Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lost services windows 7


  • Please log in to reply
8 replies to this topic

#1 carlhelton

carlhelton

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 05 September 2013 - 12:43 AM

My son got my computer infected, runs now but missing services and other issues. Please help.

no firewall, no security essentials, won't update etc... Running win 7 home premium, used malware bytes, AVG antivirus, super anti spyware, spybot s&d


Edited by carlhelton, 05 September 2013 - 12:56 AM.


BC AdBot (Login to Remove)

 


#2 carlhelton

carlhelton
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 05 September 2013 - 01:20 AM

I know it's late, should i go to bed or wait up for help? Sorry I'm new to these issues.



#3 TwinHeadedEagle

TwinHeadedEagle

  • Security Colleague
  • 352 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:08:44 AM

Posted 05 September 2013 - 02:14 AM

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

Edited by TwinHeadedEagle, 05 September 2013 - 02:14 AM.


#4 carlhelton

carlhelton
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 05 September 2013 - 07:01 AM

TDS Killer log:

07:56:46.0799 2508  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
07:56:47.0146 2508  ============================================================
07:56:47.0146 2508  Current date / time: 2013/09/05 07:56:47.0146
07:56:47.0146 2508  SystemInfo:
07:56:47.0146 2508  
07:56:47.0146 2508  OS Version: 6.1.7601 ServicePack: 1.0
07:56:47.0146 2508  Product type: Workstation
07:56:47.0146 2508  ComputerName: HOMETHEATER
07:56:47.0146 2508  UserName: Carl
07:56:47.0146 2508  Windows directory: C:\Windows
07:56:47.0146 2508  System windows directory: C:\Windows
07:56:47.0146 2508  Running under WOW64
07:56:47.0146 2508  Processor architecture: Intel x64
07:56:47.0146 2508  Number of processors: 4
07:56:47.0146 2508  Page size: 0x1000
07:56:47.0146 2508  Boot type: Normal boot
07:56:47.0146 2508  ============================================================
07:56:48.0356 2508  Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:56:48.0364 2508  Drive \Device\Harddisk1\DR1 - Size: 0x1BF08EB000 (111.76 Gb), SectorSize: 0x200, Cylinders: 0x38FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:56:56.0178 2508  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:56:56.0202 2508  ============================================================
07:56:56.0202 2508  \Device\Harddisk0\DR0:
07:56:56.0202 2508  MBR partitions:
07:56:56.0202 2508  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9501800
07:56:56.0202 2508  \Device\Harddisk1\DR1:
07:56:56.0202 2508  MBR partitions:
07:56:56.0202 2508  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF7FDBD
07:56:56.0202 2508  \Device\Harddisk2\DR2:
07:56:56.0203 2508  GPT partitions:
07:56:56.0203 2508  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {EE2E5DC8-D644-44D6-8440-FE6017BE928E}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
07:56:56.0203 2508  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F2B89617-AA3E-485F-AAB2-E689CF4744F2}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x86470000
07:56:56.0203 2508  \Device\Harddisk2\DR2\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {25E4040D-16C8-41B5-986A-48DCA1A383D0}, Name: Basic data partition, StartLBA 0x864B0800, BlocksNum 0x62957800
07:56:56.0203 2508  MBR partitions:
07:56:56.0203 2508  ============================================================
07:56:56.0229 2508  C: <-> \Device\Harddisk0\DR0\Partition1
07:56:56.0258 2508  D: <-> \Device\Harddisk2\DR2\Partition2
07:56:56.0300 2508  E: <-> \Device\Harddisk2\DR2\Partition3
07:56:56.0325 2508  G: <-> \Device\Harddisk1\DR1\Partition1
07:56:56.0325 2508  ============================================================
07:56:56.0325 2508  Initialize success
07:56:56.0325 2508  ============================================================
07:57:15.0632 0524  ============================================================
07:57:15.0632 0524  Scan started
07:57:15.0632 0524  Mode: Manual; 
07:57:15.0632 0524  ============================================================
07:57:16.0179 0524  ================ Scan system memory ========================
07:57:16.0179 0524  System memory - ok
07:57:16.0180 0524  ================ Scan services =============================
07:57:16.0243 0524  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
07:57:16.0244 0524  !SASCORE - ok
07:57:16.0384 0524  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
07:57:16.0387 0524  1394ohci - ok
07:57:16.0408 0524  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
07:57:16.0410 0524  ACPI - ok
07:57:16.0431 0524  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
07:57:16.0431 0524  AcpiPmi - ok
07:57:16.0504 0524  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:57:16.0504 0524  AdobeARMservice - ok
07:57:16.0591 0524  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:57:16.0595 0524  AdobeFlashPlayerUpdateSvc - ok
07:57:16.0632 0524  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
07:57:16.0638 0524  adp94xx - ok
07:57:16.0659 0524  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
07:57:16.0664 0524  adpahci - ok
07:57:16.0687 0524  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
07:57:16.0690 0524  adpu320 - ok
07:57:16.0712 0524  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
07:57:16.0713 0524  AeLookupSvc - ok
07:57:16.0759 0524  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
07:57:16.0761 0524  AFD - ok
07:57:16.0779 0524  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
07:57:16.0780 0524  agp440 - ok
07:57:16.0796 0524  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
07:57:16.0798 0524  ALG - ok
07:57:16.0805 0524  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
07:57:16.0806 0524  aliide - ok
07:57:16.0830 0524  [ 962227630779043B5C1D4CD157ABB912 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
07:57:16.0831 0524  AMD External Events Utility - ok
07:57:16.0853 0524  AMD FUEL Service - ok
07:57:16.0861 0524  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
07:57:16.0862 0524  amdide - ok
07:57:16.0893 0524  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
07:57:16.0893 0524  amdiox64 - ok
07:57:16.0905 0524  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
07:57:16.0906 0524  AmdK8 - ok
07:57:17.0155 0524  [ 56D6631761EC37745F0DF16BCDC4CAF4 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
07:57:17.0395 0524  amdkmdag - ok
07:57:17.0415 0524  [ 2D9005EA0BFD25C740E53C8DD3C069E0 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
07:57:17.0417 0524  amdkmdap - ok
07:57:17.0427 0524  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
07:57:17.0428 0524  AmdPPM - ok
07:57:17.0453 0524  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
07:57:17.0455 0524  amdsata - ok
07:57:17.0461 0524  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
07:57:17.0464 0524  amdsbs - ok
07:57:17.0476 0524  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
07:57:17.0476 0524  amdxata - ok
07:57:17.0505 0524  [ A98662AF1F4FE95E0B1DAF75B98CFAE3 ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
07:57:17.0506 0524  AnyDVD - ok
07:57:17.0536 0524  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.01   C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
07:57:17.0536 0524  AODDriver4.01 - ok
07:57:17.0539 0524  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
07:57:17.0539 0524  AODDriver4.2 - ok
07:57:17.0548 0524  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
07:57:17.0549 0524  AppID - ok
07:57:17.0571 0524  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
07:57:17.0572 0524  AppIDSvc - ok
07:57:17.0584 0524  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
07:57:17.0584 0524  Appinfo - ok
07:57:17.0735 0524  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:57:17.0736 0524  Apple Mobile Device - ok
07:57:17.0750 0524  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
07:57:17.0751 0524  arc - ok
07:57:17.0757 0524  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
07:57:17.0759 0524  arcsas - ok
07:57:17.0779 0524  [ A7409B5C0E35DDEE64F16F3054E5530B ] ArcSec          C:\Windows\system32\drivers\ArcSec.sys
07:57:17.0780 0524  ArcSec - ok
07:57:17.0818 0524  [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
07:57:17.0819 0524  AsIO - ok
07:57:17.0842 0524  [ 22842362DF890F5492F85AA60916A697 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
07:57:17.0842 0524  asmthub3 - ok
07:57:17.0867 0524  [ 08E2D77766CC05E75A0707207D9FC684 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
07:57:17.0869 0524  asmtxhci - ok
07:57:17.0892 0524  [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
07:57:17.0892 0524  AsUpIO - ok
07:57:17.0901 0524  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:57:17.0901 0524  AsyncMac - ok
07:57:17.0904 0524  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
07:57:17.0904 0524  atapi - ok
07:57:17.0923 0524  [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
07:57:17.0923 0524  AtiHDAudioService - ok
07:57:17.0944 0524  [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
07:57:17.0946 0524  AtiHdmiService - ok
07:57:17.0968 0524  [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
07:57:17.0968 0524  AtiPcie - ok
07:57:18.0006 0524  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:57:18.0009 0524  AudioEndpointBuilder - ok
07:57:18.0019 0524  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
07:57:18.0022 0524  AudioSrv - ok
07:57:18.0185 0524  [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
07:57:18.0205 0524  AVGIDSAgent - ok
07:57:18.0252 0524  [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
07:57:18.0253 0524  AVGIDSDriver - ok
07:57:18.0266 0524  [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
07:57:18.0267 0524  AVGIDSHA - ok
07:57:18.0282 0524  [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
07:57:18.0283 0524  Avgldx64 - ok
07:57:18.0319 0524  [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
07:57:18.0323 0524  Avgloga - ok
07:57:18.0332 0524  [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
07:57:18.0333 0524  Avgmfx64 - ok
07:57:18.0359 0524  [ 0638096A30B7081DAACB8DCC39BD16EF ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
07:57:18.0360 0524  Avgrkx64 - ok
07:57:18.0378 0524  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
07:57:18.0379 0524  Avgtdia - ok
07:57:18.0406 0524  [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
07:57:18.0407 0524  avgwd - ok
07:57:18.0428 0524  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
07:57:18.0429 0524  AxInstSV - ok
07:57:18.0458 0524  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
07:57:18.0464 0524  b06bdrv - ok
07:57:18.0492 0524  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
07:57:18.0496 0524  b57nd60a - ok
07:57:18.0519 0524  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
07:57:18.0520 0524  BDESVC - ok
07:57:18.0529 0524  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:57:18.0529 0524  Beep - ok
07:57:18.0575 0524  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
07:57:18.0583 0524  BFE - ok
07:57:18.0619 0524  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
07:57:18.0623 0524  BITS - ok
07:57:18.0637 0524  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
07:57:18.0638 0524  blbdrive - ok
07:57:18.0694 0524  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:57:18.0696 0524  Bonjour Service - ok
07:57:18.0725 0524  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:57:18.0726 0524  bowser - ok
07:57:18.0750 0524  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
07:57:18.0751 0524  BrFiltLo - ok
07:57:18.0762 0524  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
07:57:18.0762 0524  BrFiltUp - ok
07:57:18.0783 0524  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
07:57:18.0784 0524  Browser - ok
07:57:18.0806 0524  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
07:57:18.0810 0524  Brserid - ok
07:57:18.0823 0524  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
07:57:18.0824 0524  BrSerWdm - ok
07:57:18.0834 0524  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
07:57:18.0837 0524  BrUsbMdm - ok
07:57:18.0848 0524  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
07:57:18.0848 0524  BrUsbSer - ok
07:57:18.0864 0524  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
07:57:18.0865 0524  BTHMODEM - ok
07:57:18.0887 0524  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
07:57:18.0889 0524  bthserv - ok
07:57:18.0904 0524  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:57:18.0904 0524  cdfs - ok
07:57:18.0933 0524  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
07:57:18.0934 0524  cdrom - ok
07:57:18.0956 0524  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
07:57:18.0959 0524  CertPropSvc - ok
07:57:18.0995 0524  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
07:57:18.0996 0524  circlass - ok
07:57:19.0260 0524  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
07:57:19.0264 0524  CLFS - ok
07:57:19.0386 0524  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:57:19.0421 0524  clr_optimization_v2.0.50727_32 - ok
07:57:19.0552 0524  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:57:19.0554 0524  clr_optimization_v2.0.50727_64 - ok
07:57:19.0599 0524  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:57:19.0601 0524  clr_optimization_v4.0.30319_32 - ok
07:57:19.0628 0524  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:57:19.0630 0524  clr_optimization_v4.0.30319_64 - ok
07:57:19.0656 0524  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
07:57:19.0656 0524  CmBatt - ok
07:57:19.0666 0524  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
07:57:19.0667 0524  cmdide - ok
07:57:19.0696 0524  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
07:57:19.0702 0524  CNG - ok
07:57:19.0711 0524  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
07:57:19.0711 0524  Compbatt - ok
07:57:19.0722 0524  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
07:57:19.0723 0524  CompositeBus - ok
07:57:19.0726 0524  COMSysApp - ok
07:57:19.0733 0524  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
07:57:19.0734 0524  crcdisk - ok
07:57:19.0755 0524  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:57:19.0756 0524  CryptSvc - ok
07:57:19.0792 0524  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:57:19.0795 0524  DcomLaunch - ok
07:57:19.0819 0524  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
07:57:19.0823 0524  defragsvc - ok
07:57:19.0835 0524  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:57:19.0836 0524  DfsC - ok
07:57:19.0862 0524  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
07:57:19.0864 0524  Dhcp - ok
07:57:19.0875 0524  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
07:57:19.0876 0524  discache - ok
07:57:19.0883 0524  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
07:57:19.0884 0524  Disk - ok
07:57:19.0903 0524  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:57:19.0904 0524  Dnscache - ok
07:57:19.0933 0524  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
07:57:19.0937 0524  dot3svc - ok
07:57:19.0948 0524  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
07:57:19.0949 0524  DPS - ok
07:57:19.0974 0524  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
07:57:19.0974 0524  drmkaud - ok
07:57:20.0018 0524  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
07:57:20.0022 0524  DXGKrnl - ok
07:57:20.0042 0524  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
07:57:20.0044 0524  EapHost - ok
07:57:20.0123 0524  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
07:57:20.0200 0524  ebdrv - ok
07:57:20.0220 0524  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
07:57:20.0221 0524  EFS - ok
07:57:20.0286 0524  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
07:57:20.0293 0524  ehRecvr - ok
07:57:20.0305 0524  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
07:57:20.0307 0524  ehSched - ok
07:57:20.0331 0524  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
07:57:20.0331 0524  ElbyCDIO - ok
07:57:20.0355 0524  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
07:57:20.0362 0524  elxstor - ok
07:57:20.0371 0524  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
07:57:20.0371 0524  ErrDev - ok
07:57:20.0405 0524  esgiguard - ok
07:57:20.0445 0524  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
07:57:20.0447 0524  EventSystem - ok
07:57:20.0466 0524  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
07:57:20.0469 0524  exfat - ok
07:57:20.0484 0524  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
07:57:20.0485 0524  fastfat - ok
07:57:20.0520 0524  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
07:57:20.0529 0524  Fax - ok
07:57:20.0538 0524  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
07:57:20.0539 0524  fdc - ok
07:57:20.0563 0524  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
07:57:20.0564 0524  fdPHost - ok
07:57:20.0573 0524  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
07:57:20.0575 0524  FDResPub - ok
07:57:20.0584 0524  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:57:20.0585 0524  FileInfo - ok
07:57:20.0592 0524  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
07:57:20.0593 0524  Filetrace - ok
07:57:20.0602 0524  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
07:57:20.0602 0524  flpydisk - ok
07:57:20.0616 0524  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:57:20.0618 0524  FltMgr - ok
07:57:20.0665 0524  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
07:57:20.0670 0524  FontCache - ok
07:57:20.0708 0524  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:57:20.0709 0524  FontCache3.0.0.0 - ok
07:57:20.0723 0524  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
07:57:20.0724 0524  FsDepends - ok
07:57:20.0749 0524  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:57:20.0750 0524  Fs_Rec - ok
07:57:20.0763 0524  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
07:57:20.0766 0524  fvevol - ok
07:57:20.0780 0524  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
07:57:20.0781 0524  gagp30kx - ok
07:57:20.0797 0524  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:57:20.0798 0524  GEARAspiWDM - ok
07:57:20.0834 0524  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
07:57:20.0838 0524  gpsvc - ok
07:57:20.0876 0524  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:57:20.0877 0524  gupdate - ok
07:57:20.0881 0524  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:57:20.0882 0524  gupdatem - ok
07:57:20.0929 0524  [ AD499F38112578760346962C2AC573BB ] Hcw2650Service  C:\PROGRA~2\WinTV\IR\Hcw2650Service.exe
07:57:20.0930 0524  Hcw2650Service - ok
07:57:20.0941 0524  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
07:57:20.0942 0524  hcw85cir - ok
07:57:20.0969 0524  [ 1B5B74502478C079D9BF5D162113D4DC ] HcwMocurIR      C:\Windows\system32\drivers\HcwMocurIR.sys
07:57:20.0969 0524  HcwMocurIR - ok
07:57:20.0994 0524  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:57:20.0999 0524  HdAudAddService - ok
07:57:21.0006 0524  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
07:57:21.0007 0524  HDAudBus - ok
07:57:21.0020 0524  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
07:57:21.0021 0524  HidBatt - ok
07:57:21.0038 0524  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
07:57:21.0040 0524  HidBth - ok
07:57:21.0055 0524  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
07:57:21.0056 0524  HidIr - ok
07:57:21.0083 0524  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
07:57:21.0084 0524  hidserv - ok
07:57:21.0096 0524  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
07:57:21.0096 0524  HidUsb - ok
07:57:21.0120 0524  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:57:21.0122 0524  hkmsvc - ok
07:57:21.0149 0524  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:57:21.0153 0524  HomeGroupListener - ok
07:57:21.0182 0524  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:57:21.0184 0524  HomeGroupProvider - ok
07:57:21.0190 0524  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
07:57:21.0191 0524  HpSAMD - ok
07:57:21.0220 0524  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:57:21.0223 0524  HTTP - ok
07:57:21.0232 0524  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
07:57:21.0232 0524  hwpolicy - ok
07:57:21.0247 0524  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
07:57:21.0247 0524  i8042prt - ok
07:57:21.0273 0524  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
07:57:21.0279 0524  iaStorV - ok
07:57:21.0330 0524  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:57:21.0340 0524  idsvc - ok
07:57:21.0372 0524  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
07:57:21.0373 0524  iirsp - ok
07:57:21.0411 0524  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
07:57:21.0436 0524  IKEEXT - ok
07:57:21.0555 0524  [ 150AC23F21DBDBF8488408BA944B0D65 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
07:57:21.0574 0524  IntcAzAudAddService - ok
07:57:21.0592 0524  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
07:57:21.0592 0524  intelide - ok
07:57:21.0605 0524  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
07:57:21.0605 0524  intelppm - ok
07:57:21.0633 0524  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
07:57:21.0635 0524  IPBusEnum - ok
07:57:21.0664 0524  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:57:21.0665 0524  IpFilterDriver - ok
07:57:21.0675 0524  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
07:57:21.0676 0524  IPMIDRV - ok
07:57:21.0690 0524  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
07:57:21.0691 0524  IPNAT - ok
07:57:21.0732 0524  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
07:57:21.0734 0524  iPod Service - ok
07:57:21.0744 0524  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:57:21.0745 0524  IRENUM - ok
07:57:21.0753 0524  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
07:57:21.0753 0524  isapnp - ok
07:57:21.0783 0524  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
07:57:21.0787 0524  iScsiPrt - ok
07:57:21.0803 0524  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
07:57:21.0803 0524  kbdclass - ok
07:57:21.0829 0524  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
07:57:21.0830 0524  kbdhid - ok
07:57:21.0840 0524  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
07:57:21.0841 0524  KeyIso - ok
07:57:21.0869 0524  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:57:21.0870 0524  KSecDD - ok
07:57:21.0879 0524  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
07:57:21.0881 0524  KSecPkg - ok
07:57:21.0899 0524  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
07:57:21.0900 0524  ksthunk - ok
07:57:21.0931 0524  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
07:57:21.0937 0524  KtmRm - ok
07:57:21.0961 0524  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
07:57:21.0963 0524  LanmanServer - ok
07:57:21.0991 0524  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:57:21.0993 0524  LanmanWorkstation - ok
07:57:22.0005 0524  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:57:22.0006 0524  lltdio - ok
07:57:22.0022 0524  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
07:57:22.0026 0524  lltdsvc - ok
07:57:22.0051 0524  [ C7C9A7A174AA84AEAE3AAF200F53F9A4 ] LMHIDDriver     C:\Windows\system32\DRIVERS\LMHIDDriver_amd64.sys
07:57:22.0051 0524  LMHIDDriver - ok
07:57:22.0075 0524  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
07:57:22.0075 0524  lmhosts - ok
07:57:22.0089 0524  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
07:57:22.0091 0524  LSI_FC - ok
07:57:22.0095 0524  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
07:57:22.0097 0524  LSI_SAS - ok
07:57:22.0108 0524  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
07:57:22.0109 0524  LSI_SAS2 - ok
07:57:22.0117 0524  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
07:57:22.0119 0524  LSI_SCSI - ok
07:57:22.0129 0524  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
07:57:22.0130 0524  luafv - ok
07:57:22.0162 0524  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
07:57:22.0162 0524  MBAMProtector - ok
07:57:22.0222 0524  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
07:57:22.0224 0524  MBAMScheduler - ok
07:57:22.0249 0524  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
07:57:22.0257 0524  MBAMService - ok
07:57:22.0307 0524  [ 0508ECCD387BC6176017DBC358E99C2A ] mceBackup Service C:\Program Files (x86)\The Digital Lifestyle.com\mcBackup 3.0\mceBackupService.exe
07:57:22.0308 0524  mceBackup Service - ok
07:57:22.0338 0524  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
07:57:22.0340 0524  Mcx2Svc - ok
07:57:22.0408 0524  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
07:57:22.0410 0524  MDM - ok
07:57:22.0439 0524  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
07:57:22.0439 0524  megasas - ok
07:57:22.0460 0524  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
07:57:22.0464 0524  MegaSR - ok
07:57:22.0496 0524  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
07:57:22.0497 0524  Microsoft Office Groove Audit Service - ok
07:57:22.0522 0524  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
07:57:22.0523 0524  MMCSS - ok
07:57:22.0530 0524  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
07:57:22.0531 0524  Modem - ok
07:57:22.0541 0524  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
07:57:22.0541 0524  monitor - ok
07:57:22.0547 0524  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
07:57:22.0547 0524  mouclass - ok
07:57:22.0554 0524  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
07:57:22.0555 0524  mouhid - ok
07:57:22.0561 0524  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
07:57:22.0562 0524  mountmgr - ok
07:57:22.0572 0524  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
07:57:22.0575 0524  mpio - ok
07:57:22.0583 0524  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:57:22.0584 0524  mpsdrv - ok
07:57:22.0624 0524  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:57:22.0650 0524  MpsSvc - ok
07:57:22.0666 0524  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:57:22.0666 0524  MRxDAV - ok
07:57:22.0688 0524  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:57:22.0689 0524  mrxsmb - ok
07:57:22.0709 0524  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:57:22.0710 0524  mrxsmb10 - ok
07:57:22.0738 0524  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:57:22.0739 0524  mrxsmb20 - ok
07:57:22.0767 0524  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
07:57:22.0768 0524  msahci - ok
07:57:22.0775 0524  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
07:57:22.0777 0524  msdsm - ok
07:57:22.0791 0524  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
07:57:22.0794 0524  MSDTC - ok
07:57:22.0809 0524  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:57:22.0810 0524  Msfs - ok
07:57:22.0814 0524  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
07:57:22.0815 0524  mshidkmdf - ok
07:57:22.0824 0524  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
07:57:22.0824 0524  msisadrv - ok
07:57:22.0850 0524  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
07:57:22.0853 0524  MSiSCSI - ok
07:57:22.0856 0524  msiserver - ok
07:57:22.0866 0524  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
07:57:22.0866 0524  MSKSSRV - ok
07:57:22.0873 0524  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:57:22.0873 0524  MSPCLOCK - ok
07:57:22.0884 0524  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
07:57:22.0885 0524  MSPQM - ok
07:57:22.0900 0524  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
07:57:22.0905 0524  MsRPC - ok
07:57:22.0930 0524  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
07:57:22.0930 0524  mssmbios - ok
07:57:22.0999 0524  MSSQL$MYMOVIES - ok
07:57:23.0049 0524  MSSQL$SQLEXPRESS - ok
07:57:23.0074 0524  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
07:57:23.0076 0524  MSSQLServerADHelper - ok
07:57:23.0139 0524  [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
07:57:23.0140 0524  MSSQLServerADHelper100 - ok
07:57:23.0154 0524  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
07:57:23.0155 0524  MSTEE - ok
07:57:23.0185 0524  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
07:57:23.0185 0524  MTConfig - ok
07:57:23.0208 0524  [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
07:57:23.0208 0524  MTsensor - ok
07:57:23.0218 0524  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
07:57:23.0218 0524  Mup - ok
07:57:23.0284 0524  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
07:57:23.0291 0524  napagent - ok
07:57:23.0324 0524  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
07:57:23.0328 0524  NativeWifiP - ok
07:57:23.0358 0524  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:57:23.0362 0524  NDIS - ok
07:57:23.0371 0524  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
07:57:23.0372 0524  NdisCap - ok
07:57:23.0378 0524  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:57:23.0378 0524  NdisTapi - ok
07:57:23.0387 0524  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
07:57:23.0388 0524  Ndisuio - ok
07:57:23.0396 0524  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
07:57:23.0397 0524  NdisWan - ok
07:57:23.0405 0524  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
07:57:23.0405 0524  NDProxy - ok
07:57:23.0417 0524  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
07:57:23.0417 0524  NetBIOS - ok
07:57:23.0435 0524  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
07:57:23.0436 0524  NetBT - ok
07:57:23.0443 0524  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
07:57:23.0444 0524  Netlogon - ok
07:57:23.0471 0524  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
07:57:23.0474 0524  Netman - ok
07:57:23.0496 0524  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
07:57:23.0498 0524  netprofm - ok
07:57:23.0524 0524  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:57:23.0526 0524  NetTcpPortSharing - ok
07:57:23.0533 0524  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
07:57:23.0534 0524  nfrd960 - ok
07:57:23.0551 0524  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:57:23.0553 0524  NlaSvc - ok
07:57:23.0568 0524  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:57:23.0568 0524  Npfs - ok
07:57:23.0595 0524  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
07:57:23.0596 0524  nsi - ok
07:57:23.0606 0524  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:57:23.0606 0524  nsiproxy - ok
07:57:23.0667 0524  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:57:23.0673 0524  Ntfs - ok
07:57:23.0690 0524  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
07:57:23.0690 0524  Null - ok
07:57:23.0717 0524  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
07:57:23.0719 0524  nvraid - ok
07:57:23.0729 0524  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
07:57:23.0731 0524  nvstor - ok
07:57:23.0742 0524  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
07:57:23.0744 0524  nv_agp - ok
07:57:23.0800 0524  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:57:23.0805 0524  odserv - ok
07:57:23.0819 0524  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
07:57:23.0821 0524  ohci1394 - ok
07:57:23.0847 0524  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:57:23.0849 0524  ose - ok
07:57:23.0877 0524  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
07:57:23.0882 0524  p2pimsvc - ok
07:57:23.0916 0524  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
07:57:23.0923 0524  p2psvc - ok
07:57:23.0937 0524  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
07:57:23.0938 0524  Parport - ok
07:57:23.0965 0524  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
07:57:23.0965 0524  partmgr - ok
07:57:23.0981 0524  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
07:57:23.0982 0524  pci - ok
07:57:23.0991 0524  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
07:57:23.0991 0524  pciide - ok
07:57:24.0008 0524  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
07:57:24.0009 0524  pcmcia - ok
07:57:24.0020 0524  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
07:57:24.0021 0524  pcw - ok
07:57:24.0046 0524  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:57:24.0054 0524  PEAUTH - ok
07:57:24.0116 0524  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
07:57:24.0117 0524  PerfHost - ok
07:57:24.0309 0524  [ 101EDE3F2B7BA45232666256A10FC9F8 ] PhilMAS64       C:\Windows\system32\DRIVERS\PhilMAS64.sys
07:57:24.0587 0524  PhilMAS64 - ok
07:57:24.0695 0524  [ E9E7E2C892FF69E45D77DBC9E4F5EB46 ] PhilMAS64_48D71043 C:\Windows\system32\DRIVERS\PhilMAS64_48D71043.sys
07:57:24.0729 0524  PhilMAS64_48D71043 - ok
07:57:24.0780 0524  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
07:57:24.0815 0524  pla - ok
07:57:24.0849 0524  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:57:24.0851 0524  PlugPlay - ok
07:57:24.0866 0524  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
07:57:24.0867 0524  PNRPAutoReg - ok
07:57:24.0887 0524  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
07:57:24.0889 0524  PNRPsvc - ok
07:57:24.0921 0524  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
07:57:24.0924 0524  PolicyAgent - ok
07:57:24.0948 0524  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
07:57:24.0950 0524  Power - ok
07:57:24.0981 0524  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:57:24.0982 0524  PptpMiniport - ok
07:57:24.0996 0524  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
07:57:24.0996 0524  Processor - ok
07:57:25.0028 0524  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
07:57:25.0030 0524  ProfSvc - ok
07:57:25.0037 0524  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:57:25.0038 0524  ProtectedStorage - ok
07:57:25.0051 0524  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
07:57:25.0052 0524  Psched - ok
07:57:25.0091 0524  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
07:57:25.0126 0524  ql2300 - ok
07:57:25.0138 0524  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
07:57:25.0140 0524  ql40xx - ok
07:57:25.0166 0524  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
07:57:25.0171 0524  QWAVE - ok
07:57:25.0185 0524  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:57:25.0186 0524  QWAVEdrv - ok
07:57:25.0192 0524  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:57:25.0192 0524  RasAcd - ok
07:57:25.0211 0524  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
07:57:25.0212 0524  RasAgileVpn - ok
07:57:25.0219 0524  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
07:57:25.0221 0524  RasAuto - ok
07:57:25.0231 0524  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
07:57:25.0231 0524  Rasl2tp - ok
07:57:25.0264 0524  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
07:57:25.0269 0524  RasMan - ok
07:57:25.0284 0524  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:57:25.0285 0524  RasPppoe - ok
07:57:25.0295 0524  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
07:57:25.0297 0524  RasSstp - ok
07:57:25.0313 0524  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
07:57:25.0314 0524  rdbss - ok
07:57:25.0325 0524  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
07:57:25.0325 0524  rdpbus - ok
07:57:25.0333 0524  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:57:25.0333 0524  RDPCDD - ok
07:57:25.0344 0524  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:57:25.0344 0524  RDPENCDD - ok
07:57:25.0354 0524  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
07:57:25.0355 0524  RDPREFMP - ok
07:57:25.0390 0524  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
07:57:25.0391 0524  RDPWD - ok
07:57:25.0408 0524  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
07:57:25.0410 0524  rdyboost - ok
07:57:25.0449 0524  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:57:25.0451 0524  RemoteAccess - ok
07:57:25.0480 0524  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
07:57:25.0481 0524  RemoteRegistry - ok
07:57:25.0513 0524  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
07:57:25.0514 0524  RpcEptMapper - ok
07:57:25.0538 0524  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
07:57:25.0539 0524  RpcLocator - ok
07:57:25.0560 0524  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
07:57:25.0563 0524  RpcSs - ok
07:57:25.0590 0524  [ EB1C539E621A35A49F7692B0EB565AB9 ] RsFx0150        C:\Windows\system32\DRIVERS\RsFx0150.sys
07:57:25.0595 0524  RsFx0150 - ok
07:57:25.0621 0524  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:57:25.0622 0524  rspndr - ok
07:57:25.0658 0524  [ 6CF9DB101A75360E98659F823852E540 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
07:57:25.0661 0524  RTL8167 - ok
07:57:25.0692 0524  [ E16B7C030A05EF649B18FAB0A93D871F ] RtNdPt60        C:\Windows\system32\DRIVERS\RtNdPt60.sys
07:57:25.0692 0524  RtNdPt60 - ok
07:57:25.0702 0524  [ 1DE78F5008120CD79B34C12394DCD493 ] RTTEAMPT        C:\Windows\system32\DRIVERS\RtTeam60.sys
07:57:25.0703 0524  RTTEAMPT - ok
07:57:25.0716 0524  [ ED0624ED83121E1BC141F49B1316CAA0 ] RTVLANPT        C:\Windows\system32\DRIVERS\RtVlan620.sys
07:57:25.0717 0524  RTVLANPT - ok
07:57:25.0730 0524  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
07:57:25.0731 0524  SamSs - ok
07:57:25.0765 0524  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
07:57:25.0766 0524  SASDIFSV - ok
07:57:25.0797 0524  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
07:57:25.0797 0524  SASKUTIL - ok
07:57:25.0810 0524  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
07:57:25.0812 0524  sbp2port - ok
07:57:25.0840 0524  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:57:25.0844 0524  SCardSvr - ok
07:57:25.0870 0524  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
07:57:25.0871 0524  scfilter - ok
07:57:25.0902 0524  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
07:57:25.0908 0524  Schedule - ok
07:57:25.0935 0524  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
07:57:25.0936 0524  SCPolicySvc - ok
07:57:25.0964 0524  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:57:25.0968 0524  SDRSVC - ok
07:57:26.0059 0524  [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
07:57:26.0066 0524  SDScannerService - ok
07:57:26.0110 0524  [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
07:57:26.0114 0524  SDUpdateService - ok
07:57:26.0157 0524  [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
07:57:26.0158 0524  SDWSCService - ok
07:57:26.0201 0524  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:57:26.0201 0524  secdrv - ok
07:57:26.0222 0524  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
07:57:26.0223 0524  seclogon - ok
07:57:26.0235 0524  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
07:57:26.0236 0524  SENS - ok
07:57:26.0262 0524  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
07:57:26.0264 0524  SensrSvc - ok
07:57:26.0275 0524  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
07:57:26.0276 0524  Serenum - ok
07:57:26.0283 0524  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
07:57:26.0284 0524  Serial - ok
07:57:26.0295 0524  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
07:57:26.0296 0524  sermouse - ok
07:57:26.0309 0524  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
07:57:26.0312 0524  SessionEnv - ok
07:57:26.0320 0524  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
07:57:26.0320 0524  sffdisk - ok
07:57:26.0329 0524  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
07:57:26.0330 0524  sffp_mmc - ok
07:57:26.0336 0524  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
07:57:26.0336 0524  sffp_sd - ok
07:57:26.0344 0524  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
07:57:26.0345 0524  sfloppy - ok
07:57:26.0386 0524  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:57:26.0388 0524  ShellHWDetection - ok
07:57:26.0401 0524  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
07:57:26.0402 0524  SiSRaid2 - ok
07:57:26.0410 0524  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
07:57:26.0412 0524  SiSRaid4 - ok
07:57:26.0441 0524  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
07:57:26.0443 0524  Smb - ok
07:57:26.0451 0524  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:57:26.0453 0524  SNMPTRAP - ok
07:57:26.0459 0524  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
07:57:26.0459 0524  spldr - ok
07:57:26.0486 0524  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
07:57:26.0489 0524  Spooler - ok
07:57:26.0589 0524  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
07:57:26.0604 0524  sppsvc - ok
07:57:26.0627 0524  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
07:57:26.0630 0524  sppuinotify - ok
07:57:26.0660 0524  [ BEA7FEA5BB31EB58D78971F821AE6844 ] SQLAgent$MYMOVIES C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\SQLAGENT.EXE
07:57:26.0666 0524  SQLAgent$MYMOVIES - ok
07:57:26.0694 0524  [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
07:57:26.0695 0524  SQLBrowser - ok
07:57:26.0746 0524  [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
07:57:26.0747 0524  SQLWriter - ok
07:57:26.0776 0524  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
07:57:26.0778 0524  srv - ok
07:57:26.0796 0524  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:57:26.0798 0524  srv2 - ok
07:57:26.0825 0524  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:57:26.0826 0524  srvnet - ok
07:57:26.0856 0524  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
07:57:26.0859 0524  SSDPSRV - ok
07:57:26.0869 0524  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
07:57:26.0871 0524  SstpSvc - ok
07:57:26.0898 0524  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
07:57:26.0898 0524  stexstor - ok
07:57:26.0930 0524  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
07:57:26.0933 0524  stisvc - ok
07:57:26.0948 0524  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
07:57:26.0949 0524  swenum - ok
07:57:26.0971 0524  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
07:57:26.0979 0524  swprv - ok
07:57:27.0027 0524  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
07:57:27.0035 0524  SysMain - ok
07:57:27.0068 0524  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:57:27.0071 0524  TabletInputService - ok
07:57:27.0085 0524  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
07:57:27.0088 0524  TapiSrv - ok
07:57:27.0109 0524  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
07:57:27.0111 0524  TBS - ok
07:57:27.0172 0524  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
07:57:27.0180 0524  Tcpip - ok
07:57:27.0239 0524  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
07:57:27.0246 0524  TCPIP6 - ok
07:57:27.0286 0524  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:57:27.0287 0524  tcpipreg - ok
07:57:27.0297 0524  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:57:27.0298 0524  TDPIPE - ok
07:57:27.0333 0524  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
07:57:27.0333 0524  TDTCP - ok
07:57:27.0347 0524  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
07:57:27.0348 0524  tdx - ok
07:57:27.0355 0524  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
07:57:27.0356 0524  TermDD - ok
07:57:27.0390 0524  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
07:57:27.0393 0524  TermService - ok
07:57:27.0407 0524  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
07:57:27.0408 0524  Themes - ok
07:57:27.0414 0524  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
07:57:27.0415 0524  THREADORDER - ok
07:57:27.0424 0524  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
07:57:27.0425 0524  TrkWks - ok
07:57:27.0482 0524  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:57:27.0485 0524  TrustedInstaller - ok
07:57:27.0501 0524  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:57:27.0502 0524  tssecsrv - ok
07:57:27.0505 0524  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
07:57:27.0506 0524  TsUsbFlt - ok
07:57:27.0520 0524  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
07:57:27.0520 0524  TsUsbGD - ok
07:57:27.0531 0524  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:57:27.0533 0524  tunnel - ok
07:57:27.0544 0524  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
07:57:27.0545 0524  uagp35 - ok
07:57:27.0560 0524  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:57:27.0561 0524  udfs - ok
07:57:27.0585 0524  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
07:57:27.0587 0524  UI0Detect - ok
07:57:27.0595 0524  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
07:57:27.0596 0524  uliagpkx - ok
07:57:27.0609 0524  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
07:57:27.0610 0524  umbus - ok
07:57:27.0632 0524  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
07:57:27.0632 0524  UmPass - ok
07:57:27.0659 0524  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
07:57:27.0661 0524  upnphost - ok
07:57:27.0674 0524  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
07:57:27.0675 0524  USBAAPL64 - ok
07:57:27.0699 0524  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
07:57:27.0701 0524  usbaudio - ok
07:57:27.0726 0524  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
07:57:27.0727 0524  usbccgp - ok
07:57:27.0737 0524  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
07:57:27.0739 0524  usbcir - ok
07:57:27.0745 0524  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
07:57:27.0746 0524  usbehci - ok
07:57:27.0761 0524  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:57:27.0763 0524  usbhub - ok
07:57:27.0779 0524  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
07:57:27.0779 0524  usbohci - ok
07:57:27.0792 0524  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
07:57:27.0792 0524  usbprint - ok
07:57:27.0814 0524  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
07:57:27.0814 0524  usbscan - ok
07:57:27.0828 0524  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:57:27.0828 0524  USBSTOR - ok
07:57:27.0839 0524  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
07:57:27.0839 0524  usbuhci - ok
07:57:27.0866 0524  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
07:57:27.0866 0524  usb_rndisx - ok
07:57:27.0885 0524  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
07:57:27.0887 0524  UxSms - ok
07:57:27.0892 0524  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
07:57:27.0893 0524  VaultSvc - ok
07:57:27.0918 0524  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
07:57:27.0918 0524  vdrvroot - ok
07:57:27.0943 0524  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
07:57:27.0951 0524  vds - ok
07:57:27.0960 0524  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
07:57:27.0961 0524  vga - ok
07:57:27.0968 0524  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
07:57:27.0969 0524  VgaSave - ok
07:57:27.0988 0524  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
07:57:27.0991 0524  vhdmp - ok
07:57:28.0007 0524  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
07:57:28.0008 0524  viaide - ok
07:57:28.0015 0524  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
07:57:28.0016 0524  volmgr - ok
07:57:28.0037 0524  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
07:57:28.0041 0524  volmgrx - ok
07:57:28.0053 0524  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
07:57:28.0055 0524  volsnap - ok
07:57:28.0077 0524  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
07:57:28.0079 0524  vsmraid - ok
07:57:28.0137 0524  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
07:57:28.0145 0524  VSS - ok
07:57:28.0161 0524  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
07:57:28.0162 0524  vwifibus - ok
07:57:28.0183 0524  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
07:57:28.0186 0524  W32Time - ok
07:57:28.0197 0524  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
07:57:28.0198 0524  WacomPen - ok
07:57:28.0206 0524  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
07:57:28.0206 0524  WANARP - ok
07:57:28.0209 0524  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:57:28.0210 0524  Wanarpv6 - ok
07:57:28.0260 0524  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
07:57:28.0294 0524  WatAdminSvc - ok
07:57:28.0335 0524  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
07:57:28.0370 0524  wbengine - ok
07:57:28.0385 0524  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
07:57:28.0389 0524  WbioSrvc - ok
07:57:28.0408 0524  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
07:57:28.0413 0524  wcncsvc - ok
07:57:28.0423 0524  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:57:28.0425 0524  WcsPlugInService - ok
07:57:28.0449 0524  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
07:57:28.0450 0524  Wd - ok
07:57:28.0478 0524  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:57:28.0495 0524  Wdf01000 - ok
07:57:28.0504 0524  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
07:57:28.0506 0524  WdiServiceHost - ok
07:57:28.0509 0524  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
07:57:28.0510 0524  WdiSystemHost - ok
07:57:28.0528 0524  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
07:57:28.0533 0524  WebClient - ok
07:57:28.0551 0524  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:57:28.0556 0524  Wecsvc - ok
07:57:28.0570 0524  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
07:57:28.0572 0524  wercplsupport - ok
07:57:28.0582 0524  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
07:57:28.0584 0524  WerSvc - ok
07:57:28.0590 0524  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
07:57:28.0590 0524  WfpLwf - ok
07:57:28.0602 0524  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
07:57:28.0603 0524  WIMMount - ok
07:57:28.0606 0524  WinHttpAutoProxySvc - ok
07:57:28.0651 0524  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
07:57:28.0653 0524  Winmgmt - ok
07:57:28.0724 0524  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
07:57:28.0775 0524  WinRM - ok
07:57:28.0815 0524  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
07:57:28.0816 0524  WinUsb - ok
07:57:28.0850 0524  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
07:57:28.0861 0524  Wlansvc - ok
07:57:28.0935 0524  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe
07:57:28.0936 0524  wlcrasvc - ok
07:57:29.0044 0524  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:57:29.0096 0524  wlidsvc - ok
07:57:29.0123 0524  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
07:57:29.0123 0524  WmiAcpi - ok
07:57:29.0160 0524  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:57:29.0163 0524  wmiApSrv - ok
07:57:29.0192 0524  WMPNetworkSvc - ok
07:57:29.0213 0524  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:57:29.0215 0524  WPCSvc - ok
07:57:29.0224 0524  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:57:29.0226 0524  WPDBusEnum - ok
07:57:29.0236 0524  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
07:57:29.0236 0524  ws2ifsl - ok
07:57:29.0274 0524  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
07:57:29.0275 0524  wscsvc - ok
07:57:29.0278 0524  WSearch - ok
07:57:29.0288 0524  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
07:57:29.0288 0524  WudfPf - ok
07:57:29.0300 0524  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:57:29.0302 0524  WUDFRd - ok
07:57:29.0327 0524  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
07:57:29.0328 0524  wudfsvc - ok
07:57:29.0347 0524  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
07:57:29.0351 0524  WwanSvc - ok
07:57:29.0388 0524  [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
07:57:29.0396 0524  xnacc - ok
07:57:29.0431 0524  ‮etadpug - ok
07:57:29.0431 0524  ================ Scan global ===============================
07:57:29.0462 0524  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
07:57:29.0485 0524  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
07:57:29.0491 0524  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
07:57:29.0515 0524  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
07:57:29.0542 0524  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
07:57:29.0544 0524  [Global] - ok
07:57:29.0544 0524  ================ Scan MBR ==================================
07:57:29.0555 0524  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:57:30.0106 0524  \Device\Harddisk0\DR0 - ok
07:57:30.0121 0524  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
07:57:30.0180 0524  \Device\Harddisk1\DR1 - ok
07:57:30.0182 0524  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
07:57:30.0184 0524  \Device\Harddisk2\DR2 - ok
07:57:30.0185 0524  ================ Scan VBR ==================================
07:57:30.0187 0524  [ B333FF9552B5F90AE506FCD0BFA50DA7 ] \Device\Harddisk0\DR0\Partition1
07:57:30.0187 0524  \Device\Harddisk0\DR0\Partition1 - ok
07:57:30.0190 0524  [ 483355862BBFA7F8C56BAE7473733BC7 ] \Device\Harddisk1\DR1\Partition1
07:57:30.0191 0524  \Device\Harddisk1\DR1\Partition1 - ok
07:57:30.0193 0524  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
07:57:30.0193 0524  \Device\Harddisk2\DR2\Partition1 - ok
07:57:30.0196 0524  [ 0B55D83C509E366394BF981729467DEB ] \Device\Harddisk2\DR2\Partition2
07:57:30.0197 0524  \Device\Harddisk2\DR2\Partition2 - ok
07:57:30.0200 0524  [ A3405409100B2BC0ECEAB90DF5156EEF ] \Device\Harddisk2\DR2\Partition3
07:57:30.0201 0524  \Device\Harddisk2\DR2\Partition3 - ok
07:57:30.0201 0524  ============================================================
07:57:30.0201 0524  Scan finished
07:57:30.0201 0524  ============================================================
07:57:30.0207 0216  Detected object count: 0
07:57:30.0207 0216  Actual detected object count: 0


#5 TwinHeadedEagle

TwinHeadedEagle

  • Security Colleague
  • 352 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:08:44 AM

Posted 05 September 2013 - 11:38 AM

That looks clean, let's run another scan


Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt



Download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#6 carlhelton

carlhelton
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 05 September 2013 - 11:58 AM

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.05.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Carl :: HOMETHEATER [administrator]
 
Protection: Disabled
 
9/5/2013 12:45:46 PM
mbam-log-2013-09-05 (12-45-46).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 226125
Time elapsed: 4 minute(s), 44 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 2
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\‮etadpug (Trojan.Zaccess) -> Delete on reboot.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


Farbar Service Scanner Version: 05-09-2013
Ran by Carl (administrator) on 05-09-2013 at 12:56:55
Running from "C:\Users\Carl\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.
 
bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.
 
 
Firewall Disabled Policy: 
==================
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall" registry value does not exist.
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
 
 
Other Services:
==============
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
 
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist.
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
 
ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll Reparse point on file detected.
 
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#7 TwinHeadedEagle

TwinHeadedEagle

  • Security Colleague
  • 352 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:08:44 AM

Posted 05 September 2013 - 12:49 PM

You have ZeroAccess virus, as I suspected. You will have to open your topic here, and wait until removal expert help you --> http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/


Follow this guide to open your topic --> http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

#8 carlhelton

carlhelton
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 05 September 2013 - 01:30 PM

Thanks for the help



#9 Genesmithr

Genesmithr

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 07 September 2013 - 03:28 AM

The better way is to service your computer with a trained professional. You must be sure that they have experience in software  development services.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users