Computer's running abysmally slow...no idea what it could be.

Papasmurf89 · Dec 18, 2012

What's up guys,

So as of a few days ago my computer has been running horribly slow. Have no idea what could be wrong with it, haven't visited any uh...shady sites at all. Ran Malwarebytes, Avast, and SUPERAntiSpyware. Only SUPERAntiSpyware found stuff and I got rid of all the bad stuff it found.

One thing that I did notice that was odd was that when I would click on the Start menu button, I wasn't able to select any of my programs on it. I would mouse over them but they wouldn't have the light blue shading around them.

I have a mSi GX640 and am running Windows 7. As requested, here's my HijackThis log:

__________________________________________________

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:31:59 PM, on 12/17/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Users\Pang\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Pang\Local Settings\Apps\F.lux\flux.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\GameOverlayUI.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pang\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=109929&babsrc=HP_ss&mntrId=c21ccad40000000000000022fbc51b34
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pang\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Pang\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [F.lux] "C:\Users\Pang\Local Settings\Apps\F.lux\flux.exe" /noshow
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WDFME (WDFMEService) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
O23 - Service: WDRules (WDRulesService) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13722 bytes

_____________________________________________________________________

And here's my Malwarebytes log:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.16.11

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Pang :: MYCOMP [administrator]

12/17/2012 5:32:42 PM
mbam-log-2012-12-17 (17-32-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237896
Time elapsed: 7 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

________________________________________________________________

Any idea what might be wrong?

Thanks guys!

johnb35 · Dec 18, 2012

You say you don't download bad stuff but I do see remnants of utorrent being installed.

Lets do this so we can get a better idea of whats going on.

1.

Please download and run TDSSkiller

When the program opens, click on the start scan button.

TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.

To remove the infection simply click on the Continue button and TDSSKiller will attempt to clean the infection.

When it has finished cleaning the infection you will see a report stating whether or not it was successful as shown below.

If the log says will be cured after reboot, please reboot the system by pressing the reboot now button.

After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it. Please open the log and copy and paste it back here.

2.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.

Download this file here :

Combofix
When the page loads click on the blue combofix download link next to the BleepingComputer Mirror.
Save the file to your windows desktop. The combofix icon will look like this when it has downloaded to your desktop.
We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:
Close all open Windows including this one.
Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found here.
Once these two steps have been completed, double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.
Please click on I agree on the disclaimer window.
ComboFix will now install itself on to your computer. When it is done, a blue screen will appear as shown below.
ComboFix is now preparing to run. When it has finished ComboFix will automatically attempt to create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration. When ComboFix has finished creating the restore point, it will then backup your Windows Registry as shown in the image below.
Once the Windows Registry has finished being backed up, ComboFix will attempt to detect if you have the Windows Recovery Console installed. If you already have it installed, you can skip to this section and continue reading. Otherwise you will see the following message as shown below:
At the above message box, please click on the Yes button in order for ComboFix to continue. Please follow the steps and instructions given by ComboFix in order to finish the installation of the Recovery Console.
Please click on yes in the next window to continue scanning for malware.
ComboFix will now disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings. You will also see the text in the ComboFix window being updated as it goes through the various stages of its scan. An example of this can be seen below.
When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
When ComboFix has finished, it will automatically close the program and change your clock back to its original format. It will then display the log file automatically for you.
Now you just click on the edit menu and click on select all, then click on the edit menu again and click on copy. Then come to the forum in your reply and right click on your mouse and click on paste.

In your next reply please post:

The ComboFix log
A fresh HiJackThis log
An update on how your computer is running

Papasmurf89 · Dec 18, 2012

I guess this goes to show my naivete but I was not aware you could get viruses from torrents. When I said that I hadn't been to any "bad" sites I was referring to porn sites or other sites known for having viruses.

Anyways, thanks for the help.

The TDSS scan didn't find anything but here's the report:

22:57:06.0745 5860 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:57:08.0254 5860 ============================================================
22:57:08.0254 5860 Current date / time: 2012/12/17 22:57:08.0254
22:57:08.0254 5860 SystemInfo:
22:57:08.0254 5860
22:57:08.0254 5860 OS Version: 6.1.7600 ServicePack: 0.0
22:57:08.0254 5860 Product type: Workstation
22:57:08.0255 5860 ComputerName: MYCOMP
22:57:08.0255 5860 UserName: Pang
22:57:08.0255 5860 Windows directory: C:\windows
22:57:08.0255 5860 System windows directory: C:\windows
22:57:08.0255 5860 Running under WOW64
22:57:08.0255 5860 Processor architecture: Intel x64
22:57:08.0255 5860 Number of processors: 4
22:57:08.0255 5860 Page size: 0x1000
22:57:08.0255 5860 Boot type: Normal boot
22:57:08.0255 5860 ============================================================
22:57:10.0722 5860 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:57:10.0827 5860 ============================================================
22:57:10.0827 5860 \Device\Harddisk0\DR0:
22:57:10.0830 5860 MBR partitions:
22:57:10.0830 5860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x222CB800
22:57:10.0830 5860 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23AFE000, BlocksNum 0x16887800
22:57:10.0830 5860 ============================================================
22:57:10.0960 5860 C: <-> \Device\Harddisk0\DR0\Partition1
22:57:11.0000 5860 D: <-> \Device\Harddisk0\DR0\Partition2
22:57:11.0061 5860 ============================================================
22:57:11.0061 5860 Initialize success
22:57:11.0061 5860 ============================================================
22:57:14.0629 5752 ============================================================
22:57:14.0629 5752 Scan started
22:57:14.0629 5752 Mode: Manual;
22:57:14.0629 5752 ============================================================
22:57:16.0737 5752 ================ Scan system memory ========================
22:57:16.0737 5752 System memory - ok
22:57:16.0737 5752 ================ Scan services =============================
22:57:16.0862 5752 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:57:16.0866 5752 !SASCORE - ok
22:57:17.0010 5752 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
22:57:17.0036 5752 1394ohci - ok
22:57:17.0130 5752 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
22:57:17.0133 5752 ACDaemon - ok
22:57:17.0153 5752 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
22:57:17.0158 5752 ACPI - ok
22:57:17.0190 5752 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
22:57:17.0192 5752 AcpiPmi - ok
22:57:17.0473 5752 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:57:17.0489 5752 AdobeFlashPlayerUpdateSvc - ok
22:57:17.0537 5752 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
22:57:17.0545 5752 adp94xx - ok
22:57:17.0573 5752 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
22:57:17.0580 5752 adpahci - ok
22:57:17.0614 5752 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
22:57:17.0618 5752 adpu320 - ok
22:57:17.0642 5752 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
22:57:17.0644 5752 AeLookupSvc - ok
22:57:17.0686 5752 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\windows\system32\drivers\afd.sys
22:57:17.0694 5752 AFD - ok
22:57:17.0731 5752 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
22:57:17.0734 5752 AgereModemAudio - ok
22:57:17.0823 5752 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
22:57:17.0849 5752 AgereSoftModem - ok
22:57:17.0869 5752 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
22:57:17.0871 5752 agp440 - ok
22:57:17.0884 5752 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
22:57:17.0887 5752 ALG - ok
22:57:17.0911 5752 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
22:57:17.0913 5752 aliide - ok
22:57:17.0999 5752 [ 0642A7B1C4B119AE2AAF1AA61CF69668 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
22:57:18.0045 5752 AMD External Events Utility - ok
22:57:18.0083 5752 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
22:57:18.0085 5752 amdide - ok
22:57:18.0101 5752 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
22:57:18.0104 5752 AmdK8 - ok
22:57:18.0294 5752 [ C6C0F73A038FF38EBBD9C16F79F8D3E3 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
22:57:18.0463 5752 amdkmdag - ok
22:57:18.0537 5752 [ 4647D713CFF04FAE4F862B3144725BC1 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
22:57:18.0547 5752 amdkmdap - ok
22:57:18.0572 5752 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
22:57:18.0575 5752 AmdPPM - ok
22:57:18.0591 5752 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
22:57:18.0594 5752 amdsata - ok
22:57:18.0624 5752 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
22:57:18.0628 5752 amdsbs - ok
22:57:18.0651 5752 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
22:57:18.0653 5752 amdxata - ok
22:57:18.0696 5752 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
22:57:18.0699 5752 AppID - ok
22:57:18.0723 5752 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
22:57:18.0725 5752 AppIDSvc - ok
22:57:18.0746 5752 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
22:57:18.0749 5752 Appinfo - ok
22:57:18.0822 5752 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:57:18.0827 5752 Apple Mobile Device - ok
22:57:18.0841 5752 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
22:57:18.0844 5752 arc - ok
22:57:18.0860 5752 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
22:57:18.0863 5752 arcsas - ok
22:57:18.0885 5752 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
22:57:18.0887 5752 ArcSoftKsUFilter - ok
22:57:18.0898 5752 [ CE6D8BCC4787704EA4FEEB92B0D0CAF8 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
22:57:18.0900 5752 aswFsBlk - ok
22:57:19.0003 5752 [ 0DEBEB2E3FBD0BF5343125CCE617F105 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
22:57:19.0006 5752 aswMonFlt - ok
22:57:19.0020 5752 [ 952EDC2E81F85D1781958D4128BF59F8 ] aswRdr C:\windows\system32\drivers\aswRdr.sys
22:57:19.0023 5752 aswRdr - ok
22:57:19.0049 5752 [ DD383E2AC941C545A85AB72503DA6C12 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
22:57:19.0058 5752 aswSnx - ok
22:57:19.0077 5752 [ EF5403FB8B2DCB791EC365FDF6040A4A ] aswSP C:\windows\system32\drivers\aswSP.sys
22:57:19.0083 5752 aswSP - ok
22:57:19.0098 5752 [ 34165DA5C6B30C0F9D61246BF8A28040 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
22:57:19.0101 5752 aswTdi - ok
22:57:19.0119 5752 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
22:57:19.0121 5752 AsyncMac - ok
22:57:19.0144 5752 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
22:57:19.0146 5752 atapi - ok
22:57:19.0196 5752 [ B2C3A8618867404475228F7DD260698B ] athr C:\windows\system32\DRIVERS\athrx.sys
22:57:19.0230 5752 athr - ok
22:57:19.0326 5752 [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
22:57:19.0334 5752 AtiHdmiService - ok
22:57:19.0386 5752 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
22:57:19.0403 5752 AudioEndpointBuilder - ok
22:57:19.0424 5752 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
22:57:19.0428 5752 AudioSrv - ok
22:57:19.0485 5752 [ 996E6D052438E8D8DFD501F31560B2E0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:57:19.0485 5752 avast! Antivirus - ok
22:57:19.0532 5752 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
22:57:19.0535 5752 AxInstSV - ok
22:57:19.0582 5752 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
22:57:19.0589 5752 b06bdrv - ok
22:57:19.0658 5752 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
22:57:19.0663 5752 b57nd60a - ok
22:57:19.0691 5752 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
22:57:19.0693 5752 BDESVC - ok
22:57:19.0714 5752 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
22:57:19.0716 5752 Beep - ok
22:57:19.0752 5752 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
22:57:19.0769 5752 BFE - ok
22:57:19.0847 5752 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\System32\qmgr.dll
22:57:19.0909 5752 BITS - ok
22:57:19.0933 5752 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
22:57:19.0935 5752 blbdrive - ok
22:57:19.0986 5752 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:57:19.0995 5752 Bonjour Service - ok
22:57:20.0033 5752 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
22:57:20.0037 5752 bowser - ok
22:57:20.0052 5752 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
22:57:20.0071 5752 BrFiltLo - ok
22:57:20.0100 5752 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
22:57:20.0102 5752 BrFiltUp - ok
22:57:20.0131 5752 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\windows\System32\browser.dll
22:57:20.0154 5752 Browser - ok
22:57:20.0206 5752 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
22:57:20.0211 5752 Brserid - ok
22:57:20.0225 5752 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
22:57:20.0226 5752 BrSerWdm - ok
22:57:20.0236 5752 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
22:57:20.0238 5752 BrUsbMdm - ok
22:57:20.0249 5752 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
22:57:20.0251 5752 BrUsbSer - ok
22:57:20.0335 5752 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
22:57:20.0356 5752 BthEnum - ok
22:57:20.0386 5752 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
22:57:20.0388 5752 BTHMODEM - ok
22:57:20.0398 5752 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
22:57:20.0402 5752 BthPan - ok
22:57:20.0417 5752 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
22:57:20.0464 5752 BTHPORT - ok
22:57:20.0493 5752 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
22:57:20.0495 5752 bthserv - ok
22:57:20.0525 5752 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
22:57:20.0548 5752 BTHUSB - ok
22:57:20.0597 5752 BTMCOM - ok
22:57:20.0625 5752 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
22:57:20.0628 5752 cdfs - ok
22:57:20.0656 5752 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
22:57:20.0659 5752 cdrom - ok
22:57:20.0683 5752 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
22:57:20.0686 5752 CertPropSvc - ok
22:57:20.0699 5752 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
22:57:20.0702 5752 circlass - ok
22:57:20.0717 5752 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
22:57:20.0723 5752 CLFS - ok
22:57:20.0774 5752 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:57:20.0804 5752 clr_optimization_v2.0.50727_32 - ok
22:57:20.0861 5752 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:57:20.0866 5752 clr_optimization_v2.0.50727_64 - ok
22:57:20.0950 5752 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:57:20.0954 5752 clr_optimization_v4.0.30319_32 - ok
22:57:21.0009 5752 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:57:21.0014 5752 clr_optimization_v4.0.30319_64 - ok
22:57:21.0076 5752 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
22:57:21.0079 5752 CmBatt - ok
22:57:21.0108 5752 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
22:57:21.0109 5752 cmdide - ok
22:57:21.0148 5752 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\windows\system32\Drivers\cng.sys
22:57:21.0173 5752 CNG - ok
22:57:21.0220 5752 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
22:57:21.0222 5752 Compbatt - ok
22:57:21.0240 5752 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
22:57:21.0242 5752 CompositeBus - ok
22:57:21.0275 5752 COMSysApp - ok
22:57:21.0307 5752 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
22:57:21.0312 5752 crcdisk - ok
22:57:21.0380 5752 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\windows\system32\cryptsvc.dll
22:57:21.0384 5752 CryptSvc - ok
22:57:21.0413 5752 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
22:57:21.0422 5752 DcomLaunch - ok
22:57:21.0499 5752 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
22:57:21.0518 5752 defragsvc - ok
22:57:21.0551 5752 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
22:57:21.0555 5752 DfsC - ok
22:57:21.0580 5752 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
22:57:21.0605 5752 Dhcp - ok
22:57:21.0636 5752 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
22:57:21.0638 5752 discache - ok
22:57:21.0681 5752 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
22:57:21.0706 5752 Disk - ok
22:57:21.0745 5752 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
22:57:21.0750 5752 Dnscache - ok
22:57:21.0770 5752 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
22:57:21.0775 5752 dot3svc - ok
22:57:21.0810 5752 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
22:57:21.0815 5752 DPS - ok
22:57:21.0831 5752 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
22:57:21.0833 5752 drmkaud - ok
22:57:21.0881 5752 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
22:57:21.0906 5752 DXGKrnl - ok
22:57:21.0961 5752 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
22:57:21.0964 5752 EapHost - ok
22:57:22.0057 5752 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
22:57:22.0107 5752 ebdrv - ok
22:57:22.0138 5752 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\windows\System32\lsass.exe
22:57:22.0140 5752 EFS - ok
22:57:22.0226 5752 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
22:57:22.0243 5752 ehRecvr - ok
22:57:22.0267 5752 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
22:57:22.0289 5752 ehSched - ok
22:57:22.0333 5752 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\windows\system32\Drivers\ElbyCDIO.sys
22:57:22.0336 5752 ElbyCDIO - ok
22:57:22.0375 5752 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
22:57:22.0383 5752 elxstor - ok
22:57:22.0407 5752 [ A9EC08727C64D985678F5B64C03823F0 ] enecir C:\windows\system32\DRIVERS\enecir.sys
22:57:22.0410 5752 enecir - ok
22:57:22.0436 5752 [ E17EB95358F396E27D573A1B20F891F8 ] enecirhid C:\windows\system32\DRIVERS\enecirhid.sys
22:57:22.0440 5752 enecirhid - ok
22:57:22.0526 5752 [ 8492D808C79BD6FE439F77BE84956CDF ] enecirhidma C:\windows\system32\DRIVERS\enecirhidma.sys
22:57:22.0528 5752 enecirhidma - ok
22:57:22.0542 5752 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
22:57:22.0544 5752 ErrDev - ok
22:57:22.0612 5752 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
22:57:22.0619 5752 EventSystem - ok
22:57:22.0733 5752 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:57:22.0759 5752 EvtEng - ok
22:57:22.0819 5752 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
22:57:22.0824 5752 exfat - ok
22:57:22.0847 5752 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
22:57:22.0852 5752 fastfat - ok
22:57:22.0895 5752 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
22:57:22.0912 5752 Fax - ok
22:57:22.0931 5752 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
22:57:22.0934 5752 fdc - ok
22:57:22.0953 5752 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
22:57:22.0955 5752 fdPHost - ok
22:57:22.0970 5752 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
22:57:22.0972 5752 FDResPub - ok
22:57:22.0995 5752 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
22:57:22.0998 5752 FileInfo - ok
22:57:23.0011 5752 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
22:57:23.0014 5752 Filetrace - ok
22:57:23.0174 5752 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:57:23.0198 5752 FLEXnet Licensing Service - ok
22:57:23.0214 5752 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
22:57:23.0217 5752 flpydisk - ok
22:57:23.0235 5752 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
22:57:23.0241 5752 FltMgr - ok
22:57:23.0337 5752 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\windows\system32\FntCache.dll
22:57:23.0412 5752 FontCache - ok
22:57:23.0443 5752 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:57:23.0477 5752 FontCache3.0.0.0 - ok
22:57:23.0506 5752 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
22:57:23.0509 5752 FsDepends - ok
22:57:23.0582 5752 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
22:57:23.0584 5752 Fs_Rec - ok
22:57:23.0630 5752 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
22:57:23.0634 5752 fvevol - ok
22:57:23.0643 5752 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
22:57:23.0645 5752 gagp30kx - ok
22:57:23.0672 5752 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
22:57:23.0675 5752 GEARAspiWDM - ok
22:57:23.0703 5752 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
22:57:23.0723 5752 gpsvc - ok
22:57:23.0844 5752 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:57:23.0848 5752 gupdate - ok
22:57:23.0865 5752 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:57:23.0866 5752 gupdatem - ok
22:57:23.0895 5752 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
22:57:23.0902 5752 hcw85cir - ok
22:57:23.0935 5752 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:57:23.0941 5752 HdAudAddService - ok
22:57:23.0964 5752 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
22:57:23.0967 5752 HDAudBus - ok
22:57:23.0978 5752 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
22:57:23.0980 5752 HidBatt - ok
22:57:23.0991 5752 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
22:57:23.0993 5752 HidBth - ok
22:57:24.0016 5752 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
22:57:24.0018 5752 HidIr - ok
22:57:24.0038 5752 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
22:57:24.0041 5752 hidserv - ok
22:57:24.0058 5752 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
22:57:24.0061 5752 HidUsb - ok
22:57:24.0118 5752 [ FD1837DEE0A1D7F180D7B301C0656511 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
22:57:24.0141 5752 HiPatchService - ok
22:57:24.0169 5752 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
22:57:24.0173 5752 hkmsvc - ok
22:57:24.0185 5752 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:57:24.0190 5752 HomeGroupListener - ok
22:57:24.0218 5752 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:57:24.0224 5752 HomeGroupProvider - ok
22:57:24.0252 5752 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
22:57:24.0255 5752 HpSAMD - ok
22:57:24.0338 5752 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
22:57:24.0355 5752 HTTP - ok
22:57:24.0363 5752 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
22:57:24.0366 5752 hwpolicy - ok
22:57:24.0392 5752 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
22:57:24.0396 5752 i8042prt - ok
22:57:24.0413 5752 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
22:57:24.0416 5752 iaStor - ok
22:57:24.0472 5752 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:57:24.0476 5752 IAStorDataMgrSvc - ok
22:57:24.0581 5752 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
22:57:24.0677 5752 iaStorV - ok
22:57:24.0812 5752 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:57:24.0834 5752 idsvc - ok
22:57:24.0853 5752 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
22:57:24.0856 5752 iirsp - ok
22:57:24.0907 5752 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
22:57:24.0932 5752 IKEEXT - ok
22:57:25.0062 5752 [ DCF6AFBA140AF3F880A427C2656BE44D ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
22:57:25.0099 5752 IntcAzAudAddService - ok
22:57:25.0130 5752 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
22:57:25.0133 5752 intelide - ok
22:57:25.0161 5752 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
22:57:25.0163 5752 intelppm - ok
22:57:25.0176 5752 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
22:57:25.0180 5752 IPBusEnum - ok
22:57:25.0197 5752 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
22:57:25.0200 5752 IpFilterDriver - ok
22:57:25.0222 5752 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
22:57:25.0237 5752 iphlpsvc - ok
22:57:25.0253 5752 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
22:57:25.0256 5752 IPMIDRV - ok
22:57:25.0301 5752 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
22:57:25.0306 5752 IPNAT - ok
22:57:25.0380 5752 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:57:25.0401 5752 iPod Service - ok
22:57:25.0423 5752 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
22:57:25.0426 5752 IRENUM - ok
22:57:25.0441 5752 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
22:57:25.0444 5752 isapnp - ok
22:57:25.0481 5752 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
22:57:25.0486 5752 iScsiPrt - ok
22:57:25.0532 5752 [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb C:\windows\system32\DRIVERS\ivusb.sys
22:57:25.0554 5752 ivusb - ok
22:57:25.0610 5752 [ 02BD12C2EE52F0849A5D6F9A2FA67B4E ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
22:57:25.0615 5752 JMCR - ok
22:57:25.0640 5752 [ E662CB468A1CFF3A57E120A212FADD57 ] johci C:\windows\system32\DRIVERS\johci.sys
22:57:25.0643 5752 johci - ok
22:57:25.0661 5752 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
22:57:25.0664 5752 kbdclass - ok
22:57:25.0682 5752 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
22:57:25.0685 5752 kbdhid - ok
22:57:25.0694 5752 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\windows\system32\lsass.exe
22:57:25.0697 5752 KeyIso - ok
22:57:25.0727 5752 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
22:57:25.0753 5752 KSecDD - ok
22:57:25.0809 5752 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
22:57:25.0813 5752 KSecPkg - ok
22:57:25.0848 5752 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
22:57:25.0850 5752 ksthunk - ok
22:57:25.0879 5752 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
22:57:25.0887 5752 KtmRm - ok
22:57:25.0921 5752 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\system32\srvsvc.dll
22:57:25.0928 5752 LanmanServer - ok
22:57:25.0955 5752 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:57:25.0961 5752 LanmanWorkstation - ok
22:57:26.0084 5752 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
22:57:26.0091 5752 LBTServ - ok
22:57:26.0134 5752 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\windows\system32\DRIVERS\LHidFilt.Sys
22:57:26.0137 5752 LHidFilt - ok
22:57:26.0155 5752 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
22:57:26.0158 5752 lltdio - ok
22:57:26.0177 5752 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
22:57:26.0183 5752 lltdsvc - ok
22:57:26.0206 5752 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
22:57:26.0210 5752 lmhosts - ok
22:57:26.0216 5752 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\windows\system32\DRIVERS\LMouFilt.Sys
22:57:26.0218 5752 LMouFilt - ok
22:57:26.0241 5752 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
22:57:26.0244 5752 LSI_FC - ok
22:57:26.0257 5752 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
22:57:26.0260 5752 LSI_SAS - ok
22:57:26.0291 5752 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
22:57:26.0293 5752 LSI_SAS2 - ok
22:57:26.0309 5752 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
22:57:26.0312 5752 LSI_SCSI - ok
22:57:26.0331 5752 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
22:57:26.0334 5752 luafv - ok
22:57:26.0366 5752 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\windows\system32\Drivers\LUsbFilt.Sys
22:57:26.0369 5752 LUsbFilt - ok
22:57:26.0378 5752 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
22:57:26.0382 5752 Mcx2Svc - ok
22:57:26.0392 5752 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
22:57:26.0394 5752 megasas - ok
22:57:26.0411 5752 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
22:57:26.0417 5752 MegaSR - ok
22:57:26.0466 5752 MGHwCtrl - ok
22:57:26.0528 5752 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\Program Files (x86)\System Control Manager\MSIService.exe
22:57:26.0532 5752 Micro Star SCM - ok
22:57:26.0629 5752 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:57:26.0661 5752 Microsoft Office Groove Audit Service - ok
22:57:26.0706 5752 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
22:57:26.0712 5752 MMCSS - ok
22:57:26.0732 5752 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
22:57:26.0734 5752 Modem - ok
22:57:26.0746 5752 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
22:57:26.0749 5752 monitor - ok
22:57:26.0775 5752 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
22:57:26.0779 5752 mouclass - ok
22:57:26.0822 5752 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
22:57:26.0825 5752 mouhid - ok
22:57:26.0833 5752 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
22:57:26.0836 5752 mountmgr - ok
22:57:26.0851 5752 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
22:57:26.0855 5752 mpio - ok
22:57:26.0870 5752 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
22:57:26.0872 5752 mpsdrv - ok
22:57:26.0893 5752 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\windows\system32\mpssvc.dll
22:57:26.0911 5752 MpsSvc - ok
22:57:26.0926 5752 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
22:57:26.0930 5752 MRxDAV - ok
22:57:26.0962 5752 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
22:57:26.0983 5752 mrxsmb - ok
22:57:27.0009 5752 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
22:57:27.0015 5752 mrxsmb10 - ok
22:57:27.0029 5752 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
22:57:27.0032 5752 mrxsmb20 - ok
22:57:27.0054 5752 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\windows\system32\DRIVERS\msahci.sys
22:57:27.0056 5752 msahci - ok
22:57:27.0075 5752 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
22:57:27.0079 5752 msdsm - ok
22:57:27.0096 5752 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
22:57:27.0102 5752 MSDTC - ok
22:57:27.0119 5752 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
22:57:27.0122 5752 Msfs - ok
22:57:27.0147 5752 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
22:57:27.0150 5752 mshidkmdf - ok
22:57:27.0159 5752 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
22:57:27.0161 5752 msisadrv - ok
22:57:27.0188 5752 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
22:57:27.0192 5752 MSiSCSI - ok
22:57:27.0196 5752 msiserver - ok
22:57:27.0221 5752 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
22:57:27.0223 5752 MSKSSRV - ok
22:57:27.0233 5752 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
22:57:27.0235 5752 MSPCLOCK - ok
22:57:27.0248 5752 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
22:57:27.0251 5752 MSPQM - ok
22:57:27.0270 5752 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
22:57:27.0276 5752 MsRPC - ok
22:57:27.0292 5752 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
22:57:27.0294 5752 mssmbios - ok
22:57:27.0298 5752 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
22:57:27.0299 5752 MSTEE - ok
22:57:27.0328 5752 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
22:57:27.0330 5752 MTConfig - ok
22:57:27.0350 5752 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
22:57:27.0353 5752 Mup - ok
22:57:27.0376 5752 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
22:57:27.0393 5752 napagent - ok
22:57:27.0425 5752 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
22:57:27.0430 5752 NativeWifiP - ok
22:57:27.0500 5752 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
22:57:27.0549 5752 NDIS - ok
22:57:27.0607 5752 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
22:57:27.0610 5752 NdisCap - ok
22:57:27.0627 5752 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
22:57:27.0630 5752 NdisTapi - ok
22:57:27.0643 5752 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
22:57:27.0646 5752 Ndisuio - ok
22:57:27.0659 5752 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
22:57:27.0664 5752 NdisWan - ok
22:57:27.0674 5752 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
22:57:27.0677 5752 NDProxy - ok
22:57:27.0690 5752 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
22:57:27.0693 5752 NetBIOS - ok
22:57:27.0703 5752 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
22:57:27.0708 5752 NetBT - ok
22:57:27.0715 5752 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\windows\system32\lsass.exe
22:57:27.0718 5752 Netlogon - ok
22:57:27.0755 5752 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
22:57:27.0762 5752 Netman - ok
22:57:27.0814 5752 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
22:57:27.0822 5752 netprofm - ok
22:57:27.0859 5752 [ B6E1BF8DBFF4B18F1A2D65DA6E40BC7C ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
22:57:27.0879 5752 netr28x - ok
22:57:27.0932 5752 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:57:27.0935 5752 NetTcpPortSharing - ok
22:57:28.0203 5752 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys
22:57:28.0351 5752 NETw5s64 - ok
22:57:28.0393 5752 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
22:57:28.0396 5752 nfrd960 - ok
22:57:28.0434 5752 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
22:57:28.0440 5752 NlaSvc - ok
22:57:28.0459 5752 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
22:57:28.0462 5752 Npfs - ok
22:57:28.0475 5752 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
22:57:28.0478 5752 nsi - ok
22:57:28.0486 5752 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
22:57:28.0488 5752 nsiproxy - ok
22:57:28.0541 5752 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
22:57:28.0608 5752 Ntfs - ok
22:57:28.0642 5752 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
22:57:28.0648 5752 Null - ok
22:57:28.0735 5752 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
22:57:28.0740 5752 nvraid - ok
22:57:28.0753 5752 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
22:57:28.0757 5752 nvstor - ok
22:57:28.0795 5752 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
22:57:28.0798 5752 nv_agp - ok
22:57:28.0840 5752 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:57:28.0853 5752 odserv - ok
22:57:28.0862 5752 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
22:57:28.0864 5752 ohci1394 - ok
22:57:28.0907 5752 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:57:28.0912 5752 ose - ok
22:57:28.0945 5752 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
22:57:28.0953 5752 p2pimsvc - ok
22:57:28.0978 5752 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
22:57:28.0987 5752 p2psvc - ok
22:57:29.0001 5752 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
22:57:29.0004 5752 Parport - ok
22:57:29.0039 5752 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\windows\system32\drivers\partmgr.sys
22:57:29.0042 5752 partmgr - ok
22:57:29.0089 5752 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
22:57:29.0093 5752 PcaSvc - ok
22:57:29.0129 5752 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
22:57:29.0133 5752 pci - ok
22:57:29.0161 5752 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
22:57:29.0163 5752 pciide - ok
22:57:29.0179 5752 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
22:57:29.0184 5752 pcmcia - ok
22:57:29.0202 5752 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
22:57:29.0205 5752 pcw - ok
22:57:29.0228 5752 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
22:57:29.0244 5752 PEAUTH - ok
22:57:29.0389 5752 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
22:57:29.0404 5752 PerfHost - ok
22:57:29.0532 5752 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
22:57:29.0627 5752 pla - ok
22:57:29.0700 5752 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
22:57:29.0727 5752 PlugPlay - ok
22:57:29.0760 5752 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
22:57:29.0763 5752 PNRPAutoReg - ok
22:57:29.0822 5752 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
22:57:29.0827 5752 PNRPsvc - ok
22:57:29.0920 5752 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
22:57:29.0977 5752 PolicyAgent - ok
22:57:30.0052 5752 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
22:57:30.0060 5752 Power - ok
22:57:30.0116 5752 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
22:57:30.0120 5752 PptpMiniport - ok
22:57:30.0150 5752 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
22:57:30.0156 5752 Processor - ok
22:57:30.0231 5752 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\windows\system32\profsvc.dll
22:57:30.0238 5752 ProfSvc - ok
22:57:30.0264 5752 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\windows\system32\lsass.exe
22:57:30.0267 5752 ProtectedStorage - ok
22:57:30.0315 5752 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
22:57:30.0318 5752 Psched - ok
22:57:30.0517 5752 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
22:57:30.0567 5752 ql2300 - ok
22:57:30.0645 5752 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
22:57:30.0651 5752 ql40xx - ok
22:57:30.0721 5752 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
22:57:30.0728 5752 QWAVE - ok
22:57:30.0779 5752 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
22:57:30.0783 5752 QWAVEdrv - ok
22:57:30.0833 5752 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
22:57:30.0840 5752 RasAcd - ok
22:57:30.0886 5752 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
22:57:30.0889 5752 RasAgileVpn - ok
22:57:30.0949 5752 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
22:57:30.0955 5752 RasAuto - ok
22:57:30.0968 5752 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
22:57:30.0975 5752 Rasl2tp - ok
22:57:31.0011 5752 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
22:57:31.0021 5752 RasMan - ok
22:57:31.0049 5752 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
22:57:31.0052 5752 RasPppoe - ok
22:57:31.0067 5752 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
22:57:31.0069 5752 RasSstp - ok
22:57:31.0086 5752 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
22:57:31.0093 5752 rdbss - ok
22:57:31.0103 5752 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
22:57:31.0105 5752 rdpbus - ok
22:57:31.0133 5752 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
22:57:31.0152 5752 RDPCDD - ok
22:57:31.0178 5752 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
22:57:31.0180 5752 RDPENCDD - ok
22:57:31.0196 5752 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
22:57:31.0199 5752 RDPREFMP - ok
22:57:31.0232 5752 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
22:57:31.0256 5752 RDPWD - ok
22:57:31.0305 5752 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
22:57:31.0309 5752 rdyboost - ok
22:57:31.0546 5752 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:57:31.0567 5752 RegSrvc - ok
22:57:31.0708 5752 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
22:57:31.0717 5752 RemoteAccess - ok
22:57:31.0737 5752 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
22:57:31.0742 5752 RemoteRegistry - ok
22:57:31.0828 5752 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
22:57:31.0832 5752 RFCOMM - ok
22:57:31.0859 5752 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
22:57:31.0863 5752 RpcEptMapper - ok
22:57:31.0889 5752 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
22:57:31.0892 5752 RpcLocator - ok
22:57:31.0913 5752 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
22:57:31.0917 5752 RpcSs - ok
22:57:31.0943 5752 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
22:57:31.0946 5752 rspndr - ok
22:57:31.0983 5752 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys
22:57:31.0986 5752 RTHDMIAzAudService - ok
22:57:32.0045 5752 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
22:57:32.0051 5752 RTL8167 - ok
22:57:32.0063 5752 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\windows\system32\lsass.exe
22:57:32.0067 5752 SamSs - ok
22:57:32.0123 5752 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:57:32.0152 5752 SASDIFSV - ok
22:57:32.0175 5752 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:57:32.0177 5752 SASKUTIL - ok
22:57:32.0209 5752 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
22:57:32.0212 5752 sbp2port - ok
22:57:32.0240 5752 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
22:57:32.0246 5752 SCardSvr - ok
22:57:32.0262 5752 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
22:57:32.0266 5752 scfilter - ok
22:57:32.0315 5752 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
22:57:32.0340 5752 Schedule - ok
22:57:32.0364 5752 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
22:57:32.0365 5752 SCPolicySvc - ok
22:57:32.0384 5752 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
22:57:32.0409 5752 sdbus - ok
22:57:32.0421 5752 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
22:57:32.0427 5752 SDRSVC - ok
22:57:32.0509 5752 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:57:32.0533 5752 SeaPort - ok
22:57:32.0569 5752 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
22:57:32.0571 5752 secdrv - ok
22:57:32.0586 5752 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
22:57:32.0590 5752 seclogon - ok
22:57:32.0607 5752 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
22:57:32.0612 5752 SENS - ok
22:57:32.0637 5752 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
22:57:32.0641 5752 SensrSvc - ok
22:57:32.0684 5752 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
22:57:32.0686 5752 Serenum - ok
22:57:32.0725 5752 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
22:57:32.0727 5752 Serial - ok
22:57:32.0803 5752 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
22:57:32.0806 5752 sermouse - ok
22:57:32.0865 5752 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
22:57:32.0869 5752 SessionEnv - ok
22:57:32.0907 5752 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
22:57:32.0909 5752 sffdisk - ok
22:57:32.0918 5752 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
22:57:32.0920 5752 sffp_mmc - ok
22:57:32.0931 5752 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
22:57:32.0933 5752 sffp_sd - ok
22:57:32.0945 5752 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
22:57:32.0948 5752 sfloppy - ok
22:57:32.0988 5752 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
22:57:33.0006 5752 SharedAccess - ok
22:57:33.0021 5752 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:57:33.0029 5752 ShellHWDetection - ok
22:57:33.0046 5752 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
22:57:33.0048 5752 SiSRaid2 - ok
22:57:33.0065 5752 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
22:57:33.0069 5752 SiSRaid4 - ok
22:57:33.0148 5752 [ D0C0B700152B1F610F10B356483B3401 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:57:33.0152 5752 SkypeUpdate - ok
22:57:33.0186 5752 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
22:57:33.0189 5752 Smb - ok
22:57:33.0230 5752 [ AA59BA9348EBDEB455027C455538A08E ] smserial C:\windows\system32\DRIVERS\smserial.sys
22:57:33.0254 5752 smserial - ok
22:57:33.0313 5752 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
22:57:33.0317 5752 SNMPTRAP - ok
22:57:33.0336 5752 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
22:57:33.0339 5752 spldr - ok
22:57:33.0378 5752 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\windows\System32\spoolsv.exe
22:57:33.0443 5752 Spooler - ok
22:57:33.0504 5752 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
22:57:33.0565 5752 sppsvc - ok
22:57:33.0575 5752 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
22:57:33.0583 5752 sppuinotify - ok
22:57:33.0641 5752 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
22:57:33.0649 5752 srv - ok
22:57:33.0668 5752 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
22:57:33.0675 5752 srv2 - ok
22:57:33.0703 5752 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
22:57:33.0707 5752 srvnet - ok
22:57:33.0737 5752 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
22:57:33.0743 5752 SSDPSRV - ok
22:57:33.0753 5752 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
22:57:33.0757 5752 SstpSvc - ok
22:57:33.0883 5752 Steam Client Service - ok
22:57:33.0905 5752 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
22:57:33.0908 5752 stexstor - ok
22:57:33.0947 5752 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
22:57:33.0972 5752 stisvc - ok
22:57:33.0983 5752 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
22:57:33.0986 5752 swenum - ok
22:57:34.0007 5752 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
22:57:34.0031 5752 swprv - ok
22:57:34.0078 5752 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
22:57:34.0133 5752 SysMain - ok
22:57:34.0147 5752 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
22:57:34.0153 5752 TabletInputService - ok
22:57:34.0166 5752 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
22:57:34.0175 5752 TapiSrv - ok
22:57:34.0184 5752 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
22:57:34.0190 5752 TBS - ok
22:57:34.0246 5752 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
22:57:34.0353 5752 Tcpip - ok
22:57:34.0416 5752 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
22:57:34.0464 5752 TCPIP6 - ok
22:57:34.0486 5752 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
22:57:34.0489 5752 tcpipreg - ok
22:57:34.0502 5752 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
22:57:34.0504 5752 TDPIPE - ok
22:57:34.0534 5752 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
22:57:34.0536 5752 TDTCP - ok
22:57:34.0558 5752 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
22:57:34.0561 5752 tdx - ok
22:57:34.0574 5752 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
22:57:34.0578 5752 TermDD - ok
22:57:34.0623 5752 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
22:57:34.0649 5752 TermService - ok
22:57:34.0665 5752 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
22:57:34.0670 5752 Themes - ok
22:57:34.0684 5752 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
22:57:34.0690 5752 THREADORDER - ok
22:57:34.0705 5752 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
22:57:34.0710 5752 TrkWks - ok
22:57:34.0769 5752 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
22:57:34.0774 5752 TrustedInstaller - ok
22:57:34.0807 5752 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
22:57:34.0809 5752 tssecsrv - ok
22:57:34.0834 5752 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
22:57:34.0837 5752 tunnel - ok
22:57:34.0853 5752 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
22:57:34.0856 5752 uagp35 - ok
22:57:34.0886 5752 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\windows\system32\DRIVERS\udfs.sys
22:57:34.0893 5752 udfs - ok
22:57:34.0910 5752 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
22:57:34.0914 5752 UI0Detect - ok
22:57:34.0946 5752 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
22:57:34.0948 5752 uliagpkx - ok
22:57:34.0973 5752 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
22:57:34.0975 5752 umbus - ok
22:57:34.0987 5752 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
22:57:34.0990 5752 UmPass - ok
22:57:35.0009 5752 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
22:57:35.0017 5752 upnphost - ok
22:57:35.0042 5752 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
22:57:35.0046 5752 usbccgp - ok
22:57:35.0069 5752 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
22:57:35.0071 5752 usbcir - ok
22:57:35.0089 5752 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\windows\system32\drivers\usbehci.sys
22:57:35.0113 5752 usbehci - ok

Papasmurf89 · Dec 18, 2012

22:57:35.0148 5752 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
22:57:35.0155 5752 usbhub - ok
22:57:35.0171 5752 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\windows\system32\drivers\usbohci.sys
22:57:35.0174 5752 usbohci - ok
22:57:35.0195 5752 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
22:57:35.0198 5752 usbprint - ok
22:57:35.0225 5752 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
22:57:35.0247 5752 usbscan - ok
22:57:35.0302 5752 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
22:57:35.0324 5752 USBSTOR - ok
22:57:35.0345 5752 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\windows\system32\drivers\usbuhci.sys
22:57:35.0347 5752 usbuhci - ok
22:57:35.0406 5752 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
22:57:35.0411 5752 usbvideo - ok
22:57:35.0426 5752 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
22:57:35.0430 5752 UxSms - ok
22:57:35.0445 5752 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\windows\system32\lsass.exe
22:57:35.0448 5752 VaultSvc - ok
22:57:35.0473 5752 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\windows\system32\DRIVERS\VClone.sys
22:57:35.0476 5752 VClone - ok
22:57:35.0509 5752 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
22:57:35.0512 5752 vdrvroot - ok
22:57:35.0543 5752 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
22:57:35.0561 5752 vds - ok
22:57:35.0604 5752 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
22:57:35.0607 5752 vga - ok
22:57:35.0641 5752 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
22:57:35.0647 5752 VgaSave - ok
22:57:35.0679 5752 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
22:57:35.0683 5752 vhdmp - ok
22:57:35.0709 5752 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
22:57:35.0711 5752 viaide - ok
22:57:35.0722 5752 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
22:57:35.0724 5752 volmgr - ok
22:57:35.0743 5752 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
22:57:35.0750 5752 volmgrx - ok
22:57:35.0797 5752 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\windows\system32\drivers\volsnap.sys
22:57:35.0803 5752 volsnap - ok
22:57:35.0835 5752 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
22:57:35.0840 5752 vsmraid - ok
22:57:35.0930 5752 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
22:57:35.0963 5752 VSS - ok
22:57:35.0977 5752 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
22:57:35.0980 5752 vwifibus - ok
22:57:35.0994 5752 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
22:57:35.0996 5752 vwififlt - ok
22:57:36.0020 5752 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
22:57:36.0037 5752 W32Time - ok
22:57:36.0054 5752 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
22:57:36.0057 5752 WacomPen - ok
22:57:36.0084 5752 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
22:57:36.0119 5752 WANARP - ok
22:57:36.0123 5752 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
22:57:36.0126 5752 Wanarpv6 - ok
22:57:36.0213 5752 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
22:57:36.0247 5752 WatAdminSvc - ok
22:57:36.0335 5752 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
22:57:36.0481 5752 wbengine - ok
22:57:36.0539 5752 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
22:57:36.0546 5752 WbioSrvc - ok
22:57:36.0575 5752 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
22:57:36.0583 5752 wcncsvc - ok
22:57:36.0599 5752 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
22:57:36.0608 5752 WcsPlugInService - ok
22:57:36.0626 5752 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
22:57:36.0633 5752 Wd - ok
22:57:36.0710 5752 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\windows\system32\DRIVERS\wdcsam64.sys
22:57:36.0720 5752 WDC_SAM - ok
22:57:36.0854 5752 [ 7DEDECC376B29A973A0F3384D135F2DA ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
22:57:36.0861 5752 WDDMService - ok
22:57:36.0993 5752 [ B5B84712111414DD1B14C2346E9868BE ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
22:57:36.0997 5752 WDDriveService - ok
22:57:37.0034 5752 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
22:57:37.0051 5752 Wdf01000 - ok
22:57:37.0129 5752 [ 8E798F577A684A5F1E464D954C6C7F1E ] WDFMEService C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
22:57:37.0164 5752 WDFMEService - ok
22:57:37.0188 5752 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
22:57:37.0194 5752 WdiServiceHost - ok
22:57:37.0197 5752 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
22:57:37.0200 5752 WdiSystemHost - ok
22:57:37.0262 5752 [ 65D571576E366067C22F22B3E919EF8C ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
22:57:37.0296 5752 WDRulesService - ok
22:57:37.0328 5752 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
22:57:37.0335 5752 WebClient - ok
22:57:37.0351 5752 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
22:57:37.0358 5752 Wecsvc - ok
22:57:37.0372 5752 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
22:57:37.0377 5752 wercplsupport - ok
22:57:37.0397 5752 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
22:57:37.0402 5752 WerSvc - ok
22:57:37.0427 5752 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
22:57:37.0429 5752 WfpLwf - ok
22:57:37.0442 5752 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
22:57:37.0444 5752 WIMMount - ok
22:57:37.0469 5752 WinDefend - ok
22:57:37.0473 5752 WinHttpAutoProxySvc - ok
22:57:37.0524 5752 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
22:57:37.0555 5752 Winmgmt - ok
22:57:37.0614 5752 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
22:57:37.0668 5752 WinRM - ok
22:57:37.0785 5752 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
22:57:37.0807 5752 WinUsb - ok
22:57:37.0846 5752 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
22:57:37.0860 5752 Wlansvc - ok
22:57:37.0971 5752 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:57:38.0063 5752 wlidsvc - ok
22:57:38.0111 5752 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
22:57:38.0113 5752 WmiAcpi - ok
22:57:38.0137 5752 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
22:57:38.0142 5752 wmiApSrv - ok
22:57:38.0178 5752 WMPNetworkSvc - ok
22:57:38.0197 5752 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
22:57:38.0202 5752 WPCSvc - ok
22:57:38.0221 5752 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
22:57:38.0226 5752 WPDBusEnum - ok
22:57:38.0254 5752 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
22:57:38.0256 5752 ws2ifsl - ok
22:57:38.0316 5752 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\System32\wscsvc.dll
22:57:38.0324 5752 wscsvc - ok
22:57:38.0330 5752 WSearch - ok
22:57:38.0419 5752 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
22:57:38.0509 5752 wuauserv - ok
22:57:38.0703 5752 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
22:57:38.0710 5752 WudfPf - ok
22:57:38.0777 5752 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
22:57:38.0780 5752 WUDFRd - ok
22:57:38.0825 5752 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
22:57:38.0876 5752 wudfsvc - ok
22:57:38.0908 5752 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
22:57:38.0924 5752 WwanSvc - ok
22:57:38.0979 5752 ================ Scan global ===============================
22:57:38.0995 5752 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
22:57:39.0045 5752 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\windows\system32\winsrv.dll
22:57:39.0118 5752 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\windows\system32\winsrv.dll
22:57:39.0149 5752 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
22:57:39.0168 5752 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
22:57:39.0186 5752 [Global] - ok
22:57:39.0187 5752 ================ Scan MBR ==================================
22:57:39.0203 5752 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:57:39.0483 5752 \Device\Harddisk0\DR0 - ok
22:57:39.0484 5752 ================ Scan VBR ==================================
22:57:39.0495 5752 [ CC7CB5581600994C7C9564B0027B6A7C ] \Device\Harddisk0\DR0\Partition1
22:57:39.0500 5752 \Device\Harddisk0\DR0\Partition1 - ok
22:57:39.0533 5752 [ 356B07735AFDBCB2464D9D7507A2B488 ] \Device\Harddisk0\DR0\Partition2
22:57:39.0536 5752 \Device\Harddisk0\DR0\Partition2 - ok
22:57:39.0537 5752 ============================================================
22:57:39.0537 5752 Scan finished
22:57:39.0537 5752 ============================================================
22:57:39.0548 5240 Detected object count: 0
22:57:39.0548 5240 Actual detected object count: 0
22:58:39.0015 5936 ============================================================
22:58:39.0016 5936 Scan started
22:58:39.0016 5936 Mode: Manual;
22:58:39.0016 5936 ============================================================
22:58:39.0571 5936 ================ Scan system memory ========================
22:58:39.0571 5936 System memory - ok
22:58:39.0572 5936 ================ Scan services =============================
22:58:39.0715 5936 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:58:39.0717 5936 !SASCORE - ok
22:58:40.0521 5936 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
22:58:40.0524 5936 1394ohci - ok
22:58:40.0600 5936 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
22:58:40.0601 5936 ACDaemon - ok
22:58:40.0647 5936 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
22:58:40.0649 5936 ACPI - ok
22:58:40.0684 5936 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
22:58:40.0685 5936 AcpiPmi - ok
22:58:40.0882 5936 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:58:40.0884 5936 AdobeFlashPlayerUpdateSvc - ok
22:58:40.0916 5936 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
22:58:40.0919 5936 adp94xx - ok
22:58:40.0935 5936 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
22:58:40.0937 5936 adpahci - ok
22:58:40.0951 5936 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
22:58:40.0952 5936 adpu320 - ok
22:58:40.0979 5936 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
22:58:40.0980 5936 AeLookupSvc - ok
22:58:41.0016 5936 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\windows\system32\drivers\afd.sys
22:58:41.0019 5936 AFD - ok
22:58:41.0060 5936 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
22:58:41.0060 5936 AgereModemAudio - ok
22:58:41.0086 5936 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
22:58:41.0092 5936 AgereSoftModem - ok
22:58:41.0107 5936 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
22:58:41.0108 5936 agp440 - ok
22:58:41.0123 5936 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
22:58:41.0123 5936 ALG - ok
22:58:41.0141 5936 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
22:58:41.0141 5936 aliide - ok
22:58:41.0172 5936 [ 0642A7B1C4B119AE2AAF1AA61CF69668 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
22:58:41.0174 5936 AMD External Events Utility - ok
22:58:41.0197 5936 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
22:58:41.0197 5936 amdide - ok
22:58:41.0207 5936 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
22:58:41.0208 5936 AmdK8 - ok
22:58:41.0498 5936 [ C6C0F73A038FF38EBBD9C16F79F8D3E3 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
22:58:41.0537 5936 amdkmdag - ok
22:58:41.0569 5936 [ 4647D713CFF04FAE4F862B3144725BC1 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
22:58:41.0571 5936 amdkmdap - ok
22:58:41.0586 5936 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
22:58:41.0587 5936 AmdPPM - ok
22:58:41.0598 5936 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
22:58:41.0599 5936 amdsata - ok
22:58:41.0647 5936 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
22:58:41.0649 5936 amdsbs - ok
22:58:41.0667 5936 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
22:58:41.0667 5936 amdxata - ok
22:58:41.0687 5936 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
22:58:41.0688 5936 AppID - ok
22:58:41.0713 5936 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
22:58:41.0714 5936 AppIDSvc - ok
22:58:41.0729 5936 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
22:58:41.0730 5936 Appinfo - ok
22:58:41.0779 5936 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:58:41.0780 5936 Apple Mobile Device - ok
22:58:41.0799 5936 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
22:58:41.0800 5936 arc - ok
22:58:41.0818 5936 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
22:58:41.0819 5936 arcsas - ok
22:58:41.0834 5936 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
22:58:41.0835 5936 ArcSoftKsUFilter - ok
22:58:41.0847 5936 [ CE6D8BCC4787704EA4FEEB92B0D0CAF8 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
22:58:41.0848 5936 aswFsBlk - ok
22:58:41.0862 5936 [ 0DEBEB2E3FBD0BF5343125CCE617F105 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
22:58:41.0862 5936 aswMonFlt - ok
22:58:41.0895 5936 [ 952EDC2E81F85D1781958D4128BF59F8 ] aswRdr C:\windows\system32\drivers\aswRdr.sys
22:58:41.0896 5936 aswRdr - ok
22:58:41.0916 5936 [ DD383E2AC941C545A85AB72503DA6C12 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
22:58:41.0918 5936 aswSnx - ok
22:58:41.0943 5936 [ EF5403FB8B2DCB791EC365FDF6040A4A ] aswSP C:\windows\system32\drivers\aswSP.sys
22:58:41.0945 5936 aswSP - ok
22:58:41.0956 5936 [ 34165DA5C6B30C0F9D61246BF8A28040 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
22:58:41.0957 5936 aswTdi - ok
22:58:41.0978 5936 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
22:58:41.0978 5936 AsyncMac - ok
22:58:41.0994 5936 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
22:58:41.0995 5936 atapi - ok
22:58:42.0028 5936 [ B2C3A8618867404475228F7DD260698B ] athr C:\windows\system32\DRIVERS\athrx.sys
22:58:42.0035 5936 athr - ok
22:58:42.0053 5936 [ 637E0753BD6DEB8EA5314A5C357EC1A0 ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
22:58:42.0054 5936 AtiHdmiService - ok
22:58:42.0089 5936 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
22:58:42.0092 5936 AudioEndpointBuilder - ok
22:58:42.0114 5936 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
22:58:42.0117 5936 AudioSrv - ok
22:58:42.0187 5936 [ 996E6D052438E8D8DFD501F31560B2E0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:58:42.0187 5936 avast! Antivirus - ok
22:58:42.0201 5936 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
22:58:42.0202 5936 AxInstSV - ok
22:58:42.0233 5936 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
22:58:42.0235 5936 b06bdrv - ok
22:58:42.0269 5936 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
22:58:42.0270 5936 b57nd60a - ok
22:58:42.0286 5936 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
22:58:42.0287 5936 BDESVC - ok
22:58:42.0309 5936 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
22:58:42.0310 5936 Beep - ok
22:58:42.0330 5936 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
22:58:42.0334 5936 BFE - ok
22:58:42.0412 5936 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\System32\qmgr.dll
22:58:42.0418 5936 BITS - ok
22:58:42.0454 5936 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
22:58:42.0454 5936 blbdrive - ok
22:58:42.0522 5936 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:58:42.0524 5936 Bonjour Service - ok
22:58:42.0554 5936 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
22:58:42.0555 5936 bowser - ok
22:58:42.0564 5936 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
22:58:42.0565 5936 BrFiltLo - ok
22:58:42.0579 5936 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
22:58:42.0580 5936 BrFiltUp - ok
22:58:42.0610 5936 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\windows\System32\browser.dll
22:58:42.0611 5936 Browser - ok
22:58:42.0643 5936 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
22:58:42.0645 5936 Brserid - ok
22:58:42.0663 5936 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
22:58:42.0664 5936 BrSerWdm - ok
22:58:42.0674 5936 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
22:58:42.0675 5936 BrUsbMdm - ok
22:58:42.0687 5936 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
22:58:42.0688 5936 BrUsbSer - ok
22:58:42.0715 5936 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
22:58:42.0716 5936 BthEnum - ok
22:58:42.0733 5936 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
22:58:42.0734 5936 BTHMODEM - ok
22:58:42.0746 5936 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
22:58:42.0747 5936 BthPan - ok
22:58:42.0781 5936 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
22:58:42.0789 5936 BTHPORT - ok
22:58:42.0815 5936 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
22:58:42.0816 5936 bthserv - ok
22:58:42.0872 5936 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
22:58:42.0873 5936 BTHUSB - ok
22:58:42.0876 5936 BTMCOM - ok
22:58:42.0905 5936 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
22:58:42.0908 5936 cdfs - ok
22:58:42.0943 5936 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
22:58:42.0944 5936 cdrom - ok
22:58:42.0996 5936 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
22:58:42.0997 5936 CertPropSvc - ok
22:58:43.0029 5936 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
22:58:43.0038 5936 circlass - ok
22:58:43.0080 5936 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
22:58:43.0082 5936 CLFS - ok
22:58:43.0137 5936 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:58:43.0138 5936 clr_optimization_v2.0.50727_32 - ok
22:58:43.0182 5936 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:58:43.0183 5936 clr_optimization_v2.0.50727_64 - ok
22:58:43.0246 5936 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:58:43.0250 5936 clr_optimization_v4.0.30319_32 - ok
22:58:43.0323 5936 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:58:43.0326 5936 clr_optimization_v4.0.30319_64 - ok
22:58:43.0348 5936 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
22:58:43.0353 5936 CmBatt - ok
22:58:43.0396 5936 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
22:58:43.0397 5936 cmdide - ok
22:58:43.0437 5936 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\windows\system32\Drivers\cng.sys
22:58:43.0444 5936 CNG - ok
22:58:43.0459 5936 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
22:58:43.0459 5936 Compbatt - ok
22:58:43.0471 5936 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
22:58:43.0472 5936 CompositeBus - ok
22:58:43.0477 5936 COMSysApp - ok
22:58:43.0488 5936 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
22:58:43.0489 5936 crcdisk - ok
22:58:43.0561 5936 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\windows\system32\cryptsvc.dll
22:58:43.0563 5936 CryptSvc - ok
22:58:43.0586 5936 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
22:58:43.0590 5936 DcomLaunch - ok
22:58:43.0619 5936 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
22:58:43.0624 5936 defragsvc - ok
22:58:43.0658 5936 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
22:58:43.0661 5936 DfsC - ok
22:58:43.0678 5936 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
22:58:43.0685 5936 Dhcp - ok
22:58:43.0694 5936 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
22:58:43.0696 5936 discache - ok
22:58:43.0722 5936 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
22:58:43.0723 5936 Disk - ok
22:58:43.0753 5936 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
22:58:43.0758 5936 Dnscache - ok
22:58:43.0778 5936 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
22:58:43.0783 5936 dot3svc - ok
22:58:43.0802 5936 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
22:58:43.0806 5936 DPS - ok
22:58:43.0822 5936 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
22:58:43.0825 5936 drmkaud - ok
22:58:43.0933 5936 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
22:58:43.0980 5936 DXGKrnl - ok
22:58:44.0011 5936 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
22:58:44.0013 5936 EapHost - ok
22:58:44.0094 5936 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
22:58:44.0155 5936 ebdrv - ok
22:58:44.0179 5936 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\windows\System32\lsass.exe
22:58:44.0182 5936 EFS - ok
22:58:44.0250 5936 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
22:58:44.0267 5936 ehRecvr - ok
22:58:44.0292 5936 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
22:58:44.0294 5936 ehSched - ok
22:58:44.0308 5936 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\windows\system32\Drivers\ElbyCDIO.sys
22:58:44.0309 5936 ElbyCDIO - ok
22:58:44.0341 5936 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
22:58:44.0350 5936 elxstor - ok
22:58:44.0365 5936 [ A9EC08727C64D985678F5B64C03823F0 ] enecir C:\windows\system32\DRIVERS\enecir.sys
22:58:44.0366 5936 enecir - ok
22:58:44.0378 5936 [ E17EB95358F396E27D573A1B20F891F8 ] enecirhid C:\windows\system32\DRIVERS\enecirhid.sys
22:58:44.0379 5936 enecirhid - ok
22:58:44.0394 5936 [ 8492D808C79BD6FE439F77BE84956CDF ] enecirhidma C:\windows\system32\DRIVERS\enecirhidma.sys
22:58:44.0394 5936 enecirhidma - ok
22:58:44.0410 5936 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
22:58:44.0411 5936 ErrDev - ok
22:58:44.0437 5936 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
22:58:44.0440 5936 EventSystem - ok
22:58:44.0577 5936 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:58:44.0584 5936 EvtEng - ok
22:58:44.0604 5936 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
22:58:44.0609 5936 exfat - ok
22:58:44.0624 5936 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
22:58:44.0628 5936 fastfat - ok
22:58:44.0665 5936 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
22:58:44.0684 5936 Fax - ok
22:58:44.0700 5936 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
22:58:44.0702 5936 fdc - ok
22:58:44.0721 5936 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
22:58:44.0724 5936 fdPHost - ok
22:58:44.0739 5936 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
22:58:44.0741 5936 FDResPub - ok
22:58:44.0756 5936 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
22:58:44.0757 5936 FileInfo - ok
22:58:44.0796 5936 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
22:58:44.0800 5936 Filetrace - ok
22:58:44.0905 5936 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:58:44.0929 5936 FLEXnet Licensing Service - ok
22:58:44.0942 5936 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
22:58:44.0943 5936 flpydisk - ok
22:58:44.0962 5936 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
22:58:44.0968 5936 FltMgr - ok
22:58:45.0004 5936 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\windows\system32\FntCache.dll
22:58:45.0031 5936 FontCache - ok
22:58:45.0071 5936 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:58:45.0072 5936 FontCache3.0.0.0 - ok
22:58:45.0085 5936 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
22:58:45.0086 5936 FsDepends - ok
22:58:45.0128 5936 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
22:58:45.0129 5936 Fs_Rec - ok
22:58:45.0167 5936 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
22:58:45.0169 5936 fvevol - ok
22:58:45.0181 5936 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
22:58:45.0182 5936 gagp30kx - ok
22:58:45.0210 5936 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
22:58:45.0211 5936 GEARAspiWDM - ok
22:58:45.0241 5936 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
22:58:45.0265 5936 gpsvc - ok
22:58:45.0332 5936 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:58:45.0336 5936 gupdate - ok
22:58:45.0343 5936 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:58:45.0344 5936 gupdatem - ok
22:58:45.0400 5936 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
22:58:45.0402 5936 hcw85cir - ok
22:58:45.0430 5936 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:58:45.0435 5936 HdAudAddService - ok
22:58:45.0452 5936 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
22:58:45.0455 5936 HDAudBus - ok
22:58:45.0474 5936 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
22:58:45.0476 5936 HidBatt - ok
22:58:45.0495 5936 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
22:58:45.0498 5936 HidBth - ok
22:58:45.0513 5936 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
22:58:45.0515 5936 HidIr - ok
22:58:45.0526 5936 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
22:58:45.0529 5936 hidserv - ok
22:58:45.0546 5936 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
22:58:45.0547 5936 HidUsb - ok
22:58:45.0606 5936 [ FD1837DEE0A1D7F180D7B301C0656511 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
22:58:45.0608 5936 HiPatchService - ok
22:58:45.0625 5936 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
22:58:45.0628 5936 hkmsvc - ok
22:58:45.0648 5936 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:58:45.0655 5936 HomeGroupListener - ok
22:58:45.0681 5936 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:58:45.0684 5936 HomeGroupProvider - ok
22:58:45.0699 5936 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
22:58:45.0699 5936 HpSAMD - ok
22:58:45.0727 5936 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
22:58:45.0744 5936 HTTP - ok
22:58:45.0752 5936 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
22:58:45.0752 5936 hwpolicy - ok
22:58:45.0765 5936 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
22:58:45.0769 5936 i8042prt - ok
22:58:45.0786 5936 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
22:58:45.0811 5936 iaStor - ok
22:58:45.0894 5936 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:58:45.0896 5936 IAStorDataMgrSvc - ok
22:58:45.0919 5936 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
22:58:45.0926 5936 iaStorV - ok
22:58:45.0979 5936 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:58:45.0999 5936 idsvc - ok
22:58:46.0011 5936 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
22:58:46.0012 5936 iirsp - ok
22:58:46.0039 5936 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
22:58:46.0059 5936 IKEEXT - ok
22:58:46.0121 5936 [ DCF6AFBA140AF3F880A427C2656BE44D ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
22:58:46.0132 5936 IntcAzAudAddService - ok
22:58:46.0148 5936 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
22:58:46.0149 5936 intelide - ok
22:58:46.0170 5936 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
22:58:46.0173 5936 intelppm - ok
22:58:46.0186 5936 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
22:58:46.0190 5936 IPBusEnum - ok
22:58:46.0199 5936 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
22:58:46.0201 5936 IpFilterDriver - ok
22:58:46.0223 5936 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
22:58:46.0239 5936 iphlpsvc - ok
22:58:46.0255 5936 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
22:58:46.0257 5936 IPMIDRV - ok
22:58:46.0269 5936 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
22:58:46.0272 5936 IPNAT - ok
22:58:46.0349 5936 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:58:46.0367 5936 iPod Service - ok
22:58:46.0417 5936 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
22:58:46.0419 5936 IRENUM - ok
22:58:46.0435 5936 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
22:58:46.0435 5936 isapnp - ok
22:58:46.0450 5936 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
22:58:46.0455 5936 iScsiPrt - ok
22:58:46.0484 5936 [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb C:\windows\system32\DRIVERS\ivusb.sys
22:58:46.0485 5936 ivusb - ok
22:58:46.0504 5936 [ 02BD12C2EE52F0849A5D6F9A2FA67B4E ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
22:58:46.0505 5936 JMCR - ok
22:58:46.0518 5936 [ E662CB468A1CFF3A57E120A212FADD57 ] johci C:\windows\system32\DRIVERS\johci.sys
22:58:46.0519 5936 johci - ok
22:58:46.0530 5936 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
22:58:46.0531 5936 kbdclass - ok
22:58:46.0544 5936 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
22:58:46.0544 5936 kbdhid - ok
22:58:46.0555 5936 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\windows\system32\lsass.exe
22:58:46.0557 5936 KeyIso - ok
22:58:46.0588 5936 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
22:58:46.0589 5936 KSecDD - ok
22:58:46.0605 5936 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
22:58:46.0606 5936 KSecPkg - ok
22:58:46.0618 5936 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
22:58:46.0620 5936 ksthunk - ok
22:58:46.0648 5936 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
22:58:46.0655 5936 KtmRm - ok
22:58:46.0691 5936 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\system32\srvsvc.dll
22:58:46.0698 5936 LanmanServer - ok
22:58:46.0734 5936 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:58:46.0739 5936 LanmanWorkstation - ok
22:58:46.0838 5936 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
22:58:46.0840 5936 LBTServ - ok
22:58:46.0871 5936 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\windows\system32\DRIVERS\LHidFilt.Sys
22:58:46.0872 5936 LHidFilt - ok
22:58:46.0893 5936 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
22:58:46.0895 5936 lltdio - ok
22:58:46.0914 5936 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
22:58:46.0921 5936 lltdsvc - ok
22:58:46.0936 5936 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
22:58:46.0939 5936 lmhosts - ok
22:58:46.0947 5936 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\windows\system32\DRIVERS\LMouFilt.Sys
22:58:46.0948 5936 LMouFilt - ok
22:58:46.0970 5936 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
22:58:46.0971 5936 LSI_FC - ok
22:58:46.0987 5936 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
22:58:46.0988 5936 LSI_SAS - ok
22:58:47.0004 5936 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
22:58:47.0005 5936 LSI_SAS2 - ok
22:58:47.0022 5936 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
22:58:47.0023 5936 LSI_SCSI - ok
22:58:47.0044 5936 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
22:58:47.0047 5936 luafv - ok
22:58:47.0070 5936 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\windows\system32\Drivers\LUsbFilt.Sys
22:58:47.0071 5936 LUsbFilt - ok
22:58:47.0083 5936 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
22:58:47.0087 5936 Mcx2Svc - ok
22:58:47.0097 5936 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
22:58:47.0097 5936 megasas - ok
22:58:47.0116 5936 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
22:58:47.0121 5936 MegaSR - ok
22:58:47.0154 5936 MGHwCtrl - ok
22:58:47.0216 5936 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\Program Files (x86)\System Control Manager\MSIService.exe
22:58:47.0220 5936 Micro Star SCM - ok
22:58:47.0284 5936 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:58:47.0286 5936 Microsoft Office Groove Audit Service - ok
22:58:47.0303 5936 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
22:58:47.0307 5936 MMCSS - ok
22:58:47.0321 5936 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
22:58:47.0323 5936 Modem - ok
22:58:47.0335 5936 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
22:58:47.0336 5936 monitor - ok
22:58:47.0348 5936 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
22:58:47.0349 5936 mouclass - ok
22:58:47.0387 5936 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
22:58:47.0387 5936 mouhid - ok
22:58:47.0397 5936 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
22:58:47.0398 5936 mountmgr - ok
22:58:47.0416 5936 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
22:58:47.0417 5936 mpio - ok
22:58:47.0434 5936 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
22:58:47.0437 5936 mpsdrv - ok
22:58:47.0491 5936 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\windows\system32\mpssvc.dll
22:58:47.0533 5936 MpsSvc - ok
22:58:47.0564 5936 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
22:58:47.0567 5936 MRxDAV - ok
22:58:47.0601 5936 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
22:58:47.0605 5936 mrxsmb - ok
22:58:47.0624 5936 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
22:58:47.0629 5936 mrxsmb10 - ok
22:58:47.0643 5936 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
22:58:47.0649 5936 mrxsmb20 - ok
22:58:47.0669 5936 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\windows\system32\DRIVERS\msahci.sys
22:58:47.0669 5936 msahci - ok
22:58:47.0688 5936 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
22:58:47.0690 5936 msdsm - ok
22:58:47.0702 5936 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
22:58:47.0707 5936 MSDTC - ok
22:58:47.0725 5936 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
22:58:47.0728 5936 Msfs - ok
22:58:47.0744 5936 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
22:58:47.0747 5936 mshidkmdf - ok
22:58:47.0756 5936 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
22:58:47.0757 5936 msisadrv - ok
22:58:47.0777 5936 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
22:58:47.0782 5936 MSiSCSI - ok
22:58:47.0786 5936 msiserver - ok
22:58:47.0801 5936 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
22:58:47.0804 5936 MSKSSRV - ok
22:58:47.0822 5936 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
22:58:47.0824 5936 MSPCLOCK - ok
22:58:47.0837 5936 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
22:58:47.0839 5936 MSPQM - ok
22:58:47.0872 5936 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
22:58:47.0878 5936 MsRPC - ok
22:58:47.0889 5936 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
22:58:47.0890 5936 mssmbios - ok
22:58:47.0894 5936 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
22:58:47.0896 5936 MSTEE - ok
22:58:47.0925 5936 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
22:58:47.0927 5936 MTConfig - ok
22:58:47.0939 5936 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
22:58:47.0940 5936 Mup - ok
22:58:47.0965 5936 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
22:58:47.0974 5936 napagent - ok
22:58:47.0989 5936 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
22:58:47.0995 5936 NativeWifiP - ok
22:58:48.0022 5936 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
22:58:48.0027 5936 NDIS - ok
22:58:48.0040 5936 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
22:58:48.0043 5936 NdisCap - ok
22:58:48.0053 5936 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
22:58:48.0055 5936 NdisTapi - ok
22:58:48.0068 5936 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
22:58:48.0071 5936 Ndisuio - ok
22:58:48.0085 5936 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
22:58:48.0089 5936 NdisWan - ok
22:58:48.0099 5936 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
22:58:48.0101 5936 NDProxy - ok
22:58:48.0116 5936 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
22:58:48.0118 5936 NetBIOS - ok
22:58:48.0136 5936 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
22:58:48.0141 5936 NetBT - ok
22:58:48.0156 5936 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\windows\system32\lsass.exe
22:58:48.0159 5936 Netlogon - ok
22:58:48.0186 5936 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
22:58:48.0193 5936 Netman - ok
22:58:48.0206 5936 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
22:58:48.0215 5936 netprofm - ok
22:58:48.0243 5936 [ B6E1BF8DBFF4B18F1A2D65DA6E40BC7C ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
22:58:48.0266 5936 netr28x - ok
22:58:48.0291 5936 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:58:48.0293 5936 NetTcpPortSharing - ok
22:58:48.0454 5936 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys
22:58:48.0580 5936 NETw5s64 - ok
22:58:48.0678 5936 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
22:58:48.0679 5936 nfrd960 - ok
22:58:48.0702 5936 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
22:58:48.0710 5936 NlaSvc - ok
22:58:48.0718 5936 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
22:58:48.0720 5936 Npfs - ok
22:58:48.0735 5936 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
22:58:48.0738 5936 nsi - ok
22:58:48.0746 5936 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
22:58:48.0748 5936 nsiproxy - ok
22:58:48.0801 5936 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
22:58:48.0829 5936 Ntfs - ok
22:58:48.0844 5936 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
22:58:48.0847 5936 Null - ok
22:58:48.0880 5936 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
22:58:48.0881 5936 nvraid - ok
22:58:48.0898 5936 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
22:58:48.0899 5936 nvstor - ok
22:58:48.0915 5936 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
22:58:48.0916 5936 nv_agp - ok
22:58:48.0976 5936 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:58:48.0983 5936 odserv - ok
22:58:48.0999 5936 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
22:58:49.0001 5936 ohci1394 - ok
22:58:49.0044 5936 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:58:49.0047 5936 ose - ok
22:58:49.0081 5936 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
22:58:49.0088 5936 p2pimsvc - ok
22:58:49.0114 5936 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
22:58:49.0131 5936 p2psvc - ok
22:58:49.0145 5936 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
22:58:49.0149 5936 Parport - ok
22:58:49.0184 5936 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\windows\system32\drivers\partmgr.sys
22:58:49.0185 5936 partmgr - ok
22:58:49.0201 5936 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
22:58:49.0206 5936 PcaSvc - ok
22:58:49.0224 5936 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
22:58:49.0225 5936 pci - ok
22:58:49.0256 5936 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
22:58:49.0256 5936 pciide - ok
22:58:49.0274 5936 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
22:58:49.0278 5936 pcmcia - ok
22:58:49.0297 5936 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
22:58:49.0298 5936 pcw - ok
22:58:49.0322 5936 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
22:58:49.0339 5936 PEAUTH - ok
22:58:49.0460 5936 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
22:58:49.0464 5936 PerfHost - ok
22:58:49.0514 5936 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
22:58:49.0548 5936 pla - ok
22:58:49.0577 5936 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
22:58:49.0587 5936 PlugPlay - ok
22:58:49.0599 5936 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
22:58:49.0604 5936 PNRPAutoReg - ok
22:58:49.0617 5936 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
22:58:49.0621 5936 PNRPsvc - ok
22:58:49.0651 5936 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
22:58:49.0659 5936 PolicyAgent - ok
22:58:49.0701 5936 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
22:58:49.0707 5936 Power - ok
22:58:49.0732 5936 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
22:58:49.0735 5936 PptpMiniport - ok
22:58:49.0750 5936 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
22:58:49.0752 5936 Processor - ok
22:58:49.0789 5936 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\windows\system32\profsvc.dll
22:58:49.0794 5936 ProfSvc - ok
22:58:49.0815 5936 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\windows\system32\lsass.exe
22:58:49.0817 5936 ProtectedStorage - ok
22:58:49.0832 5936 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
22:58:49.0836 5936 Psched - ok
22:58:49.0868 5936 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
22:58:49.0896 5936 ql2300 - ok
22:58:49.0932 5936 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
22:58:49.0933 5936 ql40xx - ok
22:58:49.0991 5936 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
22:58:49.0997 5936 QWAVE - ok
22:58:50.0024 5936 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
22:58:50.0030 5936 QWAVEdrv - ok
22:58:50.0062 5936 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
22:58:50.0064 5936 RasAcd - ok
22:58:50.0090 5936 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
22:58:50.0093 5936 RasAgileVpn - ok
22:58:50.0129 5936 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
22:58:50.0134 5936 RasAuto - ok
22:58:50.0172 5936 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
22:58:50.0175 5936 Rasl2tp - ok
22:58:50.0197 5936 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
22:58:50.0205 5936 RasMan - ok
22:58:50.0220 5936 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
22:58:50.0223 5936 RasPppoe - ok
22:58:50.0238 5936 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
22:58:50.0240 5936 RasSstp - ok
22:58:50.0259 5936 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
22:58:50.0265 5936 rdbss - ok
22:58:50.0282 5936 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
22:58:50.0285 5936 rdpbus - ok
22:58:50.0295 5936 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
22:58:50.0298 5936 RDPCDD - ok
22:58:50.0308 5936 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
22:58:50.0310 5936 RDPENCDD - ok
22:58:50.0319 5936 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
22:58:50.0321 5936 RDPREFMP - ok
22:58:50.0353 5936 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
22:58:50.0358 5936 RDPWD - ok
22:58:50.0377 5936 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
22:58:50.0378 5936 rdyboost - ok
22:58:50.0496 5936 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:58:50.0520 5936 RegSrvc - ok
22:58:50.0541 5936 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
22:58:50.0547 5936 RemoteAccess - ok
22:58:50.0562 5936 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
22:58:50.0569 5936 RemoteRegistry - ok
22:58:50.0587 5936 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
22:58:50.0589 5936 RFCOMM - ok
22:58:50.0609 5936 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
22:58:50.0615 5936 RpcEptMapper - ok
22:58:50.0665 5936 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
22:58:50.0668 5936 RpcLocator - ok
22:58:50.0744 5936 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
22:58:50.0751 5936 RpcSs - ok
22:58:50.0784 5936 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
22:58:50.0787 5936 rspndr - ok
22:58:50.0800 5936 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys
22:58:50.0805 5936 RTHDMIAzAudService - ok
22:58:50.0820 5936 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
22:58:50.0826 5936 RTL8167 - ok
22:58:50.0838 5936 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\windows\system32\lsass.exe
22:58:50.0841 5936 SamSs - ok
22:58:50.0922 5936 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:58:50.0925 5936 SASDIFSV - ok
22:58:50.0933 5936 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:58:50.0935 5936 SASKUTIL - ok
22:58:50.0967 5936 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
22:58:50.0968 5936 sbp2port - ok
22:58:50.0990 5936 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
22:58:50.0996 5936 SCardSvr - ok
22:58:51.0012 5936 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
22:58:51.0015 5936 scfilter - ok
22:58:51.0066 5936 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
22:58:51.0091 5936 Schedule - ok

Papasmurf89 · Dec 18, 2012

22:58:51.0148 5936 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
22:58:51.0149 5936 SCPolicySvc - ok
22:58:51.0159 5936 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
22:58:51.0163 5936 sdbus - ok
22:58:51.0180 5936 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
22:58:51.0187 5936 SDRSVC - ok
22:58:51.0244 5936 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:58:51.0249 5936 SeaPort - ok
22:58:51.0261 5936 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
22:58:51.0264 5936 secdrv - ok
22:58:51.0279 5936 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
22:58:51.0283 5936 seclogon - ok
22:58:51.0300 5936 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
22:58:51.0303 5936 SENS - ok
22:58:51.0313 5936 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
22:58:51.0317 5936 SensrSvc - ok
22:58:51.0327 5936 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
22:58:51.0329 5936 Serenum - ok
22:58:51.0360 5936 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
22:58:51.0362 5936 Serial - ok
22:58:51.0372 5936 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
22:58:51.0378 5936 sermouse - ok
22:58:51.0425 5936 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
22:58:51.0430 5936 SessionEnv - ok
22:58:51.0443 5936 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
22:58:51.0445 5936 sffdisk - ok
22:58:51.0454 5936 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
22:58:51.0456 5936 sffp_mmc - ok
22:58:51.0467 5936 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
22:58:51.0470 5936 sffp_sd - ok
22:58:51.0481 5936 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
22:58:51.0483 5936 sfloppy - ok
22:58:51.0509 5936 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
22:58:51.0516 5936 SharedAccess - ok
22:58:51.0533 5936 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:58:51.0541 5936 ShellHWDetection - ok
22:58:51.0557 5936 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
22:58:51.0558 5936 SiSRaid2 - ok
22:58:51.0568 5936 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
22:58:51.0569 5936 SiSRaid4 - ok
22:58:51.0617 5936 [ D0C0B700152B1F610F10B356483B3401 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:58:51.0621 5936 SkypeUpdate - ok
22:58:51.0639 5936 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
22:58:51.0642 5936 Smb - ok
22:58:51.0674 5936 [ AA59BA9348EBDEB455027C455538A08E ] smserial C:\windows\system32\DRIVERS\smserial.sys
22:58:51.0680 5936 smserial - ok
22:58:51.0717 5936 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
22:58:51.0721 5936 SNMPTRAP - ok
22:58:51.0732 5936 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
22:58:51.0733 5936 spldr - ok
22:58:51.0775 5936 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\windows\System32\spoolsv.exe
22:58:51.0796 5936 Spooler - ok
22:58:51.0907 5936 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
22:58:51.0966 5936 sppsvc - ok
22:58:51.0979 5936 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
22:58:51.0984 5936 sppuinotify - ok
22:58:52.0019 5936 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
22:58:52.0026 5936 srv - ok
22:58:52.0037 5936 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
22:58:52.0043 5936 srv2 - ok
22:58:52.0056 5936 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
22:58:52.0061 5936 srvnet - ok
22:58:52.0073 5936 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
22:58:52.0080 5936 SSDPSRV - ok
22:58:52.0092 5936 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
22:58:52.0096 5936 SstpSvc - ok
22:58:52.0114 5936 Steam Client Service - ok
22:58:52.0135 5936 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
22:58:52.0136 5936 stexstor - ok
22:58:52.0168 5936 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
22:58:52.0185 5936 stisvc - ok
22:58:52.0197 5936 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
22:58:52.0198 5936 swenum - ok
22:58:52.0212 5936 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
22:58:52.0229 5936 swprv - ok
22:58:52.0279 5936 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
22:58:52.0313 5936 SysMain - ok
22:58:52.0328 5936 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
22:58:52.0333 5936 TabletInputService - ok
22:58:52.0347 5936 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
22:58:52.0355 5936 TapiSrv - ok
22:58:52.0365 5936 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
22:58:52.0370 5936 TBS - ok
22:58:52.0435 5936 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
22:58:52.0477 5936 Tcpip - ok
22:58:52.0515 5936 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
22:58:52.0524 5936 TCPIP6 - ok
22:58:52.0560 5936 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
22:58:52.0562 5936 tcpipreg - ok
22:58:52.0575 5936 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
22:58:52.0576 5936 TDPIPE - ok
22:58:52.0600 5936 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
22:58:52.0600 5936 TDTCP - ok
22:58:52.0615 5936 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
22:58:52.0618 5936 tdx - ok
22:58:52.0631 5936 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
22:58:52.0632 5936 TermDD - ok
22:58:52.0655 5936 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
22:58:52.0676 5936 TermService - ok
22:58:52.0690 5936 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
22:58:52.0695 5936 Themes - ok
22:58:52.0733 5936 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
22:58:52.0737 5936 THREADORDER - ok
22:58:52.0770 5936 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
22:58:52.0778 5936 TrkWks - ok
22:58:52.0843 5936 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
22:58:52.0847 5936 TrustedInstaller - ok
22:58:52.0864 5936 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
22:58:52.0866 5936 tssecsrv - ok
22:58:52.0871 5936 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
22:58:52.0875 5936 tunnel - ok
22:58:52.0885 5936 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
22:58:52.0886 5936 uagp35 - ok
22:58:52.0901 5936 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\windows\system32\DRIVERS\udfs.sys
22:58:52.0907 5936 udfs - ok
22:58:52.0926 5936 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
22:58:52.0930 5936 UI0Detect - ok
22:58:52.0962 5936 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
22:58:52.0963 5936 uliagpkx - ok
22:58:52.0980 5936 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
22:58:52.0983 5936 umbus - ok
22:58:52.0995 5936 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
22:58:52.0998 5936 UmPass - ok
22:58:53.0017 5936 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
22:58:53.0025 5936 upnphost - ok
22:58:53.0050 5936 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
22:58:53.0051 5936 usbccgp - ok
22:58:53.0068 5936 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
22:58:53.0071 5936 usbcir - ok
22:58:53.0075 5936 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\windows\system32\drivers\usbehci.sys
22:58:53.0077 5936 usbehci - ok
22:58:53.0107 5936 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
22:58:53.0112 5936 usbhub - ok
22:58:53.0129 5936 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\windows\system32\drivers\usbohci.sys
22:58:53.0132 5936 usbohci - ok
22:58:53.0145 5936 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
22:58:53.0146 5936 usbprint - ok
22:58:53.0175 5936 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
22:58:53.0176 5936 usbscan - ok
22:58:53.0202 5936 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
22:58:53.0203 5936 USBSTOR - ok
22:58:53.0212 5936 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\windows\system32\drivers\usbuhci.sys
22:58:53.0214 5936 usbuhci - ok
22:58:53.0275 5936 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
22:58:53.0281 5936 usbvideo - ok
22:58:53.0302 5936 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
22:58:53.0307 5936 UxSms - ok
22:58:53.0321 5936 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\windows\system32\lsass.exe
22:58:53.0323 5936 VaultSvc - ok
22:58:53.0332 5936 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\windows\system32\DRIVERS\VClone.sys
22:58:53.0333 5936 VClone - ok
22:58:53.0352 5936 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
22:58:53.0353 5936 vdrvroot - ok
22:58:53.0397 5936 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
22:58:53.0434 5936 vds - ok
22:58:53.0455 5936 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
22:58:53.0458 5936 vga - ok
22:58:53.0493 5936 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
22:58:53.0495 5936 VgaSave - ok
22:58:53.0513 5936 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
22:58:53.0515 5936 vhdmp - ok
22:58:53.0544 5936 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
22:58:53.0544 5936 viaide - ok
22:58:53.0556 5936 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
22:58:53.0557 5936 volmgr - ok
22:58:53.0570 5936 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
22:58:53.0577 5936 volmgrx - ok
22:58:53.0608 5936 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\windows\system32\drivers\volsnap.sys
22:58:53.0614 5936 volsnap - ok
22:58:53.0637 5936 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
22:58:53.0638 5936 vsmraid - ok
22:58:53.0681 5936 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
22:58:53.0716 5936 VSS - ok
22:58:53.0730 5936 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
22:58:53.0732 5936 vwifibus - ok
22:58:53.0746 5936 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
22:58:53.0748 5936 vwififlt - ok
22:58:53.0772 5936 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
22:58:53.0788 5936 W32Time - ok
22:58:53.0807 5936 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
22:58:53.0809 5936 WacomPen - ok
22:58:53.0819 5936 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
22:58:53.0822 5936 WANARP - ok
22:58:53.0825 5936 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
22:58:53.0826 5936 Wanarpv6 - ok
22:58:53.0919 5936 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
22:58:53.0945 5936 WatAdminSvc - ok
22:58:54.0009 5936 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
22:58:54.0043 5936 wbengine - ok
22:58:54.0061 5936 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
22:58:54.0067 5936 WbioSrvc - ok
22:58:54.0088 5936 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
22:58:54.0096 5936 wcncsvc - ok
22:58:54.0112 5936 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
22:58:54.0117 5936 WcsPlugInService - ok
22:58:54.0131 5936 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
22:58:54.0132 5936 Wd - ok
22:58:54.0156 5936 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\windows\system32\DRIVERS\wdcsam64.sys
22:58:54.0157 5936 WDC_SAM - ok
22:58:54.0227 5936 [ 7DEDECC376B29A973A0F3384D135F2DA ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
22:58:54.0229 5936 WDDMService - ok
22:58:54.0292 5936 [ B5B84712111414DD1B14C2346E9868BE ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
22:58:54.0293 5936 WDDriveService - ok
22:58:54.0335 5936 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
22:58:54.0358 5936 Wdf01000 - ok
22:58:54.0460 5936 [ 8E798F577A684A5F1E464D954C6C7F1E ] WDFMEService C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
22:58:54.0496 5936 WDFMEService - ok
22:58:54.0520 5936 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
22:58:54.0525 5936 WdiServiceHost - ok
22:58:54.0529 5936 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
22:58:54.0532 5936 WdiSystemHost - ok
22:58:54.0585 5936 [ 65D571576E366067C22F22B3E919EF8C ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
22:58:54.0608 5936 WDRulesService - ok
22:58:54.0634 5936 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
22:58:54.0643 5936 WebClient - ok
22:58:54.0674 5936 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
22:58:54.0682 5936 Wecsvc - ok
22:58:54.0704 5936 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
22:58:54.0709 5936 wercplsupport - ok
22:58:54.0737 5936 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
22:58:54.0742 5936 WerSvc - ok
22:58:54.0758 5936 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
22:58:54.0761 5936 WfpLwf - ok
22:58:54.0773 5936 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
22:58:54.0774 5936 WIMMount - ok
22:58:54.0800 5936 WinDefend - ok
22:58:54.0805 5936 WinHttpAutoProxySvc - ok
22:58:54.0847 5936 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
22:58:54.0852 5936 Winmgmt - ok
22:58:54.0957 5936 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
22:58:54.0992 5936 WinRM - ok
22:58:55.0025 5936 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
22:58:55.0026 5936 WinUsb - ok
22:58:55.0058 5936 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
22:58:55.0083 5936 Wlansvc - ok
22:58:55.0162 5936 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:58:55.0204 5936 wlidsvc - ok
22:58:55.0219 5936 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
22:58:55.0221 5936 WmiAcpi - ok
22:58:55.0244 5936 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
22:58:55.0248 5936 wmiApSrv - ok
22:58:55.0318 5936 WMPNetworkSvc - ok
22:58:55.0363 5936 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
22:58:55.0367 5936 WPCSvc - ok
22:58:55.0435 5936 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
22:58:55.0441 5936 WPDBusEnum - ok
22:58:55.0469 5936 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
22:58:55.0471 5936 ws2ifsl - ok
22:58:55.0498 5936 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\System32\wscsvc.dll
22:58:55.0503 5936 wscsvc - ok
22:58:55.0506 5936 WSearch - ok
22:58:55.0573 5936 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
22:58:55.0616 5936 wuauserv - ok
22:58:55.0650 5936 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
22:58:55.0651 5936 WudfPf - ok
22:58:55.0668 5936 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
22:58:55.0670 5936 WUDFRd - ok
22:58:55.0701 5936 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
22:58:55.0705 5936 wudfsvc - ok
22:58:55.0734 5936 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
22:58:55.0741 5936 WwanSvc - ok
22:58:55.0767 5936 ================ Scan global ===============================
22:58:55.0797 5936 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
22:58:55.0830 5936 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\windows\system32\winsrv.dll
22:58:55.0841 5936 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\windows\system32\winsrv.dll
22:58:55.0860 5936 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
22:58:55.0889 5936 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
22:58:55.0895 5936 [Global] - ok
22:58:55.0896 5936 ================ Scan MBR ==================================
22:58:55.0922 5936 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:58:56.0158 5936 \Device\Harddisk0\DR0 - ok
22:58:56.0159 5936 ================ Scan VBR ==================================
22:58:56.0166 5936 [ CC7CB5581600994C7C9564B0027B6A7C ] \Device\Harddisk0\DR0\Partition1
22:58:56.0174 5936 \Device\Harddisk0\DR0\Partition1 - ok
22:58:56.0195 5936 [ 356B07735AFDBCB2464D9D7507A2B488 ] \Device\Harddisk0\DR0\Partition2
22:58:56.0201 5936 \Device\Harddisk0\DR0\Partition2 - ok
22:58:56.0202 5936 ============================================================
22:58:56.0202 5936 Scan finished
22:58:56.0202 5936 ============================================================
22:58:56.0211 2092 Detected object count: 0
22:58:56.0211 2092 Actual detected object count: 0
22:59:10.0678 5220 Deinitialize success

Papasmurf89 · Dec 18, 2012

Here's the ComboFix log:

ComboFix 12-12-17.02 - Pang 12/17/2012 23:18:49.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4014.557 [GMT -8:00]
Running from: c:\users\Pang\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Pang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
c:\users\Pang\Documents\~WRL0003.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-11-18 to 2012-12-18 )))))))))))))))))))))))))))))))
.
.
2012-12-18 07:29 . 2012-12-18 07:29 -------- d-----w- c:\users\TestAccount\AppData\Local\temp
2012-12-18 07:29 . 2012-12-18 07:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-15 01:56 . 2012-12-17 01:12 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6B8E7D57-4677-454A-928E-4B5C38E77C7D}\offreg.dll
2012-12-15 01:48 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6B8E7D57-4677-454A-928E-4B5C38E77C7D}\mpengine.dll
2012-12-15 01:17 . 2012-11-14 05:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-15 01:17 . 2012-11-14 01:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-12-15 01:17 . 2012-11-14 05:53 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-12-15 01:17 . 2012-11-14 07:11 182816 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-12-15 01:17 . 2012-11-14 02:56 149552 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2012-12-15 01:17 . 2012-11-14 06:00 304640 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-12-15 01:17 . 2012-11-14 01:48 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-12-15 01:17 . 2012-11-14 01:51 194048 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2012-12-15 01:14 . 2012-11-14 05:59 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-12-15 01:14 . 2012-11-14 02:09 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-12-15 01:14 . 2012-11-14 05:58 816640 ----a-w- c:\windows\system32\jscript.dll
2012-12-15 01:14 . 2012-11-14 05:57 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-12-15 01:14 . 2012-11-14 05:55 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-12-15 01:14 . 2012-11-14 02:00 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2012-12-15 01:14 . 2012-11-14 06:06 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-12-15 01:14 . 2012-11-14 02:01 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-12-15 01:14 . 2012-11-14 06:06 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-12-15 01:13 . 2012-11-14 07:06 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-12-15 01:13 . 2012-11-14 06:32 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-12-14 06:09 . 2012-11-05 16:25 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-14 06:09 . 2012-11-05 14:17 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 06:09 . 2012-11-05 14:03 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-14 06:09 . 2012-11-05 14:03 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 06:02 . 2012-11-22 08:20 3147264 ----a-w- c:\windows\system32\win32k.sys
2012-12-14 05:52 . 2012-11-09 04:49 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-14 05:52 . 2012-11-09 05:34 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-14 04:14 . 2012-11-02 05:27 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-14 04:14 . 2012-11-02 04:48 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-13 06:03 . 2012-09-06 17:38 295792 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-04 10:26 . 2012-12-04 10:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-12-04 10:25 . 2012-12-04 10:26 -------- d-----r- c:\program files (x86)\Skype
2012-11-22 18:20 . 2012-11-22 18:21 -------- d-----w- c:\program files\CCleaner
2012-11-21 00:40 . 2012-11-21 00:40 -------- d-----w- c:\users\Pang\AppData\Local\Western_Digital
2012-11-21 00:38 . 2012-11-21 00:38 -------- d-----w- c:\programdata\Western Digital
2012-11-21 00:38 . 2012-11-21 00:38 -------- d-----w- c:\program files\Western Digital
2012-11-21 00:38 . 2012-11-21 00:50 -------- d-----w- c:\program files (x86)\Western Digital
2012-11-21 00:38 . 2012-11-21 00:38 -------- d-----w- c:\program files (x86)\Common Files\Western Digital
2012-11-21 00:37 . 2012-11-21 00:39 -------- d-----w- c:\users\Pang\AppData\Local\Western Digital
2012-11-20 09:21 . 2012-09-25 07:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-17 01:26 . 2012-07-01 01:29 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-17 01:26 . 2012-07-01 01:29 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-27 13:34 . 2012-10-27 13:34 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-16 21:20 . 2012-11-28 01:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 21:20 . 2012-11-28 01:04 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 20:34 . 2012-11-28 01:04 559104 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-09-25 22:39 . 2012-11-14 22:19 95744 ----a-w- c:\windows\system32\synceng.dll
2012-09-25 21:55 . 2012-11-14 22:19 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-22 21:01 . 2011-12-27 05:48 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-21 5629312]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-12-04 1354736]
"Facebook Update"="c:\users\Pang\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"F.lux"="c:\users\Pang\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-05 102400]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-01-08 2396160]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"WD Drive Unlocker"="c:\program files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe" [2012-09-06 1688008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [x]
R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [2009-05-19 14848]
R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-24 6656]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
R3 MGHwCtrl;MGHwCtrl;c:\program files\msi\msi Software Install\MGHwCtrl.sys [x]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-02-08 855328]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-19 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-12-16 14464]
S0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [2009-09-21 20392]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-11-21 140672]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-06-07 202752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-08-30 8704]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WDDMService.exe [2011-12-15 319384]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-09-06 248248]
S2 WDFMEService;WDFME;c:\program files\Western Digital\WD SmartWare\WDFME.exe [2011-12-15 1977224]
S2 WDRulesService;WDRules;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-12-15 1338264]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-05-20 70656]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-14 140128]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]

Papasmurf89 · Dec 18, 2012

--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 18996845
*Deregistered* - 18996845
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-01 01:26]
.
2012-12-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001Core.job
- c:\users\Pang\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-25 20:59]
.
2012-12-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001UA.job
- c:\users\Pang\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-25 20:59]
.
2012-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-23 01:37]
.
2012-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-23 01:37]
.
2012-12-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001Core.job
- c:\users\Pang\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-18 06:20]
.
2012-12-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001UA.job
- c:\users\Pang\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-18 06:20]
.
2012-12-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1003Core.job
- c:\users\TestAccount\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-01 23:31]
.
2012-12-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1003UA.job
- c:\users\TestAccount\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-01 23:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-12 9642528]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2010-01-12 1702400]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"WD Quick View"="c:\program files\Western Digital\WD SmartWare\WDDMStatus.exe" [2011-12-15 4244888]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?AF=109929&babsrc=HP_ss&mntrId=c21ccad40000000000000022fbc51b34
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 208.180.42.100 208.180.42.68 192.168.1.2
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-17 23:32:09
ComboFix-quarantined-files.txt 2012-12-18 07:32
.
Pre-Run: 32,581,779,456 bytes free
Post-Run: 33,397,448,704 bytes free
.
- - End Of File - - 71ED99F16F2D71585F66791941E130FA

_________________________________________

And a fresh HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:13 PM, on 12/17/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Users\Pang\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=109929&babsrc=HP_ss&mntrId=c21ccad40000000000000022fbc51b34
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Pang\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [F.lux] "C:\Users\Pang\Local Settings\Apps\F.lux\flux.exe" /noshow
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WDFME (WDFMEService) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
O23 - Service: WDRules (WDRulesService) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12459 bytes

______________________________________________

I literally just finished running all the scans so I can't give you a really in-depth update on how the computer is running but it seems to be running better. I will post an update tomorrow for sure though.

Edit: I had to cut all the logs into parts since I reached the character limit multiple times. I don't think I got anything out of order but in case I did, let me know and I can re-post it. If there's anything else you need please let me know. Thanks again for all your help!

Papasmurf89 · Dec 18, 2012

So, I had a chance to play some CS:GO on it and it still seems to be running slow. My latency is not high so I know it shouldn't be lagging this much but alas, it's choppy as hell. The load screens are also taking forever, like 5+ minutes. Also, after I'm in one game, and I try to join another, it seems to slow down exponentionally. Like the game is much slower after I try to get in the second game as opposed to when I first fired it up. And trying to select options on the main menu is really delayed as well.

Papasmurf89 · Dec 20, 2012

Bump.

Something's definitely still wrong with my computer. Right when my computer starts up it seems okay but the longer that it's on, the worse it gets. Everything is just really delayed (i.e. I'll click on the Windows start menu button and it takes another 3-5 seconds before the menu actually opens). And this is for anything: computer games, web browser, windows explorer, etc.

Okedokey · Dec 20, 2012

If you haven't already:

Run checkdisk
go to elevetated command prompt and run (with spaces) sfc /scannow

But to be honest, I would back up and reinstall.

lukesow · Dec 20, 2012

reinstall the operating system!

johnb35 · Dec 20, 2012

Sorry for missing this post. Lets do a couple things before you do the reinstall of the operating system as there are few issues to deal with.

1.

Run this combofix script.

1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box

Code:

Reglock::

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

File::

c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1003Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1003UA.job

3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!

ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.

2.

Rerun hijackthis and place checks next to the following entries.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=109929...000022fbc51b34
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Pang\AppData\Local\Facebook\Update\Faceb ookUpdate.exe" /c /nocrashserver

Then click on fix checked. Now reboot your machine and let me know how it reacts. If it still is slow, boot to safe mode and see if it reacts the same in there.

Papasmurf89 · Dec 21, 2012

Okay, so when I ran HijackThis this message popped up mid-scan:

"For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.

If that happens, you need to edit the file yourself. To do this, click Start, Run and type:

notepad C:\windows\System32\drivers\etc\hosts

and press Enter. Find the line(s) HijackThis reports and delete them. Save the file as 'hosts.' (with quotes), and reboot.

For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose 'Run as Administrator'."

Just thought you should know. Ran the scan and fixed the entries that you mentioned. Everything seems to be running find on startup. I'm going to go make some food but will be on my computer later to night and I can give you a more detailed response to how it's running.

Also, this may be completely unrelated but one thing that I have noticed since my computer has been acting weird is that whenever I go to turn it off there's almost always an update that I need to install. Every. Dang. Time. You'd think I would have installed all the updates by now.

And finally, here's my ComboFix log:

ComboFix 12-12-17.02 - Pang 12/20/2012 18:45:05.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4014.391 [GMT -8:00]
Running from: c:\users\Pang\Desktop\ComboFix.exe
Command switches used :: c:\users\Pang\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1003Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1003UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1003Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248157349-1759633269-2791585513-1003UA.job
.
Infected copy of c:\windows\system32\Services.exe was found and disinfected
Restored copy from - c:\windows\erdnt\cache64\services.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))))
.
.
2012-12-21 02:58 . 2012-12-21 02:58 -------- d-----w- c:\users\TestAccount\AppData\Local\temp
2012-12-21 02:58 . 2012-12-21 02:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-18 23:01 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{261BD59D-BB3F-456C-9F00-10EF67BA21D7}\mpengine.dll
2012-12-15 01:17 . 2012-11-14 05:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-15 01:17 . 2012-11-14 01:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-12-15 01:17 . 2012-11-14 05:53 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-12-15 01:17 . 2012-11-14 07:11 182816 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-12-15 01:17 . 2012-11-14 02:56 149552 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2012-12-15 01:17 . 2012-11-14 06:00 304640 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-12-15 01:17 . 2012-11-14 01:48 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-12-15 01:17 . 2012-11-14 01:51 194048 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2012-12-15 01:14 . 2012-11-14 05:59 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-12-15 01:14 . 2012-11-14 02:09 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-12-15 01:14 . 2012-11-14 05:58 816640 ----a-w- c:\windows\system32\jscript.dll
2012-12-15 01:14 . 2012-11-14 05:57 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-12-15 01:14 . 2012-11-14 05:55 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-12-15 01:14 . 2012-11-14 02:00 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2012-12-15 01:14 . 2012-11-14 06:06 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-12-15 01:14 . 2012-11-14 02:01 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-12-15 01:14 . 2012-11-14 06:06 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-12-15 01:13 . 2012-11-14 07:06 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-12-15 01:13 . 2012-11-14 06:32 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-12-14 06:09 . 2012-11-05 16:25 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-14 06:09 . 2012-11-05 14:17 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 06:09 . 2012-11-05 14:03 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-14 06:09 . 2012-11-05 14:03 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 06:02 . 2012-11-22 08:20 3147264 ----a-w- c:\windows\system32\win32k.sys
2012-12-14 05:52 . 2012-11-09 04:49 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-14 05:52 . 2012-11-09 05:34 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-14 04:14 . 2012-11-02 05:27 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-14 04:14 . 2012-11-02 04:48 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-13 06:03 . 2012-09-06 17:38 295792 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-04 10:26 . 2012-12-04 10:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-12-04 10:25 . 2012-12-04 10:26 -------- d-----r- c:\program files (x86)\Skype
2012-11-22 18:20 . 2012-11-22 18:21 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-17 01:26 . 2012-07-01 01:29 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-17 01:26 . 2012-07-01 01:29 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-27 13:34 . 2012-10-27 13:34 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-16 21:20 . 2012-11-28 01:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 21:20 . 2012-11-28 01:04 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 20:34 . 2012-11-28 01:04 559104 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-09-25 22:39 . 2012-11-14 22:19 95744 ----a-w- c:\windows\system32\synceng.dll
2012-09-25 21:55 . 2012-11-14 22:19 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 07:16 . 2012-11-20 09:21 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-22 21:01 . 2011-12-27 05:48 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-21 5629312]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-12-04 1354736]
"Facebook Update"="c:\users\Pang\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"F.lux"="c:\users\Pang\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-05 102400]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-01-08 2396160]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"WD Drive Unlocker"="c:\program files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe" [2012-09-06 1688008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\System32\Drivers\btmcom.sys [x]
R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [2009-05-19 14848]
R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-24 6656]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
R3 MGHwCtrl;MGHwCtrl;c:\program files\msi\msi Software Install\MGHwCtrl.sys [x]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-02-08 855328]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-19 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-12-16 14464]
S0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [2009-09-21 20392]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-11-21 140672]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-06-07 202752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-08-30 8704]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WDDMService.exe [2011-12-15 319384]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-09-06 248248]
S2 WDFMEService;WDFME;c:\program files\Western Digital\WD SmartWare\WDFME.exe [2011-12-15 1977224]
S2 WDRulesService;WDRules;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-12-15 1338264]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-05-20 70656]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-14 140128]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-01 01:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-12 9642528]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2010-01-12 1702400]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"WD Quick View"="c:\program files\Western Digital\WD SmartWare\WDDMStatus.exe" [2011-12-15 4244888]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?AF=109929&babsrc=HP_ss&mntrId=c21ccad40000000000000022fbc51b34
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 208.180.42.100 208.180.42.68 192.168.1.2
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files (x86)\Common Files\Steam\SteamService.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Completion time: 2012-12-20 19:24:29 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-21 03:24
ComboFix2.txt 2012-12-18 07:32
.
Pre-Run: 32,207,872,000 bytes free
Post-Run: 31,806,181,376 bytes free
.
- - End Of File - - F725880E8453933712F7C29E21E56F3D

johnb35 · Dec 21, 2012

Ah, a good sign there, you had an infected services file.

One more thing I forgot to have you do.

Please download AdwCleaner by Xplode onto your Desktop.

•Double click on AdwCleaner.exe to run the tool.
•Click on Search.
•A logfile will automatically open after the scan has finished.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Papasmurf89 · Dec 21, 2012

# AdwCleaner v2.101 - Logfile created 12/20/2012 at 21:45:50
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Pang - MYCOMP
# Boot Mode : Normal
# Running from : C:\Users\Pang\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\user.js
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\WeCareReminder
Folder Found : C:\Users\Pang\AppData\Local\Babylon
Folder Found : C:\Users\Pang\AppData\Local\blekkotb
Folder Found : C:\Users\Pang\AppData\Local\Conduit
Folder Found : C:\Users\Pang\AppData\LocalLow\Conduit
Folder Found : C:\Users\Pang\AppData\Roaming\Babylon

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKU\S-1-5-21-248157349-1759633269-2791585513-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-248157349-1759633269-2791585513-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-21-248157349-1759633269-2791585513-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Pang\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\TestAccount\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4329 octets] - [20/12/2012 21:45:50]

########## EOF - C:\AdwCleaner[R1].txt - [4389 octets] ##########

johnb35 · Dec 21, 2012

Remove the Adware:

•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with OK
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

Papasmurf89 · Dec 22, 2012

# AdwCleaner v2.101 - Logfile created 12/21/2012 at 16:58:40
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Pang - MYCOMP
# Boot Mode : Normal
# Running from : C:\Users\Pang\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\Pang\AppData\Local\Babylon
Folder Deleted : C:\Users\Pang\AppData\Local\blekkotb
Folder Deleted : C:\Users\Pang\AppData\Local\Conduit
Folder Deleted : C:\Users\Pang\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Pang\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Pang\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\TestAccount\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4452 octets] - [20/12/2012 21:45:50]
AdwCleaner[S1].txt - [4017 octets] - [21/12/2012 16:58:40]

########## EOF - C:\AdwCleaner[S1].txt - [4077 octets] ##########

Okedokey · Dec 22, 2012

Dude, with respect, 4 days its taken so far.

This looks more likely a hardware issue to me, but the quickest way to find out is to back up your files and reinstall windows. Just make sure you Record the windows and other licence keys using JellyBean.

Obtain a legal copy of your operating system (found here) (the exact one on the Microsoft label) to DVD or USB. If you have the recovery dvd or recovery partition on your drive, we can use that too.

Download the motherboard files first on a USB stick or similar. You at least need to have the ethernet port driver. If you use the recovery partition method, you won't need to worry about this. Enter this via the bios start up hotkeys (could be F2 or ESC).

Boot from the DVD or recovery partition and install your version of windows. Activate Windows using the key you recorded earlier.

Scan documents that you backed up with a standard anti virus of your choice.

Import documents and settings. Update Windows. Done in about a few hours.

Removing malware is never 100% certain, however reinstall is; So if that doesn't fix it, we need to look at hardware.

But to be honest, reinstall windows and you will have 100% virus free and the best performance boost you could imagine.

johnb35 · Dec 22, 2012

If the system is still slow you might as well take the plunge and reinstall windows. However, I would download and run Ccleaner first to delete all your temporary system and internet files which will speed up the system dramatically. Just install the program, open it, don't change any options and click on run cleaner at the bottom right corner.

Papasmurf89 · Dec 22, 2012

Alright, just going to re-install. Thanks for trying johnb, really appreciate the help.

Edit: Okay, so here are a few dumb, and very noob, questions but I figured I'd ask just so I don't fudge anything up when I'm reintalling.

What is a recovery partition and how do I know if I have one?

If I do not have a recovery partition (I don't have the recovery CD), where can I find the motherboard and eternet port drivers? I didn't see anything on the MSI downloads webpage here:

http://www.msi.com/product/nb/GX640.html#/?div=Driver&os=Win7 64

And now, I'm really skeptical about downloading from any other site that I'm not familiar with.

Finally, how do I scan documents/files with an anti-virus program? I've only scanned my whole computer. Do I just select whatever drive my external hard dive is hooked up to to scan? Right now I use Avast!, SUPERAntiSpyware and Malwarebytes. I'll probably just grab those installers and throw 'em on my external as well.

Computer's running abysmally slow...no idea what it could be.

Member

Administrator

Member

Member

Member

Member

Member

Member

Member

Well-Known Member

New Member

Administrator

Member

Administrator

Member

Administrator

Member

Well-Known Member

Administrator

Member