Google redirect virus help- Hijackthis Log.

haze87 · August 9, 2012

Hi,

I've been infected with some sort of google redirect virus. Occasionally when i search i will be redirected to a website called get-answers-fast, or something along those lines. I did some research on google and tried to remove it with the tdss kaspersky exe, it found some files and i removed them but the issue is still persisting. I have a hijackthis log, hopefully someone can look over it and see if there are any visible issues.

Thanks

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:15:18 PM, on 8/8/2012

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16447)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Creative\Shared Files\CTSched.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Patrick\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/?cid=insDate07262012

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"

O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Creative Software Update] "C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe" /Silent

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - Global Startup: NETGEAR WNA1100 Smart Wizard.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.clonewarsadventures.com

O15 - Trusted Zone: *.freerealms.com

O15 - Trusted Zone: *.soe.com

O15 - Trusted Zone: *.sony.com

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: ImDisk Virtual Disk Driver Helper (ImDskSvc) - Unknown owner - C:\Windows\system32\imdsksvc.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: WSWNA1100 - Unknown owner - C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe

Maniac · August 9, 2012

Hello haze87! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Please follow the instructions here and then post the log files in your next reply:

http://forums.malwarebytes.org/index.php?showtopic=9573

haze87 · August 9, 2012

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by Patrick at 14:20:10 on 2012-08-09

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8183.5693 [GMT -5:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Windows\system32\imdsksvc.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe

c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Windows\SysWOW64\PnkBstrA.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe

C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Creative\Shared Files\CTSched.exe

C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://xfinity.comcast.net/?cid=insDate07262012

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

uRun: [CreativeTaskScheduler] "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork

uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

uRun: [Google Update] "C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [Creative Software Update] "C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe" /Silent

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"

mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEAR WNA1100 Smart Wizard.lnk - C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{2F638620-41C9-471F-A9AE-19766EE18837} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{45C25994-5D2C-43F2-8F95-EE9A416BCFA1} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{85EB0FC6-A5C9-4021-A8A9-806ADE8F99E4} : DhcpNameServer = 192.168.42.129

TCP: Interfaces\{D5CA5C35-8DD8-4580-8F64-54E912447FEE} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{D5CA5C35-8DD8-4580-8F64-54E912447FEE}\14E64627F69646455647865627 : DhcpNameServer = 192.168.2.254

TCP: Interfaces\{D5CA5C35-8DD8-4580-8F64-54E912447FEE}\15579636B64596765627D27657563747 : DhcpNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{D5CA5C35-8DD8-4580-8F64-54E912447FEE}\2457E64697 : DhcpNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{D5CA5C35-8DD8-4580-8F64-54E912447FEE}\2457E64697D27657563747 : DhcpNameServer = 75.75.75.75 75.75.76.76

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

BHO-X64: AVG Do Not Track - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO-X64: Ask Toolbar BHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [CTxfiHlp] CTXFIHLP.EXE

mRun-x64: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"

mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\iy3k2z3r.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - component: C:\Program Files (x86)\AVG\AVG2012\Firefox4\components\avgssff10.dll

FF - component: C:\Program Files (x86)\AVG\AVG2012\Firefox4\components\avgssff4.dll

FF - component: C:\Program Files (x86)\AVG\AVG2012\Firefox4\components\avgssff5.dll

FF - component: C:\Program Files (x86)\AVG\AVG2012\Firefox4\components\avgssff6.dll

FF - component: C:\Program Files (x86)\AVG\AVG2012\Firefox4\components\avgssff7.dll

FF - component: C:\Program Files (x86)\AVG\AVG2012\Firefox4\components\avgssff8.dll

FF - component: C:\Program Files (x86)\AVG\AVG2012\Firefox4\components\avgssff9.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Download Manager\npfpdlm.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfjadjghjpjodfhffafagnkbgbpiphf\1.0.3.170_0\npsoe.dll

FF - plugin: C:\Users\Patrick\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false

============= SERVICES / DRIVERS ===============

.

P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-2-17 8704]

R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\system32\DRIVERS\scmndisp.sys --> C:\Windows\system32\DRIVERS\scmndisp.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\Windows\system32\DRIVERS\jswpslwfx.sys --> C:\Windows\system32\DRIVERS\jswpslwfx.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-4-30 5106744]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]

R2 cpuz134;cpuz134;\??\C:\Windows\system32\drivers\cpuz134_x64.sys --> C:\Windows\system32\drivers\cpuz134_x64.sys [?]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-6-27 2369960]

R2 ImDisk;ImDisk Virtual Disk Driver;C:\Windows\system32\DRIVERS\imdisk.sys --> C:\Windows\system32\DRIVERS\imdisk.sys [?]

R2 ImDskSvc;ImDisk Virtual Disk Driver Helper;C:\Windows\system32\imdsksvc.exe --> C:\Windows\system32\imdsksvc.exe [?]

R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-7-24 1258856]

R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2010-9-16 80896]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-6-28 382312]

R2 WSWNA1100;WSWNA1100;C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [2012-4-24 266240]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]

R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]

R3 Lycosa;Lycosa Keyboard;C:\Windows\system32\drivers\Lycosa.sys --> C:\Windows\system32\drivers\Lycosa.sys [?]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\Windows\system32\DRIVERS\athurx.sys --> C:\Windows\system32\DRIVERS\athurx.sys [?]

S3 AWEAlloc;AWE Memory Allocation Driver;C:\Windows\system32\DRIVERS\awealloc.sys --> C:\Windows\system32\DRIVERS\awealloc.sys [?]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-9-29 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-9-29 79360]

S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2011-4-14 25832]

S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]

S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]

S3 jswpsapi;JumpStart Wi-Fi Protected Setup;C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [2012-4-24 960992]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

S3 LVUVC64;Logitech QuickCam S5500(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]

S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys --> C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-24 113120]

S3 pneteth;PdaNet Broadband;C:\Windows\system32\DRIVERS\pneteth.sys --> C:\Windows\system32\DRIVERS\pneteth.sys [?]

S3 pnetmdm;PdaNet Modem;C:\Windows\system32\DRIVERS\pnetmdm64.sys --> C:\Windows\system32\DRIVERS\pnetmdm64.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-7-10 47128]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-7-10 369688]

.

=============== Created Last 30 ================

.

2012-08-09 03:07:56 -------- d-----w- C:\TDSSKiller_Quarantine

2012-08-09 02:01:52 -------- d-----w- C:\Program Files\Enigma Software Group

2012-08-09 02:01:17 -------- d-----w- C:\Windows\F896D02690164122B9BD957FF092FFE9.TMP

2012-08-04 07:23:08 -------- d-----w- C:\Users\Patrick\AppData\Local\{46396234-D433-4237-870B-7763EF0CBCC5}

2012-08-04 07:22:46 -------- d-----w- C:\Users\Patrick\AppData\Local\{ADAF2B65-E611-4E9A-9C87-DF3574420EE6}

2012-08-03 09:43:31 -------- d-----w- C:\Program Files (x86)\EverQuest Buff Timer

2012-08-02 20:41:13 -------- d-----w- C:\Program Files (x86)\ETS

2012-07-29 03:41:46 -------- d-----w- C:\ProgramData\Graboid Inc

2012-07-29 03:40:09 -------- d-----w- C:\Program Files (x86)\Graboid

2012-07-28 03:27:29 -------- d-----w- C:\Users\Patrick\AppData\Local\{37E8F55D-2004-47A8-BF87-CE2E2AFDF3C7}

2012-07-28 03:27:07 -------- d-----w- C:\Users\Patrick\AppData\Local\{3A62926B-0E5A-4288-95EC-01896A974636}

2012-07-26 18:04:40 -------- d-----w- C:\Users\Patrick\AppData\Local\Xfinity.com

2012-07-24 22:10:28 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2012-07-24 22:10:27 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll

2012-07-24 22:10:27 68576 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll

2012-07-24 22:10:27 573920 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll

2012-07-24 22:10:27 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll

2012-07-24 22:10:27 157608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe

2012-07-24 22:10:27 113120 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-07-20 23:01:03 -------- d-----w- C:\Users\Patrick\AppData\Local\{14E138B0-7A6E-4625-8905-8885B61BFB4C}

2012-07-20 23:00:29 -------- d-----w- C:\Users\Patrick\AppData\Local\{2B8595A7-7228-4DD1-A318-F2451CBC213E}

2012-07-16 23:19:06 -------- d-----w- C:\Users\Patrick\AppData\Roaming\six-updater

2012-07-16 23:19:05 -------- d-----w- C:\Users\Patrick\AppData\Roaming\six-zsync

2012-07-16 23:18:27 -------- d-----w- C:\Program Files (x86)\SIX Projects

2012-07-16 23:16:53 -------- d-----w- C:\Users\Patrick\AppData\Local\ArmA 2 OA

2012-07-13 19:01:02 -------- d-----w- C:\Users\Patrick\AppData\Local\{32BF7226-5A18-4ECC-B1F7-CC4D0D5AC448}

2012-07-13 19:00:30 -------- d-----w- C:\Users\Patrick\AppData\Local\{4CE936FA-880F-4488-B0FE-644FDDB3DE42}

2012-07-12 19:14:36 -------- d-----w- C:\Users\Patrick\AppData\Local\{593CF954-F65A-434D-9B6C-65D8B7268A2F}

2012-07-12 19:14:04 -------- d-----w- C:\Users\Patrick\AppData\Local\{2B6DDD1D-83B5-4706-8CF2-F72625202249}

2012-07-12 08:04:28 3147264 ----a-w- C:\Windows\System32\win32k.sys

2012-07-11 10:12:53 2003968 ----a-w- C:\Windows\System32\msxml6.dll

.

==================== Find3M ====================

.

2012-07-30 20:41:33 282296 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-07-30 20:41:33 282296 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2012-07-30 20:40:46 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-07-25 01:36:17 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2012-07-03 18:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-07-02 19:34:34 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-02 19:34:34 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-06-28 23:56:15 2667062 ----a-w- C:\Windows\System32\nvcoproc.bin

2012-06-28 23:55:57 3266408 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-06-28 23:55:46 6193000 ----a-w- C:\Windows\System32\nvcpl.dll

2012-06-28 23:55:40 118120 ----a-w- C:\Windows\System32\nvmctray.dll

2012-06-28 23:55:39 891240 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-06-28 23:55:39 63336 ----a-w- C:\Windows\System32\nvshext.dll

2012-06-28 22:44:42 428904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2012-06-25 21:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll

2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 04:48:39 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-06-02 04:42:51 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-05-21 13:10:56 31080 ----a-w- C:\Windows\System32\nvhdap64.dll

2012-05-21 13:10:51 188776 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys

2012-05-21 07:34:41 1468264 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll

2012-05-15 10:48:00 364352 ----a-w- C:\Windows\System32\nvdecodemft.dll

2012-05-15 10:48:00 301376 ----a-w- C:\Windows\SysWow64\nvdecodemft.dll

2012-05-15 10:48:00 1468224 ----a-w- C:\Windows\System32\nvgenco64.dll

haze87 · August 9, 2012

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 9/29/2010 6:47:46 PM

System Uptime: 8/9/2012 1:01:55 AM (13 hours ago)

.

Motherboard: EVGA | | X58 SLI Classified

Processor: Intel® Core i7 CPU X 980 @ 3.33GHz | Socket 423 | 3316/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 515.155 GiB free.

D: is CDROM ()

F: is FIXED (NTFS) - 30 GiB total, 0.932 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP290: 7/28/2012 12:00:28 AM - Scheduled Checkpoint

RP291: 8/2/2012 3:41:05 PM - Installed POWERPREP II

RP292: 8/8/2012 9:01:21 PM - Installed SpyHunter

RP293: 8/8/2012 9:23:58 PM - Removed SpyHunter

.

==== Installed Programs ======================

.

µTorrent

3DMark Vantage

Adobe AIR

Adobe Reader X (10.1.2)

AIM 7

Apple Application Support

Apple Software Update

ARMA 2

ARMA 2: Free

ARMA 2: Operation Arrowhead

ARMA 2: Operation Arrowhead Demo

AviSynth 2.5

Battlefield 3™

Battlefield: Bad Company 2

Battlelog Web Plugins

BattlEye for OA Uninstall

calibre

CCleaner

Cockatrice

Compatibility Pack for the 2007 Office system

Creative ALchemy

Creative Audio Control Panel

Creative Console Launcher

Creative Software AutoUpdate

Creative Sound Blaster Properties x64 Edition

D3DX10

DAoC Portal

dBpoweramp Music Converter

Dear Esther

Diablo II

Diablo III

Download Manager 2.3.10

Download Updater (AOL LLC)

Dragon Age: Origins

Dual-Core Optimizer

EA Installer

EA Shared Game Component: Activation

ESN Sonar

EverQuest

EverQuest Buff Timer (remove only)

EverQuest Titanium

EVGA OC Scanner 1.4.1

EVGA Precision 2.0.0

ffdshow [rev 2583] [2009-01-05]

Folding@home-x86

Fraps

Free Video Converter V 3.1

Futuremark SystemInfo

Google Chrome

Hi-Rez Studios Authenticate and Update Service

Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB945282)

Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB946040)

Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB946308)

Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB947540)

Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB947789)

Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB948127)

Hotfix for Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (KB944899)

HTC BMP USB Driver

HTC Driver Installer

Java Auto Updater

Java 6 Update 31

K-Lite Codec Pack 8.7.0 (Basic)

Kernel for Windows Data Recovery ver 11.01.01

League of Legends

LogMeIn Hamachi

Magic The Gathering - Duels of the Planeswalkers 2012

Magic The Gathering - Duels of the Planeswalkers 2013

Malwarebytes Anti-Malware version 1.62.0.1300

Mass Effect

Mass Effect 2

Microsoft .NET Framework 1.1

Microsoft Flight Simulator X

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office Labs Ribbon Hero 2, Clippy's Second Chance

Microsoft Office Standard Edition 2003

Microsoft SQL Server 2008

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 Management Objects

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files (English)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Express Edition with SP1 - ENU

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140)

Microsoft XNA Framework Redistributable 4.0

mIRC

Moonbase Alpha

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB973685)

Mumble 1.2.3

NETGEAR WNA1100 N150 Wireless USB Adapter

NVIDIA 3D Vision Controller Driver

NVIDIA Performance

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

NVIDIA System Monitor

NVIDIA System Update

Oblivion

OpenAL

Origin

Pando Media Booster

Portal 2

POWERPREP II

PunkBuster Services

QuickTime

Railworks 3 Train Simulator 2012 Deluxe

Respondus LockDown Browser

S.T.A.L.K.E.R. - Shadow of Chernobyl

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB2251487)

Silent Hunter 4 Wolves of the Pacific

Silent Hunter 5

Six Updater

Skype™ 5.5

Splice Demo

Sql Server Customer Experience Improvement Program

SQL Server System CLR Types

StarCraft II

Steam

Stone Giant 1.0

Stronghold 3

Stronghold Kingdoms

System Requirements Lab CYRI

Terraria

Terraria 1.0.6 [s.P]

The Elder Scrolls V: Skyrim

The Secret World

The Witcher 2

theHunter (remove only)

Torchlight

Total War: SHOGUN 2

Tribes Ascend Closed Beta

Ubisoft Game Launcher

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Ventrilo Client

Visual Studio 2008 x64 Redistributables

VLC media player 1.1.5

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Messenger

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Media Player Firefox Plugin

World of Tanks v.0.6.7

World of Warcraft

.

==== Event Viewer Messages From Past Week ========

.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 9 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 8 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 7 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 6 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 5 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 4 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 2 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 11 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 10 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/9/2012 1:02:08 AM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

8/8/2012 9:28:30 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004

8/8/2012 8:47:17 AM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds.

.

==== End Of File ===========================

haze87 · August 9, 2012

I should also add that i've seemed to get rid of the "get-answers-fast" redirect, but i still occasionally get one that sends me to a random page full of ads and what i assume to be malware.

Maniac · August 10, 2012

Step 1

Please uninstall this application: µTorrent

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

TDSSKiller log
Malwarebytes' Anti-Malware log
a new fresh DDS log

haze87 · August 10, 2012

TDSS Killer Log:

TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

14:12:02.0268 6472 ============================================================

14:12:02.0268 6472 Current date / time: 2012/08/10 14:12:02.0268

14:12:02.0268 6472 SystemInfo:

14:12:02.0268 6472

14:12:02.0268 6472 OS Version: 6.1.7600 ServicePack: 0.0

14:12:02.0268 6472 Product type: Workstation

14:12:02.0268 6472 ComputerName: I7980X-BEAST

14:12:02.0268 6472 UserName: Patrick

14:12:02.0268 6472 Windows directory: C:\Windows

14:12:02.0268 6472 System windows directory: C:\Windows

14:12:02.0268 6472 Running under WOW64

14:12:02.0268 6472 Processor architecture: Intel x64

14:12:02.0268 6472 Number of processors: 12

14:12:02.0268 6472 Page size: 0x1000

14:12:02.0268 6472 Boot type: Normal boot

14:12:02.0268 6472 ============================================================

14:12:03.0043 6472 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040

14:12:03.0043 6472 Drive \Device\Harddisk1\DR1 - Size: 0x7745D6000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:12:03.0047 6472 ============================================================

14:12:03.0047 6472 \Device\Harddisk0\DR0:

14:12:03.0047 6472 MBR partitions:

14:12:03.0047 6472 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

14:12:03.0047 6472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800

14:12:03.0047 6472 \Device\Harddisk1\DR1:

14:12:03.0047 6472 MBR partitions:

14:12:03.0047 6472 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3BA1000

14:12:03.0047 6472 ============================================================

14:12:03.0082 6472 C: <-> \Device\Harddisk0\DR0\Partition1

14:12:03.0082 6472 F: <-> \Device\Harddisk1\DR1\Partition0

14:12:03.0082 6472 ============================================================

14:12:03.0082 6472 Initialize success

14:12:03.0082 6472 ============================================================

14:12:07.0137 7068 ============================================================

14:12:07.0137 7068 Scan started

14:12:07.0137 7068 Mode: Manual; SigCheck; TDLFS;

14:12:07.0137 7068 ============================================================

14:12:07.0729 7068 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

14:12:07.0759 7068 1394ohci - ok

14:12:07.0789 7068 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

14:12:07.0799 7068 ACPI - ok

14:12:07.0810 7068 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

14:12:07.0819 7068 AcpiPmi - ok

14:12:07.0901 7068 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

14:12:07.0907 7068 AdobeARMservice - ok

14:12:07.0938 7068 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

14:12:07.0949 7068 adp94xx - ok

14:12:07.0981 7068 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

14:12:07.0991 7068 adpahci - ok

14:12:08.0024 7068 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

14:12:08.0033 7068 adpu320 - ok

14:12:08.0046 7068 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

14:12:08.0067 7068 AeLookupSvc - ok

14:12:08.0123 7068 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

14:12:08.0133 7068 AFD - ok

14:12:08.0149 7068 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

14:12:08.0156 7068 agp440 - ok

14:12:08.0168 7068 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

14:12:08.0176 7068 ALG - ok

14:12:08.0196 7068 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

14:12:08.0203 7068 aliide - ok

14:12:08.0224 7068 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

14:12:08.0231 7068 amdide - ok

14:12:08.0246 7068 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

14:12:08.0253 7068 AmdK8 - ok

14:12:08.0263 7068 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

14:12:08.0271 7068 AmdPPM - ok

14:12:08.0304 7068 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

14:12:08.0312 7068 amdsata - ok

14:12:08.0346 7068 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

14:12:08.0355 7068 amdsbs - ok

14:12:08.0362 7068 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

14:12:08.0369 7068 amdxata - ok

14:12:08.0402 7068 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

14:12:08.0412 7068 AppID - ok

14:12:08.0432 7068 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

14:12:08.0453 7068 AppIDSvc - ok

14:12:08.0462 7068 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

14:12:08.0470 7068 Appinfo - ok

14:12:08.0556 7068 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

14:12:08.0561 7068 Apple Mobile Device - ok

14:12:08.0584 7068 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

14:12:08.0592 7068 arc - ok

14:12:08.0610 7068 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

14:12:08.0618 7068 arcsas - ok

14:12:08.0649 7068 ASPI - ok

14:12:08.0736 7068 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

14:12:08.0743 7068 aspnet_state - ok

14:12:08.0757 7068 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

14:12:08.0777 7068 AsyncMac - ok

14:12:08.0792 7068 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

14:12:08.0799 7068 atapi - ok

14:12:08.0917 7068 athur (c24a645aedbdf5fa0a23f7581c6f9c63) C:\Windows\system32\DRIVERS\athurx.sys

14:12:08.0935 7068 athur - ok

14:12:09.0042 7068 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

14:12:09.0067 7068 AudioEndpointBuilder - ok

14:12:09.0071 7068 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

14:12:09.0095 7068 AudioSrv - ok

14:12:09.0383 7068 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

14:12:09.0435 7068 AVGIDSAgent - ok

14:12:09.0628 7068 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys

14:12:09.0637 7068 AVGIDSDriver - ok

14:12:09.0669 7068 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys

14:12:09.0674 7068 AVGIDSFilter - ok

14:12:09.0719 7068 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys

14:12:09.0725 7068 AVGIDSHA - ok

14:12:09.0757 7068 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

14:12:09.0764 7068 Avgldx64 - ok

14:12:09.0781 7068 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

14:12:09.0786 7068 Avgmfx64 - ok

14:12:09.0827 7068 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

14:12:09.0832 7068 Avgrkx64 - ok

14:12:09.0859 7068 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys

14:12:09.0868 7068 Avgtdia - ok

14:12:09.0949 7068 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

14:12:09.0956 7068 avgwd - ok

14:12:10.0006 7068 AWEAlloc (7f36970a26407210ac32f1624bfe5d8b) C:\Windows\system32\DRIVERS\awealloc.sys

14:12:10.0013 7068 AWEAlloc - ok

14:12:10.0047 7068 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

14:12:10.0057 7068 AxInstSV - ok

14:12:10.0105 7068 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

14:12:10.0115 7068 b06bdrv - ok

14:12:10.0146 7068 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

14:12:10.0155 7068 b57nd60a - ok

14:12:10.0190 7068 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

14:12:10.0198 7068 BDESVC - ok

14:12:10.0209 7068 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

14:12:10.0230 7068 Beep - ok

14:12:10.0287 7068 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll

14:12:10.0312 7068 BFE - ok

14:12:10.0366 7068 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

14:12:10.0393 7068 BITS - ok

14:12:10.0422 7068 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

14:12:10.0430 7068 blbdrive - ok

14:12:10.0516 7068 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

14:12:10.0524 7068 Bonjour Service - ok

14:12:10.0556 7068 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

14:12:10.0563 7068 bowser - ok

14:12:10.0582 7068 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

14:12:10.0591 7068 BrFiltLo - ok

14:12:10.0592 7068 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

14:12:10.0601 7068 BrFiltUp - ok

14:12:10.0619 7068 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

14:12:10.0641 7068 Browser - ok

14:12:10.0668 7068 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

14:12:10.0677 7068 Brserid - ok

14:12:10.0680 7068 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

14:12:10.0689 7068 BrSerWdm - ok

14:12:10.0691 7068 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

14:12:10.0700 7068 BrUsbMdm - ok

14:12:10.0710 7068 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

14:12:10.0718 7068 BrUsbSer - ok

14:12:10.0732 7068 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

14:12:10.0742 7068 BTHMODEM - ok

14:12:10.0766 7068 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

14:12:10.0787 7068 bthserv - ok

14:12:10.0799 7068 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

14:12:10.0820 7068 cdfs - ok

14:12:10.0853 7068 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

14:12:10.0862 7068 cdrom - ok

14:12:10.0894 7068 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

14:12:10.0915 7068 CertPropSvc - ok

14:12:10.0937 7068 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

14:12:10.0946 7068 circlass - ok

14:12:10.0969 7068 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

14:12:10.0979 7068 CLFS - ok

14:12:11.0017 7068 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:12:11.0023 7068 clr_optimization_v2.0.50727_32 - ok

14:12:11.0062 7068 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:12:11.0069 7068 clr_optimization_v2.0.50727_64 - ok

14:12:11.0140 7068 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:12:11.0147 7068 clr_optimization_v4.0.30319_32 - ok

14:12:11.0173 7068 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

14:12:11.0180 7068 clr_optimization_v4.0.30319_64 - ok

14:12:11.0206 7068 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

14:12:11.0213 7068 CmBatt - ok

14:12:11.0222 7068 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

14:12:11.0228 7068 cmdide - ok

14:12:11.0261 7068 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys

14:12:11.0276 7068 CNG - ok

14:12:11.0289 7068 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

14:12:11.0296 7068 Compbatt - ok

14:12:11.0315 7068 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

14:12:11.0324 7068 CompositeBus - ok

14:12:11.0335 7068 COMSysApp - ok

14:12:11.0365 7068 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys

14:12:11.0371 7068 cpuz134 - ok

14:12:11.0382 7068 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

14:12:11.0389 7068 crcdisk - ok

14:12:11.0445 7068 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

14:12:11.0447 7068 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning

14:12:11.0447 7068 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)

14:12:11.0465 7068 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

14:12:11.0468 7068 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning

14:12:11.0468 7068 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)

14:12:11.0509 7068 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll

14:12:11.0518 7068 CryptSvc - ok

14:12:11.0538 7068 CT20XUT (229e3b8f266abdafd54e4a372b9d5ddc) C:\Windows\system32\drivers\CT20XUT.SYS

14:12:11.0545 7068 CT20XUT - ok

14:12:11.0547 7068 CT20XUT.SYS (229e3b8f266abdafd54e4a372b9d5ddc) C:\Windows\System32\drivers\CT20XUT.SYS

14:12:11.0554 7068 CT20XUT.SYS - ok

14:12:11.0599 7068 ctac32k (eb3843a91a10150c9e05607cbcb44090) C:\Windows\system32\drivers\ctac32k.sys

14:12:11.0609 7068 ctac32k - ok

14:12:11.0646 7068 ctaud2k (bc06efb59a2316537765462dfe40f764) C:\Windows\system32\drivers\ctaud2k.sys

14:12:11.0657 7068 ctaud2k - ok

14:12:11.0695 7068 CTAudSvcService (07ba6d17e66879018b30b6c3f976ebed) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

14:12:11.0699 7068 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning

14:12:11.0699 7068 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)

14:12:11.0775 7068 CTEXFIFX (63b2b6ce9d3ef182981fb64bd5433da4) C:\Windows\system32\drivers\CTEXFIFX.SYS

14:12:11.0792 7068 CTEXFIFX - ok

14:12:11.0917 7068 CTEXFIFX.SYS (63b2b6ce9d3ef182981fb64bd5433da4) C:\Windows\System32\drivers\CTEXFIFX.SYS

14:12:11.0934 7068 CTEXFIFX.SYS - ok

14:12:11.0979 7068 CTHWIUT (6d115cc80873b85fd80dda1c41f75a2c) C:\Windows\system32\drivers\CTHWIUT.SYS

14:12:11.0985 7068 CTHWIUT - ok

14:12:11.0987 7068 CTHWIUT.SYS (6d115cc80873b85fd80dda1c41f75a2c) C:\Windows\System32\drivers\CTHWIUT.SYS

14:12:11.0992 7068 CTHWIUT.SYS - ok

14:12:12.0009 7068 ctprxy2k (ebc9548ef5838cb5aa8f18b3ac28af12) C:\Windows\system32\drivers\ctprxy2k.sys

14:12:12.0014 7068 ctprxy2k - ok

14:12:12.0034 7068 ctsfm2k (459bee1682121842285c162e2d98d81a) C:\Windows\system32\drivers\ctsfm2k.sys

14:12:12.0041 7068 ctsfm2k - ok

14:12:12.0164 7068 DAUpdaterSvc (80861969541971176e005d2c09dae851) C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

14:12:12.0169 7068 DAUpdaterSvc - ok

14:12:12.0211 7068 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

14:12:12.0236 7068 DcomLaunch - ok

14:12:12.0262 7068 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

14:12:12.0284 7068 defragsvc - ok

14:12:12.0317 7068 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

14:12:12.0325 7068 DfsC - ok

14:12:12.0350 7068 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

14:12:12.0361 7068 Dhcp - ok

14:12:12.0373 7068 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

14:12:12.0395 7068 discache - ok

14:12:12.0421 7068 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

14:12:12.0429 7068 Disk - ok

14:12:12.0463 7068 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

14:12:12.0471 7068 Dnscache - ok

14:12:12.0498 7068 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

14:12:12.0520 7068 dot3svc - ok

14:12:12.0537 7068 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

14:12:12.0559 7068 DPS - ok

14:12:12.0580 7068 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

14:12:12.0589 7068 drmkaud - ok

14:12:12.0654 7068 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

14:12:12.0669 7068 DXGKrnl - ok

14:12:12.0688 7068 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

14:12:12.0710 7068 EapHost - ok

14:12:12.0860 7068 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

14:12:12.0887 7068 ebdrv - ok

14:12:12.0966 7068 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

14:12:12.0974 7068 EFS - ok

14:12:13.0042 7068 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

14:12:13.0053 7068 ehRecvr - ok

14:12:13.0074 7068 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

14:12:13.0082 7068 ehSched - ok

14:12:13.0128 7068 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

14:12:13.0140 7068 elxstor - ok

14:12:13.0161 7068 emupia (c26133b6165928fbd156c6fe570f9ed2) C:\Windows\system32\drivers\emupia2k.sys

14:12:13.0167 7068 emupia - ok

14:12:13.0176 7068 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

14:12:13.0183 7068 ErrDev - ok

14:12:13.0260 7068 esgiguard - ok

14:12:13.0294 7068 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

14:12:13.0317 7068 EventSystem - ok

14:12:13.0349 7068 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

14:12:13.0371 7068 exfat - ok

14:12:13.0388 7068 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

14:12:13.0410 7068 fastfat - ok

14:12:13.0463 7068 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

14:12:13.0475 7068 Fax - ok

14:12:13.0493 7068 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

14:12:13.0500 7068 fdc - ok

14:12:13.0526 7068 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

14:12:13.0547 7068 fdPHost - ok

14:12:13.0552 7068 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

14:12:13.0573 7068 FDResPub - ok

14:12:13.0586 7068 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

14:12:13.0593 7068 FileInfo - ok

14:12:13.0605 7068 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

14:12:13.0626 7068 Filetrace - ok

14:12:13.0639 7068 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

14:12:13.0646 7068 flpydisk - ok

14:12:13.0676 7068 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

14:12:13.0686 7068 FltMgr - ok

14:12:13.0757 7068 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll

14:12:13.0771 7068 FontCache - ok

14:12:13.0818 7068 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:12:13.0824 7068 FontCache3.0.0.0 - ok

14:12:13.0850 7068 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

14:12:13.0858 7068 FsDepends - ok

14:12:13.0877 7068 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys

14:12:13.0884 7068 Fs_Rec - ok

14:12:13.0918 7068 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

14:12:13.0929 7068 fvevol - ok

14:12:13.0953 7068 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

14:12:13.0961 7068 gagp30kx - ok

14:12:13.0988 7068 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:12:13.0994 7068 GEARAspiWDM - ok

14:12:14.0043 7068 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

14:12:14.0058 7068 gpsvc - ok

14:12:14.0140 7068 ha20x2k (a3f010d5dbfb589a3b3288c05c2ea3f9) C:\Windows\system32\drivers\ha20x2k.sys

14:12:14.0159 7068 ha20x2k - ok

14:12:14.0242 7068 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys

14:12:14.0248 7068 hamachi - ok

14:12:14.0406 7068 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

14:12:14.0431 7068 Hamachi2Svc - ok

14:12:14.0475 7068 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

14:12:14.0482 7068 hcw85cir - ok

14:12:14.0514 7068 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

14:12:14.0525 7068 HdAudAddService - ok

14:12:14.0541 7068 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

14:12:14.0550 7068 HDAudBus - ok

14:12:14.0562 7068 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

14:12:14.0569 7068 HidBatt - ok

14:12:14.0665 7068 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

14:12:14.0674 7068 HidBth - ok

14:12:14.0686 7068 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

14:12:14.0694 7068 HidIr - ok

14:12:14.0717 7068 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

14:12:14.0738 7068 hidserv - ok

14:12:14.0784 7068 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

14:12:14.0791 7068 HidUsb - ok

14:12:14.0860 7068 HiPatchService (08b58ad2bd4906e793783e4d78a680a0) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

14:12:14.0862 7068 HiPatchService ( UnsignedFile.Multi.Generic ) - warning

14:12:14.0862 7068 HiPatchService - detected UnsignedFile.Multi.Generic (1)

14:12:14.0878 7068 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

14:12:14.0900 7068 hkmsvc - ok

14:12:14.0920 7068 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

14:12:14.0929 7068 HomeGroupListener - ok

14:12:14.0956 7068 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

14:12:14.0965 7068 HomeGroupProvider - ok

14:12:14.0996 7068 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

14:12:15.0004 7068 HpSAMD - ok

14:12:15.0041 7068 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys

14:12:15.0049 7068 HTCAND64 - ok

14:12:15.0091 7068 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys

14:12:15.0097 7068 htcnprot - ok

14:12:15.0143 7068 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

14:12:15.0168 7068 HTTP - ok

14:12:15.0175 7068 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

14:12:15.0182 7068 hwpolicy - ok

14:12:15.0226 7068 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

14:12:15.0234 7068 i8042prt - ok

14:12:15.0276 7068 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

14:12:15.0286 7068 iaStorV - ok

14:12:15.0359 7068 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

14:12:15.0362 7068 IDriverT ( UnsignedFile.Multi.Generic ) - warning

14:12:15.0362 7068 IDriverT - detected UnsignedFile.Multi.Generic (1)

14:12:15.0429 7068 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:12:15.0441 7068 idsvc - ok

14:12:15.0521 7068 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

14:12:15.0528 7068 iirsp - ok

14:12:15.0583 7068 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

14:12:15.0610 7068 IKEEXT - ok

14:12:15.0658 7068 ImDisk (45ea131f795dee57e8e7c37d9d1b48ff) C:\Windows\system32\DRIVERS\imdisk.sys

14:12:15.0664 7068 ImDisk - ok

14:12:15.0678 7068 ImDskSvc (3d1c3fedab996ac7d8d0cb27a8067a7a) C:\Windows\system32\imdsksvc.exe

14:12:15.0680 7068 ImDskSvc ( UnsignedFile.Multi.Generic ) - warning

14:12:15.0680 7068 ImDskSvc - detected UnsignedFile.Multi.Generic (1)

14:12:15.0690 7068 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

14:12:15.0697 7068 intelide - ok

14:12:15.0713 7068 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

14:12:15.0721 7068 intelppm - ok

14:12:15.0746 7068 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

14:12:15.0767 7068 IPBusEnum - ok

14:12:15.0784 7068 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:12:15.0805 7068 IpFilterDriver - ok

14:12:15.0841 7068 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll

14:12:15.0866 7068 iphlpsvc - ok

14:12:15.0874 7068 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

14:12:15.0882 7068 IPMIDRV - ok

14:12:15.0894 7068 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

14:12:15.0915 7068 IPNAT - ok

14:12:15.0999 7068 iPod Service (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe

14:12:16.0012 7068 iPod Service - ok

14:12:16.0025 7068 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

14:12:16.0034 7068 IRENUM - ok

14:12:16.0052 7068 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

14:12:16.0059 7068 isapnp - ok

14:12:16.0077 7068 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

14:12:16.0086 7068 iScsiPrt - ok

14:12:16.0218 7068 jswpsapi (cf9ba304b8047b9582d72d9bfef42eae) C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe

14:12:16.0232 7068 jswpsapi - ok

14:12:16.0265 7068 JSWPSLWF (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys

14:12:16.0271 7068 JSWPSLWF - ok

14:12:16.0310 7068 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

14:12:16.0318 7068 kbdclass - ok

14:12:16.0330 7068 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

14:12:16.0337 7068 kbdhid - ok

14:12:16.0358 7068 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:12:16.0365 7068 KeyIso - ok

14:12:16.0381 7068 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys

14:12:16.0388 7068 KSecDD - ok

14:12:16.0398 7068 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys

14:12:16.0406 7068 KSecPkg - ok

14:12:16.0427 7068 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

14:12:16.0448 7068 ksthunk - ok

14:12:16.0482 7068 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

14:12:16.0505 7068 KtmRm - ok

14:12:16.0531 7068 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

14:12:16.0540 7068 LanmanServer - ok

14:12:16.0564 7068 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

14:12:16.0586 7068 LanmanWorkstation - ok

14:12:16.0619 7068 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

14:12:16.0641 7068 lltdio - ok

14:12:16.0661 7068 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

14:12:16.0684 7068 lltdsvc - ok

14:12:16.0693 7068 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

14:12:16.0714 7068 lmhosts - ok

14:12:16.0745 7068 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

14:12:16.0753 7068 LSI_FC - ok

14:12:16.0758 7068 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

14:12:16.0766 7068 LSI_SAS - ok

14:12:16.0779 7068 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

14:12:16.0786 7068 LSI_SAS2 - ok

14:12:16.0793 7068 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

14:12:16.0801 7068 LSI_SCSI - ok

14:12:16.0821 7068 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

14:12:16.0842 7068 luafv - ok

14:12:16.0879 7068 LVPr2M64 (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys

14:12:16.0885 7068 LVPr2M64 - ok

14:12:16.0886 7068 LVPr2Mon (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys

14:12:16.0891 7068 LVPr2Mon - ok

14:12:16.0950 7068 LVPrcS64 (a35679e56e78091e1042a2d7adbf2958) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

14:12:16.0957 7068 LVPrcS64 - ok

14:12:16.0981 7068 LVRS64 (986c1cb787a007baa5f74e7d316d7246) C:\Windows\system32\DRIVERS\lvrs64.sys

14:12:16.0989 7068 LVRS64 - ok

14:12:17.0291 7068 LVUVC64 (5747bc465abea2858c5d037252aed84e) C:\Windows\system32\DRIVERS\lvuvc64.sys

14:12:17.0352 7068 LVUVC64 - ok

14:12:17.0437 7068 Lycosa (e5ecf40e5fd459141e5f6685ffd51804) C:\Windows\system32\drivers\Lycosa.sys

14:12:17.0443 7068 Lycosa - ok

14:12:17.0504 7068 ManyCam (d33e2b74cf8b3a652bf0a9fbd068e87a) C:\Windows\system32\DRIVERS\ManyCam_x64.sys

14:12:17.0509 7068 ManyCam - ok

14:12:17.0536 7068 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

14:12:17.0544 7068 Mcx2Svc - ok

14:12:17.0565 7068 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

14:12:17.0572 7068 megasas - ok

14:12:17.0594 7068 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

14:12:17.0603 7068 MegaSR - ok

14:12:17.0632 7068 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:12:17.0653 7068 MMCSS - ok

14:12:17.0665 7068 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

14:12:17.0686 7068 Modem - ok

14:12:17.0701 7068 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

14:12:17.0709 7068 monitor - ok

14:12:17.0748 7068 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

14:12:17.0756 7068 mouclass - ok

14:12:17.0766 7068 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

14:12:17.0774 7068 mouhid - ok

14:12:17.0799 7068 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

14:12:17.0807 7068 mountmgr - ok

14:12:17.0866 7068 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

14:12:17.0872 7068 MozillaMaintenance - ok

14:12:17.0892 7068 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

14:12:17.0900 7068 mpio - ok

14:12:17.0916 7068 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

14:12:17.0937 7068 mpsdrv - ok

14:12:17.0985 7068 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll

14:12:18.0011 7068 MpsSvc - ok

14:12:18.0026 7068 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

14:12:18.0036 7068 MRxDAV - ok

14:12:18.0063 7068 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:12:18.0071 7068 mrxsmb - ok

14:12:18.0105 7068 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:12:18.0114 7068 mrxsmb10 - ok

14:12:18.0121 7068 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:12:18.0128 7068 mrxsmb20 - ok

14:12:18.0143 7068 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

14:12:18.0150 7068 msahci - ok

14:12:18.0168 7068 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

14:12:18.0176 7068 msdsm - ok

14:12:18.0195 7068 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

14:12:18.0204 7068 MSDTC - ok

14:12:18.0224 7068 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

14:12:18.0244 7068 Msfs - ok

14:12:18.0253 7068 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

14:12:18.0274 7068 mshidkmdf - ok

14:12:18.0276 7068 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

14:12:18.0283 7068 msisadrv - ok

14:12:18.0303 7068 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

14:12:18.0325 7068 MSiSCSI - ok

14:12:18.0327 7068 msiserver - ok

14:12:18.0347 7068 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

14:12:18.0368 7068 MSKSSRV - ok

14:12:18.0374 7068 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

14:12:18.0396 7068 MSPCLOCK - ok

14:12:18.0401 7068 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

14:12:18.0421 7068 MSPQM - ok

14:12:18.0449 7068 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

14:12:18.0459 7068 MsRPC - ok

14:12:18.0471 7068 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

14:12:18.0478 7068 mssmbios - ok

14:12:18.0557 7068 MSSQL$SQLEXPRESS - ok

14:12:18.0580 7068 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

14:12:18.0586 7068 MSSQLServerADHelper100 - ok

14:12:18.0601 7068 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

14:12:18.0621 7068 MSTEE - ok

14:12:18.0862 7068 msvsmon90 (cb4a082af58d1a0969f931816d5cfb05) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe

14:12:18.0909 7068 msvsmon90 - ok

14:12:18.0989 7068 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

14:12:18.0996 7068 MTConfig - ok

14:12:19.0013 7068 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

14:12:19.0021 7068 Mup - ok

14:12:19.0063 7068 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

14:12:19.0087 7068 napagent - ok

14:12:19.0119 7068 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

14:12:19.0131 7068 NativeWifiP - ok

14:12:19.0186 7068 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

14:12:19.0201 7068 NDIS - ok

14:12:19.0210 7068 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

14:12:19.0231 7068 NdisCap - ok

14:12:19.0245 7068 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

14:12:19.0266 7068 NdisTapi - ok

14:12:19.0297 7068 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

14:12:19.0318 7068 Ndisuio - ok

14:12:19.0334 7068 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

14:12:19.0355 7068 NdisWan - ok

14:12:19.0359 7068 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

14:12:19.0380 7068 NDProxy - ok

14:12:19.0397 7068 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

14:12:19.0418 7068 NetBIOS - ok

14:12:19.0436 7068 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

14:12:19.0458 7068 NetBT - ok

14:12:19.0483 7068 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:12:19.0490 7068 Netlogon - ok

14:12:19.0526 7068 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

14:12:19.0550 7068 Netman - ok

14:12:19.0643 7068 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

14:12:19.0650 7068 NetMsmqActivator - ok

14:12:19.0660 7068 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

14:12:19.0667 7068 NetPipeActivator - ok

14:12:19.0697 7068 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

14:12:19.0721 7068 netprofm - ok

14:12:19.0722 7068 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

14:12:19.0729 7068 NetTcpActivator - ok

14:12:19.0731 7068 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

14:12:19.0737 7068 NetTcpPortSharing - ok

14:12:19.0778 7068 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

14:12:19.0785 7068 nfrd960 - ok

14:12:19.0818 7068 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

14:12:19.0841 7068 NlaSvc - ok

14:12:19.0852 7068 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

14:12:19.0873 7068 Npfs - ok

14:12:19.0876 7068 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

14:12:19.0897 7068 nsi - ok

14:12:19.0899 7068 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

14:12:19.0920 7068 nsiproxy - ok

14:12:20.0010 7068 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

14:12:20.0031 7068 Ntfs - ok

14:12:20.0097 7068 nTuneService - ok

14:12:20.0163 7068 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

14:12:20.0184 7068 Null - ok

14:12:20.0219 7068 NVHDA (5f1ff880adacf7e0ff7c27ba188b05da) C:\Windows\system32\drivers\nvhda64v.sys

14:12:20.0227 7068 NVHDA - ok

14:12:20.0766 7068 nvlddmkm (39defe644321f9a4b7f527664f628dea) C:\Windows\system32\DRIVERS\nvlddmkm.sys

14:12:20.0887 7068 nvlddmkm - ok

14:12:20.0979 7068 nvoclk64 (8c1d181480796d7d3366a9381fd7782d) C:\Windows\system32\DRIVERS\nvoclk64.sys

14:12:20.0985 7068 nvoclk64 - ok

14:12:21.0015 7068 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

14:12:21.0024 7068 nvraid - ok

14:12:21.0036 7068 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

14:12:21.0045 7068 nvstor - ok

14:12:21.0114 7068 nvsvc (a8bd627c6b78745ce8d591e9636e533f) C:\Windows\system32\nvvsvc.exe

14:12:21.0128 7068 nvsvc - ok

14:12:21.0256 7068 nvUpdatusService (abf9218bc7b87ed93c0b5dead9e2f7e9) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

14:12:21.0272 7068 nvUpdatusService - ok

14:12:21.0337 7068 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

14:12:21.0345 7068 nv_agp - ok

14:12:21.0354 7068 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

14:12:21.0361 7068 ohci1394 - ok

14:12:21.0423 7068 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

14:12:21.0429 7068 ose - ok

14:12:21.0452 7068 ossrv (0e2de427ebe106e7e5b52869d5c99f68) C:\Windows\system32\drivers\ctoss2k.sys

14:12:21.0459 7068 ossrv - ok

14:12:21.0496 7068 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:12:21.0506 7068 p2pimsvc - ok

14:12:21.0531 7068 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

14:12:21.0541 7068 p2psvc - ok

14:12:21.0560 7068 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

14:12:21.0569 7068 Parport - ok

14:12:21.0599 7068 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys

14:12:21.0606 7068 partmgr - ok

14:12:21.0687 7068 PassThru Service (5fbcc9eeefaca3019d5bd5979618f298) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

14:12:21.0689 7068 PassThru Service ( UnsignedFile.Multi.Generic ) - warning

14:12:21.0689 7068 PassThru Service - detected UnsignedFile.Multi.Generic (1)

14:12:21.0710 7068 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

14:12:21.0721 7068 PcaSvc - ok

14:12:21.0741 7068 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

14:12:21.0750 7068 pci - ok

14:12:21.0758 7068 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

14:12:21.0765 7068 pciide - ok

14:12:21.0793 7068 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

14:12:21.0802 7068 pcmcia - ok

14:12:21.0815 7068 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

14:12:21.0822 7068 pcw - ok

14:12:21.0858 7068 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

14:12:21.0883 7068 PEAUTH - ok

14:12:21.0945 7068 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

14:12:21.0954 7068 PerfHost - ok

14:12:22.0067 7068 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

14:12:22.0097 7068 pla - ok

14:12:22.0145 7068 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

14:12:22.0155 7068 PlugPlay - ok

14:12:22.0200 7068 pneteth (fe74ba87cdaa80ac9261f49167f0608a) C:\Windows\system32\DRIVERS\pneteth.sys

14:12:22.0207 7068 pneteth - ok

14:12:22.0243 7068 pnetmdm (06841f5cd8410b6bdc0b5a631b8f8787) C:\Windows\system32\DRIVERS\pnetmdm64.sys

14:12:22.0249 7068 pnetmdm - ok

14:12:22.0276 7068 PnkBstrA - ok

14:12:22.0308 7068 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

14:12:22.0316 7068 PNRPAutoReg - ok

14:12:22.0338 7068 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:12:22.0347 7068 PNRPsvc - ok

14:12:22.0388 7068 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

14:12:22.0412 7068 PolicyAgent - ok

14:12:22.0440 7068 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

14:12:22.0463 7068 Power - ok

14:12:22.0493 7068 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

14:12:22.0514 7068 PptpMiniport - ok

14:12:22.0524 7068 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

14:12:22.0531 7068 Processor - ok

14:12:22.0568 7068 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll

14:12:22.0577 7068 ProfSvc - ok

14:12:22.0607 7068 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:12:22.0615 7068 ProtectedStorage - ok

14:12:22.0635 7068 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

14:12:22.0656 7068 Psched - ok

14:12:22.0727 7068 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

14:12:22.0747 7068 ql2300 - ok

14:12:22.0831 7068 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

14:12:22.0839 7068 ql40xx - ok

14:12:22.0867 7068 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

14:12:22.0879 7068 QWAVE - ok

14:12:22.0886 7068 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

14:12:22.0896 7068 QWAVEdrv - ok

14:12:22.0908 7068 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

14:12:22.0929 7068 RasAcd - ok

14:12:22.0962 7068 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

14:12:22.0983 7068 RasAgileVpn - ok

14:12:22.0998 7068 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

14:12:23.0020 7068 RasAuto - ok

14:12:23.0033 7068 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:12:23.0054 7068 Rasl2tp - ok

14:12:23.0091 7068 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

14:12:23.0115 7068 RasMan - ok

14:12:23.0126 7068 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

14:12:23.0148 7068 RasPppoe - ok

14:12:23.0174 7068 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

14:12:23.0195 7068 RasSstp - ok

14:12:23.0217 7068 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

14:12:23.0240 7068 rdbss - ok

14:12:23.0251 7068 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

14:12:23.0260 7068 rdpbus - ok

14:12:23.0273 7068 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:12:23.0294 7068 RDPCDD - ok

14:12:23.0297 7068 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

14:12:23.0317 7068 RDPENCDD - ok

14:12:23.0320 7068 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

14:12:23.0341 7068 RDPREFMP - ok

14:12:23.0372 7068 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys

14:12:23.0380 7068 RDPWD - ok

14:12:23.0406 7068 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

14:12:23.0415 7068 rdyboost - ok

14:12:23.0437 7068 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

14:12:23.0459 7068 RemoteAccess - ok

14:12:23.0475 7068 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

14:12:23.0497 7068 RemoteRegistry - ok

14:12:23.0498 7068 RimUsb - ok

14:12:23.0547 7068 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys

14:12:23.0553 7068 RimVSerPort - ok

14:12:23.0567 7068 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys

14:12:23.0588 7068 ROOTMODEM - ok

14:12:23.0601 7068 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

14:12:23.0623 7068 RpcEptMapper - ok

14:12:23.0642 7068 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

14:12:23.0650 7068 RpcLocator - ok

14:12:23.0685 7068 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

14:12:23.0709 7068 RpcSs - ok

14:12:23.0729 7068 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

14:12:23.0750 7068 rspndr - ok

14:12:23.0784 7068 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys

14:12:23.0793 7068 RTL8167 - ok

14:12:23.0816 7068 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:12:23.0823 7068 SamSs - ok

14:12:23.0839 7068 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

14:12:23.0847 7068 sbp2port - ok

14:12:23.0865 7068 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

14:12:23.0888 7068 SCardSvr - ok

14:12:23.0899 7068 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

14:12:23.0920 7068 scfilter - ok

14:12:23.0986 7068 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

14:12:24.0000 7068 Schedule - ok

14:12:24.0042 7068 SCMNdisP (6011cdf54bb6f4c69f38faccdad73d7e) C:\Windows\system32\DRIVERS\scmndisp.sys

14:12:24.0048 7068 SCMNdisP - ok

14:12:24.0068 7068 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

14:12:24.0089 7068 SCPolicySvc - ok

14:12:24.0111 7068 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

14:12:24.0120 7068 SDRSVC - ok

14:12:24.0139 7068 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

14:12:24.0160 7068 secdrv - ok

14:12:24.0169 7068 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

14:12:24.0191 7068 seclogon - ok

14:12:24.0201 7068 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

14:12:24.0222 7068 SENS - ok

14:12:24.0239 7068 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

14:12:24.0247 7068 SensrSvc - ok

14:12:24.0258 7068 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

14:12:24.0265 7068 Serenum - ok

14:12:24.0294 7068 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

14:12:24.0302 7068 Serial - ok

14:12:24.0315 7068 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

14:12:24.0323 7068 sermouse - ok

14:12:24.0341 7068 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

14:12:24.0363 7068 SessionEnv - ok

14:12:24.0377 7068 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

14:12:24.0385 7068 sffdisk - ok

14:12:24.0394 7068 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

14:12:24.0403 7068 sffp_mmc - ok

14:12:24.0416 7068 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

14:12:24.0425 7068 sffp_sd - ok

14:12:24.0427 7068 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

14:12:24.0435 7068 sfloppy - ok

14:12:24.0467 7068 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

14:12:24.0490 7068 SharedAccess - ok

14:12:24.0527 7068 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

14:12:24.0540 7068 ShellHWDetection - ok

14:12:24.0550 7068 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

14:12:24.0557 7068 SiSRaid2 - ok

14:12:24.0573 7068 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

14:12:24.0580 7068 SiSRaid4 - ok

14:12:24.0601 7068 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

14:12:24.0622 7068 Smb - ok

14:12:24.0636 7068 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

14:12:24.0644 7068 SNMPTRAP - ok

14:12:24.0656 7068 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

14:12:24.0663 7068 spldr - ok

14:12:24.0707 7068 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

14:12:24.0718 7068 Spooler - ok

14:12:24.0871 7068 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

14:12:24.0901 7068 sppsvc - ok

14:12:24.0963 7068 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

14:12:24.0984 7068 sppuinotify - ok

14:12:25.0075 7068 SQLAgent$SQLEXPRESS (eb2fd937449b7aceb39372f875eb8e78) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

14:12:25.0084 7068 SQLAgent$SQLEXPRESS - ok

14:12:25.0107 7068 SQLBrowser (99de6acfa5ca83fad6a765c81c6f129f) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

14:12:25.0115 7068 SQLBrowser - ok

14:12:25.0143 7068 SQLWriter (6d65985945b03ca59b67d0b73702fc7b) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

14:12:25.0150 7068 SQLWriter - ok

14:12:25.0217 7068 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

14:12:25.0227 7068 srv - ok

14:12:25.0249 7068 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

14:12:25.0259 7068 srv2 - ok

14:12:25.0295 7068 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

14:12:25.0303 7068 srvnet - ok

14:12:25.0331 7068 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

14:12:25.0354 7068 SSDPSRV - ok

14:12:25.0362 7068 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

14:12:25.0384 7068 SstpSvc - ok

14:12:25.0437 7068 Steam Client Service - ok

14:12:25.0503 7068 Stereo Service (2c25a72b53b28034be260d81c4ea4955) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

14:12:25.0513 7068 Stereo Service - ok

14:12:25.0527 7068 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

14:12:25.0535 7068 stexstor - ok

14:12:25.0610 7068 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

14:12:25.0624 7068 stisvc - ok

14:12:25.0633 7068 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

14:12:25.0640 7068 swenum - ok

14:12:25.0684 7068 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

14:12:25.0708 7068 swprv - ok

14:12:25.0784 7068 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

14:12:25.0805 7068 SysMain - ok

14:12:25.0874 7068 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

14:12:25.0885 7068 TabletInputService - ok

14:12:25.0904 7068 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

14:12:25.0927 7068 TapiSrv - ok

14:12:25.0940 7068 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

14:12:25.0962 7068 TBS - ok

14:12:26.0073 7068 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys

14:12:26.0096 7068 Tcpip - ok

14:12:26.0237 7068 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys

14:12:26.0260 7068 TCPIP6 - ok

14:12:26.0302 7068 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

14:12:26.0323 7068 tcpipreg - ok

14:12:26.0334 7068 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

14:12:26.0341 7068 TDPIPE - ok

14:12:26.0368 7068 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

14:12:26.0375 7068 TDTCP - ok

14:12:26.0402 7068 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

14:12:26.0423 7068 tdx - ok

14:12:26.0435 7068 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

14:12:26.0442 7068 TermDD - ok

14:12:26.0493 7068 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

14:12:26.0518 7068 TermService - ok

14:12:26.0531 7068 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

14:12:26.0542 7068 Themes - ok

14:12:26.0564 7068 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:12:26.0586 7068 THREADORDER - ok

14:12:26.0599 7068 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

14:12:26.0621 7068 TrkWks - ok

14:12:26.0653 7068 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

14:12:26.0662 7068 TrustedInstaller - ok

14:12:26.0671 7068 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:12:26.0691 7068 tssecsrv - ok

14:12:26.0715 7068 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

14:12:26.0737 7068 tunnel - ok

14:12:26.0750 7068 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

14:12:26.0758 7068 uagp35 - ok

14:12:26.0786 7068 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

14:12:26.0809 7068 udfs - ok

14:12:26.0823 7068 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

14:12:26.0832 7068 UI0Detect - ok

14:12:26.0846 7068 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

14:12:26.0854 7068 uliagpkx - ok

14:12:26.0862 7068 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

14:12:26.0870 7068 umbus - ok

14:12:26.0883 7068 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

14:12:26.0890 7068 UmPass - ok

14:12:26.0960 7068 UpdateCenterService - ok

14:12:26.0984 7068 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

14:12:27.0007 7068 upnphost - ok

14:12:27.0045 7068 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys

14:12:27.0051 7068 USBAAPL64 - ok

14:12:27.0084 7068 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

14:12:27.0094 7068 usbaudio - ok

14:12:27.0121 7068 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

14:12:27.0129 7068 usbccgp - ok

14:12:27.0159 7068 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

14:12:27.0168 7068 usbcir - ok

14:12:27.0177 7068 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys

14:12:27.0184 7068 usbehci - ok

14:12:27.0215 7068 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

14:12:27.0224 7068 usbhub - ok

14:12:27.0232 7068 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys

14:12:27.0239 7068 usbohci - ok

14:12:27.0245 7068 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

14:12:27.0254 7068 usbprint - ok

14:12:27.0286 7068 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:12:27.0293 7068 USBSTOR - ok

14:12:27.0309 7068 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys

14:12:27.0316 7068 usbuhci - ok

14:12:27.0369 7068 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

14:12:27.0378 7068 usb_rndisx - ok

14:12:27.0395 7068 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

14:12:27.0417 7068 UxSms - ok

14:12:27.0442 7068 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

14:12:27.0449 7068 VaultSvc - ok

14:12:27.0481 7068 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys

14:12:27.0487 7068 VClone - ok

14:12:27.0508 7068 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

14:12:27.0516 7068 vdrvroot - ok

14:12:27.0548 7068 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

14:12:27.0560 7068 vds - ok

14:12:27.0578 7068 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

14:12:27.0586 7068 vga - ok

14:12:27.0595 7068 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

14:12:27.0615 7068 VgaSave - ok

14:12:27.0638 7068 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

14:12:27.0647 7068 vhdmp - ok

14:12:27.0657 7068 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

14:12:27.0665 7068 viaide - ok

14:12:27.0681 7068 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

14:12:27.0688 7068 volmgr - ok

14:12:27.0712 7068 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

14:12:27.0723 7068 volmgrx - ok

14:12:27.0744 7068 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

14:12:27.0754 7068 volsnap - ok

14:12:27.0784 7068 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

14:12:27.0792 7068 vsmraid - ok

14:12:27.0872 7068 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

14:12:27.0890 7068 VSS - ok

14:12:27.0959 7068 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

14:12:27.0969 7068 vwifibus - ok

14:12:27.0985 7068 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

14:12:27.0995 7068 vwififlt - ok

14:12:28.0024 7068 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

14:12:28.0048 7068 W32Time - ok

14:12:28.0071 7068 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

14:12:28.0079 7068 WacomPen - ok

14:12:28.0101 7068 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

14:12:28.0123 7068 WANARP - ok

14:12:28.0125 7068 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

14:12:28.0146 7068 Wanarpv6 - ok

14:12:28.0233 7068 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

14:12:28.0250 7068 WatAdminSvc - ok

14:12:28.0333 7068 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

14:12:28.0350 7068 wbengine - ok

14:12:28.0418 7068 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

14:12:28.0430 7068 WbioSrvc - ok

14:12:28.0464 7068 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

14:12:28.0474 7068 wcncsvc - ok

14:12:28.0488 7068 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

14:12:28.0496 7068 WcsPlugInService - ok

14:12:28.0515 7068 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

14:12:28.0522 7068 Wd - ok

14:12:28.0561 7068 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

14:12:28.0573 7068 Wdf01000 - ok

14:12:28.0585 7068 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:12:28.0596 7068 WdiServiceHost - ok

14:12:28.0598 7068 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:12:28.0609 7068 WdiSystemHost - ok

14:12:28.0649 7068 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

14:12:28.0658 7068 WebClient - ok

14:12:28.0686 7068 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

14:12:28.0709 7068 Wecsvc - ok

14:12:28.0719 7068 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

14:12:28.0741 7068 wercplsupport - ok

14:12:28.0754 7068 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

14:12:28.0776 7068 WerSvc - ok

14:12:28.0811 7068 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

14:12:28.0832 7068 WfpLwf - ok

14:12:28.0840 7068 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

14:12:28.0847 7068 WIMMount - ok

14:12:28.0874 7068 WinDefend - ok

14:12:28.0878 7068 WinHttpAutoProxySvc - ok

14:12:28.0923 7068 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

14:12:28.0945 7068 Winmgmt - ok

14:12:29.0043 7068 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

14:12:29.0076 7068 WinRM - ok

14:12:29.0153 7068 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

14:12:29.0162 7068 WinUsb - ok

14:12:29.0212 7068 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

14:12:29.0228 7068 Wlansvc - ok

14:12:29.0391 7068 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

14:12:29.0416 7068 wlidsvc - ok

14:12:29.0501 7068 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

14:12:29.0508 7068 WmiAcpi - ok

14:12:29.0561 7068 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

14:12:29.0570 7068 wmiApSrv - ok

14:12:29.0588 7068 WMPNetworkSvc - ok

14:12:29.0607 7068 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

14:12:29.0615 7068 WPCSvc - ok

14:12:29.0624 7068 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

14:12:29.0634 7068 WPDBusEnum - ok

14:12:29.0643 7068 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

14:12:29.0663 7068 ws2ifsl - ok

14:12:29.0695 7068 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll

14:12:29.0703 7068 wscsvc - ok

14:12:29.0705 7068 WSearch - ok

14:12:29.0738 7068 WSWNA1100 (35a20217c4d06d1d36a3addfd8ce58c2) C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe

14:12:29.0742 7068 WSWNA1100 ( UnsignedFile.Multi.Generic ) - warning

14:12:29.0742 7068 WSWNA1100 - detected UnsignedFile.Multi.Generic (1)

14:12:29.0859 7068 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

14:12:29.0886 7068 wuauserv - ok

14:12:29.0972 7068 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

14:12:29.0994 7068 WudfPf - ok

14:12:30.0025 7068 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:12:30.0047 7068 WUDFRd - ok

14:12:30.0063 7068 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

14:12:30.0085 7068 wudfsvc - ok

14:12:30.0101 7068 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

14:12:30.0113 7068 WwanSvc - ok

14:12:30.0152 7068 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

14:12:30.0388 7068 \Device\Harddisk0\DR0 - ok

14:12:30.0390 7068 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1

14:12:30.0403 7068 \Device\Harddisk1\DR1 - ok

14:12:30.0404 7068 Boot (0x1200) (552d659653f0f53c862e344c40215548) \Device\Harddisk0\DR0\Partition0

14:12:30.0405 7068 \Device\Harddisk0\DR0\Partition0 - ok

14:12:30.0423 7068 Boot (0x1200) (d55ae3d521c92fc64447a7eb6060f990) \Device\Harddisk0\DR0\Partition1

14:12:30.0424 7068 \Device\Harddisk0\DR0\Partition1 - ok

14:12:30.0425 7068 Boot (0x1200) (d39a311b0e11ed3ec67fb3f65185ffb4) \Device\Harddisk1\DR1\Partition0

14:12:30.0426 7068 \Device\Harddisk1\DR1\Partition0 - ok

14:12:30.0426 7068 ============================================================

14:12:30.0426 7068 Scan finished

14:12:30.0426 7068 ============================================================

14:12:30.0431 7388 Detected object count: 8

14:12:30.0431 7388 Actual detected object count: 8

14:12:32.0839 7388 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

14:12:32.0840 7388 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:12:32.0840 7388 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

14:12:32.0840 7388 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:12:32.0840 7388 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user

14:12:32.0840 7388 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:12:32.0841 7388 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user

14:12:32.0841 7388 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:12:32.0842 7388 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

14:12:32.0842 7388 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:12:32.0842 7388 ImDskSvc ( UnsignedFile.Multi.Generic ) - skipped by user

14:12:32.0842 7388 ImDskSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:12:32.0843 7388 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user

14:12:32.0843 7388 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:12:32.0844 7388 WSWNA1100 ( UnsignedFile.Multi.Generic ) - skipped by user

14:12:32.0844 7388 WSWNA1100 ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:12:36.0821 6240 Deinitialize success

haze87 · August 10, 2012

MBAM Log:

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.10.08

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Patrick :: I7980X-BEAST [administrator]

8/10/2012 2:18:50 PM

mbam-log-2012-08-10 (14-18-50).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 217864

Time elapsed: 29 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

haze87 · August 10, 2012

DDS Log:

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by Patrick at 14:21:11 on 2012-08-10

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8183.5853 [GMT -5:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Windows\system32\imdsksvc.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe

c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Windows\SysWOW64\PnkBstrA.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe

C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Creative\Shared Files\CTSched.exe

C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\mIRC\mirc.exe