Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Started with Live Security Platinum and now can't run Firewall or


  • This topic is locked This topic is locked

#1
thirstyscholar

thirstyscholar

    Member

  • Member
  • PipPip
  • 15 posts
Last Wednesday(8/8) around 8:45am I went to the DigiMind website and my AVG anti-virus started displaying a number of alerts. I backed out of the page, but not without acquiring what appear to be several infections. I was able to reboot and UAC prompted about Windows Live Security Platinum and once I denied permission I was able to download and run a number of anti-malware tools including Adaware, Spybot S&D, Emsisoft, and several others. Some did find some infections and quarantined and deleted them. I no longer see the pop-ups related to Windows Live Security Platinum.

Eventually they were all finding no additional infections, but I am still not able to get the Firewall to start or turn on Windows Security Center. I also could only run Ad-aware from a different profile on my Win 7 machine, and not the profile I was using when I visited the DigiMind site. I ran RogueKiller which identified a number of files and a ZeroAccess infection- I deleted the checked items and I can now run Ad-aware, but still not start Firewall or Windows Security. I have also noticed 7 or 8 or so instances of wmpnscfg.exe in Task Manager. I'm attaching an OTL log from a fresh run and I am happy to attach logs from my previous flailing attempts at cleaning up the problems. I believe I was able to delete InfDSTAT64.dll from Safe mode with console, but that hasn't resolved problems starting Firewall and Windows Security Center.

Thanks in advance for your expertise as your assistance is sorely needed!

Attached Files

  • Attached File  OTL.Txt   95.52KB   41 downloads

  • 0

Advertisements


#2
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hello thirstyscholar and welcome to GeeksToGo :)

My nickname is WhiteHat and I'm going to help you fix your problem.

  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • Please do not try to fix anything without being asked
  • I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread.
  • Do not put your logs inside <Quote> and/or <Code> *important*
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • Lastly, Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. Some infections are so severe that we might encounter situations where the only recourse is to re-format and re-install your operating system. Don't worry, this only happens in severe cases, but, sadly, it does happen.
    In light of this be prepared to back up your data. Have means of backing up your data available.
In order to be notified when your topic has been replied to:

Click My Settings at the top of the page. An Option page will open. In the left hand column click Notification Options. On the new page that opens under the Notification Preferences section click Watch every topic I reply to and set the notification type to Immediate Notification.

# Step 1 #
Can you post the logs generated by RogueKiller?

# Step 2 #
Please download Farbar Service Scanner and run it on the computer.
Posted Image
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


  • 0

#3
thirstyscholar

thirstyscholar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thanks! Here are two logs from RogueKiller and I will proceed to your step 2:
RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode
User: Matt [Admin rights]
Mode: Scan -- Date: 08/12/2012 09:23:20

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 7 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : mspa_isv (rundll32 "C:\windows\InfDSTAT.dll",CreateProcessNotify) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-2806936779-1468336107-667646960-1001[...]\Run : mspa_isv (rundll32 "C:\windows\InfDSTAT.dll",CreateProcessNotify) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\Matt\AppData\Local\{ebc55e85-ebf2-32de-9a60-5540b335e155}\n.) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : c:\windows\installer\{ebc55e85-ebf2-32de-9a60-5540b335e155}\@ --> FOUND
[ZeroAccess][FOLDER] U : c:\windows\installer\{ebc55e85-ebf2-32de-9a60-5540b335e155}\U --> FOUND
[ZeroAccess][FOLDER] L : c:\windows\installer\{ebc55e85-ebf2-32de-9a60-5540b335e155}\L --> FOUND
[ZeroAccess][FILE] @ : c:\users\matt\appdata\local\{ebc55e85-ebf2-32de-9a60-5540b335e155}\@ --> FOUND
[ZeroAccess][FOLDER] U : c:\users\matt\appdata\local\{ebc55e85-ebf2-32de-9a60-5540b335e155}\U --> FOUND
[ZeroAccess][FOLDER] L : c:\users\matt\appdata\local\{ebc55e85-ebf2-32de-9a60-5540b335e155}\L --> FOUND

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD10 EADX-22TDHB0 SCSI Disk Device +++++
--- User ---
[MBR] 84a795cb373487b10dd94247c8b2d743
[BSP] eba7dae07865edc82815f9e99a99ea95 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 36866048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 37070848 | Size: 935767 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode
User: Matt [Admin rights]
Mode: Remove -- Date: 08/12/2012 11:04:36

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 6 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : mspa_isv (rundll32 "C:\windows\InfDSTAT.dll",CreateProcessNotify) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\Matt\AppData\Local\{ebc55e85-ebf2-32de-9a60-5540b335e155}\n.) -> REPLACED (c:\windows\system32\shell32.dll)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : c:\windows\installer\{ebc55e85-ebf2-32de-9a60-5540b335e155}\@ --> REMOVED
[ZeroAccess][FOLDER] U : c:\windows\installer\{ebc55e85-ebf2-32de-9a60-5540b335e155}\U --> REMOVED
[ZeroAccess][FOLDER] L : c:\windows\installer\{ebc55e85-ebf2-32de-9a60-5540b335e155}\L --> REMOVED
[ZeroAccess][FILE] @ : c:\users\matt\appdata\local\{ebc55e85-ebf2-32de-9a60-5540b335e155}\@ --> REMOVED
[ZeroAccess][FOLDER] U : c:\users\matt\appdata\local\{ebc55e85-ebf2-32de-9a60-5540b335e155}\U --> REMOVED
[ZeroAccess][FOLDER] L : c:\users\matt\appdata\local\{ebc55e85-ebf2-32de-9a60-5540b335e155}\L --> REMOVED

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD10 EADX-22TDHB0 SCSI Disk Device +++++
--- User ---
[MBR] 84a795cb373487b10dd94247c8b2d743
[BSP] eba7dae07865edc82815f9e99a99ea95 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 36866048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 37070848 | Size: 935767 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
  • 0

#4
thirstyscholar

thirstyscholar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
And this is the Farbar log (FSS.txt):

Farbar Service Scanner Version: 06-08-2012
Ran by Matt (administrator) on 12-08-2012 at 18:43:23
Running from "C:\Users\Matt\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#5
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi,

Download the attached below and run.
Attached File  BITS.reg   6.14KB   37 downloads
Attached File  wuauserv.reg   6.03KB   34 downloads
Attached File  wscsvc.reg   5.13KB   35 downloads
Attached File  SharedAccess.reg   354.38KB   37 downloads
Attached File  MpsSvc.reg   6.25KB   41 downloads

Restart your computer. (It's important you restart the computer.)

NEXT

Please reopen Posted Image on your desktop.
  • Under the Posted Image box at the bottom, paste in the following

    Net Stop MpsSvc /c
    Net Start MpsSvc /c
    Net Stop wscsvc /c
    Net Start wscsvc /c
    Net Stop wuauserv /c
    Net Start wuauserv /c
    Net Stop BITS /c
    Net Start BITS /c
    Net Stop SharedAccess /c
    Net Start SharedAccess /c
    
    :Commands
    [CREATERESTOREPOINT]
    [REBOOT]
  • Then click the Posted Image button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

NEXT

Run Farbar Service Scanner again and post the log.
  • 0

#6
thirstyscholar

thirstyscholar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thanks. Here's the OTL log, I'll run Farbar Service Scanner again now:

Error: Unable to interpret <Net Stop MpsSvc /c> in the current context!
Error: Unable to interpret <Net Start MpsSvc /c> in the current context!
Error: Unable to interpret <Net Stop wscsvc /c> in the current context!
Error: Unable to interpret <Net Start wscsvc /c> in the current context!
Error: Unable to interpret <Net Stop wuauserv /c> in the current context!
Error: Unable to interpret <Net Start wuauserv /c> in the current context!
Error: Unable to interpret <Net Stop BITS /c> in the current context!
Error: Unable to interpret <Net Start BITS /c> in the current context!
Error: Unable to interpret <Net Stop SharedAccess /c> in the current context!
Error: Unable to interpret <Net Start SharedAccess /c> in the current context!
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.56.0 log created on 08122012_210651
  • 0

#7
thirstyscholar

thirstyscholar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
And here are the results of the second run of Farbar:

Farbar Service Scanner Version: 06-08-2012
Ran by Matt (administrator) on 12-08-2012 at 21:16:04
Running from "C:\Users\Matt\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#8
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Please reopen Posted Image on your desktop.
  • Under the Posted Image box at the bottom, paste in the following

    :Files
    Net Stop MpsSvc /c
    Net Start MpsSvc /c
    
    :Commands
    [CREATERESTOREPOINT]
    [REBOOT]
  • Then click the Posted Image button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

  • 0

#9
thirstyscholar

thirstyscholar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thanks, ran OTL again and here's the log:

========== FILES ==========
< Net Stop MpsSvc /c >
C:\Users\Matt\Documents\cmd.bat deleted successfully.
C:\Users\Matt\Documents\cmd.txt deleted successfully.
< Net Start MpsSvc /c >
The Windows Firewall service is starting.
C:\Users\Matt\Documents\cmd.bat deleted successfully.
C:\Users\Matt\Documents\cmd.txt deleted successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.56.0 log created on 08122012_221044
  • 0

#10
thirstyscholar

thirstyscholar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thanks for all your help today. I'm off to sleep and I'll check in tomorrow morning.

Edited by thirstyscholar, 13 August 2012 - 04:57 AM.

  • 0

Advertisements


#11
thirstyscholar

thirstyscholar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
OK, I'm back.
  • 0

#12
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi,

# Step 1 #
Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Skip is selected, then click Continue => Reboot now to finish the cleaning process. We only want the log.

    Posted Image
  • Note: We only want the log. Don't delete nothing.
  • Get the report by selecting Reports

    Posted Image
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

# Step 2 #
Run Farbar Service Scanner again and post the log (FSS.txt)
  • 0

#13
thirstyscholar

thirstyscholar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thanks WhiteHat

TDSSKiller log:

14:03:35.0227 5040 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
14:03:35.0505 5040 ============================================================
14:03:35.0505 5040 Current date / time: 2012/08/13 14:03:35.0505
14:03:35.0505 5040 SystemInfo:
14:03:35.0505 5040
14:03:35.0505 5040 OS Version: 6.1.7601 ServicePack: 1.0
14:03:35.0505 5040 Product type: Workstation
14:03:35.0506 5040 ComputerName: BRATT
14:03:35.0506 5040 UserName: Matt
14:03:35.0506 5040 Windows directory: C:\windows
14:03:35.0506 5040 System windows directory: C:\windows
14:03:35.0506 5040 Running under WOW64
14:03:35.0506 5040 Processor architecture: Intel x64
14:03:35.0506 5040 Number of processors: 4
14:03:35.0506 5040 Page size: 0x1000
14:03:35.0506 5040 Boot type: Normal boot
14:03:35.0506 5040 ============================================================
14:03:37.0403 5040 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:03:37.0411 5040 ============================================================
14:03:37.0411 5040 \Device\Harddisk0\DR0:
14:03:37.0411 5040 MBR partitions:
14:03:37.0411 5040 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2328800, BlocksNum 0x32000
14:03:37.0412 5040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x235A800, BlocksNum 0x723AB800
14:03:37.0412 5040 ============================================================
14:03:37.0437 5040 C: <-> \Device\Harddisk0\DR0\Partition1
14:03:37.0437 5040 ============================================================
14:03:37.0437 5040 Initialize success
14:03:37.0437 5040 ============================================================
14:04:09.0876 2448 ============================================================
14:04:09.0876 2448 Scan started
14:04:09.0876 2448 Mode: Manual; SigCheck; TDLFS;
14:04:09.0876 2448 ============================================================
14:04:11.0001 2448 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
14:04:11.0185 2448 1394ohci - ok
14:04:11.0257 2448 a2acc (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
14:04:11.0321 2448 a2acc - ok
14:04:11.0505 2448 a2AntiMalware (0d050186cf421131b43d00024bd9b8bb) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
14:04:11.0556 2448 a2AntiMalware - ok
14:04:11.0562 2448 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
14:04:11.0573 2448 A2DDA - ok
14:04:11.0682 2448 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
14:04:11.0727 2448 ACPI - ok
14:04:11.0745 2448 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
14:04:11.0789 2448 AcpiPmi - ok
14:04:11.0887 2448 Ad-Aware Service (af9658974154c3b6a333d86dc2e0aac8) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
14:04:11.0914 2448 Ad-Aware Service - ok
14:04:12.0001 2448 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:04:12.0028 2448 AdobeARMservice - ok
14:04:12.0188 2448 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:04:12.0208 2448 AdobeFlashPlayerUpdateSvc - ok
14:04:12.0334 2448 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
14:04:12.0365 2448 adp94xx - ok
14:04:12.0398 2448 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
14:04:12.0423 2448 adpahci - ok
14:04:12.0439 2448 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
14:04:12.0455 2448 adpu320 - ok
14:04:12.0486 2448 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
14:04:12.0643 2448 AeLookupSvc - ok
14:04:12.0726 2448 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
14:04:12.0800 2448 AFD - ok
14:04:12.0822 2448 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
14:04:12.0840 2448 agp440 - ok
14:04:12.0854 2448 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
14:04:12.0895 2448 ALG - ok
14:04:12.0899 2448 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
14:04:12.0916 2448 aliide - ok
14:04:12.0921 2448 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
14:04:12.0938 2448 amdide - ok
14:04:12.0945 2448 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
14:04:12.0962 2448 AmdK8 - ok
14:04:12.0979 2448 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
14:04:12.0994 2448 AmdPPM - ok
14:04:13.0022 2448 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
14:04:13.0035 2448 amdsata - ok
14:04:13.0058 2448 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
14:04:13.0075 2448 amdsbs - ok
14:04:13.0104 2448 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
14:04:13.0115 2448 amdxata - ok
14:04:13.0134 2448 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
14:04:13.0281 2448 AppID - ok
14:04:13.0300 2448 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
14:04:13.0346 2448 AppIDSvc - ok
14:04:13.0374 2448 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
14:04:13.0412 2448 Appinfo - ok
14:04:13.0500 2448 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:04:13.0528 2448 Apple Mobile Device - ok
14:04:13.0543 2448 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
14:04:13.0562 2448 arc - ok
14:04:13.0571 2448 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
14:04:13.0591 2448 arcsas - ok
14:04:13.0645 2448 aspnet_state - ok
14:04:13.0675 2448 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
14:04:13.0715 2448 AsyncMac - ok
14:04:13.0743 2448 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
14:04:13.0754 2448 atapi - ok
14:04:13.0827 2448 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:04:13.0861 2448 AudioEndpointBuilder - ok
14:04:13.0867 2448 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:04:13.0901 2448 AudioSrv - ok
14:04:13.0921 2448 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys
14:04:13.0931 2448 AVGIDSHA - ok
14:04:13.0954 2448 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
14:04:13.0967 2448 Avgldx64 - ok
14:04:13.0972 2448 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
14:04:13.0982 2448 Avgmfx64 - ok
14:04:14.0017 2448 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
14:04:14.0027 2448 Avgrkx64 - ok
14:04:14.0077 2448 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys
14:04:14.0123 2448 Avgtdia - ok
14:04:14.0202 2448 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
14:04:14.0238 2448 avgwd - ok
14:04:14.0263 2448 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
14:04:14.0341 2448 AxInstSV - ok
14:04:14.0383 2448 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
14:04:14.0427 2448 b06bdrv - ok
14:04:14.0481 2448 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
14:04:14.0506 2448 b57nd60a - ok
14:04:14.0595 2448 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
14:04:14.0621 2448 BBSvc - ok
14:04:14.0667 2448 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
14:04:14.0722 2448 BDESVC - ok
14:04:14.0737 2448 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
14:04:14.0781 2448 Beep - ok
14:04:14.0853 2448 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
14:04:14.0966 2448 BFE - ok
14:04:15.0073 2448 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
14:04:15.0130 2448 BITS - ok
14:04:15.0167 2448 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\drivers\blbdrive.sys
14:04:15.0180 2448 blbdrive - ok
14:04:15.0286 2448 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
14:04:15.0327 2448 Bonjour Service - ok
14:04:15.0369 2448 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
14:04:15.0390 2448 bowser - ok
14:04:15.0403 2448 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
14:04:15.0421 2448 BrFiltLo - ok
14:04:15.0425 2448 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
14:04:15.0443 2448 BrFiltUp - ok
14:04:15.0459 2448 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
14:04:15.0489 2448 Browser - ok
14:04:15.0507 2448 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
14:04:15.0540 2448 Brserid - ok
14:04:15.0546 2448 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
14:04:15.0564 2448 BrSerWdm - ok
14:04:15.0567 2448 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
14:04:15.0583 2448 BrUsbMdm - ok
14:04:15.0587 2448 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
14:04:15.0601 2448 BrUsbSer - ok
14:04:15.0608 2448 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
14:04:15.0624 2448 BTHMODEM - ok
14:04:15.0647 2448 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
14:04:15.0679 2448 bthserv - ok
14:04:15.0697 2448 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
14:04:15.0729 2448 cdfs - ok
14:04:15.0761 2448 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
14:04:15.0777 2448 cdrom - ok
14:04:15.0797 2448 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:04:15.0827 2448 CertPropSvc - ok
14:04:15.0840 2448 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
14:04:15.0856 2448 circlass - ok
14:04:15.0894 2448 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
14:04:15.0909 2448 CLFS - ok
14:04:15.0975 2448 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:04:16.0015 2448 clr_optimization_v2.0.50727_32 - ok
14:04:16.0051 2448 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:04:16.0068 2448 clr_optimization_v2.0.50727_64 - ok
14:04:16.0148 2448 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:04:16.0230 2448 clr_optimization_v4.0.30319_32 - ok
14:04:16.0271 2448 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:04:16.0291 2448 clr_optimization_v4.0.30319_64 - ok
14:04:16.0319 2448 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\drivers\CmBatt.sys
14:04:16.0339 2448 CmBatt - ok
14:04:16.0343 2448 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
14:04:16.0360 2448 cmdide - ok
14:04:16.0419 2448 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
14:04:16.0451 2448 CNG - ok
14:04:16.0466 2448 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
14:04:16.0484 2448 Compbatt - ok
14:04:16.0507 2448 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
14:04:16.0531 2448 CompositeBus - ok
14:04:16.0544 2448 COMSysApp - ok
14:04:16.0551 2448 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
14:04:16.0568 2448 crcdisk - ok
14:04:16.0617 2448 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
14:04:16.0651 2448 CryptSvc - ok
14:04:16.0705 2448 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:04:16.0746 2448 DcomLaunch - ok
14:04:16.0797 2448 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
14:04:16.0833 2448 defragsvc - ok
14:04:16.0850 2448 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
14:04:16.0883 2448 DfsC - ok
14:04:16.0919 2448 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
14:04:16.0952 2448 Dhcp - ok
14:04:16.0970 2448 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
14:04:17.0001 2448 discache - ok
14:04:17.0013 2448 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
14:04:17.0025 2448 Disk - ok
14:04:17.0064 2448 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
14:04:17.0086 2448 Dnscache - ok
14:04:17.0120 2448 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
14:04:17.0155 2448 dot3svc - ok
14:04:17.0177 2448 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
14:04:17.0209 2448 DPS - ok
14:04:17.0225 2448 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
14:04:17.0241 2448 drmkaud - ok
14:04:17.0289 2448 dsNcAdpt (3eef0b3489edbf725564e17c77cabafd) C:\windows\system32\DRIVERS\dsNcAdpt.sys
14:04:17.0708 2448 dsNcAdpt - ok
14:04:17.0835 2448 dsNcService (a6b5ecf684769a99d96175f9d1e1337c) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
14:04:17.0875 2448 dsNcService - ok
14:04:17.0942 2448 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
14:04:17.0964 2448 DXGKrnl - ok
14:04:17.0977 2448 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
14:04:18.0008 2448 EapHost - ok
14:04:18.0230 2448 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
14:04:18.0311 2448 ebdrv - ok
14:04:18.0436 2448 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
14:04:18.0490 2448 EFS - ok
14:04:18.0561 2448 EgisTec Ticket Service (03e6888da1a85acf14ac2a3c328a9e62) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
14:04:18.0605 2448 EgisTec Ticket Service - ok
14:04:18.0694 2448 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
14:04:18.0753 2448 ehRecvr - ok
14:04:18.0778 2448 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
14:04:18.0800 2448 ehSched - ok
14:04:18.0857 2448 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
14:04:18.0897 2448 elxstor - ok
14:04:18.0901 2448 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
14:04:18.0920 2448 ErrDev - ok
14:04:18.0964 2448 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
14:04:18.0997 2448 EventSystem - ok
14:04:19.0036 2448 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
14:04:19.0070 2448 exfat - ok
14:04:19.0100 2448 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
14:04:19.0133 2448 fastfat - ok
14:04:19.0192 2448 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
14:04:19.0219 2448 Fax - ok
14:04:19.0224 2448 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
14:04:19.0240 2448 fdc - ok
14:04:19.0264 2448 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
14:04:19.0294 2448 fdPHost - ok
14:04:19.0305 2448 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
14:04:19.0336 2448 FDResPub - ok
14:04:19.0352 2448 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
14:04:19.0364 2448 FileInfo - ok
14:04:19.0379 2448 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
14:04:19.0411 2448 Filetrace - ok
14:04:19.0415 2448 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
14:04:19.0430 2448 flpydisk - ok
14:04:19.0466 2448 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
14:04:19.0480 2448 FltMgr - ok
14:04:19.0576 2448 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
14:04:19.0608 2448 FontCache - ok
14:04:19.0664 2448 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:04:19.0698 2448 FontCache3.0.0.0 - ok
14:04:19.0829 2448 ForceWare Intelligent Application Manager (IAM) (52b58a46beefb238c580b69fd051cb5b) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
14:04:19.0887 2448 ForceWare Intelligent Application Manager (IAM) - ok
14:04:20.0007 2448 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
14:04:20.0040 2448 FsDepends - ok
14:04:20.0087 2448 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
14:04:20.0103 2448 Fs_Rec - ok
14:04:20.0175 2448 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
14:04:20.0200 2448 fvevol - ok
14:04:20.0229 2448 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
14:04:20.0247 2448 gagp30kx - ok
14:04:20.0373 2448 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:04:20.0405 2448 GamesAppService - ok
14:04:20.0447 2448 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:04:20.0461 2448 GEARAspiWDM - ok
14:04:20.0628 2448 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
14:04:20.0678 2448 gpsvc - ok
14:04:20.0791 2448 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
14:04:20.0800 2448 GREGService - ok
14:04:21.0044 2448 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:04:21.0088 2448 gupdate - ok
14:04:21.0143 2448 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:04:21.0152 2448 gupdatem - ok
14:04:21.0263 2448 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
14:04:21.0312 2448 hcw85cir - ok
14:04:21.0354 2448 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
14:04:21.0375 2448 HdAudAddService - ok
14:04:21.0406 2448 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
14:04:21.0425 2448 HDAudBus - ok
14:04:21.0430 2448 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
14:04:21.0444 2448 HidBatt - ok
14:04:21.0464 2448 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
14:04:21.0482 2448 HidBth - ok
14:04:21.0493 2448 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
14:04:21.0510 2448 HidIr - ok
14:04:21.0542 2448 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
14:04:21.0574 2448 hidserv - ok
14:04:21.0591 2448 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
14:04:21.0605 2448 HidUsb - ok
14:04:21.0635 2448 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
14:04:21.0667 2448 hkmsvc - ok
14:04:21.0704 2448 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
14:04:21.0736 2448 HomeGroupListener - ok
14:04:21.0777 2448 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
14:04:21.0790 2448 HomeGroupProvider - ok
14:04:21.0809 2448 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
14:04:21.0822 2448 HpSAMD - ok
14:04:21.0878 2448 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
14:04:21.0913 2448 HTTP - ok
14:04:21.0927 2448 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
14:04:21.0938 2448 hwpolicy - ok
14:04:21.0958 2448 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
14:04:21.0974 2448 i8042prt - ok
14:04:22.0011 2448 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
14:04:22.0039 2448 iaStorV - ok
14:04:22.0139 2448 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:04:22.0174 2448 idsvc - ok
14:04:22.0187 2448 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
14:04:22.0199 2448 iirsp - ok
14:04:22.0265 2448 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
14:04:22.0317 2448 IKEEXT - ok
14:04:22.0451 2448 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\windows\system32\drivers\RTKVHD64.sys
14:04:22.0518 2448 IntcAzAudAddService - ok
14:04:22.0593 2448 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
14:04:22.0605 2448 intelide - ok
14:04:22.0611 2448 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\drivers\intelppm.sys
14:04:22.0625 2448 intelppm - ok
14:04:22.0721 2448 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
14:04:22.0733 2448 IntuitUpdateServiceV4 - ok
14:04:22.0773 2448 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
14:04:22.0806 2448 IPBusEnum - ok
14:04:22.0823 2448 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:04:22.0853 2448 IpFilterDriver - ok
14:04:22.0860 2448 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
14:04:22.0875 2448 IPMIDRV - ok
14:04:22.0912 2448 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
14:04:22.0945 2448 IPNAT - ok
14:04:23.0036 2448 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
14:04:23.0079 2448 iPod Service - ok
14:04:23.0091 2448 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
14:04:23.0109 2448 IRENUM - ok
14:04:23.0122 2448 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
14:04:23.0134 2448 isapnp - ok
14:04:23.0164 2448 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
14:04:23.0182 2448 iScsiPrt - ok
14:04:23.0195 2448 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
14:04:23.0207 2448 kbdclass - ok
14:04:23.0235 2448 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
14:04:23.0250 2448 kbdhid - ok
14:04:23.0279 2448 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:04:23.0292 2448 KeyIso - ok
14:04:23.0326 2448 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
14:04:23.0338 2448 KSecDD - ok
14:04:23.0360 2448 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
14:04:23.0373 2448 KSecPkg - ok
14:04:23.0386 2448 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
14:04:23.0419 2448 ksthunk - ok
14:04:23.0469 2448 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
14:04:23.0517 2448 KtmRm - ok
14:04:23.0554 2448 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
14:04:23.0587 2448 LanmanServer - ok
14:04:23.0614 2448 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
14:04:23.0647 2448 LanmanWorkstation - ok
14:04:23.0690 2448 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
14:04:23.0709 2448 Live Updater Service - ok
14:04:23.0734 2448 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
14:04:23.0766 2448 lltdio - ok
14:04:23.0809 2448 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
14:04:23.0847 2448 lltdsvc - ok
14:04:23.0864 2448 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
14:04:23.0896 2448 lmhosts - ok
14:04:23.0928 2448 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
14:04:23.0942 2448 LSI_FC - ok
14:04:23.0969 2448 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
14:04:23.0983 2448 LSI_SAS - ok
14:04:23.0993 2448 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
14:04:24.0006 2448 LSI_SAS2 - ok
14:04:24.0016 2448 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
14:04:24.0031 2448 LSI_SCSI - ok
14:04:24.0047 2448 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
14:04:24.0080 2448 luafv - ok
14:04:24.0098 2448 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
14:04:24.0115 2448 Mcx2Svc - ok
14:04:24.0120 2448 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
14:04:24.0133 2448 megasas - ok
14:04:24.0160 2448 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
14:04:24.0178 2448 MegaSR - ok
14:04:24.0197 2448 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:04:24.0230 2448 MMCSS - ok
14:04:24.0236 2448 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
14:04:24.0269 2448 Modem - ok
14:04:24.0288 2448 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
14:04:24.0304 2448 monitor - ok
14:04:24.0340 2448 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
14:04:24.0352 2448 mouclass - ok
14:04:24.0365 2448 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
14:04:24.0381 2448 mouhid - ok
14:04:24.0398 2448 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
14:04:24.0410 2448 mountmgr - ok
14:04:24.0422 2448 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
14:04:24.0436 2448 mpio - ok
14:04:24.0453 2448 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
14:04:24.0484 2448 mpsdrv - ok
14:04:24.0560 2448 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
14:04:24.0598 2448 MpsSvc - ok
14:04:24.0611 2448 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
14:04:24.0633 2448 MRxDAV - ok
14:04:24.0674 2448 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
14:04:24.0699 2448 mrxsmb - ok
14:04:24.0727 2448 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:04:24.0743 2448 mrxsmb10 - ok
14:04:24.0766 2448 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:04:24.0779 2448 mrxsmb20 - ok
14:04:24.0819 2448 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
14:04:24.0830 2448 msahci - ok
14:04:24.0843 2448 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
14:04:24.0857 2448 msdsm - ok
14:04:24.0870 2448 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
14:04:24.0888 2448 MSDTC - ok
14:04:24.0925 2448 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
14:04:24.0955 2448 Msfs - ok
14:04:24.0961 2448 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
14:04:24.0992 2448 mshidkmdf - ok
14:04:24.0996 2448 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
14:04:25.0007 2448 msisadrv - ok
14:04:25.0050 2448 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
14:04:25.0084 2448 MSiSCSI - ok
14:04:25.0087 2448 msiserver - ok
14:04:25.0106 2448 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
14:04:25.0137 2448 MSKSSRV - ok
14:04:25.0150 2448 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
14:04:25.0181 2448 MSPCLOCK - ok
14:04:25.0185 2448 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
14:04:25.0219 2448 MSPQM - ok
14:04:25.0247 2448 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
14:04:25.0261 2448 MsRPC - ok
14:04:25.0277 2448 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
14:04:25.0289 2448 mssmbios - ok
14:04:25.0299 2448 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
14:04:25.0330 2448 MSTEE - ok
14:04:25.0334 2448 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
14:04:25.0348 2448 MTConfig - ok
14:04:25.0359 2448 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
14:04:25.0371 2448 Mup - ok
14:04:25.0386 2448 mwlPSDFilter (9b1eac6faf6f37305e822f5588dc8056) C:\windows\system32\DRIVERS\mwlPSDFilter.sys
14:04:25.0399 2448 mwlPSDFilter - ok
14:04:25.0405 2448 mwlPSDNServ (ad55c1524b296280ed9c6e0d730d35da) C:\windows\system32\DRIVERS\mwlPSDNServ.sys
14:04:25.0418 2448 mwlPSDNServ - ok
14:04:25.0428 2448 mwlPSDVDisk (2b599e6ec8843637bdd62e7f8f3ba201) C:\windows\system32\DRIVERS\mwlPSDVDisk.sys
14:04:25.0443 2448 mwlPSDVDisk - ok
14:04:25.0526 2448 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
14:04:25.0572 2448 napagent - ok
14:04:25.0619 2448 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
14:04:25.0638 2448 NativeWifiP - ok
14:04:25.0736 2448 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
14:04:25.0760 2448 NAUpdate - ok
14:04:25.0871 2448 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
14:04:25.0893 2448 NDIS - ok
14:04:25.0911 2448 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
14:04:25.0943 2448 NdisCap - ok
14:04:25.0960 2448 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
14:04:25.0991 2448 NdisTapi - ok
14:04:26.0007 2448 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
14:04:26.0037 2448 Ndisuio - ok
14:04:26.0090 2448 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
14:04:26.0153 2448 NdisWan - ok
14:04:26.0172 2448 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
14:04:26.0210 2448 NDProxy - ok
14:04:26.0238 2448 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
14:04:26.0269 2448 NetBIOS - ok
14:04:26.0343 2448 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
14:04:26.0424 2448 NetBT - ok
14:04:26.0479 2448 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:04:26.0490 2448 Netlogon - ok
14:04:26.0561 2448 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
14:04:26.0592 2448 Netman - ok
14:04:26.0697 2448 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
14:04:26.0734 2448 netprofm - ok
14:04:26.0787 2448 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:04:26.0811 2448 NetTcpPortSharing - ok
14:04:26.0846 2448 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
14:04:26.0881 2448 nfrd960 - ok
14:04:26.0946 2448 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
14:04:26.0981 2448 NlaSvc - ok
14:04:27.0288 2448 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
14:04:27.0329 2448 NOBU - ok
14:04:27.0429 2448 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
14:04:27.0460 2448 Npfs - ok
14:04:27.0471 2448 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
14:04:27.0501 2448 nsi - ok
14:04:27.0517 2448 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
14:04:27.0547 2448 nsiproxy - ok
14:04:27.0613 2448 nSvcIp (20e179a7fe78b37a02d30c4d34c870e7) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
14:04:27.0632 2448 nSvcIp - ok
14:04:27.0822 2448 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
14:04:27.0870 2448 Ntfs - ok
14:04:27.0918 2448 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
14:04:27.0947 2448 Null - ok
14:04:28.0005 2448 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\windows\system32\DRIVERS\nvm62x64.sys
14:04:28.0073 2448 NVENETFD - ok
14:04:28.0706 2448 nvlddmkm (32862e7625fb2f868bbd4081ceb8a87a) C:\windows\system32\DRIVERS\nvlddmkm.sys
14:04:29.0036 2448 nvlddmkm - ok
14:04:29.0136 2448 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\windows\system32\DRIVERS\nvmf6264.sys
14:04:29.0150 2448 NVNET - ok
14:04:29.0184 2448 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
14:04:29.0199 2448 nvraid - ok
14:04:29.0232 2448 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
14:04:29.0246 2448 nvstor - ok
14:04:29.0270 2448 nvstor64 (1e45f96342429d63dc30e0d9117da3d8) C:\windows\system32\drivers\nvstor64.sys
14:04:29.0280 2448 nvstor64 - ok
14:04:29.0353 2448 NVSvc (e04ec8c2242e6fa434122b7c1c51a1c1) C:\windows\system32\nvvsvc.exe
14:04:29.0390 2448 NVSvc - ok
14:04:29.0400 2448 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
14:04:29.0413 2448 nv_agp - ok
14:04:29.0575 2448 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:04:29.0614 2448 odserv - ok
14:04:29.0622 2448 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
14:04:29.0643 2448 ohci1394 - ok
14:04:29.0686 2448 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:04:29.0704 2448 ose - ok
14:04:29.0735 2448 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:04:29.0777 2448 p2pimsvc - ok
14:04:29.0814 2448 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
14:04:29.0846 2448 p2psvc - ok
14:04:29.0855 2448 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
14:04:29.0876 2448 Parport - ok
14:04:29.0912 2448 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
14:04:29.0929 2448 partmgr - ok
14:04:29.0955 2448 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
14:04:29.0981 2448 PcaSvc - ok
14:04:30.0000 2448 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
14:04:30.0013 2448 pci - ok
14:04:30.0029 2448 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
14:04:30.0040 2448 pciide - ok
14:04:30.0064 2448 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
14:04:30.0079 2448 pcmcia - ok
14:04:30.0094 2448 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
14:04:30.0105 2448 pcw - ok
14:04:30.0147 2448 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
14:04:30.0183 2448 PEAUTH - ok
14:04:30.0254 2448 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
14:04:30.0269 2448 PerfHost - ok
14:04:30.0375 2448 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
14:04:30.0430 2448 pla - ok
14:04:30.0501 2448 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
14:04:30.0563 2448 PlugPlay - ok
14:04:30.0608 2448 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
14:04:30.0627 2448 PNRPAutoReg - ok
14:04:30.0656 2448 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:04:30.0670 2448 PNRPsvc - ok
14:04:30.0720 2448 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
14:04:30.0762 2448 PolicyAgent - ok
14:04:30.0795 2448 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
14:04:30.0827 2448 Power - ok
14:04:30.0878 2448 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
14:04:30.0929 2448 PptpMiniport - ok
14:04:30.0959 2448 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
14:04:30.0973 2448 Processor - ok
14:04:31.0007 2448 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
14:04:31.0033 2448 ProfSvc - ok
14:04:31.0057 2448 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:04:31.0068 2448 ProtectedStorage - ok
14:04:31.0093 2448 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
14:04:31.0124 2448 Psched - ok
14:04:31.0226 2448 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
14:04:31.0277 2448 ql2300 - ok
14:04:31.0381 2448 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
14:04:31.0412 2448 ql40xx - ok
14:04:31.0451 2448 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
14:04:31.0483 2448 QWAVE - ok
14:04:31.0500 2448 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
14:04:31.0525 2448 QWAVEdrv - ok
14:04:31.0529 2448 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
14:04:31.0559 2448 RasAcd - ok
14:04:31.0582 2448 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
14:04:31.0613 2448 RasAgileVpn - ok
14:04:31.0646 2448 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
14:04:31.0679 2448 RasAuto - ok
14:04:31.0701 2448 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
14:04:31.0733 2448 Rasl2tp - ok
14:04:31.0762 2448 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
14:04:31.0809 2448 RasMan - ok
14:04:31.0835 2448 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
14:04:31.0866 2448 RasPppoe - ok
14:04:31.0889 2448 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
14:04:31.0920 2448 RasSstp - ok
14:04:31.0953 2448 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
14:04:31.0987 2448 rdbss - ok
14:04:32.0001 2448 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
14:04:32.0016 2448 rdpbus - ok
14:04:32.0025 2448 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
14:04:32.0055 2448 RDPCDD - ok
14:04:32.0064 2448 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
14:04:32.0093 2448 RDPENCDD - ok
14:04:32.0117 2448 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
14:04:32.0147 2448 RDPREFMP - ok
14:04:32.0184 2448 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
14:04:32.0230 2448 RDPWD - ok
14:04:32.0255 2448 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
14:04:32.0274 2448 rdyboost - ok
14:04:32.0363 2448 Realtek11nCU (ea569d48b2e755af6d96f03f3335d98a) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
14:04:32.0602 2448 Realtek11nCU ( UnsignedFile.Multi.Generic ) - warning
14:04:32.0602 2448 Realtek11nCU - detected UnsignedFile.Multi.Generic (1)
14:04:32.0636 2448 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
14:04:32.0697 2448 RemoteAccess - ok
14:04:32.0710 2448 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
14:04:32.0744 2448 RemoteRegistry - ok
14:04:32.0761 2448 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
14:04:32.0791 2448 RpcEptMapper - ok
14:04:32.0807 2448 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
14:04:32.0821 2448 RpcLocator - ok
14:04:32.0857 2448 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:04:32.0889 2448 RpcSs - ok
14:04:32.0899 2448 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
14:04:32.0929 2448 rspndr - ok
14:04:32.0985 2448 RTL8192cu (501372bb2352ffd32162131ec9ffca9b) C:\windows\system32\DRIVERS\RTL8192cu.sys
14:04:33.0004 2448 RTL8192cu - ok
14:04:33.0033 2448 rtlss (c66f68e501687573b6eaa66f3f0ab285) C:\windows\system32\Drivers\rtlss.sys
14:04:33.0043 2448 rtlss - ok
14:04:33.0059 2448 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:04:33.0071 2448 SamSs - ok
14:04:33.0390 2448 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
14:04:33.0445 2448 SBAMSvc - ok
14:04:33.0611 2448 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\windows\system32\DRIVERS\sbapifs.sys
14:04:33.0642 2448 sbapifs - ok
14:04:33.0671 2448 sbhips (b671eef468d13016b9286f5835a06ae1) C:\windows\system32\drivers\sbhips.sys
14:04:33.0686 2448 sbhips - ok
14:04:33.0701 2448 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
14:04:33.0720 2448 sbp2port - ok
14:04:33.0757 2448 SBRE (9aceb2a2362fc87a3825963e61ba9076) C:\windows\system32\drivers\SBREdrv.sys
14:04:33.0771 2448 SBRE - ok
14:04:33.0817 2448 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
14:04:33.0866 2448 SCardSvr - ok
14:04:33.0880 2448 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
14:04:33.0909 2448 scfilter - ok
14:04:33.0981 2448 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
14:04:34.0020 2448 Schedule - ok
14:04:34.0041 2448 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:04:34.0069 2448 SCPolicySvc - ok
14:04:34.0084 2448 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
14:04:34.0115 2448 SDRSVC - ok
14:04:34.0202 2448 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
14:04:34.0234 2448 SeaPort - ok
14:04:34.0289 2448 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
14:04:34.0359 2448 secdrv - ok
14:04:34.0372 2448 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
14:04:34.0402 2448 seclogon - ok
14:04:34.0413 2448 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
14:04:34.0444 2448 SENS - ok
14:04:34.0460 2448 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
14:04:34.0485 2448 SensrSvc - ok
14:04:34.0509 2448 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
14:04:34.0523 2448 Serenum - ok
14:04:34.0546 2448 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
14:04:34.0561 2448 Serial - ok
14:04:34.0565 2448 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
14:04:34.0579 2448 sermouse - ok
14:04:34.0610 2448 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
14:04:34.0642 2448 SessionEnv - ok
14:04:34.0646 2448 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
14:04:34.0662 2448 sffdisk - ok
14:04:34.0666 2448 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
14:04:34.0681 2448 sffp_mmc - ok
14:04:34.0684 2448 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
14:04:34.0699 2448 sffp_sd - ok
14:04:34.0703 2448 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
14:04:34.0717 2448 sfloppy - ok
14:04:34.0768 2448 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
14:04:34.0816 2448 SharedAccess - ok
14:04:34.0914 2448 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
14:04:34.0947 2448 ShellHWDetection - ok
14:04:34.0965 2448 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
14:04:34.0977 2448 SiSRaid2 - ok
14:04:34.0984 2448 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
14:04:34.0998 2448 SiSRaid4 - ok
14:04:35.0015 2448 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
14:04:35.0047 2448 Smb - ok
14:04:35.0088 2448 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
14:04:35.0104 2448 SNMPTRAP - ok
14:04:35.0114 2448 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
14:04:35.0124 2448 spldr - ok
14:04:35.0284 2448 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
14:04:35.0342 2448 Spooler - ok
14:04:35.0815 2448 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
14:04:35.0925 2448 sppsvc - ok
14:04:36.0045 2448 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
14:04:36.0112 2448 sppuinotify - ok
14:04:36.0168 2448 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
14:04:36.0201 2448 srv - ok
14:04:36.0237 2448 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
14:04:36.0252 2448 srv2 - ok
14:04:36.0293 2448 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
14:04:36.0331 2448 srvnet - ok
14:04:36.0370 2448 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
14:04:36.0420 2448 SSDPSRV - ok
14:04:36.0439 2448 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
14:04:36.0470 2448 SstpSvc - ok
14:04:36.0551 2448 Steam Client Service - ok
14:04:36.0629 2448 Stereo Service (a52dda7f28ff685ad63d77fe0549707e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:04:36.0673 2448 Stereo Service - ok
14:04:36.0698 2448 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
14:04:36.0714 2448 stexstor - ok
14:04:36.0781 2448 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
14:04:36.0824 2448 stisvc - ok
14:04:36.0837 2448 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
14:04:36.0847 2448 swenum - ok
14:04:36.0885 2448 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
14:04:36.0928 2448 swprv - ok
14:04:37.0027 2448 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
14:04:37.0057 2448 SysMain - ok
14:04:37.0178 2448 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
14:04:37.0229 2448 TabletInputService - ok
14:04:37.0254 2448 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
14:04:37.0290 2448 TapiSrv - ok
14:04:37.0299 2448 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
14:04:37.0331 2448 TBS - ok
14:04:38.0007 2448 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
14:04:38.0065 2448 Tcpip - ok
14:04:38.0645 2448 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
14:04:38.0682 2448 TCPIP6 - ok
14:04:39.0945 2448 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
14:04:39.0991 2448 tcpipreg - ok
14:04:40.0014 2448 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
14:04:40.0042 2448 TDPIPE - ok
14:04:40.0069 2448 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
14:04:40.0083 2448 TDTCP - ok
14:04:40.0105 2448 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
14:04:40.0137 2448 tdx - ok
14:04:40.0160 2448 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
14:04:40.0172 2448 TermDD - ok
14:04:40.0227 2448 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
14:04:40.0277 2448 TermService - ok
14:04:40.0294 2448 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
14:04:40.0311 2448 Themes - ok
14:04:40.0330 2448 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:04:40.0359 2448 THREADORDER - ok
14:04:40.0377 2448 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
14:04:40.0409 2448 TrkWks - ok
14:04:40.0479 2448 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
14:04:40.0512 2448 TrustedInstaller - ok
14:04:40.0523 2448 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
14:04:40.0552 2448 tssecsrv - ok
14:04:40.0596 2448 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
14:04:40.0622 2448 TsUsbFlt - ok
14:04:40.0631 2448 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
14:04:40.0644 2448 TsUsbGD - ok
14:04:40.0675 2448 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
14:04:40.0705 2448 tunnel - ok
14:04:40.0712 2448 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
14:04:40.0724 2448 uagp35 - ok
14:04:40.0743 2448 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
14:04:40.0777 2448 udfs - ok
14:04:40.0791 2448 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
14:04:40.0806 2448 UI0Detect - ok
14:04:40.0817 2448 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
14:04:40.0831 2448 uliagpkx - ok
14:04:40.0861 2448 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
14:04:40.0877 2448 umbus - ok
14:04:40.0887 2448 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
14:04:40.0904 2448 UmPass - ok
14:04:40.0945 2448 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
14:04:41.0019 2448 upnphost - ok
14:04:41.0073 2448 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys
14:04:41.0127 2448 USBAAPL64 - ok
14:04:41.0229 2448 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\drivers\usbccgp.sys
14:04:41.0278 2448 usbccgp - ok
14:04:41.0308 2448 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
14:04:41.0324 2448 usbcir - ok
14:04:41.0347 2448 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
14:04:41.0394 2448 usbehci - ok
14:04:41.0458 2448 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
14:04:41.0488 2448 usbhub - ok
14:04:41.0520 2448 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
14:04:41.0533 2448 usbohci - ok
14:04:41.0565 2448 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
14:04:41.0582 2448 usbprint - ok
14:04:41.0632 2448 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
14:04:41.0648 2448 usbscan - ok
14:04:41.0674 2448 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\drivers\USBSTOR.SYS
14:04:41.0699 2448 USBSTOR - ok
14:04:41.0728 2448 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
14:04:41.0742 2448 usbuhci - ok
14:04:41.0760 2448 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
14:04:41.0791 2448 UxSms - ok
14:04:41.0813 2448 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:04:41.0823 2448 VaultSvc - ok
14:04:41.0849 2448 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
14:04:41.0860 2448 vdrvroot - ok
14:04:41.0904 2448 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
14:04:41.0952 2448 vds - ok
14:04:41.0981 2448 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
14:04:41.0995 2448 vga - ok
14:04:42.0006 2448 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
14:04:42.0035 2448 VgaSave - ok
14:04:42.0049 2448 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
14:04:42.0064 2448 vhdmp - ok
14:04:42.0069 2448 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
14:04:42.0080 2448 viaide - ok
14:04:42.0087 2448 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
14:04:42.0098 2448 volmgr - ok
14:04:42.0129 2448 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
14:04:42.0144 2448 volmgrx - ok
14:04:42.0177 2448 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
14:04:42.0191 2448 volsnap - ok
14:04:42.0213 2448 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
14:04:42.0227 2448 vsmraid - ok
14:04:42.0320 2448 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
14:04:42.0383 2448 VSS - ok
14:04:42.0490 2448 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
14:04:42.0535 2448 vwifibus - ok
14:04:42.0556 2448 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
14:04:42.0580 2448 vwififlt - ok
14:04:42.0669 2448 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
14:04:42.0761 2448 W32Time - ok
14:04:42.0768 2448 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
14:04:42.0782 2448 WacomPen - ok
14:04:42.0814 2448 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:04:42.0844 2448 WANARP - ok
14:04:42.0847 2448 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:04:42.0874 2448 Wanarpv6 - ok
14:04:43.0016 2448 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
14:04:43.0101 2448 WatAdminSvc - ok
14:04:43.0240 2448 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
14:04:43.0317 2448 wbengine - ok
14:04:43.0446 2448 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
14:04:43.0489 2448 WbioSrvc - ok
14:04:43.0520 2448 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
14:04:43.0538 2448 wcncsvc - ok
14:04:43.0543 2448 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
14:04:43.0569 2448 WcsPlugInService - ok
14:04:43.0588 2448 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
14:04:43.0599 2448 Wd - ok
14:04:43.0644 2448 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
14:04:43.0662 2448 Wdf01000 - ok
14:04:43.0682 2448 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:04:43.0769 2448 WdiServiceHost - ok
14:04:43.0773 2448 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:04:43.0796 2448 WdiSystemHost - ok
14:04:43.0831 2448 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
14:04:43.0853 2448 WebClient - ok
14:04:43.0878 2448 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
14:04:43.0913 2448 Wecsvc - ok
14:04:43.0932 2448 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
14:04:43.0964 2448 wercplsupport - ok
14:04:43.0982 2448 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
14:04:44.0014 2448 WerSvc - ok
14:04:44.0045 2448 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
14:04:44.0074 2448 WfpLwf - ok
14:04:44.0078 2448 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
14:04:44.0090 2448 WIMMount - ok
14:04:44.0094 2448 WinHttpAutoProxySvc - ok
14:04:44.0138 2448 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
14:04:44.0173 2448 Winmgmt - ok
14:04:44.0307 2448 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
14:04:44.0376 2448 WinRM - ok
14:04:44.0527 2448 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
14:04:44.0574 2448 WinUsb - ok
14:04:44.0649 2448 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
14:04:44.0685 2448 Wlansvc - ok
14:04:44.0758 2448 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:04:44.0788 2448 wlcrasvc - ok
14:04:45.0039 2448 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:04:45.0119 2448 wlidsvc - ok
14:04:45.0184 2448 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
14:04:45.0197 2448 WmiAcpi - ok
14:04:45.0240 2448 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
14:04:45.0288 2448 wmiApSrv - ok
14:04:45.0324 2448 WMPNetworkSvc - ok
14:04:45.0371 2448 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
14:04:45.0421 2448 WPCSvc - ok
14:04:45.0487 2448 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
14:04:45.0564 2448 WPDBusEnum - ok
14:04:45.0592 2448 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
14:04:45.0634 2448 ws2ifsl - ok
14:04:45.0692 2448 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
14:04:45.0732 2448 wscsvc - ok
14:04:45.0736 2448 WSearch - ok
14:04:45.0938 2448 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
14:04:46.0050 2448 wuauserv - ok
14:04:46.0241 2448 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
14:04:46.0274 2448 WudfPf - ok
14:04:46.0319 2448 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
14:04:46.0350 2448 WUDFRd - ok
14:04:46.0403 2448 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
14:04:46.0463 2448 wudfsvc - ok
14:04:46.0516 2448 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
14:04:46.0542 2448 WwanSvc - ok
14:04:46.0593 2448 MBR (0x1B8) (70e629b51c16b3c007730c6ae57144c9) \Device\Harddisk0\DR0
14:04:48.0879 2448 \Device\Harddisk0\DR0 - ok
14:04:48.0905 2448 Boot (0x1200) (29f0ef1dd6982e067294b4881c120e76) \Device\Harddisk0\DR0\Partition0
14:04:48.0907 2448 \Device\Harddisk0\DR0\Partition0 - ok
14:04:48.0920 2448 Boot (0x1200) (7fd812187765f8e9bd914b197bd817a7) \Device\Harddisk0\DR0\Partition1
14:04:48.0922 2448 \Device\Harddisk0\DR0\Partition1 - ok
14:04:48.0922 2448 ============================================================
14:04:48.0922 2448 Scan finished
14:04:48.0922 2448 ============================================================
14:04:48.0935 2368 Detected object count: 1
14:04:48.0935 2368 Actual detected object count: 1
14:05:00.0809 2368 Realtek11nCU ( UnsignedFile.Multi.Generic ) - skipped by user
14:05:00.0809 2368 Realtek11nCU ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#14
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi,

You forgot to run the Farbar Service Scanner:

# Step 2 #
Run Farbar Service Scanner again and post the log (FSS.txt)


  • 0

#15
thirstyscholar

thirstyscholar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Sorry, here is Farbar:
Farbar Service Scanner Version: 06-08-2012
Ran by Matt (administrator) on 13-08-2012 at 14:09:18
Running from "C:\Users\Matt\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP