System Crash Possibly Caused By Comodo Cleaning Essentials Or System Cleaner
-
Windows 7 Ultimate 32-Bit Fully Updated
-
Resident Protection: AVG 2011 Free, Norton DNS Utility, Secunia PSI, Windows Defender, Windows Firewall, and Peer Block.
I have Comodo System Cleaner with Active Clean On, set to for all three categories (Privacy, Registry, etc.).
I have Comodo Cleaning Essentials set to check MBR, CIMA, DACS, scan files up to size 9999999.
Comodo Cleaning Essentials
1.4.177889.49
Comodo System Cleaner
3.0.172695.53
- I was doing a Comodo Cleaning Essentials scan, and my brother was trying to watch a video on YouTube and the screen went black and then it went to a blue screen
that made a crash dump and the computer restarted, I will attach the crash dump; the crash may have nothing to do with Comodo Cleaning Essentials or System Cleaner,
but I am submitting this just in case.
- I will also add the Windows Crash Event report, KillSwitch Log, and Emsisoft HiJackFree Log to this report.
Windows Crash Event:
Log Name: Application
Source: Windows Error Reporting
Date: 2/18/2011 5:25:46 PM
Event ID: 1001
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: Family-Laptop
Description:
Fault bucket 0x18_OVER_DEREFERENCE_ccekrnl+47b7, type 0
Event Name: BlueScreen
Response: Not available
Cab Id: 0
Problem signature:
P1:
P2:
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:
Attached files:
C:\Windows\Minidump\021811-54693-01.dmp
C:\Users\Family\AppData\Local\Temp\WER-97812-0.sysdata.xml
C:\Users\Family\AppData\Local\Temp\WERC496.tmp.WERInternalMetadata.xml
These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0d3d0aaa
Analysis symbol: 0x18_OVER_DEREFERENCE_ccekrnl+47b7
Rechecking for solution: 0
Report Id: 021811-54693-01
Report Status: 0
Event Xml:
1001
4
0
0x80000000000000
30902
Application
Family-Laptop
0x18_OVER_DEREFERENCE_ccekrnl+47b7
0
BlueScreen
Not available
0
C:\Windows\Minidump\021811-54693-01.dmp
C:\Users\Family\AppData\Local\Temp\WER-97812-0.sysdata.xml
C:\Users\Family\AppData\Local\Temp\WERC496.tmp.WERInternalMetadata.xml
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0d3d0aaa
0x18_OVER_DEREFERENCE_ccekrnl+47b7
0
021811-54693-01
0
Comodo Killswitch Log:
KillSwitch 1.4.177889.49
Windows NT 6.1 (32-bit)
2/18/2011 5:35:11 PM
Name PID Verdict CPU I/O Total Private Bytes User Name
Description
System Idle Process 0 54.69 0 NT AUTHORITY\SYSTEM
System 4 Safe 284 kB NT AUTHORITY\SYSTEM
NT Kernel & System
smss.exe 308 Safe 228 kB NT AUTHORITY\SYSTEM
Windows Session Manager
DPCs 0
Interrupts 0
csrss.exe 524 Safe 1.23 MB NT AUTHORITY\SYSTEM
Client Server Runtime Process
conhost.exe 532 Safe 524 kB NT AUTHORITY
\SYSTEM Console Window Host
csrss.exe 576 Safe 1.95 kB/s 1.87 MB NT AUTHORITY\SYSTEM
Client Server Runtime Process
conhost.exe 2272 Safe 628 kB FAMILY-LAPTOP\Family
Console Window Host
wininit.exe 592 Safe 900 kB NT AUTHORITY\SYSTEM
Windows Start-Up Application
services.exe 688 Safe 1.56 4.43 MB NT AUTHORITY
\SYSTEM Services and Controller app
svchost.exe 880 Safe 2.62 MB NT AUTHORITY
\SYSTEM Host Process for Windows Services
WmiPrvSE.exe 2812 Safe 5.28 MB NT AUTHORITY\NETWORK
SERVICE WMI Provider Host
unsecapp.exe 4160 Safe 824 kB NT AUTHORITY\SYSTEM
Sink to receive asynchronous callbacks for WMI client application
svchost.exe 968 Safe 2.6 MB NT AUTHORITY
\NETWORK SERVICE Host Process for Windows Services
svchost.exe 1104 Safe 18.42 MB NT AUTHORITY\LOCAL SERVICE
Host Process for Windows Services
audiodg.exe 3400 Safe 15.98 MB NT AUTHORITY\LOCAL SERVICE
Windows Audio Device Graph Isolation
svchost.exe 1144 Safe 64.18 MB NT AUTHORITY\SYSTEM
Host Process for Windows Services
dwm.exe 1484 Safe 1.56 54.54 MB FAMILY-LAPTOP\Family
Desktop Window Manager
svchost.exe 1176 Safe 11.97 kB/s 17.34 MB NT AUTHORITY\SYSTEM
Host Process for Windows Services
taskeng.exe 3020 Safe 1.03 MB FAMILY-LAPTOP\Family
Task Scheduler Engine
peerblock.exe 3172 Safe 2.39 kB/s 31.34 MB FAMILY-LAPTOP\Family PeerBlock
taskeng.exe 5024 Safe 1.07 MB FAMILY-LAPTOP\Family
Task Scheduler Engine
svchost.exe 1320 Safe 5.74 MB NT AUTHORITY\LOCAL
SERVICE Host Process for Windows Services
svchost.exe 1520 Safe 11.33 MB NT AUTHORITY\NETWORK
SERVICE Host Process for Windows Services
spoolsv.exe 1676 Safe 4.65 MB NT AUTHORITY
\SYSTEM Spooler SubSystem App
svchost.exe 1716 Safe 10.75 MB NT AUTHORITY\LOCAL SERVICE
Host Process for Windows Services
AppleMobileDeviceService.exe 1792 Safe 1.68 MB NT AUTHORITY\SYSTEM
MobileDeviceService
avgwdsvc.exe 1816 Safe 7.04 MB NT AUTHORITY\SYSTEM
AVG Watchdog Service
avgnsx.exe 1780 Safe 1.56 4.3 kB/s 10.82 MB NT AUTHORITY\SYSTEM AVG Online
Shield Service
avgemcx.exe 420 Safe 1.84 MB NT AUTHORITY\SYSTEM
AVG E-mail Scanner
avgchsvx.exe 2848 Safe 20.13 kB/s 2.72 MB NT AUTHORITY\SYSTEM
AVG Cache Server
mDNSResponder.exe 1860 Safe 1.5 MB NT AUTHORITY
\SYSTEM Bonjour Service
Cleaner_Validator.exe 1892 Safe 11.63 MB NT AUTHORITY\SYSTEM
svchost.exe 1952 Safe 832 B/s 4.05 MB NT AUTHORITY\LOCAL
SERVICE Host Process for Windows Services
psia.exe 404 Safe 338 B/s 8.61 MB NT AUTHORITY\SYSTEM
Secunia PSI Agent
taskhost.exe 840 Safe 2.38 MB FAMILY-LAPTOP\Family
Host Process for Windows Tasks
svchost.exe 1980 Safe 1.18 MB NT AUTHORITY\LOCAL
SERVICE Host Process for Windows Services
WLIDSVC.EXE 2208 Safe 4.29 MB NT AUTHORITY
\SYSTEM Microsoft® Windows Live ID Service
WLIDSVCM.EXE 2480 Safe 616 kB NT AUTHORITY\SYSTEM
Microsoft® Windows Live ID Service Monitor
IAANTmon.exe 2256 Safe 1.55 MB NT AUTHORITY\SYSTEM
RAID Monitor
NortonDNSSvc.exe 2604 Safe 2.75 MB NT AUTHORITY\SYSTEM
Norton DNS Beta Service
AVGIDSAgent.exe 2692 Safe 4.79 kB/s 19.69 MB NT AUTHORITY\SYSTEM AVG IDS
application
SearchIndexer.exe 2768 Safe 1.69 kB/s 38.02 MB NT AUTHORITY\SYSTEM Microsoft
Windows Search Indexer
SearchProtocolHost.exe 5260 Safe 2.48 MB NT AUTHORITY\SYSTEM
Microsoft Windows Search Protocol Host
SearchFilterHost.exe 5320 Safe 1.56 MB NT AUTHORITY\SYSTEM
Microsoft Windows Search Filter Host
iPodService.exe 3368 Safe 1.52 MB NT AUTHORITY\SYSTEM
iPodService Module (32-bit)
sua.exe 3304 Safe 740 kB NT AUTHORITY\SYSTEM
Secunia Update Agent
wmpnetwk.exe 764 Safe 3.16 MB NT AUTHORITY\NETWORK
SERVICE Windows Media Player Network Sharing Service
lsass.exe 704 Safe 2.18 kB/s 2.93 MB NT AUTHORITY\SYSTEM
Local Security Authority Process
lsm.exe 720 Safe 1.26 MB NT AUTHORITY\SYSTEM
Local Session Manager Service
winlogon.exe 620 Safe 1.57 MB NT AUTHORITY
\SYSTEM Windows Logon Application
explorer.exe 1596 Safe 54.8 MB FAMILY-LAPTOP\Family
Windows Explorer
SynTPEnh.exe 3484 Safe 3.29 MB FAMILY-LAPTOP\Family
Synaptics TouchPad Enhancements
SynTPHelper.exe 2772 Safe 532 kB FAMILY-LAPTOP\Family
Synaptics Pointing Device Helper
hkcmd.exe 3524 Safe 2.95 MB FAMILY-LAPTOP\Family
hkcmd Module
igfxpers.exe 3532 Safe 1.11 MB FAMILY-LAPTOP\Family
persistence Module
iTunesHelper.exe 3604 Safe 4.43 MB FAMILY-LAPTOP\Family
iTunesHelper
avgtray.exe 3680 Safe 3.97 MB FAMILY-LAPTOP\Family
AVG Tray Monitor
AVGIDSMonitor.exe 4068 Safe 1.39 MB FAMILY-LAPTOP\Family
AVG IDS application
ipoint.exe 3688 Safe 7.1 MB FAMILY-LAPTOP\Family
IPoint.exe
jusched.exe 3800 Safe 840 kB FAMILY-LAPTOP\Family
Java(TM) Update Scheduler
NortonDNSTray.exe 3936 Safe 2.29 MB FAMILY-LAPTOP\Family
Norton DNS Beta Notification Icon
psi_tray.exe 3944 Safe 768 kB FAMILY-LAPTOP\Family
Secunia PSI Tray
firefox.exe 876 Safe 89.49 MB FAMILY-LAPTOP\Family
Firefox
notepad.exe 3444 Safe 9.14 MB FAMILY-LAPTOP\Family
Notepad
a2HiJackFree.exe 2324 Safe 14.06 94.89 kB/s 18.16 MB FAMILY-LAPTOP\Family HiJackFree
notepad.exe 5052 Safe 1.09 MB FAMILY-LAPTOP\Family
Notepad
CSC.exe 1900 Safe 19.39 MB FAMILY-LAPTOP\Family
Comodo System Cleaner
avgrsx.exe 4352 Safe 26.71 kB/s 1.07 MB NT AUTHORITY\SYSTEM
AVG Resident Shield Service
avgcsrvx.exe 4476 Safe 3.13 7.29 kB/s 13.48 MB NT AUTHORITY\SYSTEM
AVG Scanning Core Module - Server Part
KillSwitch.exe 4860 Safe 23.44 39.58 kB/s 134.62 MB FAMILY-LAPTOP\Family
COMODO Cleaning Essentials
Emsisoft HiJackFree Log:
Logfile of HiJackFree v4.5
Scan saved at 5:34:57 PM, on 2/18/2011
Platform: Windows Win7_32 (Windows NT 6.1.7600)
MSIE: Internet Explorer v 8.0 (8.0.7600.16385)
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\System32\csrss.exe
C:\Windows\System32\csrss.exe
C:\Windows\System32\wininit.exe
C:\Windows\System32\winlogon.exe
C:\Windows\System32\services.exe
C:\Windows\System32\lsass.exe
C:\Windows\System32\lsm.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Secunia\PSI\psia.exe
C:\Windows\System32\taskhost.exe
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Windows\System32\svchost.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Windows\System32\conhost.exe
C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
C:\Program Files\Norton DNS\NortonDNSSvc.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Norton DNS\NortonDNSTray.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
C:\Windows\System32\conhost.exe
C:\Windows\System32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\PeerBlock\peerblock.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\notepad.exe
C:\Program Files\COMODO\COMODO System-Cleaner\CSC.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Windows\System32\taskeng.exe
C:\Windows\System32\SearchProtocolHost.exe
C:\Windows\System32\SearchFilterHost.exe
C:\Users\Family\Desktop\Software Shortcuts\x32\KillSwitch.exe
C:\Program Files\Emsisoft HiJackFree\a2HiJackFree.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = %s - Google Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} -
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX
\AcroIEHelperShim.dll
O2 - BHO: GhosteryBHO Class - {237EB6DA-3FEA-4DD2-8A61-A901B5C489D7} - C:\Program Files\GhosteryIEplugin\GhosteryBrowserHelperObjec.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live
\WindowsLiveLogin.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM..\Run: [Microsoft Default Manager] “C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe” -resume
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe”
O4 - HKLM..\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM..\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM..\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM..\Run: [IntelliPoint] “C:\Program Files\Microsoft IntelliPoint\ipoint.exe”
O4 - HKLM..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
O4 - HKLM..\Run: [FileHippo.com] “C:\Program Files\FileHippo.com\UpdateChecker.exe” /background
O7 - Regedit - Enabled
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\RazaWebHook32.dll/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component
\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program
Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra “Tools” menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -
C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Ghostery - {237EB6DA-3FEA-4DD2-8A61-A901B5C489D7} - C:\Program Files\GhosteryIEplugin\GhosteryBrowserHelperObjec.dll
O14 - IERESET.INF: SearchAssistant=
O14 - IERESET.INF: CustomizeSearch=
O16 - DPF: {10000000-1000-1000-1000-100000000000} - http://cdn.betteradvertising.com/ghostery/addons/ie/WebInstall/ghostery.cab
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: igfxcui - C:\Windows\System32\igfxdev.dll
O21 - ShellServiceObjectDelayLoad: WebCheck -
O23 - Service: Application Experience Service - C:\Windows\system32\svchost.exe
O23 - Service: Application Layer Gateway Service - C:\Windows\System32\alg.exe
O23 - Service: Application Identity Service - C:\Windows\system32\svchost.exe
O23 - Service: Application Information Service - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppMgmt - C:\Windows\system32\svchost.exe
O23 - Service: Windows Audio Service - C:\Windows\System32\svchost.exe
O23 - Service: Windows Audio Service - C:\Windows\System32\svchost.exe
O23 - Service: AVGIDSAgent - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: ActiveX Installer Service - C:\Windows\system32\svchost.exe
O23 - Service: BDE Service - C:\Windows\System32\svchost.exe
O23 - Service: Background Intelligent Transfer Service - C:\Windows\System32\svchost.exe
O23 - Service: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Computer Browser Service DLL - C:\Windows\System32\svchost.exe
O23 - Service: Bluetooth Support Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft Smartcard Certificate Propagation Service - C:\Windows\system32\svchost.exe
O23 - Service: COMODO System - Cleaner Service - C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
O23 - Service: Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
O23 - Service: COMSysApp - C:\Windows\system32\dllhost.exe
O23 - Service: Cryptographic Services - C:\Windows\system32\svchost.exe
O23 - Service: CSC Service DLL - C:\Windows\System32\svchost.exe
O23 - Service: Microsoft\Disk Defragmenter - C:\Windows\system32\svchost.exe
O23 - Service: DHCP Client Service - C:\Windows\system32\svchost.exe
O23 - Service: DNS Client API DLL - C:\Windows\system32\svchost.exe
O23 - Service: Wired AutoConfig Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft EAPHost service - C:\Windows\System32\svchost.exe
O23 - Service: EFS Service - C:\Windows\System32\lsass.exe
O23 - Service: Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe
O23 - Service: Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe
O23 - Service: Event Logging Service - C:\Windows\System32\svchost.exe
O23 - Service: EventSystem - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft Fax Resource DLL - C:\Windows\system32\fxssvc.exe
O23 - Service: Function Discovery Provider host service - C:\Windows\system32\svchost.exe
O23 - Service: Function Discovery Resource Publication Service - C:\Windows\system32\svchost.exe
O23 - Service: Windows Font Cache Service - C:\Windows\system32\svchost.exe
O23 - Service: Windows Presentation Foundation Host - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
O23 - Service: Windows Live Family Safety Service - C:\Program Files\Windows Live\Family Safety\fsssvc.exe
O23 - Service: GameConsoleService - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HID Service - C:\Windows\system32\svchost.exe
O23 - Service: Key Management Service - C:\Windows\System32\svchost.exe
O23 - Service: Windows HomeGroup - C:\Windows\System32\svchost.exe
O23 - Service: Windows HomeGroup - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
O23 - Service: IKE extension - C:\Windows\system32\svchost.exe
O23 - Service: PnP-X IP Bus Enumerator DLL - C:\Windows\system32\svchost.exe
O23 - Service: Service that offers IPv6 connectivity over an IPv4 network. - C:\Windows\System32\svchost.exe
O23 - Service: iPod Service - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KeyIso - C:\Windows\system32\lsass.exe
O23 - Service: KtmRm - C:\Windows\System32\svchost.exe
O23 - Service: Server Service DLL - C:\Windows\system32\svchost.exe
O23 - Service: Workstation Service DLL - C:\Windows\System32\svchost.exe
O23 - Service: Link-Layer Topology Discovery Resources - C:\Windows\System32\svchost.exe
O23 - Service: TCPIP NetBios Transport Services DLL - C:\Windows\system32\svchost.exe
O23 - Service: Media Center Resources - C:\Windows\system32\svchost.exe
O23 - Service: Multimedia Class Scheduler Service - C:\Windows\system32\svchost.exe
O23 - Service: Windows Firewall API - C:\Windows\system32\svchost.exe
O23 - Service: MSDTC - C:\Windows\System32\msdtc.exe
O23 - Service: iSCSI Discovery api - C:\Windows\system32\svchost.exe
O23 - Service: Windows® Installer International Messages - C:\Windows\system32\msiexec.exe
O23 - Service: Quarantine Agent Service Run-Time - C:\Windows\System32\svchost.exe
O23 - Service: Net Logon Services DLL - C:\Windows\system32\lsass.exe
O23 - Service: Network Connections Manager - C:\Windows\System32\svchost.exe
O23 - Service: Network List Manager - C:\Windows\System32\svchost.exe
O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: Network Location Awareness 2 - C:\Windows\System32\svchost.exe
O23 - Service: Norton DNS - C:\Program Files\Norton DNS\NortonDNSSvc.exe
O23 - Service: Network Store Interface RPC server - C:\Windows\system32\svchost.exe
O23 - Service: PNRP Service Dll - C:\Windows\System32\svchost.exe
O23 - Service: Peer-to-Peer Services - C:\Windows\System32\svchost.exe
O23 - Service: Program Compatibility Assistant Service - C:\Windows\system32\svchost.exe
O23 - Service: BranchCache Service - C:\Windows\System32\svchost.exe
O23 - Service: Performance Logs & Alerts - C:\Windows\System32\svchost.exe
O23 - Service: User-mode Plug-and-Play Service - C:\Windows\system32\svchost.exe
O23 - Service: PNRP Auto Service Dll - C:\Windows\System32\svchost.exe
O23 - Service: PNRP Service Dll - C:\Windows\System32\svchost.exe
O23 - Service: Policy Storage dll - C:\Windows\system32\svchost.exe
O23 - Service: User-mode Power Service - C:\Windows\system32\svchost.exe
O23 - Service: ProfSvc - C:\Windows\system32\svchost.exe
O23 - Service: Protected Storage default provider - C:\Windows\system32\lsass.exe
O23 - Service: Windows NT - C:\Windows\system32\svchost.exe
O23 - Service: Remote Access AutoDial Manager - C:\Windows\System32\svchost.exe
O23 - Service: Remote Access Connection Manager - C:\Windows\System32\svchost.exe
O23 - Service: Dynamic Interface Manager - C:\Windows\System32\svchost.exe
O23 - Service: RemoteRegistry - C:\Windows\system32\svchost.exe
O23 - Service: RPC Endpoint Mapper - C:\Windows\system32\svchost.exe
O23 - Service: Rpc Locator - C:\Windows\system32\locator.exe
O23 - Service: Smart Card Resource Management Server - C:\Windows\system32\svchost.exe
O23 - Service: Task Scheduler Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft Smartcard Certificate Propagation Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft® Windows Backup Service - C:\Windows\system32\svchost.exe
O23 - Service: Secunia PSI Agent - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: System Event Notification Service (SENS) - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft Windows ambient light service - C:\Windows\system32\svchost.exe
O23 - Service: Remote Desktop Configuration service - C:\Windows\System32\svchost.exe
O23 - Service: Microsoft NAT Helper Components - C:\Windows\System32\svchost.exe
O23 - Service: Windows Shell Services Dll - C:\Windows\System32\svchost.exe
O23 - Service: SNMP Trap - C:\Windows\System32\snmptrap.exe
O23 - Service: Microsoft Software Protection Platform Service - C:\Windows\system32\sppsvc.exe
O23 - Service: SPP Notification Service - C:\Windows\system32\svchost.exe
O23 - Service: SSDP Service DLL - C:\Windows\system32\svchost.exe
O23 - Service: Provides the facility of using Secure Socket Tunneling Protocol (SSTP) to connect to remote computers (using VPN). - C:\Windows\system32\svchost.exe
O23 - Service: Still Image Devices Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft® Volume Shadow Copy Service software provider - C:\Windows\System32\svchost.exe
O23 - Service: Superfetch Service Host - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft Tablet PC Input Service - C:\Windows\System32\svchost.exe
O23 - Service: Microsoft® Windows™ Telephony Server - C:\Windows\System32\svchost.exe
O23 - Service: TBS Service - C:\Windows\System32\svchost.exe
O23 - Service: Remote Desktop Session Host Server Remote Connections Manager - C:\Windows\System32\svchost.exe
O23 - Service: Windows Shell Theme Service Dll - C:\Windows\System32\svchost.exe
O23 - Service: Multimedia Class Scheduler Service - C:\Windows\system32\svchost.exe
O23 - Service: Interactive services detection - C:\Windows\system32\UI0Detect.exe
O23 - Service: Remote Desktop Services Device Redirector Service - C:\Windows\System32\svchost.exe
O23 - Service: UPnP Device Host - C:\Windows\system32\svchost.exe
O23 - Service: Desktop Window Manager - C:\Windows\System32\svchost.exe
O23 - Service: Credential Manager Service - C:\Windows\system32\lsass.exe
O23 - Service: Virtual Disk Service - C:\Windows\System32\vds.exe
O23 - Service: Microsoft® Volume Shadow Copy Service - C:\Windows\system32\vssvc.exe
O23 - Service: Windows Time Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft® Block Level Backup Engine Service EXE - C:\Windows\system32\wbengine.exe
O23 - Service: Windows Biometric Service - C:\Windows\system32\svchost.exe
O23 - Service: Windows Connect Now - Config Registrar Service - C:\Windows\System32\svchost.exe
O23 - Service: WcsPlugInService DLL - C:\Windows\system32\svchost.exe
O23 - Service: Web DAV Service DLL - C:\Windows\system32\svchost.exe
O23 - Service: Event Collector Service - C:\Windows\system32\svchost.exe
O23 - Service: Problem Reports and Solutions - C:\Windows\System32\svchost.exe
O23 - Service: Windows Error Reporting Service - C:\Windows\System32\svchost.exe
O23 - Service: Windows Defender Resource Module - C:\Windows\System32\svchost.exe
O23 - Service: Windows HTTP Services - C:\Windows\system32\svchost.exe
O23 - Service: WMI - C:\Windows\system32\svchost.exe
O23 - Service: WSMan Service - C:\Windows\System32\svchost.exe
O23 - Service: Windows WLAN AutoConfig Service DLL - C:\Windows\system32\svchost.exe
O23 - Service: Windows Live Mesh remote connections service - C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
O23 - Service: Windows Live ID Sign-in Assistant - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
O23 - Service: WMI Performance Reverse Adapter - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: Windows Media Player Network Sharing Service - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: WPC Filtering Service - C:\Windows\system32\svchost.exe
O23 - Service: Portable Device Enumerator - C:\Windows\system32\svchost.exe
O23 - Service: Windows Security Center Service - C:\Windows\System32\svchost.exe
O23 - Service: Microsoft Windows Search Indexer - C:\Windows\system32\SearchIndexer.exe
O23 - Service: Windows Update Agent - C:\Windows\system32\svchost.exe
O23 - Service: Windows Driver Foundation - User-mode Driver Framework Service - C:\Windows\system32\svchost.exe
O23 - Service: WWAN Auto Config Service - C:\Windows\system32\svchost.exe
[attachment deleted by admin]