Jump to content

Getting weird crashes and laggy mouse


alocrius
 Share

Recommended Posts

Feels like compouter might be infected. Strange mouse behavior and random crashes. Thanks for any help!

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32

Run by Alocrius at 18:48:33 on 2012-09-30

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3326.2171 [GMT -4:00]

.

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Online Armor\OAcat.exe

C:\Program Files\Online Armor\oasrv.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Online Armor\oaui.exe

C:\Program Files\Logitech Gaming Software\LCore.exe

C:\Program Files\Online Armor\OAhlp.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Windows\System32\XSrvSetup.exe

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Windows\system32\PnkBstrA.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Alocrius\Desktop\PortApps\HijackThis.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Free Download Manager\fdm.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

mURLSearchHooks: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Free Download Manager: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll

TB: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} - c:\program files\freeonlineradioplayerrecorder\prxtbFree.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

mRun: [NUSB3MON] "c:\program files\nec electronics\usb 3.0 host controller driver\application\nusb3mon.exe"

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe"

mRun: [Launch LCore] c:\program files\logitech gaming software\LCore.exe /minimized

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

StartupFolder: c:\users\alocrius\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE

mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm

IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm

IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm

IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm

DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/bin/LogitechDeviceDetection32.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{ABDFE6D5-7313-4478-B7CB-B33FBB3119F4} : DhcpNameServer = 192.168.2.1

SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\online~1\oaevent.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\alocrius\appdata\roaming\mozilla\firefox\profiles\9kxyat0d.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - www.google.com

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin10171.dll

FF - plugin: c:\program files\downloader\npdd.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll

FF - plugin: c:\users\alocrius\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\users\alocrius\appdata\roaming\mozilla\firefox\profiles\9kxyat0d.default\extensions\devicedetection@logitech.com\plugins\npLogitechDeviceDetection.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_268.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extentions.y2layers.installId - a4f32f77-3871-4d9e-bcb3-2ad9cfea7b83

FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,BestVideoDownloader,EzLooker,TwitTube,TopRelatedTopics,Buzzdock,

.

FF - user.js: extensions.autoDisableScopes - 14

FF - user.js: security.csp.enable - false

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-8-24 729752]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-8-24 355632]

R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2011-6-7 208312]

R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2011-6-7 44592]

R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2011-6-7 27632]

R2 AODDriver4.01;AODDriver4.01;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-2-1 46720]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-8-24 21256]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-8-24 58680]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-8-24 44808]

R2 JMB36X;JMB36X;c:\windows\system32\XSrvSetup.exe [2011-6-7 65536]

R2 OAcat;Online Armor Helper Service;c:\program files\online armor\oacat.exe [2012-5-30 210920]

R2 SvcOnlineArmor;Online Armor;c:\program files\online armor\OAsrv.exe [2012-5-30 4382968]

R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2012-2-14 9182208]

R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2012-2-14 264704]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-5 86032]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]

R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\drivers\LGSHidFilt.Sys [2012-2-7 42008]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-9-30 40776]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2009-9-25 56576]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2009-9-25 138240]

R3 OAnet;OnlineArmor Service;c:\windows\system32\drivers\OAnet.sys [2011-6-7 31760]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-7 189440]

R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2012-7-26 27136]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2012-1-19 37944]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\aq games\tribes ascend\HiPatchService.exe [2011-12-20 8704]

S3 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-22 47128]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2012-1-9 137600]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2012-1-9 8576]

S3 RTCore32;RTCore32;c:\program files\msi afterburner\RTCore32.sys [2011-9-6 5632]

S3 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]

S4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-2-14 163328]

S4 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-2-14 291840]

S4 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2011-6-7 68136]

S4 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2009-7-13 20992]

S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]

S4 TunngleService;TunngleService;c:\program files\tunngle\TnglCtrl.exe [2012-7-26 738152]

S4 WeGameClientService;WeGame Client Service;c:\program files\wegame\wgclientservice.exe [2011-7-12 18472]

.

=============== Created Last 30 ================

.

2012-09-30 22:43:53 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-09-05 02:29:08 -------- d-----w- c:\users\alocrius\appdata\roaming\BSW

2012-09-05 02:29:08 -------- d-----w- c:\program files\BSW

.

==================== Find3M ====================

.

2012-09-07 21:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-21 09:13:15 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-08-21 09:13:14 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-08-21 09:13:14 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2012-08-21 09:12:33 41224 ----a-w- c:\windows\avastSS.scr

2012-08-19 19:15:26 476960 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-08-19 19:15:26 472864 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-19 05:28:43 140360 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2012-08-19 05:28:33 283032 ----a-w- c:\windows\system32\PnkBstrB.xtr

2012-08-19 05:28:33 283032 ----a-w- c:\windows\system32\PnkBstrB.exe

2012-08-19 05:07:48 298016 ----a-w- c:\windows\system32\PnkBstrB.ex0

2012-08-10 20:55:03 76888 ----a-w- c:\windows\system32\PnkBstrA.exe

2012-08-10 20:41:14 138056 ----a-w- c:\users\alocrius\appdata\roaming\PnkBstrK.sys

2012-08-02 22:52:30 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2012-07-28 16:12:50 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-28 16:12:50 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

.

============= FINISH: 18:49:40.84 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 6/7/2011 4:31:20 AM

System Uptime: 9/30/2012 6:42:07 PM (0 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | GA-770TA-UD3

Processor: AMD Phenom™ II X4 B50 Processor | Socket M2 | 3400/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 98 GiB total, 3.103 GiB free.

D: is FIXED (NTFS) - 293 GiB total, 8.657 GiB free.

E: is FIXED (FAT32) - 6 GiB total, 5.966 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

1ClickDownloader

7-Zip 9.20

Active@ ISO Burner

Adobe Download Manager

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Shockwave Player 11.6

Amazon MP3 Downloader 1.0.17

AMD APP SDK Runtime

AMD AVIVO Codecs

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Media Foundation Decoders

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Auslogics Disk Defrag

AutoHotkey 1.0.48.05

AutoREALM Version 2.2.1

avast! Free Antivirus

Avira Free Antivirus

BitTorrent

Blacklight Retribution

Bonjour

Booster Trooper

BrettspielWelt

Catalyst Control Center InstallProxy

Command and Conquer 3: Tiberium Wars

Crysis

Crysis Wars

Divinity II - The Dragon Knight Saga

Downloader

Driver Sweeper version 3.2.0

DVDFab Decrypter 3.0.8.6

E.Y.E Divine Cybermancy

EasySaver B9.0904.1

ERUNT 1.1j

Eusing Free Registry Cleaner

ezgm4

FastSum 1.7 Standard Edition and FastSum 1.9 Command-Line Editi

Foxit Reader 5.0

Free Download Manager 3.9

FreeOnlineRadioPlayerRecorder Toolbar

FXAA Post Process Injector

Geeks3D.com FurMark 1.9.1

Gigabyte Raid Cinfigurer

GourmetGaming

Gratuitous Space Battles

GSC 2.00

Hi-Rez Studios Authenticate and Update Service

HP USB Disk Storage Format Tool

HydraVision

ImgBurn

Index.dat Analyzer v2.5

iTunes

IZArc 4.1.6

Java Auto Updater

Java™ 6 Update 32

Just Cause 2

King Arthur - The Role-playing Wargame

Kubuntu

LinuxLive USB Creator

Logitech Gaming Software

Logitech Gaming Software 8.30

Magical Jelly Bean SHN Shortener (remove only)

Malwarebytes Anti-Malware version 1.65.0.1400

ManiaPlanet

MediaMonkey 4.0

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft Expression Blend 3 SDK

Microsoft Expression Blend 4

Microsoft Expression Blend 4 Add-in for Adobe FXG Import

Microsoft Expression Blend SDK for .NET 4

Microsoft Expression Blend SDK for Silverlight 4

Microsoft Expression Blend SDK for Windows Phone 7

Microsoft Expression Blend SDK Preview for Windows Phone 7.1

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Help Viewer 1.1

Microsoft Silverlight

Microsoft Silverlight 3 SDK

Microsoft Silverlight 4 SDK

Microsoft SQL Server 2008

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 Native Client

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server System CLR Types

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

Microsoft Visual Studio 2010 Express for Windows Phone 7.1 (Beta) - ENU

Microsoft Windows Phone Developer Tools 7.1 (Beta) - ENU

Microsoft XNA Framework Redistributable 4.0 Refresh

Microsoft XNA Game Studio 4.0 Refresh

Microsoft XNA Game Studio 4.0 Refresh (ARP entry)

Microsoft XNA Game Studio 4.0 Refresh (Redists)

Microsoft XNA Game Studio 4.0 Refresh (Shared Components)

Microsoft XNA Game Studio 4.0 Refresh (Visual Studio)

Microsoft XNA Game Studio 4.0 Refresh (XnaLiveProxy)

Microsoft XNA Game Studio 4.0 Refresh Windows Phone Extensions

Microsoft XNA Game Studio Platform Tools

Microsoft_VC100_CRT_SP1_x86

Morphyre

Mozilla Firefox 10.0 (x86 en-US)

MP3 2 Ogg Lab 2004

MSI Afterburner 2.2.1

MSI Kombustor 2.0.0

MSVC80_x86_v2

MSVC90_x86

NEC Electronics USB 3.0 Host Controller Driver

Nexuiz

Nexus Mod Manager

Nokia Connectivity Cable Driver

NVIDIA PhysX

Online Armor 5.0

OpenOffice.org 3.4

Orcs Must Die!

Paint.NET v3.5.10

Pando Media Booster

PC Connectivity Solution

PeerBlock 1.1 (r518)

PunkBuster Services

QuickTime

Realtek Ethernet Controller Driver For Windows Vista and Later

Realtek High Definition Audio Driver

Red Faction: Guerrilla

Revo Uninstaller 1.93

Service Pack 1 for SQL Server 2008 (KB968369)

SpeedFan (remove only)

Spotify

Sql Server Customer Experience Improvement Program

Steam

swMSM

The Elder Scroll V - Skyrim version Patch 1.3

TortoiseSVN 1.6.16.21511 (32 bit)

Tribes 2

Tribes Ascend Closed Beta

Tunngle beta

Unigine Heaven DX11 Benchmark 2.5 version 2.5

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

VASSAL (3.1.19)

Ventrilo Client

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

VLC media player 1.1.10

WCF Data Services Client for Windows Phone 7.1

WeGame Client 2.4.3.0

Windows 7 USB/DVD Download Tool

Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)

Windows Live ID Sign-in Assistant

Windows Media Player Firefox Plugin

Windows Phone Add-in for Visual Studio 2010 7.1 (Beta) - ENU

Windows Phone Emulator (Beta) - ENU

Windows Phone SDK 7.1 (Beta)

WPF Toolkit February 2010 (Version 3.5.50211.1)

Wrye Bash

XnView 1.98

Xvid Video Codec

.

==== Event Viewer Messages From Past Week ========

.

9/30/2012 6:02:41 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

9/28/2012 8:59:29 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0xd768d9bc, 0x0000001c, 0x00000001, 0xe32bdc90). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092812-13696-01.

9/28/2012 4:29:45 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000008e (0xc0000005, 0x00000000, 0xf0301c34, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092812-12916-01.

9/28/2012 2:19:39 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0xc65d8a45, 0x00000002, 0x00000001, 0xc978615d). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092812-21184-01.

.

==== End Of File ===========================

Link to post
Share on other sites

Hello alocrius and welcome to MalwareBytes forums.

On BitTorrent : Risks of File-Sharing Technology.

P2P file sharing: Know the risks

Forum policy on peer-to-peer-programs:

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

http://forums.malwarebytes.org/index.php?showtopic=97700

Confirm that it has been removed before we proceed much further.

Remember, if you're an MBAM customer, you have the option to contact the consumer help desk here.

If you are in an organization or a corporate customer, contact Corporate Support for assistance.

If you take advantage of that option, kindly return here & let me know.

I close my topics if there is no response after 4 days.

Do not post or attach logs unless I have asked for them. I would ask you to always Copy/Paste the logs inline inside main-body of reply box.

Start a paper log of "crashes". Need to document what "program" is "crashing" and what the error-code or error-message(s) are.

For you, insure your mouse is securely attached and that there is no question you have the latest mouse driver.

Tell me the brand of pc, and if this is a desktop (or standard) pc OR if this is a laptop/notebook.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Do not click any FIX button. We just need an initial report.

Step 4

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 5

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 6

RE-Enable your antivirus program. excl.png

Then copy/paste the following into your post (in order):

  • the contents of aswMBR report;
  • the contents of TDSSKILLER log;
  • the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

Ok, I removed bittorrent and did the scans. Here are the reports.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-10-01 13:57:07

-----------------------------

13:57:07.288 OS Version: Windows 6.1.7600

13:57:07.288 Number of processors: 4 586 0x402

13:57:07.290 ComputerName: PROTOBYTE UserName: Alocrius

13:57:08.871 Initialize success

13:57:09.067 AVAST engine defs: 12100100

13:57:24.479 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

13:57:24.487 Disk 0 Vendor: ST3500418AS CC38 Size: 476940MB BusType: 3

13:57:24.505 Disk 0 MBR read successfully

13:57:24.512 Disk 0 MBR scan

13:57:24.516 Disk 0 unknown MBR code

13:57:24.520 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100000 MB offset 63

13:57:24.526 Disk 0 Partition - 00 0F Extended LBA 376938 MB offset 204800461

13:57:24.542 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 300000 MB offset 204800463

13:57:24.545 Disk 0 Partition - 00 05 Extended 244 MB offset 819201600

13:57:24.567 Disk 0 Partition 3 00 83 Linux 244 MB offset 819202048

13:57:24.571 Disk 0 Partition - 00 05 Extended 3815 MB offset 1434102899

13:57:24.584 Disk 0 Partition 4 00 82 Linux swap 3814 MB offset 819703808

13:57:24.589 Disk 0 Partition - 00 05 Extended 19073 MB offset 1442416179

13:57:24.605 Disk 0 Partition 5 00 83 Linux 19072 MB offset 827516928

13:57:24.612 Disk 0 Partition - 00 05 Extended 47683 MB offset 1489292649

13:57:24.630 Disk 0 Partition 6 00 83 Linux 47683 MB offset 866578432

13:57:24.636 Disk 0 Partition - 00 05 Extended 6122 MB offset 1626010985

13:57:24.655 Disk 0 Partition 7 00 0B FAT32 MSWIN4.1 6121 MB offset 964235264

13:57:24.669 Disk 0 scanning sectors +976771072

13:57:24.717 Disk 0 scanning C:\Windows\system32\drivers

13:57:30.955 Service scanning

13:57:42.419 Modules scanning

13:57:58.430 Scan finished successfully

13:58:28.408 Disk 0 MBR has been saved successfully to "C:\Users\Alocrius\Desktop\MBR.dat"

13:58:28.415 The log file has been saved successfully to "C:\Users\Alocrius\Desktop\aswMBR.txt"

14:04:00.0175 2612 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24

14:04:00.0557 2612 ============================================================

14:04:00.0557 2612 Current date / time: 2012/10/01 14:04:00.0557

14:04:00.0557 2612 SystemInfo:

14:04:00.0557 2612

14:04:00.0557 2612 OS Version: 6.1.7600 ServicePack: 0.0

14:04:00.0557 2612 Product type: Workstation

14:04:00.0558 2612 ComputerName: PROTOBYTE

14:04:00.0558 2612 UserName: Alocrius

14:04:00.0558 2612 Windows directory: C:\Windows

14:04:00.0558 2612 System windows directory: C:\Windows

14:04:00.0558 2612 Processor architecture: Intel x86

14:04:00.0558 2612 Number of processors: 4

14:04:00.0558 2612 Page size: 0x1000

14:04:00.0558 2612 Boot type: Normal boot

14:04:00.0558 2612 ============================================================

14:04:01.0408 2612 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050

14:04:01.0411 2612 ============================================================

14:04:01.0411 2612 \Device\Harddisk0\DR0:

14:04:01.0411 2612 MBR partitions:

14:04:01.0411 2612 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC350151

14:04:01.0427 2612 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC3501CF, BlocksNum 0x249F0471

14:04:01.0477 2612 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xB, StartLBA 0x39791000, BlocksNum 0xBF4800

14:04:01.0477 2612 ============================================================

14:04:01.0517 2612 C: <-> \Device\Harddisk0\DR0\Partition1

14:04:01.0545 2612 D: <-> \Device\Harddisk0\DR0\Partition2

14:04:01.0566 2612 E: <-> \Device\Harddisk0\DR0\Partition3

14:04:01.0566 2612 ============================================================

14:04:01.0567 2612 Initialize success

14:04:01.0567 2612 ============================================================

14:04:03.0502 4016 ============================================================

14:04:03.0502 4016 Scan started

14:04:03.0502 4016 Mode: Manual;

14:04:03.0502 4016 ============================================================

14:04:04.0094 4016 ================ Scan system memory ========================

14:04:04.0094 4016 System memory - ok

14:04:04.0095 4016 ================ Scan services =============================

14:04:04.0184 4016 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys

14:04:04.0185 4016 1394ohci - ok

14:04:04.0211 4016 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys

14:04:04.0213 4016 ACPI - ok

14:04:04.0225 4016 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys

14:04:04.0226 4016 AcpiPmi - ok

14:04:04.0248 4016 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

14:04:04.0251 4016 adp94xx - ok

14:04:04.0264 4016 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

14:04:04.0266 4016 adpahci - ok

14:04:04.0274 4016 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

14:04:04.0276 4016 adpu320 - ok

14:04:04.0291 4016 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

14:04:04.0292 4016 AeLookupSvc - ok

14:04:04.0311 4016 [ DDC040FDB01EF1712A6B13E52AFB104C ] AFD C:\Windows\system32\drivers\afd.sys

14:04:04.0313 4016 AFD - ok

14:04:04.0326 4016 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys

14:04:04.0327 4016 agp440 - ok

14:04:04.0348 4016 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys

14:04:04.0349 4016 aic78xx - ok

14:04:04.0362 4016 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe

14:04:04.0363 4016 ALG - ok

14:04:04.0382 4016 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys

14:04:04.0383 4016 aliide - ok

14:04:04.0419 4016 [ CDE41D99DB840FF9454FC981EBD0EC50 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

14:04:04.0421 4016 AMD External Events Utility - ok

14:04:04.0483 4016 AMD FUEL Service - ok

14:04:04.0511 4016 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys

14:04:04.0513 4016 amdagp - ok

14:04:04.0529 4016 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys

14:04:04.0530 4016 amdide - ok

14:04:04.0564 4016 [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86 C:\Windows\system32\DRIVERS\amdiox86.sys

14:04:04.0566 4016 amdiox86 - ok

14:04:04.0581 4016 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

14:04:04.0583 4016 AmdK8 - ok

14:04:04.0765 4016 [ FFD082F1F1D4FF5C87F66DF62486BCFA ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

14:04:04.0802 4016 amdkmdag - ok

14:04:04.0825 4016 [ C541DA5B72FA638469E8DC1E66079330 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

14:04:04.0826 4016 amdkmdap - ok

14:04:04.0847 4016 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

14:04:04.0847 4016 AmdPPM - ok

14:04:04.0887 4016 [ 6F64C768A9A48FAB7C6D6CEE1B30F97F ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys

14:04:04.0889 4016 amdsata - ok

14:04:04.0910 4016 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

14:04:04.0913 4016 amdsbs - ok

14:04:04.0928 4016 [ E27866684780606BCCE640A57937D88A ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys

14:04:04.0930 4016 amdxata - ok

14:04:04.0968 4016 [ DF6DE9E8E4B6994853CCF038BFAE964B ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys

14:04:04.0969 4016 AODDriver4.01 - ok

14:04:04.0985 4016 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys

14:04:04.0986 4016 AppID - ok

14:04:05.0007 4016 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll

14:04:05.0008 4016 AppIDSvc - ok

14:04:05.0020 4016 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll

14:04:05.0021 4016 Appinfo - ok

14:04:05.0084 4016 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

14:04:05.0087 4016 Apple Mobile Device - ok

14:04:05.0125 4016 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys

14:04:05.0128 4016 arc - ok

14:04:05.0144 4016 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

14:04:05.0146 4016 arcsas - ok

14:04:05.0206 4016 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

14:04:05.0207 4016 aspnet_state - ok

14:04:05.0252 4016 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

14:04:05.0254 4016 aswFsBlk - ok

14:04:05.0274 4016 [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

14:04:05.0276 4016 aswMonFlt - ok

14:04:05.0294 4016 [ 924819669AFD0EDF5C067193D371FAB0 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

14:04:05.0296 4016 aswRdr - ok

14:04:05.0347 4016 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

14:04:05.0358 4016 aswSnx - ok

14:04:05.0375 4016 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\Windows\system32\drivers\aswSP.sys

14:04:05.0378 4016 aswSP - ok

14:04:05.0392 4016 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

14:04:05.0393 4016 aswTdi - ok

14:04:05.0401 4016 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

14:04:05.0402 4016 AsyncMac - ok

14:04:05.0447 4016 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys

14:04:05.0448 4016 atapi - ok

14:04:05.0503 4016 [ 4D201D8B576BE4473405B2A86A2D28B3 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys

14:04:05.0506 4016 AtiHDAudioService - ok

14:04:05.0540 4016 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys

14:04:05.0541 4016 AtiPcie - ok

14:04:05.0589 4016 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

14:04:05.0597 4016 AudioEndpointBuilder - ok

14:04:05.0611 4016 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll

14:04:05.0615 4016 Audiosrv - ok

14:04:05.0672 4016 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

14:04:05.0674 4016 avast! Antivirus - ok

14:04:05.0695 4016 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll

14:04:05.0698 4016 AxInstSV - ok

14:04:05.0732 4016 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys

14:04:05.0740 4016 b06bdrv - ok

14:04:05.0768 4016 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys

14:04:05.0772 4016 b57nd60x - ok

14:04:05.0786 4016 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll

14:04:05.0790 4016 BDESVC - ok

14:04:05.0803 4016 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys

14:04:05.0804 4016 Beep - ok

14:04:05.0826 4016 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll

14:04:05.0831 4016 BFE - ok

14:04:05.0884 4016 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll

14:04:05.0902 4016 BITS - ok

14:04:05.0930 4016 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

14:04:05.0931 4016 blbdrive - ok

14:04:05.0978 4016 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

14:04:05.0984 4016 Bonjour Service - ok

14:04:06.0021 4016 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

14:04:06.0024 4016 bowser - ok

14:04:06.0036 4016 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

14:04:06.0037 4016 BrFiltLo - ok

14:04:06.0047 4016 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

14:04:06.0048 4016 BrFiltUp - ok

14:04:06.0065 4016 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\Windows\System32\browser.dll

14:04:06.0066 4016 Browser - ok

14:04:06.0082 4016 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys

14:04:06.0085 4016 Brserid - ok

14:04:06.0095 4016 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

14:04:06.0096 4016 BrSerWdm - ok

14:04:06.0104 4016 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

14:04:06.0105 4016 BrUsbMdm - ok

14:04:06.0109 4016 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

14:04:06.0109 4016 BrUsbSer - ok

14:04:06.0113 4016 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

14:04:06.0114 4016 BTHMODEM - ok

14:04:06.0136 4016 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll

14:04:06.0137 4016 bthserv - ok

14:04:06.0151 4016 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

14:04:06.0153 4016 cdfs - ok

14:04:06.0188 4016 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

14:04:06.0191 4016 cdrom - ok

14:04:06.0211 4016 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll

14:04:06.0215 4016 CertPropSvc - ok

14:04:06.0236 4016 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys

14:04:06.0238 4016 circlass - ok

14:04:06.0260 4016 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys

14:04:06.0266 4016 CLFS - ok

14:04:06.0284 4016 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:04:06.0285 4016 clr_optimization_v2.0.50727_32 - ok

14:04:06.0386 4016 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:04:06.0390 4016 clr_optimization_v4.0.30319_32 - ok

14:04:06.0409 4016 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

14:04:06.0410 4016 CmBatt - ok

14:04:06.0420 4016 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys

14:04:06.0421 4016 cmdide - ok

14:04:06.0432 4016 [ 1B675691ED940766149C93E8F4488D68 ] CNG C:\Windows\system32\Drivers\cng.sys

14:04:06.0435 4016 CNG - ok

14:04:06.0447 4016 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

14:04:06.0448 4016 Compbatt - ok

14:04:06.0463 4016 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

14:04:06.0464 4016 CompositeBus - ok

14:04:06.0478 4016 COMSysApp - ok

14:04:06.0486 4016 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

14:04:06.0487 4016 crcdisk - ok

14:04:06.0516 4016 [ 9C231178CE4FB385F4B54B0A9080B8A4 ] CryptSvc C:\Windows\system32\cryptsvc.dll

14:04:06.0518 4016 CryptSvc - ok

14:04:06.0545 4016 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll

14:04:06.0552 4016 DcomLaunch - ok

14:04:06.0562 4016 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll

14:04:06.0565 4016 defragsvc - ok

14:04:06.0573 4016 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB ] DfsC C:\Windows\system32\Drivers\dfsc.sys

14:04:06.0574 4016 DfsC - ok

14:04:06.0584 4016 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll

14:04:06.0588 4016 Dhcp - ok

14:04:06.0599 4016 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys

14:04:06.0600 4016 discache - ok

14:04:06.0646 4016 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys

14:04:06.0647 4016 Disk - ok

14:04:06.0673 4016 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll

14:04:06.0675 4016 Dnscache - ok

14:04:06.0692 4016 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll

14:04:06.0695 4016 dot3svc - ok

14:04:06.0712 4016 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll

14:04:06.0715 4016 DPS - ok

14:04:06.0741 4016 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

14:04:06.0741 4016 drmkaud - ok

14:04:06.0775 4016 [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

14:04:06.0780 4016 DXGKrnl - ok

14:04:06.0810 4016 EagleXNt - ok

14:04:06.0836 4016 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll

14:04:06.0843 4016 EapHost - ok

14:04:06.0930 4016 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys

14:04:06.0947 4016 ebdrv - ok

14:04:06.0966 4016 [ F42309C4191C506B71DB5D1126D26318 ] EFS C:\Windows\System32\lsass.exe

14:04:06.0968 4016 EFS - ok

14:04:07.0022 4016 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe

14:04:07.0031 4016 ehRecvr - ok

14:04:07.0066 4016 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe

14:04:07.0068 4016 ehSched - ok

14:04:07.0098 4016 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

14:04:07.0106 4016 elxstor - ok

14:04:07.0118 4016 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys

14:04:07.0119 4016 ErrDev - ok

14:04:07.0164 4016 [ B8FA96995726D1FA58476E352C02AD82 ] ES lite Service C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE

14:04:07.0165 4016 ES lite Service - ok

14:04:07.0203 4016 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll

14:04:07.0212 4016 EventSystem - ok

14:04:07.0232 4016 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys

14:04:07.0236 4016 exfat - ok

14:04:07.0250 4016 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys

14:04:07.0254 4016 fastfat - ok

14:04:07.0287 4016 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe

14:04:07.0300 4016 Fax - ok

14:04:07.0328 4016 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys

14:04:07.0330 4016 fdc - ok

14:04:07.0348 4016 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll

14:04:07.0353 4016 fdPHost - ok

14:04:07.0374 4016 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll

14:04:07.0379 4016 FDResPub - ok

14:04:07.0400 4016 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

14:04:07.0402 4016 FileInfo - ok

14:04:07.0418 4016 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

14:04:07.0419 4016 Filetrace - ok

14:04:07.0432 4016 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

14:04:07.0433 4016 flpydisk - ok

14:04:07.0449 4016 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

14:04:07.0451 4016 FltMgr - ok

14:04:07.0478 4016 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll

14:04:07.0485 4016 FontCache - ok

14:04:07.0526 4016 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

14:04:07.0527 4016 FontCache3.0.0.0 - ok

14:04:07.0554 4016 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

14:04:07.0556 4016 FsDepends - ok

14:04:07.0565 4016 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

14:04:07.0567 4016 Fs_Rec - ok

14:04:07.0594 4016 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

14:04:07.0596 4016 fvevol - ok

14:04:07.0615 4016 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

14:04:07.0616 4016 gagp30kx - ok

14:04:07.0658 4016 [ D556CB79967E92B5CC69686D16C1D846 ] gdrv C:\Windows\gdrv.sys

14:04:07.0660 4016 gdrv - ok

14:04:07.0699 4016 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:04:07.0701 4016 GEARAspiWDM - ok

14:04:07.0757 4016 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys

14:04:07.0762 4016 giveio - ok

14:04:07.0800 4016 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll

14:04:07.0814 4016 gpsvc - ok

14:04:07.0842 4016 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

14:04:07.0843 4016 hcw85cir - ok

14:04:07.0865 4016 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

14:04:07.0871 4016 HdAudAddService - ok

14:04:07.0895 4016 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

14:04:07.0898 4016 HDAudBus - ok

14:04:07.0911 4016 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

14:04:07.0913 4016 HidBatt - ok

14:04:07.0926 4016 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

14:04:07.0928 4016 HidBth - ok

14:04:07.0953 4016 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

14:04:07.0954 4016 HidIr - ok

14:04:07.0970 4016 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll

14:04:07.0973 4016 hidserv - ok

14:04:08.0002 4016 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

14:04:08.0003 4016 HidUsb - ok

14:04:08.0078 4016 [ FD1837DEE0A1D7F180D7B301C0656511 ] HiPatchService D:\AQ Games\Tribes Ascend\HiPatchService.exe

14:04:08.0079 4016 HiPatchService - ok

14:04:08.0110 4016 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll

14:04:08.0118 4016 hkmsvc - ok

14:04:08.0131 4016 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

14:04:08.0141 4016 HomeGroupListener - ok

14:04:08.0171 4016 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

14:04:08.0176 4016 HomeGroupProvider - ok

14:04:08.0201 4016 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys

14:04:08.0202 4016 HpSAMD - ok

14:04:08.0224 4016 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys

14:04:08.0228 4016 HTTP - ok

14:04:08.0242 4016 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

14:04:08.0243 4016 hwpolicy - ok

14:04:08.0253 4016 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

14:04:08.0254 4016 i8042prt - ok

14:04:08.0272 4016 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys

14:04:08.0274 4016 iaStorV - ok

14:04:08.0399 4016 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

14:04:08.0412 4016 idsvc - ok

14:04:08.0456 4016 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

14:04:08.0458 4016 iirsp - ok

14:04:08.0550 4016 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll

14:04:08.0566 4016 IKEEXT - ok

14:04:08.0671 4016 [ A9D92A2D9F583892C91202502D979BE1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

14:04:08.0687 4016 IntcAzAudAddService - ok

14:04:08.0706 4016 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys

14:04:08.0706 4016 intelide - ok

14:04:08.0723 4016 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

14:04:08.0723 4016 intelppm - ok

14:04:08.0732 4016 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

14:04:08.0734 4016 IPBusEnum - ok

14:04:08.0744 4016 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:04:08.0745 4016 IpFilterDriver - ok

14:04:08.0756 4016 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

14:04:08.0759 4016 iphlpsvc - ok

14:04:08.0770 4016 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys

14:04:08.0771 4016 IPMIDRV - ok

14:04:08.0776 4016 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys

14:04:08.0777 4016 IPNAT - ok

14:04:08.0823 4016 [ B84A28B3984185EDA8867541AF14CDDB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

14:04:08.0835 4016 iPod Service - ok

14:04:08.0852 4016 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys

14:04:08.0853 4016 IRENUM - ok

14:04:08.0864 4016 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys

14:04:08.0865 4016 isapnp - ok

14:04:08.0880 4016 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

14:04:08.0882 4016 iScsiPrt - ok

14:04:08.0914 4016 [ B4CDA1B4263B53D249AC27A4892DA634 ] JMB36X C:\Windows\System32\XSrvSetup.exe

14:04:08.0921 4016 JMB36X - ok

14:04:08.0952 4016 [ FE372FDE0AFC9F724ED9393A33AC9AA7 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys

14:04:08.0954 4016 JRAID - ok

14:04:08.0972 4016 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

14:04:08.0973 4016 kbdclass - ok

14:04:08.0996 4016 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

14:04:08.0997 4016 kbdhid - ok

14:04:09.0002 4016 [ F42309C4191C506B71DB5D1126D26318 ] KeyIso C:\Windows\system32\lsass.exe

14:04:09.0006 4016 KeyIso - ok

14:04:09.0016 4016 [ E36A061EC11B373826905B21BE10948F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

14:04:09.0018 4016 KSecDD - ok

14:04:09.0036 4016 [ 365C6154BBBC5377173F1CA7BFB6CC59 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

14:04:09.0037 4016 KSecPkg - ok

14:04:09.0060 4016 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll

14:04:09.0065 4016 KtmRm - ok

14:04:09.0088 4016 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll

14:04:09.0094 4016 LanmanServer - ok

14:04:09.0115 4016 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

14:04:09.0121 4016 LanmanWorkstation - ok

14:04:09.0159 4016 [ 170E7093A77AD586F3A012A3DB651D94 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys

14:04:09.0160 4016 LGBusEnum - ok

14:04:09.0172 4016 [ 8DC67B636F393DF1B93E5445485427C5 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys

14:04:09.0173 4016 LGSHidFilt - ok

14:04:09.0204 4016 [ D2DD04D1C8DF65EECD1F2C7FB947D43E ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys

14:04:09.0205 4016 LGVirHid - ok

14:04:09.0228 4016 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

14:04:09.0230 4016 lltdio - ok

14:04:09.0260 4016 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll

14:04:09.0269 4016 lltdsvc - ok

14:04:09.0280 4016 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll

14:04:09.0288 4016 lmhosts - ok

14:04:09.0319 4016 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

14:04:09.0320 4016 LSI_FC - ok

14:04:09.0331 4016 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

14:04:09.0333 4016 LSI_SAS - ok

14:04:09.0339 4016 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

14:04:09.0340 4016 LSI_SAS2 - ok

14:04:09.0355 4016 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

14:04:09.0356 4016 LSI_SCSI - ok

14:04:09.0369 4016 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys

14:04:09.0370 4016 luafv - ok

14:04:09.0401 4016 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

14:04:09.0404 4016 Mcx2Svc - ok

14:04:09.0419 4016 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

14:04:09.0420 4016 megasas - ok

14:04:09.0438 4016 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

14:04:09.0440 4016 MegaSR - ok

14:04:09.0461 4016 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll

14:04:09.0465 4016 MMCSS - ok

14:04:09.0474 4016 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys

14:04:09.0475 4016 Modem - ok

14:04:09.0498 4016 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

14:04:09.0499 4016 monitor - ok

14:04:09.0513 4016 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

14:04:09.0514 4016 mouclass - ok

14:04:09.0523 4016 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

14:04:09.0524 4016 mouhid - ok

14:04:09.0553 4016 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

14:04:09.0554 4016 mountmgr - ok

14:04:09.0573 4016 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys

14:04:09.0575 4016 mpio - ok

14:04:09.0587 4016 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

14:04:09.0588 4016 mpsdrv - ok

14:04:09.0618 4016 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll

14:04:09.0624 4016 MpsSvc - ok

14:04:09.0631 4016 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

14:04:09.0632 4016 MRxDAV - ok

14:04:09.0661 4016 [ B4C76EF46322A9711C7B0F4E21EF6EA5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

14:04:09.0662 4016 mrxsmb - ok

14:04:09.0674 4016 [ E593D45024A3FDD11E93CC4A6CA91101 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:04:09.0676 4016 mrxsmb10 - ok

14:04:09.0685 4016 [ A9F86C82C9CC3B679CC3957E1183A30F ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:04:09.0686 4016 mrxsmb20 - ok

14:04:09.0698 4016 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys

14:04:09.0699 4016 msahci - ok

14:04:09.0714 4016 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys

14:04:09.0715 4016 msdsm - ok

14:04:09.0730 4016 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe

14:04:09.0732 4016 MSDTC - ok

14:04:09.0761 4016 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys

14:04:09.0761 4016 Msfs - ok

14:04:09.0772 4016 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

14:04:09.0772 4016 mshidkmdf - ok

14:04:09.0781 4016 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys

14:04:09.0781 4016 msisadrv - ok

14:04:09.0807 4016 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

14:04:09.0809 4016 MSiSCSI - ok

14:04:09.0812 4016 msiserver - ok

14:04:09.0826 4016 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

14:04:09.0826 4016 MSKSSRV - ok

14:04:09.0844 4016 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

14:04:09.0844 4016 MSPCLOCK - ok

14:04:09.0849 4016 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

14:04:09.0850 4016 MSPQM - ok

14:04:09.0858 4016 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

14:04:09.0859 4016 MsRPC - ok

14:04:09.0867 4016 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

14:04:09.0868 4016 mssmbios - ok

14:04:09.0910 4016 MSSQL$SQLEXPRESS - ok

14:04:09.0958 4016 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

14:04:09.0960 4016 MSSQLServerADHelper100 - ok

14:04:09.0973 4016 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

14:04:09.0974 4016 MSTEE - ok

14:04:09.0994 4016 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

14:04:09.0995 4016 MTConfig - ok

14:04:10.0006 4016 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys

14:04:10.0007 4016 Mup - ok

14:04:10.0025 4016 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll

14:04:10.0029 4016 napagent - ok

14:04:10.0047 4016 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

14:04:10.0049 4016 NativeWifiP - ok

14:04:10.0070 4016 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys

14:04:10.0073 4016 NDIS - ok

14:04:10.0094 4016 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

14:04:10.0095 4016 NdisCap - ok

14:04:10.0104 4016 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

14:04:10.0104 4016 NdisTapi - ok

14:04:10.0117 4016 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

14:04:10.0118 4016 Ndisuio - ok

14:04:10.0125 4016 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

14:04:10.0126 4016 NdisWan - ok

14:04:10.0140 4016 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

14:04:10.0140 4016 NDProxy - ok

14:04:10.0148 4016 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

14:04:10.0149 4016 NetBIOS - ok

14:04:10.0160 4016 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

14:04:10.0161 4016 NetBT - ok

14:04:10.0175 4016 [ F42309C4191C506B71DB5D1126D26318 ] Netlogon C:\Windows\system32\lsass.exe

14:04:10.0177 4016 Netlogon - ok

14:04:10.0207 4016 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll

14:04:10.0220 4016 Netman - ok

14:04:10.0266 4016 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

14:04:10.0270 4016 NetMsmqActivator - ok

14:04:10.0283 4016 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

14:04:10.0287 4016 NetPipeActivator - ok

14:04:10.0305 4016 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll

14:04:10.0312 4016 netprofm - ok

14:04:10.0318 4016 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

14:04:10.0320 4016 NetTcpActivator - ok

14:04:10.0323 4016 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

14:04:10.0324 4016 NetTcpPortSharing - ok

14:04:10.0341 4016 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

14:04:10.0342 4016 nfrd960 - ok

14:04:10.0357 4016 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll

14:04:10.0360 4016 NlaSvc - ok

14:04:10.0395 4016 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys

14:04:10.0395 4016 nmwcd - ok

14:04:10.0410 4016 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys

14:04:10.0411 4016 nmwcdc - ok

14:04:10.0443 4016 [ 99B224F8026CB534724AA3C408561E45 ] nmwcdnsu C:\Windows\system32\drivers\nmwcdnsu.sys

14:04:10.0447 4016 nmwcdnsu - ok

14:04:10.0463 4016 [ D23257682D349A5E2E4507ED33DECC16 ] nmwcdnsuc C:\Windows\system32\drivers\nmwcdnsuc.sys

14:04:10.0465 4016 nmwcdnsuc - ok

14:04:10.0507 4016 [ 1ACF98D80E95ADD298832C7A8996B48C ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll

14:04:10.0509 4016 nosGetPlusHelper - ok

14:04:10.0528 4016 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys

14:04:10.0530 4016 Npfs - ok

14:04:10.0552 4016 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll

14:04:10.0561 4016 nsi - ok

14:04:10.0583 4016 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

14:04:10.0584 4016 nsiproxy - ok

14:04:10.0614 4016 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

14:04:10.0622 4016 Ntfs - ok

14:04:10.0639 4016 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys

14:04:10.0640 4016 Null - ok

14:04:10.0660 4016 [ CCE7C2B70D68A5314CBFDF91E84B248D ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys

14:04:10.0661 4016 nusb3hub - ok

14:04:10.0677 4016 [ 5A3EFB79D50726FF98D7B5D8CFF9634B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys

14:04:10.0679 4016 nusb3xhc - ok

14:04:10.0699 4016 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys

14:04:10.0701 4016 nvraid - ok

14:04:10.0710 4016 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys

14:04:10.0712 4016 nvstor - ok

14:04:10.0722 4016 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys

14:04:10.0724 4016 nv_agp - ok

14:04:10.0769 4016 [ FAEF7B156E073F0450C5087F57696F0B ] OAcat C:\Program Files\Online Armor\OAcat.exe

14:04:10.0772 4016 OAcat - ok

14:04:10.0804 4016 [ 1AB8FCF4EB6826EFD68EDF807EE914E6 ] OADevice C:\Windows\system32\drivers\OADriver.sys

14:04:10.0809 4016 OADevice - ok

14:04:10.0840 4016 [ 50A1C8922D0B487A7083490DBD50DAFC ] oahlpXX C:\Windows\system32\drivers\oahlp32.sys

14:04:10.0841 4016 oahlpXX - ok

14:04:10.0874 4016 [ 0246207F177B45A84C916D1BE0F295E9 ] OAmon C:\Windows\system32\drivers\OAmon.sys

14:04:10.0875 4016 OAmon - ok

14:04:10.0886 4016 [ 99627C1565E2DF494A41262B24038421 ] OAnet C:\Windows\system32\DRIVERS\oanet.sys

14:04:10.0887 4016 OAnet - ok

14:04:10.0901 4016 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

14:04:10.0902 4016 ohci1394 - ok

14:04:10.0927 4016 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

14:04:10.0933 4016 p2pimsvc - ok

14:04:10.0953 4016 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll

14:04:10.0959 4016 p2psvc - ok

14:04:10.0987 4016 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys

14:04:10.0989 4016 Parport - ok

14:04:11.0004 4016 [ FF4218952B51DE44FE910953A3E686B9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

14:04:11.0006 4016 partmgr - ok

14:04:11.0013 4016 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys

14:04:11.0014 4016 Parvdm - ok

14:04:11.0028 4016 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll

14:04:11.0033 4016 PcaSvc - ok

14:04:11.0075 4016 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys

14:04:11.0076 4016 pccsmcfd - ok

14:04:11.0088 4016 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys

14:04:11.0090 4016 pci - ok

14:04:11.0098 4016 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys

14:04:11.0099 4016 pciide - ok

14:04:11.0111 4016 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

14:04:11.0113 4016 pcmcia - ok

14:04:11.0124 4016 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys

14:04:11.0125 4016 pcw - ok

14:04:11.0172 4016 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys

14:04:11.0182 4016 PEAUTH - ok

14:04:11.0248 4016 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll

14:04:11.0262 4016 pla - ok

14:04:11.0291 4016 [ 2CC2008F1296968FBA162ED9F9AFE328 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

14:04:11.0299 4016 PlugPlay - ok

14:04:11.0334 4016 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe

14:04:11.0339 4016 PnkBstrA - ok

14:04:11.0349 4016 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

14:04:11.0353 4016 PNRPAutoReg - ok

14:04:11.0376 4016 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

14:04:11.0382 4016 PNRPsvc - ok

14:04:11.0412 4016 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

14:04:11.0417 4016 PolicyAgent - ok

14:04:11.0434 4016 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll

14:04:11.0440 4016 Power - ok

14:04:11.0458 4016 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

14:04:11.0460 4016 PptpMiniport - ok

14:04:11.0485 4016 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys

14:04:11.0486 4016 Processor - ok

14:04:11.0500 4016 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll

14:04:11.0505 4016 ProfSvc - ok

14:04:11.0514 4016 [ F42309C4191C506B71DB5D1126D26318 ] ProtectedStorage C:\Windows\system32\lsass.exe

14:04:11.0517 4016 ProtectedStorage - ok

14:04:11.0533 4016 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys

14:04:11.0534 4016 Psched - ok

14:04:11.0559 4016 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

14:04:11.0565 4016 ql2300 - ok

14:04:11.0575 4016 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

14:04:11.0576 4016 ql40xx - ok

14:04:11.0601 4016 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll

14:04:11.0604 4016 QWAVE - ok

14:04:11.0621 4016 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

14:04:11.0622 4016 QWAVEdrv - ok

14:04:11.0633 4016 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

14:04:11.0634 4016 RasAcd - ok

14:04:11.0660 4016 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

14:04:11.0662 4016 RasAgileVpn - ok

14:04:11.0680 4016 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll

14:04:11.0685 4016 RasAuto - ok

14:04:11.0705 4016 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

14:04:11.0707 4016 Rasl2tp - ok

14:04:11.0727 4016 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll

14:04:11.0733 4016 RasMan - ok

14:04:11.0750 4016 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

14:04:11.0752 4016 RasPppoe - ok

14:04:11.0761 4016 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

14:04:11.0762 4016 RasSstp - ok

14:04:11.0775 4016 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

14:04:11.0778 4016 rdbss - ok

14:04:11.0789 4016 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

14:04:11.0790 4016 rdpbus - ok

14:04:11.0799 4016 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

14:04:11.0800 4016 RDPCDD - ok

14:04:11.0833 4016 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

14:04:11.0834 4016 RDPENCDD - ok

14:04:11.0854 4016 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

14:04:11.0855 4016 RDPREFMP - ok

14:04:11.0870 4016 [ 801371BA9782282892D00AADB08EE367 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

14:04:11.0872 4016 RDPWD - ok

14:04:11.0891 4016 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

14:04:11.0893 4016 rdyboost - ok

14:04:11.0912 4016 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll

14:04:11.0916 4016 RemoteAccess - ok

14:04:11.0937 4016 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll

14:04:11.0942 4016 RemoteRegistry - ok

14:04:11.0955 4016 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

14:04:11.0960 4016 RpcEptMapper - ok

14:04:11.0974 4016 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe

14:04:11.0976 4016 RpcLocator - ok

14:04:11.0991 4016 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll

14:04:11.0995 4016 RpcSs - ok

14:04:12.0035 4016 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys

14:04:12.0041 4016 RsFx0103 - ok

14:04:12.0072 4016 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

14:04:12.0073 4016 rspndr - ok

14:04:12.0134 4016 [ 293A2A421FD8D064803D22A252B2DE97 ] RTCore32 C:\Program Files\MSI Afterburner\RTCore32.sys

14:04:12.0135 4016 RTCore32 - ok

14:04:12.0177 4016 [ 05C2613F661584190C752F6184D1C8EF ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys

14:04:12.0182 4016 RTL8167 - ok

14:04:12.0204 4016 [ F42309C4191C506B71DB5D1126D26318 ] SamSs C:\Windows\system32\lsass.exe

14:04:12.0211 4016 SamSs - ok

14:04:12.0232 4016 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys

14:04:12.0234 4016 sbp2port - ok

14:04:12.0261 4016 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll

14:04:12.0266 4016 SCardSvr - ok

14:04:12.0286 4016 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

14:04:12.0287 4016 scfilter - ok

14:04:12.0318 4016 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll

14:04:12.0327 4016 Schedule - ok

14:04:12.0347 4016 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll

14:04:12.0349 4016 SCPolicySvc - ok

14:04:12.0361 4016 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll

14:04:12.0367 4016 SDRSVC - ok

14:04:12.0390 4016 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

14:04:12.0391 4016 secdrv - ok

14:04:12.0409 4016 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll

14:04:12.0414 4016 seclogon - ok

14:04:12.0425 4016 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll

14:04:12.0428 4016 SENS - ok

14:04:12.0449 4016 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll

14:04:12.0452 4016 SensrSvc - ok

14:04:12.0479 4016 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

14:04:12.0479 4016 Serenum - ok

14:04:12.0501 4016 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys

14:04:12.0502 4016 Serial - ok

14:04:12.0515 4016 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

14:04:12.0516 4016 sermouse - ok

14:04:12.0566 4016 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

14:04:12.0577 4016 ServiceLayer - ok

14:04:12.0629 4016 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll

14:04:12.0634 4016 SessionEnv - ok

14:04:12.0657 4016 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys

14:04:12.0658 4016 sffdisk - ok

14:04:12.0666 4016 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys

14:04:12.0667 4016 sffp_mmc - ok

14:04:12.0674 4016 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys

14:04:12.0675 4016 sffp_sd - ok

14:04:12.0685 4016 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

14:04:12.0686 4016 sfloppy - ok

14:04:12.0701 4016 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll

14:04:12.0703 4016 SharedAccess - ok

14:04:12.0716 4016 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

14:04:12.0720 4016 ShellHWDetection - ok

14:04:12.0731 4016 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys

14:04:12.0732 4016 sisagp - ok

14:04:12.0750 4016 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

14:04:12.0751 4016 SiSRaid2 - ok

14:04:12.0759 4016 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

14:04:12.0760 4016 SiSRaid4 - ok

14:04:12.0783 4016 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys

14:04:12.0784 4016 Smb - ok

14:04:12.0809 4016 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

14:04:12.0812 4016 SNMPTRAP - ok

14:04:12.0844 4016 [ 3FA2E254BFBCE52B3C6F1BF23AAB6911 ] speedfan C:\Windows\system32\speedfan.sys

14:04:12.0847 4016 speedfan - ok

14:04:12.0859 4016 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys

14:04:12.0860 4016 spldr - ok

14:04:12.0884 4016 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe

14:04:12.0888 4016 Spooler - ok

14:04:12.0991 4016 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe

14:04:13.0016 4016 sppsvc - ok

14:04:13.0029 4016 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll

14:04:13.0032 4016 sppuinotify - ok

14:04:13.0072 4016 [ 0022CFFF1A41E5CE3A764050A7DDF22A ] sptd C:\Windows\System32\Drivers\sptd.sys

14:04:13.0074 4016 sptd - ok

14:04:13.0113 4016 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

14:04:13.0119 4016 SQLAgent$SQLEXPRESS - ok

14:04:13.0192 4016 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

14:04:13.0196 4016 SQLBrowser - ok

14:04:13.0231 4016 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

14:04:13.0234 4016 SQLWriter - ok

14:04:13.0273 4016 [ 4A9B0F215DE2519E2363F91DF25C1E97 ] srv C:\Windows\system32\DRIVERS\srv.sys

14:04:13.0276 4016 srv - ok

14:04:13.0290 4016 [ 14C44875518AE1C982E54EA8C5F7FE28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

14:04:13.0293 4016 srv2 - ok

14:04:13.0309 4016 [ 07A14223B0A50E76ADE003FDF95D4FEC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

14:04:13.0311 4016 srvnet - ok

14:04:13.0337 4016 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

14:04:13.0341 4016 SSDPSRV - ok

14:04:13.0355 4016 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll

14:04:13.0358 4016 SstpSvc - ok

14:04:13.0391 4016 Steam Client Service - ok

14:04:13.0416 4016 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

14:04:13.0418 4016 stexstor - ok

14:04:13.0463 4016 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll

14:04:13.0483 4016 StiSvc - ok

14:04:13.0628 4016 [ 578A7D52C4F7CA65E109B4E7C7AC5CB3 ] SvcOnlineArmor C:\Program Files\Online Armor\oasrv.exe

14:04:13.0651 4016 SvcOnlineArmor - ok

14:04:13.0663 4016 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

14:04:13.0664 4016 swenum - ok

14:04:13.0677 4016 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll

14:04:13.0681 4016 swprv - ok

14:04:13.0701 4016 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll

14:04:13.0708 4016 SysMain - ok

14:04:13.0726 4016 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll

14:04:13.0729 4016 TabletInputService - ok

14:04:13.0770 4016 [ B7AEE68D2E867CBF69B649B18FCEDBBB ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys

14:04:13.0772 4016 tap0901t - ok

14:04:13.0801 4016 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll

14:04:13.0808 4016 TapiSrv - ok

14:04:13.0823 4016 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll

14:04:13.0828 4016 TBS - ok

14:04:13.0855 4016 [ BB7F39C31C4A4417FD318E7CD184E225 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

14:04:13.0860 4016 Tcpip - ok

14:04:13.0896 4016 [ BB7F39C31C4A4417FD318E7CD184E225 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

14:04:13.0902 4016 TCPIP6 - ok

14:04:13.0920 4016 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

14:04:13.0921 4016 tcpipreg - ok

14:04:13.0939 4016 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

14:04:13.0940 4016 TDPIPE - ok

14:04:13.0953 4016 [ 7551E91EA999EE9A8E9C331D5A9C31F3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

14:04:13.0954 4016 TDTCP - ok

14:04:13.0968 4016 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

14:04:13.0969 4016 tdx - ok

14:04:13.0979 4016 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

14:04:13.0979 4016 TermDD - ok

14:04:14.0020 4016 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll

14:04:14.0025 4016 TermService - ok

14:04:14.0039 4016 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll

14:04:14.0042 4016 Themes - ok

14:04:14.0051 4016 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll

14:04:14.0053 4016 THREADORDER - ok

14:04:14.0058 4016 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll

14:04:14.0062 4016 TrkWks - ok

14:04:14.0090 4016 [ C11362058918CD38C8B8D3E265DA80F5 ] TrueSight C:\Windows\system32\drivers\TrueSight.sys

14:04:14.0090 4016 TrueSight - ok

14:04:14.0136 4016 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

14:04:14.0140 4016 TrustedInstaller - ok

14:04:14.0184 4016 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

14:04:14.0187 4016 tssecsrv - ok

14:04:14.0235 4016 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

14:04:14.0239 4016 tunnel - ok

14:04:14.0326 4016 [ 3DB1CE045A552161EF7252988752C65F ] TunngleService C:\Program Files\Tunngle\TnglCtrl.exe

14:04:14.0337 4016 TunngleService - ok

14:04:14.0359 4016 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

14:04:14.0361 4016 uagp35 - ok

14:04:14.0377 4016 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys

14:04:14.0379 4016 udfs - ok

14:04:14.0421 4016 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

14:04:14.0425 4016 UI0Detect - ok

14:04:14.0453 4016 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys

14:04:14.0456 4016 uliagpkx - ok

14:04:14.0482 4016 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys

14:04:14.0483 4016 umbus - ok

14:04:14.0503 4016 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

14:04:14.0505 4016 UmPass - ok

14:04:14.0520 4016 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll

14:04:14.0527 4016 upnphost - ok

14:04:14.0570 4016 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys

14:04:14.0572 4016 upperdev - ok

14:04:14.0622 4016 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys

14:04:14.0625 4016 USBAAPL - ok

14:04:14.0644 4016 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

14:04:14.0645 4016 usbccgp - ok

14:04:14.0656 4016 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys

14:04:14.0658 4016 usbcir - ok

14:04:14.0682 4016 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

14:04:14.0683 4016 usbehci - ok

14:04:14.0706 4016 [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

14:04:14.0711 4016 usbhub - ok

14:04:14.0734 4016 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

14:04:14.0735 4016 usbohci - ok

14:04:14.0761 4016 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

14:04:14.0762 4016 usbprint - ok

14:04:14.0791 4016 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

14:04:14.0793 4016 usbscan - ok

14:04:14.0810 4016 [ 88701ECA76145E2C011C0EEFF0F7B70E ] usbser C:\Windows\system32\drivers\usbser.sys

14:04:14.0812 4016 usbser - ok

14:04:14.0822 4016 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys

14:04:14.0823 4016 UsbserFilt - ok

14:04:14.0841 4016 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:04:14.0843 4016 USBSTOR - ok

14:04:14.0858 4016 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

14:04:14.0859 4016 usbuhci - ok

14:04:14.0883 4016 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll

14:04:14.0889 4016 UxSms - ok

14:04:14.0906 4016 [ F42309C4191C506B71DB5D1126D26318 ] VaultSvc C:\Windows\system32\lsass.exe

14:04:14.0910 4016 VaultSvc - ok

14:04:14.0929 4016 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys

14:04:14.0930 4016 vdrvroot - ok

14:04:14.0955 4016 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe

14:04:14.0964 4016 vds - ok

14:04:14.0979 4016 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

14:04:14.0980 4016 vga - ok

14:04:14.0997 4016 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys

14:04:14.0998 4016 VgaSave - ok

14:04:15.0019 4016 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys

14:04:15.0021 4016 vhdmp - ok

14:04:15.0043 4016 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys

14:04:15.0044 4016 viaagp - ok

14:04:15.0059 4016 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys

14:04:15.0060 4016 ViaC7 - ok

14:04:15.0074 4016 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys

14:04:15.0075 4016 viaide - ok

14:04:15.0106 4016 [ C01604EAEA9C89035CFF58CDB322476C ] vmm C:\Windows\system32\Drivers\vmm.sys

14:04:15.0109 4016 vmm - ok

14:04:15.0125 4016 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys

14:04:15.0126 4016 volmgr - ok

14:04:15.0144 4016 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

14:04:15.0147 4016 volmgrx - ok

14:04:15.0161 4016 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys

14:04:15.0163 4016 volsnap - ok

14:04:15.0187 4016 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

14:04:15.0189 4016 vsmraid - ok

14:04:15.0220 4016 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe

14:04:15.0232 4016 VSS - ok

14:04:15.0247 4016 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

14:04:15.0247 4016 vwifibus - ok

14:04:15.0263 4016 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll

14:04:15.0268 4016 W32Time - ok

14:04:15.0283 4016 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

14:04:15.0284 4016 WacomPen - ok

14:04:15.0303 4016 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

14:04:15.0304 4016 WANARP - ok

14:04:15.0309 4016 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

14:04:15.0310 4016 Wanarpv6 - ok

14:04:15.0342 4016 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe

14:04:15.0350 4016 wbengine - ok

14:04:15.0369 4016 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

14:04:15.0373 4016 WbioSrvc - ok

14:04:15.0394 4016 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll

14:04:15.0398 4016 wcncsvc - ok

14:04:15.0413 4016 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

14:04:15.0416 4016 WcsPlugInService - ok

14:04:15.0436 4016 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys

14:04:15.0437 4016 Wd - ok

14:04:15.0445 4016 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

14:04:15.0448 4016 Wdf01000 - ok

14:04:15.0462 4016 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll

14:04:15.0466 4016 WdiServiceHost - ok

14:04:15.0471 4016 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll

14:04:15.0475 4016 WdiSystemHost - ok

14:04:15.0493 4016 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll

14:04:15.0497 4016 WebClient - ok

14:04:15.0508 4016 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll

14:04:15.0512 4016 Wecsvc - ok

14:04:15.0558 4016 [ A8E0E75F8411EE0FCE92F2CE65BDEEEC ] WeGameClientService C:\Program Files\WeGame\WGClientService.exe

14:04:15.0558 4016 WeGameClientService - ok

14:04:15.0578 4016 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll

14:04:15.0592 4016 wercplsupport - ok

14:04:15.0630 4016 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll

14:04:15.0644 4016 WerSvc - ok

14:04:15.0672 4016 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

14:04:15.0673 4016 WfpLwf - ok

14:04:15.0687 4016 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys

14:04:15.0688 4016 WIMMount - ok

14:04:15.0734 4016 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

14:04:15.0739 4016 WinDefend - ok

14:04:15.0756 4016 WinHttpAutoProxySvc - ok

14:04:15.0797 4016 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

14:04:15.0798 4016 Winmgmt - ok

14:04:15.0832 4016 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll

14:04:15.0840 4016 WinRM - ok

14:04:15.0878 4016 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

14:04:15.0879 4016 WinUsb - ok

14:04:15.0908 4016 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll

14:04:15.0914 4016 Wlansvc - ok

14:04:15.0995 4016 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

14:04:16.0017 4016 wlidsvc - ok

14:04:16.0045 4016 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

14:04:16.0046 4016 WmiAcpi - ok

14:04:16.0071 4016 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

14:04:16.0072 4016 wmiApSrv - ok

14:04:16.0101 4016 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

14:04:16.0107 4016 WMPNetworkSvc - ok

14:04:16.0122 4016 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll

14:04:16.0127 4016 WPCSvc - ok

14:04:16.0139 4016 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

14:04:16.0144 4016 WPDBusEnum - ok

14:04:16.0158 4016 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

14:04:16.0159 4016 ws2ifsl - ok

14:04:16.0168 4016 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll

14:04:16.0173 4016 wscsvc - ok

14:04:16.0178 4016 WSearch - ok

14:04:16.0218 4016 [ A33408CC036F9C08142B11BE5E93F0A1 ] wuauserv C:\Windows\system32\wuaueng.dll

14:04:16.0229 4016 wuauserv - ok

14:04:16.0246 4016 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

14:04:16.0247 4016 WudfPf - ok

14:04:16.0270 4016 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

14:04:16.0271 4016 WUDFRd - ok

14:04:16.0295 4016 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

14:04:16.0299 4016 wudfsvc - ok

14:04:16.0312 4016 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll

14:04:16.0317 4016 WwanSvc - ok

14:04:16.0334 4016 ================ Scan global ===============================

14:04:16.0351 4016 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll

14:04:16.0385 4016 [ 827E4F75901CA3F990B1487D3301841E ] C:\Windows\system32\winsrv.dll

14:04:16.0408 4016 [ 827E4F75901CA3F990B1487D3301841E ] C:\Windows\system32\winsrv.dll

14:04:16.0422 4016 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll

14:04:16.0436 4016 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe

14:04:16.0441 4016 [Global] - ok

14:04:16.0442 4016 ================ Scan MBR ==================================

14:04:16.0451 4016 [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk0\DR0

14:04:16.0513 4016 \Device\Harddisk0\DR0 - ok

14:04:16.0514 4016 ================ Scan VBR ==================================

14:04:16.0519 4016 [ 1C6AFA1AEC7DD6E39A28E49D5B931F61 ] \Device\Harddisk0\DR0\Partition1

14:04:16.0522 4016 \Device\Harddisk0\DR0\Partition1 - ok

14:04:16.0544 4016 [ 774494CBC9403C59A0F76279E9A2D3CD ] \Device\Harddisk0\DR0\Partition2

14:04:16.0547 4016 \Device\Harddisk0\DR0\Partition2 - ok

14:04:16.0575 4016 [ DCF3BC6FA9B4F994583593ADFBCFF96A ] \Device\Harddisk0\DR0\Partition3

14:04:16.0577 4016 \Device\Harddisk0\DR0\Partition3 - ok

14:04:16.0578 4016 ============================================================

14:04:16.0578 4016 Scan finished

14:04:16.0578 4016 ============================================================

14:04:16.0602 3088 Detected object count: 0

14:04:16.0602 3088 Actual detected object count: 0

RogueKiller V8.1.0 [09/28/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo...13-roguekiller/

Website: http://tigzy.geeksto...roguekiller.php

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version

Started in : Normal mode

User : Alocrius [Admin rights]

Mode : Scan -- Date : 10/01/2012 14:01:26

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3500418AS ATA Device +++++

--- User ---

[MBR] ad685740b297396429da22bff9745dd7

[bSP] 68cdf50ccd1144a0725df9aadb2b6408 : Linux MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 100000 Mo

1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204800461 | Size: 376938 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

If there are external drives attached, please disconnect them.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.


Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

Step 2

Download Dr.Web CureIt to the desktop.

  • Turn OFF your antivirus program.
    How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Doubleclick the drweb-cureit.exe file, then on Start and allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, chose the Complete Scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow drweb.jpg at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look and see if you can click the following icon next to the files found:
    check.gif
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    move.gif
  • This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.

NOTE: During the scan, a pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

Re-Enable your antivirus program when all done.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.