Multiple iexplore.exe *32 running when IE isn't open

dnamaca · Apr 22, 2012

00:49:09.0566 7948 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
00:49:09.0846 7948 ============================================================
00:49:09.0846 7948 Current date / time: 2012/04/22 00:49:09.0846
00:49:09.0846 7948 SystemInfo:
00:49:09.0846 7948
00:49:09.0847 7948 OS Version: 6.1.7601 ServicePack: 1.0
00:49:09.0847 7948 Product type: Workstation
00:49:09.0847 7948 ComputerName: DHINESH-PC
00:49:09.0847 7948 UserName: Dhinesh
00:49:09.0847 7948 Windows directory: C:\Windows
00:49:09.0847 7948 System windows directory: C:\Windows
00:49:09.0847 7948 Running under WOW64
00:49:09.0847 7948 Processor architecture: Intel x64
00:49:09.0847 7948 Number of processors: 4
00:49:09.0847 7948 Page size: 0x1000
00:49:09.0847 7948 Boot type: Normal boot
00:49:09.0847 7948 ============================================================
00:49:10.0866 7948 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:49:10.0890 7948 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:49:10.0926 7948 Drive \Device\Harddisk3\DR3 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:49:11.0393 7948 Drive \Device\Harddisk2\DR2 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:49:11.0415 7948 Drive \Device\Harddisk4\DR4 - Size: 0x2BAA1200000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:49:11.0852 7948 Drive \Device\Harddisk5\DR5 - Size: 0x1DB000000 (7.42 Gb), SectorSize: 0x200, Cylinders: 0x3C8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:49:11.0859 7948 Drive \Device\Harddisk6\DR6 - Size: 0xF2ADE000 (3.79 Gb), SectorSize: 0x200, Cylinders: 0x1EE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:49:11.0881 7948 \Device\Harddisk0\DR0:
00:49:11.0881 7948 MBR partitions:
00:49:11.0881 7948 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:49:11.0881 7948 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
00:49:11.0881 7948 \Device\Harddisk1\DR1:
00:49:11.0888 7948 MBR partitions:
00:49:11.0888 7948 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
00:49:11.0888 7948 \Device\Harddisk3\DR3:
00:49:11.0892 7948 MBR partitions:
00:49:11.0892 7948 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A8D043
00:49:11.0892 7948 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x4A8D082, BlocksNum 0x187374FF
00:49:11.0892 7948 \Device\Harddisk2\DR2:
00:49:11.0893 7948 MBR partitions:
00:49:11.0893 7948 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800
00:49:11.0893 7948 \Device\Harddisk4\DR4:
00:49:11.0894 7948 MBR partitions:
00:49:11.0894 7948 \Device\Harddisk4\DR4\Partition0: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BAA1100
00:49:11.0894 7948 \Device\Harddisk5\DR5:
00:49:11.0896 7948 MBR partitions:
00:49:11.0896 7948 \Device\Harddisk5\DR5\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xED7FC1
00:49:11.0896 7948 \Device\Harddisk6\DR6:
00:49:11.0897 7948 MBR partitions:
00:49:11.0897 7948 \Device\Harddisk6\DR6\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x78D96E
00:49:11.0920 7948 C: <-> \Device\Harddisk0\DR0\Partition1
00:49:11.0945 7948 D: <-> \Device\Harddisk1\DR1\Partition0
00:49:11.0962 7948 E: <-> \Device\Harddisk3\DR3\Partition0
00:49:11.0989 7948 F: <-> \Device\Harddisk3\DR3\Partition1
00:49:12.0045 7948 N: <-> \Device\Harddisk4\DR4\Partition0
00:49:12.0055 7948 G: <-> \Device\Harddisk2\DR2\Partition0
00:49:12.0055 7948 Initialize success
00:49:12.0055 7948 ============================================================
00:49:19.0600 6368 ============================================================
00:49:19.0600 6368 Scan started
00:49:19.0600 6368 Mode: Manual;
00:49:19.0600 6368 ============================================================
00:49:22.0514 6368 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
00:49:22.0520 6368 1394ohci - ok
00:49:22.0562 6368 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
00:49:22.0573 6368 ACPI - ok
00:49:22.0617 6368 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
00:49:22.0621 6368 AcpiPmi - ok
00:49:22.0714 6368 AcrSch2Svc (b07b9f3b2b94e4fc5b0f496ddd65adf2) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
00:49:22.0749 6368 AcrSch2Svc - ok
00:49:22.0823 6368 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:49:22.0830 6368 AdobeFlashPlayerUpdateSvc - ok
00:49:22.0882 6368 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
00:49:22.0895 6368 adp94xx - ok
00:49:22.0955 6368 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
00:49:22.0966 6368 adpahci - ok
00:49:23.0012 6368 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
00:49:23.0020 6368 adpu320 - ok
00:49:23.0061 6368 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
00:49:23.0065 6368 AeLookupSvc - ok
00:49:23.0095 6368 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\Windows\system32\DRIVERS\afcdp.sys
00:49:23.0101 6368 afcdp - ok
00:49:23.0196 6368 afcdpsrv (af44f7e027037628f1fac3c13cde73e6) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
00:49:23.0256 6368 afcdpsrv - ok
00:49:23.0310 6368 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
00:49:23.0316 6368 AFD - ok
00:49:23.0344 6368 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
00:49:23.0348 6368 agp440 - ok
00:49:23.0378 6368 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
00:49:23.0380 6368 ALG - ok
00:49:23.0409 6368 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
00:49:23.0410 6368 aliide - ok
00:49:23.0612 6368 AllShare (aaa1f9d4cf4c976c21bca8afa2bae6a4) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
00:49:23.0643 6368 AllShare - ok
00:49:23.0681 6368 ALSysIO - ok
00:49:23.0718 6368 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
00:49:23.0723 6368 amdide - ok
00:49:23.0770 6368 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
00:49:23.0776 6368 AmdK8 - ok
00:49:23.0811 6368 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
00:49:23.0823 6368 AmdPPM - ok
00:49:23.0846 6368 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
00:49:23.0852 6368 amdsata - ok
00:49:23.0875 6368 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
00:49:23.0887 6368 amdsbs - ok
00:49:23.0909 6368 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
00:49:23.0912 6368 amdxata - ok
00:49:23.0973 6368 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
00:49:23.0978 6368 AppID - ok
00:49:24.0004 6368 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
00:49:24.0007 6368 AppIDSvc - ok
00:49:24.0046 6368 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
00:49:24.0049 6368 Appinfo - ok
00:49:24.0104 6368 Apple Mobile Device (2e3e53a6aef23e24f402c7855b9b1542) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:49:24.0109 6368 Apple Mobile Device - ok
00:49:24.0149 6368 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
00:49:24.0152 6368 AppMgmt - ok
00:49:24.0181 6368 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
00:49:24.0185 6368 arc - ok
00:49:24.0206 6368 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
00:49:24.0210 6368 arcsas - ok
00:49:24.0250 6368 ASPI32 - ok
00:49:24.0295 6368 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
00:49:24.0300 6368 aswFsBlk - ok
00:49:24.0316 6368 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
00:49:24.0321 6368 aswMonFlt - ok
00:49:24.0350 6368 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
00:49:24.0357 6368 aswRdr - ok
00:49:24.0412 6368 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
00:49:24.0428 6368 aswSnx - ok
00:49:24.0457 6368 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
00:49:24.0463 6368 aswSP - ok
00:49:24.0479 6368 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
00:49:24.0483 6368 aswTdi - ok
00:49:24.0515 6368 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:49:24.0517 6368 AsyncMac - ok
00:49:24.0561 6368 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
00:49:24.0563 6368 atapi - ok
00:49:24.0612 6368 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
00:49:24.0616 6368 AtiPcie - ok
00:49:24.0679 6368 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:49:24.0696 6368 AudioEndpointBuilder - ok
00:49:24.0707 6368 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:49:24.0712 6368 AudioSrv - ok
00:49:24.0766 6368 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
00:49:24.0775 6368 avast! Antivirus - ok
00:49:24.0818 6368 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
00:49:24.0824 6368 AxInstSV - ok
00:49:24.0883 6368 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
00:49:24.0894 6368 b06bdrv - ok
00:49:24.0927 6368 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:49:24.0931 6368 b57nd60a - ok
00:49:24.0968 6368 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
00:49:24.0973 6368 BDESVC - ok
00:49:24.0999 6368 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:49:25.0002 6368 Beep - ok
00:49:25.0067 6368 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
00:49:25.0083 6368 BFE - ok
00:49:25.0149 6368 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
00:49:25.0174 6368 BITS - ok
00:49:25.0210 6368 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:49:25.0214 6368 blbdrive - ok
00:49:25.0248 6368 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
00:49:25.0250 6368 bowser - ok
00:49:25.0275 6368 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:49:25.0279 6368 BrFiltLo - ok
00:49:25.0291 6368 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:49:25.0292 6368 BrFiltUp - ok
00:49:25.0324 6368 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
00:49:25.0327 6368 BridgeMP - ok
00:49:25.0361 6368 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
00:49:25.0367 6368 Browser - ok
00:49:25.0393 6368 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:49:25.0398 6368 Brserid - ok
00:49:25.0411 6368 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:49:25.0417 6368 BrSerWdm - ok
00:49:25.0475 6368 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:49:25.0478 6368 BrUsbMdm - ok
00:49:25.0496 6368 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:49:25.0499 6368 BrUsbSer - ok
00:49:25.0522 6368 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
00:49:25.0531 6368 BTHMODEM - ok
00:49:25.0581 6368 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
00:49:25.0586 6368 bthserv - ok
00:49:25.0602 6368 catchme - ok
00:49:25.0621 6368 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:49:25.0627 6368 cdfs - ok
00:49:25.0662 6368 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
00:49:25.0664 6368 cdrom - ok
00:49:25.0715 6368 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:49:25.0720 6368 CertPropSvc - ok
00:49:25.0774 6368 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
00:49:25.0780 6368 circlass - ok
00:49:25.0823 6368 CLBStor (125327df629324fad78d9a95ccd0f425) C:\Windows\system32\DRIVERS\CLBStor.sys
00:49:25.0828 6368 CLBStor - ok
00:49:25.0870 6368 CLBUDF (9c0cd75fea24e7e0e835eee7f14406f7) C:\Windows\system32\drivers\CLBUDF.sys
00:49:25.0882 6368 CLBUDF - ok
00:49:25.0912 6368 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:49:25.0922 6368 CLFS - ok
00:49:25.0989 6368 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:49:26.0007 6368 clr_optimization_v2.0.50727_32 - ok
00:49:26.0059 6368 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:49:26.0068 6368 clr_optimization_v2.0.50727_64 - ok
00:49:26.0108 6368 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:49:26.0120 6368 clr_optimization_v4.0.30319_32 - ok
00:49:26.0161 6368 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:49:26.0164 6368 clr_optimization_v4.0.30319_64 - ok
00:49:26.0201 6368 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
00:49:26.0203 6368 CmBatt - ok
00:49:26.0233 6368 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
00:49:26.0236 6368 cmdide - ok
00:49:26.0268 6368 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
00:49:26.0275 6368 CNG - ok
00:49:26.0294 6368 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
00:49:26.0296 6368 Compbatt - ok
00:49:26.0331 6368 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
00:49:26.0335 6368 CompositeBus - ok
00:49:26.0354 6368 COMSysApp - ok
00:49:26.0370 6368 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
00:49:26.0372 6368 crcdisk - ok
00:49:26.0375 6368 Crypkey License - ok
00:49:26.0414 6368 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
00:49:26.0418 6368 CryptSvc - ok
00:49:26.0477 6368 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
00:49:26.0491 6368 CSC - ok
00:49:26.0526 6368 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
00:49:26.0543 6368 CscService - ok
00:49:26.0612 6368 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:49:26.0632 6368 DcomLaunch - ok
00:49:26.0672 6368 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
00:49:26.0680 6368 defragsvc - ok
00:49:26.0707 6368 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
00:49:26.0711 6368 DfsC - ok
00:49:26.0773 6368 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
00:49:26.0783 6368 Dhcp - ok
00:49:26.0812 6368 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:49:26.0820 6368 discache - ok
00:49:26.0850 6368 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
00:49:26.0857 6368 Disk - ok
00:49:26.0890 6368 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
00:49:26.0898 6368 Dnscache - ok
00:49:26.0943 6368 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
00:49:26.0952 6368 dot3svc - ok
00:49:26.0990 6368 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
00:49:26.0999 6368 DPS - ok
00:49:27.0042 6368 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:49:27.0049 6368 drmkaud - ok
00:49:27.0098 6368 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
00:49:27.0121 6368 DXGKrnl - ok
00:49:27.0170 6368 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
00:49:27.0178 6368 E1G60 - ok
00:49:27.0216 6368 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
00:49:27.0222 6368 EapHost - ok
00:49:27.0315 6368 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
00:49:27.0374 6368 ebdrv - ok
00:49:27.0416 6368 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
00:49:27.0422 6368 EFS - ok
00:49:27.0516 6368 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
00:49:27.0531 6368 ehRecvr - ok
00:49:27.0567 6368 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
00:49:27.0572 6368 ehSched - ok
00:49:27.0630 6368 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
00:49:27.0643 6368 elxstor - ok
00:49:27.0689 6368 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
00:49:27.0697 6368 ErrDev - ok
00:49:27.0754 6368 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
00:49:27.0767 6368 EventSystem - ok
00:49:27.0787 6368 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:49:27.0794 6368 exfat - ok
00:49:27.0809 6368 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:49:27.0818 6368 fastfat - ok
00:49:27.0875 6368 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
00:49:27.0887 6368 Fax - ok
00:49:27.0906 6368 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
00:49:27.0910 6368 fdc - ok
00:49:27.0931 6368 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
00:49:27.0936 6368 fdPHost - ok
00:49:27.0943 6368 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
00:49:27.0949 6368 FDResPub - ok
00:49:27.0957 6368 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:49:27.0958 6368 FileInfo - ok
00:49:27.0965 6368 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:49:27.0968 6368 Filetrace - ok
00:49:27.0984 6368 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
00:49:27.0986 6368 flpydisk - ok
00:49:28.0043 6368 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
00:49:28.0052 6368 FltMgr - ok
00:49:28.0111 6368 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
00:49:28.0138 6368 FontCache - ok
00:49:28.0192 6368 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:49:28.0198 6368 FontCache3.0.0.0 - ok
00:49:28.0228 6368 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:49:28.0232 6368 FsDepends - ok
00:49:28.0268 6368 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
00:49:28.0272 6368 Fs_Rec - ok
00:49:28.0319 6368 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:49:28.0324 6368 fvevol - ok
00:49:28.0363 6368 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
00:49:28.0366 6368 gagp30kx - ok
00:49:28.0443 6368 gogoc (81c8557efb76328a2f6c303bab0f51c3) C:\Program Files\gogo6\gogoCLIENT\gogoc.exe
00:49:28.0464 6368 gogoc - ok
00:49:28.0486 6368 gogoTunnelDevice (65961d99898eb8b829d1bbd112c762c2) C:\Windows\system32\DRIVERS\gogotun.sys
00:49:28.0492 6368 gogoTunnelDevice - ok
00:49:28.0532 6368 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
00:49:28.0541 6368 gpsvc - ok
00:49:28.0603 6368 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:49:28.0608 6368 gupdate - ok
00:49:28.0623 6368 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:49:28.0626 6368 gupdatem - ok
00:49:28.0706 6368 HauppaugeTVServer (19fee61c78b50d70ba8900150d2a3a8a) C:\PROGRA~2\WinTV\HCWTVS~1.EXE
00:49:28.0721 6368 HauppaugeTVServer - ok
00:49:28.0794 6368 hcw18bda (eee3ce595373ba78e19a3039e5346ce4) C:\Windows\system32\drivers\hcw18bda.sys
00:49:28.0808 6368 hcw18bda - ok
00:49:28.0852 6368 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:49:28.0856 6368 hcw85cir - ok
00:49:28.0910 6368 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
00:49:28.0921 6368 HdAudAddService - ok
00:49:28.0970 6368 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
00:49:28.0978 6368 HDAudBus - ok
00:49:29.0015 6368 HDD & SSD access service (d597c97e9c15e86667d8146e8b473bce) C:\Program Files (x86)\Common Files\BinarySense\disksvc.exe
00:49:29.0020 6368 HDD & SSD access service - ok
00:49:29.0054 6368 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
00:49:29.0057 6368 HidBatt - ok
00:49:29.0078 6368 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
00:49:29.0085 6368 HidBth - ok
00:49:29.0097 6368 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
00:49:29.0103 6368 HidIr - ok
00:49:29.0129 6368 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
00:49:29.0142 6368 hidserv - ok
00:49:29.0185 6368 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
00:49:29.0193 6368 HidUsb - ok
00:49:29.0221 6368 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
00:49:29.0229 6368 hkmsvc - ok
00:49:29.0270 6368 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
00:49:29.0281 6368 HomeGroupListener - ok
00:49:29.0305 6368 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
00:49:29.0311 6368 HomeGroupProvider - ok
00:49:29.0343 6368 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
00:49:29.0348 6368 HpSAMD - ok
00:49:29.0433 6368 hshld (44452f7a09d00573dc6e714874257cc9) C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
00:49:29.0442 6368 hshld - ok
00:49:29.0472 6368 HssDrv (a60c877e1cd3aa2e4e5ccd8af305c0f1) C:\Windows\system32\DRIVERS\HssDrv.sys
00:49:29.0478 6368 HssDrv - ok
00:49:29.0499 6368 HssSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
00:49:29.0507 6368 HssSrv - ok

dnamaca · Apr 22, 2012

00:49:29.0521 6368 HssTrayService (6b1dc08d22231c9e508a715f07fce7fb) C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
00:49:29.0525 6368 HssTrayService - ok
00:49:29.0587 6368 HssWd - ok
00:49:29.0661 6368 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
00:49:29.0677 6368 HTTP - ok
00:49:29.0708 6368 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
00:49:29.0712 6368 hwpolicy - ok
00:49:29.0754 6368 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
00:49:29.0756 6368 i8042prt - ok
00:49:29.0781 6368 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
00:49:29.0788 6368 iaStorV - ok
00:49:29.0878 6368 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:49:29.0902 6368 idsvc - ok
00:49:29.0942 6368 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
00:49:29.0949 6368 iirsp - ok
00:49:30.0017 6368 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
00:49:30.0037 6368 IKEEXT - ok
00:49:30.0134 6368 IntcAzAudAddService (f2744fd54be1580be05916d1c755c92a) C:\Windows\system32\drivers\RTKVHD64.sys
00:49:30.0187 6368 IntcAzAudAddService - ok
00:49:30.0213 6368 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
00:49:30.0217 6368 intelide - ok
00:49:30.0258 6368 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
00:49:30.0262 6368 intelppm - ok
00:49:30.0301 6368 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
00:49:30.0307 6368 IPBusEnum - ok
00:49:30.0337 6368 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:49:30.0341 6368 IpFilterDriver - ok
00:49:30.0378 6368 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
00:49:30.0385 6368 iphlpsvc - ok
00:49:30.0400 6368 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
00:49:30.0402 6368 IPMIDRV - ok
00:49:30.0425 6368 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:49:30.0428 6368 IPNAT - ok
00:49:30.0444 6368 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:49:30.0445 6368 IRENUM - ok
00:49:30.0465 6368 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
00:49:30.0468 6368 isapnp - ok
00:49:30.0489 6368 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
00:49:30.0495 6368 iScsiPrt - ok
00:49:30.0540 6368 Jasmio.MediaCenter.Service (e1478a46c23800101abe17a8fa5e6c51) C:\Program Files\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe
00:49:30.0544 6368 Jasmio.MediaCenter.Service - ok
00:49:30.0578 6368 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
00:49:30.0581 6368 kbdclass - ok
00:49:30.0626 6368 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
00:49:30.0632 6368 kbdhid - ok
00:49:30.0662 6368 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:30.0664 6368 KeyIso - ok
00:49:30.0701 6368 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
00:49:30.0704 6368 KSecDD - ok
00:49:30.0720 6368 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
00:49:30.0724 6368 KSecPkg - ok
00:49:30.0755 6368 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:49:30.0757 6368 ksthunk - ok
00:49:30.0781 6368 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
00:49:30.0786 6368 KtmRm - ok
00:49:30.0831 6368 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
00:49:30.0836 6368 LanmanServer - ok
00:49:30.0880 6368 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
00:49:30.0885 6368 LanmanWorkstation - ok
00:49:30.0962 6368 LBTServ (7772dfab22611050b79504e671b06e6e) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
00:49:30.0968 6368 LBTServ - ok
00:49:31.0020 6368 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
00:49:31.0023 6368 LGBusEnum - ok
00:49:31.0044 6368 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
00:49:31.0049 6368 LGVirHid - ok
00:49:31.0083 6368 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
00:49:31.0090 6368 LHidFilt - ok
00:49:31.0128 6368 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:49:31.0130 6368 lltdio - ok
00:49:31.0161 6368 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
00:49:31.0166 6368 lltdsvc - ok
00:49:31.0184 6368 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
00:49:31.0191 6368 lmhosts - ok
00:49:31.0249 6368 LMIGuardianSvc (ad988709675d9e35a60b2616bef108e9) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
00:49:31.0255 6368 LMIGuardianSvc - ok
00:49:31.0284 6368 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
00:49:31.0285 6368 LMIInfo - ok
00:49:31.0319 6368 LMIMaint (bd043199fc0bf5f2810f54c8b374590b) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
00:49:31.0321 6368 LMIMaint - ok
00:49:31.0368 6368 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
00:49:31.0371 6368 lmimirr - ok
00:49:31.0377 6368 LMIRfsClientNP - ok
00:49:31.0396 6368 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
00:49:31.0399 6368 LMIRfsDriver - ok
00:49:31.0425 6368 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
00:49:31.0432 6368 LMouFilt - ok
00:49:31.0458 6368 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
00:49:31.0462 6368 LogMeIn - ok
00:49:31.0497 6368 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
00:49:31.0499 6368 LSI_FC - ok
00:49:31.0518 6368 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
00:49:31.0523 6368 LSI_SAS - ok
00:49:31.0542 6368 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:49:31.0544 6368 LSI_SAS2 - ok
00:49:31.0559 6368 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:49:31.0561 6368 LSI_SCSI - ok
00:49:31.0580 6368 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:49:31.0582 6368 luafv - ok
00:49:31.0633 6368 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
00:49:31.0636 6368 Mcx2Svc - ok
00:49:31.0653 6368 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
00:49:31.0655 6368 megasas - ok
00:49:31.0668 6368 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
00:49:31.0673 6368 MegaSR - ok
00:49:31.0741 6368 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
00:49:31.0746 6368 Microsoft Office Groove Audit Service - ok
00:49:31.0787 6368 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:49:31.0790 6368 MMCSS - ok
00:49:31.0801 6368 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:49:31.0803 6368 Modem - ok
00:49:31.0823 6368 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:49:31.0827 6368 monitor - ok
00:49:31.0858 6368 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
00:49:31.0862 6368 mouclass - ok
00:49:31.0911 6368 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:49:31.0914 6368 mouhid - ok
00:49:31.0949 6368 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
00:49:31.0953 6368 mountmgr - ok
00:49:31.0992 6368 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
00:49:31.0995 6368 mpio - ok
00:49:32.0016 6368 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:49:32.0018 6368 mpsdrv - ok
00:49:32.0065 6368 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
00:49:32.0074 6368 MpsSvc - ok
00:49:32.0101 6368 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
00:49:32.0105 6368 MRxDAV - ok
00:49:32.0135 6368 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:49:32.0139 6368 mrxsmb - ok
00:49:32.0172 6368 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:49:32.0175 6368 mrxsmb10 - ok
00:49:32.0197 6368 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:49:32.0201 6368 mrxsmb20 - ok
00:49:32.0232 6368 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
00:49:32.0235 6368 msahci - ok
00:49:32.0257 6368 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
00:49:32.0261 6368 msdsm - ok
00:49:32.0292 6368 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
00:49:32.0296 6368 MSDTC - ok
00:49:32.0323 6368 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:49:32.0324 6368 Msfs - ok
00:49:32.0337 6368 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:49:32.0338 6368 mshidkmdf - ok
00:49:32.0357 6368 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
00:49:32.0359 6368 msisadrv - ok
00:49:32.0390 6368 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
00:49:32.0393 6368 MSiSCSI - ok
00:49:32.0399 6368 msiserver - ok
00:49:32.0430 6368 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:49:32.0432 6368 MSKSSRV - ok
00:49:32.0447 6368 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:49:32.0448 6368 MSPCLOCK - ok
00:49:32.0459 6368 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:49:32.0460 6368 MSPQM - ok
00:49:32.0491 6368 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
00:49:32.0496 6368 MsRPC - ok
00:49:32.0511 6368 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
00:49:32.0513 6368 mssmbios - ok
00:49:32.0570 6368 MSSQL$ACT7 - ok
00:49:32.0614 6368 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
00:49:32.0618 6368 MSSQLServerADHelper - ok
00:49:32.0653 6368 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:49:32.0655 6368 MSTEE - ok
00:49:32.0668 6368 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
00:49:32.0670 6368 MTConfig - ok
00:49:32.0697 6368 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:49:32.0698 6368 Mup - ok
00:49:32.0728 6368 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
00:49:32.0735 6368 napagent - ok
00:49:32.0787 6368 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:49:32.0791 6368 NativeWifiP - ok
00:49:32.0832 6368 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
00:49:32.0842 6368 NDIS - ok
00:49:32.0866 6368 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:49:32.0868 6368 NdisCap - ok
00:49:32.0893 6368 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:49:32.0895 6368 NdisTapi - ok
00:49:32.0925 6368 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
00:49:32.0929 6368 Ndisuio - ok
00:49:32.0961 6368 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
00:49:32.0965 6368 NdisWan - ok
00:49:32.0998 6368 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
00:49:33.0002 6368 NDProxy - ok
00:49:33.0023 6368 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:49:33.0025 6368 NetBIOS - ok
00:49:33.0062 6368 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
00:49:33.0067 6368 NetBT - ok
00:49:33.0101 6368 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:33.0103 6368 Netlogon - ok
00:49:33.0137 6368 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
00:49:33.0142 6368 Netman - ok
00:49:33.0153 6368 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
00:49:33.0159 6368 netprofm - ok
00:49:33.0207 6368 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:49:33.0211 6368 NetTcpPortSharing - ok
00:49:33.0246 6368 NetworkX (2263727032e9b19231a706046b8c82d3) C:\Windows\system32\ckldrv.sys
00:49:33.0250 6368 NetworkX - ok
00:49:33.0283 6368 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
00:49:33.0285 6368 nfrd960 - ok
00:49:33.0337 6368 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
00:49:33.0342 6368 NlaSvc - ok
00:49:33.0363 6368 nosGetPlusHelper - ok
00:49:33.0390 6368 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
00:49:33.0396 6368 NPF - ok
00:49:33.0406 6368 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:49:33.0407 6368 Npfs - ok
00:49:33.0425 6368 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
00:49:33.0433 6368 nsi - ok
00:49:33.0454 6368 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:49:33.0458 6368 nsiproxy - ok
00:49:33.0510 6368 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
00:49:33.0537 6368 Ntfs - ok
00:49:33.0564 6368 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:49:33.0566 6368 Null - ok
00:49:33.0595 6368 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
00:49:33.0602 6368 nusb3hub - ok
00:49:33.0626 6368 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:49:33.0634 6368 nusb3xhc - ok
00:49:33.0671 6368 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
00:49:33.0679 6368 NVHDA - ok
00:49:33.0975 6368 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:49:34.0195 6368 nvlddmkm - ok
00:49:34.0240 6368 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
00:49:34.0250 6368 nvraid - ok
00:49:34.0278 6368 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
00:49:34.0289 6368 nvstor - ok
00:49:34.0357 6368 NVSvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
00:49:34.0377 6368 NVSvc - ok
00:49:34.0517 6368 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:49:34.0554 6368 nvUpdatusService - ok
00:49:34.0598 6368 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
00:49:34.0606 6368 nv_agp - ok
00:49:34.0663 6368 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:49:34.0670 6368 odserv - ok
00:49:34.0696 6368 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
00:49:34.0700 6368 ohci1394 - ok
00:49:34.0829 6368 OODefragAgent (cdbd86641ceb73402f436c9569e56c4e) C:\Program Files\OO Software\Defrag\oodag.exe
00:49:34.0899 6368 OODefragAgent - ok
00:49:35.0005 6368 OS Selector (05789653e0e42cc121eb558bd39f4eeb) C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
00:49:35.0066 6368 OS Selector - ok
00:49:35.0091 6368 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:49:35.0094 6368 ose - ok
00:49:35.0163 6368 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:49:35.0178 6368 p2pimsvc - ok
00:49:35.0197 6368 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
00:49:35.0206 6368 p2psvc - ok
00:49:35.0282 6368 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
00:49:35.0287 6368 Parport - ok
00:49:35.0327 6368 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
00:49:35.0333 6368 partmgr - ok
00:49:35.0349 6368 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
00:49:35.0362 6368 PcaSvc - ok
00:49:35.0404 6368 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
00:49:35.0407 6368 pci - ok
00:49:35.0440 6368 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
00:49:35.0444 6368 pciide - ok
00:49:35.0468 6368 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
00:49:35.0480 6368 pcmcia - ok
00:49:35.0503 6368 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:49:35.0508 6368 pcw - ok
00:49:35.0542 6368 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:49:35.0557 6368 PEAUTH - ok
00:49:35.0617 6368 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
00:49:35.0661 6368 PeerDistSvc - ok
00:49:35.0699 6368 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
00:49:35.0707 6368 PerfHost - ok
00:49:35.0790 6368 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
00:49:35.0834 6368 pla - ok
00:49:35.0850 6368 PlayItVideoServer - ok
00:49:35.0901 6368 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
00:49:35.0920 6368 PlugPlay - ok
00:49:35.0952 6368 PnkBstrA - ok
00:49:35.0986 6368 PnkBstrB - ok
00:49:36.0014 6368 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
00:49:36.0024 6368 PNRPAutoReg - ok
00:49:36.0054 6368 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:49:36.0066 6368 PNRPsvc - ok
00:49:36.0115 6368 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
00:49:36.0130 6368 PolicyAgent - ok
00:49:36.0159 6368 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
00:49:36.0172 6368 Power - ok
00:49:36.0228 6368 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
00:49:36.0238 6368 PptpMiniport - ok
00:49:36.0276 6368 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
00:49:36.0283 6368 Processor - ok
00:49:36.0336 6368 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
00:49:36.0348 6368 ProfSvc - ok
00:49:36.0381 6368 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:36.0384 6368 ProtectedStorage - ok
00:49:36.0436 6368 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
00:49:36.0441 6368 Psched - ok
00:49:36.0487 6368 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
00:49:36.0494 6368 PxHlpa64 - ok
00:49:36.0566 6368 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
00:49:36.0610 6368 ql2300 - ok
00:49:36.0635 6368 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
00:49:36.0639 6368 ql40xx - ok
00:49:36.0674 6368 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
00:49:36.0681 6368 QWAVE - ok
00:49:36.0690 6368 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:49:36.0692 6368 QWAVEdrv - ok
00:49:36.0708 6368 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:49:36.0709 6368 RasAcd - ok
00:49:36.0731 6368 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:49:36.0735 6368 RasAgileVpn - ok
00:49:36.0753 6368 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
00:49:36.0758 6368 RasAuto - ok
00:49:36.0788 6368 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:49:36.0792 6368 Rasl2tp - ok
00:49:36.0809 6368 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
00:49:36.0816 6368 RasMan - ok
00:49:36.0843 6368 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:49:36.0851 6368 RasPppoe - ok
00:49:36.0874 6368 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:49:36.0876 6368 RasSstp - ok
00:49:36.0914 6368 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
00:49:36.0924 6368 rdbss - ok
00:49:36.0938 6368 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
00:49:36.0942 6368 rdpbus - ok
00:49:36.0972 6368 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:49:36.0976 6368 RDPCDD - ok
00:49:37.0034 6368 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
00:49:37.0042 6368 RDPDR - ok
00:49:37.0070 6368 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:49:37.0075 6368 RDPENCDD - ok
00:49:37.0093 6368 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:49:37.0098 6368 RDPREFMP - ok
00:49:37.0171 6368 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
00:49:37.0177 6368 RdpVideoMiniport - ok
00:49:37.0209 6368 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
00:49:37.0218 6368 RDPWD - ok
00:49:37.0259 6368 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
00:49:37.0268 6368 rdyboost - ok
00:49:37.0305 6368 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
00:49:37.0314 6368 RemoteAccess - ok
00:49:37.0339 6368 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
00:49:37.0351 6368 RemoteRegistry - ok
00:49:37.0401 6368 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
00:49:37.0407 6368 RichVideo - ok
00:49:37.0446 6368 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
00:49:37.0450 6368 RimUsb - ok
00:49:37.0487 6368 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
00:49:37.0493 6368 RimVSerPort - ok
00:49:37.0520 6368 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
00:49:37.0524 6368 ROOTMODEM - ok
00:49:37.0564 6368 rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files (x86)\WinPcap\rpcapd.exe
00:49:37.0568 6368 rpcapd - ok
00:49:37.0605 6368 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
00:49:37.0608 6368 RpcEptMapper - ok
00:49:37.0619 6368 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
00:49:37.0621 6368 RpcLocator - ok
00:49:37.0668 6368 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:49:37.0684 6368 RpcSs - ok
00:49:37.0733 6368 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:49:37.0739 6368 rspndr - ok
00:49:37.0799 6368 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
00:49:37.0813 6368 RTL8167 - ok
00:49:37.0853 6368 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
00:49:37.0866 6368 s3cap - ok
00:49:37.0906 6368 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:37.0912 6368 SamSs - ok
00:49:37.0966 6368 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
00:49:37.0971 6368 sbp2port - ok
00:49:38.0008 6368 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
00:49:38.0022 6368 SCardSvr - ok
00:49:38.0057 6368 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
00:49:38.0061 6368 scfilter - ok
00:49:38.0115 6368 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
00:49:38.0143 6368 Schedule - ok
00:49:38.0169 6368 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:49:38.0170 6368 SCPolicySvc - ok
00:49:38.0203 6368 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
00:49:38.0210 6368 SDRSVC - ok
00:49:38.0249 6368 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:49:38.0251 6368 secdrv - ok
00:49:38.0272 6368 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
00:49:38.0277 6368 seclogon - ok
00:49:38.0300 6368 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
00:49:38.0308 6368 SENS - ok
00:49:38.0316 6368 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
00:49:38.0321 6368 SensrSvc - ok
00:49:38.0358 6368 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
00:49:38.0361 6368 Serenum - ok
00:49:38.0390 6368 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
00:49:38.0393 6368 Serial - ok
00:49:38.0420 6368 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
00:49:38.0422 6368 sermouse - ok
00:49:38.0489 6368 Serviio (ceda1a662f14dd6df843fe3ff0226ceb) C:\Program Files (x86)\Serviio\bin\ServiioService.exe
00:49:38.0494 6368 Serviio - ok
00:49:38.0537 6368 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
00:49:38.0550 6368 SessionEnv - ok
00:49:38.0580 6368 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
00:49:38.0582 6368 sffdisk - ok
00:49:38.0598 6368 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
00:49:38.0605 6368 sffp_mmc - ok
00:49:38.0644 6368 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
00:49:38.0646 6368 sffp_sd - ok
00:49:38.0673 6368 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
00:49:38.0678 6368 sfloppy - ok
00:49:38.0717 6368 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
00:49:38.0730 6368 SharedAccess - ok
00:49:38.0775 6368 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
00:49:38.0792 6368 ShellHWDetection - ok
00:49:38.0832 6368 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:49:38.0834 6368 SiSRaid2 - ok
00:49:38.0871 6368 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
00:49:38.0873 6368 SiSRaid4 - ok
00:49:38.0910 6368 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:49:38.0913 6368 Smb - ok
00:49:38.0973 6368 snapman (10450f432811d7fda60a97fcc674d7b2) C:\Windows\system32\DRIVERS\snapman.sys
00:49:38.0980 6368 snapman - ok
00:49:39.0017 6368 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
00:49:39.0028 6368 SNMPTRAP - ok
00:49:39.0071 6368 SplashtopRemoteService (ccf611a259882d8cf4dbabae2341ee31) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
00:49:39.0080 6368 SplashtopRemoteService - ok
00:49:39.0130 6368 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:49:39.0134 6368 spldr - ok
00:49:39.0182 6368 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
00:49:39.0202 6368 Spooler - ok
00:49:39.0309 6368 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
00:49:39.0366 6368 sppsvc - ok

dnamaca · Apr 22, 2012

00:49:39.0404 6368 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
00:49:39.0422 6368 sppuinotify - ok
00:49:39.0475 6368 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
00:49:39.0475 6368 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
00:49:39.0477 6368 sptd ( LockedFile.Multi.Generic ) - warning
00:49:39.0477 6368 sptd - detected LockedFile.Multi.Generic (1)
00:49:39.0540 6368 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
00:49:39.0546 6368 SQLBrowser - ok
00:49:39.0620 6368 SQLWriter (3c432a96363097870995e2a3c8b66abd) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
00:49:39.0624 6368 SQLWriter - ok
00:49:39.0689 6368 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
00:49:39.0701 6368 srv - ok
00:49:39.0761 6368 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
00:49:39.0773 6368 srv2 - ok
00:49:39.0810 6368 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
00:49:39.0815 6368 srvnet - ok
00:49:39.0856 6368 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
00:49:39.0870 6368 SSDPSRV - ok
00:49:39.0892 6368 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
00:49:39.0898 6368 SstpSvc - ok
00:49:39.0930 6368 SSUService (1cfa4a1f3c7bb4c8f299e00428eb8677) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
00:49:39.0937 6368 SSUService - ok
00:49:39.0960 6368 Steam Client Service - ok
00:49:40.0091 6368 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:49:40.0100 6368 Stereo Service - ok
00:49:40.0140 6368 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
00:49:40.0144 6368 stexstor - ok
00:49:40.0208 6368 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
00:49:40.0230 6368 stisvc - ok
00:49:40.0262 6368 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
00:49:40.0264 6368 storflt - ok
00:49:40.0291 6368 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
00:49:40.0297 6368 StorSvc - ok
00:49:40.0332 6368 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
00:49:40.0336 6368 storvsc - ok
00:49:40.0377 6368 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
00:49:40.0381 6368 swenum - ok
00:49:40.0465 6368 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
00:49:40.0481 6368 SwitchBoard - ok
00:49:40.0515 6368 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
00:49:40.0533 6368 swprv - ok
00:49:40.0550 6368 Synth3dVsc - ok
00:49:40.0662 6368 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
00:49:40.0702 6368 SysMain - ok
00:49:40.0768 6368 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
00:49:40.0780 6368 TabletInputService - ok
00:49:40.0822 6368 tap0901 (3b73c849b41fb20d77b0e553214061a5) C:\Windows\system32\DRIVERS\tap0901.sys
00:49:40.0826 6368 tap0901 - ok
00:49:40.0858 6368 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
00:49:40.0862 6368 taphss - ok
00:49:40.0899 6368 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
00:49:40.0915 6368 TapiSrv - ok
00:49:40.0948 6368 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
00:49:40.0955 6368 TBS - ok
00:49:41.0020 6368 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
00:49:41.0093 6368 Tcpip - ok
00:49:41.0274 6368 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
00:49:41.0292 6368 TCPIP6 - ok
00:49:41.0326 6368 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
00:49:41.0328 6368 tcpipreg - ok
00:49:41.0366 6368 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:49:41.0373 6368 TDPIPE - ok
00:49:41.0444 6368 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\Windows\system32\DRIVERS\tdrpm273.sys
00:49:41.0472 6368 tdrpman273 - ok
00:49:41.0491 6368 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
00:49:41.0493 6368 TDTCP - ok
00:49:41.0553 6368 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
00:49:41.0560 6368 tdx - ok
00:49:41.0607 6368 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
00:49:41.0613 6368 TermDD - ok
00:49:41.0658 6368 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
00:49:41.0679 6368 TermService - ok
00:49:41.0704 6368 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
00:49:41.0715 6368 Themes - ok
00:49:41.0744 6368 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:49:41.0748 6368 THREADORDER - ok
00:49:41.0783 6368 timounter (ebbaea02f0095a798000c7e06b16d41b) C:\Windows\system32\DRIVERS\timntr.sys
00:49:41.0797 6368 timounter - ok
00:49:41.0817 6368 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
00:49:41.0823 6368 TrkWks - ok
00:49:41.0865 6368 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
00:49:41.0870 6368 TrustedInstaller - ok
00:49:41.0906 6368 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:49:41.0911 6368 tssecsrv - ok
00:49:41.0944 6368 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
00:49:41.0950 6368 TsUsbFlt - ok
00:49:41.0963 6368 tsusbhub - ok
00:49:42.0024 6368 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
00:49:42.0030 6368 tunnel - ok
00:49:42.0071 6368 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
00:49:42.0076 6368 uagp35 - ok
00:49:42.0118 6368 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
00:49:42.0127 6368 udfs - ok
00:49:42.0165 6368 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
00:49:42.0178 6368 UI0Detect - ok
00:49:42.0207 6368 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
00:49:42.0211 6368 uliagpkx - ok
00:49:42.0242 6368 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
00:49:42.0246 6368 umbus - ok
00:49:42.0268 6368 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
00:49:42.0272 6368 UmPass - ok
00:49:42.0307 6368 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
00:49:42.0322 6368 UmRdpService - ok
00:49:42.0340 6368 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
00:49:42.0349 6368 upnphost - ok
00:49:42.0395 6368 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
00:49:42.0400 6368 USBAAPL64 - ok
00:49:42.0454 6368 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
00:49:42.0459 6368 usbaudio - ok
00:49:42.0503 6368 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
00:49:42.0510 6368 usbccgp - ok
00:49:42.0539 6368 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
00:49:42.0546 6368 usbcir - ok
00:49:42.0566 6368 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
00:49:42.0572 6368 usbehci - ok
00:49:42.0607 6368 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
00:49:42.0614 6368 usbfilter - ok
00:49:42.0649 6368 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
00:49:42.0659 6368 usbhub - ok
00:49:42.0683 6368 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
00:49:42.0689 6368 usbohci - ok
00:49:42.0727 6368 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
00:49:42.0733 6368 usbprint - ok
00:49:42.0782 6368 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
00:49:42.0788 6368 usbscan - ok
00:49:42.0805 6368 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
00:49:42.0809 6368 USBSTOR - ok
00:49:42.0831 6368 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
00:49:42.0837 6368 usbuhci - ok
00:49:42.0865 6368 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
00:49:42.0869 6368 usb_rndisx - ok
00:49:42.0900 6368 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
00:49:42.0912 6368 UxSms - ok
00:49:42.0942 6368 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:49:42.0945 6368 VaultSvc - ok
00:49:42.0984 6368 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
00:49:42.0988 6368 vdrvroot - ok
00:49:43.0026 6368 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
00:49:43.0038 6368 vds - ok
00:49:43.0067 6368 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:49:43.0070 6368 vga - ok
00:49:43.0089 6368 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:49:43.0091 6368 VgaSave - ok
00:49:43.0099 6368 VGPU - ok
00:49:43.0120 6368 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
00:49:43.0125 6368 vhdmp - ok
00:49:43.0159 6368 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
00:49:43.0163 6368 viaide - ok
00:49:43.0182 6368 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
00:49:43.0189 6368 vmbus - ok
00:49:43.0206 6368 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
00:49:43.0212 6368 VMBusHID - ok
00:49:43.0258 6368 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
00:49:43.0265 6368 volmgr - ok
00:49:43.0302 6368 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
00:49:43.0313 6368 volmgrx - ok
00:49:43.0345 6368 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
00:49:43.0351 6368 volsnap - ok
00:49:43.0398 6368 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
00:49:43.0404 6368 vsmraid - ok
00:49:43.0477 6368 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
00:49:43.0511 6368 VSS - ok
00:49:43.0533 6368 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
00:49:43.0535 6368 vwifibus - ok
00:49:43.0563 6368 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
00:49:43.0572 6368 W32Time - ok
00:49:43.0591 6368 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
00:49:43.0593 6368 WacomPen - ok
00:49:43.0653 6368 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:49:43.0660 6368 WANARP - ok
00:49:43.0684 6368 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:49:43.0688 6368 Wanarpv6 - ok
00:49:43.0759 6368 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
00:49:43.0795 6368 WatAdminSvc - ok
00:49:43.0862 6368 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
00:49:43.0895 6368 wbengine - ok
00:49:43.0928 6368 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
00:49:43.0936 6368 WbioSrvc - ok
00:49:43.0972 6368 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
00:49:43.0981 6368 wcncsvc - ok
00:49:43.0990 6368 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
00:49:43.0996 6368 WcsPlugInService - ok
00:49:44.0031 6368 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
00:49:44.0033 6368 Wd - ok
00:49:44.0069 6368 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:49:44.0079 6368 Wdf01000 - ok
00:49:44.0089 6368 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:49:44.0095 6368 WdiServiceHost - ok
00:49:44.0099 6368 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:49:44.0105 6368 WdiSystemHost - ok
00:49:44.0142 6368 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
00:49:44.0158 6368 WebClient - ok
00:49:44.0184 6368 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
00:49:44.0192 6368 Wecsvc - ok
00:49:44.0201 6368 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
00:49:44.0207 6368 wercplsupport - ok
00:49:44.0225 6368 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
00:49:44.0231 6368 WerSvc - ok
00:49:44.0247 6368 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:49:44.0250 6368 WfpLwf - ok
00:49:44.0272 6368 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:49:44.0275 6368 WIMMount - ok
00:49:44.0278 6368 WinDefend - ok
00:49:44.0285 6368 WinHttpAutoProxySvc - ok
00:49:44.0329 6368 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
00:49:44.0333 6368 Winmgmt - ok
00:49:44.0408 6368 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
00:49:44.0449 6368 WinRM - ok
00:49:44.0490 6368 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
00:49:44.0494 6368 WinUsb - ok
00:49:44.0546 6368 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
00:49:44.0594 6368 Wlansvc - ok
00:49:44.0706 6368 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:49:44.0745 6368 wlidsvc - ok
00:49:44.0798 6368 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys
00:49:44.0805 6368 WmBEnum - ok
00:49:44.0854 6368 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys
00:49:44.0861 6368 WmFilter - ok
00:49:44.0885 6368 WmHidLo (ac4331af118a720f13c9c5cabbfe27bd) C:\Windows\system32\drivers\WmHidLo.sys
00:49:44.0893 6368 WmHidLo - ok
00:49:44.0928 6368 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
00:49:44.0937 6368 WmiAcpi - ok
00:49:44.0988 6368 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
00:49:44.0996 6368 wmiApSrv - ok
00:49:45.0025 6368 WMPNetworkSvc - ok
00:49:45.0065 6368 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys
00:49:45.0073 6368 WmVirHid - ok
00:49:45.0099 6368 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys
00:49:45.0106 6368 WmXlCore - ok
00:49:45.0133 6368 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
00:49:45.0146 6368 WPCSvc - ok
00:49:45.0193 6368 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
00:49:45.0198 6368 WPDBusEnum - ok
00:49:45.0224 6368 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:49:45.0228 6368 ws2ifsl - ok
00:49:45.0236 6368 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
00:49:45.0240 6368 wscsvc - ok
00:49:45.0271 6368 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
00:49:45.0276 6368 WSDPrintDevice - ok
00:49:45.0282 6368 WSearch - ok
00:49:45.0347 6368 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
00:49:45.0391 6368 wuauserv - ok
00:49:45.0423 6368 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
00:49:45.0431 6368 WudfPf - ok
00:49:45.0468 6368 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:49:45.0475 6368 WUDFRd - ok
00:49:45.0505 6368 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
00:49:45.0518 6368 wudfsvc - ok
00:49:45.0572 6368 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
00:49:45.0581 6368 WwanSvc - ok
00:49:45.0618 6368 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
00:49:45.0628 6368 xusb21 - ok
00:49:45.0679 6368 {B154377D-700F-42cc-9474-23858FBDF4BD} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl
00:49:45.0687 6368 {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
00:49:45.0705 6368 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:49:45.0763 6368 \Device\Harddisk0\DR0 - ok
00:49:45.0771 6368 MBR (0x1B8) (35c6b2fcde68facbefe0a4a7200bae58) \Device\Harddisk1\DR1
00:49:47.0854 6368 \Device\Harddisk1\DR1 - ok
00:49:47.0885 6368 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
00:49:48.0082 6368 \Device\Harddisk3\DR3 - ok
00:49:48.0084 6368 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
00:49:48.0086 6368 \Device\Harddisk2\DR2 - ok
00:49:48.0096 6368 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk4\DR4
00:49:48.0100 6368 \Device\Harddisk4\DR4 - ok
00:49:48.0105 6368 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk5\DR5
00:49:48.0110 6368 \Device\Harddisk5\DR5 - ok
00:49:48.0115 6368 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk6\DR6
00:49:48.0121 6368 \Device\Harddisk6\DR6 - ok
00:49:48.0123 6368 Boot (0x1200) (c0669f6f9d786aec3bdcc29ac3bc5d21) \Device\Harddisk0\DR0\Partition0
00:49:48.0124 6368 \Device\Harddisk0\DR0\Partition0 - ok
00:49:48.0137 6368 Boot (0x1200) (0e75d3ad6c7e638cbd2b61d1a1e7b0a4) \Device\Harddisk0\DR0\Partition1
00:49:48.0138 6368 \Device\Harddisk0\DR0\Partition1 - ok
00:49:48.0140 6368 Boot (0x1200) (425be9fc1064457c7fac34e8c04ee884) \Device\Harddisk1\DR1\Partition0
00:49:48.0141 6368 \Device\Harddisk1\DR1\Partition0 - ok
00:49:48.0143 6368 Boot (0x1200) (ebb51b9bf1d98e6bc9aa7b6db84b9fcc) \Device\Harddisk3\DR3\Partition0
00:49:48.0144 6368 \Device\Harddisk3\DR3\Partition0 - ok
00:49:48.0147 6368 Boot (0x1200) (f75d03c40000560267ed4d6b3aed481e) \Device\Harddisk3\DR3\Partition1
00:49:48.0148 6368 \Device\Harddisk3\DR3\Partition1 - ok
00:49:48.0150 6368 Boot (0x1200) (9af5ff619800b52ca7400e04beb2070b) \Device\Harddisk2\DR2\Partition0
00:49:48.0151 6368 \Device\Harddisk2\DR2\Partition0 - ok
00:49:48.0155 6368 Boot (0x1200) (a56c260ceecda6164de9c2902201ec5e) \Device\Harddisk4\DR4\Partition0
00:49:48.0157 6368 \Device\Harddisk4\DR4\Partition0 - ok
00:49:48.0160 6368 Boot (0x1200) (b386ce5232bfa4cb0df081c291108118) \Device\Harddisk5\DR5\Partition0
00:49:48.0162 6368 \Device\Harddisk5\DR5\Partition0 - ok
00:49:48.0165 6368 Boot (0x1200) (9255b328b604c6e9de787c493c61184c) \Device\Harddisk6\DR6\Partition0
00:49:48.0167 6368 \Device\Harddisk6\DR6\Partition0 - ok
00:49:48.0167 6368 ============================================================
00:49:48.0167 6368 Scan finished
00:49:48.0167 6368 ============================================================
00:49:48.0175 6048 Detected object count: 1
00:49:48.0175 6048 Actual detected object count: 1
00:49:58.0555 6048 sptd ( LockedFile.Multi.Generic ) - skipped by user
00:49:58.0555 6048 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

Broni · Apr 22, 2012

Run OTL
Under the Custom Scans/Fixes box at the bottom, paste in the following
Code:
:OTL
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:D5AD7675
@Alternate Data Stream - 1154 bytes -> C:\Users\Dhinesh\AppData\Local\pR0gV8vwQtigFY:EHWFSwKgk9yXimCY5bL74

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

You will get a log that shows the results of the fix. Please post it.
============================================================================================

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.

Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.

Accept any prompts.

Do NOT post JavaRa log.

========================================================================================

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

Make sure the following options are checked:

Internet Services

Windows Firewall

System Restore

Security Center

Windows Update

Windows Defender

Press "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

3. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.

Click on Start button to begin cleaning process.

TFC will close all running programs, and it may ask you to restart computer.

4. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program

Tick the box next to YES, I accept the Terms of Use

Click Start

Accept any security warnings from your browser.

Check Scan archives

Click Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, click on List of found threats

Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

NOTE. If Eset won't find any threats, it won't produce any log.

dnamaca · Apr 22, 2012

All processes killed
========== OTL ==========
ADS C:\ProgramData\Temp5AD7675 deleted successfully.
ADS C:\Users\Dhinesh\AppData\Local\pR0gV8vwQtigFY:EHWFSwKgk9yXimCY5bL74 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Dhinesh
->Temp folder emptied: 3086269 bytes
->Temporary Internet Files folder emptied: 83682803 bytes
->Java cache emptied: 10324658 bytes
->FireFox cache emptied: 216930359 bytes
->Google Chrome cache emptied: 12776456 bytes
->Opera cache emptied: 16196411 bytes
->Flash cache emptied: 412290 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 356352 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2598647 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 119186 bytes
RecycleBin emptied: 6984480 bytes

Total Files Cleaned = 337.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Dhinesh
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Dhinesh
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.40.0 log created on 04222012_153424

Files\Folders moved on Reboot...
File\Folder C:\Users\Dhinesh\AppData\Local\Temp\hsperfdata_Dhinesh\6440 not found!
C:\Users\Dhinesh\AppData\Local\Temp\e4jE223.tmp_dir\exe4jlib.jar moved successfully.
C:\Users\Dhinesh\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Dhinesh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
File\Folder C:\Windows\temp\hsperfdata_DHINESH-PC$\3868 not found!
C:\Windows\temp\e4jC5E.tmp_dir\exe4jlib.jar moved successfully.

Registry entries deleted on Reboot...

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 31
````````````````````````````````
Process Check:
objlist.exe by Laurent
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
``````````End of Log````````````

Farbar Service Scanner Version: 16-04-2012
Ran by Dhinesh (administrator) on 22-04-2012 at 15:45:54
Running from "C:\Users\Dhinesh\Desktop"
Microsoft Windows 7 Enterprise Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

dnamaca · Apr 22, 2012

C:\Users\Dhinesh\Downloads\HTG.rar probably a variant of Win32/Agent.IWQEPAO trojan deleted - quarantined
C:\Users\Dhinesh\Downloads\MsgPlusLive-485.exe a variant of Win32/MessengerPlus application cleaned by deleting - quarantined
C:\Users\Dhinesh\Downloads\unlocker1.9.0-x64.exe Win32/Adware.ADON application deleted - quarantined
G:\Downloads\bie764811.iso a variant of Win32/HackKMS.A application deleted - quarantined
G:\Downloads\Alice Madness Returns Proper RELOADED\rld-amre.iso a variant of Win32/Adware.Virtumonde.NCB application deleted - quarantined
G:\Downloads\Dirt 3 SKIDROW\sr-dirt3.iso a variant of Win32/Packed.VMProtect.AAA trojan deleted - quarantined
G:\Downloads\Dirt 3 Update 1 SKIDROW\SKIDROW\paul.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined
G:\Downloads\Test Drive Unlimited 2 Update 5 SKIDROW\SKIDROW\paul.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined
G:\Program Files\TDU2\paul.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined
G:\Program Files (x86)\Codemasters\DiRT 3\paul.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined
G:\Program Files (x86)\EA Games\Alice Madness Returns The Complete Collection\Game\Alice2\Binaries\Win32\rld.dll a variant of Win32/Adware.Virtumonde.NCB application cleaned by deleting - quarantined
G:\Programs\Arcosoft Total Media Theatre 5\fcTMT5Setup.exe a variant of Win32/Inject.NDT trojan cleaned by deleting - quarantined
N:\Random\iso\sr-graw2.iso probably a variant of Win32/Agent.EJLPWZL trojan deleted - quarantined

Broni · Apr 22, 2012

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:
Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]
Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

Double-click OTL.exe to start the program.

Close all other programs apart from OTL as this step will require a reboot

On the OTL main screen, press the CLEANUP button

Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.

Broni · Apr 27, 2012

The issue seems to be resolved.

dnamaca · Apr 28, 2012

Sorry about late response....but here is this

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Dhinesh
->Temp folder emptied: 300866 bytes
->Temporary Internet Files folder emptied: 600315 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 417587203 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 4681 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 159612 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 274173656 bytes

Total Files Cleaned = 661.00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Dhinesh
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Dhinesh
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.40.0 log created on 04232012_214153

Files\Folders moved on Reboot...
File\Folder C:\Users\Dhinesh\AppData\Local\Temp\hsperfdata_Dhinesh\4744 not found!
C:\Users\Dhinesh\AppData\Local\Temp\e4j9146.tmp_dir\exe4jlib.jar moved successfully.
C:\Users\Dhinesh\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Dhinesh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Dhinesh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\25DZPXP4\WhiteListedDomains[1].txt moved successfully.
File\Folder C:\Windows\temp\hsperfdata_DHINESH-PC$\4916 not found!
C:\Windows\temp\e4j67D6.tmp_dir\exe4jlib.jar moved successfully.

Registry entries deleted on Reboot...

Computer seems to be doing fine for now. Thanks a lot

Broni · Apr 28, 2012

You're very welcome

TechSpot

Welcome to TechSpot

Multiple iexplore.exe *32 running when IE isn't open

dnamaca Newcomer, in training Posts: 22

dnamaca Newcomer, in training Posts: 22

dnamaca Newcomer, in training Posts: 22

Broni Malware Annihilator Posts: 39,313 +175

dnamaca Newcomer, in training Posts: 22

dnamaca Newcomer, in training Posts: 22

Broni Malware Annihilator Posts: 39,313 +175

Broni Malware Annihilator Posts: 39,313 +175

dnamaca Newcomer, in training Posts: 22

Broni Malware Annihilator Posts: 39,313 +175

Add New Comment

	Social Login & Guest Posting			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.