Jump to content

chulocabra

Honorary Members
  • Posts

    21
  • Joined

  • Last visited

Everything posted by chulocabra

  1. No new redirects or any IP blocks. Have taken the steps to cleanup
  2. Results of screen317's Security Check version 0.99.43 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.62.0.1300 Adobe Reader X (10.1.4) Mozilla Firefox (14.0.1) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 5% ````````````````````End of Log`````````````````````` I'll try out the search for a few days and see if its redirecting me anymore
  3. ComboFix 12-08-13.01 - Laptop 08/14/2012 10:15:36.1.1 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4859.3358 [GMT -4:00] Running from: c:\users\Laptop\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Laptop\AppData\Local\assembly\tmp . . ((((((((((((((((((((((((( Files Created from 2012-07-14 to 2012-08-14 ))))))))))))))))))))))))))))))) . . 2012-08-14 14:26 . 2012-08-14 14:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-14 14:08 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9213D1AB-7327-448E-BBA3-AD00C819B44B}\mpengine.dll 2012-08-13 16:01 . 2012-08-13 16:01 -------- d-----w- c:\program files (x86)\SystemRequirementsLab 2012-08-13 16:01 . 2012-08-13 16:01 -------- d-----w- c:\users\Laptop\AppData\Roaming\SystemRequirementsLab 2012-08-13 15:39 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-13 15:33 . 2012-08-13 15:40 16200 ----a-w- c:\windows\stinger.sys 2012-08-13 15:32 . 2012-08-13 15:40 -------- d-----w- c:\program files (x86)\stinger 2012-08-13 15:20 . 2012-08-13 15:20 -------- d-----w- C:\_OTL 2012-08-11 23:12 . 2012-08-11 23:12 -------- d-----w- c:\program files (x86)\ESET 2012-08-09 14:57 . 2012-08-09 14:57 -------- d-----w- c:\program files (x86)\ERUNT 2012-08-08 23:01 . 2012-08-08 23:01 -------- d-----w- C:\TDSSKiller_Quarantine 2012-08-07 19:48 . 2012-08-07 19:48 -------- d-----w- c:\programdata\Kaspersky Lab 2012-08-02 16:22 . 2012-08-02 16:22 62976 ----a-w- c:\windows\SysWow64\PxSecure.dll 2012-08-02 16:22 . 2012-08-02 16:22 36384 ----a-w- c:\windows\system32\drivers\pxscan.sys 2012-08-02 16:22 . 2012-08-02 16:22 65736 ----a-w- c:\windows\system32\drivers\pxrts.sys 2012-08-02 16:22 . 2012-08-02 16:22 24024 ----a-w- c:\windows\system32\drivers\pxkbf.sys 2012-08-02 16:22 . 2012-08-02 16:22 -------- d-----w- c:\program files\Prevx 2012-08-02 16:21 . 2012-08-08 14:19 -------- d-----w- c:\programdata\PrevxCSI 2012-07-31 15:04 . 2012-07-31 15:04 -------- d-----w- c:\users\Laptop\AppData\Roaming\Malwarebytes 2012-07-31 15:01 . 2012-07-31 15:01 -------- d-----w- c:\programdata\Malwarebytes 2012-07-31 15:01 . 2012-07-31 15:02 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-07-31 15:01 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-31 02:19 . 2012-07-31 02:19 -------- d-----w- c:\users\Laptop\AppData\Local\{2AEB1F0A-DAB6-11E1-8270-B8AC6F996F26} 2012-07-30 22:08 . 2012-07-30 22:08 -------- d-----w- c:\programdata\Lexmark Pro800-Pro900 Series 2012-07-30 01:01 . 2012-07-30 01:02 -------- d-----w- c:\users\Laptop\AppData\Local\Microsoft Games 2012-07-17 16:22 . 2012-07-17 16:22 -------- d-----r- c:\program files (x86)\Skype 2012-07-16 13:13 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-16 13:00 . 2012-06-02 12:49 17807360 ----a-w- c:\windows\system32\mshtml.dll 2012-07-16 13:00 . 2012-06-02 12:17 10924032 ----a-w- c:\windows\system32\ieframe.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-05 20:08 . 2012-04-24 18:53 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-05 20:08 . 2012-04-24 18:53 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-16 13:05 . 2012-05-21 13:35 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-06-18 15:39 . 2012-06-18 15:39 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2012-06-18 15:38 . 2012-06-18 15:38 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2012-06-18 15:37 . 2012-06-18 15:37 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2012-06-09 05:43 . 2012-07-11 12:34 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 06:06 . 2012-07-11 12:34 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-11 12:34 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-11 12:33 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-11 12:34 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-11 12:34 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-11 12:34 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-06-26 12:44 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-26 12:45 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-26 12:45 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-26 12:45 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-26 12:44 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-26 12:45 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-26 12:44 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 19:19 . 2012-06-26 12:44 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 19:15 . 2012-06-26 12:44 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 05:50 . 2012-07-11 12:34 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-11 12:34 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:48 . 2012-07-11 12:34 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:45 . 2012-07-11 12:34 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-11 12:34 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-11 12:34 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-11 12:34 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-11 12:34 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-11 12:34 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2012-05-22 13:52 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2012-05-22 13:52 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2012-07-23 12:38 220624 ----a-w- c:\users\Laptop\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2012-07-23 12:38 220624 ----a-w- c:\users\Laptop\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2012-07-23 12:38 220624 ----a-w- c:\users\Laptop\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "googletalk"="c:\users\Laptop\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-07-20 12218904] "SkyDrive"="c:\users\Laptop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2012-07-23 238544] "Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "LogMeIn Cubby"="c:\users\Laptop\AppData\Roaming\cubby\cubby.exe" [2012-07-11 4430712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . c:\users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-26 116648] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992] R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-05 250056] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-26 116648] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-25 1255736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] S0 pxscan;pxscan;c:\windows\System32\drivers\pxscan.sys [2012-08-02 36384] S1 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [2012-08-02 65736] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-20 203264] S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-05-21 140272] S2 CSIScanner;CSIScanner;c:\program files\Prevx\prevx.exe [2012-08-02 6746280] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680] S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-20 7767552] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-20 279040] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-28 52584] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416] S3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys [2012-08-02 24024] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 20:08] . 2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-26 20:51] . 2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-26 20:51] . 2012-08-09 c:\windows\Tasks\HPCeeScheduleForLaptop.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 02:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2012-07-23 12:38 244688 ----a-w- c:\users\Laptop\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2012-07-23 12:38 244688 ----a-w- c:\users\Laptop\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2012-07-23 12:38 244688 ----a-w- c:\users\Laptop\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-07-20 19:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-07-20 19:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-07-20 19:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-07-20 19:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-05-26 6245408] "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2011-01-23 770728] "EzPrint"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" [2011-01-23 148280] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\t4djd5u4.default\ . - - - - ORPHANS REMOVED - - - - . SafeBoot-76953180.sys HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files (x86)\Common Files\Java\Java Update\jusched.exe . ************************************************************************** . Completion time: 2012-08-14 10:45:03 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-14 14:44 . Pre-Run: 136,302,198,784 bytes free Post-Run: 136,198,983,680 bytes free . - - End Of File - - F3B694D638A5AA312E51BC587218A5C4
  4. Checkup log Results of screen317's Security Check version 0.99.43 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials (On Access scanning disabled!) Error obtaining update status for antivirus! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.62.0.1300 Java 6 Update 31 Java version out of Date! Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (14.0.1) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 5% ````````````````````End of Log`````````````````````` Running Combo fix next
  5. Stinger report McAfee® Labs Stinger Version 10.2.0.736 built on Aug 13 2012 Copyright © 2012 McAfee, Inc. All Rights Reserved. Virus data file v1000.0000 created on Aug 13 2012. Ready to scan for 4839 viruses, trojans and variants. Scan initiated on Mon Aug 13 11:32:51 2012 Rootkit scan result : Not Scanned No files scanned Scan initiated on Mon Aug 13 11:33:46 2012 Rootkit scan result : Not Scanned Master Boot Record(s):....1 Possibly Infected:.............0 Boot Sector(s):.................2 Possibly Infected: ............0 Number of clean files: 17773
  6. All processes killed ========== PROCESSES ========== ========== FILES ========== recycler not found in C:\ recycler not found in D:\ ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Laptop ->Temp folder emptied: 1044031605 bytes ->Temporary Internet Files folder emptied: 268125144 bytes ->Java cache emptied: 1005523 bytes ->FireFox cache emptied: 1086645837 bytes ->Flash cache emptied: 64611 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 190505383 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46356671 bytes RecycleBin emptied: 819115 bytes Total Files Cleaned = 2,515.00 mb Restore point Set: OTL Restore Point [EMPTYFLASH] User: All Users User: Default User: Default User User: Laptop ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.57.0 log created on 08132012_112033 Files\Folders moved on Reboot... C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... Malwarebytes has blocked an IP (scour.com) still What I was saying is that ESTE scan showed this result " C:\Users\Laptop\AppData\Local\{2AEB1F0A-DAB6-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined" Which you assumed I had Chrome installed in my computer, but I dont. So what I am saying is I dont know why there is a file labeled "Chrome" and looks like a browser. Will be running stinger next
  7. Oh yea, I dont have Chrome installed on this laptop. I dont know why Eset is showing that root dir.
  8. Thanks, I'll work on the scans I understand what you mean, however, i used to get normal search results, I will click on a link, and then sometimes (None so far ) I will be taken to another website (used to be scour) I would click BACK, and then click the same link and be taken to the "right" site. Its not an issue of clicking an invalid site since the address on the google search result does not match the address of the resulting website and if I click on the same link again it goes to the valid site.
  9. This is all the log has ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK
  10. ESET Scan C:\Users\Laptop\AppData\Local\{2AEB1F0A-DAB6-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
  11. I have not tested it too much but looks good so far. Thank you!
  12. I get redirected to this IP XXXX://63.209.69.107/ Which is Scour. Seems to happen less frequently (maybe 1 in 50 to 75 clicks)
  13. Malwarebytes Protection log. Blocked several websites just recently 2012/08/09 09:07:47 -0400 LAPTOP-HP Laptop MESSAGE Starting protection 2012/08/09 09:07:51 -0400 LAPTOP-HP Laptop MESSAGE Protection started successfully 2012/08/09 09:07:51 -0400 LAPTOP-HP Laptop MESSAGE Executing scheduled update: Daily 2012/08/09 09:07:54 -0400 LAPTOP-HP Laptop MESSAGE Starting IP protection 2012/08/09 09:07:59 -0400 LAPTOP-HP Laptop MESSAGE IP Protection started successfully 2012/08/09 09:08:06 -0400 LAPTOP-HP Laptop MESSAGE Starting database refresh 2012/08/09 09:08:06 -0400 LAPTOP-HP Laptop MESSAGE Scheduled update executed successfully: database updated from version v2012.08.08.06 to version v2012.08.09.07 2012/08/09 09:08:06 -0400 LAPTOP-HP Laptop MESSAGE Stopping IP protection 2012/08/09 09:13:58 -0400 LAPTOP-HP Laptop MESSAGE IP Protection stopped 2012/08/09 09:14:02 -0400 LAPTOP-HP Laptop MESSAGE Database refreshed successfully 2012/08/09 09:14:02 -0400 LAPTOP-HP Laptop MESSAGE Starting IP protection 2012/08/09 09:14:07 -0400 LAPTOP-HP Laptop MESSAGE IP Protection started successfully 2012/08/09 12:05:54 -0400 LAPTOP-HP Laptop MESSAGE Starting database refresh 2012/08/09 12:05:54 -0400 LAPTOP-HP Laptop MESSAGE Stopping IP protection 2012/08/09 12:10:40 -0400 LAPTOP-HP Laptop MESSAGE IP Protection stopped 2012/08/09 12:11:14 -0400 LAPTOP-HP Laptop MESSAGE Database refreshed successfully 2012/08/09 12:11:14 -0400 LAPTOP-HP Laptop MESSAGE Starting IP protection 2012/08/09 12:11:19 -0400 LAPTOP-HP Laptop MESSAGE IP Protection started successfully 2012/08/09 13:51:03 -0400 LAPTOP-HP Laptop IP-BLOCK 195.68.160.103 (Type: outgoing, Port: 52550, Process: firefox.exe) 2012/08/09 13:51:03 -0400 LAPTOP-HP Laptop IP-BLOCK 195.68.160.103 (Type: outgoing, Port: 52551, Process: firefox.exe) 2012/08/09 13:51:03 -0400 LAPTOP-HP Laptop IP-BLOCK 195.68.160.103 (Type: outgoing, Port: 52552, Process: firefox.exe) 2012/08/09 13:51:03 -0400 LAPTOP-HP Laptop IP-BLOCK 195.68.160.103 (Type: outgoing, Port: 52553, Process: firefox.exe) 2012/08/09 13:51:03 -0400 LAPTOP-HP Laptop IP-BLOCK 195.68.160.103 (Type: outgoing, Port: 52554, Process: firefox.exe) 2012/08/09 13:51:03 -0400 LAPTOP-HP Laptop IP-BLOCK 195.68.160.103 (Type: outgoing, Port: 52555, Process: firefox.exe) 2012/08/09 13:52:16 -0400 LAPTOP-HP Laptop IP-BLOCK 206.161.121.3 (Type: outgoing, Port: 52595, Process: firefox.exe)
  14. Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.09.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Laptop :: LAPTOP-HP [administrator] Protection: Enabled 8/9/2012 12:06:50 PM mbam-log-2012-08-09 (12-06-50).txt Scan type: Full scan (C:\|D:\|E:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 367166 Time elapsed: 1 hour(s), 25 minute(s), 41 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  15. AS to Google redirects, you must provide plenty of detail: a) Do you get to the actual Google website initially ? i.e., do I get there ok? Yes, I can do a normal Google Search b) Which browser are you using at the time? Be very explicit. Internet Explorer, Firefox, Chrome, or what? List them. Only Firefox 14.01 c) If got to Google site ok, what are you clicking from the list of results ? Normal search results, I will click on a link, and then sometimes (Not as frequent now) I will be taken to another website (used to be scour) I would click BACK, and then click the same link and be taken to the "right" site. You must understand that not all search results are to legitimate or safe sites. Will do a full scan and post results soon
  16. Here is also an older (previous scan) of the TDSSKILLER LOG that shows something was found 19:00:14.0207 1268 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 19:00:14.0222 1268 ============================================================ 19:00:14.0222 1268 Current date / time: 2012/08/08 19:00:14.0222 19:00:14.0222 1268 SystemInfo: 19:00:14.0222 1268 19:00:14.0222 1268 OS Version: 6.1.7601 ServicePack: 1.0 19:00:14.0222 1268 Product type: Workstation 19:00:14.0222 1268 ComputerName: LAPTOP-HP 19:00:14.0222 1268 UserName: Laptop 19:00:14.0222 1268 Windows directory: C:\Windows 19:00:14.0222 1268 System windows directory: C:\Windows 19:00:14.0222 1268 Running under WOW64 19:00:14.0222 1268 Processor architecture: Intel x64 19:00:14.0222 1268 Number of processors: 1 19:00:14.0222 1268 Page size: 0x1000 19:00:14.0222 1268 Boot type: Safe boot 19:00:14.0222 1268 ============================================================ 19:00:15.0486 1268 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:00:15.0486 1268 ============================================================ 19:00:15.0486 1268 \Device\Harddisk0\DR0: 19:00:15.0486 1268 MBR partitions: 19:00:15.0486 1268 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 19:00:15.0486 1268 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1AEBA800 19:00:15.0486 1268 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1AF1E800, BlocksNum 0x2273000 19:00:15.0486 1268 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970 19:00:15.0486 1268 ============================================================ 19:00:15.0548 1268 C: <-> \Device\Harddisk0\DR0\Partition1 19:00:15.0595 1268 D: <-> \Device\Harddisk0\DR0\Partition2 19:00:15.0595 1268 ============================================================ 19:00:15.0595 1268 Initialize success 19:00:15.0595 1268 ============================================================ 19:00:27.0950 1312 ============================================================ 19:00:27.0950 1312 Scan started 19:00:27.0950 1312 Mode: Manual; SigCheck; TDLFS; 19:00:27.0950 1312 ============================================================ 19:00:28.0808 1312 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 19:00:29.0495 1312 1394ohci - ok 19:00:29.0573 1312 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 19:00:29.0620 1312 ACPI - ok 19:00:29.0666 1312 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 19:00:29.0776 1312 AcpiPmi - ok 19:00:29.0947 1312 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:00:29.0978 1312 AdobeFlashPlayerUpdateSvc - ok 19:00:30.0072 1312 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 19:00:30.0103 1312 adp94xx - ok 19:00:30.0166 1312 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 19:00:30.0212 1312 adpahci - ok 19:00:30.0275 1312 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 19:00:30.0290 1312 adpu320 - ok 19:00:30.0353 1312 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 19:00:30.0509 1312 AeLookupSvc - ok 19:00:30.0649 1312 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 19:00:30.0665 1312 AERTFilters - ok 19:00:30.0758 1312 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 19:00:30.0821 1312 AFD - ok 19:00:30.0883 1312 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 19:00:30.0899 1312 agp440 - ok 19:00:30.0961 1312 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 19:00:31.0024 1312 ALG - ok 19:00:31.0070 1312 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 19:00:31.0070 1312 aliide - ok 19:00:31.0180 1312 AMD External Events Utility (29c151492510640343b00b63996e4070) C:\Windows\system32\atiesrxx.exe 19:00:31.0258 1312 AMD External Events Utility - ok 19:00:31.0304 1312 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 19:00:31.0320 1312 amdide - ok 19:00:31.0382 1312 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 19:00:31.0429 1312 AmdK8 - ok 19:00:31.0944 1312 amdkmdag (2c9c4824664c61351ff1e0169262d026) C:\Windows\system32\DRIVERS\atikmdag.sys 19:00:32.0162 1312 amdkmdag - ok 19:00:32.0412 1312 amdkmdap (ef7382689d3b17ac2983202e7a40ab45) C:\Windows\system32\DRIVERS\atikmpag.sys 19:00:32.0443 1312 amdkmdap - ok 19:00:32.0521 1312 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 19:00:32.0537 1312 AmdPPM - ok 19:00:32.0615 1312 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys 19:00:32.0662 1312 amdsata - ok 19:00:32.0755 1312 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 19:00:32.0771 1312 amdsbs - ok 19:00:32.0818 1312 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys 19:00:32.0818 1312 amdxata - ok 19:00:32.0880 1312 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 19:00:33.0098 1312 AppID - ok 19:00:33.0161 1312 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 19:00:33.0239 1312 AppIDSvc - ok 19:00:33.0317 1312 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 19:00:33.0395 1312 Appinfo - ok 19:00:33.0473 1312 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 19:00:33.0473 1312 arc - ok 19:00:33.0535 1312 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 19:00:33.0551 1312 arcsas - ok 19:00:33.0707 1312 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 19:00:33.0754 1312 aspnet_state - ok 19:00:33.0832 1312 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 19:00:33.0910 1312 AsyncMac - ok 19:00:33.0972 1312 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 19:00:33.0972 1312 atapi - ok 19:00:34.0175 1312 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys 19:00:34.0253 1312 athr - ok 19:00:34.0487 1312 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys 19:00:34.0487 1312 AtiPcie - ok 19:00:34.0596 1312 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:00:34.0643 1312 AudioEndpointBuilder - ok 19:00:34.0658 1312 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:00:34.0705 1312 AudioSrv - ok 19:00:34.0783 1312 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 19:00:34.0861 1312 AxInstSV - ok 19:00:34.0955 1312 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 19:00:35.0017 1312 b06bdrv - ok 19:00:35.0095 1312 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 19:00:35.0126 1312 b57nd60a - ok 19:00:35.0220 1312 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 19:00:35.0267 1312 BDESVC - ok 19:00:35.0314 1312 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 19:00:35.0392 1312 Beep - ok 19:00:35.0532 1312 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 19:00:35.0594 1312 BFE - ok 19:00:35.0704 1312 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 19:00:35.0797 1312 BITS - ok 19:00:35.0906 1312 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 19:00:35.0938 1312 blbdrive - ok 19:00:35.0984 1312 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 19:00:36.0016 1312 bowser - ok 19:00:36.0047 1312 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:00:36.0109 1312 BrFiltLo - ok 19:00:36.0140 1312 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:00:36.0156 1312 BrFiltUp - ok 19:00:36.0218 1312 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 19:00:36.0281 1312 Browser - ok 19:00:36.0343 1312 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 19:00:36.0374 1312 Brserid - ok 19:00:36.0421 1312 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 19:00:36.0452 1312 BrSerWdm - ok 19:00:36.0468 1312 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 19:00:36.0499 1312 BrUsbMdm - ok 19:00:36.0530 1312 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 19:00:36.0546 1312 BrUsbSer - ok 19:00:36.0593 1312 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 19:00:36.0624 1312 BTHMODEM - ok 19:00:36.0686 1312 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 19:00:36.0733 1312 bthserv - ok 19:00:36.0780 1312 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 19:00:36.0858 1312 cdfs - ok 19:00:36.0936 1312 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 19:00:36.0967 1312 cdrom - ok 19:00:37.0030 1312 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:00:37.0092 1312 CertPropSvc - ok 19:00:37.0201 1312 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe 19:00:37.0217 1312 CinemaNow Service - ok 19:00:37.0279 1312 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 19:00:37.0295 1312 circlass - ok 19:00:37.0373 1312 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 19:00:37.0388 1312 CLFS - ok 19:00:37.0529 1312 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:00:37.0576 1312 clr_optimization_v2.0.50727_32 - ok 19:00:37.0654 1312 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:00:37.0669 1312 clr_optimization_v2.0.50727_64 - ok 19:00:37.0763 1312 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:00:37.0903 1312 clr_optimization_v4.0.30319_32 - ok 19:00:37.0997 1312 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:00:38.0075 1312 clr_optimization_v4.0.30319_64 - ok 19:00:38.0106 1312 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 19:00:38.0137 1312 CmBatt - ok 19:00:38.0184 1312 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 19:00:38.0215 1312 cmdide - ok 19:00:38.0293 1312 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 19:00:38.0324 1312 CNG - ok 19:00:38.0387 1312 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 19:00:38.0387 1312 Compbatt - ok 19:00:38.0449 1312 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 19:00:38.0480 1312 CompositeBus - ok 19:00:38.0512 1312 COMSysApp - ok 19:00:38.0543 1312 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 19:00:38.0543 1312 crcdisk - ok 19:00:38.0621 1312 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 19:00:38.0683 1312 CryptSvc - ok 19:00:39.0182 1312 CSIScanner (5131d2469b6b19dc20b446ebe43ebb79) C:\Program Files\Prevx\prevx.exe 19:00:39.0401 1312 CSIScanner - ok 19:00:39.0588 1312 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys 19:00:39.0604 1312 dc3d - ok 19:00:39.0697 1312 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:00:39.0775 1312 DcomLaunch - ok 19:00:39.0838 1312 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 19:00:39.0900 1312 defragsvc - ok 19:00:39.0962 1312 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 19:00:40.0009 1312 DfsC - ok 19:00:40.0103 1312 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 19:00:40.0165 1312 Dhcp - ok 19:00:40.0196 1312 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 19:00:40.0243 1312 discache - ok 19:00:40.0306 1312 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 19:00:40.0321 1312 Disk - ok 19:00:40.0384 1312 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 19:00:40.0462 1312 Dnscache - ok 19:00:40.0524 1312 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 19:00:40.0586 1312 dot3svc - ok 19:00:40.0633 1312 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 19:00:40.0680 1312 DPS - ok 19:00:40.0742 1312 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 19:00:40.0774 1312 drmkaud - ok 19:00:40.0898 1312 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 19:00:40.0930 1312 DXGKrnl - ok 19:00:40.0992 1312 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 19:00:41.0054 1312 EapHost - ok 19:00:41.0320 1312 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 19:00:41.0429 1312 ebdrv - ok 19:00:41.0554 1312 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 19:00:41.0616 1312 EFS - ok 19:00:41.0803 1312 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 19:00:41.0850 1312 ehRecvr - ok 19:00:41.0897 1312 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 19:00:41.0944 1312 ehSched - ok 19:00:42.0084 1312 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 19:00:42.0115 1312 elxstor - ok 19:00:42.0146 1312 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 19:00:42.0162 1312 ErrDev - ok 19:00:42.0287 1312 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 19:00:42.0349 1312 EventSystem - ok 19:00:42.0380 1312 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 19:00:42.0458 1312 exfat - ok 19:00:42.0505 1312 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 19:00:42.0536 1312 fastfat - ok 19:00:42.0661 1312 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 19:00:42.0739 1312 Fax - ok 19:00:42.0786 1312 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 19:00:42.0817 1312 fdc - ok 19:00:42.0864 1312 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 19:00:42.0911 1312 fdPHost - ok 19:00:42.0942 1312 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 19:00:42.0989 1312 FDResPub - ok 19:00:43.0036 1312 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 19:00:43.0051 1312 FileInfo - ok 19:00:43.0082 1312 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 19:00:43.0129 1312 Filetrace - ok 19:00:43.0192 1312 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 19:00:43.0223 1312 flpydisk - ok 19:00:43.0301 1312 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 19:00:43.0348 1312 FltMgr - ok 19:00:43.0488 1312 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 19:00:43.0582 1312 FontCache - ok 19:00:43.0675 1312 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:00:43.0706 1312 FontCache3.0.0.0 - ok 19:00:43.0784 1312 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 19:00:43.0800 1312 FsDepends - ok 19:00:43.0816 1312 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 19:00:43.0847 1312 Fs_Rec - ok 19:00:43.0940 1312 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 19:00:43.0956 1312 fvevol - ok 19:00:44.0003 1312 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 19:00:44.0018 1312 gagp30kx - ok 19:00:44.0143 1312 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 19:00:44.0190 1312 gpsvc - ok 19:00:44.0284 1312 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:00:44.0299 1312 gupdate - ok 19:00:44.0299 1312 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:00:44.0315 1312 gupdatem - ok 19:00:44.0362 1312 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 19:00:44.0424 1312 hcw85cir - ok 19:00:44.0518 1312 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 19:00:44.0564 1312 HdAudAddService - ok 19:00:44.0627 1312 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 19:00:44.0658 1312 HDAudBus - ok 19:00:44.0705 1312 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 19:00:44.0720 1312 HidBatt - ok 19:00:44.0783 1312 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 19:00:44.0814 1312 HidBth - ok 19:00:44.0876 1312 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 19:00:44.0908 1312 HidIr - ok 19:00:44.0954 1312 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 19:00:45.0017 1312 hidserv - ok 19:00:45.0064 1312 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 19:00:45.0095 1312 HidUsb - ok 19:00:45.0126 1312 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 19:00:45.0204 1312 hkmsvc - ok 19:00:45.0266 1312 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 19:00:45.0313 1312 HomeGroupListener - ok 19:00:45.0360 1312 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 19:00:45.0407 1312 HomeGroupProvider - ok 19:00:45.0563 1312 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 19:00:45.0563 1312 HP Support Assistant Service - ok 19:00:45.0688 1312 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 19:00:45.0703 1312 HP Wireless Assistant Service - ok 19:00:45.0766 1312 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 19:00:45.0781 1312 HPDrvMntSvc.exe - ok 19:00:45.0875 1312 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 19:00:45.0906 1312 hpqwmiex - ok 19:00:46.0000 1312 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 19:00:46.0015 1312 HpSAMD - ok 19:00:46.0109 1312 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 19:00:46.0109 1312 HPWMISVC - ok 19:00:46.0218 1312 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 19:00:46.0296 1312 HTTP - ok 19:00:46.0327 1312 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 19:00:46.0327 1312 hwpolicy - ok 19:00:46.0421 1312 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 19:00:46.0436 1312 i8042prt - ok 19:00:46.0514 1312 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 19:00:46.0530 1312 iaStorV - ok 19:00:46.0702 1312 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:00:46.0733 1312 idsvc - ok 19:00:47.0154 1312 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys 19:00:47.0326 1312 igfx - ok 19:00:47.0513 1312 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 19:00:47.0544 1312 iirsp - ok 19:00:47.0653 1312 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 19:00:47.0716 1312 IKEEXT - ok 19:00:47.0934 1312 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys 19:00:48.0012 1312 IntcAzAudAddService - ok 19:00:48.0199 1312 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 19:00:48.0199 1312 intelide - ok 19:00:48.0262 1312 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 19:00:48.0308 1312 intelppm - ok 19:00:48.0340 1312 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 19:00:48.0402 1312 IPBusEnum - ok 19:00:48.0464 1312 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:00:48.0511 1312 IpFilterDriver - ok 19:00:48.0620 1312 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 19:00:48.0698 1312 iphlpsvc - ok 19:00:48.0745 1312 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 19:00:48.0761 1312 IPMIDRV - ok 19:00:48.0823 1312 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 19:00:48.0886 1312 IPNAT - ok 19:00:48.0917 1312 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 19:00:48.0979 1312 IRENUM - ok 19:00:49.0026 1312 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 19:00:49.0026 1312 isapnp - ok 19:00:49.0104 1312 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 19:00:49.0120 1312 iScsiPrt - ok 19:00:49.0151 1312 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 19:00:49.0182 1312 kbdclass - ok 19:00:49.0244 1312 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 19:00:49.0260 1312 kbdhid - ok 19:00:49.0322 1312 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:00:49.0322 1312 KeyIso - ok 19:00:49.0354 1312 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 19:00:49.0369 1312 KSecDD - ok 19:00:49.0432 1312 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 19:00:49.0432 1312 KSecPkg - ok 19:00:49.0510 1312 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 19:00:49.0556 1312 ksthunk - ok 19:00:49.0619 1312 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 19:00:49.0666 1312 KtmRm - ok 19:00:49.0759 1312 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 19:00:49.0806 1312 LanmanServer - ok 19:00:49.0884 1312 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 19:00:49.0931 1312 LanmanWorkstation - ok 19:00:49.0993 1312 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 19:00:50.0040 1312 lltdio - ok 19:00:50.0118 1312 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 19:00:50.0180 1312 lltdsvc - ok 19:00:50.0227 1312 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 19:00:50.0258 1312 lmhosts - ok 19:00:50.0321 1312 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 19:00:50.0336 1312 LSI_FC - ok 19:00:50.0399 1312 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 19:00:50.0414 1312 LSI_SAS - ok 19:00:50.0461 1312 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:00:50.0461 1312 LSI_SAS2 - ok 19:00:50.0508 1312 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:00:50.0524 1312 LSI_SCSI - ok 19:00:50.0586 1312 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 19:00:50.0633 1312 luafv - ok 19:00:50.0758 1312 lxecCATSCustConnectService (1f02b554ddc4086d786537a3bf6488f1) C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe 19:00:50.0773 1312 lxecCATSCustConnectService - ok 19:00:50.0804 1312 lxec_device - ok 19:00:50.0867 1312 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 19:00:50.0882 1312 MBAMProtector - ok 19:00:51.0023 1312 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:00:51.0070 1312 MBAMService - ok 19:00:51.0116 1312 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 19:00:51.0148 1312 Mcx2Svc - ok 19:00:51.0179 1312 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 19:00:51.0210 1312 megasas - ok 19:00:51.0257 1312 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 19:00:51.0304 1312 MegaSR - ok 19:00:51.0366 1312 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:00:51.0413 1312 MMCSS - ok 19:00:51.0460 1312 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 19:00:51.0491 1312 Modem - ok 19:00:51.0553 1312 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 19:00:51.0600 1312 monitor - ok 19:00:51.0662 1312 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 19:00:51.0662 1312 mouclass - ok 19:00:51.0740 1312 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 19:00:51.0772 1312 mouhid - ok 19:00:51.0818 1312 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 19:00:51.0834 1312 mountmgr - ok 19:00:51.0943 1312 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:00:51.0990 1312 MozillaMaintenance - ok 19:00:52.0052 1312 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 19:00:52.0068 1312 MpFilter - ok 19:00:52.0130 1312 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 19:00:52.0146 1312 mpio - ok 19:00:52.0208 1312 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 19:00:52.0240 1312 mpsdrv - ok 19:00:52.0333 1312 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 19:00:52.0411 1312 MpsSvc - ok 19:00:52.0458 1312 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 19:00:52.0505 1312 MRxDAV - ok 19:00:52.0567 1312 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:00:52.0614 1312 mrxsmb - ok 19:00:52.0661 1312 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:00:52.0692 1312 mrxsmb10 - ok 19:00:52.0739 1312 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:00:52.0770 1312 mrxsmb20 - ok 19:00:52.0801 1312 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 19:00:52.0817 1312 msahci - ok 19:00:52.0879 1312 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 19:00:52.0895 1312 msdsm - ok 19:00:52.0957 1312 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 19:00:52.0988 1312 MSDTC - ok 19:00:53.0051 1312 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 19:00:53.0082 1312 Msfs - ok 19:00:53.0113 1312 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 19:00:53.0144 1312 mshidkmdf - ok 19:00:53.0191 1312 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 19:00:53.0207 1312 msisadrv - ok 19:00:53.0269 1312 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 19:00:53.0332 1312 MSiSCSI - ok 19:00:53.0332 1312 msiserver - ok 19:00:53.0394 1312 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 19:00:53.0456 1312 MSKSSRV - ok 19:00:53.0550 1312 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe 19:00:53.0550 1312 MsMpSvc - ok 19:00:53.0597 1312 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 19:00:53.0644 1312 MSPCLOCK - ok 19:00:53.0675 1312 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 19:00:53.0706 1312 MSPQM - ok 19:00:53.0768 1312 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 19:00:53.0800 1312 MsRPC - ok 19:00:53.0846 1312 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 19:00:53.0862 1312 mssmbios - ok 19:00:53.0893 1312 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 19:00:53.0956 1312 MSTEE - ok 19:00:53.0987 1312 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 19:00:54.0018 1312 MTConfig - ok 19:00:54.0034 1312 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 19:00:54.0049 1312 Mup - ok 19:00:54.0127 1312 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 19:00:54.0174 1312 napagent - ok 19:00:54.0252 1312 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 19:00:54.0283 1312 NativeWifiP - ok 19:00:54.0455 1312 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 19:00:54.0486 1312 NDIS - ok 19:00:54.0533 1312 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 19:00:54.0595 1312 NdisCap - ok 19:00:54.0626 1312 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 19:00:54.0673 1312 NdisTapi - ok 19:00:54.0751 1312 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 19:00:54.0798 1312 Ndisuio - ok 19:00:54.0860 1312 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 19:00:54.0907 1312 NdisWan - ok 19:00:54.0954 1312 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 19:00:54.0985 1312 NDProxy - ok 19:00:55.0063 1312 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 19:00:55.0126 1312 NetBIOS - ok 19:00:55.0188 1312 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 19:00:55.0235 1312 NetBT - ok 19:00:55.0266 1312 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:00:55.0282 1312 Netlogon - ok 19:00:55.0391 1312 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 19:00:55.0453 1312 Netman - ok 19:00:55.0594 1312 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:00:55.0625 1312 NetMsmqActivator - ok 19:00:55.0672 1312 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:00:55.0672 1312 NetPipeActivator - ok 19:00:55.0781 1312 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 19:00:55.0828 1312 netprofm - ok 19:00:55.0843 1312 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:00:55.0843 1312 NetTcpActivator - ok 19:00:55.0859 1312 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:00:55.0859 1312 NetTcpPortSharing - ok 19:00:56.0296 1312 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 19:00:56.0483 1312 netw5v64 - ok 19:00:56.0670 1312 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 19:00:56.0701 1312 nfrd960 - ok 19:00:56.0732 1312 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 19:00:56.0748 1312 NisDrv - ok 19:00:56.0857 1312 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 19:00:56.0873 1312 NisSrv - ok 19:00:56.0966 1312 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 19:00:57.0029 1312 NlaSvc - ok 19:00:57.0091 1312 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 19:00:57.0122 1312 Npfs - ok 19:00:57.0154 1312 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 19:00:57.0232 1312 nsi - ok 19:00:57.0247 1312 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 19:00:57.0278 1312 nsiproxy - ok 19:00:57.0466 1312 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 19:00:57.0528 1312 Ntfs - ok 19:00:57.0715 1312 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 19:00:57.0793 1312 Null - ok 19:00:57.0856 1312 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 19:00:57.0871 1312 nvraid - ok 19:00:57.0902 1312 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 19:00:57.0934 1312 nvstor - ok 19:00:57.0980 1312 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 19:00:58.0012 1312 nv_agp - ok 19:00:58.0168 1312 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 19:00:58.0199 1312 odserv - ok 19:00:58.0246 1312 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 19:00:58.0277 1312 ohci1394 - ok 19:00:58.0355 1312 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:00:58.0386 1312 ose - ok 19:00:58.0464 1312 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:00:58.0511 1312 p2pimsvc - ok 19:00:58.0589 1312 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 19:00:58.0604 1312 p2psvc - ok 19:00:58.0667 1312 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 19:00:58.0682 1312 Parport - ok 19:00:58.0714 1312 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 19:00:58.0745 1312 partmgr - ok 19:00:58.0792 1312 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 19:00:58.0838 1312 PcaSvc - ok 19:00:58.0885 1312 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 19:00:58.0901 1312 pci - ok 19:00:58.0932 1312 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 19:00:58.0963 1312 pciide - ok 19:00:59.0010 1312 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 19:00:59.0041 1312 pcmcia - ok 19:00:59.0072 1312 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 19:00:59.0088 1312 pcw - ok 19:00:59.0197 1312 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 19:00:59.0228 1312 PEAUTH - ok 19:00:59.0353 1312 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 19:00:59.0384 1312 PerfHost - ok 19:00:59.0556 1312 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 19:00:59.0618 1312 pla - ok 19:00:59.0712 1312 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 19:00:59.0759 1312 PlugPlay - ok 19:00:59.0806 1312 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 19:00:59.0821 1312 PNRPAutoReg - ok 19:00:59.0899 1312 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:00:59.0899 1312 PNRPsvc - ok 19:01:00.0024 1312 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 19:01:00.0024 1312 Point64 - ok 19:01:00.0133 1312 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 19:01:00.0211 1312 PolicyAgent - ok 19:01:00.0274 1312 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 19:01:00.0336 1312 Power - ok 19:01:00.0414 1312 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 19:01:00.0461 1312 PptpMiniport - ok 19:01:00.0492 1312 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 19:01:00.0539 1312 Processor - ok 19:01:00.0617 1312 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 19:01:00.0664 1312 ProfSvc - ok 19:01:00.0710 1312 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:01:00.0710 1312 ProtectedStorage - ok 19:01:00.0773 1312 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 19:01:00.0820 1312 Psched - ok 19:01:00.0882 1312 pxkbf (ba5f7c107eace67973b4b798832a74c7) C:\Windows\system32\drivers\pxkbf.sys 19:01:00.0882 1312 pxkbf - ok 19:01:00.0929 1312 pxrts (007e57428802f587d0d6737ae7a9d989) C:\Windows\system32\drivers\pxrts.sys 19:01:00.0929 1312 pxrts - ok 19:01:00.0960 1312 pxscan (66d4d00c8908888a68b749d91f1e6789) C:\Windows\system32\drivers\pxscan.sys 19:01:00.0960 1312 pxscan - ok 19:01:01.0147 1312 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 19:01:01.0194 1312 ql2300 - ok 19:01:01.0381 1312 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 19:01:01.0397 1312 ql40xx - ok 19:01:01.0459 1312 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 19:01:01.0506 1312 QWAVE - ok 19:01:01.0553 1312 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 19:01:01.0568 1312 QWAVEdrv - ok 19:01:01.0615 1312 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 19:01:01.0646 1312 RasAcd - ok 19:01:01.0724 1312 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 19:01:01.0771 1312 RasAgileVpn - ok 19:01:01.0802 1312 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 19:01:01.0865 1312 RasAuto - ok 19:01:01.0927 1312 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:01:01.0974 1312 Rasl2tp - ok 19:01:02.0036 1312 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 19:01:02.0099 1312 RasMan - ok 19:01:02.0161 1312 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 19:01:02.0208 1312 RasPppoe - ok 19:01:02.0255 1312 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 19:01:02.0317 1312 RasSstp - ok 19:01:02.0395 1312 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 19:01:02.0442 1312 rdbss - ok 19:01:02.0489 1312 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 19:01:02.0520 1312 rdpbus - ok 19:01:02.0551 1312 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:01:02.0598 1312 RDPCDD - ok 19:01:02.0629 1312 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 19:01:02.0707 1312 RDPENCDD - ok 19:01:02.0723 1312 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 19:01:02.0754 1312 RDPREFMP - ok 19:01:02.0848 1312 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 19:01:02.0926 1312 RDPWD - ok 19:01:03.0004 1312 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 19:01:03.0019 1312 rdyboost - ok 19:01:03.0082 1312 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 19:01:03.0128 1312 RemoteAccess - ok 19:01:03.0191 1312 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 19:01:03.0253 1312 RemoteRegistry - ok 19:01:03.0300 1312 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 19:01:03.0363 1312 RpcEptMapper - ok 19:01:03.0409 1312 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 19:01:03.0441 1312 RpcLocator - ok 19:01:03.0550 1312 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:01:03.0581 1312 RpcSs - ok 19:01:03.0643 1312 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 19:01:03.0675 1312 rspndr - ok 19:01:03.0768 1312 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys 19:01:03.0815 1312 RTL8167 - ok 19:01:03.0955 1312 RtVOsdService (5fff3e71b4724bb10918fd6dd7413d99) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe 19:01:03.0987 1312 RtVOsdService ( UnsignedFile.Multi.Generic ) - warning 19:01:03.0987 1312 RtVOsdService - detected UnsignedFile.Multi.Generic (1) 19:01:04.0049 1312 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:01:04.0065 1312 SamSs - ok 19:01:04.0111 1312 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 19:01:04.0127 1312 sbp2port - ok 19:01:04.0189 1312 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 19:01:04.0236 1312 SCardSvr - ok 19:01:04.0299 1312 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 19:01:04.0345 1312 scfilter - ok 19:01:04.0486 1312 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 19:01:04.0564 1312 Schedule - ok 19:01:04.0611 1312 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:01:04.0642 1312 SCPolicySvc - ok 19:01:04.0704 1312 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 19:01:04.0751 1312 sdbus - ok 19:01:04.0782 1312 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 19:01:04.0829 1312 SDRSVC - ok 19:01:04.0860 1312 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 19:01:04.0907 1312 secdrv - ok 19:01:04.0969 1312 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 19:01:05.0016 1312 seclogon - ok 19:01:05.0063 1312 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 19:01:05.0125 1312 SENS - ok 19:01:05.0172 1312 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 19:01:05.0203 1312 SensrSvc - ok 19:01:05.0235 1312 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 19:01:05.0281 1312 Serenum - ok 19:01:05.0313 1312 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 19:01:05.0359 1312 Serial - ok 19:01:05.0422 1312 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 19:01:05.0437 1312 sermouse - ok 19:01:05.0500 1312 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 19:01:05.0547 1312 SessionEnv - ok 19:01:05.0593 1312 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 19:01:05.0640 1312 sffdisk - ok 19:01:05.0656 1312 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 19:01:05.0687 1312 sffp_mmc - ok 19:01:05.0718 1312 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 19:01:05.0734 1312 sffp_sd - ok 19:01:05.0765 1312 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 19:01:05.0796 1312 sfloppy - ok 19:01:05.0874 1312 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 19:01:05.0937 1312 SharedAccess - ok 19:01:06.0015 1312 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 19:01:06.0077 1312 ShellHWDetection - ok 19:01:06.0108 1312 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:01:06.0124 1312 SiSRaid2 - ok 19:01:06.0171 1312 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 19:01:06.0186 1312 SiSRaid4 - ok 19:01:06.0233 1312 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 19:01:06.0280 1312 Smb - ok 19:01:06.0342 1312 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 19:01:06.0389 1312 SNMPTRAP - ok 19:01:06.0420 1312 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 19:01:06.0436 1312 spldr - ok 19:01:06.0545 1312 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 19:01:06.0592 1312 Spooler - ok 19:01:06.0873 1312 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 19:01:07.0013 1312 sppsvc - ok 19:01:07.0153 1312 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 19:01:07.0185 1312 sppuinotify - ok 19:01:07.0325 1312 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 19:01:07.0356 1312 srv - ok 19:01:07.0434 1312 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 19:01:07.0450 1312 srv2 - ok 19:01:07.0543 1312 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 19:01:07.0559 1312 SrvHsfHDA - ok 19:01:07.0746 1312 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 19:01:07.0809 1312 SrvHsfV92 - ok 19:01:08.0043 1312 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 19:01:08.0074 1312 SrvHsfWinac - ok 19:01:08.0152 1312 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 19:01:08.0183 1312 srvnet - ok 19:01:08.0261 1312 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 19:01:08.0308 1312 SSDPSRV - ok 19:01:08.0339 1312 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 19:01:08.0401 1312 SstpSvc - ok 19:01:08.0433 1312 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 19:01:08.0464 1312 stexstor - ok 19:01:08.0573 1312 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 19:01:08.0651 1312 stisvc - ok 19:01:08.0698 1312 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 19:01:08.0698 1312 swenum - ok 19:01:08.0791 1312 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 19:01:08.0854 1312 swprv - ok 19:01:08.0994 1312 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys 19:01:09.0010 1312 SynTP - ok 19:01:09.0213 1312 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 19:01:09.0275 1312 SysMain - ok 19:01:09.0431 1312 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 19:01:09.0447 1312 TabletInputService - ok 19:01:09.0525 1312 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 19:01:09.0603 1312 TapiSrv - ok 19:01:09.0649 1312 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 19:01:09.0681 1312 TBS - ok 19:01:09.0930 1312 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 19:01:10.0024 1312 Tcpip - ok 19:01:10.0351 1312 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 19:01:10.0398 1312 TCPIP6 - ok 19:01:10.0585 1312 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 19:01:10.0632 1312 tcpipreg - ok 19:01:10.0679 1312 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 19:01:10.0726 1312 TDPIPE - ok 19:01:10.0741 1312 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 19:01:10.0788 1312 TDTCP - ok 19:01:10.0851 1312 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 19:01:10.0882 1312 tdx - ok 19:01:10.0944 1312 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 19:01:10.0960 1312 TermDD - ok 19:01:11.0038 1312 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 19:01:11.0100 1312 TermService - ok 19:01:11.0131 1312 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 19:01:11.0194 1312 Themes - ok 19:01:11.0256 1312 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:01:11.0287 1312 THREADORDER - ok 19:01:11.0319 1312 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 19:01:11.0381 1312 TrkWks - ok 19:01:11.0459 1312 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 19:01:11.0506 1312 TrustedInstaller - ok 19:01:11.0553 1312 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:01:11.0615 1312 tssecsrv - ok 19:01:11.0693 1312 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 19:01:11.0740 1312 TsUsbFlt - ok 19:01:11.0818 1312 TunerFreeMCEService (d3e533cbbccc4f1ea1069edc30425469) C:\Program Files (x86)\MillieSoft\TunerFreeMCE\TunerFreeMCEService.exe 19:01:11.0833 1312 TunerFreeMCEService ( UnsignedFile.Multi.Generic ) - warning 19:01:11.0833 1312 TunerFreeMCEService - detected UnsignedFile.Multi.Generic (1) 19:01:11.0896 1312 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 19:01:11.0958 1312 tunnel - ok 19:01:12.0005 1312 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 19:01:12.0036 1312 uagp35 - ok 19:01:12.0130 1312 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 19:01:12.0208 1312 udfs - ok 19:01:12.0239 1312 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 19:01:12.0270 1312 UI0Detect - ok 19:01:12.0317 1312 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 19:01:12.0348 1312 uliagpkx - ok 19:01:12.0426 1312 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 19:01:12.0426 1312 umbus - ok 19:01:12.0457 1312 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 19:01:12.0504 1312 UmPass - ok 19:01:12.0582 1312 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 19:01:12.0645 1312 upnphost - ok 19:01:12.0691 1312 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 19:01:12.0723 1312 usbccgp - ok 19:01:12.0754 1312 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 19:01:12.0785 1312 usbcir - ok 19:01:12.0816 1312 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 19:01:12.0863 1312 usbehci - ok 19:01:12.0941 1312 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys 19:01:12.0941 1312 usbfilter - ok 19:01:13.0019 1312 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 19:01:13.0050 1312 usbhub - ok 19:01:13.0081 1312 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 19:01:13.0097 1312 usbohci - ok 19:01:13.0128 1312 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 19:01:13.0159 1312 usbprint - ok 19:01:13.0237 1312 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 19:01:13.0253 1312 usbscan - ok 19:01:13.0315 1312 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:01:13.0347 1312 USBSTOR - ok 19:01:13.0393 1312 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 19:01:13.0409 1312 usbuhci - ok 19:01:13.0471 1312 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 19:01:13.0518 1312 UxSms - ok 19:01:13.0565 1312 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:01:13.0565 1312 VaultSvc - ok 19:01:13.0627 1312 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 19:01:13.0627 1312 vdrvroot - ok 19:01:13.0737 1312 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 19:01:13.0799 1312 vds - ok 19:01:13.0861 1312 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 19:01:13.0877 1312 vga - ok 19:01:13.0893 1312 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 19:01:13.0939 1312 VgaSave - ok 19:01:14.0033 1312 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 19:01:14.0049 1312 vhdmp - ok 19:01:14.0080 1312 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 19:01:14.0080 1312 viaide - ok 19:01:14.0111 1312 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 19:01:14.0127 1312 volmgr - ok 19:01:14.0189 1312 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 19:01:14.0205 1312 volmgrx - ok 19:01:14.0283 1312 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 19:01:14.0329 1312 volsnap - ok 19:01:14.0361 1312 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 19:01:14.0392 1312 vsmraid - ok 19:01:14.0563 1312 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 19:01:14.0657 1312 VSS - ok 19:01:14.0829 1312 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 19:01:14.0844 1312 vwifibus - ok 19:01:14.0907 1312 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 19:01:14.0938 1312 vwififlt - ok 19:01:15.0016 1312 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 19:01:15.0063 1312 W32Time - ok 19:01:15.0125 1312 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 19:01:15.0156 1312 WacomPen - ok 19:01:15.0234 1312 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:01:15.0297 1312 WANARP - ok 19:01:15.0312 1312 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:01:15.0359 1312 Wanarpv6 - ok 19:01:15.0499 1312 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 19:01:15.0546 1312 WatAdminSvc - ok 19:01:15.0718 1312 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 19:01:15.0780 1312 wbengine - ok 19:01:15.0952 1312 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 19:01:15.0967 1312 WbioSrvc - ok 19:01:16.0045 1312 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 19:01:16.0108 1312 wcncsvc - ok 19:01:16.0155 1312 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 19:01:16.0186 1312 WcsPlugInService - ok 19:01:16.0248 1312 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 19:01:16.0264 1312 Wd - ok 19:01:16.0389 1312 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 19:01:16.0420 1312 Wdf01000 - ok 19:01:16.0467 1312 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:01:16.0545 1312 WdiServiceHost - ok 19:01:16.0545 1312 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:01:16.0560 1312 WdiSystemHost - ok 19:01:16.0638 1312 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 19:01:16.0685 1312 WebClient - ok 19:01:16.0763 1312 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 19:01:16.0810 1312 Wecsvc - ok 19:01:16.0825 1312 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 19:01:16.0888 1312 wercplsupport - ok 19:01:16.0919 1312 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 19:01:16.0997 1312 WerSvc - ok 19:01:17.0106 1312 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 19:01:17.0137 1312 WfpLwf - ok 19:01:17.0153 1312 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 19:01:17.0184 1312 WIMMount - ok 19:01:17.0215 1312 WinDefend - ok 19:01:17.0231 1312 WinHttpAutoProxySvc - ok 19:01:17.0340 1312 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 19:01:17.0387 1312 Winmgmt - ok 19:01:17.0605 1312 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 19:01:17.0699 1312 WinRM - ok 19:01:17.0933 1312 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 19:01:17.0995 1312 Wlansvc - ok 19:01:18.0245 1312 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:01:18.0339 1312 wlidsvc - ok 19:01:18.0495 1312 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 19:01:18.0541 1312 WmiAcpi - ok 19:01:18.0619 1312 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 19:01:18.0682 1312 wmiApSrv - ok 19:01:18.0729 1312 WMPNetworkSvc - ok 19:01:18.0791 1312 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 19:01:18.0838 1312 WPCSvc - ok 19:01:18.0885 1312 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 19:01:18.0931 1312 WPDBusEnum - ok 19:01:18.0963 1312 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 19:01:19.0009 1312 ws2ifsl - ok 19:01:19.0072 1312 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 19:01:19.0103 1312 wscsvc - ok 19:01:19.0103 1312 WSearch - ok 19:01:19.0337 1312 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 19:01:19.0415 1312 wuauserv - ok 19:01:19.0602 1312 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 19:01:19.0680 1312 WudfPf - ok 19:01:19.0743 1312 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:01:19.0805 1312 WUDFRd - ok 19:01:19.0867 1312 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 19:01:19.0899 1312 wudfsvc - ok 19:01:19.0961 1312 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 19:01:19.0992 1312 WwanSvc - ok 19:01:20.0148 1312 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 19:01:20.0179 1312 YahooAUService - ok 19:01:20.0289 1312 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 19:01:20.0335 1312 yukonw7 - ok 19:01:20.0382 1312 MBR (0x1B8) (4287d1c7c777c7cdd9ab892338678e65) \Device\Harddisk0\DR0 19:01:20.0803 1312 \Device\Harddisk0\DR0 - ok 19:01:20.0803 1312 Boot (0x1200) (a71c215f653bad850a396eca1607c630) \Device\Harddisk0\DR0\Partition0 19:01:20.0803 1312 \Device\Harddisk0\DR0\Partition0 - ok 19:01:20.0850 1312 Boot (0x1200) (07ef4458efa0038db2a13c78e83a9055) \Device\Harddisk0\DR0\Partition1 19:01:20.0850 1312 \Device\Harddisk0\DR0\Partition1 - ok 19:01:20.0881 1312 Boot (0x1200) (3951b66e9a987716b97c33db33223fe6) \Device\Harddisk0\DR0\Partition2 19:01:20.0881 1312 \Device\Harddisk0\DR0\Partition2 - ok 19:01:20.0928 1312 Boot (0x1200) (fa9ac4dade58f1927454b193254063a3) \Device\Harddisk0\DR0\Partition3 19:01:20.0928 1312 \Device\Harddisk0\DR0\Partition3 - ok 19:01:20.0928 1312 ============================================================ 19:01:20.0928 1312 Scan finished 19:01:20.0928 1312 ============================================================ 19:01:20.0944 1304 Detected object count: 2 19:01:20.0944 1304 Actual detected object count: 2 19:01:54.0687 1304 C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe - copied to quarantine 19:01:54.0687 1304 HKLM\SYSTEM\ControlSet001\services\RtVOsdService - will be deleted on reboot 19:01:54.0780 1304 HKLM\SYSTEM\ControlSet002\services\RtVOsdService - will be deleted on reboot 19:01:55.0186 1304 C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe - will be deleted on reboot 19:01:55.0186 1304 RtVOsdService ( UnsignedFile.Multi.Generic ) - User select action: Delete 19:01:55.0264 1304 C:\Program Files (x86)\MillieSoft\TunerFreeMCE\TunerFreeMCEService.exe - copied to quarantine 19:01:55.0264 1304 HKLM\SYSTEM\ControlSet001\services\TunerFreeMCEService - will be deleted on reboot 19:01:55.0264 1304 HKLM\SYSTEM\ControlSet002\services\TunerFreeMCEService - will be deleted on reboot 19:01:55.0279 1304 C:\Program Files (x86)\MillieSoft\TunerFreeMCE\TunerFreeMCEService.exe - will be deleted on reboot 19:01:55.0279 1304 TunerFreeMCEService ( UnsignedFile.Multi.Generic ) - User select action: Delete 19:02:22.0845 1264 Deinitialize success
  17. ASWMBR Log aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-08-09 11:03:51 ----------------------------- 11:03:51.340 OS Version: Windows x64 6.1.7601 Service Pack 1 11:03:51.341 Number of processors: 1 586 0x603 11:03:51.342 ComputerName: LAPTOP-HP UserName: Laptop 11:03:52.834 Initialize success 11:05:16.646 AVAST engine defs: 12080900 11:05:39.359 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000053 11:05:39.362 Disk 0 Vendor: WDC_WD25 02.0 Size: 238475MB BusType: 11 11:05:39.380 Disk 0 MBR read successfully 11:05:39.383 Disk 0 MBR scan 11:05:39.388 Disk 0 unknown MBR code 11:05:39.402 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 11:05:39.418 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 220533 MB offset 409600 11:05:39.456 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17638 MB offset 452061184 11:05:39.475 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 488183808 11:05:39.521 Disk 0 scanning C:\Windows\system32\drivers 11:05:51.765 Service scanning 11:06:35.833 Modules scanning 11:06:35.843 Scan finished successfully 11:06:53.188 Disk 0 MBR has been saved successfully to "C:\Users\Laptop\Desktop\MBR.dat" 11:06:53.193 The log file has been saved successfully to "C:\Users\Laptop\Desktop\aswMBR.txt" TDSSKILLER LOG 19:10:23.0787 1220 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 19:10:23.0818 1220 ============================================================ 19:10:23.0818 1220 Current date / time: 2012/08/08 19:10:23.0818 19:10:23.0818 1220 SystemInfo: 19:10:23.0818 1220 19:10:23.0818 1220 OS Version: 6.1.7601 ServicePack: 1.0 19:10:23.0818 1220 Product type: Workstation 19:10:23.0818 1220 ComputerName: LAPTOP-HP 19:10:23.0818 1220 UserName: Laptop 19:10:23.0818 1220 Windows directory: C:\Windows 19:10:23.0818 1220 System windows directory: C:\Windows 19:10:23.0818 1220 Running under WOW64 19:10:23.0818 1220 Processor architecture: Intel x64 19:10:23.0818 1220 Number of processors: 1 19:10:23.0818 1220 Page size: 0x1000 19:10:23.0818 1220 Boot type: Safe boot 19:10:23.0818 1220 ============================================================ 19:10:25.0176 1220 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:10:25.0176 1220 ============================================================ 19:10:25.0176 1220 \Device\Harddisk0\DR0: 19:10:25.0176 1220 MBR partitions: 19:10:25.0176 1220 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 19:10:25.0176 1220 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1AEBA800 19:10:25.0176 1220 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1AF1E800, BlocksNum 0x2273000 19:10:25.0176 1220 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970 19:10:25.0176 1220 ============================================================ 19:10:25.0222 1220 C: <-> \Device\Harddisk0\DR0\Partition1 19:10:25.0285 1220 D: <-> \Device\Harddisk0\DR0\Partition2 19:10:25.0285 1220 ============================================================ 19:10:25.0285 1220 Initialize success 19:10:25.0285 1220 ============================================================ 19:10:33.0506 1272 ============================================================ 19:10:33.0506 1272 Scan started 19:10:33.0506 1272 Mode: Manual; 19:10:33.0506 1272 ============================================================ 19:10:34.0504 1272 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 19:10:34.0520 1272 1394ohci - ok 19:10:34.0598 1272 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 19:10:34.0614 1272 ACPI - ok 19:10:34.0660 1272 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 19:10:34.0660 1272 AcpiPmi - ok 19:10:34.0848 1272 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:10:34.0879 1272 AdobeFlashPlayerUpdateSvc - ok 19:10:34.0957 1272 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 19:10:34.0972 1272 adp94xx - ok 19:10:35.0050 1272 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 19:10:35.0050 1272 adpahci - ok 19:10:35.0128 1272 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 19:10:35.0128 1272 adpu320 - ok 19:10:35.0206 1272 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 19:10:35.0206 1272 AeLookupSvc - ok 19:10:35.0316 1272 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 19:10:35.0331 1272 AERTFilters - ok 19:10:35.0440 1272 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 19:10:35.0440 1272 AFD - ok 19:10:35.0518 1272 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 19:10:35.0518 1272 agp440 - ok 19:10:35.0565 1272 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 19:10:35.0565 1272 ALG - ok 19:10:35.0612 1272 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 19:10:35.0612 1272 aliide - ok 19:10:35.0706 1272 AMD External Events Utility (29c151492510640343b00b63996e4070) C:\Windows\system32\atiesrxx.exe 19:10:35.0721 1272 AMD External Events Utility - ok 19:10:35.0752 1272 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 19:10:35.0752 1272 amdide - ok 19:10:35.0815 1272 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 19:10:35.0815 1272 AmdK8 - ok 19:10:36.0361 1272 amdkmdag (2c9c4824664c61351ff1e0169262d026) C:\Windows\system32\DRIVERS\atikmdag.sys 19:10:36.0517 1272 amdkmdag - ok 19:10:36.0704 1272 amdkmdap (ef7382689d3b17ac2983202e7a40ab45) C:\Windows\system32\DRIVERS\atikmpag.sys 19:10:36.0704 1272 amdkmdap - ok 19:10:36.0766 1272 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 19:10:36.0766 1272 AmdPPM - ok 19:10:36.0798 1272 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys 19:10:36.0798 1272 amdsata - ok 19:10:36.0876 1272 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 19:10:36.0876 1272 amdsbs - ok 19:10:36.0922 1272 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys 19:10:36.0922 1272 amdxata - ok 19:10:36.0985 1272 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 19:10:36.0985 1272 AppID - ok 19:10:37.0016 1272 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 19:10:37.0016 1272 AppIDSvc - ok 19:10:37.0094 1272 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 19:10:37.0094 1272 Appinfo - ok 19:10:37.0203 1272 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 19:10:37.0203 1272 arc - ok 19:10:37.0281 1272 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 19:10:37.0297 1272 arcsas - ok 19:10:37.0437 1272 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 19:10:37.0453 1272 aspnet_state - ok 19:10:37.0515 1272 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 19:10:37.0515 1272 AsyncMac - ok 19:10:37.0546 1272 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 19:10:37.0546 1272 atapi - ok 19:10:37.0734 1272 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys 19:10:37.0765 1272 athr - ok 19:10:37.0968 1272 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys 19:10:37.0968 1272 AtiPcie - ok 19:10:38.0092 1272 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:10:38.0108 1272 AudioEndpointBuilder - ok 19:10:38.0124 1272 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:10:38.0124 1272 AudioSrv - ok 19:10:38.0202 1272 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 19:10:38.0202 1272 AxInstSV - ok 19:10:38.0280 1272 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 19:10:38.0311 1272 b06bdrv - ok 19:10:38.0404 1272 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 19:10:38.0404 1272 b57nd60a - ok 19:10:38.0467 1272 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 19:10:38.0467 1272 BDESVC - ok 19:10:38.0514 1272 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 19:10:38.0514 1272 Beep - ok 19:10:38.0638 1272 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 19:10:38.0654 1272 BFE - ok 19:10:38.0748 1272 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 19:10:38.0763 1272 BITS - ok 19:10:38.0872 1272 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 19:10:38.0872 1272 blbdrive - ok 19:10:38.0919 1272 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 19:10:38.0919 1272 bowser - ok 19:10:38.0950 1272 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:10:38.0950 1272 BrFiltLo - ok 19:10:38.0997 1272 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:10:38.0997 1272 BrFiltUp - ok 19:10:39.0028 1272 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 19:10:39.0028 1272 Browser - ok 19:10:39.0091 1272 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 19:10:39.0106 1272 Brserid - ok 19:10:39.0169 1272 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 19:10:39.0169 1272 BrSerWdm - ok 19:10:39.0216 1272 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 19:10:39.0216 1272 BrUsbMdm - ok 19:10:39.0231 1272 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 19:10:39.0231 1272 BrUsbSer - ok 19:10:39.0247 1272 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 19:10:39.0247 1272 BTHMODEM - ok 19:10:39.0325 1272 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 19:10:39.0325 1272 bthserv - ok 19:10:39.0356 1272 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 19:10:39.0356 1272 cdfs - ok 19:10:39.0434 1272 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 19:10:39.0434 1272 cdrom - ok 19:10:39.0481 1272 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:10:39.0481 1272 CertPropSvc - ok 19:10:39.0621 1272 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe 19:10:39.0621 1272 CinemaNow Service - ok 19:10:39.0684 1272 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 19:10:39.0684 1272 circlass - ok 19:10:39.0777 1272 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 19:10:39.0793 1272 CLFS - ok 19:10:39.0902 1272 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:10:39.0902 1272 clr_optimization_v2.0.50727_32 - ok 19:10:39.0964 1272 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:10:39.0980 1272 clr_optimization_v2.0.50727_64 - ok 19:10:40.0089 1272 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:10:40.0230 1272 clr_optimization_v4.0.30319_32 - ok 19:10:40.0308 1272 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:10:40.0386 1272 clr_optimization_v4.0.30319_64 - ok 19:10:40.0448 1272 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 19:10:40.0448 1272 CmBatt - ok 19:10:40.0479 1272 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 19:10:40.0479 1272 cmdide - ok 19:10:40.0557 1272 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 19:10:40.0588 1272 CNG - ok 19:10:40.0651 1272 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 19:10:40.0651 1272 Compbatt - ok 19:10:40.0698 1272 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 19:10:40.0698 1272 CompositeBus - ok 19:10:40.0729 1272 COMSysApp - ok 19:10:40.0760 1272 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 19:10:40.0760 1272 crcdisk - ok 19:10:40.0838 1272 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 19:10:40.0869 1272 CryptSvc - ok 19:10:41.0322 1272 CSIScanner (5131d2469b6b19dc20b446ebe43ebb79) C:\Program Files\Prevx\prevx.exe 19:10:41.0462 1272 CSIScanner - ok 19:10:41.0665 1272 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys 19:10:41.0665 1272 dc3d - ok 19:10:41.0758 1272 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:10:41.0758 1272 DcomLaunch - ok 19:10:41.0821 1272 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 19:10:41.0836 1272 defragsvc - ok 19:10:41.0899 1272 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 19:10:41.0899 1272 DfsC - ok 19:10:41.0992 1272 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 19:10:42.0024 1272 Dhcp - ok 19:10:42.0039 1272 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 19:10:42.0039 1272 discache - ok 19:10:42.0117 1272 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 19:10:42.0117 1272 Disk - ok 19:10:42.0164 1272 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 19:10:42.0180 1272 Dnscache - ok 19:10:42.0242 1272 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 19:10:42.0258 1272 dot3svc - ok 19:10:42.0320 1272 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 19:10:42.0320 1272 DPS - ok 19:10:42.0367 1272 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 19:10:42.0367 1272 drmkaud - ok 19:10:42.0492 1272 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 19:10:42.0507 1272 DXGKrnl - ok 19:10:42.0554 1272 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 19:10:42.0554 1272 EapHost - ok 19:10:42.0819 1272 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 19:10:42.0866 1272 ebdrv - ok 19:10:43.0022 1272 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 19:10:43.0022 1272 EFS - ok 19:10:43.0194 1272 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 19:10:43.0225 1272 ehRecvr - ok 19:10:43.0256 1272 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 19:10:43.0256 1272 ehSched - ok 19:10:43.0412 1272 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 19:10:43.0428 1272 elxstor - ok 19:10:43.0459 1272 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 19:10:43.0459 1272 ErrDev - ok 19:10:43.0552 1272 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 19:10:43.0584 1272 EventSystem - ok 19:10:43.0646 1272 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 19:10:43.0662 1272 exfat - ok 19:10:43.0693 1272 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 19:10:43.0693 1272 fastfat - ok 19:10:43.0833 1272 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 19:10:43.0864 1272 Fax - ok 19:10:43.0880 1272 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 19:10:43.0880 1272 fdc - ok 19:10:43.0942 1272 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 19:10:43.0942 1272 fdPHost - ok 19:10:43.0958 1272 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 19:10:43.0958 1272 FDResPub - ok 19:10:43.0974 1272 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 19:10:44.0005 1272 FileInfo - ok 19:10:44.0020 1272 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 19:10:44.0020 1272 Filetrace - ok 19:10:44.0083 1272 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 19:10:44.0083 1272 flpydisk - ok 19:10:44.0161 1272 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 19:10:44.0161 1272 FltMgr - ok 19:10:44.0348 1272 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 19:10:44.0379 1272 FontCache - ok 19:10:44.0473 1272 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:10:44.0473 1272 FontCache3.0.0.0 - ok 19:10:44.0582 1272 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 19:10:44.0598 1272 FsDepends - ok 19:10:44.0629 1272 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 19:10:44.0629 1272 Fs_Rec - ok 19:10:44.0722 1272 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 19:10:44.0722 1272 fvevol - ok 19:10:44.0754 1272 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 19:10:44.0754 1272 gagp30kx - ok 19:10:44.0878 1272 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 19:10:44.0878 1272 gpsvc - ok 19:10:44.0988 1272 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:10:44.0988 1272 gupdate - ok 19:10:45.0019 1272 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:10:45.0019 1272 gupdatem - ok 19:10:45.0050 1272 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 19:10:45.0050 1272 hcw85cir - ok 19:10:45.0144 1272 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 19:10:45.0175 1272 HdAudAddService - ok 19:10:45.0222 1272 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 19:10:45.0222 1272 HDAudBus - ok 19:10:45.0268 1272 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 19:10:45.0268 1272 HidBatt - ok 19:10:45.0315 1272 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 19:10:45.0315 1272 HidBth - ok 19:10:45.0378 1272 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 19:10:45.0378 1272 HidIr - ok 19:10:45.0409 1272 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 19:10:45.0440 1272 hidserv - ok 19:10:45.0471 1272 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 19:10:45.0471 1272 HidUsb - ok 19:10:45.0518 1272 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 19:10:45.0518 1272 hkmsvc - ok 19:10:45.0596 1272 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 19:10:45.0596 1272 HomeGroupListener - ok 19:10:45.0658 1272 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 19:10:45.0674 1272 HomeGroupProvider - ok 19:10:45.0830 1272 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 19:10:45.0830 1272 HP Support Assistant Service - ok 19:10:45.0955 1272 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe 19:10:45.0970 1272 HP Wireless Assistant Service - ok 19:10:46.0048 1272 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe 19:10:46.0048 1272 HPDrvMntSvc.exe - ok 19:10:46.0142 1272 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 19:10:46.0142 1272 hpqwmiex - ok 19:10:46.0267 1272 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 19:10:46.0282 1272 HpSAMD - ok 19:10:46.0376 1272 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 19:10:46.0376 1272 HPWMISVC - ok 19:10:46.0470 1272 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 19:10:46.0470 1272 HTTP - ok 19:10:46.0548 1272 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 19:10:46.0548 1272 hwpolicy - ok 19:10:46.0610 1272 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 19:10:46.0610 1272 i8042prt - ok 19:10:46.0672 1272 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 19:10:46.0688 1272 iaStorV - ok 19:10:46.0860 1272 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:10:46.0875 1272 idsvc - ok 19:10:47.0328 1272 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys 19:10:47.0452 1272 igfx - ok 19:10:47.0640 1272 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 19:10:47.0640 1272 iirsp - ok 19:10:47.0749 1272 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 19:10:47.0780 1272 IKEEXT - ok 19:10:47.0998 1272 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys 19:10:48.0045 1272 IntcAzAudAddService - ok 19:10:48.0201 1272 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 19:10:48.0201 1272 intelide - ok 19:10:48.0264 1272 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 19:10:48.0264 1272 intelppm - ok 19:10:48.0342 1272 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 19:10:48.0357 1272 IPBusEnum - ok 19:10:48.0404 1272 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:10:48.0404 1272 IpFilterDriver - ok 19:10:48.0498 1272 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 19:10:48.0513 1272 iphlpsvc - ok 19:10:48.0560 1272 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 19:10:48.0560 1272 IPMIDRV - ok 19:10:48.0622 1272 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 19:10:48.0622 1272 IPNAT - ok 19:10:48.0654 1272 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 19:10:48.0654 1272 IRENUM - ok 19:10:48.0700 1272 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 19:10:48.0700 1272 isapnp - ok 19:10:48.0732 1272 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 19:10:48.0763 1272 iScsiPrt - ok 19:10:48.0810 1272 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 19:10:48.0810 1272 kbdclass - ok 19:10:48.0841 1272 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 19:10:48.0841 1272 kbdhid - ok 19:10:48.0888 1272 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:10:48.0888 1272 KeyIso - ok 19:10:48.0934 1272 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 19:10:48.0934 1272 KSecDD - ok 19:10:48.0997 1272 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 19:10:48.0997 1272 KSecPkg - ok 19:10:49.0075 1272 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 19:10:49.0075 1272 ksthunk - ok 19:10:49.0137 1272 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 19:10:49.0153 1272 KtmRm - ok 19:10:49.0231 1272 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 19:10:49.0246 1272 LanmanServer - ok 19:10:49.0324 1272 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 19:10:49.0324 1272 LanmanWorkstation - ok 19:10:49.0387 1272 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 19:10:49.0387 1272 lltdio - ok 19:10:49.0449 1272 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 19:10:49.0465 1272 lltdsvc - ok 19:10:49.0512 1272 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 19:10:49.0512 1272 lmhosts - ok 19:10:49.0574 1272 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 19:10:49.0574 1272 LSI_FC - ok 19:10:49.0652 1272 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 19:10:49.0652 1272 LSI_SAS - ok 19:10:49.0683 1272 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:10:49.0683 1272 LSI_SAS2 - ok 19:10:49.0730 1272 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:10:49.0746 1272 LSI_SCSI - ok 19:10:49.0761 1272 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 19:10:49.0777 1272 luafv - ok 19:10:49.0855 1272 lxecCATSCustConnectService (1f02b554ddc4086d786537a3bf6488f1) C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe 19:10:49.0886 1272 lxecCATSCustConnectService - ok 19:10:49.0917 1272 lxec_device - ok 19:10:49.0964 1272 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 19:10:49.0980 1272 MBAMProtector - ok 19:10:50.0120 1272 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:10:50.0136 1272 MBAMService - ok 19:10:50.0214 1272 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 19:10:50.0214 1272 Mcx2Svc - ok 19:10:50.0245 1272 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 19:10:50.0245 1272 megasas - ok 19:10:50.0323 1272 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 19:10:50.0354 1272 MegaSR - ok 19:10:50.0401 1272 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:10:50.0401 1272 MMCSS - ok 19:10:50.0448 1272 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 19:10:50.0448 1272 Modem - ok 19:10:50.0494 1272 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 19:10:50.0494 1272 monitor - ok 19:10:50.0557 1272 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 19:10:50.0557 1272 mouclass - ok 19:10:50.0619 1272 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 19:10:50.0619 1272 mouhid - ok 19:10:50.0650 1272 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 19:10:50.0650 1272 mountmgr - ok 19:10:50.0806 1272 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:10:50.0806 1272 MozillaMaintenance - ok 19:10:50.0884 1272 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 19:10:50.0900 1272 MpFilter - ok 19:10:50.0962 1272 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 19:10:50.0978 1272 mpio - ok 19:10:51.0009 1272 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 19:10:51.0040 1272 mpsdrv - ok 19:10:51.0150 1272 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 19:10:51.0165 1272 MpsSvc - ok 19:10:51.0228 1272 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 19:10:51.0259 1272 MRxDAV - ok 19:10:51.0306 1272 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:10:51.0321 1272 mrxsmb - ok 19:10:51.0384 1272 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:10:51.0384 1272 mrxsmb10 - ok 19:10:51.0415 1272 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:10:51.0415 1272 mrxsmb20 - ok 19:10:51.0462 1272 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 19:10:51.0462 1272 msahci - ok 19:10:51.0508 1272 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 19:10:51.0508 1272 msdsm - ok 19:10:51.0571 1272 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 19:10:51.0571 1272 MSDTC - ok 19:10:51.0649 1272 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 19:10:51.0649 1272 Msfs - ok 19:10:51.0680 1272 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 19:10:51.0680 1272 mshidkmdf - ok 19:10:51.0711 1272 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 19:10:51.0742 1272 msisadrv - ok 19:10:51.0789 1272 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 19:10:51.0805 1272 MSiSCSI - ok 19:10:51.0805 1272 msiserver - ok 19:10:51.0883 1272 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 19:10:51.0883 1272 MSKSSRV - ok 19:10:51.0961 1272 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe 19:10:51.0961 1272 MsMpSvc - ok 19:10:51.0976 1272 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 19:10:51.0976 1272 MSPCLOCK - ok 19:10:51.0976 1272 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 19:10:51.0976 1272 MSPQM - ok 19:10:52.0054 1272 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 19:10:52.0070 1272 MsRPC - ok 19:10:52.0132 1272 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 19:10:52.0132 1272 mssmbios - ok 19:10:52.0210 1272 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 19:10:52.0210 1272 MSTEE - ok 19:10:52.0226 1272 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 19:10:52.0226 1272 MTConfig - ok 19:10:52.0257 1272 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 19:10:52.0257 1272 Mup - ok 19:10:52.0382 1272 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 19:10:52.0398 1272 napagent - ok 19:10:52.0460 1272 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 19:10:52.0460 1272 NativeWifiP - ok 19:10:52.0585 1272 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 19:10:52.0600 1272 NDIS - ok 19:10:52.0647 1272 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 19:10:52.0647 1272 NdisCap - ok 19:10:52.0678 1272 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 19:10:52.0678 1272 NdisTapi - ok 19:10:52.0756 1272 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 19:10:52.0756 1272 Ndisuio - ok 19:10:52.0834 1272 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 19:10:52.0834 1272 NdisWan - ok 19:10:52.0897 1272 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 19:10:52.0897 1272 NDProxy - ok 19:10:52.0959 1272 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 19:10:52.0959 1272 NetBIOS - ok 19:10:53.0037 1272 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 19:10:53.0037 1272 NetBT - ok 19:10:53.0068 1272 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:10:53.0068 1272 Netlogon - ok 19:10:53.0193 1272 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 19:10:53.0209 1272 Netman - ok 19:10:53.0349 1272 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:10:53.0396 1272 NetMsmqActivator - ok 19:10:53.0412 1272 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:10:53.0412 1272 NetPipeActivator - ok 19:10:53.0505 1272 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 19:10:53.0505 1272 netprofm - ok 19:10:53.0536 1272 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:10:53.0536 1272 NetTcpActivator - ok 19:10:53.0552 1272 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:10:53.0552 1272 NetTcpPortSharing - ok 19:10:53.0989 1272 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 19:10:54.0098 1272 netw5v64 - ok 19:10:54.0316 1272 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 19:10:54.0316 1272 nfrd960 - ok 19:10:54.0363 1272 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 19:10:54.0363 1272 NisDrv - ok 19:10:54.0488 1272 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 19:10:54.0504 1272 NisSrv - ok 19:10:54.0582 1272 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 19:10:54.0597 1272 NlaSvc - ok 19:10:54.0644 1272 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 19:10:54.0644 1272 Npfs - ok 19:10:54.0675 1272 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 19:10:54.0675 1272 nsi - ok 19:10:54.0706 1272 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 19:10:54.0706 1272 nsiproxy - ok 19:10:54.0862 1272 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 19:10:54.0909 1272 Ntfs - ok 19:10:55.0096 1272 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 19:10:55.0096 1272 Null - ok 19:10:55.0159 1272 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 19:10:55.0174 1272 nvraid - ok 19:10:55.0221 1272 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 19:10:55.0221 1272 nvstor - ok 19:10:55.0299 1272 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 19:10:55.0299 1272 nv_agp - ok 19:10:55.0455 1272 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 19:10:55.0471 1272 odserv - ok 19:10:55.0502 1272 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 19:10:55.0502 1272 ohci1394 - ok 19:10:55.0596 1272 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:10:55.0596 1272 ose - ok 19:10:55.0674 1272 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:10:55.0689 1272 p2pimsvc - ok 19:10:55.0767 1272 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 19:10:55.0767 1272 p2psvc - ok 19:10:55.0830 1272 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 19:10:55.0830 1272 Parport - ok 19:10:55.0876 1272 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 19:10:55.0876 1272 partmgr - ok 19:10:55.0939 1272 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 19:10:55.0939 1272 PcaSvc - ok 19:10:55.0986 1272 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 19:10:56.0001 1272 pci - ok 19:10:56.0017 1272 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 19:10:56.0017 1272 pciide - ok 19:10:56.0095 1272 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 19:10:56.0095 1272 pcmcia - ok 19:10:56.0157 1272 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 19:10:56.0157 1272 pcw - ok 19:10:56.0235 1272 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 19:10:56.0266 1272 PEAUTH - ok 19:10:56.0391 1272 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 19:10:56.0391 1272 PerfHost - ok 19:10:56.0563 1272 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 19:10:56.0594 1272 pla - ok 19:10:56.0688 1272 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 19:10:56.0703 1272 PlugPlay - ok 19:10:56.0750 1272 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 19:10:56.0750 1272 PNRPAutoReg - ok 19:10:56.0797 1272 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:10:56.0797 1272 PNRPsvc - ok 19:10:56.0890 1272 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 19:10:56.0890 1272 Point64 - ok 19:10:56.0984 1272 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 19:10:57.0000 1272 PolicyAgent - ok 19:10:57.0078 1272 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 19:10:57.0078 1272 Power - ok 19:10:57.0140 1272 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 19:10:57.0140 1272 PptpMiniport - ok 19:10:57.0171 1272 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 19:10:57.0202 1272 Processor - ok 19:10:57.0280 1272 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 19:10:57.0280 1272 ProfSvc - ok 19:10:57.0312 1272 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:10:57.0312 1272 ProtectedStorage - ok 19:10:57.0390 1272 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 19:10:57.0421 1272 Psched - ok 19:10:57.0468 1272 pxkbf (ba5f7c107eace67973b4b798832a74c7) C:\Windows\system32\drivers\pxkbf.sys 19:10:57.0468 1272 pxkbf - ok 19:10:57.0483 1272 pxrts (007e57428802f587d0d6737ae7a9d989) C:\Windows\system32\drivers\pxrts.sys 19:10:57.0483 1272 pxrts - ok 19:10:57.0514 1272 pxscan (66d4d00c8908888a68b749d91f1e6789) C:\Windows\system32\drivers\pxscan.sys 19:10:57.0514 1272 pxscan - ok 19:10:57.0702 1272 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 19:10:57.0733 1272 ql2300 - ok 19:10:57.0904 1272 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 19:10:57.0904 1272 ql40xx - ok 19:10:57.0982 1272 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 19:10:57.0982 1272 QWAVE - ok 19:10:57.0998 1272 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 19:10:57.0998 1272 QWAVEdrv - ok 19:10:58.0029 1272 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 19:10:58.0029 1272 RasAcd - ok 19:10:58.0092 1272 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 19:10:58.0092 1272 RasAgileVpn - ok 19:10:58.0138 1272 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 19:10:58.0138 1272 RasAuto - ok 19:10:58.0201 1272 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:10:58.0201 1272 Rasl2tp - ok 19:10:58.0294 1272 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 19:10:58.0310 1272 RasMan - ok 19:10:58.0357 1272 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 19:10:58.0357 1272 RasPppoe - ok 19:10:58.0419 1272 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 19:10:58.0419 1272 RasSstp - ok 19:10:58.0497 1272 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 19:10:58.0497 1272 rdbss - ok 19:10:58.0528 1272 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 19:10:58.0528 1272 rdpbus - ok 19:10:58.0544 1272 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:10:58.0544 1272 RDPCDD - ok 19:10:58.0606 1272 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 19:10:58.0606 1272 RDPENCDD - ok 19:10:58.0622 1272 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 19:10:58.0622 1272 RDPREFMP - ok 19:10:58.0716 1272 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 19:10:58.0731 1272 RDPWD - ok 19:10:58.0809 1272 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 19:10:58.0809 1272 rdyboost - ok 19:10:58.0872 1272 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 19:10:58.0872 1272 RemoteAccess - ok 19:10:58.0903 1272 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 19:10:58.0918 1272 RemoteRegistry - ok 19:10:58.0965 1272 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 19:10:58.0965 1272 RpcEptMapper - ok 19:10:58.0996 1272 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 19:10:58.0996 1272 RpcLocator - ok 19:10:59.0074 1272 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:10:59.0074 1272 RpcSs - ok 19:10:59.0137 1272 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 19:10:59.0137 1272 rspndr - ok 19:10:59.0246 1272 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys 19:10:59.0262 1272 RTL8167 - ok 19:10:59.0293 1272 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:10:59.0293 1272 SamSs - ok 19:10:59.0340 1272 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 19:10:59.0340 1272 sbp2port - ok 19:10:59.0402 1272 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 19:10:59.0433 1272 SCardSvr - ok 19:10:59.0496 1272 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 19:10:59.0496 1272 scfilter - ok 19:10:59.0636 1272 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 19:10:59.0667 1272 Schedule - ok 19:10:59.0714 1272 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:10:59.0714 1272 SCPolicySvc - ok 19:10:59.0776 1272 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 19:10:59.0792 1272 sdbus - ok 19:10:59.0823 1272 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 19:10:59.0854 1272 SDRSVC - ok 19:10:59.0886 1272 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 19:10:59.0886 1272 secdrv - ok 19:10:59.0948 1272 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 19:10:59.0948 1272 seclogon - ok 19:10:59.0979 1272 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 19:10:59.0979 1272 SENS - ok 19:11:00.0042 1272 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 19:11:00.0042 1272 SensrSvc - ok 19:11:00.0088 1272 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 19:11:00.0088 1272 Serenum - ok 19:11:00.0120 1272 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 19:11:00.0135 1272 Serial - ok 19:11:00.0182 1272 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 19:11:00.0182 1272 sermouse - ok 19:11:00.0244 1272 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 19:11:00.0244 1272 SessionEnv - ok 19:11:00.0276 1272 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 19:11:00.0276 1272 sffdisk - ok 19:11:00.0322 1272 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 19:11:00.0322 1272 sffp_mmc - ok 19:11:00.0354 1272 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 19:11:00.0354 1272 sffp_sd - ok 19:11:00.0416 1272 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 19:11:00.0416 1272 sfloppy - ok 19:11:00.0478 1272 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 19:11:00.0478 1272 SharedAccess - ok 19:11:00.0588 1272 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 19:11:00.0603 1272 ShellHWDetection - ok 19:11:00.0634 1272 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:11:00.0634 1272 SiSRaid2 - ok 19:11:00.0697 1272 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 19:11:00.0697 1272 SiSRaid4 - ok 19:11:00.0744 1272 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 19:11:00.0744 1272 Smb - ok 19:11:00.0806 1272 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 19:11:00.0806 1272 SNMPTRAP - ok 19:11:00.0837 1272 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 19:11:00.0837 1272 spldr - ok 19:11:00.0962 1272 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 19:11:00.0978 1272 Spooler - ok 19:11:01.0290 1272 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 19:11:01.0368 1272 sppsvc - ok 19:11:01.0508 1272 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 19:11:01.0508 1272 sppuinotify - ok 19:11:01.0664 1272 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 19:11:01.0664 1272 srv - ok 19:11:01.0742 1272 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 19:11:01.0742 1272 srv2 - ok 19:11:01.0820 1272 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 19:11:01.0836 1272 SrvHsfHDA - ok 19:11:01.0976 1272 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 19:11:02.0007 1272 SrvHsfV92 - ok 19:11:02.0226 1272 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 19:11:02.0257 1272 SrvHsfWinac - ok 19:11:02.0304 1272 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 19:11:02.0304 1272 srvnet - ok 19:11:02.0397 1272 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 19:11:02.0413 1272 SSDPSRV - ok 19:11:02.0444 1272 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 19:11:02.0444 1272 SstpSvc - ok 19:11:02.0475 1272 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 19:11:02.0475 1272 stexstor - ok 19:11:02.0616 1272 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 19:11:02.0631 1272 stisvc - ok 19:11:02.0678 1272 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 19:11:02.0678 1272 swenum - ok 19:11:02.0756 1272 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 19:11:02.0772 1272 swprv - ok 19:11:02.0896 1272 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys 19:11:02.0896 1272 SynTP - ok 19:11:03.0084 1272 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 19:11:03.0130 1272 SysMain - ok 19:11:03.0286 1272 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 19:11:03.0286 1272 TabletInputService - ok 19:11:03.0380 1272 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 19:11:03.0380 1272 TapiSrv - ok 19:11:03.0442 1272 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 19:11:03.0442 1272 TBS - ok 19:11:03.0676 1272 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 19:11:03.0723 1272 Tcpip - ok 19:11:04.0035 1272 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 19:11:04.0051 1272 TCPIP6 - ok 19:11:04.0191 1272 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 19:11:04.0191 1272 tcpipreg - ok 19:11:04.0254 1272 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 19:11:04.0254 1272 TDPIPE - ok 19:11:04.0285 1272 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 19:11:04.0285 1272 TDTCP - ok 19:11:04.0363 1272 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 19:11:04.0363 1272 tdx - ok 19:11:04.0425 1272 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 19:11:04.0425 1272 TermDD - ok 19:11:04.0519 1272 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 19:11:04.0519 1272 TermService - ok 19:11:04.0566 1272 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 19:11:04.0581 1272 Themes - ok 19:11:04.0628 1272 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:11:04.0628 1272 THREADORDER - ok 19:11:04.0659 1272 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 19:11:04.0659 1272 TrkWks - ok 19:11:04.0784 1272 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 19:11:04.0800 1272 TrustedInstaller - ok 19:11:04.0831 1272 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:11:04.0831 1272 tssecsrv - ok 19:11:04.0909 1272 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 19:11:04.0909 1272 TsUsbFlt - ok 19:11:05.0002 1272 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 19:11:05.0002 1272 tunnel - ok 19:11:05.0049 1272 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 19:11:05.0049 1272 uagp35 - ok 19:11:05.0112 1272 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 19:11:05.0127 1272 udfs - ok 19:11:05.0190 1272 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 19:11:05.0190 1272 UI0Detect - ok 19:11:05.0268 1272 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 19:11:05.0268 1272 uliagpkx - ok 19:11:05.0314 1272 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 19:11:05.0314 1272 umbus - ok 19:11:05.0361 1272 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 19:11:05.0361 1272 UmPass - ok 19:11:05.0439 1272 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 19:11:05.0455 1272 upnphost - ok 19:11:05.0502 1272 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 19:11:05.0502 1272 usbccgp - ok 19:11:05.0548 1272 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 19:11:05.0548 1272 usbcir - ok 19:11:05.0595 1272 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 19:11:05.0595 1272 usbehci - ok 19:11:05.0658 1272 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys 19:11:05.0658 1272 usbfilter - ok 19:11:05.0736 1272 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 19:11:05.0751 1272 usbhub - ok 19:11:05.0767 1272 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 19:11:05.0767 1272 usbohci - ok 19:11:05.0782 1272 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 19:11:05.0782 1272 usbprint - ok 19:11:05.0892 1272 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 19:11:05.0907 1272 usbscan - ok 19:11:05.0938 1272 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:11:05.0938 1272 USBSTOR - ok 19:11:05.0985 1272 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 19:11:05.0985 1272 usbuhci - ok 19:11:06.0048 1272 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 19:11:06.0048 1272 UxSms - ok 19:11:06.0079 1272 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:11:06.0079 1272 VaultSvc - ok 19:11:06.0141 1272 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 19:11:06.0141 1272 vdrvroot - ok 19:11:06.0219 1272 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 19:11:06.0235 1272 vds - ok 19:11:06.0282 1272 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 19:11:06.0282 1272 vga - ok 19:11:06.0297 1272 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 19:11:06.0313 1272 VgaSave - ok 19:11:06.0360 1272 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 19:11:06.0375 1272 vhdmp - ok 19:11:06.0391 1272 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 19:11:06.0406 1272 viaide - ok 19:11:06.0438 1272 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 19:11:06.0453 1272 volmgr - ok 19:11:06.0516 1272 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 19:11:06.0547 1272 volmgrx - ok 19:11:06.0594 1272 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 19:11:06.0625 1272 volsnap - ok 19:11:06.0672 1272 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 19:11:06.0703 1272 vsmraid - ok 19:11:06.0874 1272 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 19:11:06.0906 1272 VSS - ok 19:11:07.0062 1272 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 19:11:07.0062 1272 vwifibus - ok 19:11:07.0124 1272 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 19:11:07.0124 1272 vwififlt - ok 19:11:07.0202 1272 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 19:11:07.0218 1272 W32Time - ok 19:11:07.0264 1272 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 19:11:07.0264 1272 WacomPen - ok 19:11:07.0311 1272 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:11:07.0311 1272 WANARP - ok 19:11:07.0358 1272 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:11:07.0358 1272 Wanarpv6 - ok 19:11:07.0498 1272 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 19:11:07.0530 1272 WatAdminSvc - ok 19:11:07.0701 1272 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 19:11:07.0732 1272 wbengine - ok 19:11:07.0904 1272 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 19:11:07.0904 1272 WbioSrvc - ok 19:11:07.0982 1272 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 19:11:07.0998 1272 wcncsvc - ok 19:11:08.0013 1272 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 19:11:08.0013 1272 WcsPlugInService - ok 19:11:08.0091 1272 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 19:11:08.0107 1272 Wd - ok 19:11:08.0216 1272 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 19:11:08.0232 1272 Wdf01000 - ok 19:11:08.0247 1272 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:11:08.0247 1272 WdiServiceHost - ok 19:11:08.0278 1272 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:11:08.0278 1272 WdiSystemHost - ok 19:11:08.0356 1272 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 19:11:08.0372 1272 WebClient - ok 19:11:08.0434 1272 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 19:11:08.0434 1272 Wecsvc - ok 19:11:08.0450 1272 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 19:11:08.0466 1272 wercplsupport - ok 19:11:08.0512 1272 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 19:11:08.0512 1272 WerSvc - ok 19:11:08.0622 1272 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 19:11:08.0622 1272 WfpLwf - ok 19:11:08.0637 1272 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 19:11:08.0637 1272 WIMMount - ok 19:11:08.0684 1272 WinDefend - ok 19:11:08.0700 1272 WinHttpAutoProxySvc - ok 19:11:08.0793 1272 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 19:11:08.0824 1272 Winmgmt - ok 19:11:09.0058 1272 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 19:11:09.0105 1272 WinRM - ok 19:11:09.0339 1272 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 19:11:09.0355 1272 Wlansvc - ok 19:11:09.0636 1272 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:11:09.0698 1272 wlidsvc - ok 19:11:09.0885 1272 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 19:11:09.0885 1272 WmiAcpi - ok 19:11:09.0963 1272 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 19:11:09.0963 1272 wmiApSrv - ok 19:11:10.0026 1272 WMPNetworkSvc - ok 19:11:10.0057 1272 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 19:11:10.0057 1272 WPCSvc - ok 19:11:10.0104 1272 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 19:11:10.0104 1272 WPDBusEnum - ok 19:11:10.0150 1272 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 19:11:10.0150 1272 ws2ifsl - ok 19:11:10.0197 1272 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 19:11:10.0197 1272 wscsvc - ok 19:11:10.0197 1272 WSearch - ok 19:11:10.0400 1272 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 19:11:10.0462 1272 wuauserv - ok 19:11:10.0665 1272 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 19:11:10.0665 1272 WudfPf - ok 19:11:10.0712 1272 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:11:10.0743 1272 WUDFRd - ok 19:11:10.0790 1272 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 19:11:10.0790 1272 wudfsvc - ok 19:11:10.0852 1272 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 19:11:10.0868 1272 WwanSvc - ok 19:11:11.0055 1272 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 19:11:11.0071 1272 YahooAUService - ok 19:11:11.0149 1272 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 19:11:11.0180 1272 yukonw7 - ok 19:11:11.0196 1272 MBR (0x1B8) (4287d1c7c777c7cdd9ab892338678e65) \Device\Harddisk0\DR0 19:11:11.0523 1272 \Device\Harddisk0\DR0 - ok 19:11:11.0554 1272 Boot (0x1200) (a71c215f653bad850a396eca1607c630) \Device\Harddisk0\DR0\Partition0 19:11:11.0554 1272 \Device\Harddisk0\DR0\Partition0 - ok 19:11:11.0570 1272 Boot (0x1200) (07ef4458efa0038db2a13c78e83a9055) \Device\Harddisk0\DR0\Partition1 19:11:11.0570 1272 \Device\Harddisk0\DR0\Partition1 - ok 19:11:11.0617 1272 Boot (0x1200) (3951b66e9a987716b97c33db33223fe6) \Device\Harddisk0\DR0\Partition2 19:11:11.0617 1272 \Device\Harddisk0\DR0\Partition2 - ok 19:11:11.0664 1272 Boot (0x1200) (fa9ac4dade58f1927454b193254063a3) \Device\Harddisk0\DR0\Partition3 19:11:11.0664 1272 \Device\Harddisk0\DR0\Partition3 - ok 19:11:11.0664 1272 ============================================================ 19:11:11.0664 1272 Scan finished 19:11:11.0664 1272 ============================================================ 19:11:11.0679 1264 Detected object count: 0 19:11:11.0679 1264 Actual detected object count: 0 19:11:18.0996 1216 Deinitialize success RKReport Log RogueKiller V7.6.5 [08/03/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Laptop [Admin rights] Mode: Scan -- Date: 08/09/2012 11:10:46 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 8 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : SkyDrive ("C:\Users\Laptop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background) -> FOUND [sUSP PATH] HKCU\[...]\Run : LogMeIn Cubby ("C:\Users\Laptop\AppData\Roaming\cubby\cubby.exe" -hidden) -> FOUND [sUSP PATH] HKUS\S-1-5-21-3703631627-3218618479-3953746154-1000[...]\Run : SkyDrive ("C:\Users\Laptop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background) -> FOUND [sUSP PATH] HKUS\S-1-5-21-3703631627-3218618479-3953746154-1000[...]\Run : LogMeIn Cubby ("C:\Users\Laptop\AppData\Roaming\cubby\cubby.exe" -hidden) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD25 00BEVT-60A23T0 SATA Disk Device +++++ --- User --- [MBR] 16e2d66bec32eb89fe8c129beefc9791 [bSP] a3822365e81e0f01494ed47717fee0b3 : Windows Vista/7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 220533 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 452061184 | Size: 17638 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 488183808 | Size: 103 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
  18. Well i was trying to fix it myself and so read through a dozen forums. No so sure where I got theTDSSKiller. It did catch some stuff, however I am still getting the MBAM warning of a blocked redirect
  19. Thanks Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.09.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Laptop :: LAPTOP-HP [administrator] Protection: Enabled 8/9/2012 9:49:05 AM mbam-log-2012-08-09 (09-49-05).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 197190 Time elapsed: 8 minute(s), 50 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Protection log 2012/08/09 09:07:47 -0400 LAPTOP-HP Laptop MESSAGE Starting protection 2012/08/09 09:07:51 -0400 LAPTOP-HP Laptop MESSAGE Protection started successfully 2012/08/09 09:07:51 -0400 LAPTOP-HP Laptop MESSAGE Executing scheduled update: Daily 2012/08/09 09:07:54 -0400 LAPTOP-HP Laptop MESSAGE Starting IP protection 2012/08/09 09:07:59 -0400 LAPTOP-HP Laptop MESSAGE IP Protection started successfully 2012/08/09 09:08:06 -0400 LAPTOP-HP Laptop MESSAGE Starting database refresh 2012/08/09 09:08:06 -0400 LAPTOP-HP Laptop MESSAGE Scheduled update executed successfully: database updated from version v2012.08.08.06 to version v2012.08.09.07 2012/08/09 09:08:06 -0400 LAPTOP-HP Laptop MESSAGE Stopping IP protection 2012/08/09 09:13:58 -0400 LAPTOP-HP Laptop MESSAGE IP Protection stopped 2012/08/09 09:14:02 -0400 LAPTOP-HP Laptop MESSAGE Database refreshed successfully 2012/08/09 09:14:02 -0400 LAPTOP-HP Laptop MESSAGE Starting IP protection 2012/08/09 09:14:07 -0400 LAPTOP-HP Laptop MESSAGE IP Protection started successfully DDS Log DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Laptop at 9:59:55 on 2012-08-09 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4859.2983 [GMT -4:00] . AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\system32\atibtmon.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe C:\Program Files\Prevx\prevx.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\lxeccoms.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Prevx\prevx.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Users\Laptop\AppData\Roaming\Google\Google Talk\googletalk.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Users\Laptop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files (x86)\Windows Sidebar\sidebar.exe C:\Users\Laptop\AppData\Roaming\cubby\cubby.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Users\Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit=userinit.exe, BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll uRun: [googletalk] C:\Users\Laptop\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart uRun: [skyDrive] "C:\Users\Laptop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background uRun: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun uRun: [LogMeIn Cubby] "C:\Users\Laptop\AppData\Roaming\cubby\cubby.exe" -hidden mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\Users\Laptop\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 72.215.157.116 72.215.157.117 TCP: Interfaces\{0D04A0FC-3742-4DD7-99AD-8C633B5A0934} : DhcpNameServer = 10.3.11.217 10.3.11.211 TCP: Interfaces\{F9E93DF1-BDCC-4DD8-9A3A-C0E76F026057} : DhcpNameServer = 72.215.157.116 72.215.157.117 TCP: Interfaces\{F9E93DF1-BDCC-4DD8-9A3A-C0E76F026057}\14E64627F696461405 : DhcpNameServer = 192.168.43.1 TCP: Interfaces\{F9E93DF1-BDCC-4DD8-9A3A-C0E76F026057}\14E64627F69646140503432393 : DhcpNameServer = 192.168.43.1 TCP: Interfaces\{F9E93DF1-BDCC-4DD8-9A3A-C0E76F026057}\E4564777F627B6 : DhcpNameServer = 192.168.0.1 BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll BHO-X64: 0x1 - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\2n5yldh4.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 pxscan;pxscan;C:\Windows\system32\drivers\pxscan.sys --> C:\Windows\system32\drivers\pxscan.sys [?] R1 pxrts;pxrts;C:\Windows\system32\drivers\pxrts.sys --> C:\Windows\system32\drivers\pxrts.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-4-18 98208] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272] R2 CSIScanner;CSIScanner;C:\Program Files\Prevx\prevx.exe [2012-8-2 6746280] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680] R2 lxec_device;lxec_device;C:\Windows\system32\lxeccoms.exe -service --> C:\Windows\system32\lxeccoms.exe -service [?] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-31 655944] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 pxkbf;pxkbf;C:\Windows\system32\drivers\pxkbf.sys --> C:\Windows\system32\drivers\pxkbf.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-26 116648] S2 lxecCATSCustConnectService;lxecCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxecserv.exe [2012-6-11 45736] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-24 250056] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-26 116648] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-24 113120] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] . =============== Created Last 30 ================ . 2012-08-09 13:52:58 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D8FF7073-E42C-4C31-BAB7-2B8DE33D4FC6}\offreg.dll 2012-08-08 23:01:54 -------- d-----w- C:\TDSSKiller_Quarantine 2012-08-08 13:45:24 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D8FF7073-E42C-4C31-BAB7-2B8DE33D4FC6}\mpengine.dll 2012-08-07 19:48:07 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-08-07 13:22:05 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-02 16:22:04 62976 ----a-w- C:\Windows\SysWow64\PxSecure.dll 2012-08-02 16:22:03 36384 ----a-w- C:\Windows\System32\drivers\pxscan.sys 2012-08-02 16:22:02 65736 ----a-w- C:\Windows\System32\drivers\pxrts.sys 2012-08-02 16:22:02 24024 ----a-w- C:\Windows\System32\drivers\pxkbf.sys 2012-08-02 16:22:01 -------- d-----w- C:\Program Files\Prevx 2012-08-02 16:21:21 -------- d-----w- C:\ProgramData\PrevxCSI 2012-07-31 15:04:28 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Malwarebytes 2012-07-31 15:01:51 -------- d-----w- C:\ProgramData\Malwarebytes 2012-07-31 15:01:48 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-31 15:01:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-07-31 02:19:38 -------- d-----w- C:\Users\Laptop\AppData\Local\{2AEB1F0A-DAB6-11E1-8270-B8AC6F996F26} 2012-07-30 22:08:37 -------- d-----w- C:\ProgramData\Lexmark Pro800-Pro900 Series 2012-07-30 01:01:41 -------- d-----w- C:\Users\Laptop\AppData\Local\Microsoft Games 2012-07-17 16:22:39 -------- d-----r- C:\Program Files (x86)\Skype 2012-07-16 13:13:34 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 12:33:58 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2012-07-11 12:33:58 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2012-07-11 12:33:57 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll 2012-07-11 12:33:57 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll 2012-07-11 12:33:57 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 12:33:56 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 12:33:56 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 12:33:55 1133568 ----a-w- C:\Windows\System32\cdosys.dll . ==================== Find3M ==================== . 2012-08-05 20:08:29 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-05 20:08:29 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-22 13:52:40 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2012-05-22 13:52:38 175616 ----a-w- C:\Windows\System32\msclmd.dll . ============= FINISH: 10:01:10.82 =============== Please do NOT put logs/reports in Quote or Code boxes. Just a plain Copy & Paste into the main body of reply. Thanks !
  20. Hi, I have read through many help request and subsequent instructions but cant seem to remove this redirect virus (Click on a google link and takes you to another site) and once in a while I get malwarebytes saying they have blocked a site ( http://206.161.121.3 ) Having run diffrent antivirus and TDSSKiller (which said they caught and then removed some stuff) I still have issues. Any help would be appreciated.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.