Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM found trojan, rebooted PC without removal, and trojan no longer found


  • Please log in to reply
7 replies to this topic

#1 erasure

erasure

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 20 March 2013 - 04:21 PM

Yesterday I ran MBAM and it identified 4 trojans/malware which I believe were these:

 

c:\users\<username>\videos\gbpxp.exe (Trojan.Banker)
c:\users\<username>\videos\mob127.bin (Malware.Trace)
c:\users\<username>\music\dos.exe (Trojan.Agent)
c:\users\<username>\pictures\cool profile pics\cool profile pics.exe (Trojan.Agent)

 

 

The reason I say believe is because I never removed/quarantined them so the scan never finished and no log was written.  I do know that one of them was definitely "cool profile pics.exe" and another was "dos.exe" , and I am 90% sure the other 2 filenames match.  I found this list in the first search result when googling "cool profile pics.exe"

 

The reason I never completed the scan/removal was because just last week I repointed "My Videos", "My Music" and "My Pictures" to my D: drive (to get them off my SSD), and I thought it was weird that the suspected files were in the old directories in the C: drive.  Then when i tried navigating to the directories listed, Windows gave an "Access Denied" error. Doing some searching lead me to a post mentioning disabling the Windows Media Player Network Sharing Service.  When I tried to stop the service it hung so I disabled it and rebooted my PC (thus closing MBAM).  After rebooting I was able to access the directories but they were all empty.

 

So, I then ran MBAM, Security Essentials and SUPERAntiSpyware scans and they all came back clean.   I am really lost as to what happened and just want to verify that I am not infected.  Thanks in advance for any help.



BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:11 PM

Posted 20 March 2013 - 07:24 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs,  unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

step1.gif

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.

 

step2.gif

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

 

step3.gif

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.

 

step4.gif

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Edited by dev00790, 20 March 2013 - 07:29 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 erasure

erasure
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 20 March 2013 - 07:51 PM

TDSSKiller.2.8.16.0_20.03.2013_20.29.46_log.txt:
 
20:29:46.0518 6316  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:29:46.0770 6316  ============================================================
20:29:46.0770 6316  Current date / time: 2013/03/20 20:29:46.0770
20:29:46.0770 6316  SystemInfo:
20:29:46.0770 6316  
20:29:46.0770 6316  OS Version: 6.1.7601 ServicePack: 1.0
20:29:46.0770 6316  Product type: Workstation
20:29:46.0770 6316  ComputerName: ENVY17
20:29:46.0770 6316  UserName: Nick
20:29:46.0770 6316  Windows directory: C:\Windows
20:29:46.0770 6316  System windows directory: C:\Windows
20:29:46.0770 6316  Running under WOW64
20:29:46.0770 6316  Processor architecture: Intel x64
20:29:46.0770 6316  Number of processors: 8
20:29:46.0770 6316  Page size: 0x1000
20:29:46.0770 6316  Boot type: Normal boot
20:29:46.0770 6316  ============================================================
20:29:47.0100 6316  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:29:47.0100 6316  Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:29:47.0104 6316  ============================================================
20:29:47.0104 6316  \Device\Harddisk0\DR0:
20:29:47.0104 6316  MBR partitions:
20:29:47.0104 6316  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BF23000
20:29:47.0104 6316  \Device\Harddisk1\DR1:
20:29:47.0104 6316  MBR partitions:
20:29:47.0104 6316  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:29:47.0104 6316  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x54AE8000
20:29:47.0104 6316  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x54B4C000, BlocksNum 0x29C6800
20:29:47.0104 6316  \Device\Harddisk1\DR1\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x33000
20:29:47.0104 6316  ============================================================
20:29:47.0105 6316  C: <-> \Device\Harddisk0\DR0\Partition1
20:29:47.0108 6316  D: <-> \Device\Harddisk1\DR1\Partition2
20:29:47.0108 6316  ============================================================
20:29:47.0108 6316  Initialize success
20:29:47.0108 6316  ============================================================
20:30:23.0107 7980  Deinitialize success
 
TDSSKiller.2.8.16.0_20.03.2013_20.31.27_log.txt:
 
20:31:27.0479 4140  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:31:27.0834 4140  ============================================================
20:31:27.0834 4140  Current date / time: 2013/03/20 20:31:27.0834
20:31:27.0834 4140  SystemInfo:
20:31:27.0834 4140  
20:31:27.0834 4140  OS Version: 6.1.7601 ServicePack: 1.0
20:31:27.0834 4140  Product type: Workstation
20:31:27.0834 4140  ComputerName: ENVY17
20:31:27.0835 4140  UserName: Nick
20:31:27.0835 4140  Windows directory: C:\Windows
20:31:27.0835 4140  System windows directory: C:\Windows
20:31:27.0835 4140  Running under WOW64
20:31:27.0835 4140  Processor architecture: Intel x64
20:31:27.0835 4140  Number of processors: 8
20:31:27.0835 4140  Page size: 0x1000
20:31:27.0835 4140  Boot type: Normal boot
20:31:27.0835 4140  ============================================================
20:31:28.0155 4140  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:31:28.0155 4140  Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:31:28.0159 4140  ============================================================
20:31:28.0159 4140  \Device\Harddisk0\DR0:
20:31:28.0160 4140  MBR partitions:
20:31:28.0160 4140  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BF23000
20:31:28.0160 4140  \Device\Harddisk1\DR1:
20:31:28.0160 4140  MBR partitions:
20:31:28.0160 4140  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:31:28.0160 4140  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x54AE8000
20:31:28.0160 4140  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x54B4C000, BlocksNum 0x29C6800
20:31:28.0160 4140  \Device\Harddisk1\DR1\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x33000
20:31:28.0160 4140  ============================================================
20:31:28.0161 4140  C: <-> \Device\Harddisk0\DR0\Partition1
20:31:28.0163 4140  D: <-> \Device\Harddisk1\DR1\Partition2
20:31:28.0163 4140  ============================================================
20:31:28.0163 4140  Initialize success
20:31:28.0163 4140  ============================================================
20:32:26.0648 7372  ============================================================
20:32:26.0648 7372  Scan started
20:32:26.0648 7372  Mode: Manual; SigCheck; TDLFS; 
20:32:26.0648 7372  ============================================================
20:32:26.0695 7372  ================ Scan system memory ========================
20:32:26.0695 7372  System memory - ok
20:32:26.0696 7372  ================ Scan services =============================
20:32:26.0701 7372  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:32:26.0729 7372  !SASCORE - ok
20:32:26.0763 7372  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:32:26.0785 7372  1394ohci - ok
20:32:26.0788 7372  [ A3D3A95303269011060BBCFB97CA1DD5 ] Accelerometer   C:\Windows\system32\drivers\Accelerometer.sys
20:32:26.0803 7372  Accelerometer - ok
20:32:26.0808 7372  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:32:26.0818 7372  ACPI - ok
20:32:26.0821 7372  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:32:26.0841 7372  AcpiPmi - ok
20:32:26.0846 7372  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:32:26.0852 7372  AdobeARMservice - ok
20:32:26.0858 7372  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:32:26.0870 7372  adp94xx - ok
20:32:26.0875 7372  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:32:26.0885 7372  adpahci - ok
20:32:26.0889 7372  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:32:26.0897 7372  adpu320 - ok
20:32:26.0901 7372  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:32:26.0946 7372  AeLookupSvc - ok
20:32:26.0951 7372  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
20:32:26.0999 7372  AESTFilters - ok
20:32:27.0004 7372  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
20:32:27.0016 7372  AFD - ok
20:32:27.0020 7372  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:32:27.0026 7372  agp440 - ok
20:32:27.0029 7372  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
20:32:27.0039 7372  ALG - ok
20:32:27.0041 7372  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:32:27.0048 7372  aliide - ok
20:32:27.0052 7372  [ 6B86F165C7D518CDB70804D82AC3ACD5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:32:27.0109 7372  AMD External Events Utility - ok
20:32:27.0112 7372  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:32:27.0118 7372  amdide - ok
20:32:27.0121 7372  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:32:27.0135 7372  AmdK8 - ok
20:32:27.0212 7372  [ 116176D9B55DDA2C5494DF5611E246A7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:32:27.0334 7372  amdkmdag - ok
20:32:27.0340 7372  [ 29A5ACBF46308BD283A5F0D93C4686B5 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:32:27.0362 7372  amdkmdap - ok
20:32:27.0365 7372  [ 554FB0F28C411FB1EAFD4EA46A8CAAA4 ] amdkmpfd        C:\Windows\system32\drivers\amdkmpfd.sys
20:32:27.0371 7372  amdkmpfd - ok
20:32:27.0374 7372  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:32:27.0388 7372  AmdPPM - ok
20:32:27.0391 7372  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:32:27.0398 7372  amdsata - ok
20:32:27.0402 7372  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:32:27.0410 7372  amdsbs - ok
20:32:27.0413 7372  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:32:27.0420 7372  amdxata - ok
20:32:27.0423 7372  [ 157B1C973637919DCD0D0464167C86BA ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
20:32:27.0444 7372  AMPPAL - ok
20:32:27.0447 7372  [ 157B1C973637919DCD0D0464167C86BA ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
20:32:27.0453 7372  AMPPALP - ok
20:32:27.0460 7372  [ FB70F8C1283C8CC6BFAA6F9971107E68 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
20:32:27.0474 7372  AMPPALR3 - ok
20:32:27.0476 7372  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
20:32:27.0522 7372  AppID - ok
20:32:27.0525 7372  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:32:27.0546 7372  AppIDSvc - ok
20:32:27.0549 7372  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
20:32:27.0570 7372  Appinfo - ok
20:32:27.0575 7372  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
20:32:27.0582 7372  arc - ok
20:32:27.0586 7372  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:32:27.0593 7372  arcsas - ok
20:32:27.0603 7372  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:32:27.0611 7372  aspnet_state - ok
20:32:27.0614 7372  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:32:27.0636 7372  AsyncMac - ok
20:32:27.0638 7372  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
20:32:27.0645 7372  atapi - ok
20:32:27.0654 7372  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:32:27.0680 7372  AudioEndpointBuilder - ok
20:32:27.0687 7372  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:32:27.0711 7372  AudioSrv - ok
20:32:27.0715 7372  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:32:27.0733 7372  AxInstSV - ok
20:32:27.0739 7372  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:32:27.0757 7372  b06bdrv - ok
20:32:27.0761 7372  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:32:27.0779 7372  b57nd60a - ok
20:32:27.0783 7372  [ BC9E4469FE2CE605902D4C8BB09E8236 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
20:32:27.0790 7372  bcbtums - ok
20:32:27.0801 7372  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
20:32:27.0841 7372  BCM43XX - ok
20:32:27.0844 7372  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:32:27.0852 7372  BDESVC - ok
20:32:27.0854 7372  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:32:27.0875 7372  Beep - ok
20:32:27.0883 7372  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
20:32:27.0913 7372  BFE - ok
20:32:27.0921 7372  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
20:32:27.0954 7372  BITS - ok
20:32:27.0957 7372  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:32:27.0971 7372  blbdrive - ok
20:32:27.0974 7372  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:32:27.0982 7372  bowser - ok
20:32:27.0985 7372  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:32:27.0999 7372  BrFiltLo - ok
20:32:28.0001 7372  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:32:28.0015 7372  BrFiltUp - ok
20:32:28.0019 7372  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
20:32:28.0044 7372  BridgeMP - ok
20:32:28.0047 7372  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
20:32:28.0056 7372  Browser - ok
20:32:28.0061 7372  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:32:28.0079 7372  Brserid - ok
20:32:28.0082 7372  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:32:28.0096 7372  BrSerWdm - ok
20:32:28.0098 7372  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:32:28.0112 7372  BrUsbMdm - ok
20:32:28.0114 7372  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:32:28.0126 7372  BrUsbSer - ok
20:32:28.0129 7372  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
20:32:28.0137 7372  BthEnum - ok
20:32:28.0140 7372  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:32:28.0159 7372  BTHMODEM - ok
20:32:28.0162 7372  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:32:28.0179 7372  BthPan - ok
20:32:28.0185 7372  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
20:32:28.0197 7372  BTHPORT - ok
20:32:28.0200 7372  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
20:32:28.0222 7372  bthserv - ok
20:32:28.0224 7372  [ FA2D081709A764F6BEE16B7FFE03E36C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
20:32:28.0231 7372  BTHSSecurityMgr - ok
20:32:28.0234 7372  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:32:28.0242 7372  BTHUSB - ok
20:32:28.0248 7372  [ 93F0E54C65EF7FCB56287FA685E4C4B7 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
20:32:28.0261 7372  btwampfl - ok
20:32:28.0265 7372  [ D1F3C58892C621935947C0261BAEF3C0 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
20:32:28.0273 7372  btwaudio - ok
20:32:28.0277 7372  [ 9C7A3858D87F3A2574C1D326CA6C1461 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
20:32:28.0285 7372  btwavdt - ok
20:32:28.0295 7372  [ CE6AD9E2874D19069569F03C819B558C ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:32:28.0310 7372  btwdins - ok
20:32:28.0313 7372  [ AC602E3B6940B48E454D90545D85E8C3 ] BTWDPAN         C:\Windows\system32\DRIVERS\btwdpan.sys
20:32:28.0319 7372  BTWDPAN - ok
20:32:28.0321 7372  [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
20:32:28.0327 7372  btwl2cap - ok
20:32:28.0329 7372  [ BB892C59D453E127797F8C5B203678DC ] btwrchid        C:\Windows\system32\drivers\btwrchid.sys
20:32:28.0335 7372  btwrchid - ok
20:32:28.0336 7372  catchme - ok
20:32:28.0339 7372  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:32:28.0362 7372  cdfs - ok
20:32:28.0365 7372  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:32:28.0374 7372  cdrom - ok
20:32:28.0377 7372  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:32:28.0404 7372  CertPropSvc - ok
20:32:28.0407 7372  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
20:32:28.0422 7372  circlass - ok
20:32:28.0427 7372  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
20:32:28.0437 7372  CLFS - ok
20:32:28.0443 7372  [ 0CAE9EE567832A37AC397AA0E285327F ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
20:32:28.0452 7372  CLKMSVC10_38F51D56 - ok
20:32:28.0457 7372  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:32:28.0464 7372  clr_optimization_v2.0.50727_32 - ok
20:32:28.0468 7372  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:32:28.0476 7372  clr_optimization_v2.0.50727_64 - ok
20:32:28.0483 7372  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:32:28.0496 7372  clr_optimization_v4.0.30319_32 - ok
20:32:28.0499 7372  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:32:28.0511 7372  clr_optimization_v4.0.30319_64 - ok
20:32:28.0514 7372  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
20:32:28.0520 7372  clwvd - ok
20:32:28.0522 7372  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
20:32:28.0530 7372  CmBatt - ok
20:32:28.0533 7372  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:32:28.0539 7372  cmdide - ok
20:32:28.0544 7372  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
20:32:28.0561 7372  CNG - ok
20:32:28.0563 7372  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:32:28.0570 7372  Compbatt - ok
20:32:28.0572 7372  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:32:28.0581 7372  CompositeBus - ok
20:32:28.0583 7372  COMSysApp - ok
20:32:28.0602 7372  [ 14EAE7D3BB6971DF99B6B756687EA0E9 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:32:28.0613 7372  cphs - ok
20:32:28.0616 7372  cpuz135 - ok
20:32:28.0618 7372  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:32:28.0624 7372  crcdisk - ok
20:32:28.0629 7372  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:32:28.0638 7372  CryptSvc - ok
20:32:28.0645 7372  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:32:28.0670 7372  DcomLaunch - ok
20:32:28.0675 7372  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
20:32:28.0699 7372  defragsvc - ok
20:32:28.0702 7372  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:32:28.0724 7372  DfsC - ok
20:32:28.0727 7372  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
20:32:28.0734 7372  dg_ssudbus - ok
20:32:28.0738 7372  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:32:28.0750 7372  Dhcp - ok
20:32:28.0752 7372  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
20:32:28.0775 7372  discache - ok
20:32:28.0778 7372  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
20:32:28.0785 7372  Disk - ok
20:32:28.0788 7372  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:32:28.0797 7372  Dnscache - ok
20:32:28.0801 7372  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:32:28.0824 7372  dot3svc - ok
20:32:28.0827 7372  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
20:32:28.0850 7372  DPS - ok
20:32:28.0852 7372  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:32:28.0861 7372  drmkaud - ok
20:32:28.0870 7372  [ CE7743807258A7D383C427E3C178A49E ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:32:28.0887 7372  DXGKrnl - ok
20:32:28.0890 7372  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
20:32:28.0913 7372  EapHost - ok
20:32:28.0938 7372  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:32:28.0982 7372  ebdrv - ok
20:32:28.0985 7372  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
20:32:28.0993 7372  EFS - ok
20:32:29.0000 7372  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:32:29.0016 7372  ehRecvr - ok
20:32:29.0018 7372  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
20:32:29.0027 7372  ehSched - ok
20:32:29.0033 7372  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:32:29.0045 7372  elxstor - ok
20:32:29.0048 7372  [ 6106653B08F4F72EEAA7F099E7C408A4 ] epmntdrv        C:\Windows\system32\epmntdrv.sys
20:32:29.0061 7372  epmntdrv - ok
20:32:29.0063 7372  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:32:29.0075 7372  ErrDev - ok
20:32:29.0079 7372  [ 991C04A31777ED77CB92A4F96F14C2E2 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
20:32:29.0091 7372  EuGdiDrv - ok
20:32:29.0096 7372  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
20:32:29.0121 7372  EventSystem - ok
20:32:29.0128 7372  [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:32:29.0153 7372  EvtEng - ok
20:32:29.0156 7372  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
20:32:29.0179 7372  exfat - ok
20:32:29.0182 7372  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:32:29.0206 7372  fastfat - ok
20:32:29.0213 7372  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
20:32:29.0226 7372  Fax - ok
20:32:29.0229 7372  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
20:32:29.0242 7372  fdc - ok
20:32:29.0244 7372  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:32:29.0266 7372  fdPHost - ok
20:32:29.0268 7372  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:32:29.0289 7372  FDResPub - ok
20:32:29.0292 7372  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:32:29.0299 7372  FileInfo - ok
20:32:29.0301 7372  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:32:29.0323 7372  Filetrace - ok
20:32:29.0325 7372  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:32:29.0337 7372  flpydisk - ok
20:32:29.0342 7372  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:32:29.0351 7372  FltMgr - ok
20:32:29.0361 7372  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
20:32:29.0380 7372  FontCache - ok
20:32:29.0383 7372  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:32:29.0389 7372  FontCache3.0.0.0 - ok
20:32:29.0391 7372  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:32:29.0397 7372  FsDepends - ok
20:32:29.0400 7372  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:32:29.0406 7372  Fs_Rec - ok
20:32:29.0409 7372  [ AE6F0A6562D3ECCD613DE1FD8612AC4E ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
20:32:29.0440 7372  Futuremark SystemInfo Service - ok
20:32:29.0443 7372  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:32:29.0453 7372  fvevol - ok
20:32:29.0456 7372  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:32:29.0463 7372  gagp30kx - ok
20:32:29.0470 7372  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
20:32:29.0498 7372  gpsvc - ok
20:32:29.0501 7372  [ 3CC07DAD48FA53193AE2F85DD8200B5E ] hcmon           C:\Windows\system32\drivers\hcmon.sys
20:32:29.0508 7372  hcmon - ok
20:32:29.0510 7372  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:32:29.0523 7372  hcw85cir - ok
20:32:29.0528 7372  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:32:29.0540 7372  HdAudAddService - ok
20:32:29.0543 7372  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:32:29.0553 7372  HDAudBus - ok
20:32:29.0555 7372  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:32:29.0568 7372  HidBatt - ok
20:32:29.0571 7372  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:32:29.0588 7372  HidBth - ok
20:32:29.0591 7372  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:32:29.0606 7372  HidIr - ok
20:32:29.0609 7372  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
20:32:29.0630 7372  hidserv - ok
20:32:29.0633 7372  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:32:29.0640 7372  HidUsb - ok
20:32:29.0642 7372  [ 8D1F00F4254C3EF428B715484940427C ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
20:32:29.0652 7372  HiPatchService ( UnsignedFile.Multi.Generic ) - warning
20:32:29.0652 7372  HiPatchService - detected UnsignedFile.Multi.Generic (1)
20:32:29.0655 7372  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:32:29.0677 7372  hkmsvc - ok
20:32:29.0681 7372  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:32:29.0690 7372  HomeGroupListener - ok
20:32:29.0694 7372  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:32:29.0703 7372  HomeGroupProvider - ok
20:32:29.0706 7372  [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:32:29.0712 7372  HP Support Assistant Service - ok
20:32:29.0715 7372  [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:32:29.0721 7372  HPDrvMntSvc.exe - ok
20:32:29.0723 7372  [ 4EC5F601B46C00DF87323CD58E8AA1A3 ] hpdskflt        C:\Windows\system32\drivers\hpdskflt.sys
20:32:29.0729 7372  hpdskflt - ok
20:32:29.0732 7372  [ DD1C51DF08CC320CF44A3EA65C6AEBA5 ] HPPRXSVC        C:\Program Files (x86)\Hewlett-Packard\HP Proximity Sensor\HPPRXSVC.exe
20:32:29.0737 7372  HPPRXSVC - ok
20:32:29.0745 7372  [ 7F8AD33720F9CD839C5ACE946FA39AE0 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:32:29.0761 7372  hpqwmiex - ok
20:32:29.0764 7372  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:32:29.0771 7372  HpSAMD - ok
20:32:29.0774 7372  [ 3A63CD2EAC2188CF2660A8E8DA701AB7 ] hpsrv           C:\Windows\system32\Hpservice.exe
20:32:29.0780 7372  hpsrv - ok
20:32:29.0783 7372  [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:32:29.0788 7372  HPWMISVC - ok
20:32:29.0795 7372  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:32:29.0822 7372  HTTP - ok
20:32:29.0824 7372  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:32:29.0830 7372  hwpolicy - ok
20:32:29.0833 7372  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:32:29.0841 7372  i8042prt - ok
20:32:29.0847 7372  [ C224331A54571C8C9162F7714400BBBD ] iaStor          C:\Windows\system32\drivers\iaStor.sys
20:32:29.0859 7372  iaStor - ok
20:32:29.0862 7372  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:32:29.0867 7372  IAStorDataMgrSvc - ok
20:32:29.0872 7372  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:32:29.0883 7372  iaStorV - ok
20:32:29.0892 7372  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:32:29.0907 7372  idsvc - ok
20:32:29.0910 7372  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:32:29.0917 7372  iirsp - ok
20:32:29.0919 7372  [ 67999A9D34A0B2479381E7A61AFC37AB ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
20:32:29.0932 7372  ikbevent - ok
20:32:29.0941 7372  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
20:32:29.0969 7372  IKEEXT - ok
20:32:29.0971 7372  [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4 ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
20:32:29.0984 7372  imsevent - ok
20:32:29.0987 7372  [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
20:32:29.0994 7372  intaud_WaveExtensible - ok
20:32:29.0998 7372  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:32:30.0018 7372  IntcDAud - ok
20:32:30.0024 7372  [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:32:30.0848 7372  Intel® Capability Licensing Service Interface - ok
20:32:30.0850 7372  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
20:32:30.0856 7372  intelide - ok
20:32:30.0960 7372  [ 983D0CA946ACA5240F2FBBAF44802912 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
20:32:31.0114 7372  intelkmd - ok
20:32:31.0119 7372  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
20:32:31.0133 7372  intelppm - ok
20:32:31.0136 7372  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:32:31.0159 7372  IPBusEnum - ok
20:32:31.0162 7372  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:32:31.0183 7372  IpFilterDriver - ok
20:32:31.0190 7372  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:32:31.0203 7372  iphlpsvc - ok
20:32:31.0206 7372  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:32:31.0220 7372  IPMIDRV - ok
20:32:31.0223 7372  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:32:31.0246 7372  IPNAT - ok
20:32:31.0248 7372  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:32:31.0257 7372  IRENUM - ok
20:32:31.0260 7372  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:32:31.0267 7372  isapnp - ok
20:32:31.0271 7372  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:32:31.0280 7372  iScsiPrt - ok
20:32:31.0282 7372  [ 970995B7C36F4408ED31C3BF204FE1F5 ] ISCT            C:\Windows\system32\drivers\ISCTD64.sys
20:32:31.0289 7372  ISCT - ok
20:32:31.0292 7372  [ 6F60B7AD044924B8C1E32D692C593612 ] ISCTAgent       C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
20:32:31.0310 7372  ISCTAgent - ok
20:32:31.0313 7372  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
20:32:31.0318 7372  iusb3hcs - ok
20:32:31.0323 7372  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
20:32:31.0333 7372  iusb3hub - ok
20:32:31.0340 7372  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
20:32:31.0355 7372  iusb3xhc - ok
20:32:31.0358 7372  [ 716F66336F10885D935B08174DC54242 ] iwdbus          C:\Windows\system32\drivers\iwdbus.sys
20:32:31.0364 7372  iwdbus - ok
20:32:31.0367 7372  [ 3628933AF5305EAB8173949BFF912F04 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:32:31.0374 7372  jhi_service - ok
20:32:31.0377 7372  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
20:32:31.0384 7372  kbdclass - ok
20:32:31.0386 7372  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:32:31.0402 7372  kbdhid - ok
20:32:31.0404 7372  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
20:32:31.0411 7372  KeyIso - ok
20:32:31.0414 7372  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:32:31.0421 7372  KSecDD - ok
20:32:31.0424 7372  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:32:31.0432 7372  KSecPkg - ok
20:32:31.0434 7372  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:32:31.0456 7372  ksthunk - ok
20:32:31.0461 7372  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:32:31.0485 7372  KtmRm - ok
20:32:31.0488 7372  [ 3CE6A9BEF066BF9488E6BC4D6C62F77E ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
20:32:31.0496 7372  L1C - ok
20:32:31.0499 7372  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:32:31.0523 7372  LanmanServer - ok
20:32:31.0526 7372  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:32:31.0548 7372  LanmanWorkstation - ok
20:32:31.0552 7372  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:32:31.0574 7372  lltdio - ok
20:32:31.0579 7372  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:32:31.0602 7372  lltdsvc - ok
20:32:31.0605 7372  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:32:31.0626 7372  lmhosts - ok
20:32:31.0630 7372  [ BF22ACF4CF3734D61357E67F0521BC03 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:32:31.0639 7372  LMS - ok
20:32:31.0643 7372  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:32:31.0650 7372  LSI_FC - ok
20:32:31.0653 7372  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:32:31.0660 7372  LSI_SAS - ok
20:32:31.0663 7372  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:32:31.0670 7372  LSI_SAS2 - ok
20:32:31.0673 7372  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:32:31.0680 7372  LSI_SCSI - ok
20:32:31.0683 7372  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:32:31.0706 7372  luafv - ok
20:32:31.0708 7372  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:32:31.0717 7372  Mcx2Svc - ok
20:32:31.0720 7372  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:32:31.0726 7372  megasas - ok
20:32:31.0730 7372  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:32:31.0740 7372  MegaSR - ok
20:32:31.0743 7372  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
20:32:31.0750 7372  MEIx64 - ok
20:32:31.0753 7372  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
20:32:31.0775 7372  MMCSS - ok
20:32:31.0778 7372  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
20:32:31.0799 7372  Modem - ok
20:32:31.0802 7372  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:32:31.0811 7372  monitor - ok
20:32:31.0814 7372  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:32:31.0821 7372  mouclass - ok
20:32:31.0823 7372  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:32:31.0831 7372  mouhid - ok
20:32:31.0834 7372  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:32:31.0842 7372  mountmgr - ok
20:32:31.0845 7372  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:32:31.0853 7372  MozillaMaintenance - ok
20:32:31.0858 7372  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
20:32:31.0868 7372  MpFilter - ok
20:32:31.0871 7372  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:32:31.0879 7372  mpio - ok
20:32:31.0882 7372  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:32:31.0904 7372  mpsdrv - ok
20:32:31.0913 7372  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:32:31.0941 7372  MpsSvc - ok
20:32:31.0944 7372  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:32:31.0956 7372  MRxDAV - ok
20:32:31.0959 7372  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:32:31.0967 7372  mrxsmb - ok
20:32:31.0971 7372  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:32:31.0980 7372  mrxsmb10 - ok
20:32:31.0983 7372  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:32:31.0990 7372  mrxsmb20 - ok
20:32:31.0993 7372  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:32:31.0999 7372  msahci - ok
20:32:32.0002 7372  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:32:32.0009 7372  msdsm - ok
20:32:32.0012 7372  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
20:32:32.0022 7372  MSDTC - ok
20:32:32.0026 7372  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:32:32.0047 7372  Msfs - ok
20:32:32.0049 7372  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:32:32.0071 7372  mshidkmdf - ok
20:32:32.0074 7372  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:32:32.0080 7372  msisadrv - ok
20:32:32.0083 7372  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:32:32.0106 7372  MSiSCSI - ok
20:32:32.0108 7372  msiserver - ok
20:32:32.0111 7372  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:32:32.0134 7372  MSKSSRV - ok
20:32:32.0138 7372  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:32:32.0145 7372  MsMpSvc - ok
20:32:32.0147 7372  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:32:32.0169 7372  MSPCLOCK - ok
20:32:32.0172 7372  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:32:32.0193 7372  MSPQM - ok
20:32:32.0198 7372  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:32:32.0208 7372  MsRPC - ok
20:32:32.0212 7372  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:32:32.0218 7372  mssmbios - ok
20:32:32.0220 7372  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:32:32.0242 7372  MSTEE - ok
20:32:32.0244 7372  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:32:32.0257 7372  MTConfig - ok
20:32:32.0259 7372  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:32:32.0266 7372  Mup - ok
20:32:32.0270 7372  [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:32:32.0313 7372  MyWiFiDHCPDNS - ok
20:32:32.0318 7372  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
20:32:32.0344 7372  napagent - ok
20:32:32.0349 7372  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:32:32.0362 7372  NativeWifiP - ok
20:32:32.0372 7372  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:32:32.0389 7372  NDIS - ok
20:32:32.0392 7372  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:32:32.0414 7372  NdisCap - ok
20:32:32.0416 7372  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:32:32.0438 7372  NdisTapi - ok
20:32:32.0440 7372  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:32:32.0461 7372  Ndisuio - ok
20:32:32.0465 7372  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:32:32.0487 7372  NdisWan - ok
20:32:32.0490 7372  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:32:32.0510 7372  NDProxy - ok
20:32:32.0513 7372  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:32:32.0535 7372  NetBIOS - ok
20:32:32.0539 7372  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:32:32.0561 7372  NetBT - ok
20:32:32.0563 7372  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
20:32:32.0570 7372  Netlogon - ok
20:32:32.0575 7372  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
20:32:32.0600 7372  Netman - ok
20:32:32.0607 7372  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:32:32.0615 7372  NetMsmqActivator - ok
20:32:32.0617 7372  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:32:32.0623 7372  NetPipeActivator - ok
20:32:32.0628 7372  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
20:32:32.0654 7372  netprofm - ok
20:32:32.0657 7372  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:32:32.0663 7372  NetTcpActivator - ok
20:32:32.0665 7372  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:32:32.0671 7372  NetTcpPortSharing - ok
20:32:32.0752 7372  [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
20:32:32.0869 7372  NETwNs64 - ok
20:32:32.0872 7372  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:32:32.0879 7372  nfrd960 - ok
20:32:32.0882 7372  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:32:32.0891 7372  NisDrv - ok
20:32:32.0895 7372  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
20:32:32.0907 7372  NisSrv - ok
20:32:32.0911 7372  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:32:32.0921 7372  NlaSvc - ok
20:32:32.0923 7372  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:32:32.0945 7372  Npfs - ok
20:32:32.0947 7372  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
20:32:32.0969 7372  nsi - ok
20:32:32.0971 7372  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:32:32.0993 7372  nsiproxy - ok
20:32:33.0007 7372  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:32:33.0032 7372  Ntfs - ok
20:32:33.0034 7372  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
20:32:33.0055 7372  Null - ok
20:32:33.0060 7372  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
20:32:33.0079 7372  NVENETFD - ok
20:32:33.0083 7372  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:32:33.0090 7372  nvraid - ok
20:32:33.0093 7372  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:32:33.0101 7372  nvstor - ok
20:32:33.0104 7372  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:32:33.0112 7372  nv_agp - ok
20:32:33.0114 7372  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:32:33.0129 7372  ohci1394 - ok
20:32:33.0133 7372  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:32:33.0144 7372  p2pimsvc - ok
20:32:33.0149 7372  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:32:33.0159 7372  p2psvc - ok
20:32:33.0162 7372  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
20:32:33.0177 7372  Parport - ok
20:32:33.0180 7372  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:32:33.0187 7372  partmgr - ok
20:32:33.0191 7372  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:32:33.0203 7372  PcaSvc - ok
20:32:33.0206 7372  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
20:32:33.0214 7372  pci - ok
20:32:33.0216 7372  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
20:32:33.0223 7372  pciide - ok
20:32:33.0226 7372  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:32:33.0235 7372  pcmcia - ok
20:32:33.0237 7372  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:32:33.0244 7372  pcw - ok
20:32:33.0250 7372  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:32:33.0276 7372  PEAUTH - ok
20:32:33.0295 7372  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:32:33.0304 7372  PerfHost - ok
20:32:33.0318 7372  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
20:32:33.0351 7372  pla - ok
20:32:33.0357 7372  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:32:33.0369 7372  PlugPlay - ok
20:32:33.0371 7372  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:32:33.0379 7372  PNRPAutoReg - ok
20:32:33.0383 7372  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:32:33.0392 7372  PNRPsvc - ok
20:32:33.0398 7372  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:32:33.0423 7372  PolicyAgent - ok
20:32:33.0427 7372  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll
20:32:33.0437 7372  Power - ok
20:32:33.0440 7372  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:32:33.0461 7372  PptpMiniport - ok
20:32:33.0464 7372  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
20:32:33.0477 7372  Processor - ok
20:32:33.0481 7372  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:32:33.0490 7372  ProfSvc - ok
20:32:33.0492 7372  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:32:33.0499 7372  ProtectedStorage - ok
20:32:33.0502 7372  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:32:33.0524 7372  Psched - ok
20:32:33.0536 7372  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:32:33.0559 7372  ql2300 - ok
20:32:33.0562 7372  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:32:33.0570 7372  ql40xx - ok
20:32:33.0574 7372  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
20:32:33.0586 7372  QWAVE - ok
20:32:33.0589 7372  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:32:33.0599 7372  QWAVEdrv - ok
20:32:33.0601 7372  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:32:33.0623 7372  RasAcd - ok
20:32:33.0625 7372  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:32:33.0647 7372  RasAgileVpn - ok
20:32:33.0650 7372  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
20:32:33.0673 7372  RasAuto - ok
20:32:33.0676 7372  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:32:33.0698 7372  Rasl2tp - ok
20:32:33.0702 7372  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
20:32:33.0727 7372  RasMan - ok
20:32:33.0729 7372  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:32:33.0753 7372  RasPppoe - ok
20:32:33.0755 7372  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:32:33.0778 7372  RasSstp - ok
20:32:33.0782 7372  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:32:33.0805 7372  rdbss - ok
20:32:33.0808 7372  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
20:32:33.0823 7372  rdpbus - ok
20:32:33.0825 7372  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:32:33.0847 7372  RDPCDD - ok
20:32:33.0850 7372  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:32:33.0872 7372  RDPENCDD - ok
20:32:33.0875 7372  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:32:33.0897 7372  RDPREFMP - ok
20:32:33.0900 7372  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:32:33.0909 7372  RDPWD - ok
20:32:33.0913 7372  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:32:33.0921 7372  rdyboost - ok
20:32:33.0925 7372  [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:32:33.0931 7372  RegSrvc - ok
20:32:33.0934 7372  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:32:33.0957 7372  RemoteAccess - ok
20:32:33.0961 7372  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:32:33.0983 7372  RemoteRegistry - ok
20:32:33.0987 7372  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:32:33.0997 7372  RFCOMM - ok
20:32:34.0000 7372  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:32:34.0023 7372  RpcEptMapper - ok
20:32:34.0025 7372  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
20:32:34.0033 7372  RpcLocator - ok
20:32:34.0038 7372  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
20:32:34.0062 7372  RpcSs - ok
20:32:34.0067 7372  [ 1F4C4F27F5C06B637255661F33B74E1A ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
20:32:34.0076 7372  RSP2STOR - ok
20:32:34.0079 7372  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:32:34.0100 7372  rspndr - ok
20:32:34.0102 7372  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
20:32:34.0109 7372  SamSs - ok
20:32:34.0112 7372  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:32:34.0118 7372  SASDIFSV - ok
20:32:34.0120 7372  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:32:34.0125 7372  SASKUTIL - ok
20:32:34.0128 7372  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:32:34.0135 7372  sbp2port - ok
20:32:34.0138 7372  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:32:34.0162 7372  SCardSvr - ok
20:32:34.0164 7372  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:32:34.0185 7372  scfilter - ok
20:32:34.0195 7372  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
20:32:34.0226 7372  Schedule - ok
20:32:34.0229 7372  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:32:34.0250 7372  SCPolicySvc - ok
20:32:34.0253 7372  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:32:34.0271 7372  sdbus - ok
20:32:34.0275 7372  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:32:34.0284 7372  SDRSVC - ok
20:32:34.0286 7372  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:32:34.0314 7372  secdrv - ok
20:32:34.0316 7372  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
20:32:34.0337 7372  seclogon - ok
20:32:34.0340 7372  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
20:32:34.0362 7372  SENS - ok
20:32:34.0365 7372  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:32:34.0373 7372  SensrSvc - ok
20:32:34.0376 7372  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:32:34.0388 7372  Serenum - ok
20:32:34.0391 7372  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
20:32:34.0405 7372  Serial - ok
20:32:34.0408 7372  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:32:34.0415 7372  sermouse - ok
20:32:34.0421 7372  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:32:34.0443 7372  SessionEnv - ok
20:32:34.0445 7372  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:32:34.0460 7372  sffdisk - ok
20:32:34.0462 7372  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:32:34.0476 7372  sffp_mmc - ok
20:32:34.0478 7372  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:32:34.0493 7372  sffp_sd - ok
20:32:34.0496 7372  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:32:34.0507 7372  sfloppy - ok
20:32:34.0512 7372  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:32:34.0537 7372  SharedAccess - ok
20:32:34.0541 7372  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:32:34.0566 7372  ShellHWDetection - ok
20:32:34.0569 7372  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:32:34.0575 7372  SiSRaid2 - ok
20:32:34.0578 7372  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:32:34.0585 7372  SiSRaid4 - ok
20:32:34.0588 7372  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:32:34.0610 7372  Smb - ok
20:32:34.0613 7372  [ AA17A14DA3B572C886D8064C72E9CC50 ] SmbDrv          C:\Windows\system32\drivers\Smb_driver.sys
20:32:34.0619 7372  SmbDrv - ok
20:32:34.0623 7372  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:32:34.0632 7372  SNMPTRAP - ok
20:32:34.0634 7372  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:32:34.0640 7372  spldr - ok
20:32:34.0647 7372  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
20:32:34.0659 7372  Spooler - ok
20:32:34.0687 7372  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
20:32:34.0737 7372  sppsvc - ok
20:32:34.0740 7372  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:32:34.0762 7372  sppuinotify - ok
20:32:34.0768 7372  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:32:34.0779 7372  srv - ok
20:32:34.0784 7372  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:32:34.0794 7372  srv2 - ok
20:32:34.0799 7372  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:32:34.0821 7372  SrvHsfHDA - ok
20:32:34.0833 7372  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:32:34.0863 7372  SrvHsfV92 - ok
20:32:34.0870 7372  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:32:34.0894 7372  SrvHsfWinac - ok
20:32:34.0897 7372  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:32:34.0905 7372  srvnet - ok
20:32:34.0908 7372  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:32:34.0932 7372  SSDPSRV - ok
20:32:34.0935 7372  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:32:34.0957 7372  SstpSvc - ok
20:32:34.0961 7372  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
20:32:34.0969 7372  ssudmdm - ok
20:32:34.0976 7372  [ D30FE3ECF1D6D521365FAE307B500BC0 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
20:32:35.0010 7372  STacSV - ok
20:32:35.0013 7372  Steam Client Service - ok
20:32:35.0016 7372  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:32:35.0022 7372  stexstor - ok
20:32:35.0028 7372  [ 6F69D75F50E8FAF1003AA6CFB18B91EC ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
20:32:35.0049 7372  STHDA - ok
20:32:35.0056 7372  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
20:32:35.0071 7372  stisvc - ok
20:32:35.0073 7372  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:32:35.0080 7372  swenum - ok
20:32:35.0085 7372  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
20:32:35.0112 7372  swprv - ok
20:32:35.0117 7372  [ 321EA1320771419C0956DE50F270C3E5 ] SynTP           C:\Windows\system32\drivers\SynTP.sys
20:32:35.0128 7372  SynTP - ok
20:32:35.0143 7372  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
20:32:35.0168 7372  SysMain - ok
20:32:35.0171 7372  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:32:35.0182 7372  TabletInputService - ok
20:32:35.0187 7372  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:32:35.0211 7372  TapiSrv - ok
20:32:35.0213 7372  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
20:32:35.0236 7372  TBS - ok
20:32:35.0252 7372  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:32:35.0279 7372  Tcpip - ok
20:32:35.0295 7372  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:32:35.0318 7372  TCPIP6 - ok
20:32:35.0322 7372  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:32:35.0328 7372  tcpipreg - ok
20:32:35.0332 7372  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:32:35.0339 7372  TDPIPE - ok
20:32:35.0342 7372  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:32:35.0349 7372  TDTCP - ok
20:32:35.0351 7372  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:32:35.0373 7372  tdx - ok
20:32:35.0375 7372  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:32:35.0382 7372  TermDD - ok
20:32:35.0389 7372  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
20:32:35.0416 7372  TermService - ok
20:32:35.0419 7372  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
20:32:35.0429 7372  Themes - ok
20:32:35.0432 7372  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
20:32:35.0454 7372  THREADORDER - ok
20:32:35.0457 7372  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
20:32:35.0480 7372  TrkWks - ok
20:32:35.0483 7372  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:32:35.0506 7372  TrustedInstaller - ok
20:32:35.0509 7372  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:32:35.0530 7372  tssecsrv - ok
20:32:35.0533 7372  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:32:35.0540 7372  TsUsbFlt - ok
20:32:35.0542 7372  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:32:35.0555 7372  TsUsbGD - ok
20:32:35.0558 7372  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:32:35.0579 7372  tunnel - ok
20:32:35.0582 7372  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:32:35.0589 7372  uagp35 - ok
20:32:35.0593 7372  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:32:35.0616 7372  udfs - ok
20:32:35.0621 7372  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:32:35.0629 7372  UI0Detect - ok
20:32:35.0632 7372  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:32:35.0639 7372  uliagpkx - ok
20:32:35.0641 7372  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:32:35.0649 7372  umbus - ok
20:32:35.0652 7372  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:32:35.0660 7372  UmPass - ok
20:32:35.0665 7372  [ B097EBA0E3FEB020BB65FE43AF5ECCFF ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:32:35.0674 7372  UNS - ok
20:32:35.0679 7372  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
20:32:35.0704 7372  upnphost - ok
20:32:35.0707 7372  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:32:35.0717 7372  usbaudio - ok
20:32:35.0720 7372  [ 2B26FCB7C634C49313FD72120FB9946E ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
20:32:35.0727 7372  usbccgp - ok
20:32:35.0730 7372  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:32:35.0746 7372  usbcir - ok
20:32:35.0749 7372  [ AA68C758B3F225618A5FD1ED40C383C4 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:32:35.0756 7372  usbehci - ok
20:32:35.0761 7372  [ 66E1EF753543785D7E2C44719B2C5DAD ] usbhub          C:\Windows\system32\drivers\usbhub.sys
20:32:35.0771 7372  usbhub - ok
20:32:35.0773 7372  [ B26ACA4784AD1295C25A7501FD4AB79E ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:32:35.0785 7372  usbohci - ok
20:32:35.0787 7372  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:32:35.0801 7372  usbprint - ok
20:32:35.0804 7372  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:32:35.0812 7372  USBSTOR - ok
20:32:35.0814 7372  [ 35944CFF264134FFD2E7EED0F8B81A56 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:32:35.0826 7372  usbuhci - ok
20:32:35.0829 7372  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:32:35.0839 7372  usbvideo - ok
20:32:35.0842 7372  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
20:32:35.0864 7372  UxSms - ok
20:32:35.0866 7372  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
20:32:35.0873 7372  VaultSvc - ok
20:32:35.0876 7372  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:32:35.0882 7372  vdrvroot - ok
20:32:35.0888 7372  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
20:32:35.0914 7372  vds - ok
20:32:35.0917 7372  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:32:35.0926 7372  vga - ok
20:32:35.0928 7372  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:32:35.0950 7372  VgaSave - ok
20:32:35.0953 7372  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:32:35.0962 7372  vhdmp - ok
20:32:35.0964 7372  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:32:35.0971 7372  viaide - ok
20:32:35.0976 7372  [ C740CC9D52EB278A86F42075DA96CB19 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
20:32:35.0983 7372  VMAuthdService - ok
20:32:35.0986 7372  [ 6203C901DEFF10631AAD919B3BD1489B ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
20:32:35.0992 7372  vmci - ok
20:32:35.0995 7372  [ E75DDD0A4768CF509C80E76B8428A644 ] vmkbd2          C:\Windows\system32\drivers\VMkbd.sys
20:32:36.0001 7372  vmkbd2 - ok
20:32:36.0003 7372  [ AEF53B47E960F227BF7638A6A1A9D5C6 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
20:32:36.0009 7372  VMnetAdapter - ok
20:32:36.0012 7372  [ C234A1DC2F06A15B9210787F54253810 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
20:32:36.0017 7372  VMnetBridge - ok
20:32:36.0020 7372  VMnetDHCP - ok
20:32:36.0023 7372  [ 25FBBC8C168AEE1753C330352EA6D009 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
20:32:36.0028 7372  VMnetuserif - ok
20:32:36.0037 7372  [ B55A8DADA1D825B73C811101B06E012F ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
20:32:36.0053 7372  VMUSBArbService - ok
20:32:36.0056 7372  VMware NAT Service - ok
20:32:36.0059 7372  [ D37CB37BF3FB6612BCA19D81EFA16122 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
20:32:36.0066 7372  vmx86 - ok
20:32:36.0069 7372  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:32:36.0075 7372  volmgr - ok
20:32:36.0080 7372  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:32:36.0090 7372  volmgrx - ok
20:32:36.0094 7372  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:32:36.0104 7372  volsnap - ok
20:32:36.0110 7372  [ 5EA22CB6B100212837A97F281EDB3C47 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
20:32:36.0143 7372  vpnagent - ok
20:32:36.0146 7372  [ 0E4DF91E83DA5739FFB18535D4DB10AA ] vpnva           C:\Windows\system32\DRIVERS\vpnva64.sys
20:32:36.0151 7372  vpnva - ok
20:32:36.0154 7372  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:32:36.0162 7372  vsmraid - ok
20:32:36.0165 7372  [ EF1E48D431223F670CFFD6169B1A136F ] vsock           C:\Windows\system32\drivers\vsock.sys
20:32:36.0171 7372  vsock - ok
20:32:36.0185 7372  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
20:32:36.0220 7372  VSS - ok
20:32:36.0222 7372  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:32:36.0276 7372  vwifibus - ok
20:32:36.0279 7372  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:32:36.0290 7372  vwififlt - ok
20:32:36.0292 7372  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:32:36.0303 7372  vwifimp - ok
20:32:36.0308 7372  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
20:32:36.0333 7372  W32Time - ok
20:32:36.0337 7372  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:32:36.0350 7372  WacomPen - ok
20:32:36.0353 7372  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:32:36.0375 7372  WANARP - ok
20:32:36.0377 7372  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:32:36.0397 7372  Wanarpv6 - ok
20:32:36.0410 7372  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:32:36.0430 7372  WatAdminSvc - ok
20:32:36.0444 7372  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
20:32:36.0464 7372  wbengine - ok
20:32:36.0468 7372  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:32:36.0480 7372  WbioSrvc - ok
20:32:36.0485 7372  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:32:36.0499 7372  wcncsvc - ok
20:32:36.0501 7372  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:32:36.0509 7372  WcsPlugInService - ok
20:32:36.0512 7372  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
20:32:36.0518 7372  Wd - ok
20:32:36.0526 7372  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:32:36.0542 7372  Wdf01000 - ok
20:32:36.0544 7372  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:32:36.0566 7372  WdiServiceHost - ok
20:32:36.0568 7372  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:32:36.0579 7372  WdiSystemHost - ok
20:32:36.0583 7372  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
20:32:36.0596 7372  WebClient - ok
20:32:36.0600 7372  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:32:36.0624 7372  Wecsvc - ok
20:32:36.0626 7372  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:32:36.0649 7372  wercplsupport - ok
20:32:36.0653 7372  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:32:36.0675 7372  WerSvc - ok
20:32:36.0677 7372  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:32:36.0698 7372  WfpLwf - ok
20:32:36.0701 7372  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:32:36.0707 7372  WIMMount - ok
20:32:36.0709 7372  WinDefend - ok
20:32:36.0713 7372  WinHttpAutoProxySvc - ok
20:32:36.0720 7372  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:32:36.0744 7372  Winmgmt - ok
20:32:36.0760 7372  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
20:32:36.0799 7372  WinRM - ok
20:32:36.0804 7372  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:32:36.0813 7372  WinUsb - ok
20:32:36.0822 7372  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:32:36.0840 7372  Wlansvc - ok
20:32:36.0860 7372  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:32:36.0891 7372  wlidsvc - ok
20:32:36.0894 7372  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:32:36.0901 7372  WmiAcpi - ok
20:32:36.0905 7372  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:32:36.0915 7372  wmiApSrv - ok
20:32:36.0917 7372  WMPNetworkSvc - ok
20:32:36.0921 7372  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:32:36.0928 7372  WPCSvc - ok
20:32:36.0931 7372  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:32:36.0943 7372  WPDBusEnum - ok
20:32:36.0946 7372  [ 7CA09731EB7FC99B910C7F239E57720F ] WPRO_41_2001    C:\Windows\system32\drivers\WPRO_41_2001.sys
20:32:36.0959 7372  WPRO_41_2001 - ok
20:32:36.0962 7372  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:32:36.0983 7372  ws2ifsl - ok
20:32:36.0986 7372  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
20:32:36.0997 7372  wscsvc - ok
20:32:36.0999 7372  WSearch - ok
20:32:37.0021 7372  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:32:37.0054 7372  wuauserv - ok
20:32:37.0057 7372  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:32:37.0065 7372  WudfPf - ok
20:32:37.0069 7372  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:32:37.0078 7372  WUDFRd - ok
20:32:37.0081 7372  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:32:37.0091 7372  wudfsvc - ok
20:32:37.0094 7372  [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:32:37.0104 7372  WwanSvc - ok
20:32:37.0108 7372  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
20:32:37.0122 7372  xusb21 - ok
20:32:37.0144 7372  [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
20:32:37.0211 7372  ZeroConfigService - ok
20:32:37.0219 7372  ================ Scan global ===============================
20:32:37.0222 7372  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:32:37.0225 7372  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:32:37.0230 7372  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:32:37.0234 7372  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:32:37.0239 7372  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:32:37.0242 7372  [Global] - ok
20:32:37.0242 7372  ================ Scan MBR ==================================
20:32:37.0243 7372  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:32:37.0340 7372  \Device\Harddisk0\DR0 - ok
20:32:37.0342 7372  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:32:38.0893 7372  \Device\Harddisk1\DR1 - ok
20:32:38.0893 7372  ================ Scan VBR ==================================
20:32:38.0896 7372  [ 07033A81839087490A3568B1A7598505 ] \Device\Harddisk0\DR0\Partition1
20:32:38.0897 7372  \Device\Harddisk0\DR0\Partition1 - ok
20:32:38.0899 7372  [ C3B4B6E3EA9DA79410BB323D3D50FCAF ] \Device\Harddisk1\DR1\Partition1
20:32:38.0901 7372  \Device\Harddisk1\DR1\Partition1 - ok
20:32:38.0903 7372  [ F11D6B2578F6E5BB447191C73FE7FB7C ] \Device\Harddisk1\DR1\Partition2
20:32:38.0905 7372  \Device\Harddisk1\DR1\Partition2 - ok
20:32:38.0907 7372  [ C9FD32400E48AA4B067879014849AACE ] \Device\Harddisk1\DR1\Partition3
20:32:38.0909 7372  \Device\Harddisk1\DR1\Partition3 - ok
20:32:38.0910 7372  [ 663250CE6C74434C69716D907BF92CAD ] \Device\Harddisk1\DR1\Partition4
20:32:38.0911 7372  \Device\Harddisk1\DR1\Partition4 - ok
20:32:38.0912 7372  ============================================================
20:32:38.0912 7372  Scan finished
20:32:38.0912 7372  ============================================================
20:32:38.0916 7912  Detected object count: 1
20:32:38.0916 7912  Actual detected object count: 1
20:34:15.0009 7912  HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:15.0009 7912  HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:34:19.0166 1044  Deinitialize success
 


#4 erasure

erasure
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 20 March 2013 - 07:52 PM

AdwCleaner[R1].txt

 

 

# AdwCleaner v2.115 - Logfile created 03/20/2013 at 20:37:00
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Nick - ENVY17
# Boot Mode : Normal
# Running from : D:\Users\Nick\Desktop\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16521
 
[OK] Registry is clean.
 
-\\ Mozilla Firefox v18.0.2 (en-US)
 
File : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\uidxqcxj.default\prefs.js
 
[OK] File is clean.
 
-\\ Google Chrome v25.0.1364.172
 
File : C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [806 octets] - [20/03/2013 20:37:00]
 
########## EOF - C:\AdwCleaner[R1].txt - [865 octets] ##########
 
 
FSS.txt
 
Farbar Service Scanner Version: 03-03-2013
Ran by Nick (administrator) on 20-03-2013 at 20:39:40
Running from "D:\Users\Nick\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
Result.txt:
 
MiniToolBox by Farbar  Version:05-03-2013
Ran by Nick (administrator) on 20-03-2013 at 20:42:14
Running from "D:\Users\Nick\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® Centrino® Ultimate-N 6300 AGN = Wireless Network Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = Local Area Connection 3 (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Bluetooth Personal Area Network = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
set interface interface="Local Area Connection 3" forwarding=enabled advertise=enabled metric=1 nud=enabled
set subinterface interface=?1 subinterface=ethernet_6 mtu=1477
set subinterface interface=?1 subinterface=ethernet_7 mtu=1477
add address name="VMware Network Adapter VMnet1" address=192.168.188.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.9.1 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Envy17
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 24-77-03-72-EA-3D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 24-77-03-72-EA-3D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : E4-11-5B-5E-3E-E8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
   Physical Address. . . . . . . . . : 24-77-03-72-EA-3C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8df8:2bd3:5c8d:102e%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.2.140(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, March 20, 2013 4:43:38 PM
   Lease Expires . . . . . . . . . . : Thursday, March 21, 2013 6:31:29 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 321156867
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-6D-74-8E-E4-11-5B-5E-3E-E8
   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Personal Area Network
   Physical Address. . . . . . . . . : C0-18-85-EC-EB-41
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter VMware Network Adapter VMnet1:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
   Physical Address. . . . . . . . . : 00-50-56-C0-00-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d5b2:5743:221a:2f9a%19(Preferred) 
   Autoconfiguration IPv4 Address. . : 169.254.47.154(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 402673750
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-6D-74-8E-E4-11-5B-5E-3E-E8
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter VMware Network Adapter VMnet8:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
   Physical Address. . . . . . . . . : 00-50-56-C0-00-08
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f8b3:633:24eb:b844%20(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.9.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 419450966
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-6D-74-8E-E4-11-5B-5E-3E-E8
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{78DB2069-97DE-4724-933F-E5B3BC902E83}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{5097154D-3EE1-44FD-A7F7-44BBCB209F7F}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{23AF10F1-D798-42DE-A3BA-40D537D89BBA}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  DD-WRT
Address:  192.168.2.1
 
Name:    google.com
Addresses:  2607:f8b0:4004:803::1006
 74.125.228.110
 74.125.228.99
 74.125.228.105
 74.125.228.98
 74.125.228.102
 74.125.228.97
 74.125.228.96
 74.125.228.104
 74.125.228.101
 74.125.228.103
 74.125.228.100
 
 
Pinging google.com [74.125.228.100] with 32 bytes of data:
Reply from 74.125.228.100: bytes=32 time=16ms TTL=251
Reply from 74.125.228.100: bytes=32 time=16ms TTL=251
 
Ping statistics for 74.125.228.100:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 16ms, Maximum = 16ms, Average = 16ms
Server:  DD-WRT
Address:  192.168.2.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=324ms TTL=249
Reply from 206.190.36.45: bytes=32 time=271ms TTL=249
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 271ms, Maximum = 324ms, Average = 297ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...24 77 03 72 ea 3d ......Microsoft Virtual WiFi Miniport Adapter #2
 15...24 77 03 72 ea 3d ......Microsoft Virtual WiFi Miniport Adapter
 14...e4 11 5b 5e 3e e8 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
 13...24 77 03 72 ea 3c ......Intel® Centrino® Ultimate-N 6300 AGN
 12...c0 18 85 ec eb 41 ......Bluetooth Personal Area Network
 19...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
 20...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
  1...........................Software Loopback Interface 1
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.140     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link    169.254.47.154    276
   169.254.47.154  255.255.255.255         On-link    169.254.47.154    276
  169.254.255.255  255.255.255.255         On-link    169.254.47.154    276
      192.168.2.0    255.255.255.0         On-link     192.168.2.140    281
    192.168.2.140  255.255.255.255         On-link     192.168.2.140    281
    192.168.2.255  255.255.255.255         On-link     192.168.2.140    281
      192.168.9.0    255.255.255.0         On-link       192.168.9.1    276
      192.168.9.1  255.255.255.255         On-link       192.168.9.1    276
    192.168.9.255  255.255.255.255         On-link       192.168.9.1    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    169.254.47.154    276
        224.0.0.0        240.0.0.0         On-link       192.168.9.1    276
        224.0.0.0        240.0.0.0         On-link     192.168.2.140    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    169.254.47.154    276
  255.255.255.255  255.255.255.255         On-link       192.168.9.1    276
  255.255.255.255  255.255.255.255         On-link     192.168.2.140    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 19    276 fe80::/64                On-link
 20    276 fe80::/64                On-link
 13    281 fe80::/64                On-link
 13    281 fe80::8df8:2bd3:5c8d:102e/128
                                    On-link
 19    276 fe80::d5b2:5743:221a:2f9a/128
                                    On-link
 20    276 fe80::f8b3:633:24eb:b844/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    276 ff00::/8                 On-link
 20    276 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/20/2013 04:43:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2013 04:12:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2013 04:09:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2013 03:47:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2013 03:42:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2013 07:04:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2013 10:10:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashUtil64_11_6_602_168_ActiveX.exe, version: 11.6.602.168, time stamp: 0x511170a7
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc000041d
Fault offset: 0x00000000000532d0
Faulting process id: 0x444
Faulting application start time: 0xFlashUtil64_11_6_602_168_ActiveX.exe0
Faulting application path: FlashUtil64_11_6_602_168_ActiveX.exe1
Faulting module path: FlashUtil64_11_6_602_168_ActiveX.exe2
Report Id: FlashUtil64_11_6_602_168_ActiveX.exe3
 
Error: (03/19/2013 10:10:42 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashUtil64_11_6_602_168_ActiveX.exe, version: 11.6.602.168, time stamp: 0x511170a7
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x00000000000532d0
Faulting process id: 0x444
Faulting application start time: 0xFlashUtil64_11_6_602_168_ActiveX.exe0
Faulting application path: FlashUtil64_11_6_602_168_ActiveX.exe1
Faulting module path: FlashUtil64_11_6_602_168_ActiveX.exe2
Report Id: FlashUtil64_11_6_602_168_ActiveX.exe3
 
Error: (03/19/2013 10:10:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2013 09:01:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (03/20/2013 04:43:05 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (03/20/2013 04:11:58 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (03/20/2013 04:09:19 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (03/20/2013 03:44:28 PM) (Source: Service Control Manager) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error: 
%%31
 
Error: (03/20/2013 03:42:00 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/20/2013 03:42:00 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (03/20/2013 03:41:40 PM) (Source: Application Popup) (User: )
Description: \??\C:\test123\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (03/20/2013 03:40:29 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (03/20/2013 07:03:42 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (03/19/2013 10:10:06 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
 
Microsoft Office Sessions:
=========================
Error: (03/20/2013 04:43:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2013 04:12:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2013 04:09:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2013 03:47:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2013 03:42:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/20/2013 07:04:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2013 10:10:44 PM) (Source: Application Error)(User: )
Description: FlashUtil64_11_6_602_168_ActiveX.exe11.6.602.168511170a7ntdll.dll6.1.7601.177254ec4aa8ec000041d00000000000532d044401ce25101affa18dC:\Windows\System32\Macromed\Flash\FlashUtil64_11_6_602_168_ActiveX.exeC:\Windows\SYSTEM32\ntdll.dll5ed54c2a-9103-11e2-9f37-c01885eceb41
 
Error: (03/19/2013 10:10:42 PM) (Source: Application Error)(User: )
Description: FlashUtil64_11_6_602_168_ActiveX.exe11.6.602.168511170a7ntdll.dll6.1.7601.177254ec4aa8ec000000500000000000532d044401ce25101affa18dC:\Windows\System32\Macromed\Flash\FlashUtil64_11_6_602_168_ActiveX.exeC:\Windows\SYSTEM32\ntdll.dll5d5f077d-9103-11e2-9f37-c01885eceb41
 
Error: (03/19/2013 10:10:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/19/2013 09:01:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-03-20 15:41:40.096
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\test123\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-20 15:41:40.049
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\test123\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
3DMark 11 (Version: 1.0.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.168)
Adobe Flash Player 11 Plugin (Version: 11.6.602.171)
Adobe Reader X (10.1.6) (Version: 10.1.6)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.898.1)
AMD Catalyst Install Manager (Version: 3.0.868.0)
Android SDK Tools (Version: 1.16)
AnyRail5EN (Version: 5.5.5)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.12.13)
Borderlands 2
Broadcom Bluetooth Software (Version: 6.5.1.2300)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0326.310.3601)
Catalyst Control Center Graphics Previews Common (Version: 2012.0326.310.3601)
Catalyst Control Center InstallProxy (Version: 2012.0326.310.3601)
Catalyst Control Center Localization All (Version: 2012.0326.310.3601)
Catalyst Control Center Profiles Mobile (Version: 2012.0326.310.3601)
CCC Help Chinese Standard (Version: 2012.0326.0309.3601)
CCC Help Chinese Traditional (Version: 2012.0326.0309.3601)
CCC Help Czech (Version: 2012.0326.0309.3601)
CCC Help Danish (Version: 2012.0326.0309.3601)
CCC Help Dutch (Version: 2012.0326.0309.3601)
CCC Help English (Version: 2012.0326.0309.3601)
CCC Help Finnish (Version: 2012.0326.0309.3601)
CCC Help French (Version: 2012.0326.0309.3601)
CCC Help German (Version: 2012.0326.0309.3601)
CCC Help Greek (Version: 2012.0326.0309.3601)
CCC Help Hungarian (Version: 2012.0326.0309.3601)
CCC Help Italian (Version: 2012.0326.0309.3601)
CCC Help Japanese (Version: 2012.0326.0309.3601)
CCC Help Korean (Version: 2012.0326.0309.3601)
CCC Help Norwegian (Version: 2012.0326.0309.3601)
CCC Help Polish (Version: 2012.0326.0309.3601)
CCC Help Portuguese (Version: 2012.0326.0309.3601)
CCC Help Russian (Version: 2012.0326.0309.3601)
CCC Help Spanish (Version: 2012.0326.0309.3601)
CCC Help Swedish (Version: 2012.0326.0309.3601)
CCC Help Thai (Version: 2012.0326.0309.3601)
CCC Help Turkish (Version: 2012.0326.0309.3601)
ccc-utility64 (Version: 2012.0326.310.3601)
Cisco AnyConnect VPN Client (Version: 2.4.1012)
CPUID HWMonitor 1.21
CyberLink PowerDVD (Version: 10.0.5.3817)
CyberLink YouCam (Version: 3.5.3.5018)
Diablo III (Version: 1.0.7.14633)
Dota 2
EaseUS Partition Master 9.2.1 Home Edition
ESU for Microsoft Windows 7 SP1 (Version: 5.1.4)
Fiddler (Version: 2.4.2.6)
Futuremark SystemInfo (Version: 4.9.0)
Google Chrome (Version: 25.0.1364.172)
Half-Life 2
HashTab 5.0.0.19 (Version: 5.0.0.19)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HP 3D DriveGuard (Version: 4.1.12.1)
HP CoolSense (Version: 2.10.3)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Launch Box (Version: 1.1.5)
HP On Screen Display (Version: 1.3.5)
HP Product Detection (Version: 11.14.0006)
HP Proximity Sensor Utility (Version: 1.0.19)
HP Quick Launch (Version: 2.7.2)
HP Recovery Manager (Version: 2.0.0)
HP Software Framework (Version: 4.5.6.1)
HP Support Assistant (Version: 6.1.12.1)
HP Wireless Audio Manager 1.1.4 (Version: 1.1.4)
IDT Audio (Version: 1.0.6381.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Display Audio Driver (Version: 6.14.00.3090)
Intel® Management Engine Components (Version: 8.0.0.1351)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.0.0096)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® Smart Connect Technology 2.0 x64 (Version: 2.0.1083.0)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
Intel® WiDi (Version: 3.0.13.0)
Intel® Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.01.0500.0903)
Intel® Trusted Connect Service Client (Version: 1.23.216.0)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 33 (64-bit) (Version: 6.0.330)
Java™ SE Development Kit 6 Update 33 (64-bit) (Version: 1.6.0.330)
JavaFX 2.1.1 (Version: 2.1.1)
Just Cause 2
KeePass Password Safe 2.21
L.A. Noire
Left 4 Dead 2
Link Shell Extension (Version: 3.7.4.7)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
mRemoteNG (Version: 1.69.4360.2915)
Music Manager
Notepad++ (Version: 6.3)
Paint.NET v3.5.10 (Version: 3.60.0)
Portal 2
PX Profile Update (Version: 1.00.1.)
Realtek PCIE Card Reader (Version: 6.1.7601.29011)
Rockstar Games Social Club (Version: 1.1.0.1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.6.0)
SanDisk SSD Toolkit 1.0.0.1 (Version: 1.0.0.1)
Sid Meier's Civilization V
SimCity 4 Deluxe
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
Synaptics Pointing Device Driver (Version: 16.0.1.0)
System Requirements Lab CYRI (Version: 4.5.1.0)
Team Fortress 2
Terraria
The Binding of Isaac
tools-linux (Version: 9.2.3.1031769)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
VMware Player (Version: 5.0.2)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
 
========================= Devices: ================================
 
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 60%
Total physical RAM: 6046.36 MB
Available physical RAM: 2402.82 MB
Total Pagefile: 12090.9 MB
Available Pagefile: 7916.09 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.43 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:223.57 GB) (Free:148.22 GB) NTFS
2 Drive d: () (Fixed) (Total:677.45 GB) (Free:598.52 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ENVY17
 
Administrator            Guest                    Nick                     
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
20-03-2013 20:27:41 ComboFix created restore point
 
**** End of log ****
 


#5 erasure

erasure
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 20 March 2013 - 07:54 PM

Thanks for the help.



#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:11 PM

Posted 21 March 2013 - 05:58 AM

Hi
There are indications that you have run Combofix recently in the logs. Due to this, please dothe following next:


Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 erasure

erasure
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 21 March 2013 - 03:40 PM

I created a new topic in that forum here: http://www.bleepingcomputer.com/forums/t/489356/mbam-found-trojan-rebooted-pc-without-removal-and-trojan-no-longer-found/

 

Thanks for your help.



#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:11 PM

Posted 21 March 2013 - 06:06 PM

You're welcome :). Good luck


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users