
15:21:03.0563 3888 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:21:03.0563 3888 ws2ifsl - ok
15:21:03.0563 3888 WSearch - ok
15:21:03.0578 3888 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:21:03.0578 3888 WudfPf - ok
15:21:03.0578 3888 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:21:03.0578 3888 WUDFRd - ok
15:21:03.0578 3888 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:21:03.0578 3888 wudfsvc - ok
15:21:03.0578 3888 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:21:03.0578 3888 WwanSvc - ok
15:21:03.0594 3888 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:21:03.0594 3888 xusb21 - ok
15:21:03.0594 3888 ================ Scan global ===============================
15:21:03.0594 3888 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:21:03.0594 3888 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:21:03.0594 3888 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:21:03.0610 3888 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:21:03.0610 3888 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:21:03.0610 3888 [Global] - ok
15:21:03.0610 3888 ================ Scan MBR ==================================
15:21:03.0610 3888 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:21:03.0688 3888 \Device\Harddisk0\DR0 - ok
15:21:03.0688 3888 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:21:03.0719 3888 \Device\Harddisk1\DR1 - ok
15:21:03.0734 3888 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
15:21:03.0781 3888 \Device\Harddisk4\DR4 - ok
15:21:03.0797 3888 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
15:21:03.0859 3888 \Device\Harddisk2\DR2 - ok
15:21:03.0875 3888 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk3\DR3
15:21:04.0156 3888 \Device\Harddisk3\DR3 - ok
15:21:04.0156 3888 [ 2BDBC086F60BC3CA3E44F97D87AB1E64 ] \Device\Harddisk5\DR5
15:21:04.0265 3888 \Device\Harddisk5\DR5 - ok
15:21:04.0265 3888 ================ Scan VBR ==================================
15:21:04.0265 3888 [ B95D4B6189B8484A63FD897854D463D3 ] \Device\Harddisk0\DR0\Partition1
15:21:04.0265 3888 \Device\Harddisk0\DR0\Partition1 - ok
15:21:04.0265 3888 [ DDD1BC96BA20F9570054D25391C7DF09 ] \Device\Harddisk1\DR1\Partition1
15:21:04.0265 3888 \Device\Harddisk1\DR1\Partition1 - ok
15:21:04.0265 3888 [ 376ACBE056870CEC153D9634D39C642E ] \Device\Harddisk4\DR4\Partition1
15:21:04.0265 3888 \Device\Harddisk4\DR4\Partition1 - ok
15:21:04.0280 3888 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk4\DR4\Partition2
15:21:04.0280 3888 \Device\Harddisk4\DR4\Partition2 - ok
15:21:04.0296 3888 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk4\DR4\Partition3
15:21:04.0296 3888 \Device\Harddisk4\DR4\Partition3 - ok
15:21:04.0296 3888 [ 2D54243F24336BC12737301A1B058227 ] \Device\Harddisk3\DR3\Partition1
15:21:04.0296 3888 \Device\Harddisk3\DR3\Partition1 - ok
15:21:04.0296 3888 [ 0BCD58488CE57426D7A9686667057073 ] \Device\Harddisk5\DR5\Partition1
15:21:04.0296 3888 \Device\Harddisk5\DR5\Partition1 - ok
15:21:04.0296 3888 ============================================================
15:21:04.0296 3888 Scan finished
15:21:04.0296 3888 ============================================================
15:21:04.0296 3880 Detected object count: 0
15:21:04.0296 3880 Actual detected object count: 0

MBAM:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.25.04

Windows 7 Service Pack 1 x64 FAT32
Internet Explorer 9.0.8112.16421
lenny :: LENNY-PC [administrator]

11/25/2012 3:23:55 PM
mbam-log-2012-11-25 (15-23-55).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 317814
Time elapsed: 5 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Mini Tool box:

MiniToolBox by Farbar Version: 25-11-2012
Ran by lenny (administrator) on 25-11-2012 at 17:12:07
Running from "C:\Users\lenny\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : lenny-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 50-E5-49-4D-C1-90
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3917:6f6:cf11:58ac%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.76(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, November 25, 2012 3:19:43 PM
Lease Expires . . . . . . . . . . : Monday, November 26, 2012 3:19:42 PM
Default Gateway . . . . . . . . . : 192.168.1.2
DHCP Server . . . . . . . . . . . : 192.168.1.2
DHCPv6 IAID . . . . . . . . . . . : 240182601
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-7F-A5-8F-50-E5-49-4D-C1-90
DNS Servers . . . . . . . . . . . : 192.168.1.2
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{886BAF65-1DA6-440A-8510-22C8D0364B70}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.2

Name: google.com
Addresses: 2001:4860:4002:802::1004
74.125.227.36
74.125.227.37
74.125.227.38
74.125.227.39
74.125.227.40
74.125.227.41
74.125.227.46
74.125.227.32
74.125.227.33
74.125.227.34
74.125.227.35


Pinging google.com [74.125.227.104] with 32 bytes of data:
Reply from 74.125.227.104: bytes=32 time=91ms TTL=47
Reply from 74.125.227.104: bytes=32 time=180ms TTL=47

Ping statistics for 74.125.227.104:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 91ms, Maximum = 180ms, Average = 135ms
Server: UnKnown
Address: 192.168.1.2

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=247ms TTL=51
Reply from 72.30.38.140: bytes=32 time=131ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 131ms, Maximum = 247ms, Average = 189ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...50 e5 49 4d c1 90 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.2 192.168.1.76 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.76 266
192.168.1.76 255.255.255.255 On-link 192.168.1.76 266
192.168.1.255 255.255.255.255 On-link 192.168.1.76 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.76 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.76 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 266 fe80::/64 On-link
10 266 fe80::3917:6f6:cf11:58ac/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/25/2012 01:49:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/24/2012 11:29:06 PM) (Source: Application Hang) (User: )
Description: The program Steam.exe version 1.0.1446.623 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 978

Start Time: 01cdc9732af5ff33

Termination Time: 10

Application Path: F:\Steam\Steam.exe

Report Id: 06422e0c-36c1-11e2-992e-50e5494dc190

Error: (11/24/2012 01:00:30 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16447, time stamp: 0x4fc9cd53
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xa6136853
Faulting process id: 0xf20
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/23/2012 10:22:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: Flash64_11_4_402_287.ocx, version: 11.4.402.287, time stamp: 0x5066dac6
Exception code: 0xc0000005
Fault offset: 0x00000000007669ad
Faulting process id: 0x8e0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (11/21/2012 04:02:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000000710f4a7800
Faulting process id: 0xc60
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (11/21/2012 00:54:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/18/2012 00:08:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: Steam.exe, version: 1.0.1446.623, time stamp: 0x5004ae1a
Faulting module name: Steam.dll_unloaded, version: 0.0.0.0, time stamp: 0x5032c95c
Exception code: 0xc0000005
Fault offset: 0x300c27c2
Faulting process id: 0x1274
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3

Error: (11/18/2012 00:08:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: Steam.exe, version: 1.0.1446.623, time stamp: 0x5004ae1a
Faulting module name: Steam.dll_unloaded, version: 0.0.0.0, time stamp: 0x5032c95c
Exception code: 0xc0000005
Fault offset: 0x301f9abb
Faulting process id: 0x1274
Faulting application start time: 0xSteam.exe0
Faulting application path: Steam.exe1
Faulting module path: Steam.exe2
Report Id: Steam.exe3

Error: (11/11/2012 05:41:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mshtml.dll, version: 9.0.8112.16447, time stamp: 0x4fca0a05
Exception code: 0xc0000005
Fault offset: 0x00000000002ea0f2
Faulting process id: 0x8dc
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (11/06/2012 07:25:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mshtml.dll, version: 9.0.8112.16447, time stamp: 0x4fca0a05
Exception code: 0xc0000005
Fault offset: 0x00000000003316f9
Faulting process id: 0x12f0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (11/25/2012 03:21:44 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (11/25/2012 03:21:44 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/25/2012 03:20:33 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/25/2012 03:20:33 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/25/2012 02:09:12 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/25/2012 06:33:26 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/25/2012 06:33:26 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/25/2012 06:08:36 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (11/25/2012 06:08:36 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/24/2012 07:29:56 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.


Microsoft Office Sessions:
=========================
Error: (11/25/2012 01:49:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\lenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZB8CAPC2\esetsmartinstaller_enu.exe

Error: (11/24/2012 11:29:06 PM) (Source: Application Hang)(User: )
Description: Steam.exe1.0.1446.62397801cdc9732af5ff3310F:\Steam\Steam.exe06422e0c-36c1-11e2-992e-50e5494dc190

Error: (11/24/2012 01:00:30 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164474fc9cd53unknown0.0.0.000000000c0000005a6136853f2001cdc9732d1b7781C:\Program Files (x86)\Internet Explorer\iexplore.exeunknowna1798311-3604-11e2-992e-50e5494dc190

Error: (11/23/2012 10:22:28 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1Flash64_11_4_402_287.ocx11.4.402.2875066dac6c000000500000000007669ad8e001cdc97214d204f8C:\Windows\system32\svchost.exeC:\Windows\system32\Macromed\Flash\Flash64_11_4_402_287.ocx8dc20ad0-35ee-11e2-992e-50e5494dc190

Error: (11/21/2012 04:02:30 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1unknown0.0.0.000000000c0000005000000710f4a7800c6001cdc7f367cdde2fC:\Windows\system32\svchost.exeunknown24a39171-3427-11e2-8746-50e5494dc190

Error: (11/21/2012 00:54:47 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\lenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MID4NMJ7\SoftonicDownloader_for_windows-live-messenger.exe

Error: (11/18/2012 00:08:47 PM) (Source: Application Error)(User: )
Description: Steam.exe1.0.1446.6235004ae1aSteam.dll_unloaded0.0.0.05032c95cc0000005300c27c2127401cdc5b7bd241953F:\Steam\Steam.exeSteam.dllff06a525-31aa-11e2-b5fb-50e5494dc190

Error: (11/18/2012 00:08:46 PM) (Source: Application Error)(User: )
Description: Steam.exe1.0.1446.6235004ae1aSteam.dll_unloaded0.0.0.05032c95cc0000005301f9abb127401cdc5b7bd241953F:\Steam\Steam.exeSteam.dllfe13dd27-31aa-11e2-b5fb-50e5494dc190

Error: (11/11/2012 05:41:16 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1mshtml.dll9.0.8112.164474fca0a05c000000500000000002ea0f28dc01cdc008ab6678b5C:\Windows\system32\svchost.exeC:\Windows\system32\mshtml.dll48b4fafc-2c59-11e2-9047-50e5494dc190

Error: (11/06/2012 07:25:23 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1mshtml.dll9.0.8112.164474fca0a05c000000500000000003316f912f001cdbc7202883c43C:\Windows\system32\svchost.exeC:\Windows\system32\mshtml.dll001ecf44-287a-11e2-a07f-50e5494dc190


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
3DMark 11 (Version: 1.0.3)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Android SDK Tools (Version: 1.14)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ARMA 2
ARMA 2: Operation Arrowhead
Audiosurf
BattlEye for OA Uninstall
BattlEye Uninstall
Bloodline Champions (Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
Comical 0.8
Dell V305
Deus Ex: Human Revolution - The Missing Link
Diablo III (Version: 1.0.5.12811)
Dolby Home Theater v4 (Version: 7.2.7000.7)
Dota 2
Dragon Age: Origins
ESET Online Scanner v3
Etron USB3.0 Host Controller (Version: 0.104)
Eve Online: Inferno
Fallen Earth
Furcadia (Version: 29a)
Futuremark SystemInfo (Version: 4.6.0)
Heroes of Newerth (Version: 2.3.0)
Hitman: Absolution
Hitman: Sniper Challenge
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.018)
HTC Sync (Version: 3.0.5617)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Processor Graphics (Version: 8.15.10.2418)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Just Cause 2
League of Legends (Version: 1.3)
Magicka
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nexuiz
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
ON_OFF Charge B11.0110.1 (Version: 1.00.0001)
Path of Exile (Version: 0.9.11.18192)
PCMark 7 (Version: 1.0.4)
Plants vs. Zombies: Game of the Year
Realtek Ethernet Controller Driver (Version: 7.46.531.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6423)
RGSS-RTP Standard (Version: 1.0.0)
RPGXP (Version: 1.0.0)
Six Updater (Version: 2.09.7016)
Spotify (Version: 0.8.5.1333.g822e0de8)
Star Wars: The Old Republic (Version: 1.0.0.0)
Steam (Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.6)
Torchlight
Unigine Heaven DX11 Benchmark 2.5 version 2.5 (Version: 2.5)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Uplink
VLC media player 2.0.0 (Version: 2.0.0)
Warhammer 40,000 Space Marine
Warhammer® 40,000®: Dawn of War® II – Retribution™
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
World of Warcraft (Version: 4.3.4.15595)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 16%
Total physical RAM: 16367.12 MB
Available physical RAM: 13633.71 MB
Total Pagefile: 32732.43 MB
Available Pagefile: 29730.62 MB
Total Virtual: 4095.88 MB
Available Virtual: 3975.27 MB

========================= Partitions: =====================================

1 Drive c: (gnome1) (Fixed) (Total:59.62 GB) (Free:1.27 GB) NTFS
3 Drive e: (CORSAIR) (Removable) (Total:7.5 GB) (Free:7.4 GB) FAT32
4 Drive f: (vraptor) (Fixed) (Total:279.46 GB) (Free:129.37 GB) NTFS
5 Drive g: (storage2) (Fixed) (Total:931.51 GB) (Free:902.99 GB) NTFS
6 Drive h: (OG) (Fixed) (Total:149.05 GB) (Free:98.77 GB) NTFS
7 Drive j: (Storage1) (Fixed) (Total:931.39 GB) (Free:394.17 GB) NTFS

========================= Users: ========================================

User accounts for \\LENNY-PC

Administrator Guest lenny
UpdatusUser

========================= Restore Points ==================================

25-11-2012 22:21:02 Scheduled Checkpoint

**** End of log ****

FSS:

Farbar Service Scanner Version: 09-11-2012
Ran by lenny (administrator) on 25-11-2012 at 17:13:41
Running from "C:\Users\lenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MID4NMJ7"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

ADware Cleaner:

# AdwCleaner v2.009 - Logfile created 11/25/2012 at 17:15:03
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : lenny - LENNY-PC
# Boot Mode : Normal
# Running from : C:\Users\lenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZB8CAPC2\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Softonic

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

Profile name : default
File : C:\Users\lenny\AppData\Roaming\Mozilla\Firefox\Profiles\0dlbdseo.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\lenny\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [965 octets] - [25/11/2012 17:15:03]

########## EOF - C:\AdwCleaner[S1].txt - [1024 octets] ##########

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.5.1 (11.25.2012)
OS: Windows 7 Home Premium x64
Ran by lenny on Sun 11/25/2012 at 18:56:29.85
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\windows\currentversion\run\\Spotify Web Helper



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/25/2012 at 18:58:47.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:43 PM

Posted 25 November 2012 - 09:36 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 s14lenny

s14lenny
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 26 November 2012 - 06:46 PM

FSS:

Farbar Service Scanner Version: 09-11-2012
Ran by lenny (administrator) on 26-11-2012 at 17:40:37
Running from "C:\Users\lenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RELGMW4M"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

RKill:

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/26/2012 05:41:28 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\lenny\Desktop\rkill\rkill-11-26-2012-05-41-29.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\lenny\AppData\Local\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\ [ZA Dir]
* C:\Users\lenny\AppData\Local\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\L\ [ZA Dir]
* C:\Users\lenny\AppData\Local\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\U\ [ZA Dir]
* C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\ [ZA Dir]
* C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\L\ [ZA Dir]
* C:\Windows\installer\{80c45bb0-c4a4-4b3b-4bfe-fbb8b63833d3}\U\ [ZA Dir]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/26/2012 05:41:33 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)

Autoruns:


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVBg_Dolby" "HD Audio Background Process" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravbg64.exe"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "dldtamon" "" "" "h:\dell v305\dldtamon.exe"
+ "dldtmon.exe" "Printer Device Monitor" "" "h:\dell v305\dldtmon.exe"
+ "Dolby Home Theater v4" "Dolby Profile Selector" "Dolby Laboratories Inc." "c:\program files (x86)\dolby home theater v4\pcee4.exe"
+ "HTC Sync Loader" "HTC UPCT Loader" "" "c:\program files (x86)\htc\htc sync 3.0\htcupctloader.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "h:\ituneshelper.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Messenger (Yahoo!)" "Yahoo! Messenger" "Yahoo! Inc." "h:\messenger\yahoomessenger.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files (x86)\windows live\messenger\msnmsgr.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "Steam" "Steam" "Valve Corporation" "f:\steam\steam.exe"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "e:\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "e:\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: C:\Program Files\Java\jre6\bin\jp2ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Launch HTC Sync Loader" "HTC UPCT Loader" "" "c:\program files (x86)\htc\htc sync 3.0\htcupctloader.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AppleChargerSrv" "Apple mobile devices charging service" "" "c:\windows\system32\applechargersrv.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DAUpdaterSvc" "Digital management system for Dragon Age: Origins downloadable content." "BioWare" "f:\steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe"
+ "dldt_device" "Printer Communication System" " " "c:\windows\system32\dldtcoms.exe"
+ "Futuremark SystemInfo Service" "Futuremark SystemInfo Service" "Futuremark Corporation" "c:\program files (x86)\futuremark\futuremark systeminfo\fmsisvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "PassThru Service" "Detect HTC Android device for internet pass-through function." "" "c:\program files (x86)\htc\internet pass-through\passthrusvr.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AppleCharger" "Apple mobile devices charging program" "" "c:\windows\system32\drivers\applecharger.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz135" "" "" "File not found: C:\Windows\TEMP\cpuz135\cpuz135_x64.sys"
+ "easytether" "" "" "File not found: system32\DRIVERS\easytthr.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EtronHub3" "Etron eXtensible Hub Driver." "Etron Technology Inc" "c:\windows\system32\drivers\etronhub3.sys"
+ "EtronXHCI" "Etron eXtensible Host Controller Driver." "Etron Technology Inc" "c:\windows\system32\drivers\etronxhci.sys"
+ "gdrv" "" "" "File not found: C:\Windows\gdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HTCAND64" "ADB Interface" "HTC, Corporation" "c:\windows\system32\drivers\androidusb.sys"
+ "htcnprot" "HTC NDIS Protocol Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\htcnprot.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 301.42 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "V305 Port" "Printer Communication System" " " "c:\windows\system32\dldtlmpm.dll"
"C:\Users\lenny\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "All CPU Meter" "The All Cpu Meter will show you all core cpu usage(24 Core, 16 Core, 12 Core, 8 Core, 6 Core, 4 Core, 3 Core, 2 Core, 1 Core),Temperatures and RAM usage. It also displayes all core usage history." "AddGadget.com" "C:\Users\lenny\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\Gadget.xml"
+ "Digital Clock" "With this Digital Clock Gadget you can display your time, date, day, week, quarter of a year, current computer uptime, total computer uptime, countdown (set event name, time and sound) and alarm with sound." "AddGadget" "C:\Users\lenny\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Digital_Clock_V1.0.gadget\Gadget.xml"
+ "GPU Meter" "With this GPU Meter Gadget you can display your Vendor, Model, GPU (Clock Speed, Temperature, Usage) , Memory (Clock Speed, Size, Usage), Fan (Speed, Usage), Shader Clock Speed, PCB Temperature and PCI Express." "AddGadgets" "C:\Users\lenny\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter_V1.2.gadget\Gadget.xml"
+ "Network Meter" "The Network Meter will show you SSID, Signal Quality, Internal IP address, External IP address, IP lookup with Google Maps, Speed test, Upload speed, download speed, usage remaining, total of usage and connection is secure or not secure." "AddGadget" "C:\Users\lenny\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Network_Meter_V8.1.gadget\Gadget.xml"

Edited by s14lenny, 26 November 2012 - 07:57 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:43 PM

Posted 27 November 2012 - 12:28 AM

Now run RKILL given in previous instructions and post the new log

Edited by narenxp, 28 November 2012 - 07:41 AM.


#9 s14lenny

s14lenny
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 27 November 2012 - 10:44 PM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/27/2012 09:42:59 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/27/2012 09:43:03 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:43 PM

Posted 28 November 2012 - 07:41 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users