Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How do I remove riaiccape.exe


  • This topic is locked This topic is locked
10 replies to this topic

#1 skysis

skysis

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 04 June 2013 - 03:52 PM

My computer is infected with this virus and it won't go away no matter what I tried. It makes avast come up asking if I should denie or allow it's execution. That's how I found out about this virus. I ran malwarebyites pro and it found and deleted a bunch of other malware that this thing generated. However it's unable to even find riaiccape exe. When I highlight this file and run a check on it with either avast or malwarebyites, malwarebyites says there's no infection and avast says the file can't be scanned and that it's a decompression bomb.
This file resides in programdata/svsupdates0. This folder is highlighted in red and is hidden and locked. I tried to remove this folder and file using file assassin, then from dos prompt and finally via Bart PE, but no matter what I do, all I get is "acsses denied". I tried attrib -h -r -s /s /d on this file and folder using both command line and Bart PE to no avail. I'm always getting "access denied" response.
Is there any other way to overcome this access denied problem and remove the damn thing?
Thank you!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 AM

Posted 04 June 2013 - 04:06 PM

Hello skysis

 

Lets run these and see how it is.

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

 

Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>>>

Now ESET....

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

How is it ??


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 skysis

skysis
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 04 June 2013 - 06:35 PM

Thanks for your help. Will post later

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 AM

Posted 04 June 2013 - 08:12 PM

I'll look back.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 skysis

skysis
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 04 June 2013 - 09:22 PM

Found another instance of riaiccape.exe in All Users in the same folder.

Here's the info you requested:

 

TDSSKiller.2.8.16.0_04.06.2013_16.20.02_log

 

 

16:20:02.0732 4440  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:20:04.0494 4440  ============================================================
16:20:04.0494 4440  Current date / time: 2013/06/04 16:20:04.0494
16:20:04.0494 4440  SystemInfo:
16:20:04.0494 4440  
16:20:04.0494 4440  OS Version: 6.1.7601 ServicePack: 1.0
16:20:04.0494 4440  Product type: Workstation
16:20:04.0494 4440  ComputerName: FARSCAPE1
16:20:04.0494 4440  UserName: skysi
16:20:04.0494 4440  Windows directory: C:\Windows
16:20:04.0494 4440  System windows directory: C:\Windows
16:20:04.0494 4440  Running under WOW64
16:20:04.0494 4440  Processor architecture: Intel x64
16:20:04.0494 4440  Number of processors: 8
16:20:04.0494 4440  Page size: 0x1000
16:20:04.0494 4440  Boot type: Normal boot
16:20:04.0494 4440  ============================================================
16:20:05.0793 4440  Drive \Device\Harddisk4\DR4 - Size: 0xE8E09ADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
16:20:05.0813 4440  Drive \Device\Harddisk5\DR5 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:05.0814 4440  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
16:20:05.0814 4440  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
16:20:05.0815 4440  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
16:20:05.0815 4440  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
16:20:05.0816 4440  Drive \Device\Harddisk6\DR6 - Size: 0x2BAA106DE00 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59100, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:06.0050 4440  Drive \Device\Harddisk7\DR7 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:06.0279 4440  Drive \Device\Harddisk8\DR8 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:06.0290 4440  Drive \Device\Harddisk10\DR10 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:20:06.0319 4440  Drive \Device\Harddisk11\DR11 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:20:06.0325 4440  Drive \Device\Harddisk12\DR12 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:20:06.0328 4440  Drive \Device\Harddisk13\DR13 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:20:06.0349 4440  Drive \Device\Harddisk14\DR14 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:20:06.0383 4440  Drive \Device\Harddisk9\DR9 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:20:06.0400 4440  ============================================================
16:20:06.0400 4440  \Device\Harddisk4\DR4:
16:20:06.0401 4440  MBR partitions:
16:20:06.0401 4440  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:20:06.0401 4440  \Device\Harddisk4\DR4\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3292FD30
16:20:06.0401 4440  \Device\Harddisk4\DR4\Partition3: MBR, Type 0x7, StartLBA 0x32962530, BlocksNum 0x41DA2840
16:20:06.0401 4440  \Device\Harddisk5\DR5:
16:20:06.0401 4440  GPT partitions:
16:20:06.0401 4440  \Device\Harddisk5\DR5\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AAEE280A-69FB-1431-666C-98C9C70F9D2F}, Name: , StartLBA 0x22, BlocksNum 0x4A85826C
16:20:06.0401 4440  MBR partitions:
16:20:06.0401 4440  \Device\Harddisk0\DR0:
16:20:06.0402 4440  MBR partitions:
16:20:06.0402 4440  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
16:20:06.0402 4440  \Device\Harddisk1\DR1:
16:20:06.0402 4440  GPT partitions:
16:20:06.0402 4440  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9BC51A5F-A049-F6A3-9AC6-2CA8DB396D5B}, Name: , StartLBA 0x22, BlocksNum 0xE8E0886C
16:20:06.0402 4440  MBR partitions:
16:20:06.0402 4440  \Device\Harddisk2\DR2:
16:20:06.0402 4440  GPT partitions:
16:20:06.0403 4440  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E82ABD00-0DD4-C118-961A-34E4087361F5}, Name: , StartLBA 0x22, BlocksNum 0xE8E0886C
16:20:06.0403 4440  MBR partitions:
16:20:06.0403 4440  \Device\Harddisk3\DR3:
16:20:06.0403 4440  MBR partitions:
16:20:06.0403 4440  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
16:20:06.0403 4440  \Device\Harddisk6\DR6:
16:20:06.0403 4440  GPT partitions:
16:20:06.0404 4440  \Device\Harddisk6\DR6\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {291FFC3C-6A1A-4B90-84B7-334FD9D2C09A}, Name: Mi, StartLBA 0x22, BlocksNum 0x40000
16:20:06.0404 4440  \Device\Harddisk6\DR6\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5FABE30C-2710-0000-B43E-806E6F6E6963}, Name: , StartLBA 0x40022, BlocksNum 0x5D4C832B
16:20:06.0404 4440  MBR partitions:
16:20:06.0404 4440  \Device\Harddisk7\DR7:
16:20:06.0404 4440  GPT partitions:
16:20:06.0404 4440  \Device\Harddisk7\DR7\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D3B53EEA-0779-4AE2-9E4F-88A63809E5C3}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
16:20:06.0404 4440  \Device\Harddisk7\DR7\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A3213B02-1FD5-4ADB-8882-5BD837FF97AD}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
16:20:06.0404 4440  MBR partitions:
16:20:06.0404 4440  \Device\Harddisk8\DR8:
16:20:06.0404 4440  GPT partitions:
16:20:06.0405 4440  \Device\Harddisk8\DR8\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A616C287-10A3-41D2-8F58-85423FB32FB1}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
16:20:06.0405 4440  \Device\Harddisk8\DR8\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1D8A4873-61EC-4350-973E-A9B789C82190}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xE8DC8000
16:20:06.0405 4440  MBR partitions:
16:20:06.0405 4440  \Device\Harddisk10\DR10:
16:20:06.0405 4440  MBR partitions:
16:20:06.0405 4440  \Device\Harddisk10\DR10\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
16:20:06.0405 4440  \Device\Harddisk11\DR11:
16:20:06.0406 4440  GPT partitions:
16:20:06.0407 4440  \Device\Harddisk11\DR11\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D51D64A0-E536-B416-75D0-96B14937F60E}, Name: , StartLBA 0x22, BlocksNum 0x74706D6C
16:20:06.0407 4440  MBR partitions:
16:20:06.0407 4440  \Device\Harddisk12\DR12:
16:20:06.0407 4440  MBR partitions:
16:20:06.0407 4440  \Device\Harddisk12\DR12\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
16:20:06.0407 4440  \Device\Harddisk13\DR13:
16:20:06.0408 4440  MBR partitions:
16:20:06.0408 4440  \Device\Harddisk13\DR13\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
16:20:06.0408 4440  \Device\Harddisk14\DR14:
16:20:06.0408 4440  MBR partitions:
16:20:06.0408 4440  \Device\Harddisk14\DR14\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
16:20:06.0408 4440  \Device\Harddisk9\DR9:
16:20:06.0409 4440  GPT partitions:
16:20:06.0410 4440  \Device\Harddisk9\DR9\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {693145E3-0A3A-64BE-9E1F-FF62A258C6FA}, Name: , StartLBA 0x22, BlocksNum 0x74706D6C
16:20:06.0410 4440  MBR partitions:
16:20:06.0410 4440  ============================================================
16:20:06.0424 4440  C: <-> \Device\Harddisk4\DR4\Partition2
16:20:06.0473 4440  D: <-> \Device\Harddisk4\DR4\Partition3
16:20:06.0504 4440  M: <-> \Device\Harddisk3\DR3\Partition1
16:20:06.0568 4440  P: <-> \Device\Harddisk14\DR14\Partition1
16:20:06.0640 4440  E: <-> \Device\Harddisk5\DR5\Partition1
16:20:06.0754 4440  F: <-> \Device\Harddisk6\DR6\Partition2
16:20:06.0882 4440  G: <-> \Device\Harddisk7\DR7\Partition2
16:20:06.0932 4440  H: <-> \Device\Harddisk8\DR8\Partition2
16:20:06.0947 4440  I: <-> \Device\Harddisk9\DR9\Partition1
16:20:06.0953 4440  J: <-> \Device\Harddisk10\DR10\Partition1
16:20:06.0959 4440  K: <-> \Device\Harddisk0\DR0\Partition1
16:20:06.0998 4440  O: <-> \Device\Harddisk13\DR13\Partition1
16:20:07.0082 4440  Q: <-> \Device\Harddisk11\DR11\Partition1
16:20:07.0097 4440  N: <-> \Device\Harddisk2\DR2\Partition1
16:20:07.0101 4440  L: <-> \Device\Harddisk1\DR1\Partition1
16:20:07.0101 4440  ============================================================
16:20:07.0101 4440  Initialize success
16:20:07.0101 4440  ============================================================
16:20:58.0490 7572  ============================================================
16:20:58.0490 7572  Scan started
16:20:58.0490 7572  Mode: Manual; TDLFS; 
16:20:58.0490 7572  ============================================================
16:20:59.0737 7572  ================ Scan system memory ========================
16:20:59.0737 7572  System memory - ok
16:20:59.0737 7572  ================ Scan services =============================
16:20:59.0836 7572  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:20:59.0840 7572  1394ohci - ok
16:20:59.0868 7572  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:20:59.0872 7572  ACPI - ok
16:20:59.0890 7572  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:20:59.0892 7572  AcpiPmi - ok
16:20:59.0986 7572  [ 0B3601ECEA5D6D41CCAE143355892061 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
16:20:59.0993 7572  AcrSch2Svc - ok
16:21:00.0066 7572  [ BF3818B441955E4D438EC72F06F1FE61 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
16:21:00.0068 7572  AdobeActiveFileMonitor11.0 - ok
16:21:00.0150 7572  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:21:00.0152 7572  AdobeFlashPlayerUpdateSvc - ok
16:21:00.0172 7572  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:21:00.0178 7572  adp94xx - ok
16:21:00.0189 7572  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:21:00.0193 7572  adpahci - ok
16:21:00.0201 7572  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:21:00.0204 7572  adpu320 - ok
16:21:00.0228 7572  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:21:00.0230 7572  AeLookupSvc - ok
16:21:00.0253 7572  [ B794DD8ACC5CC76177156463DAB4BEBB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
16:21:00.0258 7572  afcdp - ok
16:21:00.0333 7572  [ 5555E5CE43DE53FE4C2F19A1163C49A0 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
16:21:00.0347 7572  afcdpsrv - ok
16:21:00.0367 7572  [ D5B031C308A409A0A576BFF4CF083D30 ] AFD             C:\Windows\system32\drivers\afd.sys
16:21:00.0371 7572  AFD - ok
16:21:00.0392 7572  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:21:00.0394 7572  agp440 - ok
16:21:00.0399 7572  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:21:00.0401 7572  ALG - ok
16:21:00.0423 7572  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:21:00.0424 7572  aliide - ok
16:21:00.0472 7572  ALSysIO - ok
16:21:00.0485 7572  [ F687D4976EFF550FB0BE45A5CB19F18F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:21:00.0487 7572  AMD External Events Utility - ok
16:21:00.0495 7572  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:21:00.0497 7572  amdide - ok
16:21:00.0506 7572  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:21:00.0508 7572  AmdK8 - ok
16:21:00.0609 7572  [ 74687C33C4AD25A975BBB1EA1E8B3884 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:21:00.0686 7572  amdkmdag - ok
16:21:00.0702 7572  [ C7F56ED86327A78E7F8A5CC503A98BD6 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:21:00.0703 7572  amdkmdap - ok
16:21:00.0711 7572  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:21:00.0712 7572  AmdPPM - ok
16:21:00.0737 7572  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:21:00.0739 7572  amdsata - ok
16:21:00.0745 7572  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:21:00.0747 7572  amdsbs - ok
16:21:00.0756 7572  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:21:00.0757 7572  amdxata - ok
16:21:00.0782 7572  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
16:21:00.0784 7572  androidusb - ok
16:21:00.0805 7572  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:21:00.0806 7572  AppID - ok
16:21:00.0819 7572  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:21:00.0820 7572  AppIDSvc - ok
16:21:00.0842 7572  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
16:21:00.0843 7572  Appinfo - ok
16:21:00.0855 7572  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:21:00.0857 7572  AppMgmt - ok
16:21:00.0870 7572  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:21:00.0872 7572  arc - ok
16:21:00.0882 7572  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:21:00.0884 7572  arcsas - ok
16:21:00.0947 7572  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:21:00.0952 7572  aspnet_state - ok
16:21:00.0969 7572  [ F810E3EA3D1F3C3BA26F2F4719BDCA4F ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
16:21:00.0969 7572  aswFsBlk - ok
16:21:00.0990 7572  [ 696B534C07065512317529318DA79B80 ] aswFW           C:\Windows\system32\drivers\aswFW.sys
16:21:00.0991 7572  aswFW - ok
16:21:01.0010 7572  [ 3687FD9CEDF56D3B9F18923F4E14F3F9 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:21:01.0011 7572  aswMonFlt - ok
16:21:01.0022 7572  [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis         C:\Windows\system32\DRIVERS\aswNdis.sys
16:21:01.0024 7572  aswNdis - ok
16:21:01.0038 7572  [ B977CB4B919E6D47009B608A4E733B43 ] aswNdis2        C:\Windows\system32\drivers\aswNdis2.sys
16:21:01.0041 7572  aswNdis2 - ok
16:21:01.0047 7572  [ E99E48596B35E5D5240104BCD61B3471 ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
16:21:01.0047 7572  aswRdr - ok
16:21:01.0064 7572  [ 84AD8FB3FD2EFA52D8599A0028BBB6FE ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:21:01.0067 7572  aswSnx - ok
16:21:01.0082 7572  [ 8CBA6CC5DCA9E3829F1792BF98F06901 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:21:01.0085 7572  aswSP - ok
16:21:01.0099 7572  [ 184248F2DED7B1641C7F3B30381BAA2A ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
16:21:01.0100 7572  aswTdi - ok
16:21:01.0113 7572  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:21:01.0113 7572  AsyncMac - ok
16:21:01.0134 7572  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:21:01.0134 7572  atapi - ok
16:21:01.0181 7572  [ 36322190763845975E0D001E90687BF2 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
16:21:01.0207 7572  athur - ok
16:21:01.0223 7572  [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
16:21:01.0225 7572  AtiHdmiService - ok
16:21:01.0254 7572  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:21:01.0262 7572  AudioEndpointBuilder - ok
16:21:01.0279 7572  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:21:01.0283 7572  AudioSrv - ok
16:21:01.0328 7572  [ 2695E3E9497BF72ABB44B5010EC5DA16 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:21:01.0329 7572  avast! Antivirus - ok
16:21:01.0348 7572  [ C439C2613175C9364A61DA708551381C ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
16:21:01.0349 7572  avast! Firewall - ok
16:21:01.0369 7572  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:21:01.0372 7572  AxInstSV - ok
16:21:01.0391 7572  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:21:01.0397 7572  b06bdrv - ok
16:21:01.0413 7572  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:21:01.0418 7572  b57nd60a - ok
16:21:01.0445 7572  [ F01759FA97126CC69DFA85CEDA0717A1 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
16:21:01.0448 7572  bcbtums - ok
16:21:01.0452 7572  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:21:01.0454 7572  BDESVC - ok
16:21:01.0466 7572  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:21:01.0467 7572  Beep - ok
16:21:01.0500 7572  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:21:01.0509 7572  BFE - ok
16:21:01.0552 7572  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
16:21:01.0565 7572  BITS - ok
16:21:01.0574 7572  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:21:01.0576 7572  blbdrive - ok
16:21:01.0639 7572  [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
16:21:01.0642 7572  Bonjour Service - ok
16:21:01.0664 7572  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:21:01.0666 7572  bowser - ok
16:21:01.0680 7572  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:21:01.0682 7572  BrFiltLo - ok
16:21:01.0692 7572  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:21:01.0693 7572  BrFiltUp - ok
16:21:01.0713 7572  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:21:01.0716 7572  BridgeMP - ok
16:21:01.0738 7572  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
16:21:01.0740 7572  Browser - ok
16:21:01.0758 7572  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:21:01.0762 7572  Brserid - ok
16:21:01.0772 7572  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:21:01.0775 7572  BrSerWdm - ok
16:21:01.0787 7572  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:21:01.0788 7572  BrUsbMdm - ok
16:21:01.0795 7572  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:21:01.0797 7572  BrUsbSer - ok
16:21:01.0835 7572  [ 07DCB3C254D584E3949FE2C0EE3963F2 ] BthAudioHF      C:\Windows\system32\DRIVERS\BthAudioHF.sys
16:21:01.0845 7572  BthAudioHF - ok
16:21:01.0873 7572  [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp        C:\Windows\system32\DRIVERS\BthAvrcp.sys
16:21:01.0875 7572  BthAvrcp - ok
16:21:01.0896 7572  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:21:01.0898 7572  BthEnum - ok
16:21:01.0906 7572  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:21:01.0908 7572  BTHMODEM - ok
16:21:01.0926 7572  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:21:01.0928 7572  BthPan - ok
16:21:01.0957 7572  [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
16:21:01.0963 7572  BTHPORT - ok
16:21:01.0974 7572  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:21:01.0975 7572  bthserv - ok
16:21:01.0992 7572  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
16:21:01.0995 7572  BTHUSB - ok
16:21:02.0032 7572  [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
16:21:02.0040 7572  btwampfl - ok
16:21:02.0059 7572  [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
16:21:02.0062 7572  btwaudio - ok
16:21:02.0073 7572  [ 9FF58F76024D25784755B01F926B00BE ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
16:21:02.0077 7572  btwavdt - ok
16:21:02.0123 7572  [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:21:02.0134 7572  btwdins - ok
16:21:02.0153 7572  [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
16:21:02.0155 7572  btwl2cap - ok
16:21:02.0168 7572  [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
16:21:02.0170 7572  btwrchid - ok
16:21:02.0184 7572  catchme - ok
16:21:02.0196 7572  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:21:02.0198 7572  cdfs - ok
16:21:02.0226 7572  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:21:02.0228 7572  cdrom - ok
16:21:02.0252 7572  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:21:02.0254 7572  CertPropSvc - ok
16:21:02.0265 7572  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:21:02.0266 7572  circlass - ok
16:21:02.0279 7572  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:21:02.0284 7572  CLFS - ok
16:21:02.0330 7572  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:21:02.0331 7572  clr_optimization_v2.0.50727_32 - ok
16:21:02.0345 7572  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:21:02.0347 7572  clr_optimization_v2.0.50727_64 - ok
16:21:02.0374 7572  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:21:02.0387 7572  clr_optimization_v4.0.30319_32 - ok
16:21:02.0413 7572  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:21:02.0415 7572  clr_optimization_v4.0.30319_64 - ok
16:21:02.0429 7572  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:21:02.0431 7572  CmBatt - ok
16:21:02.0461 7572  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:21:02.0463 7572  cmdide - ok
16:21:02.0503 7572  [ 3CD27B6666D0A6A71A7B6834DD5C97F7 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
16:21:02.0518 7572  cmudaxp - ok
16:21:02.0558 7572  [ D5FEA92400F12412B3922087C09DA6A5 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:21:02.0564 7572  CNG - ok
16:21:02.0570 7572  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:21:02.0571 7572  Compbatt - ok
16:21:02.0597 7572  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:21:02.0598 7572  CompositeBus - ok
16:21:02.0602 7572  COMSysApp - ok
16:21:02.0607 7572  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:21:02.0608 7572  crcdisk - ok
16:21:02.0642 7572  [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:21:02.0645 7572  CryptSvc - ok
16:21:02.0684 7572  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
16:21:02.0690 7572  CSC - ok
16:21:02.0719 7572  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
16:21:02.0727 7572  CscService - ok
16:21:02.0757 7572  [ DF07C6D98BA7F81D0571E366B1CD6672 ] csr_a2dp        C:\Windows\system32\drivers\bthav.sys
16:21:02.0759 7572  csr_a2dp - ok
16:21:02.0791 7572  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:21:02.0799 7572  DcomLaunch - ok
16:21:02.0814 7572  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:21:02.0817 7572  defragsvc - ok
16:21:02.0857 7572  [ FDC0C5ADDE1CDE6EDB0BEF78F0699AF3 ] DES2 Service    C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
16:21:02.0858 7572  DES2 Service - ok
16:21:02.0887 7572  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:21:02.0889 7572  DfsC - ok
16:21:02.0924 7572  [ A64CC0B5D93F25BF5D052A1FEBE71E68 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:21:02.0926 7572  dg_ssudbus - ok
16:21:02.0937 7572  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:21:02.0942 7572  Dhcp - ok
16:21:02.0946 7572  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:21:02.0947 7572  discache - ok
16:21:02.0959 7572  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:21:02.0961 7572  Disk - ok
16:21:03.0056 7572  [ 6305F4AFB2492D188712D728BCF8A32C ] Diskeeper       C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
16:21:03.0070 7572  Diskeeper - ok
16:21:03.0080 7572  [ 20C394C80113D77406DF8F1ADC720B01 ] DKRtWrt         C:\Windows\system32\DRIVERS\DKRtWrt.sys
16:21:03.0081 7572  DKRtWrt - ok
16:21:03.0099 7572  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:21:03.0101 7572  Dnscache - ok
16:21:03.0120 7572  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:21:03.0124 7572  dot3svc - ok
16:21:03.0152 7572  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:21:03.0155 7572  DPS - ok
16:21:03.0189 7572  [ F7BDA38AFBDA04F0A89DEBA767EEDA79 ] DragonSvc       C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
16:21:03.0192 7572  DragonSvc - ok
16:21:03.0217 7572  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:21:03.0219 7572  drmkaud - ok
16:21:03.0240 7572  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:21:03.0246 7572  DXGKrnl - ok
16:21:03.0258 7572  [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
16:21:03.0261 7572  E1G60 - ok
16:21:03.0284 7572  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:21:03.0286 7572  EapHost - ok
16:21:03.0344 7572  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:21:03.0396 7572  ebdrv - ok
16:21:03.0407 7572  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
16:21:03.0409 7572  EFS - ok
16:21:03.0436 7572  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:21:03.0439 7572  ehRecvr - ok
16:21:03.0455 7572  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:21:03.0456 7572  ehSched - ok
16:21:03.0471 7572  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:21:03.0476 7572  elxstor - ok
16:21:03.0502 7572  [ 2FD83A7CF6C75F3A288EAD94867A9AD6 ] emAudio         C:\Windows\system32\drivers\emAudio64.sys
16:21:03.0504 7572  emAudio - ok
16:21:03.0512 7572  [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv        C:\Windows\system32\epmntdrv.sys
16:21:03.0514 7572  epmntdrv - ok
16:21:03.0536 7572  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:21:03.0538 7572  ErrDev - ok
16:21:03.0559 7572  [ 84486624268E078255BC7AA47F0960BC ] etdrv           C:\Windows\etdrv.sys
16:21:03.0559 7572  etdrv - ok
16:21:03.0571 7572  [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
16:21:03.0573 7572  EuGdiDrv - ok
16:21:03.0595 7572  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:21:03.0601 7572  EventSystem - ok
16:21:03.0613 7572  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:21:03.0616 7572  exfat - ok
16:21:03.0630 7572  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:21:03.0633 7572  fastfat - ok
16:21:03.0662 7572  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:21:03.0669 7572  Fax - ok
16:21:03.0678 7572  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:21:03.0679 7572  fdc - ok
16:21:03.0690 7572  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:21:03.0692 7572  fdPHost - ok
16:21:03.0704 7572  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:21:03.0706 7572  FDResPub - ok
16:21:03.0717 7572  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:21:03.0719 7572  FileInfo - ok
16:21:03.0728 7572  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:21:03.0730 7572  Filetrace - ok
16:21:03.0763 7572  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:21:03.0767 7572  FLEXnet Licensing Service - ok
16:21:03.0778 7572  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:21:03.0780 7572  flpydisk - ok
16:21:03.0810 7572  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:21:03.0814 7572  FltMgr - ok
16:21:03.0844 7572  [ D4463A74E1BFBF3FB9B4FC6CF5390152 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
16:21:03.0847 7572  fltsrv - ok
16:21:03.0884 7572  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
16:21:03.0906 7572  FontCache - ok
16:21:03.0949 7572  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:21:03.0950 7572  FontCache3.0.0.0 - ok
16:21:03.0960 7572  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:21:03.0962 7572  FsDepends - ok
16:21:03.0972 7572  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:21:03.0973 7572  Fs_Rec - ok
16:21:04.0007 7572  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:21:04.0010 7572  fvevol - ok
16:21:04.0024 7572  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:21:04.0026 7572  gagp30kx - ok
16:21:04.0042 7572  [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv            C:\Windows\gdrv.sys
16:21:04.0043 7572  gdrv - ok
16:21:04.0076 7572  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:21:04.0086 7572  gpsvc - ok
16:21:04.0147 7572  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:21:04.0148 7572  gupdate - ok
16:21:04.0153 7572  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:21:04.0154 7572  gupdatem - ok
16:21:04.0183 7572  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:21:04.0184 7572  gusvc - ok
16:21:04.0196 7572  [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64        C:\Windows\GVTDrv64.sys
16:21:04.0197 7572  GVTDrv64 - ok
16:21:04.0209 7572  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:21:04.0210 7572  hcw85cir - ok
16:21:04.0237 7572  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:21:04.0242 7572  HdAudAddService - ok
16:21:04.0258 7572  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:21:04.0259 7572  HDAudBus - ok
16:21:04.0281 7572  [ EE8C05F926521A0E24EDAF40F45D01E6 ] HFGService      C:\Windows\System32\HFGService.dll
16:21:04.0286 7572  HFGService - ok
16:21:04.0303 7572  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:21:04.0305 7572  HidBatt - ok
16:21:04.0327 7572  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:21:04.0329 7572  HidBth - ok
16:21:04.0343 7572  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:21:04.0345 7572  HidIr - ok
16:21:04.0350 7572  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
16:21:04.0352 7572  hidserv - ok
16:21:04.0375 7572  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:21:04.0376 7572  HidUsb - ok
16:21:04.0410 7572  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:21:04.0413 7572  hkmsvc - ok
16:21:04.0443 7572  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:21:04.0448 7572  HomeGroupListener - ok
16:21:04.0456 7572  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:21:04.0462 7572  HomeGroupProvider - ok
16:21:04.0488 7572  [ 15F37D0102A81BA8DB007C68483C1F91 ] hotcore3        C:\Windows\system32\DRIVERS\hotcore3.sys
16:21:04.0490 7572  hotcore3 - ok
16:21:04.0518 7572  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:21:04.0521 7572  HpSAMD - ok
16:21:04.0555 7572  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:21:04.0563 7572  HTTP - ok
16:21:04.0584 7572  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:21:04.0585 7572  hwpolicy - ok
16:21:04.0606 7572  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:21:04.0608 7572  i8042prt - ok
16:21:04.0672 7572  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:21:04.0675 7572  IAANTMON - ok
16:21:04.0695 7572  [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:21:04.0700 7572  iaStor - ok
16:21:04.0721 7572  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:21:04.0726 7572  iaStorV - ok
16:21:04.0780 7572  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:21:04.0782 7572  IDriverT - ok
16:21:04.0821 7572  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:21:04.0828 7572  idsvc - ok
16:21:04.0833 7572  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:21:04.0835 7572  iirsp - ok
16:21:04.0859 7572  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:21:04.0866 7572  IKEEXT - ok
16:21:04.0871 7572  IntcAzAudAddService - ok
16:21:04.0892 7572  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:21:04.0893 7572  intelide - ok
16:21:04.0901 7572  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:21:04.0901 7572  intelppm - ok
16:21:04.0938 7572  [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
16:21:04.0939 7572  IntuitUpdateServiceV4 - ok
16:21:04.0951 7572  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:21:04.0955 7572  IPBusEnum - ok
16:21:04.0979 7572  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:21:04.0981 7572  IpFilterDriver - ok
16:21:05.0011 7572  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:21:05.0018 7572  iphlpsvc - ok
16:21:05.0034 7572  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:21:05.0036 7572  IPMIDRV - ok
16:21:05.0047 7572  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:21:05.0049 7572  IPNAT - ok
16:21:05.0076 7572  [ 02DEF37AB75E0032C50724646F708DE8 ] iPodDrv         C:\Windows\system32\drivers\iPodDrv.sys
16:21:05.0077 7572  iPodDrv - ok
16:21:05.0087 7572  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:21:05.0089 7572  IRENUM - ok
16:21:05.0113 7572  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:21:05.0115 7572  isapnp - ok
16:21:05.0128 7572  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:21:05.0132 7572  iScsiPrt - ok
16:21:05.0147 7572  [ 9C6F3F69163133FB8E56AC4A6E163452 ] ISODrive        C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
16:21:05.0148 7572  ISODrive - ok
16:21:05.0214 7572  [ F3A41EC4C6506E76E07A219B3A1DF8D2 ] JMB36X          C:\Windows\SysWOW64\XSrvSetup.exe
16:21:05.0219 7572  JMB36X - ok
16:21:05.0237 7572  [ 50DE7DD7EDB1B512B13666588AEFBF6F ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
16:21:05.0239 7572  JRAID - ok
16:21:05.0289 7572  [ 8BBD13D7AE60C95258208153120B7D79 ] JumpDesktop     C:\Program Files (x86)\Jump Desktop\JumpService.exe
16:21:05.0290 7572  JumpDesktop - ok
16:21:05.0303 7572  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:21:05.0304 7572  kbdclass - ok
16:21:05.0328 7572  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:21:05.0330 7572  kbdhid - ok
16:21:05.0340 7572  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
16:21:05.0343 7572  KeyIso - ok
16:21:05.0347 7572  KMService - ok
16:21:05.0360 7572  [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:21:05.0362 7572  KSecDD - ok
16:21:05.0394 7572  [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:21:05.0397 7572  KSecPkg - ok
16:21:05.0405 7572  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:21:05.0407 7572  ksthunk - ok
16:21:05.0423 7572  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:21:05.0430 7572  KtmRm - ok
16:21:05.0445 7572  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:21:05.0451 7572  LanmanServer - ok
16:21:05.0475 7572  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:21:05.0481 7572  LanmanWorkstation - ok
16:21:05.0491 7572  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:21:05.0493 7572  lltdio - ok
16:21:05.0505 7572  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:21:05.0511 7572  lltdsvc - ok
16:21:05.0515 7572  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:21:05.0518 7572  lmhosts - ok
16:21:05.0584 7572  [ D55A7D0553C7102F63872936C7A9D9DB ] LMIGuardianSvc  D:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
16:21:05.0587 7572  LMIGuardianSvc - ok
16:21:05.0600 7572  [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo         D:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
16:21:05.0600 7572  LMIInfo - ok
16:21:05.0615 7572  [ A7D256C8847DF6E88BDDB55F87E54F46 ] LMIMaint        D:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
16:21:05.0616 7572  LMIMaint - ok
16:21:05.0646 7572  [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
16:21:05.0647 7572  lmimirr - ok
16:21:05.0665 7572  LMIRfsClientNP - ok
16:21:05.0679 7572  [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
16:21:05.0680 7572  LMIRfsDriver - ok
16:21:05.0701 7572  [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn         D:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
16:21:05.0704 7572  LogMeIn - ok
16:21:05.0727 7572  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:21:05.0730 7572  LSI_FC - ok
16:21:05.0745 7572  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:21:05.0747 7572  LSI_SAS - ok
16:21:05.0759 7572  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:21:05.0761 7572  LSI_SAS2 - ok
16:21:05.0777 7572  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:21:05.0779 7572  LSI_SCSI - ok
16:21:05.0789 7572  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:21:05.0791 7572  luafv - ok
16:21:05.0838 7572  [ 3BC261009BA66AAEE6E43067FE257D32 ] Marvell RAID    C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe
16:21:05.0841 7572  Marvell RAID - ok
16:21:05.0871 7572  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:21:05.0872 7572  MBAMProtector - ok
16:21:05.0914 7572  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:21:05.0917 7572  MBAMScheduler - ok
16:21:05.0940 7572  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:21:05.0945 7572  MBAMService - ok
16:21:05.0973 7572  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:21:05.0977 7572  Mcx2Svc - ok
16:21:05.0988 7572  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:21:05.0990 7572  megasas - ok
16:21:06.0004 7572  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:21:06.0009 7572  MegaSR - ok
16:21:06.0037 7572  Microsoft SharePoint Workspace Audit Service - ok
16:21:06.0055 7572  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:21:06.0058 7572  MMCSS - ok
16:21:06.0074 7572  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:21:06.0076 7572  Modem - ok
16:21:06.0094 7572  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:21:06.0095 7572  monitor - ok
16:21:06.0119 7572  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:21:06.0120 7572  mouclass - ok
16:21:06.0125 7572  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:21:06.0127 7572  mouhid - ok
16:21:06.0156 7572  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:21:06.0158 7572  mountmgr - ok
16:21:06.0210 7572  [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:21:06.0212 7572  MozillaMaintenance - ok
16:21:06.0238 7572  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:21:06.0241 7572  mpio - ok
16:21:06.0247 7572  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:21:06.0249 7572  mpsdrv - ok
16:21:06.0285 7572  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:21:06.0296 7572  MpsSvc - ok
16:21:06.0349 7572  [ 8881574868E648689B7AA88A88716E17 ] MRUWebService   C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
16:21:06.0350 7572  MRUWebService - ok
16:21:06.0375 7572  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:21:06.0378 7572  MRxDAV - ok
16:21:06.0402 7572  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:21:06.0405 7572  mrxsmb - ok
16:21:06.0430 7572  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:21:06.0434 7572  mrxsmb10 - ok
16:21:06.0459 7572  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:21:06.0462 7572  mrxsmb20 - ok
16:21:06.0479 7572  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:21:06.0482 7572  msahci - ok
16:21:06.0511 7572  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:21:06.0514 7572  msdsm - ok
16:21:06.0532 7572  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:21:06.0537 7572  MSDTC - ok
16:21:06.0558 7572  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:21:06.0560 7572  Msfs - ok
16:21:06.0568 7572  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:21:06.0570 7572  mshidkmdf - ok
16:21:06.0587 7572  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:21:06.0589 7572  msisadrv - ok
16:21:06.0609 7572  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:21:06.0614 7572  MSiSCSI - ok
16:21:06.0619 7572  msiserver - ok
16:21:06.0632 7572  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:21:06.0634 7572  MSKSSRV - ok
16:21:06.0645 7572  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:21:06.0646 7572  MSPCLOCK - ok
16:21:06.0658 7572  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:21:06.0660 7572  MSPQM - ok
16:21:06.0692 7572  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:21:06.0697 7572  MsRPC - ok
16:21:06.0727 7572  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:21:06.0728 7572  mssmbios - ok
16:21:06.0744 7572  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:21:06.0745 7572  MSTEE - ok
16:21:06.0754 7572  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:21:06.0756 7572  MTConfig - ok
16:21:06.0765 7572  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:21:06.0767 7572  Mup - ok
16:21:06.0794 7572  [ 6AF2640B5D7202FA0D96467318D4592E ] mv91cons        C:\Windows\system32\DRIVERS\mv91cons.sys
16:21:06.0796 7572  mv91cons - ok
16:21:06.0830 7572  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:21:06.0839 7572  napagent - ok
16:21:06.0851 7572  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:21:06.0856 7572  NativeWifiP - ok
16:21:06.0884 7572  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:21:06.0895 7572  NDIS - ok
16:21:06.0920 7572  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:21:06.0922 7572  NdisCap - ok
16:21:06.0932 7572  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:21:06.0933 7572  NdisTapi - ok
16:21:06.0966 7572  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:21:06.0968 7572  Ndisuio - ok
16:21:06.0991 7572  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:21:06.0994 7572  NdisWan - ok
16:21:07.0014 7572  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:21:07.0016 7572  NDProxy - ok
16:21:07.0048 7572  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:21:07.0049 7572  NetBIOS - ok
16:21:07.0073 7572  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:21:07.0076 7572  NetBT - ok
16:21:07.0090 7572  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
16:21:07.0093 7572  Netlogon - ok
16:21:07.0114 7572  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:21:07.0121 7572  Netman - ok
16:21:07.0167 7572  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:07.0169 7572  NetMsmqActivator - ok
16:21:07.0175 7572  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:07.0176 7572  NetPipeActivator - ok
16:21:07.0195 7572  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:21:07.0203 7572  netprofm - ok
16:21:07.0246 7572  [ 5EB01F698C4E2C11598934D4540047CA ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
16:21:07.0270 7572  netr28ux - ok
16:21:07.0303 7572  [ 81B8D0C1CE44A7FDBD596B693783950C ] netr7364        C:\Windows\system32\DRIVERS\netr7364.sys
16:21:07.0312 7572  netr7364 - ok
16:21:07.0318 7572  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:07.0320 7572  NetTcpActivator - ok
16:21:07.0326 7572  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:07.0327 7572  NetTcpPortSharing - ok
16:21:07.0340 7572  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:21:07.0342 7572  nfrd960 - ok
16:21:07.0368 7572  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:21:07.0374 7572  NlaSvc - ok
16:21:07.0405 7572  [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc        C:\Windows\SysWOW64\nlssrv32.exe
16:21:07.0408 7572  nlsX86cc - ok
16:21:07.0439 7572  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
16:21:07.0441 7572  NPF - ok
16:21:07.0450 7572  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:21:07.0452 7572  Npfs - ok
16:21:07.0466 7572  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:21:07.0470 7572  nsi - ok
16:21:07.0482 7572  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:21:07.0483 7572  nsiproxy - ok
16:21:07.0534 7572  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:21:07.0559 7572  Ntfs - ok
16:21:07.0569 7572  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:21:07.0570 7572  Null - ok
16:21:07.0599 7572  [ 785298579B5F9B4032152DFBB992FDB6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
16:21:07.0601 7572  nusb3hub - ok
16:21:07.0630 7572  [ DF2750481B4964814467C974F2B0EEF1 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:21:07.0633 7572  nusb3xhc - ok
16:21:07.0660 7572  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:21:07.0663 7572  nvraid - ok
16:21:07.0685 7572  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:21:07.0688 7572  nvstor - ok
16:21:07.0712 7572  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:21:07.0715 7572  nv_agp - ok
16:21:07.0742 7572  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
16:21:07.0743 7572  ohci1394 - ok
16:21:07.0790 7572  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:21:07.0791 7572  ose - ok
16:21:07.0914 7572  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:21:07.0936 7572  osppsvc - ok
16:21:07.0956 7572  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:21:07.0961 7572  p2pimsvc - ok
16:21:07.0977 7572  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:21:07.0983 7572  p2psvc - ok
16:21:07.0997 7572  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:21:07.0999 7572  Parport - ok
16:21:08.0026 7572  [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:21:08.0027 7572  partmgr - ok
16:21:08.0042 7572  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:21:08.0045 7572  PcaSvc - ok
16:21:08.0070 7572  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:21:08.0072 7572  pci - ok
16:21:08.0082 7572  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:21:08.0083 7572  pciide - ok
16:21:08.0089 7572  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:21:08.0091 7572  pcmcia - ok
16:21:08.0104 7572  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:21:08.0105 7572  pcw - ok
16:21:08.0123 7572  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:21:08.0128 7572  PEAUTH - ok
16:21:08.0142 7572  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:21:08.0154 7572  PeerDistSvc - ok
16:21:08.0173 7572  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:21:08.0175 7572  PerfHost - ok
16:21:08.0242 7572  [ 25367AFF274D7DF637B7D5336246773E ] PhoneMyPC_Helper D:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe
16:21:08.0243 7572  PhoneMyPC_Helper - ok
16:21:08.0286 7572  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:21:08.0310 7572  pla - ok
16:21:08.0337 7572  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:21:08.0345 7572  PlugPlay - ok
16:21:08.0360 7572  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:21:08.0365 7572  PNRPAutoReg - ok
16:21:08.0373 7572  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:21:08.0378 7572  PNRPsvc - ok
16:21:08.0397 7572  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:21:08.0404 7572  PolicyAgent - ok
16:21:08.0424 7572  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:21:08.0429 7572  Power - ok
16:21:08.0449 7572  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:21:08.0450 7572  PptpMiniport - ok
16:21:08.0455 7572  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:21:08.0456 7572  Processor - ok
16:21:08.0477 7572  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
16:21:08.0481 7572  ProfSvc - ok
16:21:08.0485 7572  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
16:21:08.0486 7572  ProtectedStorage - ok
16:21:08.0503 7572  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:21:08.0504 7572  Psched - ok
16:21:08.0538 7572  [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:21:08.0539 7572  PSI_SVC_2 - ok
16:21:08.0568 7572  [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:21:08.0570 7572  PxHlpa64 - ok
16:21:08.0574 7572  PzWDM - ok
16:21:08.0597 7572  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:21:08.0619 7572  ql2300 - ok
16:21:08.0634 7572  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:21:08.0636 7572  ql40xx - ok
16:21:08.0650 7572  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:21:08.0654 7572  QWAVE - ok
16:21:08.0663 7572  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:21:08.0664 7572  QWAVEdrv - ok
16:21:08.0674 7572  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:21:08.0676 7572  RasAcd - ok
16:21:08.0685 7572  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:21:08.0686 7572  RasAgileVpn - ok
16:21:08.0698 7572  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:21:08.0701 7572  RasAuto - ok
16:21:08.0731 7572  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:21:08.0733 7572  Rasl2tp - ok
16:21:08.0762 7572  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:21:08.0770 7572  RasMan - ok
16:21:08.0786 7572  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:21:08.0788 7572  RasPppoe - ok
16:21:08.0796 7572  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:21:08.0798 7572  RasSstp - ok
16:21:08.0813 7572  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:21:08.0818 7572  rdbss - ok
16:21:08.0824 7572  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:21:08.0826 7572  rdpbus - ok
16:21:08.0840 7572  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:21:08.0841 7572  RDPCDD - ok
16:21:08.0874 7572  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:21:08.0876 7572  RDPDR - ok
16:21:08.0889 7572  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:21:08.0890 7572  RDPENCDD - ok
16:21:08.0902 7572  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:21:08.0903 7572  RDPREFMP - ok
16:21:08.0933 7572  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:21:08.0934 7572  RdpVideoMiniport - ok
16:21:08.0959 7572  [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:21:08.0962 7572  RDPWD - ok
16:21:08.0990 7572  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:21:08.0994 7572  rdyboost - ok
16:21:09.0045 7572  [ 8016345FC9A10A613591C5821CE33B9C ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
16:21:09.0047 7572  ReflectService.exe - ok
16:21:09.0078 7572  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:21:09.0083 7572  RemoteAccess - ok
16:21:09.0091 7572  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:21:09.0096 7572  RemoteRegistry - ok
16:21:09.0116 7572  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:21:09.0119 7572  RFCOMM - ok
16:21:09.0149 7572  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
16:21:09.0149 7572  rpcapd - ok
16:21:09.0164 7572  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:21:09.0166 7572  RpcEptMapper - ok
16:21:09.0186 7572  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:21:09.0189 7572  RpcLocator - ok
16:21:09.0223 7572  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\System32\rpcss.dll
16:21:09.0227 7572  RpcSs - ok
16:21:09.0237 7572  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:21:09.0238 7572  rspndr - ok
16:21:09.0268 7572  [ 0039DE6A0A1293889A3F21ECC473263D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:21:09.0271 7572  RTL8167 - ok
16:21:09.0293 7572  [ 2B38C905492F36FE42B59DA52D6B4EB7 ] RtNdPt60        C:\Windows\system32\DRIVERS\RtNdPt60.sys
16:21:09.0294 7572  RtNdPt60 - ok
16:21:09.0307 7572  [ 3183388DA27655085960A22B4B29CAA9 ] RTTEAMPT        C:\Windows\system32\DRIVERS\RtTeam60.sys
16:21:09.0308 7572  RTTEAMPT - ok
16:21:09.0338 7572  [ 8B6B42D782202363A562F82B0E13B1C0 ] RTVLANPT        C:\Windows\system32\DRIVERS\RtVlan60.sys
16:21:09.0339 7572  RTVLANPT - ok
16:21:09.0365 7572  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:21:09.0366 7572  s3cap - ok
16:21:09.0373 7572  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
16:21:09.0375 7572  SamSs - ok
16:21:09.0420 7572  [ 328100AF2EFD951EAB657384EC361B6F ] SamsungAllShareV2.0 D:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
16:21:09.0421 7572  SamsungAllShareV2.0 - ok
16:21:09.0453 7572  [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA          d:\Program Files\SiSoftware\SiSoftware Sandra Professional Home 2011\WNt500x64\Sandra.sys
16:21:09.0454 7572  SANDRA - ok
16:21:09.0464 7572  [ 46DDC984860A694D1CA838A773FF1974 ] SandraAgentSrv  d:\Program Files\SiSoftware\SiSoftware Sandra Professional Home 2011\RpcAgentSrv.exe
16:21:09.0465 7572  SandraAgentSrv - ok
16:21:09.0523 7572  [ E6C0EA194B4A98F6645502A52359E0AC ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
16:21:09.0524 7572  SbieDrv - ok
16:21:09.0543 7572  [ B435855D3A6B221574000792B615B8EA ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
16:21:09.0544 7572  SbieSvc - ok
16:21:09.0573 7572  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
16:21:09.0576 7572  sbp2port - ok
16:21:09.0585 7572  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:21:09.0591 7572  SCardSvr - ok
16:21:09.0620 7572  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:21:09.0622 7572  scfilter - ok
16:21:09.0665 7572  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:21:09.0678 7572  Schedule - ok
16:21:09.0702 7572  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:21:09.0703 7572  SCPolicySvc - ok
16:21:09.0761 7572  [ 958E956E119EB7B9ABA142AFED1B5FF4 ] ScsiAccess      c:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
16:21:09.0763 7572  ScsiAccess - ok
16:21:09.0798 7572  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:21:09.0803 7572  SDRSVC - ok
16:21:09.0812 7572  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:21:09.0814 7572  secdrv - ok
16:21:09.0842 7572  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:21:09.0846 7572  seclogon - ok
16:21:09.0872 7572  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
16:21:09.0876 7572  SENS - ok
16:21:09.0890 7572  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:21:09.0895 7572  SensrSvc - ok
16:21:09.0908 7572  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:21:09.0909 7572  Serenum - ok
16:21:09.0920 7572  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:21:09.0922 7572  Serial - ok
16:21:09.0951 7572  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:21:09.0952 7572  sermouse - ok
16:21:09.0987 7572  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:21:09.0991 7572  SessionEnv - ok
16:21:10.0018 7572  [ 18A4EB256E35A6DD233C4D005835879A ] SetupARService  C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
16:21:10.0019 7572  SetupARService - ok
16:21:10.0040 7572  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:21:10.0042 7572  sffdisk - ok
16:21:10.0048 7572  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:21:10.0050 7572  sffp_mmc - ok
16:21:10.0065 7572  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:21:10.0066 7572  sffp_sd - ok
16:21:10.0078 7572  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:21:10.0080 7572  sfloppy - ok
16:21:10.0122 7572  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:21:10.0128 7572  SharedAccess - ok
16:21:10.0168 7572  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:21:10.0176 7572  ShellHWDetection - ok
16:21:10.0198 7572  [ 1980FE1F5A32067DAD1D8776B63C2669 ] SimpleSlideShowServer D:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
16:21:10.0198 7572  SimpleSlideShowServer - ok
16:21:10.0221 7572  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:21:10.0223 7572  SiSRaid2 - ok
16:21:10.0240 7572  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:21:10.0242 7572  SiSRaid4 - ok
16:21:10.0363 7572  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:21:10.0383 7572  Skype C2C Service - ok
16:21:10.0438 7572  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:21:10.0440 7572  SkypeUpdate - ok
16:21:10.0453 7572  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:21:10.0456 7572  Smb - ok
16:21:10.0489 7572  [ F26AAD9ADFC9B62AC59A004A913C92DA ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
16:21:10.0493 7572  snapman - ok
16:21:10.0506 7572  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:21:10.0510 7572  SNMPTRAP - ok
16:21:10.0573 7572  [ C94279F34B1F39ED2F6D2DDCB4E6CDCB ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
16:21:10.0577 7572  SplashtopRemoteService - ok
16:21:10.0592 7572  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:21:10.0594 7572  spldr - ok
16:21:10.0626 7572  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
16:21:10.0635 7572  Spooler - ok
16:21:10.0707 7572  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:21:10.0749 7572  sppsvc - ok
16:21:10.0757 7572  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:21:10.0760 7572  sppuinotify - ok
16:21:10.0791 7572  [ C1F1E964D5FA733F7A4E641F07D6C8B5 ] sptd            C:\Windows\system32\Drivers\sptd.sys
16:21:10.0791 7572  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: C1F1E964D5FA733F7A4E641F07D6C8B5
16:21:10.0794 7572  sptd ( LockedFile.Multi.Generic ) - warning
16:21:10.0794 7572  sptd - detected LockedFile.Multi.Generic (1)
16:21:10.0821 7572  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:21:10.0825 7572  srv - ok
16:21:10.0841 7572  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:21:10.0844 7572  srv2 - ok
16:21:10.0865 7572  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:21:10.0867 7572  srvnet - ok
16:21:10.0888 7572  [ D52282225D5BD73A9CBF420699D1A0FE ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
16:21:10.0891 7572  ssadbus - ok
16:21:10.0926 7572  [ F7936AC6E8437E10E1AE488CE21F3086 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
16:21:10.0928 7572  ssadmdfl - ok
16:21:10.0954 7572  [ 1FE033372A58C67B3ECCA903FC637B36 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
16:21:10.0957 7572  ssadmdm - ok
16:21:10.0977 7572  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:21:10.0981 7572  SSDPSRV - ok
16:21:10.0993 7572  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:21:10.0997 7572  SstpSvc - ok
16:21:11.0021 7572  [ A3DB02B3FE0884E9167E457D167C8A73 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
16:21:11.0023 7572  ssudmdm - ok
16:21:11.0115 7572  [ 6E6B9B863C5B894F3C6A60680C7317A4 ] SSUService      C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
16:21:11.0120 7572  SSUService - ok
16:21:11.0135 7572  Steam Client Service - ok
16:21:11.0147 7572  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:21:11.0148 7572  stexstor - ok
16:21:11.0186 7572  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:21:11.0195 7572  stisvc - ok
16:21:11.0217 7572  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:21:11.0219 7572  storflt - ok
16:21:11.0226 7572  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
16:21:11.0230 7572  StorSvc - ok
16:21:11.0270 7572  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:21:11.0272 7572  storvsc - ok
16:21:11.0294 7572  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:21:11.0295 7572  swenum - ok
16:21:11.0382 7572  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:21:11.0386 7572  SwitchBoard - ok
16:21:11.0411 7572  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:21:11.0421 7572  swprv - ok
16:21:11.0429 7572  Synth3dVsc - ok
16:21:11.0482 7572  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:21:11.0516 7572  SysMain - ok
16:21:11.0544 7572  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:21:11.0549 7572  TabletInputService - ok
16:21:11.0574 7572  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:21:11.0581 7572  TapiSrv - ok
16:21:11.0597 7572  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:21:11.0602 7572  TBS - ok
16:21:11.0653 7572  [ FC62769E7BFF2896035AEED399108162 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:21:11.0677 7572  Tcpip - ok
16:21:11.0698 7572  [ FC62769E7BFF2896035AEED399108162 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:21:11.0706 7572  TCPIP6 - ok
16:21:11.0731 7572  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:21:11.0732 7572  tcpipreg - ok
16:21:11.0742 7572  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:21:11.0744 7572  TDPIPE - ok
16:21:11.0776 7572  [ 7BC43335C778370FD0040D5224D8EDEB ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
16:21:11.0786 7572  tdrpman - ok
16:21:11.0799 7572  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:21:11.0800 7572  TDTCP - ok
16:21:11.0819 7572  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:21:11.0821 7572  tdx - ok
16:21:11.0832 7572  [ 3183388DA27655085960A22B4B29CAA9 ] TEAM            C:\Windows\system32\DRIVERS\RtTeam60.sys
16:21:11.0832 7572  TEAM - ok
16:21:11.0845 7572  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:21:11.0845 7572  TermDD - ok
16:21:11.0878 7572  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:21:11.0885 7572  TermService - ok
16:21:11.0896 7572  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:21:11.0898 7572  Themes - ok
16:21:11.0912 7572  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:21:11.0914 7572  THREADORDER - ok
16:21:11.0956 7572  [ 7D68EAB50DF8B71408B645BA8581800E ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
16:21:11.0967 7572  timounter - ok
16:21:12.0004 7572  [ EFEF22B9577E5051057FDE1AE381B50C ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
16:21:12.0005 7572  TomTomHOMEService - ok
16:21:12.0026 7572  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:21:12.0032 7572  TrkWks - ok
16:21:12.0079 7572  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:21:12.0080 7572  TrustedInstaller - ok
16:21:12.0109 7572  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:21:12.0110 7572  tssecsrv - ok
16:21:12.0130 7572  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:21:12.0132 7572  TsUsbFlt - ok
16:21:12.0139 7572  tsusbhub - ok
16:21:12.0159 7572  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:21:12.0161 7572  tunnel - ok
16:21:12.0181 7572  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:21:12.0183 7572  uagp35 - ok
16:21:12.0214 7572  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:21:12.0219 7572  udfs - ok
16:21:12.0252 7572  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:21:12.0257 7572  UI0Detect - ok
16:21:12.0276 7572  [ EF07F8743762F327D5326F2E3392E816 ] UimBus          C:\Windows\system32\DRIVERS\uimx64.sys
16:21:12.0278 7572  UimBus - ok
16:21:12.0295 7572  [ E97A8698A87586029F0CE950AEA506C1 ] Uim_IM          C:\Windows\system32\Drivers\Uim_IMx64.sys
16:21:12.0297 7572  Uim_IM - ok
16:21:12.0313 7572  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:21:12.0315 7572  uliagpkx - ok
16:21:12.0344 7572  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:21:12.0346 7572  umbus - ok
16:21:12.0361 7572  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:21:12.0363 7572  UmPass - ok
16:21:12.0377 7572  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
16:21:12.0383 7572  UmRdpService - ok
16:21:12.0398 7572  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:21:12.0404 7572  upnphost - ok
16:21:12.0440 7572  [ DD8064FF60ACB855552FF999CB6076CD ] USB28xxBGA      C:\Windows\system32\DRIVERS\emBDA64.sys
16:21:12.0446 7572  USB28xxBGA - ok
16:21:12.0471 7572  [ 19B65BEF83E549087633328C5EA338EE ] USB28xxOEM      C:\Windows\system32\DRIVERS\emOEM64.sys
16:21:12.0481 7572  USB28xxOEM - ok
16:21:12.0496 7572  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:21:12.0498 7572  usbaudio - ok
16:21:12.0515 7572  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:21:12.0517 7572  usbccgp - ok
16:21:12.0545 7572  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:21:12.0547 7572  usbcir - ok
16:21:12.0574 7572  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:21:12.0576 7572  usbehci - ok
16:21:12.0591 7572  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:21:12.0595 7572  usbhub - ok
16:21:12.0612 7572  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:21:12.0613 7572  usbohci - ok
16:21:12.0623 7572  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:21:12.0625 7572  usbprint - ok
16:21:12.0655 7572  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:21:12.0657 7572  USBSTOR - ok
16:21:12.0674 7572  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:21:12.0676 7572  usbuhci - ok
16:21:12.0707 7572  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:21:12.0709 7572  usbvideo - ok
16:21:12.0725 7572  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:21:12.0728 7572  UxSms - ok
16:21:12.0740 7572  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
16:21:12.0742 7572  VaultSvc - ok
16:21:12.0879 7572  [ C83D714B7CA4286515B5954B8F8C3C1F ] VBoxDrv         d:\Program Files (x86)\YouWave Android\vb\VBoxDrv.sys
16:21:12.0881 7572  VBoxDrv - ok
16:21:12.0889 7572  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:21:12.0891 7572  vdrvroot - ok
16:21:12.0932 7572  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:21:12.0940 7572  vds - ok
16:21:12.0957 7572  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:21:12.0959 7572  vga - ok
16:21:12.0978 7572  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:21:12.0979 7572  VgaSave - ok
16:21:12.0986 7572  VGPU - ok
16:21:13.0012 7572  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:21:13.0015 7572  vhdmp - ok
16:21:13.0041 7572  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:21:13.0043 7572  viaide - ok
16:21:13.0085 7572  [ 905DD422D28A32FACE8AE695B3823843 ] vidsflt67       C:\Windows\system32\DRIVERS\vsflt67.sys
16:21:13.0088 7572  vidsflt67 - ok
16:21:13.0104 7572  [ 8B6B42D782202363A562F82B0E13B1C0 ] VLAN            C:\Windows\system32\DRIVERS\RtVLAN60.sys
16:21:13.0105 7572  VLAN - ok
16:21:13.0134 7572  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:21:13.0137 7572  vmbus - ok
16:21:13.0160 7572  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:21:13.0162 7572  VMBusHID - ok
16:21:13.0189 7572  [ 93F279A2C172562050700A18FA84BE2E ] vncmirror       C:\Windows\system32\DRIVERS\vncmirror.sys
16:21:13.0191 7572  vncmirror - ok
16:21:13.0304 7572  [ 2ADFBDEFBDB38ACFFA5F05827E7A3FD9 ] vncserver       C:\Program Files\RealVNC\VNC Server\vncserver.exe
16:21:13.0330 7572  vncserver - ok
16:21:13.0360 7572  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:21:13.0361 7572  volmgr - ok
16:21:13.0387 7572  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:21:13.0392 7572  volmgrx - ok
16:21:13.0426 7572  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:21:13.0430 7572  volsnap - ok
16:21:13.0450 7572  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:21:13.0453 7572  vsmraid - ok
16:21:13.0501 7572  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:21:13.0527 7572  VSS - ok
16:21:13.0544 7572  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:21:13.0545 7572  vwifibus - ok
16:21:13.0557 7572  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:21:13.0559 7572  vwififlt - ok
16:21:13.0582 7572  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:21:13.0583 7572  vwifimp - ok
16:21:13.0606 7572  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:21:13.0613 7572  W32Time - ok
16:21:13.0635 7572  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:21:13.0637 7572  WacomPen - ok
16:21:13.0662 7572  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:21:13.0664 7572  WANARP - ok
16:21:13.0671 7572  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:21:13.0672 7572  Wanarpv6 - ok
16:21:13.0718 7572  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:21:13.0733 7572  WatAdminSvc - ok
16:21:13.0764 7572  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:21:13.0789 7572  wbengine - ok
16:21:13.0796 7572  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:21:13.0801 7572  WbioSrvc - ok
16:21:13.0832 7572  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:21:13.0839 7572  wcncsvc - ok
16:21:13.0856 7572  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:21:13.0861 7572  WcsPlugInService - ok
16:21:13.0878 7572  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:21:13.0880 7572  Wd - ok
16:21:13.0914 7572  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
16:21:13.0916 7572  WDC_SAM - ok
16:21:13.0935 7572  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:21:13.0942 7572  Wdf01000 - ok
16:21:13.0959 7572  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:21:13.0964 7572  WdiServiceHost - ok
16:21:13.0971 7572  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:21:13.0975 7572  WdiSystemHost - ok
16:21:14.0005 7572  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:21:14.0010 7572  WebClient - ok
16:21:14.0017 7572  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:21:14.0021 7572  Wecsvc - ok
16:21:14.0036 7572  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:21:14.0040 7572  wercplsupport - ok
16:21:14.0050 7572  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:21:14.0053 7572  WerSvc - ok
16:21:14.0064 7572  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:21:14.0066 7572  WfpLwf - ok
16:21:14.0075 7572  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:21:14.0077 7572  WIMMount - ok
16:21:14.0093 7572  WinDefend - ok
16:21:14.0105 7572  WinHttpAutoProxySvc - ok
16:21:14.0149 7572  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:21:14.0152 7572  Winmgmt - ok
16:21:14.0186 7572  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:21:14.0220 7572  WinRM - ok
16:21:14.0260 7572  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:21:14.0262 7572  WinUsb - ok
16:21:14.0288 7572  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:21:14.0299 7572  Wlansvc - ok
16:21:14.0328 7572  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:21:14.0329 7572  WmiAcpi - ok
16:21:14.0349 7572  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:21:14.0365 7572  wmiApSrv - ok
16:21:14.0374 7572  WMPNetworkSvc - ok
16:21:14.0393 7572  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:21:14.0397 7572  WPCSvc - ok
16:21:14.0405 7572  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:21:14.0410 7572  WPDBusEnum - ok
16:21:14.0424 7572  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:21:14.0425 7572  ws2ifsl - ok
16:21:14.0433 7572  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
16:21:14.0437 7572  wscsvc - ok
16:21:14.0454 7572  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
16:21:14.0455 7572  WSDPrintDevice - ok
16:21:14.0460 7572  WSearch - ok
16:21:14.0532 7572  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:21:14.0575 7572  wuauserv - ok
16:21:14.0611 7572  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:21:14.0613 7572  WudfPf - ok
16:21:14.0626 7572  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:21:14.0630 7572  WUDFRd - ok
16:21:14.0650 7572  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:21:14.0656 7572  wudfsvc - ok
16:21:14.0667 7572  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:21:14.0675 7572  WwanSvc - ok
16:21:14.0737 7572  [ 7868F4758712393CB08A82917A8A9927 ] WysePocketCloud C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
16:21:14.0738 7572  WysePocketCloud - ok
16:21:14.0790 7572  ================ Scan global ===============================
16:21:14.0815 7572  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:21:14.0838 7572  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:21:14.0849 7572  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:21:14.0864 7572  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:21:14.0889 7572  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:21:14.0896 7572  [Global] - ok
16:21:14.0896 7572  ================ Scan MBR ==================================
16:21:14.0910 7572  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk4\DR4
16:21:15.0101 7572  \Device\Harddisk4\DR4 - ok
16:21:15.0104 7572  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
16:21:15.0152 7572  \Device\Harddisk5\DR5 - ok
16:21:15.0154 7572  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
16:21:15.0613 7572  \Device\Harddisk0\DR0 - ok
16:21:15.0615 7572  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:21:15.0669 7572  \Device\Harddisk1\DR1 - ok
16:21:15.0672 7572  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
16:21:15.0720 7572  \Device\Harddisk2\DR2 - ok
16:21:15.0722 7572  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
16:21:15.0769 7572  \Device\Harddisk3\DR3 - ok
16:21:15.0772 7572  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk6\DR6
16:21:15.0859 7572  \Device\Harddisk6\DR6 - ok
16:21:15.0862 7572  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk7\DR7
16:21:15.0960 7572  \Device\Harddisk7\DR7 - ok
16:21:15.0963 7572  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk8\DR8
16:21:16.0035 7572  \Device\Harddisk8\DR8 - ok
16:21:16.0048 7572  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk10\DR10
16:21:16.0143 7572  \Device\Harddisk10\DR10 - ok
16:21:16.0147 7572  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk11\DR11
16:21:16.0258 7572  \Device\Harddisk11\DR11 - ok
16:21:16.0261 7572  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk12\DR12
16:21:22.0573 7572  \Device\Harddisk12\DR12 - ok
16:21:22.0576 7572  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk13\DR13
16:21:22.0703 7572  \Device\Harddisk13\DR13 - ok
16:21:22.0707 7572  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk14\DR14
16:21:22.0833 7572  \Device\Harddisk14\DR14 - ok
16:21:22.0849 7572  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk9\DR9
16:21:22.0959 7572  \Device\Harddisk9\DR9 - ok
16:21:22.0959 7572  ================ Scan VBR ==================================
16:21:22.0962 7572  [ A3A1CE1FE666C092C473BB8C153CE1B7 ] \Device\Harddisk4\DR4\Partition1
16:21:22.0963 7572  \Device\Harddisk4\DR4\Partition1 - ok
16:21:22.0974 7572  [ 9C79194A0A1C8DE9CB551FADEB45B81A ] \Device\Harddisk4\DR4\Partition2
16:21:22.0976 7572  \Device\Harddisk4\DR4\Partition2 - ok
16:21:22.0993 7572  [ 1332F9A6DEBE1ED5CD2E5EF1D6A33F17 ] \Device\Harddisk4\DR4\Partition3
16:21:22.0995 7572  \Device\Harddisk4\DR4\Partition3 - ok
16:21:22.0997 7572  [ B4250F2765E4AE59E3FAA88463BF4665 ] \Device\Harddisk5\DR5\Partition1
16:21:22.0999 7572  \Device\Harddisk5\DR5\Partition1 - ok
16:21:23.0002 7572  [ A749BD338332B04C285239F89D510DFA ] \Device\Harddisk0\DR0\Partition1
16:21:23.0003 7572  \Device\Harddisk0\DR0\Partition1 - ok
16:21:23.0006 7572  [ 3FC0A90C9423D831665D4C5F9C0C1158 ] \Device\Harddisk1\DR1\Partition1
16:21:23.0008 7572  \Device\Harddisk1\DR1\Partition1 - ok
16:21:23.0011 7572  [ 79CA81C3DA0CE925A43ED7F1645E9584 ] \Device\Harddisk2\DR2\Partition1
16:21:23.0013 7572  \Device\Harddisk2\DR2\Partition1 - ok
16:21:23.0016 7572  [ 33FE8F4AF482ADF474A7BB1C177834B6 ] \Device\Harddisk3\DR3\Partition1
16:21:23.0018 7572  \Device\Harddisk3\DR3\Partition1 - ok
16:21:23.0020 7572  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk6\DR6\Partition1
16:21:23.0021 7572  \Device\Harddisk6\DR6\Partition1 - ok
16:21:23.0030 7572  [ 13844067411A748FBDD123FE5D846C2A ] \Device\Harddisk6\DR6\Partition2
16:21:23.0032 7572  \Device\Harddisk6\DR6\Partition2 - ok
16:21:23.0035 7572  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk7\DR7\Partition1
16:21:23.0036 7572  \Device\Harddisk7\DR7\Partition1 - ok
16:21:23.0039 7572  [ 0F8BFAE209AA6BBB350AF5060450C40A ] \Device\Harddisk7\DR7\Partition2
16:21:23.0041 7572  \Device\Harddisk7\DR7\Partition2 - ok
16:21:23.0043 7572  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk8\DR8\Partition1
16:21:23.0044 7572  \Device\Harddisk8\DR8\Partition1 - ok
16:21:23.0047 7572  [ 242C974E0505278377CA9924FA5454FF ] \Device\Harddisk8\DR8\Partition2
16:21:23.0048 7572  \Device\Harddisk8\DR8\Partition2 - ok
16:21:23.0055 7572  [ 8A3587DC0C4DFA9E958A7851D9C04BAC ] \Device\Harddisk10\DR10\Partition1
16:21:23.0057 7572  \Device\Harddisk10\DR10\Partition1 - ok
16:21:23.0059 7572  [ 665705EA82BD4483D6E1E31371A6F5AA ] \Device\Harddisk11\DR11\Partition1
16:21:23.0061 7572  \Device\Harddisk11\DR11\Partition1 - ok
16:21:23.0063 7572  [ A4AB7860FD21295F6F5F25EBDB1278A0 ] \Device\Harddisk12\DR12\Partition1
16:21:23.0066 7572  \Device\Harddisk12\DR12\Partition1 - ok
16:21:23.0068 7572  [ 11EC4451256AC245BF570B380DB27AD3 ] \Device\Harddisk13\DR13\Partition1
16:21:23.0071 7572  \Device\Harddisk13\DR13\Partition1 - ok
16:21:23.0073 7572  [ 2CE8E74844DF002E2415F48511978F9F ] \Device\Harddisk14\DR14\Partition1
16:21:23.0076 7572  \Device\Harddisk14\DR14\Partition1 - ok
16:21:23.0078 7572  [ 4D2BC38F2B0E624E15D0A4E48DC2D921 ] \Device\Harddisk9\DR9\Partition1
16:21:23.0080 7572  \Device\Harddisk9\DR9\Partition1 - ok
16:21:23.0080 7572  ============================================================
16:21:23.0080 7572  Scan finished
16:21:23.0080 7572  ============================================================
16:21:23.0085 7564  Detected object count: 1
16:21:23.0085 7564  Actual detected object count: 1
16:22:58.0339 7564  C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
16:22:58.0340 7564  sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine 
16:23:07.0164 4448  ============================================================
 

AdwCleaner[R1]

 

# AdwCleaner v2.301 - Logfile created 06/04/2013 at 16:37:19

# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Enterprise Service Pack 1 (64 bits)
# User : skysi - FARSCAPE1
# Boot Mode : Normal
# Running from : D:\Utilities\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
File Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\searchplugins\Ask.xml
File Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\wknzsma9.default\searchplugins\Conduit.xml
File Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\wknzsma9.default\searchplugins\Web Search.xml
File Found : C:\Users\skysi\Documents\Uninstall.exe
Folder Found : C:\ProgramData\APN
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\WeCareReminder
Folder Found : C:\Users\skysi\AppData\Local\Conduit
Folder Found : C:\Users\skysi\AppData\Local\PackageAware
Folder Found : C:\Users\skysi\AppData\LocalLow\Conduit
Folder Found : C:\Users\skysi\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\Conduit
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\ConduitEngine
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\CT1046962
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\CT1460988
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\CT2786678
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\extensions\{03e037d3-f080-4c0b-bdb5-a70c693ae36d}
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\extensions\engine@conduit.com
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\wknzsma9.default\Conduit
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\wknzsma9.default\extensions\staged
Folder Found : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\wknzsma9.default\jetpack
Folder Found : C:\Users\skysi\AppData\Roaming\OpenCandy
 
***** [Registry] *****
 
Key Found : HKCU\Software\pc optimizer pro
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\Software\InfoAtoms
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKU\S-1-5-21-2570261602-3034861705-1254230363-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKU\S-1-5-21-2570261602-3034861705-1254230363-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-2570261602-3034861705-1254230363-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16421
 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoEMon&co=US&userid=96264422-2542-4424-82b0-b9884903ffd4&searchtype=ds&q={searchTerms}
 
-\\ Mozilla Firefox v13.0.1 (en-US)
 
File : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.serge\prefs.js
 
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/10896/10676/US", "\"1-18013[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/2526/2526/US", "\"0\"");
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]
Found : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
Found : user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine");
Found : user_pref("CommunityToolbar.alert.alertEnabled", false);
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Mar 02 2011 22:14:20 GMT-0600 (Centr[...]
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Mar 13 2011 18:35:38 GMT-0500 (Central D[...]
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "6d74bf30-e77f-4556-914a-f90a051d065e");
Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Found : user_pref("ConduitEngine.InstalledDate", "Sat Feb 19 2011 19:11:54 GMT-0600 (Central Standard Time)"[...]
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", false);
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Found : user_pref("ConduitEngine.engineLocale", "en-US");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Found : user_pref("extensions.mediaplayerconnectivity.activityViewPoint", false);
Found : user_pref("extensions.mediaplayerconnectivity.enableAutoplayViewPoint", false);
Found : user_pref("extensions.mediaplayerconnectivity.enableContextMenuViewPoint", true);
Found : user_pref("extensions.mediaplayerconnectivity.enableEmbedViewPoint", true);
Found : user_pref("extensions.mediaplayerconnectivity.enableFileViewPoint", true);
Found : user_pref("extensions.mediaplayerconnectivity.playerparamsviewpoint", "%f");
Found : user_pref("extensions.mediaplayerconnectivity.playerviewpoint", "");
Found : user_pref("extensions.requestpolicy.allowedOrigins", "google.com fileserve.com tactools.org nzblisti[...]
 
File : C:\Users\skysi\AppData\Roaming\Mozilla\Firefox\Profiles\wknzsma9.default\prefs.js
 
Found : user_pref("browser.search.selectedEngine", "Web Search");
 
-\\ Google Chrome v27.0.1453.94
 
File : C:\Users\skysi\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [11623 octets] - [04/06/2013 16:37:19]
 
########## EOF - C:\AdwCleaner[R1].txt - [11684 octets] ##########
 

ESET Threat List

 

C:\ProgramData\svsupdates0\riaiccape.exe a variant of Win32/Injector.Autoit.MB trojan
C:\Qoobox\Quarantine\C\ProgramData\svsupdates0\riaiccape.exe.vir a variant of Win32/Injector.Autoit.MB trojan
C:\Users\All Users\svsupdates0\riaiccape.exe a variant of Win32/Injector.Autoit.MB trojan
C:\Users\skysi\AppData\Roaming\WindowsFilessc\kill.bat Win32/BitCoinMiner.Z application
C:\Users\skysi\Desktop\UVRT-v1.9.1.0-Installer.exe a variant of MSIL/Packed.CryptoObfuscator.C application
C:\Windows\Installer\188eef26.msi a variant of MSIL/Packed.CryptoObfuscator.C application
 
 

MoniToolbox Result

 

MiniToolBox by Farbar  Version:21-04-2013

Ran by skysi (administrator) on 04-06-2013 at 20:44:28
Running from "D:\Utilities"
Windows 7 Enterprise Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: http=;ftp=;https=;
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.gopher", ""
"network.proxy.gopher_port", 0
"network.proxy.share_proxy_settings", true
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
TP-LINK 150Mbps Wireless Lite N Adapter = Wireless Network Connection 2 (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
set subinterface interface=?0 subinterface=ethernet_26 mtu=1477
add address name="Local Area Connection 2" address=177.152.32.2 mask=255.255.0.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Farscape1
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #2
   Physical Address. . . . . . . . . : 1C-6F-65-93-54-DE
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 1C-6F-65-93-54-DC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 52-E6-FC-8B-F1-A9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : TP-LINK 150Mbps Wireless Lite N Adapter
   Physical Address. . . . . . . . . : 54-E6-FC-8B-F1-A9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d1ce:d501:1f0f:9372%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.68(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, June 04, 2013 4:48:51 PM
   Lease Expires . . . . . . . . . . : Wednesday, June 05, 2013 4:48:51 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 424994556
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-03-88-11-1C-6F-65-93-54-DC
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.gateway.2wire.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{2701ABCA-D3B6-4A9C-A6CF-9F66E608E123}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:285c:365a:9c98:e930(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::285c:365a:9c98:e930%51(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  homeportal
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2001:4860:4002:800::1004
 74.125.227.5
 74.125.227.6
 74.125.227.7
 74.125.227.8
 74.125.227.9
 74.125.227.14
 74.125.227.0
 74.125.227.1
 74.125.227.2
 74.125.227.3
 74.125.227.4
 
 
Pinging google.com [74.125.227.6] with 32 bytes of data:
Reply from 74.125.227.6: bytes=32 time=50ms TTL=50
Reply from 74.125.227.6: bytes=32 time=48ms TTL=50
 
Ping statistics for 74.125.227.6:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 48ms, Maximum = 50ms, Average = 49ms
Server:  homeportal
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=628ms TTL=47
Reply from 98.139.183.24: bytes=32 time=631ms TTL=47
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 628ms, Maximum = 631ms, Average = 629ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 6ms, Average = 5ms
===========================================================================
Interface List
 26...1c 6f 65 93 54 de ......Realtek PCIe GBE Family Controller #2
 24...1c 6f 65 93 54 dc ......Realtek PCIe GBE Family Controller
 16...52 e6 fc 8b f1 a9 ......Microsoft Virtual WiFi Miniport Adapter
 13...54 e6 fc 8b f1 a9 ......TP-LINK 150Mbps Wireless Lite N Adapter
  1...........................Software Loopback Interface 1
 52...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 53...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 51...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.68     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.68    281
     192.168.1.68  255.255.255.255         On-link      192.168.1.68    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.68    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.68    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.68    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 51     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 51     58 2001::/32                On-link
 51    306 2001:0:5ef5:79fd:285c:365a:9c98:e930/128
                                    On-link
 13    281 fe80::/64                On-link
 51    306 fe80::/64                On-link
 51    306 fe80::285c:365a:9c98:e930/128
                                    On-link
 13    281 fe80::d1ce:d501:1f0f:9372/128
                                    On-link
  1    306 ff00::/8                 On-link
 51    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/04/2013 05:06:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (06/04/2013 04:49:00 PM) (Source: SetupARService) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/04/2013 04:42:31 PM) (Source: SetupARService) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/04/2013 03:09:33 PM) (Source: SetupARService) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/04/2013 02:35:04 PM) (Source: Wininit) (User: )
Description: A critical system process, C:\Windows\system32\lsass.exe, failed with status code 1.  The machine must now be restarted.
 
Error: (06/04/2013 01:36:08 PM) (Source: SetupARService) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
 
System errors:
=============
Error: (06/04/2013 07:18:25 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk11\DR11.
 
Error: (06/04/2013 04:50:08 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (06/04/2013 04:49:09 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
PzWDM
 
Error: (06/04/2013 04:48:53 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{8837371e-46dc-11e0-800a-806e6f6e6963} cannot be read.
 
Error: (06/04/2013 04:48:47 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{121fffe4-c9fa-11e2-9a8b-1c6f659354dc} cannot be read.
 
Error: (06/04/2013 04:48:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\athExt.dll
Error Code: 126
 
Error: (06/04/2013 04:43:40 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (06/04/2013 04:42:41 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
PzWDM
 
Error: (06/04/2013 04:42:29 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{8837371e-46dc-11e0-800a-806e6f6e6963} cannot be read.
 
Error: (06/04/2013 04:42:23 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{121fffe4-c9fa-11e2-9a8b-1c6f659354dc} cannot be read.
 
 
Microsoft Office Sessions:
=========================
Error: (06/04/2013 05:06:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Utilities\esetsmartinstaller_enu.exe
 
Error: (06/04/2013 04:56:22 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Utilities\esetsmartinstaller_enu.exe
 
Error: (06/04/2013 04:49:02 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000
 
Error: (06/04/2013 04:49:00 PM) (Source: SetupARService)(User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/04/2013 04:42:41 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000
 
Error: (06/04/2013 04:42:31 PM) (Source: SetupARService)(User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/04/2013 03:09:34 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000
 
Error: (06/04/2013 03:09:33 PM) (Source: SetupARService)(User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/04/2013 02:35:04 PM) (Source: Wininit)(User: )
Description: C:\Windows\system32\lsass.exe1
 
Error: (06/04/2013 01:36:08 PM) (Source: SetupARService)(User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
   at SetupAfterRebootService.SetupARService.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-06-04 03:04:24.128
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-06-04 03:04:24.070
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-06-04 03:04:24.009
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-06-04 03:04:23.953
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-06-04 02:48:34.116
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-06-04 02:48:34.058
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-05-15 20:37:59.275
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-05-15 20:17:33.424
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
@BIOS (Version: 2.12)
4.0.1.7
AceMoney
Acrobat X Suite (Version: 1.0)
Acronis True Image Home 2011 (Version: 14.0.6696)
Adobe Acrobat X Professional - Arabic, Hebrew, French, Greek (Version: 10.1.1)
Adobe AIR (Version: 3.6.0.5970)
Adobe Captivate Quiz Results Analyzer (Version: 1.0)
Adobe Captivate Reviewer (Version: 2.0)
Adobe Creative Suite 6 Master Collection (Version: 6)
Adobe Digital Editions
Adobe DNG Codec (Version: 1.1.0.3)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Help Manager (Version: 4.0.244)
Adobe Media Player (Version: 1.8)
Adobe Photoshop Lightroom 4.3 64-bit (Version: 4.3.1)
Adobe Premiere Elements 11 (Version: 11.0)
Adobe Presenter 7 (Version: 7.0)
Adobe Presenter 7 (Version: 7.0.6)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
AKVIS MakeUp (Version: 2.5.313.8635)
Alien Skin Blow Up 2
Alien Skin Bokeh 2
Alien Skin Exposure 3
Alien Skin Eye Candy 6
Alien Skin Snap Art 2
Alien Skin Xenofex 2
Amazon Kindle
AMD Drag and Drop Transcoding (Version: 2.00.0000)
Artensoft Tilt Shift Generator (Version: 1.1)
Ashampoo ClipFinder HD v.2.21 (Version: 2.2.1)
ASUS Xonar DX Audio Driver
ATI AVIVO64 Codecs (Version: 11.6.0.50527)
ATI Catalyst Install Manager (Version: 3.0.778.0)
ATI Drivers Update Utility
AudioLabel (Version: 4.40 (Build 10))
AutoGreen B09.1014.2 (Version: 1.00.0000)
avast! Internet Security (Version: 6.0.1000.0)
AVCHDCoder (Version: 11.12.27)
AVS Audio Converter 7 (Version: 7.0.5.510)
AVS Audio Editor 7.1 (Version: 7.1.5.479)
AVS Audio Recorder version 4.0 (Version: 4.0.1.21)
AVS Cover Editor 2.0.1.3 (Version: 2.0.1.3)
AVS Disc Creator 5 (Version: 5.0.6.520)
AVS Document Converter 2.2.5 (Version: 2.2.5.218)
AVS DVD Copy 4.1.2.283 (Version: 4.1.2.283)
AVS Image Converter 2.3.2.248 (Version: 2.3.2.248)
AVS Media Player 4.1.10.99 (Version: 4.1.10.99)
AVS Photo Editor (Version: 2.0.8.128)
AVS Registry Cleaner version 2.2 (Version: 2.2.3.236)
AVS Ringtone Maker version 1.6 (Version: 1.6.1.140)
AVS Video Converter 8 (Version: 8.3.2.533)
AVS Video Editor 6 (Version: 6.3.2.234)
AVS Video Recorder 2.5 (Version: 2.5.3.83)
AVS Video ReMaker 4.1.3.149 (Version: 4.1.3.149)
aWARemote Pro Server version 2.2.0 (Version: 2.2.0)
Better File Rename 5.7
BitTorrent (Version: 7.7.3.28706)
bl (Version: 1.0.0)
Boilsoft Video Joiner 6.57
Boilsoft Video Splitter 6.34
Bonjour (Version: 2.0.4.0)
calibre (Version: 0.9.8)
Call of Duty® - Modern Warfare 3 (Version: 1.0)
Canon Inkjet Printer Driver Add-On Module V2.00
Canon My Printer
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0527.1242.20909)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0527.1242.20909)
Catalyst Control Center InstallProxy (Version: 2010.0527.1242.20909)
Catalyst Control Center Localization All (Version: 2010.0527.1242.20909)
CCC Help Chinese Standard (Version: 2010.0527.1241.20909)
CCC Help Chinese Traditional (Version: 2010.0527.1241.20909)
CCC Help Czech (Version: 2010.0527.1241.20909)
CCC Help Danish (Version: 2010.0527.1241.20909)
CCC Help Dutch (Version: 2010.0527.1241.20909)
CCC Help English (Version: 2010.0527.1241.20909)
CCC Help Finnish (Version: 2010.0527.1241.20909)
CCC Help French (Version: 2010.0527.1241.20909)
CCC Help German (Version: 2010.0527.1241.20909)
CCC Help Greek (Version: 2010.0527.1241.20909)
CCC Help Hungarian (Version: 2010.0527.1241.20909)
CCC Help Italian (Version: 2010.0527.1241.20909)
CCC Help Japanese (Version: 2010.0527.1241.20909)
CCC Help Korean (Version: 2010.0527.1241.20909)
CCC Help Norwegian (Version: 2010.0527.1241.20909)
CCC Help Polish (Version: 2010.0527.1241.20909)
CCC Help Portuguese (Version: 2010.0527.1241.20909)
CCC Help Russian (Version: 2010.0527.1241.20909)
CCC Help Spanish (Version: 2010.0527.1241.20909)
CCC Help Swedish (Version: 2010.0527.1241.20909)
CCC Help Thai (Version: 2010.0527.1241.20909)
CCC Help Turkish (Version: 2010.0527.1241.20909)
ccc-core-static (Version: 2010.0527.1242.20909)
ccc-utility64 (Version: 2010.0527.1242.20909)
CD-LabelPrint
Color Efex Pro 3.0 Complete (Version: 3.1.1.0)
Contents (Version: 15.0.0.258)
Core Temp 1.0 RC3 (Version: 1.0)
Corel VideoStudio Pro X5 (Version: 15.0.0.258)
COWON Media Center - jetAudio Plus VX (Version: 8.0.16)
Creative Vado AAC Codec
Creative Vado AAC Codec (Version: 1.0.0.1)
Cubby (Version: 1.0.0.12018)
dBpoweramp CD Writer (Version: Release 3)
dBpoweramp DSP Effects (Version: Release 7)
dBpoweramp Music Converter (Version: Release 14.1)
DES 2.0 (Version: 1.00.0000)
Dfine 2.0 (Version: 2.1.0.7)
Diagnostic Utility (Version: 1.00.0000)
Diskeeper 2011 (Version: 15.0.963.64)
DMIView B8.0717.01 (Version: 1.4)
doubleTwist (Version: 3.2.1.14961)
Dragon NaturallySpeaking 11 (Version: 11.50.100)
Dropbox (Version: 1.6.18)
EA Installer (Version: 2.2.0.62)
EA Shared Game Component: Activation (Version: 2.2.0)
EA Shared Game Component: Activation (Version: 2.2.0.62)
EASEUS Data Recovery Wizard Professional 5.5.1
EASEUS Partition Master 9.1.1 Professional
Easy Tune 6 B11.0823.1 (Version: 1.00.0000)
Elements 11 Organizer (Version: 11.0)
ERUNT 1.1j
ESET Online Scanner v3
Evernote v. 4.6.4 (Version: 4.6.4.8136)
Face_Wizard B10.0408.01 (Version: 1.00.0000)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
FileASSASSIN (Version: 1.06)
Forté Agent (Version: 6.00)
Fraps (remove only)
Gigabyte Raid Configurer (Version: 1.17.59.0)
GIMP (Version: 2.6.11)
Google Calendar Sync
Google Chrome (Version: 27.0.1453.94)
Google Drive (Version: 1.9.4536.8202)
Google Talk (remove only)
Google Talk Plugin (Version: 3.19.1.13088)
Google Update Helper (Version: 1.3.21.145)
GoToMeeting 5.0.0.799 (Version: 5.0.0.799)
GPSoftware Directory Opus (Version: 9.5.6.0)
GrabBee (Version: 1.0.9.6)
HandBrake 0.9.8 (Version: 0.9.8)
HD Writer AE 4.1 (Version: 4.01.025.1033)
HomeManage 2010 (Version: 2010)
HydraVision (Version: 4.2.166.0)
ICA (Version: 15.0.0.258)
Imagenomic Portraiture 2.2.1 Lightroom Plug-in (build 2210)
Imagenomic Portraiture 2.3 Plug-in (build 2308)
Intel® Matrix Storage Manager
IPM_VS_Pro (Version: 15.0)
ISCOM (Version: 15.0.0.258)
IVONA 2 (Version: 1.6.39)
IVONA ControlCenter (Version: 1.0.26)
IVONA MiniReader
IVONA Reader
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
JDownloader 0.9 (Version: 0.9)
Jump Desktop (Version: 3.2.5)
KC Softwares VideoInspector
K-Lite Codec Pack 9.7.5 (64-bit) (Version: 9.7.5)
Kuffs Password Safe (Version: 2.0.26)
Lingoes 2.8.1 (Version: 2.8.1)
LogMeIn (Version: 4.1.2450)
LUMIX Map Tool (Version: 1.00.0000)
Macrium Reflect Free Edition (Version: 5.0.4620)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Marvell MRU V4 (Version: 4.1.0.1700)
Mass Effect 2 (Version: 1.02)
Mass Effect 2 Coalesced Compiler v1.0.0 (Version: 1.0.0)
Media Center 16 (Version: 16)
MediaInfo 0.7.62 (Version: 0.7.62)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Camera Codec Pack (Version: 16.4.1620.0719)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MKVToolNix 6.0.0 (Version: 6.0.0)
Monkey's Audio
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MPC-HC 1.6.5.6366 (64-bit) (Version: 1.6.5.6366)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Collector
MyPhoneExplorer (Version: 1.8.4)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.18.0)
NVIDIA PhysX (Version: 9.09.0814)
ONES (E)
OpenAL
Paragon Hard Disk Manager™ 2010 Professional (Version: 90.00.0003)
PDF Settings CS6 (Version: 11.0)
Perfect Photo Suite 7.0.2 (Version: 7.0.2)
Perfectly Clear Plugin 1.6.5 (Version: 1.6.5)
ph (Version: 1.0.0)
PhoneMyPC (Version: 2.0.3)
PhotoCopy (Version: 1.0)
Photodex Presenter
PhotoRescue Advanced PC 2.1.706
Picasa 3 (Version: 3.8)
Pixlr-o-matic (Version: 2.1)
Plex Media Server (Version: 0.9.712)
Plus Pack for Acronis True Image Home 2011 (Version: 14.0.6696)
PocketCloud Windows Companion (Version: 2.4.12)
PRE11 STI 64Installer (Version: 11.0)
PrinterShare 2.3.06 (Version: 2.3.6.0)
ProShow Producer
PxMergeModule (Version: 1.00.0000)
Q-Share Ver.1.2 (Version: 1.2)
QuickPar 0.9 (Version: 0.9)
QuickTime Alternative 3.2.2 (Version: 3.2.2)
Real Hide IP (Version: 4.2.1.6)
Realtek Ethernet Controller Driver (Version: 7.46.531.2011)
Registrar Registry Manager 6.52  (Professional Edition)
RescuePRO Deluxe 5.0 (Version: 5.0)
RoboForm 7-8-6-5 (All Users) (Version: 7-8-6-5)
RRDtool (Version: 1.4.5.0)
Samsung AllShare (Version: 2.1.0.12031_10)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.2200.0)
Sandboxie 3.56 (64-bit)
Setup (Version: 15.0.0.258)
Share (Version: 15.0.0.258)
Share64 (Version: 15.0.0.258)
Sharpener Pro 3.0 (Version: 3.0.0.5)
Shipping Assistant 3.8 (Version: 3.8.0.0)
Silver Efex Pro 2 (Version: 2.0.0.0)
SiSoftware Sandra Professional Home 2011 (Version: 17.15.2011.1)
Skype Click to Call (Version: 6.9.12585)
Skype™ 6.3 (Version: 6.3.107)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.6)
Snapseed (Version: 1.1.0)
Sp5 (Version: 5.1.4324.0)
Sp5Intl (Version: 5.1.4324.0)
Sp5TTInt (Version: 5.1.4324.0)
SpCommon (Version: 5.1.4324.0)
Splashtop Software Updater (Version: 1.5.6.11)
Splashtop Streamer (Version: 2.3.0.2)
SpPhones (Version: 6.0.3122.0)
Steam (Version: 1.0.0.0)
Tango (Version: 1.6.14117)
ThumbsPlus
ThumbsPlus (Version: 8.1.0.3537)
ThumbsPlus (Version: 9.0.0.3924)
TomTom HOME 2.8.2.2264 (Version: 2.8.2.2264)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Topaz Adjust 4 (64-bit) (Version: 4.1.0)
Topaz Adjust 4 (Version: 4.1.0)
Topaz Clean 3 (64-bit) (Version: 3.0.2)
Topaz Clean 3 (Version: 3.0.2)
Topaz DeJpeg 4 (64-bit) (Version: 4.0.2)
Topaz DeJpeg 4 (Version: 4.0.2)
Topaz DeNoise 5 (64-bit) (Version: 5.0.1)
Topaz DeNoise 5 (Version: 5.0.1)
Topaz Detail 2 (64-bit) (Version: 2.0.5)
Topaz Detail 2 (Version: 2.0.5)
Topaz Fusion Express 2 (64-bit) (Version: 2.0.2)
Topaz Fusion Express 2 (Version: 2.0.2)
Topaz InFocus (64-bit) (Version: 1.0.0)
Topaz InFocus (Version: 1.0.0)
Topaz Lens Effects (64-bit) (Version: 1.0.0)
Topaz Lens Effects (Version: 1.0.0)
Topaz ReMask 3 (64-bit) (Version: 3.1.0)
Topaz ReMask 3 (Version: 3.1.0)
Topaz Simplify 3 (64-bit) (Version: 3.0.2)
Topaz Simplify 3 (Version: 3.0.2)
Topaz Simplify 4 (64-bit) (Version: 4.0.1)
Topaz Simplify 4 (Version: 4.0.1)
TP-LINK Wireless Client Utility (Version: 7.0)
Translate Genius (Version: 1.0.9)
TurboTax 2011
TurboTax 2011 wiliper (Version: 011.000.1768)
TurboTax 2011 WinPerFedFormset (Version: 011.000.3351)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 wiliper (Version: 012.000.1416)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2114)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)
TurboTax 2012 wrapper (Version: 012.000.0127)
UltraISO Premium V9.36
Unified Remote (Version: 2.5.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
USB Video/Audio Device Driver (Version: 1.00.0000)
UV Realtime (Version: 1.9.1)
Vegas Pro 12.0 (64-bit) (Version: 12.0.486)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (Version: 11.0.0)
Viveza 2 (Version: 2.0.0.3)
VLC media player 1.1.11 (Version: 1.1.11)
VNC Mirror Driver 1.8.0 (Version: 1.8.0)
VNC Printer Driver 1.8.0 (Version: 1.8.0)
VNC Server 5.0.1 (Version: 5.0.1)
VNC Viewer 5.0.1 (Version: 5.0.1)
VSClassic (Version: 15.0.0.258)
VSHelp (Version: 15.0.0.258)
VSPro (Version: 15.0.0.258)
WhereIsIt? 2010 (Version: 2010)
WIDCOMM Bluetooth Software (Version: 6.5.1.2700)
Winamp (Version: 5.621 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
X1 Professional Client (Version: 6.7)
Xilisoft Video Converter Ultimate (Version: 7.7.2.20130122)
Xirrus Wi-Fi Inspector (Version: 1.2.0000)
YouWave for Android
Zoner Photo Studio 15 (Version: 15.0.1.2)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 19%
Total physical RAM: 24574.43 MB
Available physical RAM: 19799.45 MB
Total Pagefile: 49147.05 MB
Available Pagefile: 44333.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.05 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Win7) (Fixed) (Total:404.59 GB) (Free:254.06 GB) NTFS
2 Drive d: (Files) (Fixed) (Total:526.82 GB) (Free:134.01 GB) NTFS
3 Drive e: (Scratch) (Fixed) (Total:596.17 GB) (Free:446.68 GB) NTFS
4 Drive f: (PhotoBank) (Fixed) (Total:2794.39 GB) (Free:1060.18 GB) NTFS
5 Drive g: () (Fixed) (Total:2794.39 GB) (Free:1659.07 GB) NTFS
6 Drive h: (Data 2) (Fixed) (Total:1862.89 GB) (Free:917.23 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\FARSCAPE
 
Administrator            Guest                    skysi                    
 
 
**** End of log ****
 
I deleted folder WindowsFilessc with all its contents including kill.bat
 

 

 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 AM

Posted 05 June 2013 - 05:51 PM

Looks like we removed it.
 
Open Malwarebytes
Select the Update tab
Select scan,,, Run a full scan and post that log.
 
The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply.
How is it running now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 skysis

skysis
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 05 June 2013 - 06:13 PM

Thanks, boopme, but riaiccape.exe is still there (in two places on drive C. Avast is still unable to scan it, and Malwarebytes can't see it at all.

Is there a way to remove it?

 

I'll scan with Malwarebytes again and post it later, but it seems to me Malwarebytes is completely useless.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 AM

Posted 05 June 2013 - 06:47 PM

Yes, but we will need stronger tools a deeper look.
We have to make a new topic. You can use the same title.
Please follow this Preparationn Guide and post in a new topic.
Do steps 6 ,7 and 8..

Let me know if all went well.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 skysis

skysis
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 05 June 2013 - 07:21 PM

Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.06.05.10
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
skysi :: FARSCAPE [administrator]
 
Protection: Enabled
 
6/5/2013 6:15:20 PM
mbam-log-2013-06-05 (18-15-20).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 555421
Time elapsed: 59 minute(s), 45 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#10 skysis

skysis
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 05 June 2013 - 07:22 PM

Yes, but we will need stronger tools a deeper look.
We have to make a new topic. You can use the same title.
Please follow this Preparationn Guide and post in a new topic.
Do steps 6 ,7 and 8..

Let me know if all went well.

ok



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 AM

Posted 05 June 2013 - 09:12 PM

Than you!
 
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 2 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users