Solved Infected svchost.exe

[Ryan O'Brien]

It's so frustrating. I have tried running malware bytes and other anti viruses before finding this site. Here is my MBAM info. I will also note that I am having weird problems with my screen resolution, it's all big. And there is no longer an option for 1920x1080, max is 1920x1440. Thanks in advance for any help

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.21.01

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Nub :: RYAN-PC [administrator]

Protection: Disabled

7/20/2012 11:23:44 PM
MBAM

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233664
Time elapsed: 2 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.

(end)

 

[Broni]

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[Ryan O'Brien]

GMER LOG:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-07-20 23:55:48
Windows 6.1.7601 Service Pack 1
Running: 94ppumw9.exe


---- Registry - GMER 1.0.15 ----

Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Nub\Desktop\SVP\Sony Vegas Pro 11.0.682 PreCracked - Exµs \x2122.exe 1

---- EOF - GMER 1.0.15 ----

 

[Ryan O'Brien]

DDS.txt





.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421
Run by Nub at 23:58:05 on 2012-07-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7675.6307 [GMT -4:00]
.
AV: PC Tools Spyware Doctor with AntiVirus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AV: Titanium *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
SP: Titanium *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: PC Tools Spyware Doctor with AntiVirus *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Nub\Downloads\94ppumw9.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://asus.msn.com
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: blekko search bar: {b57a9eb1-0e57-4850-a701-4d169538e6ed} - C:\Program Files (x86)\blekkotb_032\blekkotb_019X.dll
BHO: Youtube Plus: {ba900cba-fa92-4df6-bed1-b683bfb92433} - C:\Program Files (x86)\YoutubePlus\YoutubePlus.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: blekko search bar: {b57a9eb1-0e57-4850-a701-4d169538e6ed} - C:\Program Files (x86)\blekkotb_032\blekkotb_019X.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
uRun: [2K Games] rundll32.exe "C:\Users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll",CreateInstance
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ISTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
dRun: [2K Games] rundll32.exe "C:\Users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll",CreateInstance
StartupFolder: C:\Users\Nub\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MALWAR~1.LNK - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: Interfaces\{9EAD5E01-EBA1-4D42-9349-8BE2F94CCDD5} : NameServer = 8.8.8.8,8.8.4.4
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll
BHO-X64: Trend Micro NSC BHO - No File
BHO-X64: PC Tools Browser Guard BHO: {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO-X64: Browser Guard BHO - No File
BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO-X64: AMD SteadyVideo BHO - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: blekko search bar: {b57a9eb1-0e57-4850-a701-4d169538e6ed} - C:\Program Files (x86)\blekkotb_032\blekkotb_019X.dll
BHO-X64: blekko search bar - No File
BHO-X64: Youtube Plus: {BA900CBA-FA92-4DF6-BED1-B683BFB92433} - C:\Program Files (x86)\YoutubePlus\YoutubePlus.dll
BHO-X64: Youtube Plus Plugin - No File
BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll
BHO-X64: TmBpIeBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: blekko search bar: {b57a9eb1-0e57-4850-a701-4d169538e6ed} - C:\Program Files (x86)\blekkotb_032\blekkotb_019X.dll
TB-X64: PC Tools Browser Guard: {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [ISTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Nub\AppData\Roaming\Mozilla\Firefox\Profiles\kil77mcf.default\
FF - prefs.js: browser.search.selectedEngine - YoutubePlus
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 UsbFltr;WayTech USB Filter Driver;C:\Windows\system32\Drivers\UsbFltr.sys --> C:\Windows\system32\Drivers\UsbFltr.sys [?]
S1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
S1 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-6-11 361984]
S2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2010-11-28 128904]
S2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-3-22 275912]
S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
S2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-8-10 922240]
S2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2011-8-10 915584]
S2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-8-10 586880]
S2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-7-15 575448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
S2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2011-8-10 203392]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-12 116648]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-15 655944]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-8-24 430136]
S2 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-7-15 402336]
S2 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [2012-7-15 1118648]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-7-5 3048136]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\system32\viakaraokesrv.exe --> C:\Windows\system32\viakaraokesrv.exe [?]
S2 ytpUpdater;ytpUpdater;C:\Program Files (x86)\updater\updater.exe [2012-3-26 1730048]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-23 253088]
S3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\system32\drivers\amdhub30.sys --> C:\Windows\system32\drivers\amdhub30.sys [?]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\amdxhc.sys --> C:\Windows\system32\drivers\amdxhc.sys [?]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2012-2-28 21712]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-12 116648]
S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-4 113120]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCTBD;PC Tools Browser Defender Driver;C:\Windows\system32\Drivers\PCTBD64.sys --> C:\Windows\system32\Drivers\PCTBD64.sys [?]
S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]
S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
S3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
S3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-07-19 21:45:39 -------- d-----w- C:\Program Files (x86)\Smart Install Maker
2012-07-18 22:05:38 20480 ----a-w- C:\Windows\svchost.exe
2012-07-17 02:28:41 -------- d-----w- C:\Program Files (x86)\RegistryNuke 2012
2012-07-16 19:58:40 -------- d-----w- C:\TDSSKiller_Quarantine
2012-07-16 02:36:45 -------- d-----w- C:\Users\Nub\AppData\Roaming\Malwarebytes
2012-07-16 02:36:33 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-16 02:36:30 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-07-16 02:36:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-16 00:37:25 85224 ----a-w- C:\Windows\System32\drivers\PCTBD64.sys
2012-07-16 00:37:25 767960 ----a-w- C:\Windows\BDTSupport.dll
2012-07-16 00:37:24 2267096 ----a-w- C:\Windows\PCTBDCore.dll
2012-07-16 00:37:24 1681368 ----a-w- C:\Windows\PCTBDRes.dll
2012-07-16 00:37:24 149464 ----a-w- C:\Windows\SGDetectionTool.dll
2012-07-16 00:36:30 341168 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
2012-07-16 00:36:30 145432 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
2012-07-16 00:36:26 14776 ----a-w- C:\Windows\System32\drivers\pctBTFix64.sys
2012-07-16 00:36:21 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
2012-07-16 00:36:13 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-07-16 00:33:58 1096176 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2012-07-16 00:33:57 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2012-07-16 00:33:55 426616 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2012-07-16 00:33:53 251528 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-07-16 00:33:53 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-07-16 00:33:31 -------- d-----w- C:\Users\Nub\AppData\Roaming\TestApp
2012-07-16 00:33:31 -------- d-----w- C:\ProgramData\PC Tools
2012-07-15 14:53:08 -------- d-----w- C:\Program Files (x86)\German Truck Simulator
2012-07-15 14:32:04 -------- d-----w- C:\Users\Nub\AppData\Local\CRE
2012-07-15 14:31:30 -------- d-----w- C:\Program Files (x86)\uTorrentControl3
2012-07-15 14:30:54 -------- d-----w- C:\Users\Nub\AppData\Roaming\uTorrent
2012-07-12 18:53:21 -------- d-----w- C:\Users\Nub\AppData\Local\CrashDumps
2012-07-12 15:08:43 -------- d-----w- C:\Users\Nub\AppData\Roaming\TechSmith
2012-07-12 15:07:31 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared
2012-07-12 03:38:22 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 15:19:15 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-09 23:35:38 -------- d-----w- C:\Adobe Photoshop CS6
2012-07-09 20:26:25 -------- d-----w- C:\Program Files (x86)\intellidownload
2012-07-09 02:10:30 -------- d-----w- C:\AdobePhotoshopCS6Portable
2012-07-09 01:35:00 -------- d-----w- C:\Program Files (x86)\AMD AVT
2012-07-09 01:34:56 -------- d-----w- C:\Program Files\AMD
2012-07-09 01:34:52 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-07-09 01:34:43 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2012-07-09 01:34:43 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2012-07-09 01:33:46 -------- d-----w- C:\Program Files\ATI Technologies
2012-07-08 22:09:16 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2012-07-05 22:46:34 172098 ----a-w- C:\torrent.exe
2012-07-05 22:45:34 5030088 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-07-03 02:41:20 -------- d-----w- C:\Users\Nub\AppData\Local\id Software
2012-07-03 02:32:24 -------- d-----w- C:\Program Files (x86)\id Software
2012-07-03 02:29:56 -------- d-sh--w- C:\Windows\ftpcache
2012-07-02 02:38:05 -------- d-----w- C:\Windows\en
2012-07-02 02:36:50 -------- d-----w- C:\Windows\es
2012-07-02 02:36:43 -------- d-----w- C:\Windows\de
2012-07-02 02:36:37 -------- d-----w- C:\Windows\fr
2012-07-02 02:36:30 -------- d-----w- C:\Windows\nl
2012-07-02 02:33:31 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2012-07-02 02:31:39 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cee939541cd57fa02\MeshBetaRemover.exe
2012-07-02 02:31:38 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ce705e0f1cd57fa01\DSETUP.dll
2012-07-02 02:31:38 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ce705e0f1cd57fa01\DXSETUP.exe
2012-07-02 02:31:38 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\ce705e0f1cd57fa01\dsetup32.dll
2012-07-02 02:30:51 -------- d-----w- C:\Users\Nub\AppData\Local\{CFDE1CD9-BC53-4CB3-A135-A25853A93AC6}
2012-07-02 02:30:39 -------- d-----w- C:\Users\Nub\AppData\Local\{D287ACCD-30C6-4120-AB65-D9BBA9DF52AF}
2012-07-02 02:29:54 -------- d-----w- C:\Users\Nub\AppData\Local\{8092152A-9DD6-467D-BD57-80294A1BFDC8}
2012-07-02 02:29:37 -------- d-----w- C:\Users\Nub\AppData\Local\{BE30A25A-37BD-41E8-99A1-A37721B1D74A}
2012-07-01 19:48:50 -------- d-----w- C:\Users\Nub\AppData\Local\{70F6032C-0E89-4C36-9E33-44E9E22CABE1}
2012-07-01 19:48:38 -------- d-----w- C:\Users\Nub\AppData\Local\{F76952F3-B6D1-48FC-A121-D621CA6D8BFB}
2012-07-01 19:48:24 -------- d-----w- C:\Users\Nub\AppData\Local\{0B74427D-7262-445B-83E5-25DF43484814}
2012-07-01 19:48:12 -------- d-----w- C:\Users\Nub\AppData\Local\{004E4185-3A0D-4351-9C32-E6E341A2697B}
2012-07-01 18:57:31 -------- d-----w- C:\Users\Nub\AppData\Roaming\Paltalk
2012-07-01 18:57:29 -------- d-----w- C:\Windows\Paltalk Messenger
2012-07-01 18:57:29 -------- d-----w- C:\Program Files (x86)\Paltalk Messenger
2012-07-01 18:56:10 -------- d-----w- C:\Users\Nub\AppData\Roaming\OpenCandy
2012-07-01 18:55:52 -------- d-----w- C:\Program Files (x86)\DVDVideoSoft
2012-07-01 18:55:52 -------- d-----w- C:\Program Files (x86)\Common Files\DVDVideoSoft
2012-07-01 18:55:20 -------- d-----w- C:\Users\Nub\AppData\Roaming\DVDVideoSoft
2012-06-30 21:15:17 -------- d-----w- C:\Users\Nub\AppData\Local\{8ACA30BE-D70B-482B-A44A-8F5E0B28D23D}
2012-06-30 21:15:05 -------- d-----w- C:\Users\Nub\AppData\Local\{87806DBA-938A-43DD-9BBE-21EE898978FB}
2012-06-30 01:37:52 -------- d-----w- C:\Users\Nub\AppData\Local\{CA82AF2B-9C37-4B22-8324-DBCCAC9645CD}
2012-06-30 01:37:41 -------- d-----w- C:\Users\Nub\AppData\Local\{68461492-C674-451C-BD7D-BC04D038B6C4}
2012-06-29 22:52:13 -------- d-----w- C:\Users\Nub\AppData\Local\{F170443B-3CED-4627-B4EC-9A33B583B832}
2012-06-29 22:52:01 -------- d-----w- C:\Users\Nub\AppData\Local\{62D8FDF5-BFC8-4771-8A6D-4F05281E36F1}
2012-06-29 01:36:40 -------- d-----w- C:\Users\Nub\AppData\Local\{285DBC9F-3D5D-4996-B34A-FC5851D9ECDD}
2012-06-29 01:36:22 -------- d-----w- C:\Users\Nub\AppData\Local\{97A81B65-09C0-4AA2-BB00-B6EB8F73E023}
2012-06-29 01:36:04 -------- d-----w- C:\Users\Nub\AppData\Local\{DE913867-D4FC-4C7D-92F6-3D0E5433FC81}
2012-06-29 01:35:52 -------- d-----w- C:\Users\Nub\AppData\Local\{2F2D288D-400F-4A66-ABD8-791A35126EA3}
2012-06-29 01:35:31 -------- d-----w- C:\Users\Nub\AppData\Local\{841C0526-F7B7-47B7-8CD6-D39D2BBEAC3F}
2012-06-29 01:35:20 -------- d-----w- C:\Users\Nub\AppData\Local\{787C32E8-1A12-4C70-8033-044FEB4897FB}
2012-06-28 21:50:13 -------- d-----w- C:\Program Files (x86)\18 WoS Extreme Trucker 2
2012-06-28 04:05:28 -------- d-----w- C:\Program Files (x86)\Bus Driver
2012-06-27 02:35:22 -------- d-----w- C:\Users\Nub\AppData\Local\{AE504E55-626A-4A66-95E8-3E2B17936476}
2012-06-27 02:35:10 -------- d-----w- C:\Users\Nub\AppData\Local\{BA411AB5-1C8F-49CB-BA09-BABD0A5EA389}
2012-06-26 19:52:13 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2012-06-26 19:52:11 -------- d-----w- C:\Users\Nub\AppData\Local\{2E0ADA97-1AF7-463D-938B-5FC897129762}
2012-06-26 19:51:48 -------- d-----w- C:\Users\Nub\AppData\Local\{A2514F1C-7C5B-4887-9F9E-E20191C3F2BD}
2012-06-26 13:24:33 -------- d-----w- C:\Users\Nub\AppData\Local\{2DA1A3FB-F9D7-4DE9-9E05-83A2BF551262}
2012-06-26 13:24:22 -------- d-----w- C:\Users\Nub\AppData\Local\{377AAE4B-67E1-44EE-B0D9-90B1BCD9A11B}
2012-06-26 01:52:25 -------- d-----w- C:\Users\Nub\AppData\Local\{0550D5FD-4413-4348-B51B-9D52D194B24B}
2012-06-26 01:52:13 -------- d-----w- C:\Users\Nub\AppData\Local\{AB85C986-847C-4593-A1DC-DC5E1D68888B}
2012-06-25 20:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
2012-06-25 17:29:59 -------- d-----w- C:\Users\Nub\AppData\Local\{5A8B302C-91D6-40D1-B227-1C59383706C6}
2012-06-25 17:29:41 -------- d-----w- C:\Users\Nub\AppData\Local\{9F386A97-93D3-4D5C-8B49-A00DFAFDACBA}
2012-06-25 03:48:35 -------- d-----w- C:\Users\Nub\AppData\Local\{B09F9454-4A27-45C7-A7B9-EA96335A54E4}
2012-06-25 03:48:23 -------- d-----w- C:\Users\Nub\AppData\Local\{A4CDFE8C-7763-4B93-9089-D08B2ACA7CBE}
2012-06-24 17:50:35 -------- d-----w- C:\Users\Nub\AppData\Local\{EB89407F-D209-4B81-AABE-F8A9E5C39C86}
2012-06-24 17:50:25 -------- d-----w- C:\Users\Nub\AppData\Local\{F62533E9-86DE-4B73-B5C3-394F6D4FF19C}
2012-06-24 17:50:12 -------- d-----w- C:\Users\Nub\AppData\Local\{B5E6F3A9-84C4-4740-8C3C-A14436AAEFE2}
2012-06-24 17:50:00 -------- d-----w- C:\Users\Nub\AppData\Local\{ADEF3284-3215-47FD-9DE6-C8F12D30014B}
2012-06-23 00:25:39 -------- d-----w- C:\Users\Nub\AppData\Local\{6785C491-2B47-46B0-AF9D-032E87654117}
2012-06-23 00:25:27 -------- d-----w- C:\Users\Nub\AppData\Local\{92EF7E11-AB94-4415-9F2B-524C6621D450}
2012-06-23 00:11:32 -------- d-----w- C:\Program Files\NeO IRC 1.7
2012-06-22 14:46:25 -------- d-----w- C:\Users\Nub\AppData\Local\{DB48324A-34DE-445F-BFC4-887CF5D84BC3}
2012-06-22 14:46:05 -------- d-----w- C:\Users\Nub\AppData\Local\{2B2218A3-D528-4459-9CA6-307FF2A7409A}
2012-06-22 00:44:39 1431552 ----a-w- C:\Windows\SysWow64\rewire.dll
2012-06-22 00:44:39 -------- d-----w- C:\Program Files (x86)\Vstplugins
2012-06-22 00:44:25 1554944 ----a-w- C:\Windows\SysWow64\vorbis.acm
2012-06-22 00:44:22 -------- d-----w- C:\Program Files (x86)\Outsim
2012-06-22 00:38:32 -------- d-----w- C:\Program Files (x86)\Image-Line
2012-06-21 15:40:15 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 15:39:47 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 15:39:24 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 15:39:24 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-07-21 00:24:57 119296 ----a-w- C:\Windows\SysWow64\zlib.dll
2012-06-22 21:00:49 134672 ----a-w- C:\Windows\RegBootClean64.exe
2012-06-19 20:22:53 61440 ----a-w- C:\Windows\SysWow64\nvPhotoshopUtil.dll
2012-06-19 20:22:53 40960 ----a-w- C:\Windows\SysWow64\nvISWOW64.dll
2012-06-19 20:22:53 151552 ----a-w- C:\Windows\SysWow64\nvRegDev.dll
2012-06-11 18:59:38 10248192 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-06-11 18:35:48 70144 ----a-w- C:\Windows\System32\coinst_8.98.dll
2012-06-11 18:29:34 24826368 ----a-w- C:\Windows\System32\atio6axx.dll
2012-06-11 18:00:32 20467712 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-06-11 17:50:46 187392 ----a-w- C:\Windows\System32\clinfo.exe
2012-06-11 17:50:30 75264 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-06-11 17:50:24 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-06-11 17:50:18 63488 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-06-11 17:50:14 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-06-11 17:50:06 16457728 ----a-w- C:\Windows\System32\amdocl64.dll
2012-06-11 17:49:22 13008896 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-06-11 17:48:34 54784 ----a-w- C:\Windows\System32\OpenCL.dll
2012-06-11 17:48:30 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-06-11 17:25:06 163840 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-06-11 17:24:58 924160 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-06-11 17:23:12 1090560 ----a-w- C:\Windows\System32\aticfx64.dll
2012-06-11 17:20:02 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2012-06-11 17:19:58 532992 ----a-w- C:\Windows\System32\atieclxx.exe
2012-06-11 17:19:14 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-06-11 17:17:56 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-06-11 17:17:42 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-06-11 17:17:38 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-06-11 17:17:32 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-06-11 17:16:48 6301696 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-06-11 17:01:56 6914560 ----a-w- C:\Windows\System32\atidxx64.dll
2012-06-11 16:51:54 4246528 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-06-11 16:45:48 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-06-11 16:45:46 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-06-11 16:45:44 5480448 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-06-11 16:45:40 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-06-11 16:45:38 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-06-11 16:45:26 15703040 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-06-11 16:43:18 4729344 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-06-11 16:40:58 13277696 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-06-11 16:36:56 6605824 ----a-w- C:\Windows\System32\atiumd64.dll
2012-06-11 16:27:02 539136 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-06-11 16:26:52 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-06-11 16:26:40 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-06-11 16:26:36 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-06-11 16:26:36 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-06-11 16:26:30 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2012-06-11 16:26:22 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-06-11 16:26:14 367616 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-06-11 16:25:20 54784 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-06-11 16:25:12 42496 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-06-11 16:25:06 45056 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-06-11 16:24:58 32768 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-06-11 16:24:24 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\atimpc64.dll
2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-10 20:35:16 43520 ----a-w- C:\Windows\System32\kdbsdk64.dll
2012-05-10 20:35:16 29184 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-24 03:45:53 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-24 03:45:53 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 23:58:26.07 ===============

 

[Ryan O'Brien]

Attach.txt





.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/22/2012 2:43:19 PM
System Uptime: 7/20/2012 11:22:15 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | CM1740
Processor: AMD A8-3800 APU with Radeon(tm) HD Graphics | FM1 | 2780/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 373 GiB total, 50.852 GiB free.
D: is FIXED (NTFS) - 545 GiB total, 8.23 GiB free.
E: is Removable
F: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP193: 7/19/2012 10:55:04 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
123 AVI to GIF Converter 4.0
18 Wheels of Steel Extreme Trucker
18 Wheels of Steel: American Long Haul
18 WoS Extreme Trucker 2 (v.1.0)
Action!
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 10 ActiveX
Adobe Reader X MUI
AI Manager
AI Suite II
AMD VISION Engine Control Center
Anti-phishing Domain Advisor
APB Reloaded
Apple Application Support
Apple Software Update
Application Profiles
ARMA 2: Free
ASUS Backup Wizard
AsusVibe2.0
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Atheros Ethernet Utility
Audacity 1.3.14 (Unicode)
Avidemux 2.5
BCC 8 OFX 32Bit
Best Buy pc app
Bing Bar
blekko search bar
Browser Guard 4.0
Bus Driver 1.5
Call of Duty 2
Call of Duty(R) 2 Demo
Camtasia Studio 8
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cobalt
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Counter-Strike
Counter-Strike: Source
CrimeCraft GangWars
D3DX10
Darkest Hour: Europe '44-'45
Deer Drive 1.51T
Disney Pirates of the Caribbean Online
Dropbox
DVD Architect Studio 5.0
EA Download Manager
EncryptFile
Enemy Territory - QUAKE Wars(TM)
Euro Truck Simulator 1.3
Fallout
FL Studio 10
FlatOut 2
FlatOut Demo
FRAPS
Fraps (remove only)
Free YouTube Uploader version 3.3.33.627
Galerie de photos Windows Live
Galería fotográfica de Windows Live
Game Booster 3
Garry's Mod
German Truck Simulator 1.00
Google Chrome
Google Earth
Google Update Helper
Grand Theft Auto IV
Grand Theft Auto: Episodes from Liberty City
Grand Theft Auto: San Andreas
GTA IV - 100% Savegame File (Vista) 1.0
GTA IV Vehicle Mod Installer v1.2
Half-Life Deathmatch: Source
Hitman: Blood Money
Hunting Unlimited 2010
IL Download Manager
IL Shared Libraries
ImageToAVI 1.0.0.5
Impulse®
Install Creator
iWisoft Free Video Converter 1.2
Java Auto Updater
Java(TM) 6 Update 31
JETFIGHTER 2015
Jetfighter 2015 (remove only)
Junk Mail filter update
Killing Floor
Mac Skin version 1.5
Mafia II
Malwarebytes Anti-Malware version 1.62.0.1300
Mass Effect 2 Demo
McAfee Security Scan Plus
MCSkin3D version 1.3
Mesh Runtime
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Expression Studio 4
Microsoft Flight
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Minecontrol for Minecraft
Minecraft Version Changer
mIRC
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
MTA:SA v1.3
Need for Speed™ Most Wanted PC Demo
Need For Speed™ World
NeO IRC - www.team-neo.com
Notepad++
NVIDIA Photoshop Plug-ins 64 bit
NVIDIA PhysX
OMSI - Der Omnibussimulator
Open PLS in Windows Media Player 2.3.0
OpenAL
Opera 11.61
Paltalk Messenger
PC Tools Spyware Doctor with AntiVirus 9.0
Pinnacle Game Profiler
Pivot Stickfigure Animator version 2.2.6
Platform
PMB
Portal: First Slice
PunkBuster Services
QuickTime
RAIDXpert
Red Orchestra 2: Heroes of Stalingrad
Red Orchestra: Ostfront 41-45
RegistryNuke 2012 version 2.0.0.86
RocketDock 1.3.5
RollerCoaster Tycoon 3 Platinum
San Andreas Mod Installer
SCANIA Truck Driving Simulator 1.0.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
SereneScreen Marine Aquarium 3
Serious Sam 2
Skype Click to Call
Skype™ 5.8
Smart Install Maker 5.04
Sniper Elite V2 Demo
Sniper Ghost Warrior (1.0)
SPORE™
Steam
Stronghold Kingdoms
System Requirements Lab CYRI
Test Drive Unlimited 2
The Sims™ 3
The Sims™ 3 Ambitions
The Sims™ 3 Pets
The Sims™ 3 World Adventures
theHunter (remove only)
TS3 Install Helper Monkey
Tube Increaser
UK Truck Simulator 1.32
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Vegas Movie Studio HD 11.0
Vegas Movie Studio HD Platinum 11.0
Vegas Pro 11.0
VIA Platform Device Manager
VideoAvatar
WeatherBug
WindowBlinds
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.11 (32-bit)
World of Warcraft
WPF Toolkit February 2010 (Version 3.5.50211.1)
YoutubePlus
ZD Soft Game Recorder
.
==== Event Viewer Messages From Past Week ========
.
7/20/2012 8:30:48 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
7/20/2012 8:02:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
7/20/2012 6:14:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Backup service to connect.
7/20/2012 6:14:15 PM, Error: Service Control Manager [7000] - The Windows Backup service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/20/2012 6:14:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service sdrsvc with arguments "" in order to run the server: {687E55CA-6621-4C41-B9F1-C0EDDC94BB05}
7/20/2012 6:13:36 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
7/20/2012 6:13:36 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/20/2012 5:42:12 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
7/20/2012 5:41:12 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/20/2012 5:32:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
7/20/2012 5:16:35 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
7/20/2012 5:16:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/20/2012 5:16:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/20/2012 5:16:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO AsUpIO DfsC discache NetBIOS NetBT nsiproxy PCTSD Psched rdbss spldr tdx tmactmon tmcomm tmevtmgr tmtdi Wanarpv6 WfpLwf ws2ifsl
7/20/2012 5:16:17 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/20/2012 5:16:17 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/20/2012 5:16:17 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
7/20/2012 5:16:17 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/20/2012 5:16:17 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/20/2012 5:16:17 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
7/20/2012 5:16:17 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/20/2012 5:16:17 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/20/2012 5:16:17 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/20/2012 5:16:17 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/20/2012 4:55:08 PM, Error: Service Control Manager [7034] - The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
7/20/2012 4:37:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
7/20/2012 4:37:44 PM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/20/2012 4:37:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
7/20/2012 4:32:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
7/20/2012 4:32:14 PM, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/20/2012 4:30:54 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
7/20/2012 3:37:08 PM, Error: Service Control Manager [7023] -
7/20/2012 3:01:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
7/20/2012 11:57:07 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/20/2012 11:57:04 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
7/20/2012 11:22:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/20/2012 11:22:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/20/2012 11:22:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/20/2012 11:22:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/20/2012 11:22:37 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AsIO AsUpIO discache PCTSD spldr tmactmon tmcomm tmevtmgr tmtdi Wanarpv6
7/20/2012 11:22:34 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
7/20/2012 11:21:10 PM, Error: Service Control Manager [7034] - The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).
7/19/2012 7:15:49 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
7/17/2012 6:06:22 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002eb07ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071712-31668-01.
7/17/2012 11:14:54 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
7/17/2012 10:46:05 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
7/17/2012 10:46:05 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/16/2012 12:49:46 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0xfffffa80400c0024, 0x0000000000000002, 0x0000000000000000, 0xfffff80002e92915). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071612-23072-01.
7/16/2012 12:06:10 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002e6e7ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071612-22074-01.
7/16/2012 11:27:56 PM, Error: Service Control Manager [7000] - The ASUS System Control Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/16/2012 11:27:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ASUS System Control Service service to connect.
7/16/2012 11:27:19 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000000, 0xfffff80002edc915). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071612-36535-01.
7/16/2012 11:23:45 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
7/16/2012 11:23:45 AM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/16/2012 11:15:44 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PC Tools Security Service service to connect.
7/16/2012 11:15:44 AM, Error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/16/2012 11:14:07 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002ebc7ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071612-20233-01.
7/16/2012 11:11:16 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002ec67ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071612-22542-01.
7/16/2012 10:08:58 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
7/15/2012 9:43:10 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800022617ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071512-24960-01.
7/15/2012 9:40:45 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002e5f7ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071512-25849-01.
7/15/2012 9:38:05 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002e6c7ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071512-27565-01.
7/15/2012 9:34:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002ebd7ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071512-26005-01.
7/15/2012 9:31:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000009, 0x0000000000000002, 0x0000000000000001, 0xfffff80002eb7353). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071512-28953-01.
7/15/2012 9:28:18 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0xfffff880400c001c, 0x0000000000000002, 0x0000000000000000, 0xfffff80002e84915). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071512-27222-01.
7/15/2012 9:22:00 PM, Error: Service Control Manager [7043] - The AMD FUEL Service service did not shut down properly after receiving a preshutdown control.
7/15/2012 5:29:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
7/15/2012 5:29:59 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/15/2012 5:28:58 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002eb27ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071512-20482-01.
7/15/2012 5:25:33 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff80002f00405). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071512-19500-01.
7/15/2012 11:36:46 PM, Error: Service Control Manager [7038] - The WinHttpAutoProxySvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/15/2012 11:36:46 PM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The service did not start due to a logon failure.
7/15/2012 11:08:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
7/15/2012 11:08:48 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/15/2012 11:08:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/15/2012 11:08:03 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
7/15/2012 11:08:01 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.
7/15/2012 11:08:01 PM, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/14/2012 9:23:51 AM, Error: Service Control Manager [7034] - The Trend Micro Solution Platform service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

 

[Ryan O'Brien]

I will also add that my computer in normal mode is really slow, and it doesn't take much to freeze it as it usually does. I either run in safe mode with networking or I go on my other computer.

 

[Broni]

You're running two AV programs, PC Tools Spyware Doctor with AntiVirus and TrendMicro Titanium.
You must uninstall one of them.

Next....

Download TDSSKiller and save it to your desktop.

• Extract (unzip) its contents to your desktop.
• Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[Ryan O'Brien]

Ok I uninstalled PC Spyway docter thingy, and there were no infections found probably because I scanned before with this and it said it removed the virus, but it's still there I know it. Here is the log from the uninfected scan. Do you want my old logs?


13:42:15.0904 1748 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
13:42:16.0330 1748 ============================================================
13:42:16.0330 1748 Current date / time: 2012/07/21 13:42:16.0330
13:42:16.0330 1748 SystemInfo:
13:42:16.0330 1748
13:42:16.0330 1748 OS Version: 6.1.7601 ServicePack: 1.0
13:42:16.0330 1748 Product type: Workstation
13:42:16.0330 1748 ComputerName: RYAN-PC
13:42:16.0330 1748 UserName: Nub
13:42:16.0331 1748 Windows directory: C:\Windows
13:42:16.0331 1748 System windows directory: C:\Windows
13:42:16.0331 1748 Running under WOW64
13:42:16.0331 1748 Processor architecture: Intel x64
13:42:16.0331 1748 Number of processors: 4
13:42:16.0331 1748 Page size: 0x1000
13:42:16.0331 1748 Boot type: Safe boot with network
13:42:16.0331 1748 ============================================================
13:42:17.0491 1748 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:42:17.0500 1748 ============================================================
13:42:17.0500 1748 \Device\Harddisk0\DR0:
13:42:17.0500 1748 MBR partitions:
13:42:17.0500 1748 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C5E800, BlocksNum 0x2E935000
13:42:17.0500 1748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x30593800, BlocksNum 0x44172800
13:42:17.0500 1748 ============================================================
13:42:17.0522 1748 C: <-> \Device\Harddisk0\DR0\Partition0
13:42:17.0550 1748 D: <-> \Device\Harddisk0\DR0\Partition1
13:42:17.0551 1748 ============================================================
13:42:17.0551 1748 Initialize success
13:42:17.0551 1748 ============================================================
13:42:30.0628 0764 ============================================================
13:42:30.0628 0764 Scan started
13:42:30.0628 0764 Mode: Manual;
13:42:30.0628 0764 ============================================================
13:42:31.0562 0764 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:42:31.0565 0764 1394ohci - ok
13:42:31.0607 0764 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:42:31.0611 0764 ACPI - ok
13:42:31.0635 0764 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:42:31.0636 0764 AcpiPmi - ok
13:42:31.0736 0764 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:42:31.0739 0764 AdobeFlashPlayerUpdateSvc - ok
13:42:31.0799 0764 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:42:31.0807 0764 adp94xx - ok
13:42:31.0834 0764 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:42:31.0847 0764 adpahci - ok
13:42:31.0866 0764 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:42:31.0868 0764 adpu320 - ok
13:42:31.0896 0764 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:42:31.0898 0764 AeLookupSvc - ok
13:42:31.0962 0764 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:42:31.0969 0764 AFD - ok
13:42:31.0995 0764 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:42:31.0996 0764 agp440 - ok
13:42:32.0011 0764 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:42:32.0013 0764 ALG - ok
13:42:32.0023 0764 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:42:32.0025 0764 aliide - ok
13:42:32.0070 0764 AMD External Events Utility (9c616ba191b80f5cd1a1b9553e107100) C:\Windows\system32\atiesrxx.exe
13:42:32.0073 0764 AMD External Events Utility - ok
13:42:32.0119 0764 AMD FUEL Service - ok
13:42:32.0147 0764 amdhub30 (30bfeee0dffd5bd79d29157cf080deed) C:\Windows\system32\drivers\amdhub30.sys
13:42:32.0148 0764 amdhub30 - ok
13:42:32.0161 0764 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:42:32.0162 0764 amdide - ok
13:42:32.0171 0764 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
13:42:32.0171 0764 amdiox64 - ok
13:42:32.0197 0764 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:42:32.0198 0764 AmdK8 - ok
13:42:32.0557 0764 amdkmdag (5165e83751b8ff40e5e4925996fcc506) C:\Windows\system32\DRIVERS\atikmdag.sys
13:42:32.0693 0764 amdkmdag - ok
13:42:32.0808 0764 amdkmdap (86ab3cf484260c4318f3a6e8b035f422) C:\Windows\system32\DRIVERS\atikmpag.sys
13:42:32.0811 0764 amdkmdap - ok
13:42:32.0839 0764 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:42:32.0840 0764 AmdPPM - ok
13:42:32.0859 0764 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:42:32.0861 0764 amdsata - ok
13:42:32.0880 0764 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:42:32.0883 0764 amdsbs - ok
13:42:32.0892 0764 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:42:32.0893 0764 amdxata - ok
13:42:32.0938 0764 amdxhc (321533578132c811ec834a1b741c994c) C:\Windows\system32\drivers\amdxhc.sys
13:42:32.0941 0764 amdxhc - ok
13:42:33.0022 0764 AMD_RAIDXpert (0d0c13dd91f0c49814f314b78e21c6b9) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
13:42:33.0023 0764 AMD_RAIDXpert - ok
13:42:33.0151 0764 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
13:42:33.0153 0764 Amsp - ok
13:42:33.0204 0764 AODDriver4.1 (5b25d1a753cc3a3edb909bb759ac1098) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:42:33.0205 0764 AODDriver4.1 - ok
13:42:33.0245 0764 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:42:33.0246 0764 AppID - ok
13:42:33.0262 0764 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:42:33.0263 0764 AppIDSvc - ok
13:42:33.0299 0764 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:42:33.0300 0764 Appinfo - ok
13:42:33.0329 0764 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:42:33.0330 0764 arc - ok
13:42:33.0337 0764 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:42:33.0339 0764 arcsas - ok
13:42:33.0416 0764 asComSvc (6e3f4538b33bc19259e99be1826286a3) C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
13:42:33.0422 0764 asComSvc - ok
13:42:33.0485 0764 asHmComSvc (a63173897ea1a73a75d0e65036de5b15) C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
13:42:33.0491 0764 asHmComSvc - ok
13:42:33.0576 0764 ASInsHelp (edaa17ce771c696655b6585f7cad2100) C:\Windows\SysWow64\drivers\AsInsHelp64.sys
13:42:33.0577 0764 ASInsHelp - ok
13:42:33.0588 0764 AsIO (fef9dd9ea587f8886ade43c1befbdafe) C:\Windows\syswow64\drivers\AsIO.sys
13:42:33.0589 0764 AsIO - ok
13:42:33.0692 0764 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:42:33.0705 0764 aspnet_state - ok
13:42:33.0769 0764 AsSysCtrlService (5c31dfb196cb3a488a041881634d86d2) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
13:42:33.0774 0764 AsSysCtrlService - ok
13:42:33.0781 0764 AsUpIO (1392b92179b07b672720763d9b1028a5) C:\Windows\syswow64\drivers\AsUpIO.sys
13:42:33.0781 0764 AsUpIO - ok
13:42:33.0865 0764 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:42:33.0866 0764 AsyncMac - ok
13:42:33.0876 0764 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:42:33.0877 0764 atapi - ok
13:42:33.0921 0764 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
13:42:33.0922 0764 AtiHDAudioService - ok
13:42:33.0976 0764 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

 

[Ryan O'Brien]

Part 2

13:42:33.0985 0764 AudioEndpointBuilder - ok
13:42:33.0991 0764 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:42:33.0995 0764 AudioSrv - ok
13:42:34.0038 0764 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:42:34.0040 0764 AxInstSV - ok
13:42:34.0090 0764 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:42:34.0098 0764 b06bdrv - ok
13:42:34.0121 0764 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:42:34.0124 0764 b57nd60a - ok
13:42:34.0189 0764 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:42:34.0192 0764 BBSvc - ok
13:42:34.0211 0764 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:42:34.0213 0764 BDESVC - ok
13:42:34.0218 0764 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:42:34.0219 0764 Beep - ok
13:42:34.0282 0764 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:42:34.0291 0764 BFE - ok
13:42:34.0345 0764 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:42:34.0357 0764 BITS - ok
13:42:34.0394 0764 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
13:42:34.0395 0764 blbdrive - ok
13:42:34.0426 0764 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:42:34.0427 0764 bowser - ok
13:42:34.0436 0764 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:42:34.0437 0764 BrFiltLo - ok
13:42:34.0445 0764 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:42:34.0446 0764 BrFiltUp - ok
13:42:34.0464 0764 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:42:34.0465 0764 Browser - ok
13:42:34.0491 0764 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:42:34.0494 0764 Brserid - ok
13:42:34.0507 0764 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:42:34.0508 0764 BrSerWdm - ok
13:42:34.0519 0764 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:42:34.0520 0764 BrUsbMdm - ok
13:42:34.0534 0764 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:42:34.0535 0764 BrUsbSer - ok
13:42:34.0547 0764 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:42:34.0549 0764 BTHMODEM - ok
13:42:34.0556 0764 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:42:34.0558 0764 bthserv - ok
13:42:34.0577 0764 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:42:34.0578 0764 cdfs - ok
13:42:34.0614 0764 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:42:34.0616 0764 cdrom - ok
13:42:34.0650 0764 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:42:34.0652 0764 CertPropSvc - ok
13:42:34.0677 0764 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:42:34.0678 0764 circlass - ok
13:42:34.0706 0764 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:42:34.0710 0764 CLFS - ok
13:42:34.0772 0764 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:42:34.0775 0764 clr_optimization_v2.0.50727_32 - ok
13:42:34.0823 0764 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:42:34.0826 0764 clr_optimization_v2.0.50727_64 - ok
13:42:34.0886 0764 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:42:34.0934 0764 clr_optimization_v4.0.30319_32 - ok
13:42:34.0956 0764 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:42:34.0971 0764 clr_optimization_v4.0.30319_64 - ok
13:42:34.0999 0764 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:42:35.0001 0764 CmBatt - ok
13:42:35.0012 0764 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:42:35.0013 0764 cmdide - ok
13:42:35.0067 0764 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
13:42:35.0076 0764 CNG - ok
13:42:35.0085 0764 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:42:35.0086 0764 Compbatt - ok
13:42:35.0112 0764 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:42:35.0113 0764 CompositeBus - ok
13:42:35.0124 0764 COMSysApp - ok
13:42:35.0140 0764 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:42:35.0141 0764 crcdisk - ok
13:42:35.0185 0764 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:42:35.0187 0764 CryptSvc - ok
13:42:35.0338 0764 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:42:35.0360 0764 cvhsvc - ok
13:42:35.0419 0764 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
13:42:35.0419 0764 dc3d - ok
13:42:35.0451 0764 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:42:35.0457 0764 DcomLaunch - ok
13:42:35.0489 0764 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:42:35.0493 0764 defragsvc - ok
13:42:35.0557 0764 Device Handle Service (0a403702cb00432ac818523cd416bf67) C:\Windows\SysWOW64\AsHookDevice.exe
13:42:35.0559 0764 Device Handle Service - ok
13:42:35.0593 0764 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:42:35.0594 0764 DfsC - ok
13:42:35.0636 0764 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:42:35.0639 0764 Dhcp - ok
13:42:35.0651 0764 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:42:35.0652 0764 discache - ok
13:42:35.0685 0764 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:42:35.0687 0764 Disk - ok
13:42:35.0701 0764 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:42:35.0703 0764 Dnscache - ok
13:42:35.0730 0764 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:42:35.0733 0764 dot3svc - ok
13:42:35.0751 0764 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:42:35.0753 0764 DPS - ok
13:42:35.0777 0764 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:42:35.0778 0764 drmkaud - ok
13:42:35.0865 0764 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
13:42:35.0866 0764 DrvAgent64 - ok
13:42:35.0924 0764 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:42:35.0930 0764 DXGKrnl - ok
13:42:35.0939 0764 EagleX64 - ok
13:42:35.0964 0764 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:42:35.0966 0764 EapHost - ok
13:42:36.0111 0764 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:42:36.0159 0764 ebdrv - ok
13:42:36.0232 0764 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:42:36.0233 0764 EFS - ok
13:42:36.0310 0764 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:42:36.0328 0764 ehRecvr - ok
13:42:36.0378 0764 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:42:36.0380 0764 ehSched - ok
13:42:36.0446 0764 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:42:36.0460 0764 elxstor - ok
13:42:36.0476 0764 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:42:36.0477 0764 ErrDev - ok
13:42:36.0514 0764 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:42:36.0526 0764 EventSystem - ok
13:42:36.0544 0764 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:42:36.0546 0764 exfat - ok
13:42:36.0566 0764 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:42:36.0569 0764 fastfat - ok
13:42:36.0628 0764 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:42:36.0637 0764 Fax - ok
13:42:36.0652 0764 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:42:36.0653 0764 fdc - ok
13:42:36.0662 0764 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:42:36.0663 0764 fdPHost - ok
13:42:36.0675 0764 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:42:36.0676 0764 FDResPub - ok
13:42:36.0685 0764 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:42:36.0686 0764 FileInfo - ok
13:42:36.0693 0764 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:42:36.0694 0764 Filetrace - ok
13:42:36.0698 0764 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:42:36.0698 0764 flpydisk - ok
13:42:36.0720 0764 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:42:36.0723 0764 FltMgr - ok
13:42:36.0782 0764 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:42:36.0794 0764 FontCache - ok
13:42:36.0844 0764 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:42:36.0845 0764 FontCache3.0.0.0 - ok
13:42:36.0859 0764 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:42:36.0860 0764 FsDepends - ok
13:42:36.0887 0764 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
13:42:36.0888 0764 fssfltr - ok
13:42:37.0032 0764 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:42:37.0049 0764 fsssvc - ok
13:42:37.0118 0764 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:42:37.0119 0764 Fs_Rec - ok
13:42:37.0168 0764 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:42:37.0170 0764 fvevol - ok
13:42:37.0195 0764 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:42:37.0196 0764 gagp30kx - ok
13:42:37.0237 0764 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:42:37.0252 0764 gpsvc - ok
13:42:37.0332 0764 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:42:37.0334 0764 gupdate - ok
13:42:37.0337 0764 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:42:37.0338 0764 gupdatem - ok
13:42:37.0374 0764 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
13:42:37.0375 0764 hamachi - ok
13:42:37.0383 0764 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:42:37.0384 0764 hcw85cir - ok
13:42:37.0431 0764 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:42:37.0435 0764 HdAudAddService - ok
13:42:37.0469 0764 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:42:37.0470 0764 HDAudBus - ok
13:42:37.0481 0764 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:42:37.0482 0764 HidBatt - ok
13:42:37.0496 0764 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:42:37.0498 0764 HidBth - ok
13:42:37.0502 0764 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:42:37.0503 0764 HidIr - ok
13:42:37.0519 0764 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:42:37.0520 0764 hidserv - ok
13:42:37.0551 0764 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:42:37.0552 0764 HidUsb - ok
13:42:37.0577 0764 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:42:37.0578 0764 hkmsvc - ok
13:42:37.0600 0764 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:42:37.0603 0764 HomeGroupListener - ok
13:42:37.0631 0764 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:42:37.0634 0764 HomeGroupProvider - ok
13:42:37.0649 0764 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:42:37.0651 0764 HpSAMD - ok
13:42:37.0705 0764 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:42:37.0710 0764 HTTP - ok
13:42:37.0716 0764 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:42:37.0717 0764 hwpolicy - ok
13:42:37.0737 0764 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:42:37.0738 0764 i8042prt - ok
13:42:37.0776 0764 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:42:37.0780 0764 iaStorV - ok
13:42:37.0860 0764 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:42:37.0872 0764 idsvc - ok
13:42:37.0885 0764 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:42:37.0887 0764 iirsp - ok
13:42:37.0942 0764 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:42:37.0954 0764 IKEEXT - ok
13:42:37.0971 0764 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:42:37.0972 0764 intelide - ok
13:42:37.0982 0764 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
13:42:37.0984 0764 intelppm - ok
13:42:38.0001 0764 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:42:38.0002 0764 IPBusEnum - ok
13:42:38.0015 0764 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:42:38.0016 0764 IpFilterDriver - ok
13:42:38.0050 0764 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:42:38.0064 0764 iphlpsvc - ok
13:42:38.0075 0764 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:42:38.0076 0764 IPMIDRV - ok
13:42:38.0084 0764 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:42:38.0086 0764 IPNAT - ok
13:42:38.0093 0764 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:42:38.0094 0764 IRENUM - ok
13:42:38.0105 0764 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:42:38.0106 0764 isapnp - ok
13:42:38.0129 0764 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:42:38.0133 0764 iScsiPrt - ok
13:42:38.0144 0764 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:42:38.0145 0764 kbdclass - ok
13:42:38.0170 0764 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:42:38.0171 0764 kbdhid - ok
13:42:38.0186 0764 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:42:38.0187 0764 KeyIso - ok
13:42:38.0217 0764 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
13:42:38.0218 0764 KSecDD - ok
13:42:38.0231 0764 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
13:42:38.0233 0764 KSecPkg - ok
13:42:38.0246 0764 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:42:38.0247 0764 ksthunk - ok
13:42:38.0284 0764 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:42:38.0295 0764 KtmRm - ok
13:42:38.0325 0764 L1C (173666119d217e3739205c169e2bf0e5) C:\Windows\system32\DRIVERS\L1C62x64.sys
13:42:38.0325 0764 L1C - ok
13:42:38.0347 0764 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:42:38.0350 0764 LanmanServer - ok
13:42:38.0370 0764 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:42:38.0372 0764 LanmanWorkstation - ok
13:42:38.0403 0764 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:42:38.0404 0764 lltdio - ok
13:42:38.0439 0764 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:42:38.0443 0764 lltdsvc - ok
13:42:38.0453 0764 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:42:38.0454 0764 lmhosts - ok
13:42:38.0491 0764 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:42:38.0493 0764 LSI_FC - ok
13:42:38.0505 0764 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:42:38.0506 0764 LSI_SAS - ok
13:42:38.0522 0764 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:42:38.0523 0764 LSI_SAS2 - ok
13:42:38.0537 0764 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:42:38.0538 0764 LSI_SCSI - ok
13:42:38.0553 0764 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:42:38.0554 0764 luafv - ok
13:42:38.0592 0764 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
13:42:38.0593 0764 MBAMProtector - ok
13:42:38.0671 0764 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:42:38.0682 0764 MBAMService - ok
13:42:38.0742 0764 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
13:42:38.0746 0764 McComponentHostService - ok
13:42:38.0764 0764 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:42:38.0766 0764 Mcx2Svc - ok
13:42:38.0774 0764 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:42:38.0775 0764 megasas - ok
13:42:38.0798 0764 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:42:38.0801 0764 MegaSR - ok
13:42:38.0832 0764 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:42:38.0833 0764 MMCSS - ok
13:42:38.0843 0764 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:42:38.0844 0764 Modem - ok
13:42:38.0876 0764 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:42:38.0877 0764 monitor - ok
13:42:38.0904 0764 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:42:38.0905 0764 mouclass - ok
13:42:38.0939 0764 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:42:38.0939 0764 mouhid - ok
13:42:38.0949 0764 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:42:38.0951 0764 mountmgr - ok
13:42:39.0006 0764 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:42:39.0008 0764 MozillaMaintenance - ok
13:42:39.0022 0764 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:42:39.0024 0764 mpio - ok
13:42:39.0038 0764 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:42:39.0038 0764 mpsdrv - ok
13:42:39.0085 0764 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:42:39.0107 0764 MpsSvc - ok
13:42:39.0126 0764 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:42:39.0128 0764 MRxDAV - ok
13:42:39.0143 0764 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:42:39.0144 0764 mrxsmb - ok
13:42:39.0185 0764 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:42:39.0187 0764 mrxsmb10 - ok
13:42:39.0203 0764 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:42:39.0204 0764 mrxsmb20 - ok
13:42:39.0220 0764 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:42:39.0221 0764 msahci - ok
13:42:39.0237 0764 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:42:39.0239 0764 msdsm - ok
13:42:39.0265 0764 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:42:39.0268 0764 MSDTC - ok
13:42:39.0282 0764 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:42:39.0283 0764 Msfs - ok
13:42:39.0293 0764 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:42:39.0294 0764 mshidkmdf - ok
13:42:39.0301 0764 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:42:39.0302 0764 msisadrv - ok
13:42:39.0341 0764 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:42:39.0344 0764 MSiSCSI - ok
13:42:39.0347 0764 msiserver - ok
13:42:39.0372 0764 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:42:39.0372 0764 MSKSSRV - ok
13:42:39.0395 0764 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:42:39.0396 0764 MSPCLOCK - ok
13:42:39.0404 0764 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:42:39.0405 0764 MSPQM - ok
13:42:39.0431 0764 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:42:39.0434 0764 MsRPC - ok
13:42:39.0475 0764 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:42:39.0476 0764 mssmbios - ok
13:42:39.0489 0764 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:42:39.0490 0764 MSTEE - ok
13:42:39.0504 0764 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:42:39.0505 0764 MTConfig - ok
13:42:39.0519 0764 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:42:39.0520 0764 Mup - ok
13:42:39.0548 0764 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:42:39.0556 0764 napagent - ok
13:42:39.0596 0764 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:42:39.0599 0764 NativeWifiP - ok
13:42:39.0667 0764 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:42:39.0677 0764 NDIS - ok
13:42:39.0710 0764 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:42:39.0711 0764 NdisCap - ok
13:42:39.0736 0764 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:42:39.0737 0764 NdisTapi - ok
13:42:39.0762 0764 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:42:39.0764 0764 Ndisuio - ok
13:42:39.0779 0764 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:42:39.0781 0764 NdisWan - ok
13:42:39.0795 0764 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:42:39.0796 0764 NDProxy - ok
13:42:39.0844 0764 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
13:42:39.0846 0764 Net Driver HPZ12 - ok
13:42:39.0873 0764 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:42:39.0874 0764 NetBIOS - ok
13:42:39.0897 0764 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:42:39.0899 0764 NetBT - ok
13:42:39.0912 0764 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:42:39.0913 0764 Netlogon - ok
13:42:39.0952 0764 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:42:39.0964 0764 Netman - ok
13:42:40.0042 0764 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:40.0060 0764 NetMsmqActivator - ok
13:42:40.0063 0764 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:40.0064 0764 NetPipeActivator - ok
13:42:40.0105 0764 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:42:40.0113 0764 netprofm - ok
13:42:40.0117 0764 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:40.0118 0764 NetTcpActivator - ok
13:42:40.0121 0764 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:42:40.0122 0764 NetTcpPortSharing - ok
13:42:40.0165 0764 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:42:40.0166 0764 nfrd960 - ok
13:42:40.0210 0764 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:42:40.0214 0764 NlaSvc - ok
13:42:40.0229 0764 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:42:40.0229 0764 Npfs - ok
13:42:40.0242 0764 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:42:40.0243 0764 nsi - ok
13:42:40.0253 0764 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:42:40.0254 0764 nsiproxy - ok
13:42:40.0332 0764 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:42:40.0371 0764 Ntfs - ok
13:42:40.0431 0764 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:42:40.0431 0764 Null - ok
13:42:40.0451 0764 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:42:40.0454 0764 nvraid - ok
13:42:40.0475 0764 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:42:40.0477 0764 nvstor - ok
13:42:40.0503 0764 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:42:40.0505 0764 nv_agp - ok
13:42:40.0521 0764 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:42:40.0522 0764 ohci1394 - ok
13:42:40.0592 0764 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:42:40.0594 0764 ose - ok
13:42:40.0819 0764 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:42:40.0890 0764 osppsvc - ok
13:42:40.0968 0764 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:42:40.0971 0764 p2pimsvc - ok
13:42:40.0999 0764 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:42:41.0008 0764 p2psvc - ok
13:42:41.0056 0764 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:42:41.0058 0764 Parport - ok
13:42:41.0087 0764 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:42:41.0088 0764 partmgr - ok
13:42:41.0108 0764 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:42:41.0110 0764 PcaSvc - ok
13:42:41.0129 0764 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:42:41.0131 0764 pci - ok
13:42:41.0140 0764 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:42:41.0141 0764 pciide - ok
13:42:41.0164 0764 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:42:41.0166 0764 pcmcia - ok
13:42:41.0182 0764 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:42:41.0183 0764 pcw - ok
13:42:41.0224 0764 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:42:41.0228 0764 PEAUTH - ok
13:42:41.0282 0764 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:42:41.0286 0764 PerfHost - ok
13:42:41.0399 0764 PinnacleUpdateSvc (0015113a604b94769ab5159e8dcfc6e6) C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe
13:42:41.0408 0764 PinnacleUpdateSvc - ok
13:42:41.0526 0764 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:42:41.0547 0764 pla - ok
13:42:41.0604 0764 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:42:41.0614 0764 PlugPlay - ok
13:42:41.0702 0764 PMBDeviceInfoProvider (ae6c778717de2f6b0c0b5335036d3363) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
13:42:41.0715 0764 PMBDeviceInfoProvider - ok
13:42:41.0757 0764 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
13:42:41.0758 0764 Pml Driver HPZ12 - ok
13:42:41.0777 0764 PnkBstrA - ok
13:42:41.0782 0764 PnkBstrB - ok
13:42:41.0803 0764 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:42:41.0805 0764 PNRPAutoReg - ok
13:42:41.0821 0764 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:42:41.0823 0764 PNRPsvc - ok
13:42:41.0868 0764 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
13:42:41.0868 0764 Point64 - ok
13:42:41.0912 0764 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:42:41.0920 0764 PolicyAgent - ok
13:42:41.0952 0764 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:42:41.0955 0764 Power - ok
13:42:41.0997 0764 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:42:41.0998 0764 PptpMiniport - ok
13:42:42.0017 0764 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:42:42.0019 0764 Processor - ok
13:42:42.0069 0764 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:42:42.0072 0764 ProfSvc - ok
13:42:42.0087 0764 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:42:42.0088 0764 ProtectedStorage - ok
13:42:42.0124 0764 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:42:42.0125 0764 Psched - ok
13:42:42.0198 0764 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:42:42.0214 0764 ql2300 - ok
13:42:42.0293 0764 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:42:42.0295 0764 ql40xx - ok
13:42:42.0333 0764 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:42:42.0336 0764 QWAVE - ok
13:42:42.0347 0764 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:42:42.0348 0764 QWAVEdrv - ok
13:42:42.0357 0764 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:42:42.0358 0764 RasAcd - ok
13:42:42.0393 0764 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:42:42.0394 0764 RasAgileVpn - ok
13:42:42.0410 0764 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:42:42.0412 0764 RasAuto - ok
13:42:42.0429 0764 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:42:42.0430 0764 Rasl2tp - ok
13:42:42.0453 0764 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:42:42.0466 0764 RasMan - ok
13:42:42.0502 0764 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:42:42.0503 0764 RasPppoe - ok
13:42:42.0527 0764 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:42:42.0528 0764 RasSstp - ok
13:42:42.0551 0764 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:42:42.0553 0764 rdbss - ok
13:42:42.0568 0764 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:42:42.0569 0764 rdpbus - ok
13:42:42.0584 0764 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:42:42.0584 0764 RDPCDD - ok
13:42:42.0611 0764 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:42:42.0612 0764 RDPENCDD - ok
13:42:42.0626 0764 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:42:42.0627 0764 RDPREFMP - ok
13:42:42.0662 0764 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:42:42.0665 0764 RDPWD - ok
13:42:42.0684 0764 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:42:42.0686 0764 rdyboost - ok
13:42:42.0700 0764 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:42:42.0702 0764 RemoteAccess - ok
13:42:42.0719 0764 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:42:42.0721 0764 RemoteRegistry - ok
13:42:42.0773 0764 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
13:42:42.0774 0764 Revoflt - ok
13:42:42.0803 0764 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:42:42.0805 0764 RpcEptMapper - ok
13:42:42.0823 0764 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:42:42.0824 0764 RpcLocator - ok
13:42:42.0859 0764 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:42:42.0863 0764 RpcSs - ok
13:42:42.0869 0764 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:42:42.0870 0764 rspndr - ok
13:42:42.0887 0764 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:42:42.0888 0764 SamSs - ok
13:42:42.0904 0764 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:42:42.0906 0764 sbp2port - ok
13:42:42.0926 0764 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:42:42.0929 0764 SCardSvr - ok
13:42:42.0936 0764 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:42:42.0937 0764 scfilter - ok
13:42:42.0988 0764 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:42:43.0003 0764 Schedule - ok
13:42:43.0026 0764 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:42:43.0026 0764 SCPolicySvc - ok
13:42:43.0041 0764 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:42:43.0044 0764 SDRSVC - ok
13:42:43.0097 0764 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:42:43.0099 0764 SeaPort - ok
13:42:43.0142 0764 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:42:43.0143 0764 secdrv - ok
13:42:43.0150 0764 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:42:43.0152 0764 seclogon - ok
13:42:43.0165 0764 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:42:43.0166 0764 SENS - ok
13:42:43.0177 0764 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:42:43.0179 0764 SensrSvc - ok
13:42:43.0188 0764 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:42:43.0190 0764 Serenum - ok
13:42:43.0207 0764 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:42:43.0209 0764 Serial - ok
13:42:43.0212 0764 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:42:43.0213 0764 sermouse - ok
13:42:43.0236 0764 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:42:43.0239 0764 SessionEnv - ok
13:42:43.0242 0764 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:42:43.0243 0764 sffdisk - ok
13:42:43.0247 0764 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:42:43.0247 0764 sffp_mmc - ok
13:42:43.0252 0764 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:42:43.0253 0764 sffp_sd - ok
13:42:43.0257 0764 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:42:43.0258 0764 sfloppy - ok
13:42:43.0321 0764 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:42:43.0326 0764 Sftfs - ok
13:42:43.0398 0764 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:42:43.0402 0764 sftlist - ok
13:42:43.0420 0764 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:42:43.0422 0764 Sftplay - ok
13:42:43.0431 0764 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:42:43.0431 0764 Sftredir - ok
13:42:43.0445 0764 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:42:43.0445 0764 Sftvol - ok
13:42:43.0465 0764 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:42:43.0466 0764 sftvsa - ok
13:42:43.0497 0764 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:42:43.0509 0764 SharedAccess - ok
13:42:43.0537 0764 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:42:43.0548 0764 ShellHWDetection - ok
13:42:43.0566 0764 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:42:43.0567 0764 SiSRaid2 - ok
13:42:43.0587 0764 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:42:43.0588 0764 SiSRaid4 - ok
13:42:43.0791 0764 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:42:43.0829 0764 Skype C2C Service - ok
13:42:43.0903 0764 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files (x86)\Skype\Updater\Updater.exe
13:42:43.0905 0764 SkypeUpdate - ok
13:42:43.0987 0764 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:42:43.0988 0764 Smb - ok
13:42:44.0018 0764 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:42:44.0019 0764 SNMPTRAP - ok
13:42:44.0025 0764 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:42:44.0026 0764 spldr - ok
13:42:44.0065 0764 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:42:44.0078 0764 Spooler - ok
13:42:44.0224 0764 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:42:44.0282 0764 sppsvc - ok
13:42:44.0331 0764 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:42:44.0333 0764 sppuinotify - ok
13:42:44.0377 0764 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:42:44.0380 0764 srv - ok
13:42:44.0408 0764 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:42:44.0411 0764 srv2 - ok
13:42:44.0432 0764 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:42:44.0433 0764 srvnet - ok
13:42:44.0471 0764 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:42:44.0474 0764 SSDPSRV - ok
13:42:44.0487 0764 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:42:44.0489 0764 SstpSvc - ok
13:42:44.0557 0764 Steam Client Service - ok
13:42:44.0576 0764 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:42:44.0577 0764 stexstor - ok
13:42:44.0632 0764 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:42:44.0644 0764 stisvc - ok
13:42:44.0652 0764 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:42:44.0653 0764 swenum - ok
13:42:44.0681 0764 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:42:44.0696 0764 swprv - ok
13:42:44.0776 0764 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:42:44.0794 0764 SysMain - ok
13:42:44.0859 0764 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:42:44.0861 0764 TabletInputService - ok
13:42:44.0887 0764 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:42:44.0891 0764 TapiSrv - ok
13:42:44.0906 0764 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:42:44.0908 0764 TBS - ok
13:42:45.0029 0764 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:42:45.0049 0764 Tcpip - ok
13:42:45.0177 0764 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:42:45.0186 0764 TCPIP6 - ok
13:42:45.0227 0764 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:42:45.0228 0764 tcpipreg - ok
13:42:45.0241 0764 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:42:45.0242 0764 TDPIPE - ok
13:42:45.0265 0764 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:42:45.0266 0764 TDTCP - ok
13:42:45.0292 0764 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:42:45.0294 0764 tdx - ok
13:42:45.0308 0764 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:42:45.0308 0764 TermDD - ok
13:42:45.0351 0764 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:42:45.0361 0764 TermService - ok
13:42:45.0369 0764 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:42:45.0371 0764 Themes - ok
13:42:45.0390 0764 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:42:45.0391 0764 THREADORDER - ok
13:42:45.0431 0764 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys
13:42:45.0432 0764 tmactmon - ok
13:42:45.0458 0764 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys
13:42:45.0459 0764 tmcomm - ok
13:42:45.0476 0764 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys
13:42:45.0477 0764 tmevtmgr - ok
13:42:45.0516 0764 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys
13:42:45.0518 0764 tmtdi - ok
13:42:45.0533 0764 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:42:45.0535 0764 TrkWks - ok
13:42:45.0563 0764 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:42:45.0565 0764 TrustedInstaller - ok
13:42:45.0577 0764 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:42:45.0578 0764 tssecsrv - ok
13:42:45.0605 0764 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:42:45.0607 0764 TsUsbFlt - ok
13:42:45.0610 0764 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:42:45.0611 0764 TsUsbGD - ok
13:42:45.0638 0764 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:42:45.0639 0764 tunnel - ok
13:42:45.0644 0764 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:42:45.0645 0764 uagp35 - ok
13:42:45.0667 0764 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:42:45.0669 0764 udfs - ok
13:42:45.0677 0764 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:42:45.0679 0764 UI0Detect - ok
13:42:45.0684 0764 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:42:45.0685 0764 uliagpkx - ok
13:42:45.0713 0764 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

 

[Ryan O'Brien]

Part 3



13:42:45.0714 0764 umbus - ok
13:42:45.0722 0764 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:42:45.0723 0764 UmPass - ok
13:42:45.0753 0764 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:42:45.0765 0764 upnphost - ok
13:42:45.0799 0764 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
13:42:45.0800 0764 usbaudio - ok
13:42:45.0811 0764 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:42:45.0812 0764 usbccgp - ok
13:42:45.0827 0764 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:42:45.0829 0764 usbcir - ok
13:42:45.0842 0764 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:42:45.0842 0764 usbehci - ok
13:42:45.0874 0764 UsbFltr (68bad03835873d4bbbde95cbb135a395) C:\Windows\system32\Drivers\UsbFltr.sys
13:42:45.0875 0764 UsbFltr - ok
13:42:45.0902 0764 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:42:45.0905 0764 usbhub - ok
13:42:45.0915 0764 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
13:42:45.0916 0764 usbohci - ok
13:42:45.0932 0764 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
13:42:45.0933 0764 usbprint - ok
13:42:45.0947 0764 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:42:45.0948 0764 USBSTOR - ok
13:42:45.0960 0764 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:42:45.0961 0764 usbuhci - ok
13:42:46.0003 0764 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:42:46.0005 0764 usbvideo - ok
13:42:46.0023 0764 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:42:46.0024 0764 UxSms - ok
13:42:46.0036 0764 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:42:46.0037 0764 VaultSvc - ok
13:42:46.0043 0764 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:42:46.0044 0764 vdrvroot - ok
13:42:46.0076 0764 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:42:46.0091 0764 vds - ok
13:42:46.0109 0764 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:42:46.0110 0764 vga - ok
13:42:46.0126 0764 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:42:46.0126 0764 VgaSave - ok
13:42:46.0149 0764 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:42:46.0152 0764 vhdmp - ok
13:42:46.0294 0764 VIAHdAudAddService (84ffc3cca60a1b52a021bc894d529735) C:\Windows\system32\drivers\viahduaa.sys
13:42:46.0322 0764 VIAHdAudAddService - ok
13:42:46.0387 0764 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:42:46.0388 0764 viaide - ok
13:42:46.0403 0764 VIAKaraokeService (f4310278e6ce1c507b5555b662369e26) C:\Windows\system32\viakaraokesrv.exe
13:42:46.0405 0764 VIAKaraokeService - ok
13:42:46.0420 0764 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:42:46.0421 0764 volmgr - ok
13:42:46.0446 0764 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:42:46.0450 0764 volmgrx - ok
13:42:46.0472 0764 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
13:42:46.0475 0764 volsnap - ok
13:42:46.0507 0764 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:42:46.0509 0764 vsmraid - ok
13:42:46.0585 0764 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:42:46.0608 0764 VSS - ok
13:42:46.0650 0764 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:42:46.0651 0764 vwifibus - ok
13:42:46.0677 0764 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:42:46.0688 0764 W32Time - ok
13:42:46.0694 0764 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:42:46.0694 0764 WacomPen - ok
13:42:46.0728 0764 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:42:46.0729 0764 WANARP - ok
13:42:46.0738 0764 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:42:46.0739 0764 Wanarpv6 - ok
13:42:46.0830 0764 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:42:46.0846 0764 WatAdminSvc - ok
13:42:46.0919 0764 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:42:46.0937 0764 wbengine - ok
13:42:47.0008 0764 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:42:47.0012 0764 WbioSrvc - ok
13:42:47.0036 0764 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:42:47.0048 0764 wcncsvc - ok
13:42:47.0062 0764 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:42:47.0064 0764 WcsPlugInService - ok
13:42:47.0098 0764 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:42:47.0099 0764 Wd - ok
13:42:47.0134 0764 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:42:47.0145 0764 Wdf01000 - ok
13:42:47.0159 0764 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:42:47.0161 0764 WdiServiceHost - ok
13:42:47.0164 0764 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:42:47.0166 0764 WdiSystemHost - ok
13:42:47.0183 0764 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:42:47.0186 0764 WebClient - ok
13:42:47.0202 0764 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:42:47.0206 0764 Wecsvc - ok
13:42:47.0216 0764 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:42:47.0218 0764 wercplsupport - ok
13:42:47.0245 0764 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:42:47.0247 0764 WerSvc - ok
13:42:47.0279 0764 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:42:47.0280 0764 WfpLwf - ok
13:42:47.0283 0764 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:42:47.0284 0764 WIMMount - ok
13:42:47.0323 0764 WinDefend - ok
13:42:47.0384 0764 WindowBlinds (97c7f30787a30cfa760b0247631a5463) C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
13:42:47.0387 0764 WindowBlinds - ok
13:42:47.0394 0764 WinHttpAutoProxySvc - ok
13:42:47.0439 0764 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:42:47.0442 0764 Winmgmt - ok
13:42:47.0539 0764 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:42:47.0565 0764 WinRM - ok
13:42:47.0663 0764 winusb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\winusb.sys
13:42:47.0665 0764 winusb - ok
13:42:47.0722 0764 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:42:47.0750 0764 Wlansvc - ok
13:42:47.0784 0764 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:42:47.0786 0764 wlcrasvc - ok
13:42:47.0940 0764 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:42:47.0974 0764 wlidsvc - ok
13:42:48.0056 0764 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys
13:42:48.0056 0764 WmBEnum - ok
13:42:48.0087 0764 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys
13:42:48.0088 0764 WmFilter - ok
13:42:48.0123 0764 WmHidLo (ac4331af118a720f13c9c5cabbfe27bd) C:\Windows\system32\drivers\WmHidLo.sys
13:42:48.0123 0764 WmHidLo - ok
13:42:48.0164 0764 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:42:48.0164 0764 WmiAcpi - ok
13:42:48.0212 0764 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:42:48.0214 0764 wmiApSrv - ok
13:42:48.0248 0764 WMPNetworkSvc - ok
13:42:48.0263 0764 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys
13:42:48.0264 0764 WmVirHid - ok
13:42:48.0274 0764 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys
13:42:48.0275 0764 WmXlCore - ok
13:42:48.0329 0764 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
13:42:48.0334 0764 WMZuneComm - ok
13:42:48.0353 0764 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:42:48.0355 0764 WPCSvc - ok
13:42:48.0367 0764 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:42:48.0369 0764 WPDBusEnum - ok
13:42:48.0373 0764 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:42:48.0374 0764 ws2ifsl - ok
13:42:48.0387 0764 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:42:48.0389 0764 wscsvc - ok
13:42:48.0392 0764 WSearch - ok
13:42:48.0521 0764 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:42:48.0565 0764 wuauserv - ok
13:42:48.0655 0764 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:42:48.0656 0764 WudfPf - ok
13:42:48.0685 0764 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:42:48.0686 0764 WUDFRd - ok
13:42:48.0699 0764 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:42:48.0701 0764 wudfsvc - ok
13:42:48.0726 0764 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:42:48.0729 0764 WwanSvc - ok
13:42:48.0877 0764 ytpUpdater (88596ac939a4bcd347c5d360dfd0846e) C:\Program Files (x86)\updater\updater.exe
13:42:48.0895 0764 ytpUpdater - ok
13:42:49.0231 0764 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
13:42:49.0346 0764 ZuneNetworkSvc - ok
13:42:49.0400 0764 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
13:42:49.0408 0764 ZuneWlanCfgSvc - ok
13:42:49.0423 0764 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:42:49.0611 0764 \Device\Harddisk0\DR0 - ok
13:42:49.0614 0764 Boot (0x1200) (6efb70c07cd1ba1edca2b603cc988eec) \Device\Harddisk0\DR0\Partition0
13:42:49.0615 0764 \Device\Harddisk0\DR0\Partition0 - ok
13:42:49.0630 0764 Boot (0x1200) (60ac426d1eba97774f052e637196341a) \Device\Harddisk0\DR0\Partition1
13:42:49.0632 0764 \Device\Harddisk0\DR0\Partition1 - ok
13:42:49.0632 0764 ============================================================
13:42:49.0632 0764 Scan finished
13:42:49.0632 0764 ============================================================
13:42:49.0641 1936 Detected object count: 0
13:42:49.0641 1936 Actual detected object count: 0
13:43:15.0859 0772 ============================================================
13:43:15.0859 0772 Scan started
13:43:15.0859 0772 Mode: Manual;
13:43:15.0859 0772 ============================================================
13:43:16.0144 0772 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:43:16.0145 0772 1394ohci - ok
13:43:16.0172 0772 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:43:16.0174 0772 ACPI - ok
13:43:16.0183 0772 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:43:16.0184 0772 AcpiPmi - ok
13:43:16.0253 0772 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:43:16.0254 0772 AdobeFlashPlayerUpdateSvc - ok
13:43:16.0289 0772 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:43:16.0291 0772 adp94xx - ok
13:43:16.0324 0772 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:43:16.0325 0772 adpahci - ok
13:43:16.0347 0772 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:43:16.0349 0772 adpu320 - ok
13:43:16.0390 0772 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:43:16.0391 0772 AeLookupSvc - ok
13:43:16.0439 0772 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:43:16.0442 0772 AFD - ok
13:43:16.0451 0772 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:43:16.0452 0772 agp440 - ok
13:43:16.0468 0772 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:43:16.0469 0772 ALG - ok
13:43:16.0480 0772 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:43:16.0480 0772 aliide - ok
13:43:16.0518 0772 AMD External Events Utility (9c616ba191b80f5cd1a1b9553e107100) C:\Windows\system32\atiesrxx.exe
13:43:16.0519 0772 AMD External Events Utility - ok
13:43:16.0542 0772 AMD FUEL Service - ok
13:43:16.0554 0772 amdhub30 (30bfeee0dffd5bd79d29157cf080deed) C:\Windows\system32\drivers\amdhub30.sys
13:43:16.0554 0772 amdhub30 - ok
13:43:16.0567 0772 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:43:16.0568 0772 amdide - ok
13:43:16.0577 0772 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
13:43:16.0578 0772 amdiox64 - ok
13:43:16.0595 0772 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:43:16.0595 0772 AmdK8 - ok
13:43:16.0925 0772 amdkmdag (5165e83751b8ff40e5e4925996fcc506) C:\Windows\system32\DRIVERS\atikmdag.sys
13:43:16.0975 0772 amdkmdag - ok
13:43:17.0073 0772 amdkmdap (86ab3cf484260c4318f3a6e8b035f422) C:\Windows\system32\DRIVERS\atikmpag.sys
13:43:17.0075 0772 amdkmdap - ok
13:43:17.0088 0772 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:43:17.0088 0772 AmdPPM - ok
13:43:17.0107 0772 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:43:17.0108 0772 amdsata - ok
13:43:17.0128 0772 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:43:17.0130 0772 amdsbs - ok
13:43:17.0141 0772 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:43:17.0141 0772 amdxata - ok
13:43:17.0162 0772 amdxhc (321533578132c811ec834a1b741c994c) C:\Windows\system32\drivers\amdxhc.sys
13:43:17.0163 0772 amdxhc - ok
13:43:17.0219 0772 AMD_RAIDXpert (0d0c13dd91f0c49814f314b78e21c6b9) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
13:43:17.0220 0772 AMD_RAIDXpert - ok
13:43:17.0308 0772 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
13:43:17.0309 0772 Amsp - ok
13:43:17.0344 0772 AODDriver4.1 (5b25d1a753cc3a3edb909bb759ac1098) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:43:17.0345 0772 AODDriver4.1 - ok
13:43:17.0360 0772 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:43:17.0361 0772 AppID - ok
13:43:17.0376 0772 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:43:17.0377 0772 AppIDSvc - ok
13:43:17.0389 0772 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:43:17.0389 0772 Appinfo - ok
13:43:17.0402 0772 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:43:17.0402 0772 arc - ok
13:43:17.0409 0772 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:43:17.0410 0772 arcsas - ok
13:43:17.0480 0772 asComSvc (6e3f4538b33bc19259e99be1826286a3) C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
13:43:17.0485 0772 asComSvc - ok
13:43:17.0532 0772 asHmComSvc (a63173897ea1a73a75d0e65036de5b15) C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
13:43:17.0536 0772 asHmComSvc - ok
13:43:17.0608 0772 ASInsHelp (edaa17ce771c696655b6585f7cad2100) C:\Windows\SysWow64\drivers\AsInsHelp64.sys
13:43:17.0608 0772 ASInsHelp - ok
13:43:17.0620 0772 AsIO (fef9dd9ea587f8886ade43c1befbdafe) C:\Windows\syswow64\drivers\AsIO.sys
13:43:17.0620 0772 AsIO - ok
13:43:17.0682 0772 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:43:17.0683 0772 aspnet_state - ok
13:43:17.0725 0772 AsSysCtrlService (5c31dfb196cb3a488a041881634d86d2) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
13:43:17.0728 0772 AsSysCtrlService - ok
13:43:17.0737 0772 AsUpIO (1392b92179b07b672720763d9b1028a5) C:\Windows\syswow64\drivers\AsUpIO.sys
13:43:17.0738 0772 AsUpIO - ok
13:43:17.0805 0772 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:43:17.0805 0772 AsyncMac - ok
13:43:17.0816 0772 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:43:17.0817 0772 atapi - ok
13:43:17.0836 0772 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
13:43:17.0837 0772 AtiHDAudioService - ok
13:43:17.0873 0772 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:43:17.0877 0772 AudioEndpointBuilder - ok
13:43:17.0883 0772 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:43:17.0887 0772 AudioSrv - ok
13:43:17.0903 0772 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:43:17.0904 0772 AxInstSV - ok
13:43:17.0938 0772 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:43:17.0940 0772 b06bdrv - ok
13:43:17.0960 0772 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:43:17.0962 0772 b57nd60a - ok
13:43:18.0012 0772 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:43:18.0014 0772 BBSvc - ok
13:43:18.0027 0772 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:43:18.0027 0772 BDESVC - ok
13:43:18.0033 0772 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:43:18.0034 0772 Beep - ok
13:43:18.0072 0772 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:43:18.0075 0772 BFE - ok
13:43:18.0126 0772 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:43:18.0131 0772 BITS - ok
13:43:18.0143 0772 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
13:43:18.0143 0772 blbdrive - ok
13:43:18.0157 0772 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:43:18.0158 0772 bowser - ok
13:43:18.0168 0772 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:43:18.0168 0772 BrFiltLo - ok
13:43:18.0177 0772 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:43:18.0178 0772 BrFiltUp - ok
13:43:18.0195 0772 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:43:18.0196 0772 Browser - ok
13:43:18.0222 0772 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:43:18.0224 0772 Brserid - ok
13:43:18.0238 0772 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:43:18.0239 0772 BrSerWdm - ok
13:43:18.0251 0772 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:43:18.0252 0772 BrUsbMdm - ok
13:43:18.0266 0772 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:43:18.0266 0772 BrUsbSer - ok
13:43:18.0279 0772 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:43:18.0280 0772 BTHMODEM - ok
13:43:18.0288 0772 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:43:18.0289 0772 bthserv - ok
13:43:18.0299 0772 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:43:18.0300 0772 cdfs - ok
13:43:18.0313 0772 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:43:18.0313 0772 cdrom - ok
13:43:18.0324 0772 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:43:18.0324 0772 CertPropSvc - ok
13:43:18.0333 0772 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:43:18.0334 0772 circlass - ok
13:43:18.0363 0772 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:43:18.0365 0772 CLFS - ok
13:43:18.0420 0772 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:43:18.0421 0772 clr_optimization_v2.0.50727_32 - ok
13:43:18.0463 0772 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:43:18.0464 0772 clr_optimization_v2.0.50727_64 - ok
13:43:18.0509 0772 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:43:18.0510 0772 clr_optimization_v4.0.30319_32 - ok
13:43:18.0538 0772 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:43:18.0538 0772 clr_optimization_v4.0.30319_64 - ok
13:43:18.0548 0772 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:43:18.0548 0772 CmBatt - ok
13:43:18.0560 0772 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:43:18.0561 0772 cmdide - ok
13:43:18.0607 0772 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
13:43:18.0610 0772 CNG - ok
13:43:18.0650 0772 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:43:18.0651 0772 Compbatt - ok
13:43:18.0661 0772 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:43:18.0661 0772 CompositeBus - ok
13:43:18.0664 0772 COMSysApp - ok
13:43:18.0669 0772 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:43:18.0669 0772 crcdisk - ok
13:43:18.0708 0772 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:43:18.0710 0772 CryptSvc - ok
13:43:18.0828 0772 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:43:18.0832 0772 cvhsvc - ok
13:43:18.0859 0772 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
13:43:18.0859 0772 dc3d - ok
13:43:18.0891 0772 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:43:18.0894 0772 DcomLaunch - ok
13:43:18.0921 0772 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:43:18.0923 0772 defragsvc - ok
13:43:18.0989 0772 Device Handle Service (0a403702cb00432ac818523cd416bf67) C:\Windows\SysWOW64\AsHookDevice.exe
13:43:18.0990 0772 Device Handle Service - ok
13:43:19.0015 0772 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:43:19.0016 0772 DfsC - ok
13:43:19.0034 0772 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:43:19.0036 0772 Dhcp - ok
13:43:19.0050 0772 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:43:19.0050 0772 discache - ok
13:43:19.0059 0772 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:43:19.0059 0772 Disk - ok
13:43:19.0074 0772 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:43:19.0076 0772 Dnscache - ok
13:43:19.0095 0772 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:43:19.0097 0772 dot3svc - ok
13:43:19.0116 0772 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:43:19.0117 0772 DPS - ok
13:43:19.0126 0772 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:43:19.0126 0772 drmkaud - ok
13:43:19.0172 0772 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
13:43:19.0172 0772 DrvAgent64 - ok
13:43:19.0227 0772 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:43:19.0232 0772 DXGKrnl - ok
13:43:19.0235 0772 EagleX64 - ok
13:43:19.0255 0772 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:43:19.0256 0772 EapHost - ok
13:43:19.0390 0772 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:43:19.0406 0772 ebdrv - ok
13:43:19.0463 0772 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:43:19.0464 0772 EFS - ok
13:43:19.0525 0772 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:43:19.0529 0772 ehRecvr - ok
13:43:19.0543 0772 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:43:19.0544 0772 ehSched - ok
13:43:19.0594 0772 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:43:19.0597 0772 elxstor - ok
13:43:19.0607 0772 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:43:19.0608 0772 ErrDev - ok
13:43:19.0638 0772 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:43:19.0640 0772 EventSystem - ok
13:43:19.0659 0772 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:43:19.0660 0772 exfat - ok
13:43:19.0681 0772 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:43:19.0682 0772 fastfat - ok
13:43:19.0717 0772 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:43:19.0722 0772 Fax - ok
13:43:19.0734 0772 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:43:19.0734 0772 fdc - ok
13:43:19.0743 0772 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:43:19.0744 0772 fdPHost - ok
13:43:19.0756 0772 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:43:19.0757 0772 FDResPub - ok
13:43:19.0767 0772 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:43:19.0768 0772 FileInfo - ok
13:43:19.0775 0772 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:43:19.0775 0772 Filetrace - ok
13:43:19.0779 0772 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:43:19.0779 0772 flpydisk - ok
13:43:19.0802 0772 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:43:19.0804 0772 FltMgr - ok
13:43:19.0862 0772 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:43:19.0869 0772 FontCache - ok
13:43:19.0909 0772 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:43:19.0909 0772 FontCache3.0.0.0 - ok
13:43:19.0924 0772 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:43:19.0925 0772 FsDepends - ok
13:43:19.0952 0772 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
13:43:19.0953 0772 fssfltr - ok
13:43:20.0075 0772 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:43:20.0083 0772 fsssvc - ok
13:43:20.0159 0772 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:43:20.0159 0772 Fs_Rec - ok
13:43:20.0173 0772 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:43:20.0175 0772 fvevol - ok
13:43:20.0185 0772 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:43:20.0186 0772 gagp30kx - ok
13:43:20.0226 0772 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:43:20.0231 0772 gpsvc - ok
13:43:20.0306 0772 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:43:20.0307 0772 gupdate - ok
13:43:20.0309 0772 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:43:20.0310 0772 gupdatem - ok
13:43:20.0330 0772 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
13:43:20.0331 0772 hamachi - ok
13:43:20.0340 0772 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:43:20.0340 0772 hcw85cir - ok
13:43:20.0362 0772 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:43:20.0364 0772 HdAudAddService - ok
13:43:20.0384 0772 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:43:20.0384 0772 HDAudBus - ok
13:43:20.0396 0772 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:43:20.0396 0772 HidBatt - ok
13:43:20.0411 0772 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:43:20.0412 0772 HidBth - ok
13:43:20.0416 0772 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:43:20.0417 0772 HidIr - ok
13:43:20.0426 0772 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:43:20.0426 0772 hidserv - ok
13:43:20.0433 0772 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:43:20.0433 0772 HidUsb - ok
13:43:20.0477 0772 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:43:20.0478 0772 hkmsvc - ok
13:43:20.0490 0772 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:43:20.0491 0772 HomeGroupListener - ok
13:43:20.0520 0772 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:43:20.0522 0772 HomeGroupProvider - ok
13:43:20.0529 0772 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:43:20.0530 0772 HpSAMD - ok
13:43:20.0569 0772 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:43:20.0573 0772 HTTP - ok
13:43:20.0581 0772 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:43:20.0582 0772 hwpolicy - ok
13:43:20.0588 0772 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:43:20.0589 0772 i8042prt - ok
13:43:20.0615 0772 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:43:20.0618 0772 iaStorV - ok
13:43:20.0699 0772 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:43:20.0703 0772 idsvc - ok
13:43:20.0717 0772 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:43:20.0718 0772 iirsp - ok
13:43:20.0770 0772 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:43:20.0775 0772 IKEEXT - ok
13:43:20.0786 0772 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:43:20.0787 0772 intelide - ok
13:43:20.0797 0772 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
13:43:20.0798 0772 intelppm - ok
13:43:20.0815 0772 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:43:20.0817 0772 IPBusEnum - ok
13:43:20.0829 0772 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:43:20.0830 0772 IpFilterDriver - ok
13:43:20.0864 0772 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:43:20.0867 0772 iphlpsvc - ok
13:43:20.0873 0772 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:43:20.0873 0772 IPMIDRV - ok
13:43:20.0879 0772 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:43:20.0880 0772 IPNAT - ok
13:43:20.0891 0772 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:43:20.0892 0772 IRENUM - ok
13:43:20.0904 0772 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:43:20.0904 0772 isapnp - ok
13:43:20.0927 0772 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:43:20.0928 0772 iScsiPrt - ok
13:43:20.0943 0772 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:43:20.0943 0772 kbdclass - ok
13:43:20.0952 0772 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:43:20.0952 0772 kbdhid - ok
13:43:20.0969 0772 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:43:20.0970 0772 KeyIso - ok
13:43:21.0005 0772 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
13:43:21.0006 0772 KSecDD - ok
13:43:21.0021 0772 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
13:43:21.0022 0772 KSecPkg - ok
13:43:21.0028 0772 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:43:21.0028 0772 ksthunk - ok
13:43:21.0065 0772 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:43:21.0068 0772 KtmRm - ok
13:43:21.0081 0772 L1C (173666119d217e3739205c169e2bf0e5) C:\Windows\system32\DRIVERS\L1C62x64.sys
13:43:21.0082 0772 L1C - ok
13:43:21.0103 0772 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:43:21.0105 0772 LanmanServer - ok
13:43:21.0127 0772 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:43:21.0129 0772 LanmanWorkstation - ok
13:43:21.0143 0772 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:43:21.0144 0772 lltdio - ok
13:43:21.0179 0772 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:43:21.0181 0772 lltdsvc - ok
13:43:21.0193 0772 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:43:21.0194 0772 lmhosts - ok
13:43:21.0214 0772 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:43:21.0215 0772 LSI_FC - ok
13:43:21.0227 0772 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:43:21.0228 0772 LSI_SAS - ok
13:43:21.0236 0772 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:43:21.0236 0772 LSI_SAS2 - ok
13:43:21.0251 0772 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:43:21.0252 0772 LSI_SCSI - ok
13:43:21.0267 0772 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:43:21.0268 0772 luafv - ok
13:43:21.0289 0772 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
13:43:21.0290 0772 MBAMProtector - ok
13:43:21.0368 0772 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:43:21.0371 0772 MBAMService - ok
13:43:21.0423 0772 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
13:43:21.0424 0772 McComponentHostService - ok
13:43:21.0436 0772 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:43:21.0437 0772 Mcx2Svc - ok
13:43:21.0447 0772 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:43:21.0447 0772 megasas - ok
13:43:21.0470 0772 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:43:21.0472 0772 MegaSR - ok
13:43:21.0488 0772 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:43:21.0489 0772 MMCSS - ok
13:43:21.0499 0772 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:43:21.0499 0772 Modem - ok
13:43:21.0515 0772 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:43:21.0516 0772 monitor - ok
13:43:21.0527 0772 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:43:21.0527 0772 mouclass - ok
13:43:21.0535 0772 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:43:21.0535 0772 mouhid - ok
13:43:21.0547 0772 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:43:21.0548 0772 mountmgr - ok
13:43:21.0587 0772 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:43:21.0588 0772 MozillaMaintenance - ok
13:43:21.0603 0772 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:43:21.0604 0772 mpio - ok
13:43:21.0618 0772 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:43:21.0619 0772 mpsdrv - ok
13:43:21.0665 0772 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:43:21.0670 0772 MpsSvc - ok
13:43:21.0690 0772 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:43:21.0691 0772 MRxDAV - ok
13:43:21.0707 0772 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:43:21.0708 0772 mrxsmb - ok
13:43:21.0748 0772 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:43:21.0750 0772 mrxsmb10 - ok
13:43:21.0767 0772 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:43:21.0768 0772 mrxsmb20 - ok
13:43:21.0776 0772 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:43:21.0776 0772 msahci - ok
13:43:21.0793 0772 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:43:21.0794 0772 msdsm - ok
13:43:21.0821 0772 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:43:21.0822 0772 MSDTC - ok
13:43:21.0838 0772 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:43:21.0838 0772 Msfs - ok
13:43:21.0849 0772 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:43:21.0849 0772 mshidkmdf - ok
13:43:21.0857 0772 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:43:21.0858 0772 msisadrv - ok
13:43:21.0889 0772 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:43:21.0890 0772 MSiSCSI - ok
13:43:21.0893 0772 msiserver - ok
13:43:21.0902 0772 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:43:21.0903 0772 MSKSSRV - ok
13:43:21.0909 0772 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:43:21.0909 0772 MSPCLOCK - ok
13:43:21.0918 0772 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:43:21.0919 0772 MSPQM - ok
13:43:21.0944 0772 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:43:21.0947 0772 MsRPC - ok
13:43:21.0956 0772 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:43:21.0956 0772 mssmbios - ok
13:43:21.0970 0772 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:43:21.0970 0772 MSTEE - ok
13:43:21.0977 0772 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:43:21.0977 0772 MTConfig - ok
13:43:21.0992 0772 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:43:21.0992 0772 Mup - ok
13:43:22.0019 0772 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:43:22.0022 0772 napagent - ok
13:43:22.0051 0772 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:43:22.0053 0772 NativeWifiP - ok
13:43:22.0107 0772 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:43:22.0112 0772 NDIS - ok
13:43:22.0124 0772 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:43:22.0125 0772 NdisCap - ok
13:43:22.0134 0772 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:43:22.0134 0772 NdisTapi - ok
13:43:22.0150 0772 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:43:22.0150 0772 Ndisuio - ok
13:43:22.0168 0772 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:43:22.0169 0772 NdisWan - ok

 

[Ryan O'Brien]

13:43:22.0184 0772 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:43:22.0185 0772 NDProxy - ok
13:43:22.0209 0772 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
13:43:22.0210 0772 Net Driver HPZ12 - ok
13:43:22.0229 0772 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:43:22.0230 0772 NetBIOS - ok
13:43:22.0252 0772 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:43:22.0254 0772 NetBT - ok
13:43:22.0268 0772 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:43:22.0269 0772 Netlogon - ok
13:43:22.0291 0772 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:43:22.0294 0772 Netman - ok
13:43:22.0364 0772 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:43:22.0365 0772 NetMsmqActivator - ok
13:43:22.0368 0772 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:43:22.0369 0772 NetPipeActivator - ok
13:43:22.0402 0772 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:43:22.0405 0772 netprofm - ok
13:43:22.0409 0772 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:43:22.0410 0772 NetTcpActivator - ok
13:43:22.0413 0772 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:43:22.0414 0772 NetTcpPortSharing - ok
13:43:22.0438 0772 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:43:22.0438 0772 nfrd960 - ok
13:43:22.0465 0772 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:43:22.0468 0772 NlaSvc - ok
13:43:22.0476 0772 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:43:22.0477 0772 Npfs - ok
13:43:22.0502 0772 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:43:22.0503 0772 nsi - ok
13:43:22.0529 0772 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:43:22.0530 0772 nsiproxy - ok
13:43:22.0612 0772 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:43:22.0621 0772 Ntfs - ok
13:43:22.0678 0772 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:43:22.0679 0772 Null - ok
13:43:22.0699 0772 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:43:22.0700 0772 nvraid - ok
13:43:22.0722 0772 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:43:22.0723 0772 nvstor - ok
13:43:22.0742 0772 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:43:22.0743 0772 nv_agp - ok
13:43:22.0760 0772 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:43:22.0760 0772 ohci1394 - ok
13:43:22.0823 0772 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:43:22.0823 0772 ose - ok
13:43:23.0038 0772 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:43:23.0062 0772 osppsvc - ok
13:43:23.0123 0772 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:43:23.0126 0772 p2pimsvc - ok
13:43:23.0154 0772 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:43:23.0157 0772 p2psvc - ok
13:43:23.0170 0772 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:43:23.0171 0772 Parport - ok
13:43:23.0202 0772 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:43:23.0202 0772 partmgr - ok
13:43:23.0222 0772 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:43:23.0224 0772 PcaSvc - ok
13:43:23.0243 0772 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:43:23.0244 0772 pci - ok
13:43:23.0255 0772 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:43:23.0255 0772 pciide - ok
13:43:23.0277 0772 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:43:23.0279 0772 pcmcia - ok
13:43:23.0288 0772 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:43:23.0289 0772 pcw - ok
13:43:23.0321 0772 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:43:23.0324 0772 PEAUTH - ok
13:43:23.0396 0772 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:43:23.0397 0772 PerfHost - ok
13:43:23.0496 0772 PinnacleUpdateSvc (0015113a604b94769ab5159e8dcfc6e6) C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe
13:43:23.0498 0772 PinnacleUpdateSvc - ok
13:43:23.0605 0772 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:43:23.0613 0772 pla - ok
13:43:23.0651 0772 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:43:23.0654 0772 PlugPlay - ok
13:43:23.0716 0772 PMBDeviceInfoProvider (ae6c778717de2f6b0c0b5335036d3363) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
13:43:23.0718 0772 PMBDeviceInfoProvider - ok
13:43:23.0746 0772 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
13:43:23.0747 0772 Pml Driver HPZ12 - ok
13:43:23.0749 0772 PnkBstrA - ok
13:43:23.0754 0772 PnkBstrB - ok
13:43:23.0767 0772 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:43:23.0768 0772 PNRPAutoReg - ok
13:43:23.0784 0772 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:43:23.0787 0772 PNRPsvc - ok
13:43:23.0832 0772 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
13:43:23.0832 0772 Point64 - ok
13:43:23.0875 0772 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:43:23.0878 0772 PolicyAgent - ok
13:43:23.0900 0772 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:43:23.0902 0772 Power - ok
13:43:23.0919 0772 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:43:23.0920 0772 PptpMiniport - ok
13:43:23.0931 0772 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:43:23.0932 0772 Processor - ok
13:43:23.0966 0772 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:43:23.0968 0772 ProfSvc - ok
13:43:23.0984 0772 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:43:23.0985 0772 ProtectedStorage - ok
13:43:23.0996 0772 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:43:23.0997 0772 Psched - ok
13:43:24.0069 0772 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:43:24.0077 0772 ql2300 - ok
13:43:24.0140 0772 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:43:24.0141 0772 ql40xx - ok
13:43:24.0172 0772 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:43:24.0174 0772 QWAVE - ok
13:43:24.0186 0772 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:43:24.0187 0772 QWAVEdrv - ok
13:43:24.0196 0772 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:43:24.0197 0772 RasAcd - ok
13:43:24.0215 0772 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:43:24.0216 0772 RasAgileVpn - ok
13:43:24.0232 0772 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:43:24.0234 0772 RasAuto - ok
13:43:24.0252 0772 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:43:24.0253 0772 Rasl2tp - ok
13:43:24.0276 0772 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:43:24.0279 0772 RasMan - ok
13:43:24.0308 0772 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:43:24.0308 0772 RasPppoe - ok
13:43:24.0324 0772 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:43:24.0325 0772 RasSstp - ok
13:43:24.0348 0772 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:43:24.0349 0772 rdbss - ok
13:43:24.0357 0772 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:43:24.0358 0772 rdpbus - ok
13:43:24.0365 0772 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:43:24.0365 0772 RDPCDD - ok
13:43:24.0376 0772 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:43:24.0376 0772 RDPENCDD - ok
13:43:24.0390 0772 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:43:24.0391 0772 RDPREFMP - ok
13:43:24.0426 0772 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:43:24.0427 0772 RDPWD - ok
13:43:24.0448 0772 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:43:24.0449 0772 rdyboost - ok
13:43:24.0464 0772 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:43:24.0466 0772 RemoteAccess - ok
13:43:24.0491 0772 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:43:24.0493 0772 RemoteRegistry - ok
13:43:24.0512 0772 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
13:43:24.0512 0772 Revoflt - ok
13:43:24.0526 0772 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:43:24.0527 0772 RpcEptMapper - ok
13:43:24.0550 0772 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:43:24.0551 0772 RpcLocator - ok
13:43:24.0582 0772 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:43:24.0585 0772 RpcSs - ok
13:43:24.0592 0772 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:43:24.0593 0772 rspndr - ok
13:43:24.0609 0772 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:43:24.0610 0772 SamSs - ok
13:43:24.0626 0772 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:43:24.0627 0772 sbp2port - ok
13:43:24.0648 0772 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:43:24.0650 0772 SCardSvr - ok
13:43:24.0658 0772 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:43:24.0659 0772 scfilter - ok
13:43:24.0709 0772 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:43:24.0716 0772 Schedule - ok
13:43:24.0748 0772 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:43:24.0749 0772 SCPolicySvc - ok
13:43:24.0764 0772 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:43:24.0766 0772 SDRSVC - ok
13:43:24.0819 0772 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:43:24.0821 0772 SeaPort - ok
13:43:24.0848 0772 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:43:24.0849 0772 secdrv - ok
13:43:24.0856 0772 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:43:24.0857 0772 seclogon - ok
13:43:24.0871 0772 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:43:24.0872 0772 SENS - ok
13:43:24.0883 0772 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:43:24.0884 0772 SensrSvc - ok
13:43:24.0887 0772 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:43:24.0888 0772 Serenum - ok
13:43:24.0894 0772 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:43:24.0895 0772 Serial - ok
13:43:24.0898 0772 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:43:24.0899 0772 sermouse - ok
13:43:24.0917 0772 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:43:24.0919 0772 SessionEnv - ok
13:43:24.0922 0772 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:43:24.0923 0772 sffdisk - ok
13:43:24.0926 0772 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:43:24.0927 0772 sffp_mmc - ok
13:43:24.0931 0772 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:43:24.0931 0772 sffp_sd - ok
13:43:24.0935 0772 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:43:24.0936 0772 sfloppy - ok
13:43:24.0985 0772 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:43:24.0989 0772 Sftfs - ok
13:43:25.0062 0772 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:43:25.0065 0772 sftlist - ok
13:43:25.0084 0772 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:43:25.0085 0772 Sftplay - ok
13:43:25.0095 0772 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:43:25.0095 0772 Sftredir - ok
13:43:25.0109 0772 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:43:25.0109 0772 Sftvol - ok
13:43:25.0129 0772 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:43:25.0130 0772 sftvsa - ok
13:43:25.0161 0772 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:43:25.0163 0772 SharedAccess - ok
13:43:25.0192 0772 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:43:25.0195 0772 ShellHWDetection - ok
13:43:25.0199 0772 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:43:25.0200 0772 SiSRaid2 - ok
13:43:25.0217 0772 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:43:25.0218 0772 SiSRaid4 - ok
13:43:25.0388 0772 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:43:25.0403 0772 Skype C2C Service - ok
13:43:25.0442 0772 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files (x86)\Skype\Updater\Updater.exe
13:43:25.0443 0772 SkypeUpdate - ok
13:43:25.0509 0772 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:43:25.0510 0772 Smb - ok
13:43:25.0523 0772 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:43:25.0525 0772 SNMPTRAP - ok
13:43:25.0531 0772 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:43:25.0532 0772 spldr - ok
13:43:25.0571 0772 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:43:25.0575 0772 Spooler - ok
13:43:25.0720 0772 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:43:25.0738 0772 sppsvc - ok
13:43:25.0778 0772 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:43:25.0779 0772 sppuinotify - ok
13:43:25.0808 0772 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:43:25.0810 0772 srv - ok
13:43:25.0839 0772 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:43:25.0841 0772 srv2 - ok
13:43:25.0854 0772 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:43:25.0855 0772 srvnet - ok
13:43:25.0868 0772 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:43:25.0870 0772 SSDPSRV - ok
13:43:25.0884 0772 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:43:25.0886 0772 SstpSvc - ok
13:43:25.0930 0772 Steam Client Service - ok
13:43:25.0949 0772 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:43:25.0949 0772 stexstor - ok
13:43:25.0987 0772 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:43:25.0991 0772 stisvc - ok
13:43:26.0000 0772 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:43:26.0000 0772 swenum - ok
13:43:26.0028 0772 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:43:26.0032 0772 swprv - ok
13:43:26.0113 0772 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:43:26.0123 0772 SysMain - ok
13:43:26.0157 0772 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:43:26.0158 0772 TabletInputService - ok
13:43:26.0185 0772 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:43:26.0187 0772 TapiSrv - ok
13:43:26.0195 0772 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:43:26.0197 0772 TBS - ok
13:43:26.0316 0772 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:43:26.0326 0772 Tcpip - ok
13:43:26.0453 0772 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:43:26.0463 0772 TCPIP6 - ok
13:43:26.0500 0772 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:43:26.0500 0772 tcpipreg - ok
13:43:26.0513 0772 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:43:26.0514 0772 TDPIPE - ok
13:43:26.0538 0772 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:43:26.0538 0772 TDTCP - ok
13:43:26.0557 0772 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:43:26.0557 0772 tdx - ok
13:43:26.0572 0772 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:43:26.0572 0772 TermDD - ok
13:43:26.0614 0772 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:43:26.0619 0772 TermService - ok
13:43:26.0634 0772 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:43:26.0635 0772 Themes - ok
13:43:26.0654 0772 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:43:26.0655 0772 THREADORDER - ok
13:43:26.0687 0772 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys
13:43:26.0687 0772 tmactmon - ok
13:43:26.0705 0772 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys
13:43:26.0706 0772 tmcomm - ok
13:43:26.0724 0772 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys
13:43:26.0724 0772 tmevtmgr - ok
13:43:26.0747 0772 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys
13:43:26.0748 0772 tmtdi - ok
13:43:26.0764 0772 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:43:26.0766 0772 TrkWks - ok
13:43:26.0794 0772 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:43:26.0795 0772 TrustedInstaller - ok
13:43:26.0808 0772 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:43:26.0808 0772 tssecsrv - ok
13:43:26.0819 0772 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:43:26.0820 0772 TsUsbFlt - ok
13:43:26.0824 0772 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:43:26.0825 0772 TsUsbGD - ok
13:43:26.0843 0772 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:43:26.0844 0772 tunnel - ok
13:43:26.0849 0772 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:43:26.0850 0772 uagp35 - ok
13:43:26.0873 0772 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:43:26.0874 0772 udfs - ok
13:43:26.0882 0772 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:43:26.0884 0772 UI0Detect - ok
13:43:26.0888 0772 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:43:26.0889 0772 uliagpkx - ok
13:43:26.0902 0772 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:43:26.0903 0772 umbus - ok
13:43:26.0906 0772 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:43:26.0906 0772 UmPass - ok
13:43:26.0933 0772 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:43:26.0936 0772 upnphost - ok
13:43:26.0963 0772 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
13:43:26.0964 0772 usbaudio - ok
13:43:26.0975 0772 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:43:26.0976 0772 usbccgp - ok
13:43:26.0993 0772 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:43:26.0993 0772 usbcir - ok
13:43:27.0014 0772 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:43:27.0015 0772 usbehci - ok
13:43:27.0030 0772 UsbFltr (68bad03835873d4bbbde95cbb135a395) C:\Windows\system32\Drivers\UsbFltr.sys
13:43:27.0030 0772 UsbFltr - ok
13:43:27.0058 0772 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:43:27.0060 0772 usbhub - ok
13:43:27.0071 0772 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
13:43:27.0072 0772 usbohci - ok
13:43:27.0088 0772 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
13:43:27.0088 0772 usbprint - ok
13:43:27.0103 0772 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:43:27.0103 0772 USBSTOR - ok
13:43:27.0124 0772 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:43:27.0125 0772 usbuhci - ok
13:43:27.0151 0772 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:43:27.0152 0772 usbvideo - ok
13:43:27.0162 0772 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:43:27.0163 0772 UxSms - ok
13:43:27.0176 0772 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:43:27.0177 0772 VaultSvc - ok
13:43:27.0183 0772 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:43:27.0183 0772 vdrvroot - ok
13:43:27.0215 0772 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:43:27.0219 0772 vds - ok
13:43:27.0223 0772 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:43:27.0223 0772 vga - ok
13:43:27.0240 0772 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:43:27.0241 0772 VgaSave - ok
13:43:27.0259 0772 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:43:27.0261 0772 vhdmp - ok
13:43:27.0362 0772 VIAHdAudAddService (84ffc3cca60a1b52a021bc894d529735) C:\Windows\system32\drivers\viahduaa.sys
13:43:27.0373 0772 VIAHdAudAddService - ok
13:43:27.0443 0772 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:43:27.0444 0772 viaide - ok
13:43:27.0459 0772 VIAKaraokeService (f4310278e6ce1c507b5555b662369e26) C:\Windows\system32\viakaraokesrv.exe
13:43:27.0460 0772 VIAKaraokeService - ok
13:43:27.0468 0772 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:43:27.0468 0772 volmgr - ok
13:43:27.0493 0772 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:43:27.0495 0772 volmgrx - ok
13:43:27.0519 0772 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
13:43:27.0521 0772 volsnap - ok
13:43:27.0538 0772 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:43:27.0539 0772 vsmraid - ok
13:43:27.0622 0772 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:43:27.0631 0772 VSS - ok
13:43:27.0672 0772 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:43:27.0673 0772 vwifibus - ok
13:43:27.0699 0772 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:43:27.0702 0772 W32Time - ok
13:43:27.0708 0772 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:43:27.0709 0772 WacomPen - ok
13:43:27.0725 0772 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:43:27.0726 0772 WANARP - ok
13:43:27.0729 0772 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:43:27.0729 0772 Wanarpv6 - ok
13:43:27.0810 0772 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:43:27.0817 0772 WatAdminSvc - ok
13:43:27.0890 0772 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:43:27.0898 0772 wbengine - ok
13:43:27.0939 0772 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:43:27.0941 0772 WbioSrvc - ok
13:43:27.0967 0772 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:43:27.0970 0772 wcncsvc - ok
13:43:27.0985 0772 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:43:27.0986 0772 WcsPlugInService - ok
13:43:27.0991 0772 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:43:27.0992 0772 Wd - ok
13:43:28.0032 0772 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:43:28.0035 0772 Wdf01000 - ok
13:43:28.0048 0772 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:43:28.0050 0772 WdiServiceHost - ok
13:43:28.0053 0772 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:43:28.0054 0772 WdiSystemHost - ok
13:43:28.0072 0772 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:43:28.0074 0772 WebClient - ok
13:43:28.0091 0772 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:43:28.0094 0772 Wecsvc - ok
13:43:28.0105 0772 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:43:28.0107 0772 wercplsupport - ok
13:43:28.0117 0772 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:43:28.0119 0772 WerSvc - ok
13:43:28.0135 0772 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:43:28.0136 0772 WfpLwf - ok
13:43:28.0139 0772 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:43:28.0140 0772 WIMMount - ok
13:43:28.0179 0772 WinDefend - ok
13:43:28.0223 0772 WindowBlinds (97c7f30787a30cfa760b0247631a5463) C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
13:43:28.0225 0772 WindowBlinds - ok
13:43:28.0232 0772 WinHttpAutoProxySvc - ok
13:43:28.0295 0772 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:43:28.0296 0772 Winmgmt - ok
13:43:28.0384 0772 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:43:28.0395 0772 WinRM - ok
13:43:28.0478 0772 winusb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\winusb.sys
13:43:28.0478 0772 winusb - ok
13:43:28.0536 0772 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:43:28.0542 0772 Wlansvc - ok
13:43:28.0582 0772 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:43:28.0582 0772 wlcrasvc - ok
13:43:28.0721 0772 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:43:28.0732 0772 wlidsvc - ok
13:43:28.0787 0772 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys
13:43:28.0787 0772 WmBEnum - ok
13:43:28.0801 0772 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys
13:43:28.0802 0772 WmFilter - ok
13:43:28.0812 0772 WmHidLo (ac4331af118a720f13c9c5cabbfe27bd) C:\Windows\system32\drivers\WmHidLo.sys
13:43:28.0813 0772 WmHidLo - ok
13:43:28.0828 0772 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:43:28.0829 0772 WmiAcpi - ok
13:43:28.0875 0772 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:43:28.0876 0772 wmiApSrv - ok
13:43:28.0904 0772 WMPNetworkSvc - ok
13:43:28.0919 0772 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys
13:43:28.0919 0772 WmVirHid - ok
13:43:28.0930 0772 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys
13:43:28.0931 0772 WmXlCore - ok
13:43:28.0985 0772 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
13:43:28.0986 0772 WMZuneComm - ok
13:43:29.0009 0772 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:43:29.0011 0772 WPCSvc - ok
13:43:29.0023 0772 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:43:29.0025 0772 WPDBusEnum - ok
13:43:29.0028 0772 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:43:29.0028 0772 ws2ifsl - ok
13:43:29.0043 0772 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:43:29.0044 0772 wscsvc - ok
13:43:29.0047 0772 WSearch - ok
13:43:29.0177 0772 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:43:29.0190 0772 wuauserv - ok
13:43:29.0269 0772 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:43:29.0270 0772 WudfPf - ok
13:43:29.0291 0772 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:43:29.0292 0772 WUDFRd - ok
13:43:29.0305 0772 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:43:29.0306 0772 wudfsvc - ok
13:43:29.0332 0772 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:43:29.0334 0772 WwanSvc - ok
13:43:29.0457 0772 ytpUpdater (88596ac939a4bcd347c5d360dfd0846e) C:\Program Files (x86)\updater\updater.exe
13:43:29.0466 0772 ytpUpdater - ok
13:43:29.0790 0772 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
13:43:29.0830 0772 ZuneNetworkSvc - ok
13:43:29.0905 0772 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
13:43:29.0908 0772 ZuneWlanCfgSvc - ok
13:43:29.0921 0772 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:43:30.0106 0772 \Device\Harddisk0\DR0 - ok
13:43:30.0110 0772 Boot (0x1200) (6efb70c07cd1ba1edca2b603cc988eec) \Device\Harddisk0\DR0\Partition0
13:43:30.0111 0772 \Device\Harddisk0\DR0\Partition0 - ok
13:43:30.0128 0772 Boot (0x1200) (60ac426d1eba97774f052e637196341a) \Device\Harddisk0\DR0\Partition1
13:43:30.0130 0772 \Device\Harddisk0\DR0\Partition1 - ok
13:43:30.0130 0772 ============================================================
13:43:30.0130 0772 Scan finished
13:43:30.0130 0772 ============================================================
13:43:30.0138 0708 Detected object count: 0
13:43:30.0138 0708 Actual detected object count: 0
13:43:45.0079 1452 ============================================================
13:43:45.0079 1452 Scan started
13:43:45.0079 1452 Mode: Manual;
13:43:45.0079 1452 ============================================================
13:43:45.0284 1452 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:43:45.0285 1452 1394ohci - ok
13:43:45.0312 1452 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:43:45.0314 1452 ACPI - ok
13:43:45.0323 1452 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:43:45.0323 1452 AcpiPmi - ok
13:43:45.0401 1452 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:43:45.0402 1452 AdobeFlashPlayerUpdateSvc - ok
13:43:45.0437 1452 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:43:45.0440 1452 adp94xx - ok
13:43:45.0464 1452 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:43:45.0466 1452 adpahci - ok
13:43:45.0487 1452 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:43:45.0489 1452 adpu320 - ok
13:43:45.0509 1452 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:43:45.0510 1452 AeLookupSvc - ok
13:43:45.0550 1452 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:43:45.0552 1452 AFD - ok
13:43:45.0566 1452 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:43:45.0566 1452 agp440 - ok
13:43:45.0583 1452 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:43:45.0583 1452 ALG - ok
13:43:45.0595 1452 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:43:45.0595 1452 aliide - ok
13:43:45.0633 1452 AMD External Events Utility (9c616ba191b80f5cd1a1b9553e107100) C:\Windows\system32\atiesrxx.exe
13:43:45.0634 1452 AMD External Events Utility - ok
13:43:45.0657 1452 AMD FUEL Service - ok
13:43:45.0668 1452 amdhub30 (30bfeee0dffd5bd79d29157cf080deed) C:\Windows\system32\drivers\amdhub30.sys
13:43:45.0669 1452 amdhub30 - ok
13:43:45.0682 1452 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:43:45.0682 1452 amdide - ok
13:43:45.0692 1452 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
13:43:45.0693 1452 amdiox64 - ok
13:43:45.0710 1452 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:43:45.0710 1452 AmdK8 - ok
13:43:46.0045 1452 amdkmdag (5165e83751b8ff40e5e4925996fcc506) C:\Windows\system32\DRIVERS\atikmdag.sys
13:43:46.0095 1452 amdkmdag - ok
13:43:46.0197 1452 amdkmdap (86ab3cf484260c4318f3a6e8b035f422) C:\Windows\system32\DRIVERS\atikmpag.sys
13:43:46.0199 1452 amdkmdap - ok
13:43:46.0211 1452 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:43:46.0211 1452 AmdPPM - ok
13:43:46.0230 1452 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:43:46.0231 1452 amdsata - ok
13:43:46.0251 1452 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:43:46.0253 1452 amdsbs - ok
13:43:46.0264 1452 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:43:46.0264 1452 amdxata - ok
13:43:46.0285 1452 amdxhc (321533578132c811ec834a1b741c994c) C:\Windows\system32\drivers\amdxhc.sys
13:43:46.0286 1452 amdxhc - ok
13:43:46.0351 1452 AMD_RAIDXpert (0d0c13dd91f0c49814f314b78e21c6b9) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
13:43:46.0352 1452 AMD_RAIDXpert - ok
13:43:46.0439 1452 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
13:43:46.0441 1452 Amsp - ok
13:43:46.0467 1452 AODDriver4.1 (5b25d1a753cc3a3edb909bb759ac1098) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:43:46.0468 1452 AODDriver4.1 - ok
13:43:46.0483 1452 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:43:46.0483 1452 AppID - ok
13:43:46.0499 1452 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:43:46.0500 1452 AppIDSvc - ok
13:43:46.0512 1452 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:43:46.0512 1452 Appinfo - ok
13:43:46.0525 1452 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:43:46.0525 1452 arc - ok
13:43:46.0533 1452 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:43:46.0533 1452 arcsas - ok
13:43:46.0607 1452 asComSvc (6e3f4538b33bc19259e99be1826286a3) C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
13:43:46.0612 1452 asComSvc - ok
13:43:46.0664 1452 asHmComSvc (a63173897ea1a73a75d0e65036de5b15) C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
13:43:46.0669 1452 asHmComSvc - ok
13:43:46.0731 1452 ASInsHelp (edaa17ce771c696655b6585f7cad2100) C:\Windows\SysWow64\drivers\AsInsHelp64.sys
13:43:46.0731 1452 ASInsHelp - ok
13:43:46.0743 1452 AsIO (fef9dd9ea587f8886ade43c1befbdafe) C:\Windows\syswow64\drivers\AsIO.sys
13:43:46.0743 1452 AsIO - ok
13:43:46.0797 1452 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:43:46.0797 1452 aspnet_state - ok
13:43:46.0841 1452 AsSysCtrlService (5c31dfb196cb3a488a041881634d86d2) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
13:43:46.0844 1452 AsSysCtrlService - ok
13:43:46.0852 1452 AsUpIO (1392b92179b07b672720763d9b1028a5) C:\Windows\syswow64\drivers\AsUpIO.sys
13:43:46.0852 1452 AsUpIO - ok
13:43:46.0920 1452 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:43:46.0920 1452 AsyncMac - ok
13:43:46.0931 1452 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:43:46.0931 1452 atapi - ok
13:43:46.0951 1452 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
13:43:46.0951 1452 AtiHDAudioService - ok
13:43:46.0989 1452 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:43:46.0992 1452 AudioEndpointBuilder - ok
13:43:46.0999 1452 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:43:47.0002 1452 AudioSrv - ok
13:43:47.0018 1452 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:43:47.0019 1452 AxInstSV - ok
13:43:47.0053 1452 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:43:47.0055 1452 b06bdrv - ok
13:43:47.0076 1452 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:43:47.0078 1452 b57nd60a - ok
13:43:47.0127 1452 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:43:47.0128 1452 BBSvc - ok
13:43:47.0141 1452 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:43:47.0142 1452 BDESVC - ok
13:43:47.0148 1452 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:43:47.0148 1452 Beep - ok
13:43:47.0187 1452 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:43:47.0191 1452 BFE - ok
13:43:47.0241 1452 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:43:47.0246 1452 BITS - ok
13:43:47.0258 1452 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
13:43:47.0258 1452 blbdrive - ok
13:43:47.0272 1452 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:43:47.0273 1452 bowser - ok
13:43:47.0282 1452 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:43:47.0283 1452 BrFiltLo - ok
13:43:47.0292 1452 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:43:47.0292 1452 BrFiltUp - ok
13:43:47.0310 1452 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:43:47.0311 1452 Browser - ok
13:43:47.0337 1452 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:43:47.0339 1452 Brserid - ok
13:43:47.0353 1452 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:43:47.0353 1452 BrSerWdm - ok
13:43:47.0366 1452 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:43:47.0366 1452 BrUsbMdm - ok
13:43:47.0380 1452 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:43:47.0381 1452 BrUsbSer - ok
13:43:47.0394 1452 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:43:47.0394 1452 BTHMODEM - ok
13:43:47.0402 1452 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:43:47.0403 1452 bthserv - ok
13:43:47.0414 1452 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:43:47.0415 1452 cdfs - ok
13:43:47.0427 1452 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:43:47.0428 1452 cdrom - ok
13:43:47.0438 1452 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:43:47.0439 1452 CertPropSvc - ok
13:43:47.0448 1452 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:43:47.0449 1452 circlass - ok
13:43:47.0478 1452 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:43:47.0480 1452 CLFS - ok
13:43:47.0535 1452 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

 

[Ryan O'Brien]

13:43:47.0535 1452 clr_optimization_v2.0.50727_32 - ok
13:43:47.0578 1452 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:43:47.0579 1452 clr_optimization_v2.0.50727_64 - ok
13:43:47.0632 1452 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:43:47.0633 1452 clr_optimization_v4.0.30319_32 - ok
13:43:47.0661 1452 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:43:47.0662 1452 clr_optimization_v4.0.30319_64 - ok
13:43:47.0671 1452 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:43:47.0671 1452 CmBatt - ok
13:43:47.0683 1452 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:43:47.0683 1452 cmdide - ok
13:43:47.0730 1452 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
13:43:47.0733 1452 CNG - ok
13:43:47.0740 1452 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:43:47.0740 1452 Compbatt - ok
13:43:47.0750 1452 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:43:47.0751 1452 CompositeBus - ok
13:43:47.0753 1452 COMSysApp - ok
13:43:47.0758 1452 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:43:47.0759 1452 crcdisk - ok
13:43:47.0798 1452 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:43:47.0799 1452 CryptSvc - ok
13:43:47.0918 1452 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:43:47.0922 1452 cvhsvc - ok
13:43:47.0948 1452 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
13:43:47.0949 1452 dc3d - ok
13:43:47.0981 1452 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:43:47.0984 1452 DcomLaunch - ok
13:43:48.0011 1452 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:43:48.0013 1452 defragsvc - ok
13:43:48.0079 1452 Device Handle Service (0a403702cb00432ac818523cd416bf67) C:\Windows\SysWOW64\AsHookDevice.exe
13:43:48.0080 1452 Device Handle Service - ok
13:43:48.0106 1452 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:43:48.0106 1452 DfsC - ok
13:43:48.0124 1452 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:43:48.0126 1452 Dhcp - ok
13:43:48.0139 1452 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:43:48.0140 1452 discache - ok
13:43:48.0148 1452 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:43:48.0149 1452 Disk - ok
13:43:48.0164 1452 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:43:48.0166 1452 Dnscache - ok
13:43:48.0185 1452 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:43:48.0187 1452 dot3svc - ok
13:43:48.0206 1452 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:43:48.0207 1452 DPS - ok
13:43:48.0215 1452 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:43:48.0216 1452 drmkaud - ok
13:43:48.0270 1452 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
13:43:48.0270 1452 DrvAgent64 - ok
13:43:48.0326 1452 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:43:48.0331 1452 DXGKrnl - ok
13:43:48.0335 1452 EagleX64 - ok
13:43:48.0353 1452 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:43:48.0354 1452 EapHost - ok
13:43:48.0504 1452 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:43:48.0520 1452 ebdrv - ok
13:43:48.0588 1452 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:43:48.0589 1452 EFS - ok
13:43:48.0642 1452 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:43:48.0646 1452 ehRecvr - ok
13:43:48.0676 1452 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:43:48.0677 1452 ehSched - ok
13:43:48.0727 1452 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:43:48.0730 1452 elxstor - ok
13:43:48.0740 1452 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:43:48.0740 1452 ErrDev - ok
13:43:48.0771 1452 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:43:48.0773 1452 EventSystem - ok
13:43:48.0791 1452 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:43:48.0792 1452 exfat - ok
13:43:48.0813 1452 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:43:48.0815 1452 fastfat - ok
13:43:48.0859 1452 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:43:48.0863 1452 Fax - ok
13:43:48.0875 1452 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:43:48.0875 1452 fdc - ok
13:43:48.0884 1452 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:43:48.0885 1452 fdPHost - ok
13:43:48.0897 1452 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:43:48.0898 1452 FDResPub - ok
13:43:48.0908 1452 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:43:48.0908 1452 FileInfo - ok
13:43:48.0916 1452 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:43:48.0916 1452 Filetrace - ok
13:43:48.0919 1452 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:43:48.0920 1452 flpydisk - ok
13:43:48.0943 1452 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:43:48.0945 1452 FltMgr - ok
13:43:49.0005 1452 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:43:49.0011 1452 FontCache - ok
13:43:49.0066 1452 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:43:49.0067 1452 FontCache3.0.0.0 - ok
13:43:49.0082 1452 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:43:49.0082 1452 FsDepends - ok
13:43:49.0109 1452 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
13:43:49.0110 1452 fssfltr - ok
13:43:49.0238 1452 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:43:49.0245 1452 fsssvc - ok
13:43:49.0316 1452 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:43:49.0316 1452 Fs_Rec - ok
13:43:49.0332 1452 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:43:49.0333 1452 fvevol - ok
13:43:49.0342 1452 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:43:49.0343 1452 gagp30kx - ok
13:43:49.0385 1452 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:43:49.0390 1452 gpsvc - ok
13:43:49.0455 1452 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:43:49.0456 1452 gupdate - ok
13:43:49.0459 1452 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:43:49.0460 1452 gupdatem - ok
13:43:49.0479 1452 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
13:43:49.0480 1452 hamachi - ok
13:43:49.0489 1452 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:43:49.0489 1452 hcw85cir - ok
13:43:49.0520 1452 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:43:49.0522 1452 HdAudAddService - ok
13:43:49.0541 1452 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:43:49.0542 1452 HDAudBus - ok
13:43:49.0553 1452 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:43:49.0553 1452 HidBatt - ok
13:43:49.0569 1452 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:43:49.0570 1452 HidBth - ok
13:43:49.0574 1452 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:43:49.0575 1452 HidIr - ok
13:43:49.0583 1452 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:43:49.0584 1452 hidserv - ok
13:43:49.0590 1452 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:43:49.0591 1452 HidUsb - ok
13:43:49.0616 1452 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:43:49.0617 1452 hkmsvc - ok
13:43:49.0639 1452 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:43:49.0641 1452 HomeGroupListener - ok
13:43:49.0670 1452 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:43:49.0672 1452 HomeGroupProvider - ok
13:43:49.0678 1452 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:43:49.0678 1452 HpSAMD - ok
13:43:49.0719 1452 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:43:49.0723 1452 HTTP - ok
13:43:49.0730 1452 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:43:49.0731 1452 hwpolicy - ok
13:43:49.0737 1452 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:43:49.0738 1452 i8042prt - ok
13:43:49.0765 1452 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:43:49.0767 1452 iaStorV - ok
13:43:49.0849 1452 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:43:49.0854 1452 idsvc - ok
13:43:49.0866 1452 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:43:49.0867 1452 iirsp - ok
13:43:49.0922 1452 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:43:49.0927 1452 IKEEXT - ok
13:43:49.0944 1452 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:43:49.0944 1452 intelide - ok
13:43:49.0955 1452 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
13:43:49.0955 1452 intelppm - ok
13:43:49.0973 1452 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:43:49.0974 1452 IPBusEnum - ok
13:43:49.0987 1452 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:43:49.0988 1452 IpFilterDriver - ok
13:43:50.0023 1452 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:43:50.0026 1452 iphlpsvc - ok
13:43:50.0032 1452 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:43:50.0033 1452 IPMIDRV - ok
13:43:50.0039 1452 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:43:50.0040 1452 IPNAT - ok
13:43:50.0049 1452 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:43:50.0049 1452 IRENUM - ok
13:43:50.0061 1452 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:43:50.0062 1452 isapnp - ok
13:43:50.0085 1452 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:43:50.0087 1452 iScsiPrt - ok
13:43:50.0100 1452 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:43:50.0101 1452 kbdclass - ok
13:43:50.0109 1452 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:43:50.0110 1452 kbdhid - ok
13:43:50.0125 1452 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:43:50.0126 1452 KeyIso - ok
13:43:50.0155 1452 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
13:43:50.0156 1452 KSecDD - ok
13:43:50.0170 1452 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
13:43:50.0171 1452 KSecPkg - ok
13:43:50.0185 1452 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:43:50.0186 1452 ksthunk - ok
13:43:50.0223 1452 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:43:50.0226 1452 KtmRm - ok
13:43:50.0247 1452 L1C (173666119d217e3739205c169e2bf0e5) C:\Windows\system32\DRIVERS\L1C62x64.sys
13:43:50.0248 1452 L1C - ok
13:43:50.0269 1452 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:43:50.0271 1452 LanmanServer - ok
13:43:50.0293 1452 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:43:50.0294 1452 LanmanWorkstation - ok
13:43:50.0309 1452 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:43:50.0310 1452 lltdio - ok
13:43:50.0345 1452 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:43:50.0347 1452 lltdsvc - ok
13:43:50.0359 1452 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:43:50.0360 1452 lmhosts - ok
13:43:50.0380 1452 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:43:50.0381 1452 LSI_FC - ok
13:43:50.0393 1452 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:43:50.0394 1452 LSI_SAS - ok
13:43:50.0401 1452 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:43:50.0402 1452 LSI_SAS2 - ok
13:43:50.0417 1452 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:43:50.0417 1452 LSI_SCSI - ok
13:43:50.0433 1452 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:43:50.0434 1452 luafv - ok
13:43:50.0455 1452 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
13:43:50.0456 1452 MBAMProtector - ok
13:43:50.0534 1452 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:43:50.0537 1452 MBAMService - ok
13:43:50.0606 1452 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
13:43:50.0607 1452 McComponentHostService - ok
13:43:50.0627 1452 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:43:50.0628 1452 Mcx2Svc - ok
13:43:50.0637 1452 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:43:50.0638 1452 megasas - ok
13:43:50.0661 1452 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:43:50.0663 1452 MegaSR - ok
13:43:50.0678 1452 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:43:50.0679 1452 MMCSS - ok
13:43:50.0689 1452 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:43:50.0690 1452 Modem - ok
13:43:50.0706 1452 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:43:50.0706 1452 monitor - ok
13:43:50.0717 1452 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:43:50.0718 1452 mouclass - ok
13:43:50.0726 1452 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:43:50.0726 1452 mouhid - ok
13:43:50.0738 1452 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:43:50.0738 1452 mountmgr - ok
13:43:50.0778 1452 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:43:50.0779 1452 MozillaMaintenance - ok
13:43:50.0793 1452 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:43:50.0794 1452 mpio - ok
13:43:50.0809 1452 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:43:50.0810 1452 mpsdrv - ok
13:43:50.0856 1452 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:43:50.0861 1452 MpsSvc - ok
13:43:50.0881 1452 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:43:50.0882 1452 MRxDAV - ok
13:43:50.0898 1452 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:43:50.0898 1452 mrxsmb - ok
13:43:50.0939 1452 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:43:50.0941 1452 mrxsmb10 - ok
13:43:50.0958 1452 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:43:50.0959 1452 mrxsmb20 - ok
13:43:50.0974 1452 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:43:50.0975 1452 msahci - ok
13:43:50.0992 1452 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:43:50.0993 1452 msdsm - ok
13:43:51.0020 1452 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:43:51.0021 1452 MSDTC - ok
13:43:51.0037 1452 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:43:51.0037 1452 Msfs - ok
13:43:51.0048 1452 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:43:51.0048 1452 mshidkmdf - ok
13:43:51.0056 1452 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:43:51.0057 1452 msisadrv - ok
13:43:51.0088 1452 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:43:51.0089 1452 MSiSCSI - ok
13:43:51.0091 1452 msiserver - ok
13:43:51.0101 1452 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:43:51.0102 1452 MSKSSRV - ok
13:43:51.0108 1452 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:43:51.0108 1452 MSPCLOCK - ok
13:43:51.0117 1452 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:43:51.0118 1452 MSPQM - ok
13:43:51.0144 1452 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:43:51.0146 1452 MsRPC - ok
13:43:51.0155 1452 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:43:51.0155 1452 mssmbios - ok
13:43:51.0169 1452 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:43:51.0169 1452 MSTEE - ok
13:43:51.0176 1452 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:43:51.0176 1452 MTConfig - ok
13:43:51.0191 1452 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:43:51.0191 1452 Mup - ok
13:43:51.0219 1452 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:43:51.0222 1452 napagent - ok
13:43:51.0251 1452 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:43:51.0253 1452 NativeWifiP - ok
13:43:51.0306 1452 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:43:51.0311 1452 NDIS - ok
13:43:51.0323 1452 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:43:51.0324 1452 NdisCap - ok
13:43:51.0333 1452 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:43:51.0333 1452 NdisTapi - ok
13:43:51.0342 1452 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:43:51.0343 1452 Ndisuio - ok
13:43:51.0359 1452 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:43:51.0360 1452 NdisWan - ok
13:43:51.0375 1452 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:43:51.0375 1452 NDProxy - ok
13:43:51.0399 1452 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
13:43:51.0400 1452 Net Driver HPZ12 - ok
13:43:51.0420 1452 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:43:51.0420 1452 NetBIOS - ok
13:43:51.0444 1452 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:43:51.0445 1452 NetBT - ok
13:43:51.0459 1452 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:43:51.0460 1452 Netlogon - ok
13:43:51.0482 1452 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:43:51.0485 1452 Netman - ok
13:43:51.0563 1452 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:43:51.0564 1452 NetMsmqActivator - ok
13:43:51.0567 1452 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:43:51.0568 1452 NetPipeActivator - ok
13:43:51.0601 1452 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:43:51.0604 1452 netprofm - ok
13:43:51.0608 1452 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:43:51.0609 1452 NetTcpActivator - ok
13:43:51.0613 1452 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:43:51.0613 1452 NetTcpPortSharing - ok
13:43:51.0636 1452 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:43:51.0637 1452 nfrd960 - ok
13:43:51.0665 1452 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:43:51.0667 1452 NlaSvc - ok
13:43:51.0675 1452 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:43:51.0676 1452 Npfs - ok
13:43:51.0688 1452 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:43:51.0689 1452 nsi - ok
13:43:51.0700 1452 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:43:51.0700 1452 nsiproxy - ok
13:43:51.0780 1452 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:43:51.0789 1452 Ntfs - ok
13:43:51.0844 1452 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:43:51.0844 1452 Null - ok
13:43:51.0864 1452 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:43:51.0865 1452 nvraid - ok
13:43:51.0880 1452 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:43:51.0881 1452 nvstor - ok
13:43:51.0899 1452 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:43:51.0900 1452 nv_agp - ok
13:43:51.0917 1452 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:43:51.0918 1452 ohci1394 - ok
13:43:51.0980 1452 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:43:51.0981 1452 ose - ok
13:43:52.0208 1452 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:43:52.0232 1452 osppsvc - ok
13:43:52.0314 1452 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:43:52.0317 1452 p2pimsvc - ok
13:43:52.0354 1452 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:43:52.0357 1452 p2psvc - ok
13:43:52.0378 1452 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:43:52.0378 1452 Parport - ok
13:43:52.0409 1452 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:43:52.0409 1452 partmgr - ok
13:43:52.0430 1452 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:43:52.0432 1452 PcaSvc - ok
13:43:52.0451 1452 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:43:52.0452 1452 pci - ok
13:43:52.0462 1452 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:43:52.0462 1452 pciide - ok
13:43:52.0485 1452 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:43:52.0486 1452 pcmcia - ok
13:43:52.0495 1452 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:43:52.0496 1452 pcw - ok
13:43:52.0529 1452 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:43:52.0532 1452 PEAUTH - ok
13:43:52.0586 1452 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:43:52.0588 1452 PerfHost - ok
13:43:52.0687 1452 PinnacleUpdateSvc (0015113a604b94769ab5159e8dcfc6e6) C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe
13:43:52.0690 1452 PinnacleUpdateSvc - ok
13:43:52.0798 1452 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:43:52.0805 1452 pla - ok
13:43:52.0842 1452 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:43:52.0845 1452 PlugPlay - ok
13:43:52.0907 1452 PMBDeviceInfoProvider (ae6c778717de2f6b0c0b5335036d3363) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
13:43:52.0909 1452 PMBDeviceInfoProvider - ok
13:43:52.0937 1452 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
13:43:52.0938 1452 Pml Driver HPZ12 - ok
13:43:52.0940 1452 PnkBstrA - ok
13:43:52.0944 1452 PnkBstrB - ok
13:43:52.0958 1452 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:43:52.0959 1452 PNRPAutoReg - ok
13:43:52.0980 1452 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:43:52.0982 1452 PNRPsvc - ok
13:43:53.0022 1452 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
13:43:53.0023 1452 Point64 - ok
13:43:53.0067 1452 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:43:53.0070 1452 PolicyAgent - ok
13:43:53.0091 1452 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:43:53.0093 1452 Power - ok
13:43:53.0110 1452 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:43:53.0111 1452 PptpMiniport - ok
13:43:53.0122 1452 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:43:53.0122 1452 Processor - ok
13:43:53.0157 1452 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:43:53.0159 1452 ProfSvc - ok
13:43:53.0175 1452 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:43:53.0176 1452 ProtectedStorage - ok
13:43:53.0187 1452 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:43:53.0188 1452 Psched - ok
13:43:53.0262 1452 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:43:53.0269 1452 ql2300 - ok
13:43:53.0340 1452 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:43:53.0340 1452 ql40xx - ok
13:43:53.0363 1452 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:43:53.0365 1452 QWAVE - ok
13:43:53.0377 1452 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:43:53.0378 1452 QWAVEdrv - ok
13:43:53.0387 1452 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:43:53.0387 1452 RasAcd - ok
13:43:53.0406 1452 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:43:53.0407 1452 RasAgileVpn - ok
13:43:53.0423 1452 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:43:53.0424 1452 RasAuto - ok
13:43:53.0442 1452 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:43:53.0443 1452 Rasl2tp - ok
13:43:53.0467 1452 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:43:53.0470 1452 RasMan - ok
13:43:53.0481 1452 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:43:53.0482 1452 RasPppoe - ok
13:43:53.0498 1452 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:43:53.0499 1452 RasSstp - ok
13:43:53.0522 1452 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:43:53.0524 1452 rdbss - ok
13:43:53.0540 1452 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:43:53.0540 1452 rdpbus - ok
13:43:53.0547 1452 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:43:53.0547 1452 RDPCDD - ok
13:43:53.0558 1452 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:43:53.0558 1452 RDPENCDD - ok
13:43:53.0573 1452 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:43:53.0573 1452 RDPREFMP - ok
13:43:53.0609 1452 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:43:53.0610 1452 RDPWD - ok
13:43:53.0630 1452 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:43:53.0632 1452 rdyboost - ok
13:43:53.0647 1452 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:43:53.0648 1452 RemoteAccess - ok
13:43:53.0665 1452 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:43:53.0667 1452 RemoteRegistry - ok
13:43:53.0694 1452 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
13:43:53.0695 1452 Revoflt - ok
13:43:53.0708 1452 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:43:53.0709 1452 RpcEptMapper - ok
13:43:53.0727 1452 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:43:53.0728 1452 RpcLocator - ok
13:43:53.0756 1452 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:43:53.0760 1452 RpcSs - ok
13:43:53.0765 1452 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:43:53.0766 1452 rspndr - ok
13:43:53.0783 1452 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:43:53.0784 1452 SamSs - ok
13:43:53.0801 1452 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:43:53.0801 1452 sbp2port - ok
13:43:53.0822 1452 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:43:53.0824 1452 SCardSvr - ok
13:43:53.0832 1452 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:43:53.0833 1452 scfilter - ok
13:43:53.0885 1452 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:43:53.0892 1452 Schedule - ok
13:43:53.0914 1452 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:43:53.0915 1452 SCPolicySvc - ok
13:43:53.0930 1452 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:43:53.0931 1452 SDRSVC - ok
13:43:53.0986 1452 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:43:53.0987 1452 SeaPort - ok
13:43:54.0014 1452 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:43:54.0014 1452 secdrv - ok
13:43:54.0022 1452 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:43:54.0023 1452 seclogon - ok
13:43:54.0036 1452 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:43:54.0037 1452 SENS - ok
13:43:54.0049 1452 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:43:54.0050 1452 SensrSvc - ok
13:43:54.0053 1452 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:43:54.0053 1452 Serenum - ok
13:43:54.0060 1452 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:43:54.0061 1452 Serial - ok
13:43:54.0064 1452 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:43:54.0064 1452 sermouse - ok
13:43:54.0083 1452 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:43:54.0084 1452 SessionEnv - ok
13:43:54.0088 1452 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:43:54.0088 1452 sffdisk - ok
13:43:54.0092 1452 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:43:54.0092 1452 sffp_mmc - ok
13:43:54.0096 1452 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:43:54.0097 1452 sffp_sd - ok
13:43:54.0101 1452 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:43:54.0102 1452 sfloppy - ok
13:43:54.0151 1452 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:43:54.0155 1452 Sftfs - ok
13:43:54.0228 1452 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:43:54.0231 1452 sftlist - ok
13:43:54.0267 1452 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:43:54.0268 1452 Sftplay - ok
13:43:54.0277 1452 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:43:54.0278 1452 Sftredir - ok
13:43:54.0291 1452 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:43:54.0291 1452 Sftvol - ok
13:43:54.0311 1452 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:43:54.0313 1452 sftvsa - ok
13:43:54.0344 1452 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:43:54.0346 1452 SharedAccess - ok
13:43:54.0375 1452 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:43:54.0378 1452 ShellHWDetection - ok
13:43:54.0382 1452 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:43:54.0382 1452 SiSRaid2 - ok
13:43:54.0399 1452 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:43:54.0400 1452 SiSRaid4 - ok
13:43:54.0580 1452 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:43:54.0595 1452 Skype C2C Service - ok
13:43:54.0633 1452 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files (x86)\Skype\Updater\Updater.exe
13:43:54.0634 1452 SkypeUpdate - ok
13:43:54.0700 1452 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:43:54.0700 1452 Smb - ok
13:43:54.0714 1452 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:43:54.0715 1452 SNMPTRAP - ok
13:43:54.0722 1452 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:43:54.0722 1452 spldr - ok
13:43:54.0762 1452 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:43:54.0766 1452 Spooler - ok
13:43:54.0911 1452 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

 

[Ryan O'Brien]

13:43:54.0929 1452 sppsvc - ok
13:43:54.0977 1452 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:43:54.0979 1452 sppuinotify - ok
13:43:55.0016 1452 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:43:55.0019 1452 srv - ok
13:43:55.0055 1452 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:43:55.0057 1452 srv2 - ok
13:43:55.0078 1452 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:43:55.0080 1452 srvnet - ok
13:43:55.0101 1452 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:43:55.0103 1452 SSDPSRV - ok
13:43:55.0117 1452 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:43:55.0118 1452 SstpSvc - ok
13:43:55.0162 1452 Steam Client Service - ok
13:43:55.0181 1452 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:43:55.0182 1452 stexstor - ok
13:43:55.0219 1452 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:43:55.0223 1452 stisvc - ok
13:43:55.0232 1452 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:43:55.0232 1452 swenum - ok
13:43:55.0261 1452 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:43:55.0264 1452 swprv - ok
13:43:55.0348 1452 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:43:55.0358 1452 SysMain - ok
13:43:55.0422 1452 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:43:55.0424 1452 TabletInputService - ok
13:43:55.0451 1452 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:43:55.0453 1452 TapiSrv - ok
13:43:55.0469 1452 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:43:55.0471 1452 TBS - ok
13:43:55.0594 1452 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:43:55.0604 1452 Tcpip - ok
13:43:55.0721 1452 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:43:55.0731 1452 TCPIP6 - ok
13:43:55.0774 1452 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:43:55.0774 1452 tcpipreg - ok
13:43:55.0787 1452 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:43:55.0788 1452 TDPIPE - ok
13:43:55.0820 1452 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:43:55.0820 1452 TDTCP - ok
13:43:55.0839 1452 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:43:55.0840 1452 tdx - ok
13:43:55.0854 1452 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:43:55.0855 1452 TermDD - ok
13:43:55.0897 1452 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:43:55.0902 1452 TermService - ok
13:43:55.0916 1452 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:43:55.0917 1452 Themes - ok
13:43:55.0936 1452 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:43:55.0937 1452 THREADORDER - ok
13:43:55.0969 1452 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys
13:43:55.0970 1452 tmactmon - ok
13:43:55.0988 1452 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys
13:43:55.0989 1452 tmcomm - ok
13:43:56.0006 1452 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys
13:43:56.0007 1452 tmevtmgr - ok
13:43:56.0030 1452 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys
13:43:56.0030 1452 tmtdi - ok
13:43:56.0046 1452 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:43:56.0048 1452 TrkWks - ok
13:43:56.0077 1452 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:43:56.0078 1452 TrustedInstaller - ok
13:43:56.0090 1452 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:43:56.0091 1452 tssecsrv - ok
13:43:56.0102 1452 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:43:56.0102 1452 TsUsbFlt - ok
13:43:56.0107 1452 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:43:56.0107 1452 TsUsbGD - ok
13:43:56.0126 1452 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:43:56.0127 1452 tunnel - ok
13:43:56.0131 1452 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:43:56.0132 1452 uagp35 - ok
13:43:56.0155 1452 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:43:56.0157 1452 udfs - ok
13:43:56.0165 1452 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:43:56.0166 1452 UI0Detect - ok
13:43:56.0171 1452 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:43:56.0171 1452 uliagpkx - ok
13:43:56.0185 1452 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:43:56.0185 1452 umbus - ok
13:43:56.0188 1452 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:43:56.0189 1452 UmPass - ok
13:43:56.0217 1452 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:43:56.0219 1452 upnphost - ok
13:43:56.0262 1452 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
13:43:56.0263 1452 usbaudio - ok
13:43:56.0274 1452 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:43:56.0275 1452 usbccgp - ok
13:43:56.0292 1452 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:43:56.0292 1452 usbcir - ok
13:43:56.0313 1452 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:43:56.0314 1452 usbehci - ok
13:43:56.0329 1452 UsbFltr (68bad03835873d4bbbde95cbb135a395) C:\Windows\system32\Drivers\UsbFltr.sys
13:43:56.0329 1452 UsbFltr - ok
13:43:56.0357 1452 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:43:56.0359 1452 usbhub - ok
13:43:56.0370 1452 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
13:43:56.0371 1452 usbohci - ok
13:43:56.0387 1452 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
13:43:56.0387 1452 usbprint - ok
13:43:56.0402 1452 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:43:56.0402 1452 USBSTOR - ok
13:43:56.0415 1452 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:43:56.0415 1452 usbuhci - ok
13:43:56.0441 1452 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:43:56.0443 1452 usbvideo - ok
13:43:56.0461 1452 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:43:56.0462 1452 UxSms - ok
13:43:56.0475 1452 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:43:56.0476 1452 VaultSvc - ok
13:43:56.0482 1452 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:43:56.0482 1452 vdrvroot - ok
13:43:56.0514 1452 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:43:56.0518 1452 vds - ok
13:43:56.0522 1452 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:43:56.0522 1452 vga - ok
13:43:56.0531 1452 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:43:56.0531 1452 VgaSave - ok
13:43:56.0550 1452 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:43:56.0552 1452 vhdmp - ok
13:43:56.0655 1452 VIAHdAudAddService (84ffc3cca60a1b52a021bc894d529735) C:\Windows\system32\drivers\viahduaa.sys
13:43:56.0666 1452 VIAHdAudAddService - ok
13:43:56.0734 1452 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:43:56.0734 1452 viaide - ok
13:43:56.0749 1452 VIAKaraokeService (f4310278e6ce1c507b5555b662369e26) C:\Windows\system32\viakaraokesrv.exe
13:43:56.0751 1452 VIAKaraokeService - ok
13:43:56.0758 1452 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:43:56.0759 1452 volmgr - ok
13:43:56.0784 1452 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:43:56.0786 1452 volmgrx - ok
13:43:56.0810 1452 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
13:43:56.0812 1452 volsnap - ok
13:43:56.0829 1452 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:43:56.0830 1452 vsmraid - ok
13:43:56.0907 1452 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:43:56.0916 1452 VSS - ok
13:43:56.0955 1452 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:43:56.0955 1452 vwifibus - ok
13:43:56.0982 1452 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:43:56.0985 1452 W32Time - ok
13:43:56.0991 1452 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:43:56.0991 1452 WacomPen - ok
13:43:57.0007 1452 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:43:57.0008 1452 WANARP - ok
13:43:57.0011 1452 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:43:57.0011 1452 Wanarpv6 - ok
13:43:57.0093 1452 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:43:57.0100 1452 WatAdminSvc - ok
13:43:57.0175 1452 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:43:57.0183 1452 wbengine - ok
13:43:57.0222 1452 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:43:57.0224 1452 WbioSrvc - ok
13:43:57.0249 1452 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:43:57.0252 1452 wcncsvc - ok
13:43:57.0267 1452 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:43:57.0268 1452 WcsPlugInService - ok
13:43:57.0274 1452 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:43:57.0274 1452 Wd - ok
13:43:57.0315 1452 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:43:57.0318 1452 Wdf01000 - ok
13:43:57.0331 1452 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:43:57.0332 1452 WdiServiceHost - ok
13:43:57.0335 1452 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:43:57.0337 1452 WdiSystemHost - ok
13:43:57.0354 1452 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:43:57.0357 1452 WebClient - ok
13:43:57.0374 1452 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:43:57.0376 1452 Wecsvc - ok
13:43:57.0387 1452 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:43:57.0389 1452 wercplsupport - ok
13:43:57.0400 1452 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:43:57.0401 1452 WerSvc - ok
13:43:57.0418 1452 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:43:57.0418 1452 WfpLwf - ok
13:43:57.0421 1452 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:43:57.0422 1452 WIMMount - ok
13:43:57.0462 1452 WinDefend - ok
13:43:57.0506 1452 WindowBlinds (97c7f30787a30cfa760b0247631a5463) C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
13:43:57.0508 1452 WindowBlinds - ok
13:43:57.0515 1452 WinHttpAutoProxySvc - ok
13:43:57.0561 1452 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:43:57.0562 1452 Winmgmt - ok
13:43:57.0669 1452 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:43:57.0680 1452 WinRM - ok
13:43:57.0760 1452 winusb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\winusb.sys
13:43:57.0761 1452 winusb - ok
13:43:57.0811 1452 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:43:57.0816 1452 Wlansvc - ok
13:43:57.0856 1452 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:43:57.0856 1452 wlcrasvc - ok
13:43:57.0995 1452 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:43:58.0006 1452 wlidsvc - ok
13:43:58.0061 1452 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys
13:43:58.0061 1452 WmBEnum - ok
13:43:58.0075 1452 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys
13:43:58.0076 1452 WmFilter - ok
13:43:58.0086 1452 WmHidLo (ac4331af118a720f13c9c5cabbfe27bd) C:\Windows\system32\drivers\WmHidLo.sys
13:43:58.0087 1452 WmHidLo - ok
13:43:58.0102 1452 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:43:58.0102 1452 WmiAcpi - ok
13:43:58.0149 1452 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:43:58.0151 1452 wmiApSrv - ok
13:43:58.0178 1452 WMPNetworkSvc - ok
13:43:58.0193 1452 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys
13:43:58.0193 1452 WmVirHid - ok
13:43:58.0204 1452 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys
13:43:58.0205 1452 WmXlCore - ok
13:43:58.0259 1452 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe
13:43:58.0261 1452 WMZuneComm - ok
13:43:58.0283 1452 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:43:58.0285 1452 WPCSvc - ok
13:43:58.0297 1452 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:43:58.0299 1452 WPDBusEnum - ok
13:43:58.0302 1452 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:43:58.0303 1452 ws2ifsl - ok
13:43:58.0317 1452 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:43:58.0319 1452 wscsvc - ok
13:43:58.0322 1452 WSearch - ok
13:43:58.0459 1452 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:43:58.0472 1452 wuauserv - ok
13:43:58.0552 1452 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:43:58.0553 1452 WudfPf - ok
13:43:58.0573 1452 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:43:58.0574 1452 WUDFRd - ok
13:43:58.0587 1452 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:43:58.0589 1452 wudfsvc - ok
13:43:58.0614 1452 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:43:58.0616 1452 WwanSvc - ok
13:43:58.0740 1452 ytpUpdater (88596ac939a4bcd347c5d360dfd0846e) C:\Program Files (x86)\updater\updater.exe
13:43:58.0749 1452 ytpUpdater - ok
13:43:59.0088 1452 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe
13:43:59.0129 1452 ZuneNetworkSvc - ok
13:43:59.0180 1452 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe
13:43:59.0182 1452 ZuneWlanCfgSvc - ok
13:43:59.0195 1452 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:43:59.0383 1452 \Device\Harddisk0\DR0 - ok
13:43:59.0386 1452 Boot (0x1200) (6efb70c07cd1ba1edca2b603cc988eec) \Device\Harddisk0\DR0\Partition0
13:43:59.0387 1452 \Device\Harddisk0\DR0\Partition0 - ok
13:43:59.0402 1452 Boot (0x1200) (60ac426d1eba97774f052e637196341a) \Device\Harddisk0\DR0\Partition1
13:43:59.0404 1452 \Device\Harddisk0\DR0\Partition1 - ok
13:43:59.0404 1452 ============================================================
13:43:59.0404 1452 Scan finished
13:43:59.0404 1452 ============================================================
13:43:59.0411 1784 Detected object count: 0
13:43:59.0411 1784 Actual detected object count: 0

 

[Broni]

• Download RogueKiller on the desktop
• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

============================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

[Ryan O'Brien]

RogueKiller thingy


RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User: Nub [Admin rights]
Mode: Scan -- Date: 07/21/2012 14:18:42

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 13 ¤¤¤
[BLACKLIST DLL] HKCU\[...]\Run : 2K Games (rundll32.exe "C:\Users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll",CreateInstance) -> FOUND
[BLACKLIST DLL] HKUS\.DEFAULT[...]\Run : 2K Games (rundll32.exe "C:\Users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll",CreateInstance) -> FOUND
[BLACKLIST DLL] HKUS\S-1-5-19[...]\Run : 2K Games (rundll32.exe "C:\Users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll",CreateInstance) -> FOUND
[BLACKLIST DLL] HKUS\S-1-5-20[...]\Run : 2K Games (rundll32.exe "C:\Users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll",CreateInstance) -> FOUND
[BLACKLIST DLL] HKUS\S-1-5-21-2463314201-2541101053-2832014611-1006[...]\Run : 2K Games (rundll32.exe "C:\Users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll",CreateInstance) -> FOUND
[BLACKLIST DLL] HKUS\S-1-5-18[...]\Run : 2K Games (rundll32.exe "C:\Users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll",CreateInstance) -> FOUND
[SUSP PATH] Best Buy pc app.lnk Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND
[SUSP PATH] Best Buy pc app.lnk Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[SCRSV] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\Windows\LIVING~1.SCR) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EALX-229BA0 ATA Device +++++
--- User ---
[MBR] 350720ab0f3de94caa18596bfeeda8e6
[BSP] 2fba84096da516bd12cdc8f0abb8703a : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 2048 | Size: 14524 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29747200 | Size: 381546 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 811153408 | Size: 557797 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

 

[Ryan O'Brien]

aswMBR scan:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-21 14:20:38
-----------------------------
14:20:38.173 OS Version: Windows x64 6.1.7601 Service Pack 1
14:20:38.173 Number of processors: 4 586 0x100
14:20:38.173 ComputerName: RYAN-PC UserName: Nub
14:20:38.973 Initialize success
14:21:23.355 AVAST engine defs: 12072100
14:21:27.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:21:27.835 Disk 0 Vendor: WDC_WD10EALX-229BA0 15.01H15 Size: 953869MB BusType: 3
14:21:27.848 Disk 0 MBR read successfully
14:21:27.851 Disk 0 MBR scan
14:21:27.855 Disk 0 Windows 7 default MBR code
14:21:27.858 Disk 0 Partition 1 00 1B Hidd FAT32 NTFS 14524 MB offset 2048
14:21:27.867 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 381546 MB offset 29747200
14:21:27.889 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 557797 MB offset 811153408
14:21:27.915 Disk 0 scanning C:\Windows\system32\drivers
14:21:34.329 Service scanning
14:21:51.184 Modules scanning
14:21:51.192 Disk 0 trace - called modules:
14:21:51.206 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:21:51.211 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007471060]
14:21:51.216 3 CLASSPNP.SYS[fffff880019c343f] -> nt!IofCallDriver -> [0xfffffa800705a520]
14:21:51.222 5 ACPI.sys[fffff88000f2d7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007095060]
14:21:52.220 AVAST engine scan C:\Windows
14:21:54.297 AVAST engine scan C:\Windows\system32
14:23:59.773 AVAST engine scan C:\Windows\system32\drivers
14:24:06.690 AVAST engine scan C:\Users\Nub
14:31:28.613 AVAST engine scan C:\ProgramData
14:33:56.917 Scan finished successfully
14:34:22.683 Disk 0 MBR has been saved successfully to "C:\Users\Nub\Documents\MBR.dat"
14:34:22.696 The log file has been saved successfully to "C:\Users\Nub\Documents\aswMBR.txt"

 

[Broni]

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.exe

• Double-click on the Rkill icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

 

[Ryan O'Brien]

Here is the combofix log from safe mode (how I am running right now)


ComboFix 12-07-21.01 - Nub 07/21/2012 15:12:49.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7675.6486 [GMT -4:00]
Running from: c:\users\Nub\Downloads\ComboFix.exe
AV: Titanium *Enabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
SP: Titanium *Enabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\intellidownload\gunzip.exe
c:\users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-06-21 to 2012-07-21 )))))))))))))))))))))))))))))))
.
.
2012-07-21 19:19 . 2012-07-21 19:19 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-07-21 19:19 . 2012-07-21 19:19 -------- d-----w- c:\users\Ryan'\AppData\Local\temp
2012-07-20 19:27 . 2012-07-20 23:47 -------- d-----w- c:\users\Me
2012-07-19 21:45 . 2012-07-19 21:45 -------- d-----w- c:\program files (x86)\Smart Install Maker
2012-07-17 02:28 . 2012-07-17 02:37 -------- d-----w- c:\program files (x86)\RegistryNuke 2012
2012-07-16 19:58 . 2012-07-16 19:58 -------- d-----w- C:\TDSSKiller_Quarantine
2012-07-16 02:36 . 2012-07-16 02:36 -------- d-----w- c:\users\Nub\AppData\Roaming\Malwarebytes
2012-07-16 02:36 . 2012-07-16 02:36 -------- d-----w- c:\programdata\Malwarebytes
2012-07-16 02:36 . 2012-07-16 02:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-16 02:36 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-16 00:36 . 2012-07-21 17:40 -------- d-----w- c:\program files (x86)\PC Tools
2012-07-16 00:33 . 2012-07-21 17:40 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-07-16 00:33 . 2012-05-11 15:14 251528 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-07-16 00:33 . 2012-07-21 17:39 -------- d-----w- c:\programdata\PC Tools
2012-07-16 00:33 . 2012-07-16 00:33 -------- d-----w- c:\users\Nub\AppData\Roaming\TestApp
2012-07-15 14:53 . 2012-07-15 18:15 -------- d-----w- c:\program files (x86)\German Truck Simulator
2012-07-15 14:32 . 2012-07-15 14:32 -------- d-----w- c:\users\Nub\AppData\Local\CRE
2012-07-15 14:31 . 2012-07-15 14:31 -------- d-----w- c:\program files (x86)\uTorrentControl3
2012-07-15 14:30 . 2012-07-16 03:24 -------- d-----w- c:\users\Nub\AppData\Roaming\uTorrent
2012-07-13 03:32 . 2012-07-21 18:15 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\CrashDumps
2012-07-12 18:53 . 2012-07-19 18:21 -------- d-----w- c:\users\Nub\AppData\Local\CrashDumps
2012-07-12 15:08 . 2012-07-12 15:08 -------- d-----w- c:\users\Nub\AppData\Roaming\TechSmith
2012-07-12 15:07 . 2012-07-12 15:07 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared
2012-07-12 15:07 . 2012-07-12 15:07 -------- d-----w- c:\programdata\TechSmith
2012-07-12 15:07 . 2012-07-12 15:07 -------- d-----w- c:\program files (x86)\TechSmith
2012-07-12 03:38 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 15:19 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-09 23:35 . 2012-07-10 17:44 -------- d-----w- C:\Adobe Photoshop CS6
2012-07-09 20:26 . 2012-07-21 19:19 -------- d-----w- c:\program files (x86)\intellidownload
2012-07-09 02:10 . 2012-07-21 00:08 -------- d-----w- C:\AdobePhotoshopCS6Portable
2012-07-09 01:35 . 2012-07-09 01:35 -------- d-----w- c:\programdata\ATI
2012-07-09 01:35 . 2012-07-09 01:35 -------- d-----w- c:\program files (x86)\AMD AVT
2012-07-09 01:34 . 2012-07-09 01:34 -------- d-----w- c:\program files\AMD
2012-07-09 01:34 . 2012-07-09 01:34 -------- d-----w- c:\program files (x86)\AMD APP
2012-07-09 01:34 . 2012-07-09 01:34 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-07-09 01:34 . 2012-07-09 01:34 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-07-09 01:33 . 2012-07-09 01:34 -------- d-----w- c:\program files\ATI Technologies
2012-07-08 22:09 . 2012-07-08 22:09 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-07-05 22:46 . 2012-07-05 22:46 172098 ----a-w- C:\torrent.exe
2012-07-05 22:45 . 2012-07-05 22:45 5030088 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-07-03 02:41 . 2012-07-03 02:41 -------- d-----w- c:\users\Nub\AppData\Local\id Software
2012-07-03 02:32 . 2012-07-03 02:32 -------- d-----w- c:\program files (x86)\id Software
2012-07-03 02:29 . 2012-07-03 02:29 -------- d-sh--w- c:\windows\ftpcache
2012-07-02 02:38 . 2012-07-02 02:38 -------- d-----w- c:\windows\en
2012-07-02 02:36 . 2012-07-02 02:36 -------- d-----w- c:\windows\es
2012-07-02 02:36 . 2012-07-02 02:36 -------- d-----w- c:\windows\de
2012-07-02 02:36 . 2012-07-02 02:36 -------- d-----w- c:\windows\fr
2012-07-02 02:36 . 2012-07-02 02:36 -------- d-----w- c:\windows\nl
2012-07-02 02:33 . 2012-03-08 22:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-07-02 02:31 . 2012-07-02 02:31 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\cee939541cd57fa02\MeshBetaRemover.exe
2012-07-02 02:31 . 2012-07-02 02:31 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ce705e0f1cd57fa01\DSETUP.dll
2012-07-02 02:31 . 2012-07-02 02:31 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ce705e0f1cd57fa01\DXSETUP.exe
2012-07-02 02:31 . 2012-07-02 02:31 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\ce705e0f1cd57fa01\dsetup32.dll
2012-07-01 18:57 . 2012-07-01 18:57 -------- d-----w- c:\users\Nub\AppData\Roaming\Paltalk
2012-07-01 18:57 . 2012-07-01 18:57 -------- d-----w- c:\program files (x86)\Paltalk Messenger
2012-07-01 18:57 . 2012-07-01 18:57 -------- d-----w- c:\windows\Paltalk Messenger
2012-07-01 18:56 . 2012-07-01 18:56 -------- d-----w- c:\users\Nub\AppData\Roaming\OpenCandy
2012-07-01 18:55 . 2012-07-01 18:56 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-07-01 18:55 . 2012-07-01 18:55 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-07-01 18:55 . 2012-07-01 18:56 -------- d-----w- c:\users\Nub\AppData\Roaming\DVDVideoSoft
2012-06-28 21:50 . 2012-06-28 21:50 -------- d-----w- c:\program files (x86)\18 WoS Extreme Trucker 2
2012-06-28 04:05 . 2012-06-28 04:05 -------- d-----w- c:\program files (x86)\Bus Driver
2012-06-26 19:52 . 2012-06-26 19:52 -------- d-----w- c:\program files (x86)\Microsoft Games
2012-06-25 20:04 . 2012-06-25 20:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-23 00:11 . 2012-07-21 00:08 -------- d-----w- c:\program files\NeO IRC 1.7
2012-06-22 00:44 . 2012-06-22 00:44 -------- d-----w- c:\program files (x86)\Vstplugins
2012-06-22 00:44 . 2011-10-11 14:45 1431552 ----a-w- c:\windows\SysWow64\rewire.dll
2012-06-22 00:44 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2012-06-22 00:44 . 2012-06-22 00:44 -------- d-----w- c:\program files (x86)\Outsim
2012-06-22 00:38 . 2012-06-22 00:44 -------- d-----w- c:\program files (x86)\Image-Line
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-21 18:06 . 2012-04-10 04:14 119296 ----a-w- c:\windows\SysWow64\zlib.dll
2012-07-12 03:34 . 2012-01-23 05:12 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-22 21:00 . 2012-02-22 22:06 134672 ----a-w- c:\windows\RegBootClean64.exe
2012-06-19 20:22 . 2012-06-19 20:23 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2012-06-19 20:22 . 2012-06-19 20:22 61440 ----a-w- c:\windows\SysWow64\nvPhotoshopUtil.dll
2012-06-19 20:22 . 2012-06-19 20:22 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2012-06-11 18:59 . 2012-06-11 18:59 10248192 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:35 . 2012-06-11 18:35 70144 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:29 . 2012-06-11 18:29 24826368 ----a-w- c:\windows\system32\atio6axx.dll
2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-06-11 17:50 . 2012-06-11 17:50 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 17:50 . 2012-06-11 17:50 75264 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-06-11 17:50 . 2012-06-11 17:50 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-06-11 17:50 . 2012-06-11 17:50 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-06-11 17:50 . 2012-06-11 17:50 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-06-11 17:50 . 2012-06-11 17:50 16457728 ----a-w- c:\windows\system32\amdocl64.dll
2012-06-11 17:49 . 2012-06-11 17:49 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-06-11 17:48 . 2012-06-11 17:48 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-11 17:48 . 2012-06-11 17:48 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2011-08-11 01:05 924160 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-06-11 17:23 . 2011-08-11 01:05 1090560 ----a-w- c:\windows\system32\aticfx64.dll
2012-06-11 17:20 . 2011-08-11 01:05 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19 532992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-06-11 17:17 . 2012-06-11 17:17 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-06-11 17:16 . 2011-08-11 01:05 6301696 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-06-11 17:01 . 2011-08-11 01:05 6914560 ----a-w- c:\windows\system32\atidxx64.dll
2012-06-11 16:51 . 2011-08-11 01:05 4246528 ----a-w- c:\windows\system32\atiumd6a.dll
2012-06-11 16:45 . 2012-06-11 16:45 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-06-11 16:45 . 2011-08-11 01:05 5480448 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-06-11 16:45 . 2012-06-11 16:45 15703040 ----a-w- c:\windows\system32\aticaldd64.dll
2012-06-11 16:43 . 2011-08-11 01:05 4729344 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-06-11 16:36 . 2011-08-11 01:05 6605824 ----a-w- c:\windows\system32\atiumd64.dll
2012-06-11 16:27 . 2011-08-11 01:05 539136 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-06-11 16:26 . 2012-06-11 16:26 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 367616 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2011-08-11 01:05 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2012-06-11 16:25 . 2011-08-11 01:05 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-06-11 16:25 . 2011-08-11 01:05 45056 ----a-w- c:\windows\system32\atiu9p64.dll
2012-06-11 16:24 . 2011-08-11 01:05 32768 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-06-02 23:33 . 2012-06-02 23:33 18944 ----a-r- c:\users\Nub\AppData\Roaming\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A16301.exe
2012-06-02 23:33 . 2012-06-02 23:33 11264 ----a-r- c:\users\Nub\AppData\Roaming\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A1630.exe
2012-06-02 22:19 . 2012-06-21 15:39 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 15:40 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 15:40 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 15:40 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 15:39 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 15:40 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 15:39 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-21 15:39 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-21 15:39 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-10 20:35 . 2012-05-10 20:35 43520 ----a-w- c:\windows\system32\kdbsdk64.dll
2012-05-10 20:35 . 2012-05-10 20:35 29184 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2012-05-04 11:06 . 2012-06-13 17:47 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 17:47 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 17:47 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 17:47 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 17:47 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 17:47 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 17:47 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 17:47 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 17:47 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 17:47 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 17:47 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 17:47 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 17:47 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 17:47 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-04-24 03:45 . 2012-04-24 03:45 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-24 03:45 . 2011-08-11 01:19 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{b57a9eb1-0e57-4850-a701-4d169538e6ed}]
2012-05-18 19:45 85288 ----a-w- c:\program files (x86)\blekkotb_032\blekkotb_019X.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{BA900CBA-FA92-4DF6-BED1-B683BFB92433}]
2012-04-04 21:58 1737216 ----a-w- c:\program files (x86)\YoutubePlus\YoutubePlus.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{b57a9eb1-0e57-4850-a701-4d169538e6ed}"= "c:\program files (x86)\blekkotb_032\blekkotb_019X.dll" [2012-05-18 85288]
.
[HKEY_CLASSES_ROOT\clsid\{b57a9eb1-0e57-4850-a701-4d169538e6ed}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Nub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Nub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Nub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Nub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"2K Games"="c:\users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"2K Games"="c:\users\Nub\AppData\Local\Apple\2K Games\bkefddlrv.dll" [BU]
.
c:\users\Nub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Malwarebytes Anti-Malware.lnk - c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2012-7-15 973488]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2011-8-29 16032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
R1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2012-03-23 70928]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-11 361984]
R2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2010-11-28 128904]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-06-13 922240]
R2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 Device Handle Service;Device Handle Service;c:\windows\SysWOW64\AsHookDevice.exe [2009-12-23 203392]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 116648]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-08-24 430136]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-03-29 27760]
R2 ytpUpdater;ytpUpdater;c:\program files (x86)\updater\updater.exe [2012-03-26 1730048]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 253088]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys [2011-03-18 87168]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys [2011-03-18 188544]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-02-28 21712]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 116648]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-29 2157680]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-23 1255736]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-08-01 52584]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-03-23 77936]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 UsbFltr;WayTech USB Filter Driver;c:\windows\system32\Drivers\UsbFltr.sys [2007-04-09 12288]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 03:45]
.
2012-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 22:55]
.
2012-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-12 22:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Nub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Nub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Nub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Nub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2012-02-27 1304792]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2012-02-27 213824]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{9EAD5E01-EBA1-4D42-9349-8BE2F94CCDD5}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Nub\AppData\Roaming\Mozilla\Firefox\Profiles\kil77mcf.default\
FF - prefs.js: browser.search.selectedEngine - YoutubePlus
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2463314201-2541101053-2832014611-1006\Software\SecuROM\License information*]
"datasecu"=hex:7b,13,97,03,64,d4,8b,0f,64,f5,6f,10,9d,d7,bd,9f,71,18,18,1f,b5,
e0,ae,fe,ba,72,62,67,a8,e2,85,fe,19,ac,ea,23,96,b7,55,07,35,5a,ce,e2,85,5d,\
"rkeysecu"=hex:3e,b5,3a,9e,8d,9d,46,73,63,5c,82,8b,f1,70,4b,63
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-21 15:24:18 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-21 19:24
ComboFix2.txt 2012-07-20 21:44
.
Pre-Run: 54,998,122,496 bytes free
Post-Run: 55,223,017,472 bytes free
.
- - End Of File - - F7C4D5DBBFC3D130E18EE04F1B83CAE9

 

[Ryan O'Brien]

Rkill log


This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 07/21/2012 at 15:30:01.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:

C:\Windows\SysWOW64\rundll32.exe


Rkill completed on 07/21/2012 at 15:30:03.

 

[Broni]

Looks good.

Restart in normal mode and see how things are.

===================================

Uninstall RegistryNuke 2012.
Registry cleaners/optimizers are not recommended for several reasons:

• Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.
  
  The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  
• Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  
• Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  
• Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  
• The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

• Ed Bott's Webog: Why I don't use registry cleaners
• Do I need a Registry Cleaner?

===================================================

Download Malwarebytes' Anti-Malware (MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.
NOTE. If you already have MBAM installed, update it before running the scan.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer IF MBAM asks you to do so.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=========================================

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[Ryan O'Brien]

This was down for a while, in the mean time I tried to fix my display settings, which was making the screen big.. I made a huge mistake, and I can't view the computer. There is a little light when I turn it on, but it's all black. I guess I'm gonna need to take this to a shop now. On my other pc right now. sigh

 

[Broni]

Restart in safe mode and see if you can adjust display settings from there.

 

[Ryan O'Brien]

I can't arrow key to select safe mode.

EDIT: ok I got into it now. I will see if I can change the display settings.

EDIT: can't open CCC for some reason, I guess cuz its in safe mode.

 

[Broni]

Try to restart in normal mode one more time.

 

[Ryan O'Brien]

got another black screen. it doesnt show any text at all, just weird glowyness on the top left corner