Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by UKASH virus and files locked - help!


  • This topic is locked This topic is locked
26 replies to this topic

#1 helpmeplease71

helpmeplease71

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 26 January 2013 - 05:43 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.5.1
Run by Admin at 22:35:32 on 2013-01-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2934.1318 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Motorola\Bluetooth\obexsrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_5_502_146_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearch Bar = Preserve
uURLSearchHooks: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - <orphaned>
mWinlogon: Userinit = C:\Windows\System32\userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: FoxyProxy - C:\ProgramData\fpie\FoxyProxyAdd-on.dll/IDR_HTML1
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{150034AE-2EC8-4F41-9E43-5DA2F9D717E1} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23}\244564F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23}\244575966496 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23}\244575966496D277964786D264F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23}\6796277696E6D65646961613630303532333 : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23}\779613330366966363 : DHCPNameServer = 217.117.209.1 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
x64-DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
x64-DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-8-19 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-8-19 203264]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-8-19 677128]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-19 2533400]
R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-8-19 4181256]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-6-25 32880]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-8-19 1432400]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-5-1 56344]
R3 HP8207_8307;HP-HP8207_8307;C:\Windows\System32\drivers\HP8207_8307.sys [2010-2-4 15360]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-26 151936]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-7-28 10610400]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-8-19 1360960]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-8-19 1096968]
S3 BTMCOM;Bluetooth Serial Port;C:\Windows\System32\drivers\btmcom.sys [2010-8-19 52736]
S3 BTMUSB;Motorola Bluetooth Radio Service;C:\Windows\System32\drivers\btmusb.sys [2010-8-19 3232768]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-15 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-8-19 232992]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-15 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-15 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADLTScriptFile=C:\Windows\System32\notepad.exe "%1"
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-01-26 19:16:04 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-26 19:16:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-26 18:34:36 -------- d-----w- C:\Program Files\HitmanPro
2013-01-26 18:30:14 -------- d-----w- C:\Users\Admin\AppData\Local\Updater21804
2013-01-26 18:30:13 -------- d-----w- C:\Users\Admin\AppData\Local\Coupon Companion Plugin
2013-01-26 18:30:11 -------- d-----w- C:\Program Files (x86)\Coupon Companion Plugin
2013-01-25 23:49:00 -------- d-----w- C:\Users\Admin\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-01-25 23:30:39 16200 ----a-w- C:\Windows\stinger.sys
2013-01-25 23:30:26 -------- d-----w- C:\Program Files (x86)\stinger
2013-01-25 21:32:36 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{909D69B7-4507-4706-A7C5-FA456033DDAA}\mpengine.dll
2013-01-25 21:29:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-01-25 21:21:56 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-25 19:51:48 -------- d-----w- C:\Program Files (x86)\PC Tools
2013-01-25 19:49:29 -------- d-----w- C:\ProgramData\PC Tools
2013-01-25 19:49:27 -------- d-----w- C:\Users\Admin\AppData\Roaming\TestApp
2013-01-25 17:15:02 -------- d-----w- C:\Users\Admin\AppData\Roaming\Malwarebytes
2013-01-25 17:14:49 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-25 17:14:37 -------- d-----w- C:\Users\Admin\AppData\Local\Programs
2013-01-25 16:01:43 -------- d-----w- C:\ProgramData\HitmanPro
2013-01-25 15:16:59 -------- d-----w- C:\Program Files\Enigma Software Group
2013-01-25 15:16:42 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-01-25 15:06:19 -------- d-----w- C:\Users\Admin\AppData\Roaming\Anvisoft
2013-01-25 15:06:08 -------- d-----w- C:\ProgramData\Anvisoft
2013-01-25 15:06:01 -------- d-----w- C:\Program Files (x86)\Anvisoft
2013-01-25 14:36:01 -------- d-----w- C:\Users\Admin\AppData\Roaming\BitTorrent
2013-01-09 19:30:41 3149824 ----a-w- C:\Windows\System32\win32k.sys
2013-01-09 19:30:39 68608 ----a-w- C:\Windows\System32\taskhost.exe
.
==================== Find3M ====================
.
2013-01-08 20:20:01 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-08 20:20:01 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
.
============= FINISH: 22:35:59.61 ===============

BC AdBot (Login to Remove)

 


#2 Jack&Jill

Jack&Jill

  • Malware Response Team
  • 385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South East Asia
  • Local time:05:56 PM

Posted 31 January 2013 - 12:06 AM

Hello and welcome to Bleeping Computer.

I am currently assessing your situation and will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this, click Watch Topic near the top of the page, then select Immediate Notification. Click on Proceed. If it shows Stop watching topic, it means you are already subscribed.

Please be patient with me during this time.

Meanwhile, please make a reply to this topic to acknowledge that you have read this and is still with me to tackle the problem until the end. If I do not get any response within 5 days, this topic will be closed. If you have since resolved the original problem you were having, we would appreciate you letting us know.

Jack&Jill
MRU Teacher of Malware Removal University.
Member of ASAP and UNITE.


#3 helpmeplease71

helpmeplease71
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 04 February 2013 - 02:33 PM

Yes, still with you. Thanks.

laptop is now developing other faults such as not printing!

#4 Jack&Jill

Jack&Jill

  • Malware Response Team
  • 385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South East Asia
  • Local time:05:56 PM

Posted 05 February 2013 - 12:43 AM

Hello helpmeplease71 :),

Welcome to Bleeping Computer. I am Jack&Jill, and I will be helping you out.

Before we go further, there are a few things that I would like to make clear so that we are share the same understanding.
  • Please observe and follow these Forum Rules and User Agreement terms.
  • Any advice is for your computer only and is taken at your own risk. Fixes sometimes will cause unexpected results, but I will do my best to assist you.
  • Please read the instructions carefully and follow them closely, in the order they are presented to you.
  • If you have any doubts or problems during the fix, please stop and ask.
  • All the tools that I will ask you to download and use are safe. Please allow if prompted by any of your security softwares.
  • Do not use or run any malware cleaning tools without supervision as they may cause more harm if improperly used.
  • Refrain from installing any new programs except those that I request during the fix to prevent interference to my diagnosis of the problem.
  • Lack of malware symptoms does not mean your computer is clean. Stick to this topic until I give the All Clear.
  • If you do not reply within 5 days, this topic will be closed.
If you are agreeable to the above, then everything should go smoothly :) . We may begin.

--------------------

Which internet service provider are you using?

Please run DDS again and post back the contents of both logs that opened. Please describe the condition of the files that are locked. File names, ransom message, etc.

--------------------

P2P software
  • IMPORTANT: I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    BitTorrent
  • Please read How did I get infected? where we explain why it's not a good idea to have them.
  • Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

--------------------

Check for additional security risks
  • Please download CKScanner© by askey127 and save to your desktop. Click here.
  • Double click on CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File. You will be prompted, click OK.
  • Post the contents of ckfiles.txt in your reply, it is located on your desktop.
  • Please run the program only once.

--------------------

Please post back:
1. name of ISP
2. fresh DDS logs
3. description of locked files
4. CKScanner result

Jack&Jill
MRU Teacher of Malware Removal University.
Member of ASAP and UNITE.


#5 helpmeplease71

helpmeplease71
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 05 February 2013 - 06:08 PM

ISP - virginmedia

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.5.1
Run by Admin at 23:04:52 on 2013-02-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2934.1453 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Motorola\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_5_502_146_ActiveX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearch Bar = Preserve
uURLSearchHooks: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - <orphaned>
mWinlogon: Userinit = C:\Windows\System32\userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: FoxyProxy - C:\ProgramData\fpie\FoxyProxyAdd-on.dll/IDR_HTML1
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{150034AE-2EC8-4F41-9E43-5DA2F9D717E1} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23}\244564F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23}\244575966496 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23}\244575966496D277964786D264F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23}\6796277696E6D65646961613630303532333 : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{98DDAEC0-5959-4938-8D6E-D7C38D6C7E23}\779613330366966363 : DHCPNameServer = 217.117.209.1 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
x64-DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
x64-DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-8-19 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-8-19 203264]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-8-19 677128]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-19 2533400]
R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-8-19 4181256]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-6-25 32880]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-8-19 1432400]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-5-1 56344]
R3 HP8207_8307;HP-HP8207_8307;C:\Windows\System32\drivers\HP8207_8307.sys [2010-2-4 15360]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-26 151936]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-7-28 10610400]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-8-19 1360960]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-8-19 1096968]
S3 BTMCOM;Bluetooth Serial Port;C:\Windows\System32\drivers\btmcom.sys [2010-8-19 52736]
S3 BTMUSB;Motorola Bluetooth Radio Service;C:\Windows\System32\drivers\btmusb.sys [2010-8-19 3232768]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-15 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-8-19 232992]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-15 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-15 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADLTScriptFile=C:\Windows\System32\notepad.exe "%1"
FileExt: .js: JSFile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
.
=============== Created Last 30 ================
.
2013-02-05 19:27:06 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6D2A5829-773B-4DF6-A313-2A14E9E1DB73}\mpengine.dll
2013-02-04 18:59:48 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-02-03 20:31:27 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-26 18:34:36 -------- d-----w- C:\Program Files\HitmanPro
2013-01-26 18:30:14 -------- d-----w- C:\Users\Admin\AppData\Local\Updater21804
2013-01-26 18:30:13 -------- d-----w- C:\Users\Admin\AppData\Local\Coupon Companion Plugin
2013-01-26 18:30:11 -------- d-----w- C:\Program Files (x86)\Coupon Companion Plugin
2013-01-25 23:49:00 -------- d-----w- C:\Users\Admin\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-01-25 23:30:39 16200 ----a-w- C:\Windows\stinger.sys
2013-01-25 23:30:26 -------- d-----w- C:\Program Files (x86)\stinger
2013-01-25 21:29:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-01-25 19:51:48 -------- d-----w- C:\Program Files (x86)\PC Tools
2013-01-25 19:49:29 -------- d-----w- C:\ProgramData\PC Tools
2013-01-25 19:49:27 -------- d-----w- C:\Users\Admin\AppData\Roaming\TestApp
2013-01-25 17:15:02 -------- d-----w- C:\Users\Admin\AppData\Roaming\Malwarebytes
2013-01-25 17:14:49 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-25 17:14:37 -------- d-----w- C:\Users\Admin\AppData\Local\Programs
2013-01-25 16:01:43 -------- d-----w- C:\ProgramData\HitmanPro
2013-01-25 15:16:59 -------- d-----w- C:\Program Files\Enigma Software Group
2013-01-25 15:16:42 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-01-25 15:06:19 -------- d-----w- C:\Users\Admin\AppData\Roaming\Anvisoft
2013-01-25 15:06:08 -------- d-----w- C:\ProgramData\Anvisoft
2013-01-25 15:06:01 -------- d-----w- C:\Program Files (x86)\Anvisoft
2013-01-25 14:36:01 -------- d-----w- C:\Users\Admin\AppData\Roaming\BitTorrent
2013-01-09 19:30:41 3149824 ----a-w- C:\Windows\System32\win32k.sys
2013-01-09 19:30:39 68608 ----a-w- C:\Windows\System32\taskhost.exe
.
==================== Find3M ====================
.
2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-08 20:20:01 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-08 20:20:01 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 23:05:22.60 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 06/11/2010 10:41:58
System Uptime: 05/02/2013 19:15:38 (4 hours ago)
.
Motherboard: Hewlett-Packard | | 144A
Processor: Intel® Core™ i3 CPU M 350 @ 2.27GHz | CPU | 2266/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 279 GiB total, 223.481 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 2.765 GiB free.
E: is CDROM ()
G: is FIXED (FAT32) - 0 GiB total, 0.082 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP249: 29/01/2013 22:07:57 - Windows Update
RP250: 02/02/2013 16:21:14 - Windows Update
RP251: 04/02/2013 18:19:52 - Removed Adobe Acrobat X Pro - English, Français, Deutsch.
RP252: 04/02/2013 18:21:38 - Removed Adobe Acrobat X Pro - English, Français, Deutsch.
RP253: 04/02/2013 18:28:16 - Removed Adobe Reader X (10.1.5).
RP254: 04/02/2013 18:32:39 - Removed Acrobat.com
RP255: 04/02/2013 18:33:14 - Removed Adobe Community Help
RP256: 04/02/2013 18:42:43 - Removed Adobe Widget Browser
RP257: 04/02/2013 18:42:55 - Removed Adobe Content Viewer
RP258: 04/02/2013 18:51:43 - Removed HP Support Assistant.
RP259: 04/02/2013 18:54:38 - Windows Modules Installer
RP260: 04/02/2013 18:55:15 - Windows Modules Installer
RP261: 04/02/2013 19:00:02 - Installed HP Support Assistant
RP262: 04/02/2013 19:03:04 - Windows Modules Installer
RP263: 04/02/2013 19:03:42 - Windows Modules Installer
RP264: 05/02/2013 19:26:47 - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01)
Adobe Shockwave Player 11.5
ATI Catalyst Install Manager
AutoCAD LT 2013 - English
AutoCAD LT 2013 Language Pack - English
Autodesk Content Service
Autodesk Content Service Language Pack
Autodesk Material Library 2013
Autodesk Material Library Base Resolution Image Library 2013
Autodesk Sync
BitTorrent
BlackBerry Desktop Software 7.1
BlackBerry Device Software Updater
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Coupon Companion Plugin
CyberLink DVD Suite
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Setup
DVD Menu Pack for HP MediaSmart Video
Energy Star Digital Logo
Epson Easy Photo Print 2
Epson Event Manager
Epson Print CD
Epson Printer Software Downloader
EPSON PX710W Series Printer Uninstall
EPSON Scan
Epson Stylus Photo PX710W_PX810FW_TX710W_TX810FW Manual
EpsonNet Setup
ESU for Microsoft Windows 7
Hewlett-Packard ACLM.NET v1.2.1.1
HitmanPro 3.7
HP 3D DriveGuard
HP Advisor
HP Customer Experience Enhancements
HP Documentation
HP MediaSmart DVD
HP MediaSmart Movies and TV
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart SmartMenu
HP MediaSmart Video
HP MediaSmart Webcam
HP Photo Creations
HP Power Manager
HP Product Detection
HP Quick Launch
HP Setup
HP Software Framework
HP Support Assistant
HP Wireless Assistant
IDT Audio
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Driver
Java 7 Update 7 (64-bit)
Java Auto Updater
Java™ 6 Update 20 (64-bit)
Java™ 6 Update 31
Java™ 7 Update 5
JavaFX 2.1.1
LabelPrint
LightScribe System Software
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Project MUI (English) 2010
Microsoft Office Project Professional 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Visio 2010
Microsoft Office Visio MUI (English) 2010
Microsoft Office Word MUI (English) 2007
Microsoft Project 2010 Service Pack 1 (SP1)
Microsoft Project Professional 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Compact 3.5 SP1 x64 English
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Professional 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
Movie Theme Pack for HP MediaSmart Video
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PhotoNow!
Power2Go
PowerDirector
PX Profile Update
Ralink Motorola BC4 Bluetooth 3.0+HS Adapter
Ralink RT3090 802.11b/g/n WiFi Adapter
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Recovery Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Skype Click to Call
Skype™ 6.0
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
VLC media player 2.0.4
.
==== Event Viewer Messages From Past Week ========
.
05/02/2013 19:17:10, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
05/02/2013 19:16:17, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
05/02/2013 19:16:17, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
03/02/2013 20:21:48, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
03/02/2013 20:21:48, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
03/02/2013 20:21:48, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
03/02/2013 20:21:37, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
03/02/2013 01:25:32, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress.
.
==== End Of File ===========================

I right clicked on locked files and did recovery on them. Everything appears ok apart from not being able to print anything. Tried all troubleshooting without success!

CKScanner 2.1 - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.MVNACF
----- EOF -----

#6 Jack&Jill

Jack&Jill

  • Malware Response Team
  • 385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South East Asia
  • Local time:05:56 PM

Posted 05 February 2013 - 07:40 PM

Hello helpmeplease71 :),

Clearing / checking with Rkill
  • Please download Rkill© by Grinler from one of the links below and save it to your desktop.
    Link 1
    Link 2
    Link 3

  • Allow the download if prompted by your security software.
  • Double click on Rkill file to run it.
  • A command window will open, then disappear upon completion. If this does not happen, delete the file and download from the next link to try again until the tool runs.
  • Do not reboot your computer until asked to do so. If no version of Rkill would run, please let me know.
  • When finished, you will be prompted. Click OK and a log called Rkill.txt will open. It is saved on the desktop.
  • Please copy and paste the contents of that log in your next reply.

--------------------

Please download TDSSKiller© from Kaspersky and save it to your desktop. Click here.
  • Alternatively, you may get the zip version and extract the file to the desktop.
  • Double click on TDSSKiller.exe to execute it.
  • Press Start scan to begin.
  • If anything is found, please change all the actions to Skip only. <-- Important, please select Skip only, DO NOT proceed other actions.
  • Then click on Continue at the lower right corner.
  • You may be prompted to reboot your computer, please consent.
  • Once complete, a log will be produced at C:\. It will be named TDSSKiller.Version_Date_Time_log.txt, for example, C:\TDSSKiller.2.4.12.0_26.12.2010_23.12.11_log.txt.
  • Please post the contents of this log.

--------------------

Do an online scan with ESET Online Scanner.
Please be patient as scanning will take quite some time. If you have problem running the scan, you might want to disable any real time protection that you have.
  • Click here to go to ESET Online Scanner page.
  • Click on Run ESET Online Scanner. A new window will open.
    For FireFox user, you will need to download and install esetsmartinstaller_enu.exe. Click on it and save the file to a convenient location. Double click on it to install and a new window will open.
  • After reading through the Terms of Use, check YES, I accept the Terms of Use and click Start to begin scan.
  • You will be prompted to install an ActiveX Control from ESET. Please install.
  • At the Computer scan settings section, uncheck (untick) Remove found threats. <-- Important, do not remove anything yet.
  • Then, check Scan archives.
  • Now, click on Advanced settings and make sure all these are checked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click on Scan to proceed.
  • When done, the scan result will be shown. Look for C:\Program Files\ESET\ESET Online Scanner\log.txt and open the file.
  • Post the contents in your reply.

If the contents of log.txt do not reflect what is shown in the result window, click on List of found threats, then Export to text file..., save a file and post that instead.

--------------------

Please post back:
1. Rkill log
2. TDSSKiller report
3. ESET online scan log

Jack&Jill
MRU Teacher of Malware Removal University.
Member of ASAP and UNITE.


#7 helpmeplease71

helpmeplease71
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 06 February 2013 - 05:33 PM

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/06/2013 08:38:44 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ezSharedSvcHost.exe (PID: 2528) [SFI]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 02/06/2013 08:39:03 PM
Execution time: 0 hours(s), 0 minute(s), and 18 seconds(s)



20:39:47.0079 3428 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:39:47.0266 3428 ============================================================
20:39:47.0266 3428 Current date / time: 2013/02/06 20:39:47.0266
20:39:47.0266 3428 SystemInfo:
20:39:47.0266 3428
20:39:47.0266 3428 OS Version: 6.1.7601 ServicePack: 1.0
20:39:47.0266 3428 Product type: Workstation
20:39:47.0266 3428 ComputerName: HP-PAVILION-DV6
20:39:47.0266 3428 UserName: Admin
20:39:47.0266 3428 Windows directory: C:\Windows
20:39:47.0266 3428 System windows directory: C:\Windows
20:39:47.0266 3428 Running under WOW64
20:39:47.0266 3428 Processor architecture: Intel x64
20:39:47.0266 3428 Number of processors: 4
20:39:47.0266 3428 Page size: 0x1000
20:39:47.0266 3428 Boot type: Normal boot
20:39:47.0266 3428 ============================================================
20:39:48.0296 3428 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:39:48.0296 3428 ============================================================
20:39:48.0296 3428 \Device\Harddisk0\DR0:
20:39:48.0296 3428 MBR partitions:
20:39:48.0296 3428 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:39:48.0296 3428 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22D7C800
20:39:48.0296 3428 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22DE0800, BlocksNum 0x261A000
20:39:48.0296 3428 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
20:39:48.0296 3428 ============================================================
20:39:48.0311 3428 C: <-> \Device\Harddisk0\DR0\Partition2
20:39:48.0405 3428 D: <-> \Device\Harddisk0\DR0\Partition3
20:39:48.0420 3428 G: <-> \Device\Harddisk0\DR0\Partition4
20:39:48.0420 3428 ============================================================
20:39:48.0420 3428 Initialize success
20:39:48.0420 3428 ============================================================
20:39:50.0823 1340 ============================================================
20:39:50.0823 1340 Scan started
20:39:50.0823 1340 Mode: Manual;
20:39:50.0823 1340 ============================================================
20:39:50.0948 1340 ================ Scan system memory ========================
20:39:50.0948 1340 System memory - ok
20:39:50.0948 1340 ================ Scan services =============================
20:39:51.0104 1340 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:39:51.0104 1340 1394ohci - ok
20:39:51.0150 1340 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
20:39:51.0150 1340 Accelerometer - ok
20:39:51.0166 1340 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:39:51.0166 1340 ACPI - ok
20:39:51.0197 1340 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:39:51.0197 1340 AcpiPmi - ok
20:39:51.0322 1340 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:39:51.0322 1340 AdobeARMservice - ok
20:39:51.0478 1340 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:39:51.0478 1340 AdobeFlashPlayerUpdateSvc - ok
20:39:51.0540 1340 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:39:51.0540 1340 adp94xx - ok
20:39:51.0572 1340 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:39:51.0572 1340 adpahci - ok
20:39:51.0634 1340 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:39:51.0634 1340 adpu320 - ok
20:39:51.0681 1340 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:39:51.0681 1340 AeLookupSvc - ok
20:39:51.0759 1340 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
20:39:51.0759 1340 AESTFilters - ok
20:39:51.0790 1340 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:39:51.0806 1340 AFD - ok
20:39:51.0837 1340 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:39:51.0837 1340 agp440 - ok
20:39:51.0868 1340 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:39:51.0868 1340 ALG - ok
20:39:51.0915 1340 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:39:51.0915 1340 aliide - ok
20:39:51.0962 1340 [ 48619A29F9C9C3CFEB66718DD03D8057 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:39:51.0962 1340 AMD External Events Utility - ok
20:39:51.0993 1340 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:39:51.0993 1340 amdide - ok
20:39:52.0024 1340 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:39:52.0024 1340 AmdK8 - ok
20:39:52.0196 1340 [ 06BF0785DE714637EBA9BB1084B28626 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:39:52.0274 1340 amdkmdag - ok
20:39:52.0320 1340 [ 2DEC3274589FF6889AB05ADCEEB0F642 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:39:52.0336 1340 amdkmdap - ok
20:39:52.0352 1340 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:39:52.0352 1340 AmdPPM - ok
20:39:52.0398 1340 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:39:52.0398 1340 amdsata - ok
20:39:52.0414 1340 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:39:52.0414 1340 amdsbs - ok
20:39:52.0445 1340 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:39:52.0445 1340 amdxata - ok
20:39:52.0492 1340 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:39:52.0492 1340 AppID - ok
20:39:52.0523 1340 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:39:52.0523 1340 AppIDSvc - ok
20:39:52.0570 1340 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:39:52.0570 1340 Appinfo - ok
20:39:52.0586 1340 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:39:52.0586 1340 arc - ok
20:39:52.0617 1340 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:39:52.0617 1340 arcsas - ok
20:39:52.0710 1340 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:39:52.0710 1340 aspnet_state - ok
20:39:52.0742 1340 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:39:52.0742 1340 AsyncMac - ok
20:39:52.0788 1340 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:39:52.0788 1340 atapi - ok
20:39:52.0835 1340 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
20:39:52.0835 1340 AtiHdmiService - ok
20:39:52.0882 1340 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:39:52.0898 1340 AudioEndpointBuilder - ok
20:39:52.0913 1340 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:39:52.0913 1340 AudioSrv - ok
20:39:52.0991 1340 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
20:39:53.0038 1340 Autodesk Content Service - ok
20:39:53.0085 1340 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:39:53.0085 1340 AxInstSV - ok
20:39:53.0132 1340 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:39:53.0147 1340 b06bdrv - ok
20:39:53.0178 1340 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:39:53.0178 1340 b57nd60a - ok
20:39:53.0225 1340 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:39:53.0225 1340 BDESVC - ok
20:39:53.0241 1340 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:39:53.0241 1340 Beep - ok
20:39:53.0288 1340 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:39:53.0303 1340 BFE - ok
20:39:53.0350 1340 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:39:53.0350 1340 BITS - ok
20:39:53.0381 1340 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:39:53.0381 1340 blbdrive - ok
20:39:53.0490 1340 [ 2BBD2AB07D779278114BA6A694972F1A ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
20:39:53.0537 1340 Bluetooth Device Manager - ok
20:39:53.0568 1340 [ 87D6A02028E47CA696C4294C658E3EE6 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
20:39:53.0568 1340 Bluetooth Media Service - ok
20:39:53.0600 1340 [ 9AF4B2CF2F98CF6157CDFD917AE5785B ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
20:39:53.0615 1340 Bluetooth OBEX Service - ok
20:39:53.0646 1340 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:39:53.0662 1340 bowser - ok
20:39:53.0678 1340 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:39:53.0693 1340 BrFiltLo - ok
20:39:53.0709 1340 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:39:53.0709 1340 BrFiltUp - ok
20:39:53.0740 1340 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:39:53.0756 1340 Browser - ok
20:39:53.0771 1340 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:39:53.0787 1340 Brserid - ok
20:39:53.0802 1340 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:39:53.0802 1340 BrSerWdm - ok
20:39:53.0818 1340 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:39:53.0818 1340 BrUsbMdm - ok
20:39:53.0818 1340 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:39:53.0818 1340 BrUsbSer - ok
20:39:53.0865 1340 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:39:53.0865 1340 BthEnum - ok
20:39:53.0880 1340 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:39:53.0880 1340 BTHMODEM - ok
20:39:53.0927 1340 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:39:53.0927 1340 BthPan - ok
20:39:53.0958 1340 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:39:53.0974 1340 BTHPORT - ok
20:39:54.0005 1340 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:39:54.0005 1340 bthserv - ok
20:39:54.0021 1340 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:39:54.0021 1340 BTHUSB - ok
20:39:54.0052 1340 [ E588420B950DAC5AC397F76660BCE520 ] BTMCOM C:\Windows\system32\Drivers\btmcom.sys
20:39:54.0052 1340 BTMCOM - ok
20:39:54.0114 1340 [ 4EEF6B894E05FC245640DCEE9190A053 ] BTMUSB C:\Windows\system32\Drivers\btmusb.sys
20:39:54.0161 1340 BTMUSB - ok
20:39:54.0192 1340 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:39:54.0192 1340 cdfs - ok
20:39:54.0239 1340 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:39:54.0239 1340 cdrom - ok
20:39:54.0286 1340 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:39:54.0286 1340 CertPropSvc - ok
20:39:54.0302 1340 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:39:54.0302 1340 circlass - ok
20:39:54.0333 1340 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:39:54.0333 1340 CLFS - ok
20:39:54.0395 1340 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:39:54.0395 1340 clr_optimization_v2.0.50727_32 - ok
20:39:54.0426 1340 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:39:54.0426 1340 clr_optimization_v2.0.50727_64 - ok
20:39:54.0489 1340 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:39:54.0489 1340 clr_optimization_v4.0.30319_32 - ok
20:39:54.0504 1340 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:39:54.0520 1340 clr_optimization_v4.0.30319_64 - ok
20:39:54.0551 1340 [ 9573E8C7C3B3D1625FD941841FD0859C ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
20:39:54.0567 1340 clwvd - ok
20:39:54.0582 1340 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:39:54.0582 1340 CmBatt - ok
20:39:54.0614 1340 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:39:54.0614 1340 cmdide - ok
20:39:54.0676 1340 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
20:39:54.0676 1340 CNG - ok
20:39:54.0692 1340 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:39:54.0692 1340 Compbatt - ok
20:39:54.0738 1340 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:39:54.0738 1340 CompositeBus - ok
20:39:54.0754 1340 COMSysApp - ok
20:39:54.0770 1340 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:39:54.0770 1340 crcdisk - ok
20:39:54.0801 1340 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:39:54.0801 1340 CryptSvc - ok
20:39:54.0848 1340 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:39:54.0863 1340 DcomLaunch - ok
20:39:54.0894 1340 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:39:54.0894 1340 defragsvc - ok
20:39:54.0926 1340 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:39:54.0926 1340 DfsC - ok
20:39:54.0957 1340 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:39:54.0957 1340 Dhcp - ok
20:39:54.0988 1340 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:39:54.0988 1340 discache - ok
20:39:55.0035 1340 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:39:55.0035 1340 Disk - ok
20:39:55.0066 1340 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:39:55.0066 1340 Dnscache - ok
20:39:55.0113 1340 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:39:55.0113 1340 dot3svc - ok
20:39:55.0128 1340 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:39:55.0128 1340 DPS - ok
20:39:55.0160 1340 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:39:55.0160 1340 drmkaud - ok
20:39:55.0206 1340 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:39:55.0222 1340 DXGKrnl - ok
20:39:55.0253 1340 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:39:55.0253 1340 EapHost - ok
20:39:55.0347 1340 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:39:55.0378 1340 ebdrv - ok
20:39:55.0409 1340 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:39:55.0409 1340 EFS - ok
20:39:55.0472 1340 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:39:55.0487 1340 ehRecvr - ok
20:39:55.0534 1340 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:39:55.0534 1340 ehSched - ok
20:39:55.0565 1340 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:39:55.0581 1340 elxstor - ok
20:39:55.0643 1340 [ B5581646636759D0DAFA8B008881C079 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
20:39:55.0643 1340 EPSON_EB_RPCV4_01 - ok
20:39:55.0659 1340 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
20:39:55.0659 1340 EPSON_PM_RPCV4_01 - ok
20:39:55.0674 1340 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:39:55.0674 1340 ErrDev - ok
20:39:55.0721 1340 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:39:55.0721 1340 EventSystem - ok
20:39:55.0752 1340 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:39:55.0752 1340 exfat - ok
20:39:55.0768 1340 ezSharedSvc - ok
20:39:55.0784 1340 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:39:55.0784 1340 fastfat - ok
20:39:55.0830 1340 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:39:55.0846 1340 Fax - ok
20:39:55.0862 1340 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:39:55.0862 1340 fdc - ok
20:39:55.0893 1340 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:39:55.0893 1340 fdPHost - ok
20:39:55.0908 1340 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:39:55.0908 1340 FDResPub - ok
20:39:55.0924 1340 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:39:55.0924 1340 FileInfo - ok
20:39:55.0940 1340 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:39:55.0940 1340 Filetrace - ok
20:39:56.0018 1340 [ 3D9B36631032FDE0FFEA0DC0260E4E35 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:39:56.0127 1340 FLEXnet Licensing Service - ok
20:39:56.0205 1340 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
20:39:56.0330 1340 FLEXnet Licensing Service 64 - ok
20:39:56.0376 1340 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:39:56.0376 1340 flpydisk - ok
20:39:56.0408 1340 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:39:56.0408 1340 FltMgr - ok
20:39:56.0454 1340 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:39:56.0470 1340 FontCache - ok
20:39:56.0532 1340 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:39:56.0532 1340 FontCache3.0.0.0 - ok
20:39:56.0564 1340 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:39:56.0564 1340 FsDepends - ok
20:39:56.0610 1340 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:39:56.0610 1340 Fs_Rec - ok
20:39:56.0657 1340 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:39:56.0657 1340 fvevol - ok
20:39:56.0688 1340 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:39:56.0704 1340 gagp30kx - ok
20:39:56.0751 1340 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:39:56.0766 1340 gpsvc - ok
20:39:56.0798 1340 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:39:56.0798 1340 hcw85cir - ok
20:39:56.0844 1340 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:39:56.0860 1340 HdAudAddService - ok
20:39:56.0876 1340 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:39:56.0876 1340 HDAudBus - ok
20:39:56.0907 1340 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:39:56.0907 1340 HECIx64 - ok
20:39:56.0938 1340 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:39:56.0938 1340 HidBatt - ok
20:39:56.0969 1340 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:39:56.0969 1340 HidBth - ok
20:39:57.0000 1340 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:39:57.0000 1340 HidIr - ok
20:39:57.0032 1340 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:39:57.0032 1340 hidserv - ok
20:39:57.0078 1340 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:39:57.0078 1340 HidUsb - ok
20:39:57.0110 1340 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:39:57.0125 1340 hkmsvc - ok
20:39:57.0156 1340 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:39:57.0172 1340 HomeGroupListener - ok
20:39:57.0203 1340 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:39:57.0203 1340 HomeGroupProvider - ok
20:39:57.0312 1340 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:39:57.0344 1340 HP Support Assistant Service - ok
20:39:57.0375 1340 [ 3A09322A8AA8B0C79036686A0EBE7B4C ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
20:39:57.0375 1340 HP Wireless Assistant Service - ok
20:39:57.0406 1340 [ 3015B37029AD15C67EBCA5053C422F90 ] HP8207_8307 C:\Windows\system32\DRIVERS\HP8207_8307.sys
20:39:57.0406 1340 HP8207_8307 - ok
20:39:57.0437 1340 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
20:39:57.0437 1340 hpdskflt - ok
20:39:57.0500 1340 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:39:57.0515 1340 hpqwmiex - ok
20:39:57.0562 1340 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:39:57.0562 1340 HpSAMD - ok
20:39:57.0578 1340 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
20:39:57.0593 1340 hpsrv - ok
20:39:57.0656 1340 [ 171000873EB522E5EA3DD4C4E0B689B2 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:39:57.0656 1340 HPWMISVC - ok
20:39:57.0702 1340 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:39:57.0702 1340 HTTP - ok
20:39:57.0749 1340 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:39:57.0749 1340 hwpolicy - ok
20:39:57.0780 1340 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:39:57.0780 1340 i8042prt - ok
20:39:57.0827 1340 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:39:57.0827 1340 iaStor - ok
20:39:57.0843 1340 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:39:57.0858 1340 iaStorV - ok
20:39:57.0890 1340 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:39:57.0905 1340 idsvc - ok
20:39:58.0108 1340 [ 1BE8D9CA4F2363B8E8015621878E0043 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:39:58.0311 1340 igfx - ok
20:39:58.0358 1340 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:39:58.0358 1340 iirsp - ok
20:39:58.0389 1340 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:39:58.0404 1340 IKEEXT - ok
20:39:58.0436 1340 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
20:39:58.0436 1340 Impcd - ok
20:39:58.0451 1340 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:39:58.0451 1340 intelide - ok
20:39:58.0685 1340 [ 1BE8D9CA4F2363B8E8015621878E0043 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
20:39:58.0857 1340 intelkmd - ok
20:39:58.0888 1340 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:39:58.0888 1340 intelppm - ok
20:39:58.0935 1340 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:39:58.0935 1340 IPBusEnum - ok
20:39:58.0982 1340 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:39:58.0982 1340 IpFilterDriver - ok
20:39:59.0013 1340 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:39:59.0028 1340 iphlpsvc - ok
20:39:59.0060 1340 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:39:59.0060 1340 IPMIDRV - ok
20:39:59.0091 1340 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:39:59.0091 1340 IPNAT - ok
20:39:59.0122 1340 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:39:59.0122 1340 IRENUM - ok
20:39:59.0153 1340 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:39:59.0153 1340 isapnp - ok
20:39:59.0184 1340 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:39:59.0184 1340 iScsiPrt - ok
20:39:59.0200 1340 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:39:59.0200 1340 kbdclass - ok
20:39:59.0231 1340 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:39:59.0231 1340 kbdhid - ok
20:39:59.0247 1340 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:39:59.0262 1340 KeyIso - ok
20:39:59.0278 1340 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:39:59.0278 1340 KSecDD - ok
20:39:59.0325 1340 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:39:59.0325 1340 KSecPkg - ok
20:39:59.0340 1340 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:39:59.0340 1340 ksthunk - ok
20:39:59.0372 1340 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:39:59.0372 1340 KtmRm - ok
20:39:59.0418 1340 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:39:59.0418 1340 LanmanServer - ok
20:39:59.0450 1340 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:39:59.0465 1340 LanmanWorkstation - ok
20:39:59.0512 1340 [ 07B1888209C54B675FFCCBDE9F06D2C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:39:59.0637 1340 LightScribeService - ok
20:39:59.0652 1340 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:39:59.0668 1340 lltdio - ok
20:39:59.0684 1340 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:39:59.0684 1340 lltdsvc - ok
20:39:59.0699 1340 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:39:59.0699 1340 lmhosts - ok
20:39:59.0793 1340 [ 6D515466AB8BFE61184092B635AE6EB4 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:39:59.0808 1340 LMS - ok
20:39:59.0824 1340 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:39:59.0840 1340 LSI_FC - ok
20:39:59.0855 1340 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:39:59.0855 1340 LSI_SAS - ok
20:39:59.0871 1340 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:39:59.0871 1340 LSI_SAS2 - ok
20:39:59.0886 1340 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:39:59.0886 1340 LSI_SCSI - ok
20:39:59.0902 1340 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:39:59.0902 1340 luafv - ok
20:39:59.0949 1340 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:39:59.0949 1340 Mcx2Svc - ok
20:39:59.0964 1340 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:39:59.0964 1340 megasas - ok
20:39:59.0996 1340 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:39:59.0996 1340 MegaSR - ok
20:40:00.0011 1340 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:40:00.0011 1340 MMCSS - ok
20:40:00.0027 1340 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:40:00.0027 1340 Modem - ok
20:40:00.0058 1340 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:40:00.0058 1340 monitor - ok
20:40:00.0074 1340 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:40:00.0074 1340 mouclass - ok
20:40:00.0120 1340 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:40:00.0120 1340 mouhid - ok
20:40:00.0167 1340 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:40:00.0167 1340 mountmgr - ok
20:40:00.0214 1340 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:40:00.0214 1340 MpFilter - ok
20:40:00.0230 1340 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:40:00.0230 1340 mpio - ok
20:40:00.0261 1340 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:40:00.0261 1340 mpsdrv - ok
20:40:00.0292 1340 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:40:00.0308 1340 MpsSvc - ok
20:40:00.0354 1340 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:40:00.0354 1340 MRxDAV - ok
20:40:00.0370 1340 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:40:00.0370 1340 mrxsmb - ok
20:40:00.0401 1340 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:40:00.0417 1340 mrxsmb10 - ok
20:40:00.0432 1340 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:40:00.0432 1340 mrxsmb20 - ok
20:40:00.0464 1340 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:40:00.0464 1340 msahci - ok
20:40:00.0495 1340 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:40:00.0495 1340 msdsm - ok
20:40:00.0526 1340 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:40:00.0526 1340 MSDTC - ok
20:40:00.0557 1340 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:40:00.0557 1340 Msfs - ok
20:40:00.0588 1340 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:40:00.0588 1340 mshidkmdf - ok
20:40:00.0604 1340 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:40:00.0604 1340 msisadrv - ok
20:40:00.0620 1340 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:40:00.0635 1340 MSiSCSI - ok
20:40:00.0635 1340 msiserver - ok
20:40:00.0651 1340 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:40:00.0666 1340 MSKSSRV - ok
20:40:00.0729 1340 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:40:00.0729 1340 MsMpSvc - ok
20:40:00.0744 1340 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:40:00.0744 1340 MSPCLOCK - ok
20:40:00.0776 1340 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:40:00.0776 1340 MSPQM - ok
20:40:00.0807 1340 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:40:00.0822 1340 MsRPC - ok
20:40:00.0854 1340 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:40:00.0854 1340 mssmbios - ok
20:40:00.0869 1340 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:40:00.0885 1340 MSTEE - ok
20:40:00.0885 1340 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:40:00.0900 1340 MTConfig - ok
20:40:00.0916 1340 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:40:00.0916 1340 Mup - ok
20:40:00.0932 1340 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:40:00.0947 1340 napagent - ok
20:40:00.0978 1340 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:40:00.0978 1340 NativeWifiP - ok
20:40:01.0041 1340 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:40:01.0041 1340 NDIS - ok
20:40:01.0056 1340 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:40:01.0056 1340 NdisCap - ok
20:40:01.0088 1340 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:40:01.0088 1340 NdisTapi - ok
20:40:01.0134 1340 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:40:01.0134 1340 Ndisuio - ok
20:40:01.0166 1340 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:40:01.0166 1340 NdisWan - ok
20:40:01.0212 1340 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:40:01.0212 1340 NDProxy - ok
20:40:01.0212 1340 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:40:01.0212 1340 NetBIOS - ok
20:40:01.0259 1340 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:40:01.0259 1340 NetBT - ok
20:40:01.0290 1340 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:40:01.0290 1340 Netlogon - ok
20:40:01.0337 1340 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:40:01.0337 1340 Netman - ok
20:40:01.0368 1340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:01.0368 1340 NetMsmqActivator - ok
20:40:01.0384 1340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:01.0384 1340 NetPipeActivator - ok
20:40:01.0400 1340 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:40:01.0400 1340 netprofm - ok
20:40:01.0462 1340 [ 8B5D2D7CB0EF5B1967860B8AB742A46C ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
20:40:01.0493 1340 netr28x - ok
20:40:01.0524 1340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:01.0524 1340 NetTcpActivator - ok
20:40:01.0524 1340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:01.0524 1340 NetTcpPortSharing - ok
20:40:01.0634 1340 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
20:40:01.0680 1340 netw5v64 - ok
20:40:01.0712 1340 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:40:01.0712 1340 nfrd960 - ok
20:40:01.0758 1340 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:40:01.0758 1340 NisDrv - ok
20:40:01.0790 1340 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
20:40:01.0790 1340 NisSrv - ok
20:40:01.0821 1340 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:40:01.0821 1340 NlaSvc - ok
20:40:01.0852 1340 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:40:01.0852 1340 Npfs - ok
20:40:01.0868 1340 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:40:01.0868 1340 nsi - ok
20:40:01.0883 1340 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:40:01.0883 1340 nsiproxy - ok
20:40:01.0946 1340 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:40:01.0961 1340 Ntfs - ok
20:40:01.0977 1340 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:40:01.0977 1340 Null - ok
20:40:02.0008 1340 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:40:02.0008 1340 nvraid - ok
20:40:02.0039 1340 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:40:02.0039 1340 nvstor - ok
20:40:02.0070 1340 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:40:02.0070 1340 nv_agp - ok
20:40:02.0148 1340 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:40:02.0164 1340 odserv - ok
20:40:02.0180 1340 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:40:02.0180 1340 ohci1394 - ok
20:40:02.0226 1340 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:40:02.0226 1340 ose - ok
20:40:02.0367 1340 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:40:02.0414 1340 osppsvc - ok
20:40:02.0460 1340 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:40:02.0460 1340 p2pimsvc - ok
20:40:02.0492 1340 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:40:02.0492 1340 p2psvc - ok
20:40:02.0523 1340 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:40:02.0523 1340 Parport - ok
20:40:02.0554 1340 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:40:02.0554 1340 partmgr - ok
20:40:02.0570 1340 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:40:02.0585 1340 PcaSvc - ok
20:40:02.0601 1340 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:40:02.0616 1340 pci - ok
20:40:02.0648 1340 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:40:02.0648 1340 pciide - ok
20:40:02.0679 1340 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:40:02.0679 1340 pcmcia - ok
20:40:02.0710 1340 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:40:02.0710 1340 pcw - ok
20:40:02.0726 1340 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:40:02.0741 1340 PEAUTH - ok
20:40:02.0819 1340 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:40:02.0835 1340 PerfHost - ok
20:40:02.0913 1340 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:40:02.0928 1340 pla - ok
20:40:02.0960 1340 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:40:02.0975 1340 PlugPlay - ok
20:40:02.0991 1340 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:40:03.0006 1340 PNRPAutoReg - ok
20:40:03.0038 1340 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:40:03.0038 1340 PNRPsvc - ok
20:40:03.0053 1340 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:40:03.0069 1340 PolicyAgent - ok
20:40:03.0100 1340 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:40:03.0100 1340 Power - ok
20:40:03.0147 1340 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:40:03.0147 1340 PptpMiniport - ok
20:40:03.0162 1340 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:40:03.0162 1340 Processor - ok
20:40:03.0209 1340 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:40:03.0209 1340 ProfSvc - ok
20:40:03.0225 1340 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:40:03.0225 1340 ProtectedStorage - ok
20:40:03.0272 1340 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:40:03.0272 1340 Psched - ok
20:40:03.0318 1340 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:40:03.0350 1340 ql2300 - ok
20:40:03.0365 1340 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:40:03.0381 1340 ql40xx - ok
20:40:03.0396 1340 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:40:03.0412 1340 QWAVE - ok
20:40:03.0412 1340 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:40:03.0412 1340 QWAVEdrv - ok
20:40:03.0428 1340 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:40:03.0428 1340 RasAcd - ok
20:40:03.0443 1340 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:40:03.0443 1340 RasAgileVpn - ok
20:40:03.0474 1340 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:40:03.0474 1340 RasAuto - ok
20:40:03.0506 1340 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:40:03.0506 1340 Rasl2tp - ok
20:40:03.0521 1340 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:40:03.0537 1340 RasMan - ok
20:40:03.0537 1340 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:40:03.0537 1340 RasPppoe - ok
20:40:03.0552 1340 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:40:03.0552 1340 RasSstp - ok
20:40:03.0568 1340 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:40:03.0584 1340 rdbss - ok
20:40:03.0599 1340 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:40:03.0599 1340 rdpbus - ok
20:40:03.0615 1340 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:40:03.0615 1340 RDPCDD - ok
20:40:03.0630 1340 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:40:03.0630 1340 RDPENCDD - ok
20:40:03.0646 1340 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:40:03.0646 1340 RDPREFMP - ok
20:40:03.0693 1340 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:40:03.0693 1340 RdpVideoMiniport - ok
20:40:03.0724 1340 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:40:03.0724 1340 RDPWD - ok
20:40:03.0786 1340 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:40:03.0786 1340 rdyboost - ok
20:40:03.0818 1340 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:40:03.0818 1340 RemoteAccess - ok
20:40:03.0849 1340 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:40:03.0849 1340 RemoteRegistry - ok
20:40:03.0896 1340 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:40:03.0896 1340 RFCOMM - ok
20:40:03.0927 1340 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
20:40:03.0942 1340 RimUsb - ok
20:40:03.0974 1340 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
20:40:03.0974 1340 RimVSerPort - ok
20:40:04.0005 1340 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
20:40:04.0005 1340 ROOTMODEM - ok
20:40:04.0005 1340 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:40:04.0020 1340 RpcEptMapper - ok
20:40:04.0036 1340 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:40:04.0036 1340 RpcLocator - ok
20:40:04.0083 1340 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:40:04.0083 1340 RpcSs - ok
20:40:04.0098 1340 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:40:04.0114 1340 rspndr - ok
20:40:04.0145 1340 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:40:04.0145 1340 RSUSBSTOR - ok
20:40:04.0176 1340 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:40:04.0192 1340 RTL8167 - ok
20:40:04.0208 1340 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:40:04.0208 1340 SamSs - ok
20:40:04.0239 1340 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:40:04.0239 1340 sbp2port - ok
20:40:04.0286 1340 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:40:04.0286 1340 SCardSvr - ok
20:40:04.0317 1340 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:40:04.0332 1340 scfilter - ok
20:40:04.0379 1340 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:40:04.0395 1340 Schedule - ok
20:40:04.0426 1340 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:40:04.0426 1340 SCPolicySvc - ok
20:40:04.0473 1340 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:40:04.0473 1340 sdbus - ok
20:40:04.0488 1340 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:40:04.0488 1340 SDRSVC - ok
20:40:04.0551 1340 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:40:04.0551 1340 secdrv - ok
20:40:04.0582 1340 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:40:04.0582 1340 seclogon - ok
20:40:04.0613 1340 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:40:04.0613 1340 SENS - ok
20:40:04.0629 1340 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:40:04.0644 1340 SensrSvc - ok
20:40:04.0660 1340 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:40:04.0660 1340 Serenum - ok
20:40:04.0676 1340 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:40:04.0676 1340 Serial - ok
20:40:04.0722 1340 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:40:04.0722 1340 sermouse - ok
20:40:04.0769 1340 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:40:04.0769 1340 SessionEnv - ok
20:40:04.0785 1340 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:40:04.0800 1340 sffdisk - ok
20:40:04.0816 1340 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:40:04.0816 1340 sffp_mmc - ok
20:40:04.0832 1340 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:40:04.0832 1340 sffp_sd - ok
20:40:04.0847 1340 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:40:04.0847 1340 sfloppy - ok
20:40:04.0894 1340 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:40:04.0894 1340 SharedAccess - ok
20:40:04.0941 1340 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:40:04.0941 1340 ShellHWDetection - ok
20:40:04.0972 1340 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:40:04.0972 1340 SiSRaid2 - ok
20:40:04.0988 1340 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:40:04.0988 1340 SiSRaid4 - ok
20:40:05.0128 1340 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:40:05.0144 1340 Skype C2C Service - ok
20:40:05.0206 1340 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:40:05.0206 1340 SkypeUpdate - ok
20:40:05.0237 1340 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:40:05.0237 1340 Smb - ok
20:40:05.0284 1340 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:40:05.0284 1340 SNMPTRAP - ok
20:40:05.0300 1340 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:40:05.0300 1340 spldr - ok
20:40:05.0331 1340 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:40:05.0331 1340 Spooler - ok
20:40:05.0424 1340 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:40:05.0471 1340 sppsvc - ok
20:40:05.0487 1340 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:40:05.0518 1340 sppuinotify - ok
20:40:05.0580 1340 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
20:40:05.0580 1340 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
20:40:05.0580 1340 sptd ( LockedFile.Multi.Generic ) - warning
20:40:05.0580 1340 sptd - detected LockedFile.Multi.Generic (1)
20:40:05.0612 1340 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:40:05.0612 1340 srv - ok
20:40:05.0627 1340 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:40:05.0643 1340 srv2 - ok
20:40:05.0674 1340 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:40:05.0690 1340 SrvHsfHDA - ok
20:40:05.0721 1340 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:40:05.0736 1340 SrvHsfV92 - ok
20:40:05.0752 1340 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:40:05.0768 1340 SrvHsfWinac - ok
20:40:05.0799 1340 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:40:05.0799 1340 srvnet - ok
20:40:05.0830 1340 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:40:05.0830 1340 SSDPSRV - ok
20:40:05.0846 1340 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:40:05.0846 1340 SstpSvc - ok
20:40:05.0908 1340 [ 463E33B1EA7AF1E6EB87B66B831DB41A ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
20:40:05.0908 1340 STacSV - ok
20:40:05.0939 1340 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:40:05.0939 1340 stexstor - ok
20:40:05.0970 1340 [ 4304B75094E106FB5423A290C95841E5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:40:05.0970 1340 STHDA - ok
20:40:06.0017 1340 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:40:06.0017 1340 stisvc - ok
20:40:06.0064 1340 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:40:06.0064 1340 swenum - ok
20:40:06.0095 1340 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:40:06.0095 1340 swprv - ok
20:40:06.0158 1340 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:40:06.0173 1340 SynTP - ok
20:40:06.0220 1340 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:40:06.0251 1340 SysMain - ok
20:40:06.0282 1340 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:40:06.0282 1340 TabletInputService - ok
20:40:06.0298 1340 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:40:06.0314 1340 TapiSrv - ok
20:40:06.0329 1340 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:40:06.0345 1340 TBS - ok
20:40:06.0407 1340 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:40:06.0438 1340 Tcpip - ok
20:40:06.0470 1340 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:40:06.0485 1340 TCPIP6 - ok
20:40:06.0501 1340 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:40:06.0501 1340 tcpipreg - ok
20:40:06.0532 1340 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:40:06.0532 1340 TDPIPE - ok
20:40:06.0563 1340 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:40:06.0563 1340 TDTCP - ok
20:40:06.0594 1340 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:40:06.0594 1340 tdx - ok
20:40:06.0626 1340 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:40:06.0626 1340 TermDD - ok
20:40:06.0672 1340 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:40:06.0672 1340 TermService - ok
20:40:06.0719 1340 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:40:06.0719 1340 Themes - ok
20:40:06.0735 1340 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:40:06.0735 1340 THREADORDER - ok
20:40:06.0750 1340 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:40:06.0766 1340 TrkWks - ok
20:40:06.0828 1340 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:40:06.0828 1340 TrustedInstaller - ok
20:40:06.0875 1340 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:40:06.0875 1340 tssecsrv - ok
20:40:06.0922 1340 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:40:06.0922 1340 TsUsbFlt - ok
20:40:06.0984 1340 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:40:06.0984 1340 tunnel - ok
20:40:07.0016 1340 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:40:07.0016 1340 uagp35 - ok
20:40:07.0031 1340 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:40:07.0031 1340 udfs - ok
20:40:07.0078 1340 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:40:07.0078 1340 UI0Detect - ok
20:40:07.0094 1340 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:40:07.0094 1340 uliagpkx - ok
20:40:07.0140 1340 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:40:07.0140 1340 umbus - ok
20:40:07.0187 1340 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:40:07.0187 1340 UmPass - ok
20:40:07.0312 1340 [ 0FADD949576A164B4E51E716F46B6C33 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:40:07.0343 1340 UNS - ok
20:40:07.0374 1340 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:40:07.0374 1340 upnphost - ok
20:40:07.0421 1340 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:40:07.0437 1340 usbaudio - ok
20:40:07.0468 1340 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:40:07.0468 1340 usbccgp - ok
20:40:07.0515 1340 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:40:07.0515 1340 usbcir - ok
20:40:07.0530 1340 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:40:07.0530 1340 usbehci - ok
20:40:07.0562 1340 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:40:07.0562 1340 usbhub - ok
20:40:07.0577 1340 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:40:07.0593 1340 usbohci - ok
20:40:07.0624 1340 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:40:07.0624 1340 usbprint - ok
20:40:07.0671 1340 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:40:07.0702 1340 usbscan - ok
20:40:07.0733 1340 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:40:07.0733 1340 USBSTOR - ok
20:40:07.0749 1340 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:40:07.0749 1340 usbuhci - ok
20:40:07.0780 1340 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:40:07.0780 1340 usbvideo - ok
20:40:07.0827 1340 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
20:40:07.0827 1340 usb_rndisx - ok
20:40:07.0858 1340 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:40:07.0858 1340 UxSms - ok
20:40:07.0874 1340 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:40:07.0874 1340 VaultSvc - ok
20:40:07.0889 1340 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:40:07.0889 1340 vdrvroot - ok
20:40:07.0936 1340 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:40:07.0936 1340 vds - ok
20:40:07.0967 1340 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:40:07.0967 1340 vga - ok
20:40:07.0983 1340 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:40:07.0983 1340 VgaSave - ok
20:40:08.0014 1340 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:40:08.0030 1340 vhdmp - ok
20:40:08.0045 1340 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:40:08.0045 1340 viaide - ok
20:40:08.0076 1340 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:40:08.0076 1340 volmgr - ok
20:40:08.0123 1340 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:40:08.0123 1340 volmgrx - ok
20:40:08.0139 1340 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:40:08.0139 1340 volsnap - ok
20:40:08.0170 1340 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:40:08.0186 1340 vsmraid - ok
20:40:08.0248 1340 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:40:08.0264 1340 VSS - ok
20:40:08.0279 1340 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:40:08.0279 1340 vwifibus - ok
20:40:08.0295 1340 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:40:08.0310 1340 vwififlt - ok
20:40:08.0326 1340 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:40:08.0326 1340 vwifimp - ok
20:40:08.0357 1340 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:40:08.0357 1340 W32Time - ok
20:40:08.0373 1340 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:40:08.0373 1340 WacomPen - ok
20:40:08.0435 1340 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:40:08.0435 1340 WANARP - ok
20:40:08.0451 1340 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:40:08.0451 1340 Wanarpv6 - ok
20:40:08.0513 1340 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:40:08.0529 1340 WatAdminSvc - ok
20:40:08.0591 1340 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:40:08.0607 1340 wbengine - ok
20:40:08.0638 1340 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:40:08.0638 1340 WbioSrvc - ok
20:40:08.0669 1340 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:40:08.0685 1340 wcncsvc - ok
20:40:08.0700 1340 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:40:08.0700 1340 WcsPlugInService - ok
20:40:08.0716 1340 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:40:08.0716 1340 Wd - ok
20:40:08.0763 1340 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:40:08.0778 1340 Wdf01000 - ok
20:40:08.0794 1340 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:40:08.0794 1340 WdiServiceHost - ok
20:40:08.0794 1340 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:40:08.0794 1340 WdiSystemHost - ok
20:40:08.0841 1340 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:40:08.0841 1340 WebClient - ok
20:40:08.0872 1340 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:40:08.0872 1340 Wecsvc - ok
20:40:08.0888 1340 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:40:08.0888 1340 wercplsupport - ok
20:40:08.0903 1340 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:40:08.0919 1340 WerSvc - ok
20:40:08.0934 1340 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:40:08.0934 1340 WfpLwf - ok
20:40:08.0966 1340 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:40:08.0966 1340 WIMMount - ok
20:40:08.0966 1340 WinDefend - ok
20:40:08.0981 1340 WinHttpAutoProxySvc - ok
20:40:09.0012 1340 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:40:09.0028 1340 Winmgmt - ok
20:40:09.0106 1340 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:40:09.0122 1340 WinRM - ok
20:40:09.0168 1340 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:40:09.0168 1340 WinUsb - ok
20:40:09.0215 1340 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:40:09.0231 1340 Wlansvc - ok
20:40:09.0262 1340 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:40:09.0262 1340 WmiAcpi - ok
20:40:09.0293 1340 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:40:09.0293 1340 wmiApSrv - ok
20:40:09.0324 1340 WMPNetworkSvc - ok
20:40:09.0356 1340 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:40:09.0356 1340 WPCSvc - ok
20:40:09.0387 1340 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:40:09.0402 1340 WPDBusEnum - ok
20:40:09.0418 1340 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:40:09.0418 1340 ws2ifsl - ok
20:40:09.0449 1340 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:40:09.0449 1340 wscsvc - ok
20:40:09.0465 1340 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
20:40:09.0480 1340 WSDPrintDevice - ok
20:40:09.0496 1340 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
20:40:09.0496 1340 WSDScan - ok
20:40:09.0496 1340 WSearch - ok
20:40:09.0590 1340 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:40:09.0621 1340 wuauserv - ok
20:40:09.0652 1340 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:40:09.0652 1340 WudfPf - ok
20:40:09.0668 1340 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:40:09.0683 1340 WUDFRd - ok
20:40:09.0699 1340 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:40:09.0699 1340 wudfsvc - ok
20:40:09.0714 1340 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:40:09.0714 1340 WwanSvc - ok
20:40:09.0761 1340 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
20:40:09.0761 1340 yukonw7 - ok
20:40:09.0808 1340 ================ Scan global ===============================
20:40:09.0824 1340 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:40:09.0870 1340 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
20:40:09.0902 1340 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
20:40:09.0933 1340 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:40:09.0964 1340 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:40:09.0964 1340 [Global] - ok
20:40:09.0964 1340 ================ Scan MBR ==================================
20:40:09.0980 1340 [ C2CA115A6236940D14F3251079BA9BF6 ] \Device\Harddisk0\DR0
20:40:10.0198 1340 \Device\Harddisk0\DR0 - ok
20:40:10.0198 1340 ================ Scan VBR ==================================
20:40:10.0198 1340 [ 8431A6D36488141CD83DBD64BF461CA3 ] \Device\Harddisk0\DR0\Partition1
20:40:10.0198 1340 \Device\Harddisk0\DR0\Partition1 - ok
20:40:10.0214 1340 [ 66AD86E67F770B7BDB74BEAB6FAE8320 ] \Device\Harddisk0\DR0\Partition2
20:40:10.0214 1340 \Device\Harddisk0\DR0\Partition2 - ok
20:40:10.0229 1340 [ C87463339E30C59EABAC983C48802F03 ] \Device\Harddisk0\DR0\Partition3
20:40:10.0229 1340 \Device\Harddisk0\DR0\Partition3 - ok
20:40:10.0245 1340 [ 34469C71879AB8FA29CD370371973458 ] \Device\Harddisk0\DR0\Partition4
20:40:10.0260 1340 \Device\Harddisk0\DR0\Partition4 - ok
20:40:10.0260 1340 ============================================================
20:40:10.0260 1340 Scan finished
20:40:10.0260 1340 ============================================================
20:40:10.0260 0940 Detected object count: 1
20:40:10.0260 0940 Actual detected object count: 1
20:40:20.0416 0940 sptd ( LockedFile.Multi.Generic ) - skipped by user
20:40:20.0416 0940 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
20:40:33.0302 3308 ============================================================
20:40:33.0302 3308 Scan started
20:40:33.0302 3308 Mode: Manual;
20:40:33.0302 3308 ============================================================
20:40:33.0458 3308 ================ Scan system memory ========================
20:40:33.0458 3308 System memory - ok
20:40:33.0458 3308 ================ Scan services =============================
20:40:33.0598 3308 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:40:33.0598 3308 1394ohci - ok
20:40:33.0629 3308 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
20:40:33.0629 3308 Accelerometer - ok
20:40:33.0660 3308 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:40:33.0660 3308 ACPI - ok
20:40:33.0676 3308 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:40:33.0676 3308 AcpiPmi - ok
20:40:33.0754 3308 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:40:33.0754 3308 AdobeARMservice - ok
20:40:33.0879 3308 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:40:33.0879 3308 AdobeFlashPlayerUpdateSvc - ok
20:40:33.0910 3308 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:40:33.0910 3308 adp94xx - ok
20:40:33.0926 3308 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:40:33.0926 3308 adpahci - ok
20:40:33.0957 3308 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:40:33.0957 3308 adpu320 - ok
20:40:33.0988 3308 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:40:33.0988 3308 AeLookupSvc - ok
20:40:34.0066 3308 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
20:40:34.0066 3308 AESTFilters - ok
20:40:34.0097 3308 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:40:34.0097 3308 AFD - ok
20:40:34.0128 3308 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:40:34.0128 3308 agp440 - ok
20:40:34.0160 3308 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:40:34.0175 3308 ALG - ok
20:40:34.0175 3308 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:40:34.0191 3308 aliide - ok
20:40:34.0206 3308 [ 48619A29F9C9C3CFEB66718DD03D8057 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:40:34.0222 3308 AMD External Events Utility - ok
20:40:34.0238 3308 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:40:34.0238 3308 amdide - ok
20:40:34.0253 3308 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:40:34.0253 3308 AmdK8 - ok
20:40:34.0394 3308 [ 06BF0785DE714637EBA9BB1084B28626 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:40:34.0440 3308 amdkmdag - ok
20:40:34.0472 3308 [ 2DEC3274589FF6889AB05ADCEEB0F642 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:40:34.0487 3308 amdkmdap - ok
20:40:34.0503 3308 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:40:34.0503 3308 AmdPPM - ok
20:40:34.0550 3308 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:40:34.0550 3308 amdsata - ok
20:40:34.0565 3308 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:40:34.0565 3308 amdsbs - ok
20:40:34.0581 3308 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:40:34.0581 3308 amdxata - ok
20:40:34.0612 3308 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:40:34.0612 3308 AppID - ok
20:40:34.0643 3308 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:40:34.0643 3308 AppIDSvc - ok
20:40:34.0674 3308 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:40:34.0674 3308 Appinfo - ok
20:40:34.0690 3308 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:40:34.0690 3308 arc - ok
20:40:34.0721 3308 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:40:34.0721 3308 arcsas - ok
20:40:34.0799 3308 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:40:34.0799 3308 aspnet_state - ok
20:40:34.0815 3308 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:40:34.0815 3308 AsyncMac - ok
20:40:34.0862 3308 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:40:34.0862 3308 atapi - ok
20:40:34.0893 3308 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
20:40:34.0893 3308 AtiHdmiService - ok
20:40:34.0924 3308 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:40:34.0940 3308 AudioEndpointBuilder - ok
20:40:34.0940 3308 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:40:34.0955 3308 AudioSrv - ok
20:40:35.0018 3308 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
20:40:35.0018 3308 Autodesk Content Service - ok
20:40:35.0049 3308 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:40:35.0049 3308 AxInstSV - ok
20:40:35.0080 3308 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:40:35.0096 3308 b06bdrv - ok
20:40:35.0127 3308 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:40:35.0127 3308 b57nd60a - ok
20:40:35.0158 3308 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:40:35.0158 3308 BDESVC - ok
20:40:35.0174 3308 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:40:35.0174 3308 Beep - ok
20:40:35.0220 3308 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:40:35.0220 3308 BFE - ok
20:40:35.0252 3308 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:40:35.0267 3308 BITS - ok
20:40:35.0283 3308 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:40:35.0283 3308 blbdrive - ok
20:40:35.0376 3308 [ 2BBD2AB07D779278114BA6A694972F1A ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
20:40:35.0408 3308 Bluetooth Device Manager - ok
20:40:35.0439 3308 [ 87D6A02028E47CA696C4294C658E3EE6 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
20:40:35.0439 3308 Bluetooth Media Service - ok
20:40:35.0470 3308 [ 9AF4B2CF2F98CF6157CDFD917AE5785B ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
20:40:35.0486 3308 Bluetooth OBEX Service - ok
20:40:35.0517 3308 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:40:35.0517 3308 bowser - ok
20:40:35.0548 3308 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:40:35.0548 3308 BrFiltLo - ok
20:40:35.0564 3308 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:40:35.0564 3308 BrFiltUp - ok
20:40:35.0595 3308 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:40:35.0595 3308 Browser - ok
20:40:35.0626 3308 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:40:35.0626 3308 Brserid - ok
20:40:35.0642 3308 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:40:35.0642 3308 BrSerWdm - ok
20:40:35.0657 3308 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:40:35.0657 3308 BrUsbMdm - ok
20:40:35.0657 3308 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:40:35.0657 3308 BrUsbSer - ok
20:40:35.0688 3308 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:40:35.0688 3308 BthEnum - ok
20:40:35.0704 3308 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:40:35.0720 3308 BTHMODEM - ok
20:40:35.0735 3308 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:40:35.0735 3308 BthPan - ok
20:40:35.0751 3308 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:40:35.0766 3308 BTHPORT - ok
20:40:35.0798 3308 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:40:35.0798 3308 bthserv - ok
20:40:35.0813 3308 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:40:35.0813 3308 BTHUSB - ok
20:40:35.0844 3308 [ E588420B950DAC5AC397F76660BCE520 ] BTMCOM C:\Windows\system32\Drivers\btmcom.sys
20:40:35.0844 3308 BTMCOM - ok
20:40:35.0907 3308 [ 4EEF6B894E05FC245640DCEE9190A053 ] BTMUSB C:\Windows\system32\Drivers\btmusb.sys
20:40:35.0938 3308 BTMUSB - ok
20:40:35.0954 3308 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:40:35.0954 3308 cdfs - ok
20:40:35.0985 3308 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:40:35.0985 3308 cdrom - ok
20:40:36.0032 3308 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:40:36.0032 3308 CertPropSvc - ok
20:40:36.0032 3308 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:40:36.0032 3308 circlass - ok
20:40:36.0063 3308 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:40:36.0078 3308 CLFS - ok
20:40:36.0125 3308 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:40:36.0125 3308 clr_optimization_v2.0.50727_32 - ok
20:40:36.0156 3308 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:40:36.0156 3308 clr_optimization_v2.0.50727_64 - ok
20:40:36.0188 3308 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:40:36.0188 3308 clr_optimization_v4.0.30319_32 - ok
20:40:36.0203 3308 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:40:36.0203 3308 clr_optimization_v4.0.30319_64 - ok
20:40:36.0234 3308 [ 9573E8C7C3B3D1625FD941841FD0859C ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
20:40:36.0234 3308 clwvd - ok
20:40:36.0250 3308 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:40:36.0250 3308 CmBatt - ok
20:40:36.0281 3308 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:40:36.0281 3308 cmdide - ok
20:40:36.0328 3308 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
20:40:36.0328 3308 CNG - ok
20:40:36.0344 3308 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:40:36.0344 3308 Compbatt - ok
20:40:36.0375 3308 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:40:36.0375 3308 CompositeBus - ok
20:40:36.0375 3308 COMSysApp - ok
20:40:36.0390 3308 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:40:36.0390 3308 crcdisk - ok
20:40:36.0422 3308 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:40:36.0437 3308 CryptSvc - ok
20:40:36.0484 3308 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:40:36.0484 3308 DcomLaunch - ok
20:40:36.0515 3308 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:40:36.0515 3308 defragsvc - ok
20:40:36.0562 3308 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:40:36.0562 3308 DfsC - ok
20:40:36.0578 3308 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:40:36.0578 3308 Dhcp - ok
20:40:36.0609 3308 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:40:36.0609 3308 discache - ok
20:40:36.0656 3308 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:40:36.0656 3308 Disk - ok
20:40:36.0671 3308 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:40:36.0671 3308 Dnscache - ok
20:40:36.0718 3308 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:40:36.0718 3308 dot3svc - ok
20:40:36.0734 3308 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:40:36.0734 3308 DPS - ok
20:40:36.0749 3308 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:40:36.0749 3308 drmkaud - ok
20:40:36.0812 3308 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:40:36.0812 3308 DXGKrnl - ok
20:40:36.0843 3308 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:40:36.0843 3308 EapHost - ok
20:40:36.0936 3308 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:40:36.0952 3308 ebdrv - ok
20:40:36.0983 3308 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:40:36.0983 3308 EFS - ok
20:40:37.0046 3308 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:40:37.0061 3308 ehRecvr - ok
20:40:37.0092 3308 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:40:37.0092 3308 ehSched - ok
20:40:37.0124 3308 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:40:37.0124 3308 elxstor - ok
20:40:37.0186 3308 [ B5581646636759D0DAFA8B008881C079 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
20:40:37.0186 3308 EPSON_EB_RPCV4_01 - ok
20:40:37.0202 3308 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
20:40:37.0202 3308 EPSON_PM_RPCV4_01 - ok
20:40:37.0217 3308 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:40:37.0217 3308 ErrDev - ok
20:40:37.0248 3308 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:40:37.0248 3308 EventSystem - ok
20:40:37.0280 3308 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:40:37.0280 3308 exfat - ok
20:40:37.0280 3308 ezSharedSvc - ok
20:40:37.0311 3308 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:40:37.0311 3308 fastfat - ok
20:40:37.0342 3308 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:40:37.0358 3308 Fax - ok
20:40:37.0373 3308 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:40:37.0373 3308 fdc - ok
20:40:37.0389 3308 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:40:37.0389 3308 fdPHost - ok
20:40:37.0404 3308 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:40:37.0404 3308 FDResPub - ok
20:40:37.0404 3308 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:40:37.0404 3308 FileInfo - ok
20:40:37.0420 3308 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:40:37.0420 3308 Filetrace - ok
20:40:37.0467 3308 [ 3D9B36631032FDE0FFEA0DC0260E4E35 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:40:37.0482 3308 FLEXnet Licensing Service - ok
20:40:37.0545 3308 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
20:40:37.0560 3308 FLEXnet Licensing Service 64 - ok
20:40:37.0576 3308 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:40:37.0576 3308 flpydisk - ok
20:40:37.0623 3308 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:40:37.0623 3308 FltMgr - ok
20:40:37.0670 3308 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:40:37.0685 3308 FontCache - ok
20:40:37.0748 3308 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:40:37.0748 3308 FontCache3.0.0.0 - ok
20:40:37.0779 3308 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:40:37.0779 3308 FsDepends - ok
20:40:37.0810 3308 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:40:37.0810 3308 Fs_Rec - ok
20:40:37.0841 3308 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:40:37.0857 3308 fvevol - ok
20:40:37.0857 3308 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:40:37.0872 3308 gagp30kx - ok
20:40:37.0904 3308 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:40:37.0919 3308 gpsvc - ok
20:40:37.0935 3308 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:40:37.0935 3308 hcw85cir - ok
20:40:37.0966 3308 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:40:37.0982 3308 HdAudAddService - ok
20:40:37.0997 3308 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:40:37.0997 3308 HDAudBus - ok
20:40:38.0013 3308 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:40:38.0013 3308 HECIx64 - ok
20:40:38.0028 3308 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:40:38.0028 3308 HidBatt - ok
20:40:38.0044 3308 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:40:38.0044 3308 HidBth - ok
20:40:38.0060 3308 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:40:38.0060 3308 HidIr - ok
20:40:38.0075 3308 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:40:38.0075 3308 hidserv - ok
20:40:38.0122 3308 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:40:38.0122 3308 HidUsb - ok
20:40:38.0153 3308 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:40:38.0153 3308 hkmsvc - ok
20:40:38.0184 3308 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:40:38.0184 3308 HomeGroupListener - ok
20:40:38.0231 3308 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:40:38.0231 3308 HomeGroupProvider - ok
20:40:38.0278 3308 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:40:38.0278 3308 HP Support Assistant Service - ok
20:40:38.0325 3308 [ 3A09322A8AA8B0C79036686A0EBE7B4C ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
20:40:38.0325 3308 HP Wireless Assistant Service - ok
20:40:38.0356 3308 [ 3015B37029AD15C67EBCA5053C422F90 ] HP8207_8307 C:\Windows\system32\DRIVERS\HP8207_8307.sys
20:40:38.0356 3308 HP8207_8307 - ok
20:40:38.0372 3308 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
20:40:38.0372 3308 hpdskflt - ok
20:40:38.0418 3308 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:40:38.0434 3308 hpqwmiex - ok
20:40:38.0465 3308 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:40:38.0465 3308 HpSAMD - ok
20:40:38.0496 3308 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
20:40:38.0496 3308 hpsrv - ok
20:40:38.0543 3308 [ 171000873EB522E5EA3DD4C4E0B689B2 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:40:38.0543 3308 HPWMISVC - ok
20:40:38.0590 3308 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:40:38.0590 3308 HTTP - ok
20:40:38.0637 3308 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:40:38.0637 3308 hwpolicy - ok
20:40:38.0668 3308 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:40:38.0668 3308 i8042prt - ok
20:40:38.0699 3308 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:40:38.0715 3308 iaStor - ok
20:40:38.0730 3308 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:40:38.0730 3308 iaStorV - ok
20:40:38.0777 3308 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:40:38.0777 3308 idsvc - ok
20:40:38.0996 3308 [ 1BE8D9CA4F2363B8E8015621878E0043 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:40:39.0042 3308 igfx - ok
20:40:39.0089 3308 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:40:39.0089 3308 iirsp - ok
20:40:39.0136 3308 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:40:39.0152 3308 IKEEXT - ok
20:40:39.0183 3308 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
20:40:39.0183 3308 Impcd - ok
20:40:39.0198 3308 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:40:39.0198 3308 intelide - ok
20:40:39.0401 3308 [ 1BE8D9CA4F2363B8E8015621878E0043 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
20:40:39.0464 3308 intelkmd - ok
20:40:39.0557 3308 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:40:39.0557 3308 intelppm - ok
20:40:39.0588 3308 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:40:39.0588 3308 IPBusEnum - ok
20:40:39.0620 3308 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:40:39.0620 3308 IpFilterDriver - ok
20:40:39.0651 3308 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:40:39.0666 3308 iphlpsvc - ok
20:40:39.0698 3308 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:40:39.0698 3308 IPMIDRV - ok
20:40:39.0729 3308 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:40:39.0729 3308 IPNAT - ok
20:40:39.0744 3308 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:40:39.0744 3308 IRENUM - ok
20:40:39.0776 3308 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:40:39.0776 3308 isapnp - ok
20:40:39.0791 3308 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:40:39.0807 3308 iScsiPrt - ok
20:40:39.0822 3308 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:40:39.0822 3308 kbdclass - ok
20:40:39.0838 3308 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:40:39.0838 3308 kbdhid - ok
20:40:39.0869 3308 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:40:39.0869 3308 KeyIso - ok
20:40:39.0885 3308 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:40:39.0885 3308 KSecDD - ok
20:40:39.0916 3308 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:40:39.0916 3308 KSecPkg - ok
20:40:39.0932 3308 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:40:39.0932 3308 ksthunk - ok
20:40:39.0963 3308 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:40:39.0978 3308 KtmRm - ok
20:40:40.0010 3308 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:40:40.0010 3308 LanmanServer - ok
20:40:40.0041 3308 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:40:40.0041 3308 LanmanWorkstation - ok
20:40:40.0088 3308 [ 07B1888209C54B675FFCCBDE9F06D2C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
20:40:40.0088 3308 LightScribeService - ok
20:40:40.0103 3308 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:40:40.0103 3308 lltdio - ok
20:40:40.0134 3308 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:40:40.0134 3308 lltdsvc - ok
20:40:40.0150 3308 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:40:40.0150 3308 lmhosts - ok
20:40:40.0212 3308 [ 6D515466AB8BFE61184092B635AE6EB4 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:40:40.0212 3308 LMS - ok
20:40:40.0244 3308 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:40:40.0244 3308 LSI_FC - ok
20:40:40.0259 3308 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:40:40.0259 3308 LSI_SAS - ok
20:40:40.0275 3308 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:40:40.0275 3308 LSI_SAS2 - ok
20:40:40.0290 3308 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:40:40.0290 3308 LSI_SCSI - ok
20:40:40.0306 3308 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:40:40.0306 3308 luafv - ok
20:40:40.0337 3308 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:40:40.0353 3308 Mcx2Svc - ok
20:40:40.0368 3308 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:40:40.0368 3308 megasas - ok
20:40:40.0384 3308 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:40:40.0384 3308 MegaSR - ok
20:40:40.0415 3308 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:40:40.0415 3308 MMCSS - ok
20:40:40.0431 3308 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:40:40.0431 3308 Modem - ok
20:40:40.0446 3308 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:40:40.0446 3308 monitor - ok
20:40:40.0478 3308 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:40:40.0478 3308 mouclass - ok
20:40:40.0509 3308 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:40:40.0509 3308 mouhid - ok
20:40:40.0556 3308 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:40:40.0556 3308 mountmgr - ok
20:40:40.0571 3308 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:40:40.0587 3308 MpFilter - ok
20:40:40.0602 3308 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:40:40.0602 3308 mpio - ok
20:40:40.0618 3308 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:40:40.0618 3308 mpsdrv - ok
20:40:40.0665 3308 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:40:40.0680 3308 MpsSvc - ok
20:40:40.0712 3308 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:40:40.0712 3308 MRxDAV - ok
20:40:40.0727 3308 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:40:40.0727 3308 mrxsmb - ok
20:40:40.0758 3308 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:40:40.0758 3308 mrxsmb10 - ok
20:40:40.0774 3308 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:40:40.0774 3308 mrxsmb20 - ok
20:40:40.0805 3308 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:40:40.0805 3308 msahci - ok
20:40:40.0836 3308 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:40:40.0836 3308 msdsm - ok
20:40:40.0868 3308 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:40:40.0868 3308 MSDTC - ok
20:40:40.0899 3308 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:40:40.0899 3308 Msfs - ok
20:40:40.0899 3308 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:40:40.0899 3308 mshidkmdf - ok
20:40:40.0914 3308 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:40:40.0914 3308 msisadrv - ok
20:40:40.0946 3308 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:40:40.0946 3308 MSiSCSI - ok
20:40:40.0946 3308 msiserver - ok
20:40:40.0961 3308 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:40:40.0961 3308 MSKSSRV - ok
20:40:41.0008 3308 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:40:41.0008 3308 MsMpSvc - ok
20:40:41.0024 3308 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:40:41.0024 3308 MSPCLOCK - ok
20:40:41.0039 3308 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:40:41.0039 3308 MSPQM - ok
20:40:41.0086 3308 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:40:41.0086 3308 MsRPC - ok
20:40:41.0133 3308 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:40:41.0133 3308 mssmbios - ok
20:40:41.0148 3308 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:40:41.0148 3308 MSTEE - ok
20:40:41.0164 3308 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:40:41.0164 3308 MTConfig - ok
20:40:41.0180 3308 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:40:41.0180 3308 Mup - ok
20:40:41.0195 3308 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:40:41.0195 3308 napagent - ok
20:40:41.0211 3308 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:40:41.0226 3308 NativeWifiP - ok
20:40:41.0273 3308 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:40:41.0273 3308 NDIS - ok
20:40:41.0304 3308 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:40:41.0304 3308 NdisCap - ok
20:40:41.0320 3308 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:40:41.0320 3308 NdisTapi - ok
20:40:41.0351 3308 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:40:41.0351 3308 Ndisuio - ok
20:40:41.0382 3308 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:40:41.0398 3308 NdisWan - ok
20:40:41.0429 3308 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:40:41.0429 3308 NDProxy - ok
20:40:41.0445 3308 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:40:41.0445 3308 NetBIOS - ok
20:40:41.0492 3308 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:40:41.0492 3308 NetBT - ok
20:40:41.0507 3308 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:40:41.0507 3308 Netlogon - ok
20:40:41.0538 3308 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:40:41.0538 3308 Netman - ok
20:40:41.0570 3308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:41.0570 3308 NetMsmqActivator - ok
20:40:41.0585 3308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:41.0585 3308 NetPipeActivator - ok
20:40:41.0616 3308 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:40:41.0616 3308 netprofm - ok
20:40:41.0648 3308 [ 8B5D2D7CB0EF5B1967860B8AB742A46C ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
20:40:41.0663 3308 netr28x - ok
20:40:41.0663 3308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:41.0663 3308 NetTcpActivator - ok
20:40:41.0679 3308 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:41.0679 3308 NetTcpPortSharing - ok
20:40:41.0788 3308 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
20:40:41.0819 3308 netw5v64 - ok
20:40:41.0835 3308 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:40:41.0835 3308 nfrd960 - ok
20:40:41.0866 3308 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:40:41.0866 3308 NisDrv - ok
20:40:41.0882 3308 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
20:40:41.0897 3308 NisSrv - ok
20:40:41.0897 3308 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:40:41.0913 3308 NlaSvc - ok
20:40:41.0928 3308 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:40:41.0928 3308 Npfs - ok
20:40:41.0960 3308 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:40:41.0960 3308 nsi - ok
20:40:41.0960 3308 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:40:41.0960 3308 nsiproxy - ok
20:40:42.0038 3308 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:40:42.0053 3308 Ntfs - ok
20:40:42.0069 3308 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:40:42.0084 3308 Null - ok
20:40:42.0100 3308 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:40:42.0100 3308 nvraid - ok
20:40:42.0131 3308 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:40:42.0131 3308 nvstor - ok
20:40:42.0147 3308 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:40:42.0147 3308 nv_agp - ok
20:40:42.0225 3308 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:40:42.0225 3308 odserv - ok
20:40:42.0240 3308 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:40:42.0240 3308 ohci1394 - ok
20:40:42.0287 3308 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:40:42.0287 3308 ose - ok
20:40:42.0412 3308 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:40:42.0443 3308 osppsvc - ok
20:40:42.0474 3308 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:40:42.0474 3308 p2pimsvc - ok
20:40:42.0506 3308 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:40:42.0506 3308 p2psvc - ok
20:40:42.0521 3308 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:40:42.0521 3308 Parport - ok
20:40:42.0552 3308 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:40:42.0552 3308 partmgr - ok
20:40:42.0568 3308 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:40:42.0568 3308 PcaSvc - ok
20:40:42.0584 3308 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:40:42.0584 3308 pci - ok
20:40:42.0615 3308 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:40:42.0615 3308 pciide - ok
20:40:42.0646 3308 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:40:42.0646 3308 pcmcia - ok
20:40:42.0662 3308 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:40:42.0662 3308 pcw - ok
20:40:42.0677 3308 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:40:42.0693 3308 PEAUTH - ok
20:40:42.0771 3308 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:40:42.0771 3308 PerfHost - ok
20:40:42.0849 3308 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:40:42.0849 3308 pla - ok
20:40:42.0896 3308 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:40:42.0896 3308 PlugPlay - ok
20:40:42.0927 3308 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:40:42.0927 3308 PNRPAutoReg - ok
20:40:42.0942 3308 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:40:42.0942 3308 PNRPsvc - ok
20:40:42.0958 3308 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:40:42.0958 3308 PolicyAgent - ok
20:40:42.0989 3308 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:40:42.0989 3308 Power - ok
20:40:43.0020 3308 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:40:43.0020 3308 PptpMiniport - ok
20:40:43.0052 3308 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:40:43.0052 3308 Processor - ok
20:40:43.0098 3308 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:40:43.0098 3308 ProfSvc - ok
20:40:43.0114 3308 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:40:43.0114 3308 ProtectedStorage - ok
20:40:43.0145 3308 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:40:43.0145 3308 Psched - ok
20:40:43.0192 3308 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:40:43.0208 3308 ql2300 - ok
20:40:43.0223 3308 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:40:43.0223 3308 ql40xx - ok
20:40:43.0255 3308 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:40:43.0255 3308 QWAVE - ok
20:40:43.0286 3308 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:40:43.0286 3308 QWAVEdrv - ok
20:40:43.0301 3308 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:40:43.0301 3308 RasAcd - ok
20:40:43.0317 3308 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:40:43.0317 3308 RasAgileVpn - ok
20:40:43.0317 3308 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:40:43.0317 3308 RasAuto - ok
20:40:43.0364 3308 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:40:43.0364 3308 Rasl2tp - ok
20:40:43.0379 3308 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:40:43.0379 3308 RasMan - ok
20:40:43.0395 3308 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:40:43.0411 3308 RasPppoe - ok
20:40:43.0411 3308 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:40:43.0411 3308 RasSstp - ok
20:40:43.0442 3308 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:40:43.0442 3308 rdbss - ok
20:40:43.0457 3308 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:40:43.0457 3308 rdpbus - ok
20:40:43.0473 3308 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:40:43.0473 3308 RDPCDD - ok
20:40:43.0489 3308 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:40:43.0489 3308 RDPENCDD - ok
20:40:43.0504 3308 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:40:43.0504 3308 RDPREFMP - ok
20:40:43.0535 3308 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:40:43.0535 3308 RdpVideoMiniport - ok
20:40:43.0567 3308 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:40:43.0567 3308 RDPWD - ok
20:40:43.0613 3308 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:40:43.0613 3308 rdyboost - ok
20:40:43.0645 3308 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:40:43.0645 3308 RemoteAccess - ok
20:40:43.0676 3308 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:40:43.0676 3308 RemoteRegistry - ok
20:40:43.0707 3308 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:40:43.0707 3308 RFCOMM - ok
20:40:43.0723 3308 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
20:40:43.0723 3308 RimUsb - ok
20:40:43.0754 3308 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
20:40:43.0754 3308 RimVSerPort - ok
20:40:43.0785 3308 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
20:40:43.0785 3308 ROOTMODEM - ok
20:40:43.0785 3308 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:40:43.0785 3308 RpcEptMapper - ok
20:40:43.0801 3308 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:40:43.0816 3308 RpcLocator - ok
20:40:43.0847 3308 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:40:43.0863 3308 RpcSs - ok
20:40:43.0879 3308 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:40:43.0879 3308 rspndr - ok
20:40:43.0894 3308 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:40:43.0894 3308 RSUSBSTOR - ok
20:40:43.0941 3308 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:40:43.0941 3308 RTL8167 - ok
20:40:43.0957 3308 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:40:43.0972 3308 SamSs - ok
20:40:44.0003 3308 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:40:44.0003 3308 sbp2port - ok
20:40:44.0035 3308 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:40:44.0035 3308 SCardSvr - ok
20:40:44.0081 3308 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:40:44.0081 3308 scfilter - ok
20:40:44.0128 3308 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:40:44.0144 3308 Schedule - ok
20:40:44.0175 3308 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:40:44.0175 3308 SCPolicySvc - ok
20:40:44.0206 3308 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:40:44.0206 3308 sdbus - ok
20:40:44.0237 3308 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:40:44.0237 3308 SDRSVC - ok
20:40:44.0269 3308 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:40:44.0269 3308 secdrv - ok
20:40:44.0300 3308 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:40:44.0300 3308 seclogon - ok
20:40:44.0315 3308 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:40:44.0315 3308 SENS - ok
20:40:44.0331 3308 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:40:44.0331 3308 SensrSvc - ok
20:40:44.0347 3308 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:40:44.0347 3308 Serenum - ok
20:40:44.0362 3308 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:40:44.0362 3308 Serial - ok
20:40:44.0378 3308 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:40:44.0378 3308 sermouse - ok
20:40:44.0425 3308 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:40:44.0425 3308 SessionEnv - ok
20:40:44.0440 3308 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:40:44.0440 3308 sffdisk - ok
20:40:44.0503 3308 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:40:44.0503 3308 sffp_mmc - ok
20:40:44.0518 3308 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:40:44.0518 3308 sffp_sd - ok
20:40:44.0534 3308 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:40:44.0534 3308 sfloppy - ok
20:40:44.0565 3308 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:40:44.0565 3308 SharedAccess - ok
20:40:44.0612 3308 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:40:44.0612 3308 ShellHWDetection - ok
20:40:44.0627 3308 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:40:44.0643 3308 SiSRaid2 - ok
20:40:44.0659 3308 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:40:44.0659 3308 SiSRaid4 - ok
20:40:44.0752 3308 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:40:44.0768 3308 Skype C2C Service - ok
20:40:44.0830 3308 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:40:44.0830 3308 SkypeUpdate - ok
20:40:44.0846 3308 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:40:44.0861 3308 Smb - ok
20:40:44.0877 3308 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:40:44.0893 3308 SNMPTRAP - ok
20:40:44.0893 3308 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:40:44.0893 3308 spldr - ok
20:40:44.0939 3308 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:40:44.0939 3308 Spooler - ok
20:40:45.0049 3308 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:40:45.0064 3308 sppsvc - ok
20:40:45.0080 3308 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:40:45.0080 3308 sppuinotify - ok
20:40:45.0127 3308 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
20:40:45.0127 3308 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
20:40:45.0127 3308 sptd ( LockedFile.Multi.Generic ) - warning
20:40:45.0127 3308 sptd - detected LockedFile.Multi.Generic (1)
20:40:45.0158 3308 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:40:45.0158 3308 srv - ok
20:40:45.0173 3308 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:40:45.0173 3308 srv2 - ok
20:40:45.0205 3308 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:40:45.0205 3308 SrvHsfHDA - ok
20:40:45.0251 3308 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:40:45.0251 3308 SrvHsfV92 - ok
20:40:45.0283 3308 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:40:45.0283 3308 SrvHsfWinac - ok
20:40:45.0329 3308 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:40:45.0329 3308 srvnet - ok
20:40:45.0361 3308 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:40:45.0361 3308 SSDPSRV - ok
20:40:45.0376 3308 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:40:45.0376 3308 SstpSvc - ok
20:40:45.0423 3308 [ 463E33B1EA7AF1E6EB87B66B831DB41A ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
20:40:45.0423 3308 STacSV - ok
20:40:45.0454 3308 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:40:45.0454 3308 stexstor - ok
20:40:45.0470 3308 [ 4304B75094E106FB5423A290C95841E5 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:40:45.0485 3308 STHDA - ok
20:40:45.0517 3308 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:40:45.0532 3308 stisvc - ok
20:40:45.0563 3308 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:40:45.0563 3308 swenum - ok
20:40:45.0595 3308 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:40:45.0610 3308 swprv - ok
20:40:45.0657 3308 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:40:45.0657 3308 SynTP - ok
20:40:45.0719 3308 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:40:45.0735 3308 SysMain - ok
20:40:45.0766 3308 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:40:45.0766 3308 TabletInputService - ok
20:40:45.0782 3308 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:40:45.0797 3308 TapiSrv - ok
20:40:45.0829 3308 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:40:45.0829 3308 TBS - ok
20:40:45.0907 3308 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:40:45.0922 3308 Tcpip - ok
20:40:45.0953 3308 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:40:45.0953 3308 TCPIP6 - ok
20:40:45.0969 3308 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:40:45.0969 3308 tcpipreg - ok
20:40:45.0985 3308 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:40:45.0985 3308 TDPIPE - ok
20:40:46.0016 3308 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:40:46.0016 3308 TDTCP - ok
20:40:46.0047 3308 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:40:46.0047 3308 tdx - ok
20:40:46.0094 3308 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:40:46.0094 3308 TermDD - ok
20:40:46.0125 3308 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:40:46.0141 3308 TermService - ok
20:40:46.0172 3308 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:40:46.0172 3308 Themes - ok
20:40:46.0187 3308 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:40:46.0187 3308 THREADORDER - ok
20:40:46.0203 3308 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:40:46.0203 3308 TrkWks - ok
20:40:46.0250 3308 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:40:46.0250 3308 TrustedInstaller - ok
20:40:46.0297 3308 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:40:46.0297 3308 tssecsrv - ok
20:40:46.0328 3308 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:40:46.0328 3308 TsUsbFlt - ok
20:40:46.0359 3308 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:40:46.0359 3308 tunnel - ok
20:40:46.0390 3308 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:40:46.0390 3308 uagp35 - ok
20:40:46.0406 3308 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:40:46.0406 3308 udfs - ok
20:40:46.0437 3308 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:40:46.0437 3308 UI0Detect - ok
20:40:46.0468 3308 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:40:46.0468 3308 uliagpkx - ok
20:40:46.0515 3308 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:40:46.0515 3308 umbus - ok
20:40:46.0546 3308 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:40:46.0546 3308 UmPass - ok
20:40:46.0655 3308 [ 0FADD949576A164B4E51E716F46B6C33 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:40:46.0671 3308 UNS - ok
20:40:46.0702 3308 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:40:46.0702 3308 upnphost - ok
20:40:46.0733 3308 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:40:46.0733 3308 usbaudio - ok
20:40:46.0765 3308 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:40:46.0780 3308 usbccgp - ok
20:40:46.0811 3308 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:40:46.0811 3308 usbcir - ok
20:40:46.0827 3308 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:40:46.0827 3308 usbehci - ok
20:40:46.0858 3308 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:40:46.0858 3308 usbhub - ok
20:40:46.0874 3308 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:40:46.0874 3308 usbohci - ok
20:40:46.0889 3308 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:40:46.0889 3308 usbprint - ok
20:40:46.0905 3308 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:40:46.0905 3308 usbscan - ok
20:40:46.0952 3308 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:40:46.0952 3308 USBSTOR - ok
20:40:46.0952 3308 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:40:46.0952 3308 usbuhci - ok
20:40:46.0983 3308 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:40:46.0983 3308 usbvideo - ok
20:40:47.0014 3308 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
20:40:47.0014 3308 usb_rndisx - ok
20:40:47.0030 3308 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:40:47.0030 3308 UxSms - ok
20:40:47.0045 3308 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:40:47.0045 3308 VaultSvc - ok
20:40:47.0061 3308 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:40:47.0061 3308 vdrvroot - ok
20:40:47.0092 3308 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:40:47.0092 3308 vds - ok
20:40:47.0123 3308 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:40:47.0123 3308 vga - ok
20:40:47.0139 3308 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:40:47.0139 3308 VgaSave - ok
20:40:47.0170 3308 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:40:47.0170 3308 vhdmp - ok
20:40:47.0186 3308 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:40:47.0186 3308 viaide - ok
20:40:47.0217 3308 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:40:47.0217 3308 volmgr - ok
20:40:47.0248 3308 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:40:47.0264 3308 volmgrx - ok
20:40:47.0279 3308 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:40:47.0279 3308 volsnap - ok
20:40:47.0295 3308 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:40:47.0311 3308 vsmraid - ok
20:40:47.0373 3308 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:40:47.0389 3308 VSS - ok
20:40:47.0404 3308 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:40:47.0404 3308 vwifibus - ok
20:40:47.0420 3308 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:40:47.0420 3308 vwififlt - ok
20:40:47.0420 3308 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:40:47.0420 3308 vwifimp - ok
20:40:47.0451 3308 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:40:47.0451 3308 W32Time - ok
20:40:47.0467 3308 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:40:47.0467 3308 WacomPen - ok
20:40:47.0498 3308 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:40:47.0498 3308 WANARP - ok
20:40:47.0513 3308 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:40:47.0513 3308 Wanarpv6 - ok
20:40:47.0545 3308 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:40:47.0560 3308 WatAdminSvc - ok
20:40:47.0607 3308 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:40:47.0638 3308 wbengine - ok
20:40:47.0669 3308 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:40:47.0669 3308 WbioSrvc - ok
20:40:47.0701 3308 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:40:47.0716 3308 wcncsvc - ok
20:40:47.0732 3308 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:40:47.0732 3308 WcsPlugInService - ok
20:40:47.0747 3308 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:40:47.0747 3308 Wd - ok
20:40:47.0794 3308 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:40:47.0810 3308 Wdf01000 - ok
20:40:47.0810 3308 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:40:47.0825 3308 WdiServiceHost - ok
20:40:47.0825 3308 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:40:47.0825 3308 WdiSystemHost - ok
20:40:47.0857 3308 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:40:47.0872 3308 WebClient - ok
20:40:47.0888 3308 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:40:47.0903 3308 Wecsvc - ok
20:40:47.0903 3308 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:40:47.0919 3308 wercplsupport - ok
20:40:47.0935 3308 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:40:47.0935 3308 WerSvc - ok
20:40:47.0950 3308 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:40:47.0950 3308 WfpLwf - ok
20:40:47.0966 3308 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:40:47.0966 3308 WIMMount - ok
20:40:47.0966 3308 WinDefend - ok
20:40:47.0981 3308 WinHttpAutoProxySvc - ok
20:40:48.0028 3308 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:40:48.0028 3308 Winmgmt - ok
20:40:48.0091 3308 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:40:48.0122 3308 WinRM - ok
20:40:48.0153 3308 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:40:48.0153 3308 WinUsb - ok
20:40:48.0184 3308 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:40:48.0184 3308 Wlansvc - ok
20:40:48.0215 3308 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:40:48.0215 3308 WmiAcpi - ok
20:40:48.0262 3308 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:40:48.0262 3308 wmiApSrv - ok
20:40:48.0278 3308 WMPNetworkSvc - ok
20:40:48.0293 3308 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:40:48.0293 3308 WPCSvc - ok
20:40:48.0325 3308 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:40:48.0340 3308 WPDBusEnum - ok
20:40:48.0356 3308 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:40:48.0356 3308 ws2ifsl - ok
20:40:48.0387 3308 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:40:48.0387 3308 wscsvc - ok
20:40:48.0403 3308 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
20:40:48.0403 3308 WSDPrintDevice - ok
20:40:48.0418 3308 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
20:40:48.0418 3308 WSDScan - ok
20:40:48.0418 3308 WSearch - ok
20:40:48.0527 3308 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:40:48.0543 3308 wuauserv - ok
20:40:48.0574 3308 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:40:48.0574 3308 WudfPf - ok
20:40:48.0590 3308 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:40:48.0590 3308 WUDFRd - ok
20:40:48.0621 3308 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:40:48.0621 3308 wudfsvc - ok
20:40:48.0652 3308 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:40:48.0652 3308 WwanSvc - ok
20:40:48.0683 3308 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
20:40:48.0683 3308 yukonw7 - ok
20:40:48.0699 3308 ================ Scan global ===============================
20:40:48.0730 3308 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:40:48.0761 3308 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
20:40:48.0777 3308 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
20:40:48.0793 3308 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:40:48.0839 3308 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:40:48.0839 3308 [Global] - ok
20:40:48.0839 3308 ================ Scan MBR ==================================
20:40:48.0855 3308 [ C2CA115A6236940D14F3251079BA9BF6 ] \Device\Harddisk0\DR0
20:40:49.0073 3308 \Device\Harddisk0\DR0 - ok
20:40:49.0073 3308 ================ Scan VBR ==================================
20:40:49.0073 3308 [ 8431A6D36488141CD83DBD64BF461CA3 ] \Device\Harddisk0\DR0\Partition1
20:40:49.0073 3308 \Device\Harddisk0\DR0\Partition1 - ok
20:40:49.0089 3308 [ 66AD86E67F770B7BDB74BEAB6FAE8320 ] \Device\Harddisk0\DR0\Partition2
20:40:49.0089 3308 \Device\Harddisk0\DR0\Partition2 - ok
20:40:49.0120 3308 [ C87463339E30C59EABAC983C48802F03 ] \Device\Harddisk0\DR0\Partition3
20:40:49.0120 3308 \Device\Harddisk0\DR0\Partition3 - ok
20:40:49.0136 3308 [ 34469C71879AB8FA29CD370371973458 ] \Device\Harddisk0\DR0\Partition4
20:40:49.0136 3308 \Device\Harddisk0\DR0\Partition4 - ok
20:40:49.0136 3308 ============================================================
20:40:49.0136 3308 Scan finished
20:40:49.0136 3308 ============================================================
20:40:49.0151 4112 Detected object count: 1
20:40:49.0151 4112 Actual detected object count: 1
20:40:52.0365 4112 sptd ( LockedFile.Multi.Generic ) - skipped by user
20:40:52.0365 4112 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
20:40:54.0721 1280 Deinitialize success


ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

#8 Jack&Jill

Jack&Jill

  • Malware Response Team
  • 385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South East Asia
  • Local time:05:56 PM

Posted 06 February 2013 - 06:52 PM

Hello helpmeplease71 :),

Your logs appears to be free from infection, except the ESET log does not reflect the scan result. What did you observe when it finished?

Could you describe a bit further if you see any error messages or abnormalities when you try to print?

Have you tried these:
Why can't I print?
Fix printer problems

--------------------

Please uninstall these:
Java 7 Update 7 (64-bit)
Java™ 6 Update 20 (64-bit)
Java™ 6 Update 31
Java™ 7 Update 5
Coupon Companion Plugin

To understand why uninstall Java, read this.

--------------------

Please download Junction© from Sysinternals and save it to your desktop.Click here.
  • Extract junction.exe to the Windows folder, C:\Windows using 7-Zip or a suitable archive utility that handles Zip files. For Windows Vista and 7, right click on the file and select Extract All....
  • Open Notepad. Copy and paste the following text into it:
    @echo off
    cmd /c junction -s c:\ > "%userprofile%\desktop\junctionlog.txt"
    %userprofile%\desktop\junctionlog.txt
    del %0
  • Save it as getlog.bat on the desktop. Make sure the Save as type: is All Files (*.*).
  • Double click on getlog.bat to run it. Allow if prompted by any security software.
  • Scanning will commence. When done, a log file will open.
  • Please post the contents of this log. It can also be found on the desktop as junctionlog.txt.

--------------------

Please download MiniToolBox© by farbar and save it to your desktop. Click here.
  • Double click on MiniToolBox.exe to run it.
    Please check (tick) the following options:
    • Flush DNS
    • List last 10 Event Viewer Errors
    • List devices, and select Only Problems
  • Click on the GO button. A log will open.
  • Please post the contents of this log. It can also be found on the desktop as Result.txt.

--------------------

Please post back:
1. did the ESET scan find anything?
2. more details on printing problem
3. Junction log
4. MiniToolBox result

Jack&Jill
MRU Teacher of Malware Removal University.
Member of ASAP and UNITE.


#9 helpmeplease71

helpmeplease71
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 07 February 2013 - 04:14 PM

ESET had 2 issues - something about coupons.

 

Already tried printer troubleshooting you advise.

 

Did everything for junction but nothing comes up!

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Admin (administrator) on 07-02-2013 at 21:10:46
Running from "C:\Users\Admin\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/07/2013 08:56:59 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2013 08:56:59 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2013 08:56:59 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2013 08:56:59 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (02/07/2013 08:56:58 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2013 08:56:58 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/07/2013 08:56:58 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2013 08:56:58 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/07/2013 08:56:58 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
 0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))

Error: (02/07/2013 08:56:58 PM) (Source: ESENT) (User: )
Description: Windows (3164) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0001B.log.


System errors:
=============
Error: (02/07/2013 08:58:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/07/2013 08:56:59 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/07/2013 08:56:59 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (02/06/2013 08:38:47 PM) (Source: Service Control Manager) (User: )
Description: The Easybits Services for Windows service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/06/2013 07:36:49 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/06/2013 07:35:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/06/2013 07:35:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (02/05/2013 07:17:10 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/05/2013 07:16:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/05/2013 07:16:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.


Microsoft Office Sessions:
=========================
Error: (01/25/2013 10:07:31 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/01/2012 05:18:31 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/12/2012 05:25:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 17 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-12-19 23:33:11.932
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-19 23:33:11.854
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


========================= Devices: ================================


**** End of log ****



#10 Jack&Jill

Jack&Jill

  • Malware Response Team
  • 385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South East Asia
  • Local time:05:56 PM

Posted 07 February 2013 - 07:04 PM

Hello helpmeplease71 smile.png,

Use right click and run as administrator to execute getlog.bat, then post back the results.

 

ESET had 2 issues - something about coupons.

Make sure you have uninstalled Coupon Companion Plugin and delete all related folders.


--------------------

Scan with RogueKiller

  • Please download RogueKiller© by Tigzy and save it to your desktop. Click here.
  • Click on the blue button with arrow pointing downwards to the right of Mirror:.
  • Allow the download if prompted by your security software and please close all your programs.
  • Double click on RogueKiller.exe to run it. If it does not run, please try a few times.
  • Wait for PreScan to finish, then click on Scan. Accept the EULA if prompted.
  • Once completed, a log called RKreport[1].txt will be created on the desktop. It can also be accessed via the Report button.
  • Please copy and paste the contents of that log in your next reply.

--------------------

Please post back:
1. Junction log
2. RogueKiller result

 


Jack&Jill
MRU Teacher of Malware Removal University.
Member of ASAP and UNITE.


#11 helpmeplease71

helpmeplease71
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 09 February 2013 - 06:38 AM

Junctionlog wont work. Just flashes up command window and nothing after!

 

RogueKiller V8.5.0 _x64_ [Feb  9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Admin [Admin rights]
Mode : Scan -- Date : 02/09/2013 11:36:53
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe  -> FOUND
[TASK][ROGUE ST] 4670 : wscript.exe C:\Users\Admin\AppData\Local\Temp\launchie.vbs //B -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FOLDER] L : C:\Windows\Installer\{a71b87f2-a04a-6244-7fd2-e7bc86436027}\L --> FOUND

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS725032A9A364 +++++
--- User ---
[MBR] 74d95565d2d8302221d7d4203051e433
[BSP] 72c867ad11c717b7c17de69ba07ea0cb : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 285433 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 584976384 | Size: 19508 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_02092013_02d1136.txt >>
RKreport[1]_S_02092013_02d1136.txt



#12 helpmeplease71

helpmeplease71
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 09 February 2013 - 02:54 PM

Also just found that I cannot open autocad files. :(



#13 Jack&Jill

Jack&Jill

  • Malware Response Team
  • 385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South East Asia
  • Local time:05:56 PM

Posted 10 February 2013 - 10:27 AM

Hello helpmeplease71,

Your logs show signs of a Remote Access Infection on your computer.

[ZeroAccess][FOLDER] L : C:\Windows\Installer\{a71b87f2-a04a-6244-7fd2-e7bc86436027}\L --> FOUND
¤¤¤ Infection : ZeroAccess ¤¤¤



These indicate you are infected with ....

ZeroAccess / Sirefef or its variant



Please take time to carefully read THIS topic, then let me know how you want to proceed.


 


Jack&Jill
MRU Teacher of Malware Removal University.
Member of ASAP and UNITE.


#14 helpmeplease71

helpmeplease71
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 10 February 2013 - 11:18 AM

wow, loads to read!

 

Probably best to reformat whole machine? However, i didnt receive operating system dick with machine. Is this a problem? I can remember with an older machine that I could format machine with operating system still intact.

 

Your help much appreciated. With regard all software, I have the disks.



#15 helpmeplease71

helpmeplease71
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 11 February 2013 - 09:00 AM

HP laptop has a media creation for recovery. Tried with USB but didnt work. Will try again this evening with DVDs. There is also a recovery tool to bring back to factory settings.

 

I also rebooted and pressed F11 to see if recovery can be accessed. It said that I would need to order a reovery kit from HP!

 

Lastly, I downloaded a windows iso of windows 7 home bootbale from USB as a back up.

 

Not sure how to progress?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users