Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What's taking up my physical memory?


  • Please log in to reply
9 replies to this topic

#1 ezpkns34

ezpkns34

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 24 May 2013 - 05:13 PM

Typically my physical memory runs in the 30-35% range

A moment ago I realized my comp was running slow opening a program. So I ctl+alt+del & saw my memory was at 80%

I closed my browser & other running programs then ran MBAM & deleted the malicious item it listed

I restarted my comp & I again hit ctl+alt+del & it was running at the normal 32%. But as I let it sit for a few mins, the memory began to steadily climb. Here's a screenshot of my task manager showing my memory

 

1-1.jpg

 

It seems to have leveled off for now at ~50%, but that's still noticeably higher than what it typically runs at & the comp is still running slower than normal as a result

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,330 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:24 PM

Posted 24 May 2013 - 08:56 PM

Hello,perhaps you have malware so lets check and be sure.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
 
 
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.





Now I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ezpkns34

ezpkns34
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 25 May 2013 - 02:12 AM

MiniToolBox by Farbar  Version:21-04-2013
Ran by Nick (administrator) on 24-05-2013 at 23:52:12
Running from "C:\Users\Nick\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 1000 = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 taskoffload=enabled
set subinterface interface=?) subinterface=ethernet_9 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Nick-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : C0-CB-38-AB-97-2A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 00-26-C7-E2-8F-7F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-26-C7-E2-8F-7F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : B8-AC-6F-C5-67-7C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1000
   Physical Address. . . . . . . . . : 00-26-C7-E2-8F-7E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d942:16f2:8350:980c%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.66(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, May 24, 2013 12:38:22 AM
   Lease Expires . . . . . . . . . . : Saturday, May 25, 2013 9:14:21 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 184559303
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-6B-54-F0-B8-AC-6F-C5-67-7C
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F12B8505-5723-410C-B9EB-CC7C5B64E990}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{ECEF2E82-41EE-42A7-99BC-8DD4B9B76873}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2EA3F786-0EEC-47BD-A806-CA0BF554D349}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:3c6c:3dad:9425:e796(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3c6c:3dad:9425:e796%16(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{09FF0430-C21B-4397-8CD0-C3F031238068}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  homeportal
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4004:801::1004
      74.125.228.40
      74.125.228.41
      74.125.228.46
      74.125.228.32
      74.125.228.33
      74.125.228.34
      74.125.228.35
      74.125.228.36
      74.125.228.37
      74.125.228.38
      74.125.228.39


Pinging google.com [74.125.228.41] with 32 bytes of data:
Reply from 74.125.228.41: bytes=32 time=39ms TTL=50
Reply from 74.125.228.41: bytes=32 time=33ms TTL=50

Ping statistics for 74.125.228.41:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 33ms, Maximum = 39ms, Average = 36ms
Server:  homeportal
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=99ms TTL=43
Reply from 98.139.183.24: bytes=32 time=74ms TTL=43

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 74ms, Maximum = 99ms, Average = 86ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...c0 cb 38 ab 97 2a ......Bluetooth Device (Personal Area Network)
 13...00 26 c7 e2 8f 7f ......Microsoft Virtual WiFi Miniport Adapter #2
 12...00 26 c7 e2 8f 7f ......Microsoft Virtual WiFi Miniport Adapter
 11...b8 ac 6f c5 67 7c ......Realtek PCIe GBE Family Controller
 10...00 26 c7 e2 8f 7e ......Intel® Centrino® Wireless-N 1000
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.66     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.66    281
     192.168.1.66  255.255.255.255         On-link      192.168.1.66    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.66    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.66    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.66    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 16     58 2001::/32                On-link
 16    306 2001:0:5ef5:79fb:3c6c:3dad:9425:e796/128
                                    On-link
 10    281 fe80::/64                On-link
 16    306 fe80::/64                On-link
 16    306 fe80::3c6c:3dad:9425:e796/128
                                    On-link
 10    281 fe80::d942:16f2:8350:980c/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/18/2013 02:16:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: ootp14.exe, version: 14.3.12.0, time stamp: 0x5188e5b5
Faulting module name: ootp14.exe, version: 14.3.12.0, time stamp: 0x5188e5b5
Exception code: 0xc0000094
Fault offset: 0x00b2674b
Faulting process id: 0x22c8
Faulting application start time: 0xootp14.exe0
Faulting application path: ootp14.exe1
Faulting module path: ootp14.exe2
Report Id: ootp14.exe3

Error: (05/17/2013 11:20:25 AM) (Source: Application Error) (User: )
Description: Faulting application name: ootp14.exe, version: 14.3.12.0, time stamp: 0x5188e5b5
Faulting module name: ootp14.exe, version: 14.3.12.0, time stamp: 0x5188e5b5
Exception code: 0xc0000005
Fault offset: 0x00223e9e
Faulting process id: 0x33ec
Faulting application start time: 0xootp14.exe0
Faulting application path: ootp14.exe1
Faulting module path: ootp14.exe2
Report Id: ootp14.exe3

Error: (05/04/2013 01:32:34 AM) (Source: Application Error) (User: )
Description: Faulting application name: BB2K11.exe, version: 13.0.8.0, time stamp: 0x4c0f1298
Faulting module name: BB2K11.exe, version: 13.0.8.0, time stamp: 0x4c0f1298
Exception code: 0xc0000005
Fault offset: 0x000f6129
Faulting process id: 0x13b8
Faulting application start time: 0xBB2K11.exe0
Faulting application path: BB2K11.exe1
Faulting module path: BB2K11.exe2
Report Id: BB2K11.exe3

Error: (04/26/2013 06:37:27 PM) (Source: Application Hang) (User: )
Description: The program ootp14.exe version 14.2.9.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 914

Start Time: 01ce42924772be5d

Termination Time: 40

Application Path: C:\Out of the Park Developments\OOTP Baseball 14\ootp14.exe

Report Id:

Error: (04/23/2013 01:52:41 AM) (Source: Application Error) (User: )
Description: Faulting application name: jxpiinstall.exe, version: 7.0.210.11, time stamp: 0x515d7d24
Faulting module name: jxpiinstall.exe, version: 7.0.210.11, time stamp: 0x515d7d24
Exception code: 0xc0000409
Fault offset: 0x00012f52
Faulting process id: 0x1c68
Faulting application start time: 0xjxpiinstall.exe0
Faulting application path: jxpiinstall.exe1
Faulting module path: jxpiinstall.exe2
Report Id: jxpiinstall.exe3

Error: (04/21/2013 00:23:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 1.9.2.4363, time stamp: 0x4ee68bf9
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x000222b2
Faulting process id: 0x2010
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (04/19/2013 00:22:13 AM) (Source: Application Hang) (User: )
Description: The program DDSCB2.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2b4

Start Time: 01ce3ca0798d2e54

Termination Time: 7

Application Path: C:\Wolverine Studios\DDSCB2\DDSCB2.exe

Report Id: b3d80975-a8a8-11e2-a3c1-c0cb38ab972a

Error: (04/18/2013 07:26:47 PM) (Source: Application Hang) (User: )
Description: The program DDSCB2.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13ac

Start Time: 01ce3c86018720d7

Termination Time: 74

Application Path: C:\Wolverine Studios\DDSCB2\DDSCB2.exe

Report Id: 6e6e9338-a87f-11e2-a3c1-c0cb38ab972a

Error: (04/18/2013 02:06:57 AM) (Source: Application Hang) (User: )
Description: The program DDSCB2.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1614

Start Time: 01ce3bee042580af

Termination Time: 8

Application Path: C:\Wolverine Studios\DDSCB2\DDSCB2.exe

Report Id: 2ab722f0-a7ee-11e2-a3c1-c0cb38ab972a

Error: (04/18/2013 00:34:26 AM) (Source: Application Hang) (User: )
Description: The program DDSCB2.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1148

Start Time: 01ce3be5c7820c71

Termination Time: 7

Application Path: C:\Wolverine Studios\DDSCB2\DDSCB2.exe

Report Id: 3e155357-a7e1-11e2-a3c1-c0cb38ab972a


System errors:
=============
Error: (05/24/2013 00:40:36 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (05/24/2013 00:40:36 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (05/24/2013 00:38:20 AM) (Source: Service Control Manager) (User: )
Description: The Htsysm service failed to start due to the following error:
%%2

Error: (05/18/2013 03:12:02 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (05/18/2013 03:12:02 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (05/18/2013 03:09:46 PM) (Source: Service Control Manager) (User: )
Description: The Htsysm service failed to start due to the following error:
%%2

Error: (04/28/2013 00:50:13 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (04/28/2013 00:50:10 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (04/28/2013 00:50:07 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (04/28/2013 00:50:03 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (06/12/2012 07:39:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 35 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-05-30 12:46:12.732
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-05-30 12:46:12.648
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-05-30 12:46:12.499
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-05-30 12:46:12.325
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-05-30 12:46:12.195
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-05-30 12:46:12.084
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-05-30 12:46:11.970
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-05-30 12:46:11.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-05-30 12:46:11.110
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-05-30 12:46:10.748
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.0.1)
7-Zip 9.20
AC3Filter (remove only)
AccelerometerP11 (Version: 2.00.11.15)
Ad-Aware Antivirus (Version: 10.2.21.3698)
Ad-Aware Security Toolbar (Version: 0.9.1.8)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 Plugin (Version: 11.7.700.169)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Bowl Bound College Football
Bowl Bound College Football Update 1.52
CCleaner (Version: 3.22)
Cheat Engine 6.1
Corel WinDVD 2010 (Version: 10.0.5.544)
DAEMON Tools Lite (Version: 4.46.1.0327)
Dell Edoc Viewer (Version: 1.0.0)
Dell Home Systems Service Agreement (Version: 2.0.0)
DivX Setup (Version: 2.5.0.15)
DivX Setup (Version: 2.6.1.9)
Draft Day Sports: College Basketball 2 1.8 (Version: 1.7)
Draft Day Sports: Pro Basketball 2
Dropbox (Version: 1.6.18)
EasyFit 5.5 (Version: 5.5)
F.lux
Free YouTube to MP3 Converter version 3.12.0.128 (Version: 3.12.0.128)
Front Office Football 2007 Demo (Version: 6.4.0)
Game Booster 3 (Version: 3.1)
GIMP 2.8.0 (Version: 2.8.0)
Google Chrome (Version: 27.0.1453.94)
Intel PROSet Wireless
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.2.0.0284)
Intel® Rapid Storage Technology (Version: 11.7.0.1013)
Intel® Turbo Boost Technology Monitor (Version: 1.0.400.4)
Intel® PROSet/Wireless WiFi Software (Version: 15.02.0000.1258)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
JavaFX 2.1.1 (Version: 2.1.1)
JMicron Flash Media Controller Driver (Version: 1.0.72.4)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Interop Forms Redistributable Package 2.0a (Version: 2.0.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nate's Kentucky Rook 2.0.0
NCAA 2011 Real World
NCAA 2011 Real World (Version: 1.4)
NVIDIA 3D Vision Driver 311.00 (Version: 311.00)
NVIDIA Control Panel 311.00 (Version: 311.00)
NVIDIA Display Control Panel (Version: 6.14.12.5981)
NVIDIA Graphics Driver 311.00 (Version: 311.00)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1100)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenAL
Out of the Park Baseball 14 (Version: 14)
Quickset64 (Version: 10.0.1)
Realtek Ethernet Controller Driver (Version: 7.48.823.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6788)
Resource Hacker Version 3.6.0
Sid Meier's Civilization V - Game of the Year Edition (Version: 1.0.1.511)
SlimDrivers (Version: 2.2.27236)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.7)
SpeedFan (remove only)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.5.2)
System Requirements Lab
System Requirements Lab (Version: 4.4.26.0)
TeamViewer 8 (Version: 8.0.16447)
TEW2010
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC Media Player (Version: 1.1.11)
WIDCOMM Bluetooth Software (Version: 6.5.1.2500)
Win7codecs (Version: 3.7.1)
WinRAR 4.10 beta 1 (64-bit) (Version: 4.10.1)
WinZip 15.0 (Version: 15.0.9302)
WS Modding Kit
Xvid Video Codec (Version: 1.3.2)

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 4030.56 MB
Available physical RAM: 2248.9 MB
Total Pagefile: 8059.3 MB
Available Pagefile: 6061.82 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.57 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:453.47 GB) (Free:261.34 GB) NTFS

========================= Users: ========================================

User accounts for \\NICK-PC

Administrator            Guest                    Nick                     
UpdatusUser              


**** End of log ****
 

 

 

 

 

 

 

 

 

 

23:54:03.0899 8096  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:54:04.0224 8096  ============================================================
23:54:04.0224 8096  Current date / time: 2013/05/24 23:54:04.0224
23:54:04.0224 8096  SystemInfo:
23:54:04.0224 8096  
23:54:04.0224 8096  OS Version: 6.1.7601 ServicePack: 1.0
23:54:04.0224 8096  Product type: Workstation
23:54:04.0224 8096  ComputerName: NICK-PC
23:54:04.0224 8096  UserName: Nick
23:54:04.0224 8096  Windows directory: C:\Windows
23:54:04.0224 8096  System windows directory: C:\Windows
23:54:04.0224 8096  Running under WOW64
23:54:04.0224 8096  Processor architecture: Intel x64
23:54:04.0224 8096  Number of processors: 8
23:54:04.0224 8096  Page size: 0x1000
23:54:04.0224 8096  Boot type: Normal boot
23:54:04.0224 8096  ============================================================
23:54:05.0565 8096  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:54:05.0570 8096  ============================================================
23:54:05.0570 8096  \Device\Harddisk0\DR0:
23:54:05.0570 8096  MBR partitions:
23:54:05.0571 8096  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1880000
23:54:05.0571 8096  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1894000, BlocksNum 0x38AF0000
23:54:05.0571 8096  ============================================================
23:54:05.0620 8096  C: <-> \Device\Harddisk0\DR0\Partition2
23:54:05.0620 8096  ============================================================
23:54:05.0620 8096  Initialize success
23:54:05.0620 8096  ============================================================
23:54:29.0682 7264  ============================================================
23:54:29.0682 7264  Scan started
23:54:29.0682 7264  Mode: Manual; TDLFS;
23:54:29.0682 7264  ============================================================
23:54:32.0099 7264  ================ Scan system memory ========================
23:54:32.0099 7264  System memory - ok
23:54:32.0099 7264  ================ Scan services =============================
23:54:32.0261 7264  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:54:32.0267 7264  1394ohci - ok
23:54:32.0296 7264  [ 7A505465BBB1EB8B5AD4D76E8749383B ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
23:54:32.0298 7264  Acceler - ok
23:54:32.0323 7264  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:54:32.0330 7264  ACPI - ok
23:54:32.0343 7264  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:54:32.0346 7264  AcpiPmi - ok
23:54:32.0560 7264  [ AF9658974154C3B6A333D86DC2E0AAC8 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
23:54:32.0572 7264  Ad-Aware Service - ok
23:54:32.0645 7264  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:54:32.0648 7264  AdobeARMservice - ok
23:54:32.0696 7264  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:54:32.0706 7264  adp94xx - ok
23:54:32.0728 7264  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:54:32.0735 7264  adpahci - ok
23:54:32.0740 7264  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:54:32.0746 7264  adpu320 - ok
23:54:32.0772 7264  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:54:32.0772 7264  AeLookupSvc - ok
23:54:32.0886 7264  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
23:54:32.0890 7264  AERTFilters - ok
23:54:32.0936 7264  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:54:32.0946 7264  AFD - ok
23:54:33.0017 7264  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:54:33.0021 7264  agp440 - ok
23:54:33.0067 7264  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:54:33.0070 7264  ALG - ok
23:54:33.0104 7264  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:54:33.0107 7264  aliide - ok
23:54:33.0117 7264  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:54:33.0120 7264  amdide - ok
23:54:33.0152 7264  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:54:33.0156 7264  AmdK8 - ok
23:54:33.0159 7264  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:54:33.0162 7264  AmdPPM - ok
23:54:33.0194 7264  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:54:33.0198 7264  amdsata - ok
23:54:33.0203 7264  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:54:33.0208 7264  amdsbs - ok
23:54:33.0228 7264  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:54:33.0230 7264  amdxata - ok
23:54:33.0298 7264  [ D46391F209DE0A98A97D1D1765F53438 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
23:54:33.0521 7264  AMPPAL - ok
23:54:33.0530 7264  [ D46391F209DE0A98A97D1D1765F53438 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
23:54:33.0531 7264  AMPPALP - ok
23:54:33.0667 7264  [ EDFB061F7D553B84731B8263077FD520 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
23:54:34.0319 7264  AMPPALR3 - ok
23:54:34.0361 7264  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:54:34.0364 7264  AppID - ok
23:54:34.0385 7264  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:54:34.0388 7264  AppIDSvc - ok
23:54:34.0426 7264  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
23:54:34.0428 7264  Appinfo - ok
23:54:34.0479 7264  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:54:34.0483 7264  arc - ok
23:54:34.0487 7264  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:54:34.0491 7264  arcsas - ok
23:54:34.0536 7264  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:54:34.0539 7264  AsyncMac - ok
23:54:34.0577 7264  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:54:34.0580 7264  atapi - ok
23:54:34.0629 7264  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:54:34.0637 7264  AudioEndpointBuilder - ok
23:54:34.0646 7264  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:54:34.0649 7264  AudioSrv - ok
23:54:34.0690 7264  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:54:34.0694 7264  AxInstSV - ok
23:54:34.0738 7264  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:54:34.0747 7264  b06bdrv - ok
23:54:34.0757 7264  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:54:34.0763 7264  b57nd60a - ok
23:54:34.0796 7264  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:54:34.0799 7264  BDESVC - ok
23:54:34.0809 7264  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:54:34.0811 7264  Beep - ok
23:54:34.0881 7264  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:54:34.0889 7264  BFE - ok
23:54:34.0916 7264  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
23:54:34.0928 7264  BITS - ok
23:54:34.0961 7264  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:54:34.0964 7264  blbdrive - ok
23:54:34.0986 7264  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:54:34.0990 7264  bowser - ok
23:54:35.0008 7264  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:54:35.0011 7264  BrFiltLo - ok
23:54:35.0014 7264  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:54:35.0017 7264  BrFiltUp - ok
23:54:35.0044 7264  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
23:54:35.0047 7264  Browser - ok
23:54:35.0053 7264  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:54:35.0059 7264  Brserid - ok
23:54:35.0072 7264  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:54:35.0075 7264  BrSerWdm - ok
23:54:35.0078 7264  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:54:35.0081 7264  BrUsbMdm - ok
23:54:35.0085 7264  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:54:35.0087 7264  BrUsbSer - ok
23:54:35.0153 7264  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
23:54:35.0156 7264  BthEnum - ok
23:54:35.0169 7264  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:54:35.0172 7264  BTHMODEM - ok
23:54:35.0200 7264  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:54:35.0205 7264  BthPan - ok
23:54:35.0230 7264  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
23:54:35.0235 7264  BTHPORT - ok
23:54:35.0263 7264  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:54:35.0267 7264  bthserv - ok
23:54:35.0302 7264  [ A3BC030FC526643DFDCA27299F75544B ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
23:54:35.0694 7264  BTHSSecurityMgr - ok
23:54:35.0711 7264  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
23:54:35.0712 7264  BTHUSB - ok
23:54:35.0771 7264  [ 30E157AB82EE7406F526ED80896D2431 ] BTWAMPFL        C:\Windows\system32\DRIVERS\btwampfl.sys
23:54:35.0794 7264  BTWAMPFL - ok
23:54:35.0838 7264  [ 4F753BA5E0022D3AFD4604094449C008 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
23:54:35.0848 7264  btwaudio - ok
23:54:35.0875 7264  [ 9FF58F76024D25784755B01F926B00BE ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
23:54:35.0886 7264  btwavdt - ok
23:54:35.0960 7264  [ 00A32E2B3A2F399AB8AD04FC866D2010 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
23:54:35.0998 7264  btwdins - ok
23:54:36.0032 7264  [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
23:54:36.0039 7264  btwl2cap - ok
23:54:36.0087 7264  [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
23:54:36.0092 7264  btwrchid - ok
23:54:36.0109 7264  catchme - ok
23:54:36.0131 7264  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:54:36.0136 7264  cdfs - ok
23:54:36.0171 7264  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:54:36.0176 7264  cdrom - ok
23:54:36.0215 7264  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:54:36.0218 7264  CertPropSvc - ok
23:54:36.0250 7264  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:54:36.0253 7264  circlass - ok
23:54:36.0279 7264  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:54:36.0283 7264  CLFS - ok
23:54:36.0335 7264  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:54:36.0339 7264  clr_optimization_v2.0.50727_32 - ok
23:54:36.0390 7264  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:54:36.0394 7264  clr_optimization_v2.0.50727_64 - ok
23:54:36.0560 7264  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:54:36.0564 7264  clr_optimization_v4.0.30319_32 - ok
23:54:36.0621 7264  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:54:36.0626 7264  clr_optimization_v4.0.30319_64 - ok
23:54:36.0661 7264  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:54:36.0663 7264  CmBatt - ok
23:54:36.0704 7264  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:54:36.0706 7264  cmdide - ok
23:54:36.0754 7264  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
23:54:36.0761 7264  CNG - ok
23:54:36.0790 7264  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:54:36.0793 7264  Compbatt - ok
23:54:36.0831 7264  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:54:36.0835 7264  CompositeBus - ok
23:54:36.0843 7264  COMSysApp - ok
23:54:36.0919 7264  [ 17719A7F571D4CD08223F0B30F71B8B8 ] cpuz134         C:\Program Files (x86)\pc-wizard\pcwiz_x64.sys
23:54:36.0932 7264  cpuz134 - ok
23:54:36.0954 7264  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:54:36.0957 7264  crcdisk - ok
23:54:37.0006 7264  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:54:37.0009 7264  CryptSvc - ok
23:54:37.0044 7264  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:54:37.0052 7264  DcomLaunch - ok
23:54:37.0094 7264  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:54:37.0097 7264  defragsvc - ok
23:54:37.0132 7264  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:54:37.0137 7264  DfsC - ok
23:54:37.0166 7264  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:54:37.0171 7264  Dhcp - ok
23:54:37.0200 7264  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:54:37.0203 7264  discache - ok
23:54:37.0236 7264  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:54:37.0239 7264  Disk - ok
23:54:37.0292 7264  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:54:37.0296 7264  Dnscache - ok
23:54:37.0322 7264  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:54:37.0328 7264  dot3svc - ok
23:54:37.0341 7264  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:54:37.0344 7264  DPS - ok
23:54:37.0371 7264  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:54:37.0374 7264  drmkaud - ok
23:54:37.0405 7264  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:54:37.0420 7264  dtsoftbus01 - ok
23:54:37.0448 7264  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:54:37.0461 7264  DXGKrnl - ok
23:54:37.0476 7264  EagleX64 - ok
23:54:37.0506 7264  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:54:37.0509 7264  EapHost - ok
23:54:37.0626 7264  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:54:37.0660 7264  ebdrv - ok
23:54:37.0698 7264  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:54:37.0701 7264  EFS - ok
23:54:37.0764 7264  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:54:37.0778 7264  ehRecvr - ok
23:54:37.0800 7264  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:54:37.0805 7264  ehSched - ok
23:54:37.0845 7264  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:54:37.0853 7264  elxstor - ok
23:54:37.0865 7264  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:54:37.0867 7264  ErrDev - ok
23:54:37.0916 7264  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:54:37.0921 7264  EventSystem - ok
23:54:38.0001 7264  [ 6EB16C7286FBCD3AB206743BA813EC48 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:54:38.0379 7264  EvtEng - ok
23:54:38.0396 7264  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:54:38.0401 7264  exfat - ok
23:54:38.0424 7264  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:54:38.0429 7264  fastfat - ok
23:54:38.0461 7264  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:54:38.0470 7264  Fax - ok
23:54:38.0479 7264  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:54:38.0482 7264  fdc - ok
23:54:38.0516 7264  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:54:38.0519 7264  fdPHost - ok
23:54:38.0529 7264  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:54:38.0532 7264  FDResPub - ok
23:54:38.0561 7264  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:54:38.0565 7264  FileInfo - ok
23:54:38.0576 7264  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:54:38.0579 7264  Filetrace - ok
23:54:38.0603 7264  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:54:38.0605 7264  flpydisk - ok
23:54:38.0629 7264  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:54:38.0630 7264  FltMgr - ok
23:54:38.0705 7264  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
23:54:38.0720 7264  FontCache - ok
23:54:38.0756 7264  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:54:38.0760 7264  FontCache3.0.0.0 - ok
23:54:38.0777 7264  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:54:38.0780 7264  FsDepends - ok
23:54:38.0804 7264  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:54:38.0830 7264  Fs_Rec - ok
23:54:38.0887 7264  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:54:38.0893 7264  fvevol - ok
23:54:38.0920 7264  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:54:38.0923 7264  gagp30kx - ok
23:54:38.0951 7264  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:54:38.0962 7264  gpsvc - ok
23:54:38.0974 7264  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:54:38.0977 7264  hcw85cir - ok
23:54:39.0016 7264  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:54:39.0023 7264  HdAudAddService - ok
23:54:39.0074 7264  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
23:54:39.0079 7264  HDAudBus - ok
23:54:39.0109 7264  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
23:54:39.0109 7264  HECIx64 - ok
23:54:39.0127 7264  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:54:39.0130 7264  HidBatt - ok
23:54:39.0134 7264  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:54:39.0137 7264  HidBth - ok
23:54:39.0157 7264  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:54:39.0160 7264  HidIr - ok
23:54:39.0178 7264  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
23:54:39.0180 7264  hidserv - ok
23:54:39.0195 7264  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:54:39.0197 7264  HidUsb - ok
23:54:39.0243 7264  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:54:39.0246 7264  hkmsvc - ok
23:54:39.0290 7264  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:54:39.0296 7264  HomeGroupListener - ok
23:54:39.0325 7264  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:54:39.0329 7264  HomeGroupProvider - ok
23:54:39.0371 7264  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:54:39.0375 7264  HpSAMD - ok
23:54:39.0414 7264  Htsysm - ok
23:54:39.0451 7264  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:54:39.0463 7264  HTTP - ok
23:54:39.0482 7264  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:54:39.0484 7264  hwpolicy - ok
23:54:39.0510 7264  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:54:39.0514 7264  i8042prt - ok
23:54:39.0548 7264  [ ABBF174CB394F5C437410A788B7E404A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
23:54:39.0556 7264  iaStor - ok
23:54:39.0618 7264  [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
23:54:39.0622 7264  iaStorA - ok
23:54:39.0723 7264  [ 777788D9B63CCEEEF2DB353BA4EDD454 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
23:54:39.0872 7264  IAStorDataMgrSvc - ok
23:54:39.0909 7264  [ 711241EA1BA9DB44F34D03D2AD00ED08 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
23:54:40.0335 7264  iaStorF - ok
23:54:40.0377 7264  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:54:40.0384 7264  iaStorV - ok
23:54:40.0454 7264  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:54:40.0467 7264  idsvc - ok
23:54:40.0485 7264  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:54:40.0488 7264  iirsp - ok
23:54:40.0539 7264  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:54:40.0549 7264  IKEEXT - ok
23:54:40.0735 7264  [ 5C0BBE779BA3D6F84EB5AE3CB8793E11 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:54:40.0858 7264  IntcAzAudAddService - ok
23:54:40.0895 7264  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:54:40.0897 7264  intelide - ok
23:54:40.0924 7264  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:54:40.0927 7264  intelppm - ok
23:54:40.0959 7264  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:54:40.0964 7264  IPBusEnum - ok
23:54:40.0986 7264  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:54:40.0989 7264  IpFilterDriver - ok
23:54:41.0037 7264  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:54:41.0044 7264  iphlpsvc - ok
23:54:41.0078 7264  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:54:41.0081 7264  IPMIDRV - ok
23:54:41.0107 7264  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:54:41.0111 7264  IPNAT - ok
23:54:41.0167 7264  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:54:41.0170 7264  IRENUM - ok
23:54:41.0189 7264  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:54:41.0191 7264  isapnp - ok
23:54:41.0211 7264  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:54:41.0217 7264  iScsiPrt - ok
23:54:41.0248 7264  [ 3FE43C2F5B5C08657A1B547AFBE2118E ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
23:54:41.0259 7264  JMCR - ok
23:54:41.0284 7264  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
23:54:41.0286 7264  kbdclass - ok
23:54:41.0326 7264  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
23:54:41.0329 7264  kbdhid - ok
23:54:41.0349 7264  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:54:41.0350 7264  KeyIso - ok
23:54:41.0388 7264  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:54:41.0393 7264  KSecDD - ok
23:54:41.0433 7264  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:54:41.0438 7264  KSecPkg - ok
23:54:41.0463 7264  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:54:41.0466 7264  ksthunk - ok
23:54:41.0493 7264  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:54:41.0502 7264  KtmRm - ok
23:54:41.0532 7264  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:54:41.0537 7264  LanmanServer - ok
23:54:41.0573 7264  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:54:41.0577 7264  LanmanWorkstation - ok
23:54:41.0648 7264  [ 29FAB5363138F6E322F4CD780ED9D337 ] LicCtrlService  C:\Windows\runservice.exe
23:54:41.0773 7264  LicCtrlService - ok
23:54:41.0798 7264  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:54:41.0802 7264  lltdio - ok
23:54:41.0833 7264  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:54:41.0840 7264  lltdsvc - ok
23:54:41.0867 7264  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:54:41.0870 7264  lmhosts - ok
23:54:41.0927 7264  [ 9D8B95C0EAE145C46BC4A727B23DA395 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:54:41.0929 7264  LMS - ok
23:54:41.0964 7264  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:54:41.0972 7264  LSI_FC - ok
23:54:41.0976 7264  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:54:41.0981 7264  LSI_SAS - ok
23:54:41.0986 7264  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:54:41.0989 7264  LSI_SAS2 - ok
23:54:41.0993 7264  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:54:41.0997 7264  LSI_SCSI - ok
23:54:42.0015 7264  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:54:42.0019 7264  luafv - ok
23:54:42.0046 7264  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:54:42.0050 7264  Mcx2Svc - ok
23:54:42.0054 7264  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:54:42.0057 7264  megasas - ok
23:54:42.0080 7264  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:54:42.0086 7264  MegaSR - ok
23:54:42.0188 7264  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
23:54:42.0192 7264  Microsoft Office Groove Audit Service - ok
23:54:42.0268 7264  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:54:42.0272 7264  MMCSS - ok
23:54:42.0305 7264  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:54:42.0308 7264  Modem - ok
23:54:42.0331 7264  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:54:42.0334 7264  monitor - ok
23:54:42.0373 7264  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
23:54:42.0376 7264  mouclass - ok
23:54:42.0423 7264  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:54:42.0425 7264  mouhid - ok
23:54:42.0457 7264  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:54:42.0460 7264  mountmgr - ok
23:54:42.0504 7264  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:54:42.0509 7264  MozillaMaintenance - ok
23:54:42.0567 7264  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:54:42.0572 7264  mpio - ok
23:54:42.0616 7264  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:54:42.0620 7264  mpsdrv - ok
23:54:42.0656 7264  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:54:42.0664 7264  MpsSvc - ok
23:54:42.0710 7264  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:54:42.0714 7264  MRxDAV - ok
23:54:42.0759 7264  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:54:42.0764 7264  mrxsmb - ok
23:54:42.0790 7264  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:54:42.0797 7264  mrxsmb10 - ok
23:54:42.0821 7264  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:54:42.0826 7264  mrxsmb20 - ok
23:54:42.0857 7264  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:54:42.0860 7264  msahci - ok
23:54:42.0881 7264  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:54:42.0885 7264  msdsm - ok
23:54:42.0898 7264  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:54:42.0903 7264  MSDTC - ok
23:54:42.0937 7264  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:54:42.0940 7264  Msfs - ok
23:54:42.0961 7264  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:54:42.0963 7264  mshidkmdf - ok
23:54:42.0971 7264  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:54:42.0973 7264  msisadrv - ok
23:54:43.0004 7264  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:54:43.0009 7264  MSiSCSI - ok
23:54:43.0012 7264  msiserver - ok
23:54:43.0037 7264  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:54:43.0040 7264  MSKSSRV - ok
23:54:43.0045 7264  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:54:43.0047 7264  MSPCLOCK - ok
23:54:43.0050 7264  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:54:43.0052 7264  MSPQM - ok
23:54:43.0078 7264  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:54:43.0086 7264  MsRPC - ok
23:54:43.0120 7264  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:54:43.0123 7264  mssmbios - ok
23:54:43.0155 7264  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:54:43.0157 7264  MSTEE - ok
23:54:43.0170 7264  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:54:43.0172 7264  MTConfig - ok
23:54:43.0190 7264  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:54:43.0193 7264  Mup - ok
23:54:43.0263 7264  [ 7E11D1788F5B531D49EF0AF97202437B ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
23:54:43.0885 7264  MyWiFiDHCPDNS - ok
23:54:43.0920 7264  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:54:43.0927 7264  napagent - ok
23:54:43.0970 7264  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:54:43.0983 7264  NativeWifiP - ok
23:54:44.0044 7264  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:54:44.0063 7264  NDIS - ok
23:54:44.0089 7264  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:54:44.0092 7264  NdisCap - ok
23:54:44.0139 7264  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:54:44.0142 7264  NdisTapi - ok
23:54:44.0171 7264  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:54:44.0175 7264  Ndisuio - ok
23:54:44.0207 7264  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:54:44.0213 7264  NdisWan - ok
23:54:44.0228 7264  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:54:44.0231 7264  NDProxy - ok
23:54:44.0285 7264  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:54:44.0288 7264  NetBIOS - ok
23:54:44.0319 7264  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:54:44.0326 7264  NetBT - ok
23:54:44.0390 7264  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:54:44.0392 7264  Netlogon - ok
23:54:44.0666 7264  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:54:44.0673 7264  Netman - ok
23:54:44.0693 7264  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:54:44.0698 7264  netprofm - ok
23:54:44.0728 7264  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:54:44.0732 7264  NetTcpPortSharing - ok
23:54:45.0317 7264  [ 219A40EEEA50D638BA9D08680C354A0C ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
23:54:45.0374 7264  NETwNs64 - ok
23:54:45.0407 7264  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:54:45.0410 7264  nfrd960 - ok
23:54:45.0479 7264  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:54:45.0485 7264  NlaSvc - ok
23:54:45.0499 7264  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:54:45.0501 7264  Npfs - ok
23:54:45.0520 7264  npggsvc - ok
23:54:45.0526 7264  NPPTNT2 - ok
23:54:45.0546 7264  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:54:45.0548 7264  nsi - ok
23:54:45.0557 7264  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:54:45.0559 7264  nsiproxy - ok
23:54:45.0616 7264  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:54:45.0636 7264  Ntfs - ok
23:54:45.0669 7264  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:54:45.0671 7264  Null - ok
23:54:45.0718 7264  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
23:54:45.0724 7264  NVHDA - ok
23:54:45.0933 7264  [ 993D73A8090C957230DE4E14AA9C5DFF ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:54:46.0499 7264  nvlddmkm - ok
23:54:46.0534 7264  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:54:46.0538 7264  nvraid - ok
23:54:46.0568 7264  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:54:46.0573 7264  nvstor - ok
23:54:46.0617 7264  [ C367AD646714E03E14F24F39EC206736 ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:54:46.0651 7264  nvsvc - ok
23:54:46.0746 7264  [ 44407283382D82C64C9195DE686D4205 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:54:46.0791 7264  nvUpdatusService - ok
23:54:46.0818 7264  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:54:46.0844 7264  nv_agp - ok
23:54:46.0903 7264  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:54:46.0911 7264  odserv - ok
23:54:46.0947 7264  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:54:46.0950 7264  ohci1394 - ok
23:54:46.0996 7264  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:54:47.0001 7264  ose - ok
23:54:47.0050 7264  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:54:47.0056 7264  p2pimsvc - ok
23:54:47.0073 7264  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:54:47.0081 7264  p2psvc - ok
23:54:47.0106 7264  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:54:47.0110 7264  Parport - ok
23:54:47.0139 7264  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:54:47.0143 7264  partmgr - ok
23:54:47.0161 7264  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:54:47.0165 7264  PcaSvc - ok
23:54:47.0201 7264  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:54:47.0206 7264  pci - ok
23:54:47.0224 7264  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:54:47.0227 7264  pciide - ok
23:54:47.0245 7264  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:54:47.0251 7264  pcmcia - ok
23:54:47.0254 7264  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:54:47.0257 7264  pcw - ok
23:54:47.0279 7264  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:54:47.0290 7264  PEAUTH - ok
23:54:47.0353 7264  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:54:47.0356 7264  PerfHost - ok
23:54:47.0439 7264  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:54:47.0459 7264  pla - ok
23:54:47.0496 7264  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:54:47.0500 7264  PlugPlay - ok
23:54:47.0520 7264  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:54:47.0524 7264  PNRPAutoReg - ok
23:54:47.0541 7264  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:54:47.0544 7264  PNRPsvc - ok
23:54:47.0572 7264  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:54:47.0580 7264  PolicyAgent - ok
23:54:47.0603 7264  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:54:47.0607 7264  Power - ok
23:54:47.0641 7264  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:54:47.0644 7264  PptpMiniport - ok
23:54:47.0661 7264  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:54:47.0664 7264  Processor - ok
23:54:47.0709 7264  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:54:47.0712 7264  ProfSvc - ok
23:54:47.0723 7264  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:54:47.0725 7264  ProtectedStorage - ok
23:54:47.0757 7264  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:54:47.0761 7264  Psched - ok
23:54:47.0800 7264  [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
23:54:47.0805 7264  PSI_SVC_2 - ok
23:54:47.0866 7264  [ F2EECF8977BD3FE4E38743DDCFBECD20 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
23:54:47.0874 7264  PxHlpa64 - ok
23:54:47.0906 7264  [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
23:54:47.0908 7264  qicflt - ok
23:54:47.0975 7264  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:54:47.0997 7264  ql2300 - ok
23:54:48.0002 7264  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:54:48.0006 7264  ql40xx - ok
23:54:48.0028 7264  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:54:48.0034 7264  QWAVE - ok
23:54:48.0053 7264  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:54:48.0056 7264  QWAVEdrv - ok
23:54:48.0059 7264  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:54:48.0062 7264  RasAcd - ok
23:54:48.0090 7264  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:54:48.0093 7264  RasAgileVpn - ok
23:54:48.0143 7264  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:54:48.0147 7264  RasAuto - ok
23:54:48.0172 7264  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:54:48.0176 7264  Rasl2tp - ok
23:54:48.0232 7264  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:54:48.0241 7264  RasMan - ok
23:54:48.0267 7264  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:54:48.0271 7264  RasPppoe - ok
23:54:48.0275 7264  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:54:48.0278 7264  RasSstp - ok
23:54:48.0306 7264  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:54:48.0314 7264  rdbss - ok
23:54:48.0348 7264  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:54:48.0351 7264  rdpbus - ok
23:54:48.0372 7264  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:54:48.0374 7264  RDPCDD - ok
23:54:48.0379 7264  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:54:48.0382 7264  RDPENCDD - ok
23:54:48.0387 7264  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:54:48.0389 7264  RDPREFMP - ok
23:54:48.0471 7264  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:54:48.0474 7264  RdpVideoMiniport - ok
23:54:48.0510 7264  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:54:48.0515 7264  RDPWD - ok
23:54:48.0550 7264  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:54:48.0556 7264  rdyboost - ok
23:54:48.0593 7264  [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi            C:\Windows\system32\drivers\regi.sys
23:54:48.0595 7264  regi - ok
23:54:48.0657 7264  [ F09087C51C6AE42AE7DABE1EB3E44C17 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:54:49.0061 7264  RegSrvc - ok
23:54:49.0096 7264  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:54:49.0100 7264  RemoteAccess - ok
23:54:49.0129 7264  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:54:49.0134 7264  RemoteRegistry - ok
23:54:49.0171 7264  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:54:49.0176 7264  RFCOMM - ok
23:54:49.0200 7264  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:54:49.0203 7264  RpcEptMapper - ok
23:54:49.0222 7264  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:54:49.0224 7264  RpcLocator - ok
23:54:49.0259 7264  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\System32\rpcss.dll
23:54:49.0263 7264  RpcSs - ok
23:54:49.0300 7264  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:54:49.0303 7264  rspndr - ok
23:54:49.0390 7264  [ A10CF010E1A2B4337230B4929E0FE4A1 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
23:54:49.0400 7264  RtkAudioService - ok
23:54:49.0455 7264  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:54:49.0461 7264  RTL8167 - ok
23:54:49.0482 7264  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:54:49.0483 7264  SamSs - ok
23:54:49.0583 7264  [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc         C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
23:54:49.0620 7264  SBAMSvc - ok
23:54:49.0658 7264  [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
23:54:49.0661 7264  sbapifs - ok
23:54:49.0689 7264  [ B671EEF468D13016B9286F5835A06AE1 ] sbhips          C:\Windows\system32\drivers\sbhips.sys
23:54:49.0692 7264  sbhips - ok
23:54:49.0719 7264  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:54:49.0722 7264  sbp2port - ok
23:54:49.0737 7264  [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE            C:\Windows\system32\drivers\SBREdrv.sys
23:54:49.0740 7264  SBRE - ok
23:54:49.0759 7264  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:54:49.0765 7264  SCardSvr - ok
23:54:49.0788 7264  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:54:49.0791 7264  scfilter - ok
23:54:49.0823 7264  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:54:49.0841 7264  Schedule - ok
23:54:49.0865 7264  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:54:49.0866 7264  SCPolicySvc - ok
23:54:49.0908 7264  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
23:54:49.0912 7264  sdbus - ok
23:54:49.0929 7264  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:54:49.0935 7264  SDRSVC - ok
23:54:49.0995 7264  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:54:49.0999 7264  secdrv - ok
23:54:50.0034 7264  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:54:50.0039 7264  seclogon - ok
23:54:50.0073 7264  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
23:54:50.0077 7264  SENS - ok
23:54:50.0115 7264  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:54:50.0119 7264  SensrSvc - ok
23:54:50.0146 7264  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:54:50.0148 7264  Serenum - ok
23:54:50.0178 7264  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:54:50.0182 7264  Serial - ok
23:54:50.0221 7264  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:54:50.0224 7264  sermouse - ok
23:54:50.0264 7264  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:54:50.0268 7264  SessionEnv - ok
23:54:50.0306 7264  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:54:50.0310 7264  sffdisk - ok
23:54:50.0320 7264  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:54:50.0323 7264  sffp_mmc - ok
23:54:50.0343 7264  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:54:50.0346 7264  sffp_sd - ok
23:54:50.0392 7264  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:54:50.0395 7264  sfloppy - ok
23:54:50.0444 7264  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:54:50.0453 7264  SharedAccess - ok
23:54:50.0487 7264  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:54:50.0493 7264  ShellHWDetection - ok
23:54:50.0520 7264  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:54:50.0523 7264  SiSRaid2 - ok
23:54:50.0527 7264  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:54:50.0531 7264  SiSRaid4 - ok
23:54:50.0544 7264  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:54:50.0547 7264  Smb - ok
23:54:50.0574 7264  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:54:50.0577 7264  SNMPTRAP - ok
23:54:50.0613 7264  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
23:54:50.0619 7264  speedfan - ok
23:54:50.0634 7264  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:54:50.0636 7264  spldr - ok
23:54:50.0663 7264  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
23:54:50.0673 7264  Spooler - ok
23:54:50.0754 7264  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:54:50.0787 7264  sppsvc - ok
23:54:50.0798 7264  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:54:50.0802 7264  sppuinotify - ok
23:54:50.0837 7264  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:54:50.0845 7264  srv - ok
23:54:50.0860 7264  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:54:50.0869 7264  srv2 - ok
23:54:50.0893 7264  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:54:50.0898 7264  srvnet - ok
23:54:50.0932 7264  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:54:50.0938 7264  SSDPSRV - ok
23:54:50.0980 7264  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:54:50.0985 7264  SstpSvc - ok
23:54:51.0010 7264  [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
23:54:51.0013 7264  stdcfltn - ok
23:54:51.0070 7264  [ 17FC2EAD763F0237457817A753A5A676 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:54:51.0077 7264  Stereo Service - ok
23:54:51.0098 7264  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:54:51.0101 7264  stexstor - ok
23:54:51.0125 7264  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:54:51.0135 7264  stisvc - ok
23:54:51.0172 7264  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:54:51.0175 7264  swenum - ok
23:54:51.0222 7264  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:54:51.0232 7264  swprv - ok
23:54:51.0281 7264  [ 09E811486038F1C06F9E00DFFAAB7A4E ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
23:54:51.0300 7264  SynTP - ok
23:54:51.0352 7264  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:54:51.0375 7264  SysMain - ok
23:54:51.0399 7264  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:54:51.0403 7264  TabletInputService - ok
23:54:51.0423 7264  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:54:51.0430 7264  TapiSrv - ok
23:54:51.0450 7264  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:54:51.0455 7264  TBS - ok
23:54:51.0526 7264  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:54:51.0550 7264  Tcpip - ok
23:54:51.0578 7264  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:54:51.0591 7264  TCPIP6 - ok
23:54:51.0626 7264  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:54:51.0629 7264  tcpipreg - ok
23:54:51.0646 7264  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:54:51.0649 7264  TDPIPE - ok
23:54:51.0667 7264  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:54:51.0669 7264  TDTCP - ok
23:54:51.0693 7264  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:54:51.0698 7264  tdx - ok
23:54:51.0825 7264  [ 851C5080261DFC1FCDC21DF0E5EA3BCB ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
23:54:51.0866 7264  TeamViewer8 - ok
23:54:51.0893 7264  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:54:51.0897 7264  TermDD - ok
23:54:51.0919 7264  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:54:51.0928 7264  TermService - ok
23:54:51.0953 7264  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:54:51.0957 7264  Themes - ok
23:54:51.0976 7264  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:54:51.0978 7264  THREADORDER - ok
23:54:51.0997 7264  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:54:52.0001 7264  TrkWks - ok
23:54:52.0052 7264  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:54:52.0054 7264  TrustedInstaller - ok
23:54:52.0074 7264  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:54:52.0077 7264  tssecsrv - ok
23:54:52.0141 7264  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:54:52.0144 7264  TsUsbFlt - ok
23:54:52.0179 7264  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:54:52.0183 7264  tunnel - ok
23:54:52.0207 7264  [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
23:54:52.0528 7264  TurboB - ok
23:54:52.0659 7264  [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
23:54:53.0032 7264  TurboBoost - ok
23:54:53.0120 7264  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:54:53.0123 7264  uagp35 - ok
23:54:53.0149 7264  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:54:53.0157 7264  udfs - ok
23:54:53.0181 7264  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:54:53.0185 7264  UI0Detect - ok
23:54:53.0205 7264  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:54:53.0208 7264  uliagpkx - ok
23:54:53.0252 7264  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:54:53.0256 7264  umbus - ok
23:54:53.0270 7264  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:54:53.0273 7264  UmPass - ok
23:54:53.0353 7264  [ 0B0B9F55B12767A755932C26B5FED715 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:54:53.0375 7264  UNS - ok
23:54:53.0391 7264  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:54:53.0398 7264  upnphost - ok
23:54:53.0410 7264  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:54:53.0414 7264  usbccgp - ok
23:54:53.0451 7264  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:54:53.0456 7264  usbcir - ok
23:54:53.0473 7264  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
23:54:53.0476 7264  usbehci - ok
23:54:53.0498 7264  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:54:53.0505 7264  usbhub - ok
23:54:53.0523 7264  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:54:53.0526 7264  usbohci - ok
23:54:53.0548 7264  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:54:53.0550 7264  usbprint - ok
23:54:53.0564 7264  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:54:53.0568 7264  USBSTOR - ok
23:54:53.0585 7264  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:54:53.0588 7264  usbuhci - ok
23:54:53.0615 7264  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:54:53.0620 7264  usbvideo - ok
23:54:53.0649 7264  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:54:53.0653 7264  UxSms - ok
23:54:53.0665 7264  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:54:53.0666 7264  VaultSvc - ok
23:54:53.0700 7264  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:54:53.0704 7264  vdrvroot - ok
23:54:53.0747 7264  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:54:53.0757 7264  vds - ok
23:54:53.0794 7264  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:54:53.0797 7264  vga - ok
23:54:53.0813 7264  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:54:53.0815 7264  VgaSave - ok
23:54:53.0852 7264  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:54:53.0857 7264  vhdmp - ok
23:54:53.0869 7264  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:54:53.0871 7264  viaide - ok
23:54:53.0901 7264  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:54:53.0905 7264  volmgr - ok
23:54:53.0933 7264  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:54:53.0941 7264  volmgrx - ok
23:54:53.0961 7264  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:54:53.0964 7264  volsnap - ok
23:54:53.0994 7264  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:54:54.0000 7264  vsmraid - ok
23:54:54.0099 7264  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:54:54.0114 7264  VSS - ok
23:54:54.0130 7264  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:54:54.0133 7264  vwifibus - ok
23:54:54.0146 7264  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:54:54.0149 7264  vwififlt - ok
23:54:54.0180 7264  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:54:54.0183 7264  vwifimp - ok
23:54:54.0209 7264  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:54:54.0214 7264  W32Time - ok
23:54:54.0221 7264  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:54:54.0224 7264  WacomPen - ok
23:54:54.0263 7264  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:54:54.0267 7264  WANARP - ok
23:54:54.0271 7264  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:54:54.0272 7264  Wanarpv6 - ok
23:54:54.0353 7264  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:54:54.0369 7264  WatAdminSvc - ok
23:54:54.0428 7264  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:54:54.0445 7264  wbengine - ok
23:54:54.0472 7264  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:54:54.0478 7264  WbioSrvc - ok
23:54:54.0509 7264  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:54:54.0517 7264  wcncsvc - ok
23:54:54.0530 7264  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:54:54.0535 7264  WcsPlugInService - ok
23:54:54.0555 7264  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:54:54.0558 7264  Wd - ok
23:54:54.0600 7264  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:54:54.0611 7264  Wdf01000 - ok
23:54:54.0620 7264  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:54:54.0623 7264  WdiServiceHost - ok
23:54:54.0627 7264  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:54:54.0629 7264  WdiSystemHost - ok
23:54:54.0656 7264  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:54:54.0665 7264  WebClient - ok
23:54:54.0689 7264  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:54:54.0696 7264  Wecsvc - ok
23:54:54.0711 7264  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:54:54.0714 7264  wercplsupport - ok
23:54:54.0752 7264  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:54:54.0754 7264  WerSvc - ok
23:54:54.0793 7264  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:54:54.0797 7264  WfpLwf - ok
23:54:54.0812 7264  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:54:54.0815 7264  WIMMount - ok
23:54:54.0828 7264  WinDefend - ok
23:54:54.0831 7264  WinHttpAutoProxySvc - ok
23:54:54.0877 7264  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:54:54.0884 7264  Winmgmt - ok
23:54:54.0928 7264  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:54:54.0951 7264  WinRM - ok
23:54:54.0992 7264  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:54:54.0995 7264  WinUsb - ok
23:54:55.0024 7264  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:54:55.0034 7264  Wlansvc - ok
23:54:55.0074 7264  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:54:55.0077 7264  WmiAcpi - ok
23:54:55.0113 7264  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:54:55.0119 7264  wmiApSrv - ok
23:54:55.0138 7264  WMPNetworkSvc - ok
23:54:55.0143 7264  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:54:55.0147 7264  WPCSvc - ok
23:54:55.0166 7264  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:54:55.0172 7264  WPDBusEnum - ok
23:54:55.0189 7264  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:54:55.0191 7264  ws2ifsl - ok
23:54:55.0204 7264  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
23:54:55.0206 7264  wscsvc - ok
23:54:55.0209 7264  WSearch - ok
23:54:55.0279 7264  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:54:55.0302 7264  wuauserv - ok
23:54:55.0334 7264  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:54:55.0337 7264  WudfPf - ok
23:54:55.0359 7264  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:54:55.0365 7264  WUDFRd - ok
23:54:55.0397 7264  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:54:55.0402 7264  wudfsvc - ok
23:54:55.0423 7264  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:54:55.0430 7264  WwanSvc - ok
23:54:55.0495 7264  X6va005 - ok
23:54:55.0555 7264  [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
23:54:55.0567 7264  xnacc - ok
23:54:55.0670 7264  [ 5BCB1F6CB749B6826BE1C0F16FF2F600 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
23:54:56.0360 7264  ZeroConfigService - ok
23:54:56.0441 7264  ================ Scan global ===============================
23:54:56.0462 7264  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:54:56.0497 7264  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:54:56.0504 7264  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:54:56.0528 7264  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:54:56.0557 7264  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:54:56.0560 7264  [Global] - ok
23:54:56.0560 7264  ================ Scan MBR ==================================
23:54:56.0573 7264  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:54:56.0853 7264  \Device\Harddisk0\DR0 - ok
23:54:56.0854 7264  ================ Scan VBR ==================================
23:54:56.0856 7264  [ 8F6F3A6797C0F4B8185E42DA67A3307A ] \Device\Harddisk0\DR0\Partition1
23:54:56.0857 7264  \Device\Harddisk0\DR0\Partition1 - ok
23:54:56.0888 7264  [ 7F279A5A695D4802475E10F7B5DA874B ] \Device\Harddisk0\DR0\Partition2
23:54:56.0889 7264  \Device\Harddisk0\DR0\Partition2 - ok
23:54:56.0890 7264  ============================================================
23:54:56.0890 7264  Scan finished
23:54:56.0890 7264  ============================================================
23:54:56.0900 7404  Detected object count: 0
23:54:56.0900 7404  Actual detected object count: 0
23:55:00.0975 6028  Deinitialize success
 

 

 

 

 

 

 

 

 

 

# AdwCleaner v2.301 - Logfile created 05/25/2013 at 00:37:10
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Nick - NICK-PC
# Boot Mode : Normal
# Running from : C:\Users\Nick\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Nick\AppData\Local\funmoods-speeddial.crx
Folder Deleted : C:\Program Files (x86)\adawaretb
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\visualbee
Folder Deleted : C:\Users\Nick\AppData\Local\Conduit
Folder Deleted : C:\Users\Nick\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Nick\AppData\Local\visualbeeexe
Folder Deleted : C:\Users\Nick\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Nick\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Nick\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Nick\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\wn3b2hsv.default\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb
Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\wn3b2hsv.default\prefs.js

C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\wn3b2hsv.default\user.js ... Deleted !

Deleted : user_pref("CT3279141.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3279141.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM (Cou...\",\"description[...]
Deleted : user_pref("CT3279141.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3279141.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3279141.FirstTime", "true");
Deleted : user_pref("CT3279141.FirstTimeFF3", "true");
Deleted : user_pref("CT3279141.LoginRevertSettingsEnabled", true);
Deleted : user_pref("CT3279141.PG_ENABLE", "dHJ1ZQ==");
Deleted : user_pref("CT3279141.RevertSettingsEnabled", true);
Deleted : user_pref("CT3279141.UserID", "UN21365894533171620");
Deleted : user_pref("CT3279141.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3279141.addressUrlXPETakeover", "true");
Deleted : user_pref("CT3279141.cbfirsttime.enc", "VGh1IEZlYiAwNyAyMDEzIDAzOjAwOjM0IEdNVC0wNTAwIChFYXN0ZXJuIFN0[...]
Deleted : user_pref("CT3279141.defaultSearch", "false");
Deleted : user_pref("CT3279141.embeddedsData", "[{\"appId\":\"130028020976478709\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3279141.enableAlerts", "always");
Deleted : user_pref("CT3279141.enableFix404ByUser", "TRUE");
Deleted : user_pref("CT3279141.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3279141.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3279141.fixPageNotFoundError", "true");
Deleted : user_pref("CT3279141.fixPageNotFoundErrorByUser", "true");
Deleted : user_pref("CT3279141.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3279141.fixUrls", true);
Deleted : user_pref("CT3279141.hxxp___api31_starwebnet_com.pid2.enc", "ODM1NmFlYWUwMzg1NjYwOA==");
Deleted : user_pref("CT3279141.installDate", "7/2/2013 2:57:39");
Deleted : user_pref("CT3279141.installId", "9818");
Deleted : user_pref("CT3279141.installType", "conduitnsisintegration");
Deleted : user_pref("CT3279141.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3279141.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3279141.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3279141.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3279141.keyword", "true");
Deleted : user_pref("CT3279141.lastVersion", "10.14.42.11");
Deleted : user_pref("CT3279141.mam_gk_CouponBuddy_appState.enc", "b24=");
Deleted : user_pref("CT3279141.mam_gk_PriceGong_appState.enc", "b24=");
Deleted : user_pref("CT3279141.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9z[...]
Deleted : user_pref("CT3279141.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3279141.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...]
Deleted : user_pref("CT3279141.mam_gk_currentVersion.enc", "MS4yLjAuMTI=");
Deleted : user_pref("CT3279141.mam_gk_eventsCache.enc", "eyIwYWMzNDc0MS05Y2EzLTQ1ODMtYmU4Ni05OTc4NjJkZGMzNDQiO[...]
Deleted : user_pref("CT3279141.mam_gk_first_time.enc", "MQ==");
Deleted : user_pref("CT3279141.mam_gk_gadgetOpen.enc", "MQ==");
Deleted : user_pref("CT3279141.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Deleted : user_pref("CT3279141.mam_gk_lastLoginTime.enc", "");
Deleted : user_pref("CT3279141.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Deleted : user_pref("CT3279141.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3279141.mam_gk_settings1.2.0.12.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVy[...]
Deleted : user_pref("CT3279141.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3279141.mam_gk_showWelcomeGadget.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3279141.mam_gk_userId.enc", "MWI0NjFjMjctOGQ5MC00M2MyLThjYjEtOGIwYTMyZTE5MjZi");
Deleted : user_pref("CT3279141.mam_gk_user_apps_selection.enc", "");
Deleted : user_pref("CT3279141.migrateAppsAndComponents", true);
Deleted : user_pref("CT3279141.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxps[...]
Deleted : user_pref("CT3279141.openThankYouPage", "false");
Deleted : user_pref("CT3279141.openUninstallPage", "true");
Deleted : user_pref("CT3279141.price-gong.isManagedApp", "true");
Deleted : user_pref("CT3279141.revertSettingsEnabled", "true");
Deleted : user_pref("CT3279141.search.searchAppId", "130028020976478709");
Deleted : user_pref("CT3279141.search.searchCount", "0");
Deleted : user_pref("CT3279141.searchInNewTabEnabledByUser", "false");
Deleted : user_pref("CT3279141.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3279141.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3279141.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3279141.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Deleted : user_pref("CT3279141.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3279141.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3279141.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3279141.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3279141.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1360224022076");
Deleted : user_pref("CT3279141.serviceLayer_services_appsMetadata_lastUpdate", "1360224019419");
Deleted : user_pref("CT3279141.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1360224019539");
Deleted : user_pref("CT3279141.serviceLayer_services_login_10.14.42.11_lastUpdate", "1360224027825");
Deleted : user_pref("CT3279141.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1360224019491");
Deleted : user_pref("CT3279141.serviceLayer_services_searchAPI_lastUpdate", "1360224019229");
Deleted : user_pref("CT3279141.serviceLayer_services_serviceMap_lastUpdate", "1360224018864");
Deleted : user_pref("CT3279141.serviceLayer_services_toolbarContextMenu_lastUpdate", "1360224019432");
Deleted : user_pref("CT3279141.serviceLayer_services_toolbarSettings_lastUpdate", "1360224019117");
Deleted : user_pref("CT3279141.serviceLayer_services_translation_lastUpdate", "1360224022051");
Deleted : user_pref("CT3279141.settingsINI", true);
Deleted : user_pref("CT3279141.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3279141.smartbar.CTID", "CT3279141");
Deleted : user_pref("CT3279141.smartbar.Uninstall", "0");
Deleted : user_pref("CT3279141.smartbar.toolbarName", "WhiteSmoke B ");
Deleted : user_pref("CT3279141.startPage", "false");
Deleted : user_pref("CT3279141.toolbarBornServerTime", "7-2-2013");
Deleted : user_pref("CT3279141.toolbarCurrentServerTime", "7-2-2013");
Deleted : user_pref("CT3279141.url_history0001.enc", "aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo6OmNsaWNraGFuZGxlcjo6OjEz[...]
Deleted : user_pref("CT3279141_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("ct3279141.UserID", "UN21365894533171620");
Deleted : user_pref("extensions.funmoods.aflt", "axl");
Deleted : user_pref("extensions.funmoods.autoRvrt", false);
Deleted : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Deleted : user_pref("extensions.funmoods.cntry", "US");
Deleted : user_pref("extensions.funmoods.cv", "cv5");
Deleted : user_pref("extensions.funmoods.dfltLng", "");
Deleted : user_pref("extensions.funmoods.dfltSrch", false);
Deleted : user_pref("extensions.funmoods.dfltlng", "en");
Deleted : user_pref("extensions.funmoods.dfltsrch", "false");
Deleted : user_pref("extensions.funmoods.dnsErr", true);
Deleted : user_pref("extensions.funmoods.envrmnt", "production");
Deleted : user_pref("extensions.funmoods.excTlbr", false);
Deleted : user_pref("extensions.funmoods.hdrMd5", "F2BEBB14F9AC1F25468EE8DC86EDD625");
Deleted : user_pref("extensions.funmoods.hmpg", true);
Deleted : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2[...]
Deleted : user_pref("extensions.funmoods.hrdid", "C0CB38AB972ADC45");
Deleted : user_pref("extensions.funmoods.id", "C0CB38AB972ADC45");
Deleted : user_pref("extensions.funmoods.instlDay", "15569");
Deleted : user_pref("extensions.funmoods.instlRef", "axl");
Deleted : user_pref("extensions.funmoods.instlday", "15569");
Deleted : user_pref("extensions.funmoods.instlref", "axl");
Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true);
Deleted : user_pref("extensions.funmoods.keywordurl", "");
Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2223:1:58");
Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Deleted : user_pref("extensions.funmoods.newTab", true);
Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzuyEt[...]
Deleted : user_pref("extensions.funmoods.newtab", true);
Deleted : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=axl&chnl=axl&cd=2XzuyEt[...]
Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrid", "funmoods");
Deleted : user_pref("extensions.funmoods.savedVrsnTs", "1");
Deleted : user_pref("extensions.funmoods.sg", "none");
Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Deleted : user_pref("extensions.funmoods.smplgrp", "none");
Deleted : user_pref("extensions.funmoods.srch", "");
Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods.srchprvdr", "Search");
Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=axl&chnl=axl&cd=2Xzuy[...]
Deleted : user_pref("extensions.funmoods.tlbrid", "base");
Deleted : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/?f=3&a=axl&chnl=axl&cd=2Xzuy[...]
Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2223:1:58");
Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Deleted : user_pref("extensions.funmoods.vrsnts", "1.5.23.2223:1:58");
Deleted : user_pref("extensions.funmoods_i.newTab", true);
Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2223:1:58");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=2&CU[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Deleted : user_pref("smartbar.machineId", "XU4HRJ9U29UCMZKUMUS1KHYPWNQAFZQWCZ1JUBJ2AGDSAFR/9L8IQ89BVDWWMQ9Z//J[...]
Deleted : user_pref("smartbar.originalSearchAddressUrl", "");

-\\ Google Chrome v27.0.1453.94

File : C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [Unable to get version]

File : C:\Users\Nick\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [18719 octets] - [25/05/2013 00:37:10]

########## EOF - C:\AdwCleaner[S1].txt - [18780 octets] ##########
 

 

 

 

 

 

 

 

 

 

C:\Perl\bin\IpbExploit.pl    Perl/Exploit.Board.C trojan
C:\Program Files (x86)\Cheat Engine 6.1\cheatengine-i386.exe    a variant of Win32/HackTool.CheatEngine.AB application



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,330 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:24 PM

Posted 25 May 2013 - 10:14 PM

Ok, this was a good clean, should be better. Looks like you need also to reinstall some Baseball App that's producing a lot of errors.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 ezpkns34

ezpkns34
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 26 May 2013 - 12:00 AM

Ok, this was a good clean, should be better. Looks like you need also to reinstall some Baseball App that's producing a lot of errors.

Appreciate the help so far, but it isn't running better

 

Exact same issue with the memory running ~20% higher than it typically does



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,330 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:24 PM

Posted 26 May 2013 - 07:22 PM

Please run 2 more.
 
Please download aswMBR ( 4.5MB ) to your desktop.
 
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the  save log button, save it to your desktop, then copy and paste it in your next reply.
  •  
     
     
     
    Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop. %5BLIST%5D
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
  • Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
  • Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware. -- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
  • [/list]

Edited by boopme, 26 May 2013 - 07:23 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 ezpkns34

ezpkns34
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 27 May 2013 - 11:30 AM

On aswMBR, should I keep it as a quick scan or scan the whole C drive?



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,330 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:24 PM

Posted 27 May 2013 - 09:39 PM

Scan the Whole drive.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 ezpkns34

ezpkns34
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 30 May 2013 - 01:54 PM

Sorry, been busy the past few days. Tried to do the aswMBR scan last night while I slept, but my computer went to sleep during the scan

 

Should have them posted this weekend sometime (just didn't want this thread to automatically close b/c of there being no updates til then)



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,330 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:24 PM

Posted 02 June 2013 - 08:47 PM

Take your time. I'll look back.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users