Jump to content

pblock

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. ComboFix 12-10-16.02 - Jamie 10/16/2012 20:27:36.1.2 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3836.2433 [GMT -5:00] Running from: c:\users\Jamie\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Jamie\AppData\Local\Temp\{A33A1E10-D358-4DFC-9650-27254C491C41}\fpb.tmp c:\windows\assembly\tmp\U . . ((((((((((((((((((((((((( Files Created from 2012-09-17 to 2012-10-17 ))))))))))))))))))))))))))))))) . . 2012-10-17 01:39 . 2012-10-17 01:39 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-10-17 01:39 . 2012-10-17 01:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-16 16:09 . 2012-10-16 16:09 208216 ----a-w- c:\windows\system32\drivers\04935156.sys 2012-10-16 16:06 . 2012-10-16 16:06 -------- d-----w- C:\TDSSKiller_Quarantine 2012-10-11 00:10 . 2012-10-11 00:10 -------- d-----w- c:\program files\Microsoft Silverlight 2012-10-11 00:10 . 2012-10-11 00:10 -------- d-----w- c:\program files (x86)\Microsoft Silverlight . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-16 16:14 . 2011-10-11 00:37 5110 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2012-09-07 22:04 . 2011-08-18 18:17 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 06:49 . 2012-09-06 01:46 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9076C1E7-5E12-4CE7-A5CA-09E3A27D6E91}\mpengine.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-13 98304] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-06-15 307200] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736] "ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2012-03-28 309184] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe" [bU] . c:\users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Citrix Access Gateway.lnk - c:\program files\Citrix\Secure Access Client\nsload.exe [2011-9-27 1523864] McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] Online plug-in.lnk - c:\windows\Installer\{913778D3-E1D8-4B55-9246-3308C54D3162}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2012-8-31 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0BBD.exe /d \Device\HarddiskVolume1\Program Files (x86)\Ad-Aware Antivirus\Definitions\0BBD.exe /d \Device\HarddiskVolume1\Program Files (x86)\Ad-Aware Antivirus\Definitions\0BBD.exe /d \Device\HarddiskVolume1\Program Files (x86)\Ad-Aware Antivirus\Definitions\0BBD.exe /d \Device\HarddiskVolume1\Program Files (x86)\Ad-Aware Antivirus\Definitions\0BBD.exe /d \Device\HarddiskVolume1\Program Files (x86)\Ad-Aware Antivirus\Definitions\0BBD.exe /d \Device\HarddiskVolume1\Program Files (x86)\Ad-Aware Antivirus\Definitions\0BBD.exe /d \Device\HarddiskVolume1\Program Files (x86)\Ad-Aware Antivirus\Definitions\0SBBD.exe /d \Device\HarddiskVolume1\Program Files (x86)\Ad-Aware Antivirus\Definitions . R1 hwlrobok;hwlrobok;c:\windows\system32\drivers\hwlrobok.sys [x] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-10 1255736] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2012-03-19 89536] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\AESTSr64.exe [2009-03-02 89600] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-09-22 203264] S2 cag;Citrix cag plugin for Access Gateway;c:\program files\Common Files\Deterministic Networks\Common Files\cag.sys [2011-06-09 100952] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-14 30520] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432] S2 nsverctl;Citrix Secure Access Client Service;c:\program files\Citrix\Secure Access Client\nsverctl.exe [2011-09-27 154776] S3 ctxva51;Citrix Virtual Adapter;c:\windows\system32\DRIVERS\ctxva51.sys [2011-09-27 45720] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 08162572 *NewlyCreated* - 12169813 *Deregistered* - 08162572 *Deregistered* - 12169813 . Contents of the 'Scheduled Tasks' folder . 2012-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3996044527-1223710297-2653187080-1000Core.job - c:\users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-20 15:57] . 2012-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3996044527-1223710297-2653187080-1000UA.job - c:\users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-20 15:57] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-09-21 487424] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs AppnApi . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 97.64.183.164 97.64.209.37 . - - - - ORPHANS REMOVED - - - - . SafeBoot-12169813.sys HKLM-Run-SBRegRebootCleaner - c:\program files (x86)\Ad-Aware Antivirus\SBRC.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{3543619C-D563-43F7-95EA-4DA7E1CC396A}"=hex:51,66,7a,6c,4c,1d,38,12,f2,62,50, 31,51,9b,99,06,ea,fc,0e,e7,e4,92,7d,7e "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:09,f0,96,be,54,b1,cc,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,57,d5,4d,22,29,e9,41,96,73,d3,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,57,d5,4d,22,29,e9,41,96,73,d3,\ . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-10-16 20:55:57 ComboFix-quarantined-files.txt 2012-10-17 01:55 ComboFix2.txt 2012-07-05 00:56 . Pre-Run: 223,317,827,584 bytes free Post-Run: 223,451,099,136 bytes free . - - End Of File - - 57A57E4AE2AD1E874E833587CB3DDDA4
  2. 11:09:14.0826 2804 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47 11:09:15.0481 2804 ============================================================ 11:09:15.0481 2804 Current date / time: 2012/10/16 11:09:15.0481 11:09:15.0481 2804 SystemInfo: 11:09:15.0481 2804 11:09:15.0497 2804 OS Version: 6.1.7601 ServicePack: 1.0 11:09:15.0497 2804 Product type: Workstation 11:09:15.0497 2804 ComputerName: JAMIE-PC 11:09:15.0497 2804 UserName: Jamie 11:09:15.0497 2804 Windows directory: C:\Windows 11:09:15.0497 2804 System windows directory: C:\Windows 11:09:15.0497 2804 Running under WOW64 11:09:15.0497 2804 Processor architecture: Intel x64 11:09:15.0497 2804 Number of processors: 2 11:09:15.0497 2804 Page size: 0x1000 11:09:15.0497 2804 Boot type: Normal boot 11:09:15.0497 2804 ============================================================ 11:09:17.0479 2804 BG loaded 11:09:18.0962 2804 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:09:19.0009 2804 ============================================================ 11:09:19.0009 2804 \Device\Harddisk0\DR0: 11:09:19.0040 2804 MBR partitions: 11:09:19.0040 2804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23EF7800 11:09:19.0243 2804 ============================================================ 11:09:19.0328 2804 C: <-> \Device\Harddisk0\DR0\Partition1 11:09:19.0328 2804 ============================================================ 11:09:19.0328 2804 Initialize success 11:09:19.0328 2804 ============================================================ 11:11:27.0008 3492 ============================================================ 11:11:27.0008 3492 Scan started 11:11:27.0008 3492 Mode: Manual; 11:11:27.0008 3492 ============================================================ 11:11:28.0756 3492 ================ Scan system memory ======================== 11:11:28.0756 3492 System memory - ok 11:11:28.0756 3492 ================ Scan services ============================= 11:11:28.0943 3492 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 11:11:28.0943 3492 1394ohci - ok 11:11:29.0005 3492 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys 11:11:29.0005 3492 Accelerometer - ok 11:11:29.0036 3492 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 11:11:29.0052 3492 ACPI - ok 11:11:29.0068 3492 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 11:11:29.0083 3492 AcpiPmi - ok 11:11:29.0177 3492 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 11:11:29.0177 3492 AdobeARMservice - ok 11:11:29.0239 3492 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 11:11:29.0255 3492 adp94xx - ok 11:11:29.0317 3492 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 11:11:29.0317 3492 adpahci - ok 11:11:29.0348 3492 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 11:11:29.0364 3492 adpu320 - ok 11:11:29.0426 3492 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 11:11:29.0426 3492 AeLookupSvc - ok 11:11:29.0504 3492 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\AESTSr64.exe 11:11:29.0504 3492 AESTFilters - ok 11:11:29.0551 3492 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 11:11:29.0567 3492 AFD - ok 11:11:29.0614 3492 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 11:11:29.0614 3492 agp440 - ok 11:11:29.0660 3492 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 11:11:29.0676 3492 ALG - ok 11:11:29.0707 3492 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 11:11:29.0707 3492 aliide - ok 11:11:29.0754 3492 [ 17E08CE1FAEA6D4BA6A155D56D18CC49 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 11:11:29.0754 3492 AMD External Events Utility - ok 11:11:29.0770 3492 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 11:11:29.0785 3492 amdide - ok 11:11:29.0816 3492 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 11:11:29.0816 3492 AmdK8 - ok 11:11:29.0832 3492 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 11:11:29.0832 3492 AmdPPM - ok 11:11:29.0879 3492 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 11:11:29.0879 3492 amdsata - ok 11:11:29.0910 3492 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 11:11:29.0926 3492 amdsbs - ok 11:11:29.0972 3492 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 11:11:29.0972 3492 amdxata - ok 11:11:30.0050 3492 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 11:11:30.0050 3492 AppID - ok 11:11:30.0128 3492 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 11:11:30.0144 3492 AppIDSvc - ok 11:11:30.0206 3492 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 11:11:30.0206 3492 Appinfo - ok 11:11:30.0472 3492 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 11:11:30.0487 3492 Apple Mobile Device - ok 11:11:30.0565 3492 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 11:11:30.0581 3492 AppMgmt - ok 11:11:30.0737 3492 AppnApi - ok 11:11:30.0846 3492 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 11:11:30.0862 3492 arc - ok 11:11:30.0908 3492 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 11:11:30.0955 3492 arcsas - ok 11:11:31.0018 3492 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 11:11:31.0018 3492 AsyncMac - ok 11:11:31.0033 3492 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 11:11:31.0033 3492 atapi - ok 11:11:31.0127 3492 [ 38562A6A9CB10844759EAF2B01A7FCD3 ] athr C:\Windows\system32\DRIVERS\athrx.sys 11:11:31.0142 3492 athr - ok 11:11:31.0236 3492 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 11:11:31.0236 3492 AtiHdmiService - ok 11:11:31.0423 3492 [ 58564C9A3DA71C633A236A791EE5ACA4 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 11:11:31.0532 3492 atikmdag - ok 11:11:31.0610 3492 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 11:11:31.0610 3492 AtiPcie - ok 11:11:31.0673 3492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 11:11:31.0688 3492 AudioEndpointBuilder - ok 11:11:31.0704 3492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 11:11:31.0720 3492 AudioSrv - ok 11:11:31.0766 3492 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 11:11:31.0766 3492 AxInstSV - ok 11:11:31.0844 3492 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 11:11:31.0844 3492 b06bdrv - ok 11:11:31.0891 3492 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 11:11:31.0907 3492 b57nd60a - ok 11:11:31.0969 3492 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 11:11:31.0969 3492 BDESVC - ok 11:11:32.0000 3492 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 11:11:32.0000 3492 Beep - ok 11:11:32.0047 3492 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 11:11:32.0063 3492 BFE - ok 11:11:32.0125 3492 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 11:11:32.0125 3492 BITS - ok 11:11:32.0172 3492 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 11:11:32.0172 3492 blbdrive - ok 11:11:32.0250 3492 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 11:11:32.0250 3492 Bonjour Service - ok 11:11:32.0281 3492 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 11:11:32.0297 3492 bowser - ok 11:11:32.0312 3492 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 11:11:32.0328 3492 BrFiltLo - ok 11:11:32.0328 3492 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 11:11:32.0328 3492 BrFiltUp - ok 11:11:32.0359 3492 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 11:11:32.0359 3492 BridgeMP - ok 11:11:32.0406 3492 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll 11:11:32.0406 3492 Browser - ok 11:11:32.0422 3492 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 11:11:32.0437 3492 Brserid - ok 11:11:32.0453 3492 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 11:11:32.0453 3492 BrSerWdm - ok 11:11:32.0468 3492 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 11:11:32.0468 3492 BrUsbMdm - ok 11:11:32.0468 3492 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 11:11:32.0468 3492 BrUsbSer - ok 11:11:32.0484 3492 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 11:11:32.0484 3492 BTHMODEM - ok 11:11:32.0500 3492 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 11:11:32.0515 3492 bthserv - ok 11:11:32.0546 3492 [ F0A71F51BC0F67085BEC96038DEA3465 ] cag C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys 11:11:32.0546 3492 cag - ok 11:11:32.0578 3492 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 11:11:32.0578 3492 cdfs - ok 11:11:32.0624 3492 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 11:11:32.0624 3492 cdrom - ok 11:11:32.0656 3492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 11:11:32.0671 3492 CertPropSvc - ok 11:11:32.0687 3492 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 11:11:32.0687 3492 circlass - ok 11:11:32.0749 3492 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 11:11:32.0765 3492 CLFS - ok 11:11:32.0827 3492 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:11:32.0827 3492 clr_optimization_v2.0.50727_32 - ok 11:11:32.0890 3492 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:11:32.0890 3492 clr_optimization_v2.0.50727_64 - ok 11:11:32.0968 3492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:11:32.0968 3492 clr_optimization_v4.0.30319_32 - ok 11:11:33.0030 3492 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:11:33.0046 3492 clr_optimization_v4.0.30319_64 - ok 11:11:33.0108 3492 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 11:11:33.0108 3492 CmBatt - ok 11:11:33.0139 3492 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 11:11:33.0139 3492 cmdide - ok 11:11:33.0202 3492 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys 11:11:33.0202 3492 CNG - ok 11:11:33.0233 3492 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 11:11:33.0233 3492 Compbatt - ok 11:11:33.0248 3492 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 11:11:33.0264 3492 CompositeBus - ok 11:11:33.0280 3492 COMSysApp - ok 11:11:33.0311 3492 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 11:11:33.0311 3492 crcdisk - ok 11:11:33.0373 3492 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll 11:11:33.0373 3492 CryptSvc - ok 11:11:33.0436 3492 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 11:11:33.0436 3492 CSC - ok 11:11:33.0482 3492 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 11:11:33.0498 3492 CscService - ok 11:11:33.0560 3492 [ EB7439918F3E04B51CD8822FD8C8E018 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys 11:11:33.0560 3492 ctxusbm - ok 11:11:33.0607 3492 [ 34A6E7D3D1DA4D9121690C43CD254C56 ] ctxva51 C:\Windows\system32\DRIVERS\ctxva51.sys 11:11:33.0607 3492 ctxva51 - ok 11:11:33.0670 3492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 11:11:33.0685 3492 DcomLaunch - ok 11:11:33.0732 3492 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 11:11:33.0748 3492 defragsvc - ok 11:11:33.0763 3492 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 11:11:33.0779 3492 DfsC - ok 11:11:33.0810 3492 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 11:11:33.0826 3492 Dhcp - ok 11:11:33.0857 3492 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 11:11:33.0872 3492 discache - ok 11:11:33.0904 3492 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 11:11:33.0904 3492 Disk - ok 11:11:33.0950 3492 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 11:11:33.0950 3492 dmvsc - ok 11:11:34.0013 3492 [ E9C75FFC6A7B8BB61CDA4857549DCEA4 ] DNE C:\Windows\system32\DRIVERS\dnelwf64.sys 11:11:34.0013 3492 DNE - ok 11:11:34.0060 3492 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 11:11:34.0060 3492 Dnscache - ok 11:11:34.0106 3492 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 11:11:34.0122 3492 dot3svc - ok 11:11:34.0153 3492 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 11:11:34.0153 3492 DPS - ok 11:11:34.0184 3492 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 11:11:34.0200 3492 drmkaud - ok 11:11:34.0262 3492 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 11:11:34.0278 3492 DXGKrnl - ok 11:11:34.0325 3492 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 11:11:34.0325 3492 EapHost - ok 11:11:34.0450 3492 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 11:11:34.0528 3492 ebdrv - ok 11:11:34.0590 3492 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 11:11:34.0590 3492 EFS - ok 11:11:34.0652 3492 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 11:11:34.0684 3492 ehRecvr - ok 11:11:34.0699 3492 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 11:11:34.0715 3492 ehSched - ok 11:11:34.0762 3492 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 11:11:34.0777 3492 elxstor - ok 11:11:34.0793 3492 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 11:11:34.0793 3492 ErrDev - ok 11:11:34.0871 3492 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 11:11:34.0871 3492 EventSystem - ok 11:11:34.0902 3492 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 11:11:34.0918 3492 exfat - ok 11:11:34.0964 3492 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 11:11:34.0964 3492 fastfat - ok 11:11:35.0042 3492 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 11:11:35.0058 3492 Fax - ok 11:11:35.0074 3492 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 11:11:35.0074 3492 fdc - ok 11:11:35.0120 3492 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 11:11:35.0136 3492 fdPHost - ok 11:11:35.0152 3492 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 11:11:35.0152 3492 FDResPub - ok 11:11:35.0167 3492 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 11:11:35.0183 3492 FileInfo - ok 11:11:35.0214 3492 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 11:11:35.0214 3492 Filetrace - ok 11:11:35.0276 3492 [ D778107D7C2A19D7E7A884A9F0D79581 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 11:11:35.0292 3492 FLEXnet Licensing Service - ok 11:11:35.0339 3492 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 11:11:35.0339 3492 flpydisk - ok 11:11:35.0370 3492 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 11:11:35.0386 3492 FltMgr - ok 11:11:35.0432 3492 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 11:11:35.0464 3492 FontCache - ok 11:11:35.0510 3492 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:11:35.0526 3492 FontCache3.0.0.0 - ok 11:11:35.0542 3492 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 11:11:35.0542 3492 FsDepends - ok 11:11:35.0557 3492 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 11:11:35.0557 3492 Fs_Rec - ok 11:11:35.0604 3492 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 11:11:35.0604 3492 fvevol - ok 11:11:35.0651 3492 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 11:11:35.0651 3492 gagp30kx - ok 11:11:35.0698 3492 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 11:11:35.0713 3492 GEARAspiWDM - ok 11:11:35.0760 3492 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 11:11:35.0776 3492 gpsvc - ok 11:11:35.0807 3492 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 11:11:35.0807 3492 hcw85cir - ok 11:11:35.0869 3492 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 11:11:35.0869 3492 HdAudAddService - ok 11:11:35.0900 3492 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 11:11:35.0916 3492 HDAudBus - ok 11:11:35.0932 3492 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 11:11:35.0932 3492 HidBatt - ok 11:11:35.0947 3492 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 11:11:35.0963 3492 HidBth - ok 11:11:35.0994 3492 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 11:11:35.0994 3492 HidIr - ok 11:11:36.0025 3492 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 11:11:36.0025 3492 hidserv - ok 11:11:36.0056 3492 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 11:11:36.0056 3492 HidUsb - ok 11:11:36.0103 3492 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 11:11:36.0103 3492 hkmsvc - ok 11:11:36.0134 3492 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 11:11:36.0150 3492 HomeGroupListener - ok 11:11:36.0181 3492 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 11:11:36.0197 3492 HomeGroupProvider - ok 11:11:36.0228 3492 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys 11:11:36.0228 3492 hpdskflt - ok 11:11:36.0275 3492 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 11:11:36.0275 3492 HpSAMD - ok 11:11:36.0306 3492 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe 11:11:36.0306 3492 hpsrv - ok 11:11:36.0368 3492 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 11:11:36.0384 3492 HTTP - ok 11:11:36.0446 3492 hwlrobok - ok 11:11:36.0493 3492 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 11:11:36.0509 3492 hwpolicy - ok 11:11:36.0524 3492 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 11:11:36.0524 3492 i8042prt - ok 11:11:36.0587 3492 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 11:11:36.0587 3492 iaStorV - ok 11:11:36.0665 3492 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:11:36.0680 3492 idsvc - ok 11:11:36.0712 3492 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 11:11:36.0712 3492 iirsp - ok 11:11:36.0774 3492 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 11:11:36.0790 3492 IKEEXT - ok 11:11:36.0836 3492 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 11:11:36.0836 3492 intelide - ok 11:11:36.0868 3492 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys 11:11:36.0883 3492 intelppm - ok 11:11:36.0914 3492 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 11:11:36.0914 3492 IPBusEnum - ok 11:11:36.0946 3492 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:11:36.0946 3492 IpFilterDriver - ok 11:11:36.0992 3492 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 11:11:37.0008 3492 iphlpsvc - ok 11:11:37.0024 3492 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 11:11:37.0024 3492 IPMIDRV - ok 11:11:37.0070 3492 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 11:11:37.0070 3492 IPNAT - ok 11:11:37.0148 3492 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 11:11:37.0164 3492 iPod Service - ok 11:11:37.0211 3492 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 11:11:37.0211 3492 IRENUM - ok 11:11:37.0226 3492 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 11:11:37.0242 3492 isapnp - ok 11:11:37.0273 3492 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 11:11:37.0273 3492 iScsiPrt - ok 11:11:37.0320 3492 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 11:11:37.0320 3492 kbdclass - ok 11:11:37.0351 3492 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 11:11:37.0351 3492 kbdhid - ok 11:11:37.0382 3492 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 11:11:37.0382 3492 KeyIso - ok 11:11:37.0429 3492 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 11:11:37.0429 3492 KSecDD - ok 11:11:37.0445 3492 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 11:11:37.0460 3492 KSecPkg - ok 11:11:37.0476 3492 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 11:11:37.0476 3492 ksthunk - ok 11:11:37.0523 3492 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 11:11:37.0538 3492 KtmRm - ok 11:11:37.0570 3492 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 11:11:37.0585 3492 LanmanServer - ok 11:11:37.0616 3492 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 11:11:37.0632 3492 LanmanWorkstation - ok 11:11:37.0679 3492 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 11:11:37.0679 3492 lltdio - ok 11:11:37.0710 3492 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 11:11:37.0726 3492 lltdsvc - ok 11:11:37.0757 3492 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 11:11:37.0757 3492 lmhosts - ok 11:11:37.0819 3492 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 11:11:37.0835 3492 LSI_FC - ok 11:11:37.0850 3492 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 11:11:37.0866 3492 LSI_SAS - ok 11:11:37.0882 3492 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 11:11:37.0882 3492 LSI_SAS2 - ok 11:11:37.0913 3492 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 11:11:37.0928 3492 LSI_SCSI - ok 11:11:37.0944 3492 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 11:11:37.0960 3492 luafv - ok 11:11:37.0991 3492 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 11:11:37.0991 3492 MBAMProtector - ok 11:11:38.0084 3492 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 11:11:38.0084 3492 MBAMScheduler - ok 11:11:38.0147 3492 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 11:11:38.0162 3492 MBAMService - ok 11:11:38.0240 3492 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe 11:11:38.0240 3492 McComponentHostService - ok 11:11:38.0287 3492 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 11:11:38.0287 3492 Mcx2Svc - ok 11:11:38.0318 3492 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 11:11:38.0334 3492 megasas - ok 11:11:38.0365 3492 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 11:11:38.0365 3492 MegaSR - ok 11:11:38.0412 3492 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 11:11:38.0412 3492 MMCSS - ok 11:11:38.0443 3492 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 11:11:38.0443 3492 Modem - ok 11:11:38.0474 3492 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 11:11:38.0474 3492 monitor - ok 11:11:38.0506 3492 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 11:11:38.0506 3492 mouclass - ok 11:11:38.0537 3492 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 11:11:38.0537 3492 mouhid - ok 11:11:38.0552 3492 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 11:11:38.0568 3492 mountmgr - ok 11:11:38.0599 3492 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 11:11:38.0599 3492 mpio - ok 11:11:38.0630 3492 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 11:11:38.0630 3492 mpsdrv - ok 11:11:38.0693 3492 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 11:11:38.0708 3492 MpsSvc - ok 11:11:38.0740 3492 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 11:11:38.0740 3492 MRxDAV - ok 11:11:38.0786 3492 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 11:11:38.0786 3492 mrxsmb - ok 11:11:38.0833 3492 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:11:38.0833 3492 mrxsmb10 - ok 11:11:38.0864 3492 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:11:38.0864 3492 mrxsmb20 - ok 11:11:38.0896 3492 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 11:11:38.0896 3492 msahci - ok 11:11:38.0927 3492 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 11:11:38.0927 3492 msdsm - ok 11:11:38.0958 3492 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 11:11:38.0974 3492 MSDTC - ok 11:11:39.0005 3492 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 11:11:39.0005 3492 Msfs - ok 11:11:39.0052 3492 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 11:11:39.0052 3492 mshidkmdf - ok 11:11:39.0083 3492 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 11:11:39.0083 3492 msisadrv - ok 11:11:39.0130 3492 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 11:11:39.0130 3492 MSiSCSI - ok 11:11:39.0145 3492 msiserver - ok 11:11:39.0176 3492 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 11:11:39.0192 3492 MSKSSRV - ok 11:11:39.0208 3492 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 11:11:39.0208 3492 MSPCLOCK - ok 11:11:39.0239 3492 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 11:11:39.0239 3492 MSPQM - ok 11:11:39.0270 3492 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 11:11:39.0286 3492 MsRPC - ok 11:11:39.0317 3492 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 11:11:39.0317 3492 mssmbios - ok 11:11:39.0348 3492 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 11:11:39.0348 3492 MSTEE - ok 11:11:39.0379 3492 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 11:11:39.0379 3492 MTConfig - ok 11:11:39.0395 3492 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 11:11:39.0395 3492 Mup - ok 11:11:39.0457 3492 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 11:11:39.0457 3492 napagent - ok 11:11:39.0520 3492 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 11:11:39.0535 3492 NativeWifiP - ok 11:11:39.0582 3492 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys 11:11:39.0629 3492 NDIS - ok 11:11:39.0660 3492 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 11:11:39.0660 3492 NdisCap - ok 11:11:39.0676 3492 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 11:11:39.0691 3492 NdisTapi - ok 11:11:39.0707 3492 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 11:11:39.0707 3492 Ndisuio - ok 11:11:39.0722 3492 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 11:11:39.0738 3492 NdisWan - ok 11:11:39.0754 3492 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 11:11:39.0754 3492 NDProxy - ok 11:11:39.0769 3492 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 11:11:39.0769 3492 NetBIOS - ok 11:11:39.0800 3492 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 11:11:39.0800 3492 NetBT - ok 11:11:39.0832 3492 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 11:11:39.0832 3492 Netlogon - ok 11:11:39.0894 3492 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 11:11:39.0910 3492 Netman - ok 11:11:39.0956 3492 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 11:11:39.0956 3492 netprofm - ok 11:11:40.0019 3492 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 11:11:40.0019 3492 NetTcpPortSharing - ok 11:11:40.0081 3492 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 11:11:40.0081 3492 nfrd960 - ok 11:11:40.0112 3492 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 11:11:40.0112 3492 NlaSvc - ok 11:11:40.0144 3492 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 11:11:40.0144 3492 Npfs - ok 11:11:40.0190 3492 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 11:11:40.0190 3492 nsi - ok 11:11:40.0206 3492 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 11:11:40.0206 3492 nsiproxy - ok 11:11:40.0268 3492 [ 2A2F756CFF853B7ADE376067F1C2BAE4 ] nsverctl C:\Program Files\Citrix\Secure Access Client\nsverctl.exe 11:11:40.0268 3492 nsverctl - ok 11:11:40.0331 3492 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 11:11:40.0346 3492 Ntfs - ok 11:11:40.0378 3492 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 11:11:40.0378 3492 Null - ok 11:11:40.0409 3492 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 11:11:40.0424 3492 nvraid - ok 11:11:40.0456 3492 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 11:11:40.0456 3492 nvstor - ok 11:11:40.0487 3492 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 11:11:40.0487 3492 nv_agp - ok 11:11:40.0502 3492 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 11:11:40.0502 3492 ohci1394 - ok 11:11:40.0534 3492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 11:11:40.0549 3492 p2pimsvc - ok 11:11:40.0596 3492 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 11:11:40.0612 3492 p2psvc - ok 11:11:40.0643 3492 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 11:11:40.0643 3492 Parport - ok 11:11:40.0674 3492 Partizan - ok 11:11:40.0705 3492 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys 11:11:40.0705 3492 partmgr - ok 11:11:40.0736 3492 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 11:11:40.0736 3492 PcaSvc - ok 11:11:40.0768 3492 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 11:11:40.0768 3492 pci - ok 11:11:40.0799 3492 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 11:11:40.0799 3492 pciide - ok 11:11:40.0830 3492 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 11:11:40.0846 3492 pcmcia - ok 11:11:40.0861 3492 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 11:11:40.0861 3492 pcw - ok 11:11:40.0892 3492 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 11:11:40.0908 3492 PEAUTH - ok 11:11:40.0986 3492 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 11:11:41.0017 3492 PeerDistSvc - ok 11:11:41.0126 3492 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 11:11:41.0126 3492 PerfHost - ok 11:11:41.0236 3492 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 11:11:41.0267 3492 pla - ok 11:11:41.0314 3492 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 11:11:41.0329 3492 PlugPlay - ok 11:11:41.0360 3492 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 11:11:41.0360 3492 PNRPAutoReg - ok 11:11:41.0392 3492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 11:11:41.0407 3492 PNRPsvc - ok 11:11:41.0485 3492 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 11:11:41.0501 3492 PolicyAgent - ok 11:11:41.0548 3492 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 11:11:41.0548 3492 Power - ok 11:11:41.0579 3492 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 11:11:41.0594 3492 PptpMiniport - ok 11:11:41.0611 3492 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 11:11:41.0627 3492 Processor - ok 11:11:41.0658 3492 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll 11:11:41.0658 3492 ProfSvc - ok 11:11:41.0689 3492 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 11:11:41.0689 3492 ProtectedStorage - ok 11:11:41.0736 3492 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 11:11:41.0736 3492 Psched - ok 11:11:41.0798 3492 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 11:11:41.0829 3492 ql2300 - ok 11:11:41.0861 3492 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 11:11:41.0861 3492 ql40xx - ok 11:11:41.0907 3492 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 11:11:41.0923 3492 QWAVE - ok 11:11:41.0970 3492 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 11:11:41.0970 3492 QWAVEdrv - ok 11:11:41.0985 3492 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 11:11:41.0985 3492 RasAcd - ok 11:11:42.0032 3492 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 11:11:42.0032 3492 RasAgileVpn - ok 11:11:42.0048 3492 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 11:11:42.0063 3492 RasAuto - ok 11:11:42.0095 3492 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 11:11:42.0095 3492 Rasl2tp - ok 11:11:42.0126 3492 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 11:11:42.0141 3492 RasMan - ok 11:11:42.0157 3492 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 11:11:42.0157 3492 RasPppoe - ok 11:11:42.0188 3492 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 11:11:42.0188 3492 RasSstp - ok 11:11:42.0219 3492 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 11:11:42.0219 3492 rdbss - ok 11:11:42.0251 3492 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 11:11:42.0251 3492 rdpbus - ok 11:11:42.0297 3492 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 11:11:42.0297 3492 RDPCDD - ok 11:11:42.0344 3492 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 11:11:42.0344 3492 RDPDR - ok 11:11:42.0360 3492 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 11:11:42.0375 3492 RDPENCDD - ok 11:11:42.0407 3492 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 11:11:42.0407 3492 RDPREFMP - ok 11:11:42.0453 3492 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 11:11:42.0453 3492 RDPWD - ok 11:11:42.0485 3492 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 11:11:42.0500 3492 rdyboost - ok 11:11:42.0547 3492 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 11:11:42.0547 3492 RemoteAccess - ok 11:11:42.0594 3492 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 11:11:42.0594 3492 RemoteRegistry - ok 11:11:42.0626 3492 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 11:11:42.0626 3492 RpcEptMapper - ok 11:11:42.0657 3492 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 11:11:42.0657 3492 RpcLocator - ok 11:11:42.0704 3492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 11:11:42.0720 3492 RpcSs - ok 11:11:42.0751 3492 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 11:11:42.0751 3492 rspndr - ok 11:11:42.0798 3492 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 11:11:42.0813 3492 RTL8167 - ok 11:11:42.0844 3492 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 11:11:42.0844 3492 s3cap - ok 11:11:42.0860 3492 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 11:11:42.0876 3492 SamSs - ok 11:11:42.0907 3492 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 11:11:42.0907 3492 sbp2port - ok 11:11:42.0922 3492 SBRE - ok 11:11:42.0985 3492 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 11:11:42.0985 3492 SCardSvr - ok 11:11:43.0047 3492 [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys 11:11:43.0047 3492 SCDEmu - ok 11:11:43.0094 3492 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 11:11:43.0094 3492 scfilter - ok 11:11:43.0156 3492 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 11:11:43.0172 3492 Schedule - ok 11:11:43.0203 3492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 11:11:43.0203 3492 SCPolicySvc - ok 11:11:43.0250 3492 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 11:11:43.0250 3492 SDRSVC - ok 11:11:43.0297 3492 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 11:11:43.0312 3492 secdrv - ok 11:11:43.0328 3492 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 11:11:43.0344 3492 seclogon - ok 11:11:43.0359 3492 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 11:11:43.0359 3492 SENS - ok 11:11:43.0375 3492 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 11:11:43.0390 3492 SensrSvc - ok 11:11:43.0406 3492 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 11:11:43.0406 3492 Serenum - ok 11:11:43.0437 3492 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 11:11:43.0437 3492 Serial - ok 11:11:43.0484 3492 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 11:11:43.0484 3492 sermouse - ok 11:11:43.0546 3492 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 11:11:43.0546 3492 SessionEnv - ok 11:11:43.0578 3492 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 11:11:43.0578 3492 sffdisk - ok 11:11:43.0593 3492 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 11:11:43.0593 3492 sffp_mmc - ok 11:11:43.0609 3492 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 11:11:43.0609 3492 sffp_sd - ok 11:11:43.0641 3492 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 11:11:43.0641 3492 sfloppy - ok 11:11:43.0672 3492 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 11:11:43.0688 3492 SharedAccess - ok 11:11:43.0735 3492 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 11:11:43.0735 3492 ShellHWDetection - ok 11:11:43.0766 3492 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 11:11:43.0766 3492 SiSRaid2 - ok 11:11:43.0797 3492 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 11:11:43.0797 3492 SiSRaid4 - ok 11:11:43.0844 3492 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 11:11:43.0844 3492 Smb - ok 11:11:43.0906 3492 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 11:11:43.0906 3492 SNMPTRAP - ok 11:11:43.0937 3492 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 11:11:43.0937 3492 spldr - ok 11:11:43.0984 3492 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe 11:11:44.0000 3492 Spooler - ok 11:11:44.0109 3492 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 11:11:44.0171 3492 sppsvc - ok 11:11:44.0203 3492 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 11:11:44.0218 3492 sppuinotify - ok 11:11:44.0265 3492 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 11:11:44.0281 3492 srv - ok 11:11:44.0296 3492 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 11:11:44.0312 3492 srv2 - ok 11:11:44.0343 3492 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 11:11:44.0343 3492 srvnet - ok 11:11:44.0374 3492 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 11:11:44.0390 3492 SSDPSRV - ok 11:11:44.0421 3492 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 11:11:44.0421 3492 SstpSvc - ok 11:11:44.0530 3492 [ 9528A9C0939156EAE5C1AC927287D808 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\STacSV64.exe 11:11:44.0530 3492 STacSV - ok 11:11:44.0577 3492 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 11:11:44.0577 3492 stexstor - ok 11:11:44.0639 3492 [ 674A9977E356C4ECF184374FF96FACC4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys 11:11:44.0639 3492 STHDA - ok 11:11:44.0702 3492 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 11:11:44.0717 3492 stisvc - ok 11:11:44.0749 3492 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 11:11:44.0764 3492 storflt - ok 11:11:44.0795 3492 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 11:11:44.0795 3492 StorSvc - ok 11:11:44.0827 3492 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 11:11:44.0827 3492 storvsc - ok 11:11:44.0873 3492 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 11:11:44.0873 3492 swenum - ok 11:11:44.0920 3492 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 11:11:44.0936 3492 swprv - ok 11:11:45.0014 3492 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 11:11:45.0045 3492 SysMain - ok 11:11:45.0076 3492 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 11:11:45.0092 3492 TabletInputService - ok 11:11:45.0107 3492 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 11:11:45.0123 3492 TapiSrv - ok 11:11:45.0154 3492 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 11:11:45.0170 3492 TBS - ok 11:11:45.0248 3492 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 11:11:45.0295 3492 Tcpip - ok 11:11:45.0373 3492 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 11:11:45.0404 3492 TCPIP6 - ok 11:11:45.0451 3492 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 11:11:45.0451 3492 tcpipreg - ok 11:11:45.0497 3492 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 11:11:45.0497 3492 TDPIPE - ok 11:11:45.0529 3492 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 11:11:45.0544 3492 TDTCP - ok 11:11:45.0560 3492 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 11:11:45.0560 3492 tdx - ok 11:11:45.0591 3492 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 11:11:45.0591 3492 TermDD - ok 11:11:45.0653 3492 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 11:11:45.0669 3492 TermService - ok 11:11:45.0700 3492 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 11:11:45.0700 3492 Themes - ok 11:11:45.0731 3492 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 11:11:45.0747 3492 THREADORDER - ok 11:11:45.0763 3492 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 11:11:45.0778 3492 TrkWks - ok 11:11:45.0825 3492 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 11:11:45.0841 3492 TrustedInstaller - ok 11:11:45.0872 3492 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 11:11:45.0887 3492 tssecsrv - ok 11:11:45.0919 3492 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 11:11:45.0919 3492 TsUsbFlt - ok 11:11:45.0950 3492 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 11:11:45.0950 3492 TsUsbGD - ok 11:11:45.0981 3492 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 11:11:45.0981 3492 tunnel - ok 11:11:45.0997 3492 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 11:11:45.0997 3492 uagp35 - ok 11:11:46.0043 3492 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 11:11:46.0059 3492 udfs - ok 11:11:46.0106 3492 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 11:11:46.0106 3492 UI0Detect - ok 11:11:46.0137 3492 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 11:11:46.0153 3492 uliagpkx - ok 11:11:46.0168 3492 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 11:11:46.0168 3492 umbus - ok 11:11:46.0184 3492 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 11:11:46.0184 3492 UmPass - ok 11:11:46.0231 3492 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 11:11:46.0246 3492 UmRdpService - ok 11:11:46.0293 3492 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 11:11:46.0293 3492 upnphost - ok 11:11:46.0340 3492 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 11:11:46.0355 3492 USBAAPL64 - ok 11:11:46.0387 3492 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 11:11:46.0402 3492 usbccgp - ok 11:11:46.0433 3492 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 11:11:46.0433 3492 usbcir - ok 11:11:46.0465 3492 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 11:11:46.0465 3492 usbehci - ok 11:11:46.0511 3492 [ 6648C6D7323A2CE0C4776C36CEFBCB14 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys 11:11:46.0511 3492 usbfilter - ok 11:11:46.0543 3492 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 11:11:46.0558 3492 usbhub - ok 11:11:46.0589 3492 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 11:11:46.0589 3492 usbohci - ok 11:11:46.0621 3492 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 11:11:46.0621 3492 usbprint - ok 11:11:46.0667 3492 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 11:11:46.0667 3492 usbscan - ok 11:11:46.0714 3492 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:11:46.0714 3492 USBSTOR - ok 11:11:46.0745 3492 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 11:11:46.0745 3492 usbuhci - ok 11:11:46.0792 3492 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 11:11:46.0792 3492 usbvideo - ok 11:11:46.0823 3492 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 11:11:46.0823 3492 UxSms - ok 11:11:46.0855 3492 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 11:11:46.0855 3492 VaultSvc - ok 11:11:46.0901 3492 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 11:11:46.0901 3492 vdrvroot - ok 11:11:46.0948 3492 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 11:11:46.0964 3492 vds - ok 11:11:46.0995 3492 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 11:11:46.0995 3492 vga - ok 11:11:47.0026 3492 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 11:11:47.0026 3492 VgaSave - ok 11:11:47.0042 3492 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 11:11:47.0057 3492 vhdmp - ok 11:11:47.0073 3492 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 11:11:47.0089 3492 viaide - ok 11:11:47.0120 3492 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 11:11:47.0135 3492 vmbus - ok 11:11:47.0151 3492 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 11:11:47.0167 3492 VMBusHID - ok 11:11:47.0182 3492 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 11:11:47.0182 3492 volmgr - ok 11:11:47.0229 3492 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 11:11:47.0229 3492 volmgrx - ok 11:11:47.0260 3492 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 11:11:47.0276 3492 volsnap - ok 11:11:47.0307 3492 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 11:11:47.0323 3492 vsmraid - ok 11:11:47.0385 3492 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 11:11:47.0432 3492 VSS - ok 11:11:47.0463 3492 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 11:11:47.0463 3492 vwifibus - ok 11:11:47.0494 3492 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 11:11:47.0494 3492 vwififlt - ok 11:11:47.0541 3492 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 11:11:47.0557 3492 W32Time - ok 11:11:47.0588 3492 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 11:11:47.0588 3492 WacomPen - ok 11:11:47.0635 3492 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 11:11:47.0635 3492 WANARP - ok 11:11:47.0650 3492 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 11:11:47.0650 3492 Wanarpv6 - ok 11:11:47.0728 3492 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 11:11:47.0759 3492 WatAdminSvc - ok 11:11:47.0837 3492 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 11:11:47.0884 3492 wbengine - ok 11:11:47.0900 3492 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 11:11:47.0915 3492 WbioSrvc - ok 11:11:47.0947 3492 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 11:11:47.0962 3492 wcncsvc - ok 11:11:47.0978 3492 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 11:11:47.0993 3492 WcsPlugInService - ok 11:11:48.0025 3492 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 11:11:48.0040 3492 Wd - ok 11:11:48.0071 3492 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 11:11:48.0087 3492 Wdf01000 - ok 11:11:48.0118 3492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 11:11:48.0134 3492 WdiServiceHost - ok 11:11:48.0149 3492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 11:11:48.0149 3492 WdiSystemHost - ok 11:11:48.0196 3492 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 11:11:48.0196 3492 WebClient - ok 11:11:48.0243 3492 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 11:11:48.0259 3492 Wecsvc - ok 11:11:48.0290 3492 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 11:11:48.0290 3492 wercplsupport - ok 11:11:48.0321 3492 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 11:11:48.0321 3492 WerSvc - ok 11:11:48.0352 3492 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 11:11:48.0352 3492 WfpLwf - ok 11:11:48.0383 3492 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 11:11:48.0383 3492 WIMMount - ok 11:11:48.0415 3492 WinDefend - ok 11:11:48.0430 3492 WinHttpAutoProxySvc - ok 11:11:48.0477 3492 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 11:11:48.0477 3492 Winmgmt - ok 11:11:48.0539 3492 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 11:11:48.0571 3492 WinRM - ok 11:11:48.0633 3492 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 11:11:48.0633 3492 WinUsb - ok 11:11:48.0664 3492 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 11:11:48.0680 3492 Wlansvc - ok 11:11:48.0727 3492 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 11:11:48.0727 3492 WmiAcpi - ok 11:11:48.0773 3492 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 11:11:48.0789 3492 wmiApSrv - ok 11:11:48.0820 3492 WMPNetworkSvc - ok 11:11:48.0851 3492 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 11:11:48.0867 3492 WPCSvc - ok 11:11:48.0898 3492 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 11:11:48.0898 3492 WPDBusEnum - ok 11:11:48.0945 3492 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 11:11:48.0945 3492 ws2ifsl - ok 11:11:48.0976 3492 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 11:11:48.0992 3492 wscsvc - ok 11:11:48.0992 3492 WSearch - ok 11:11:49.0117 3492 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 11:11:49.0163 3492 wuauserv - ok 11:11:49.0210 3492 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 11:11:49.0210 3492 WudfPf - ok 11:11:49.0226 3492 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 11:11:49.0241 3492 WUDFRd - ok 11:11:49.0288 3492 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 11:11:49.0288 3492 wudfsvc - ok 11:11:49.0319 3492 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 11:11:49.0335 3492 WwanSvc - ok 11:11:49.0382 3492 ================ Scan global =============================== 11:11:49.0413 3492 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 11:11:49.0444 3492 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 11:11:49.0475 3492 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 11:11:49.0507 3492 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 11:11:49.0538 3492 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 11:11:49.0553 3492 [Global] - ok 11:11:49.0553 3492 ================ Scan MBR ================================== 11:11:49.0569 3492 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 11:11:49.0834 3492 \Device\Harddisk0\DR0 - ok 11:11:49.0834 3492 ================ Scan VBR ================================== 11:11:49.0834 3492 [ AF57A54B49AE26EC62BEAED885B5D58B ] \Device\Harddisk0\DR0\Partition1 11:11:49.0850 3492 \Device\Harddisk0\DR0\Partition1 - ok 11:11:49.0850 3492 ============================================================ 11:11:49.0850 3492 Scan finished 11:11:49.0850 3492 ============================================================ 11:11:49.0897 2980 Detected object count: 0 11:11:49.0897 2980 Actual detected object count: 0 DDS (Ver_2012-10-14.05) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 Run by Jamie at 11:01:39 on 2012-10-16 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3836.2656 [GMT -5:00] . SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Citrix\Secure Access Client\nsverctl.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Citrix\Secure Access Client\nsload.exe C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\QuickTime\QTTask.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Citrix\ICA Client\WFCRUN32.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jamie\AppData\Local\Temp\Rar$EX24.720\TDSSKiller.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Bar = Preserve BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [Google Update] "C:\Users\Jamie\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe -update activex StartupFolder: C:\Users\Jamie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CITRIX~1.LNK - C:\Program Files\Citrix\Secure Access Client\nsload.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ONLINE~1.LNK - C:\Windows\Installer\{913778D3-E1D8-4B55-9246-3308C54D3162}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 LSP: mswsock.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 97.64.183.164 97.64.209.37 TCP: Interfaces\{1B928863-A243-4E52-8A6F-ECEE343E67CD} : DHCPNameServer = 97.64.183.164 97.64.209.37 TCP: Interfaces\{1B928863-A243-4E52-8A6F-ECEE343E67CD}\07F607F677966696 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{1B928863-A243-4E52-8A6F-ECEE343E67CD}\16266763 : DHCPNameServer = 172.20.100.1 TCP: Interfaces\{1B928863-A243-4E52-8A6F-ECEE343E67CD}\2375942554333353 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{1B928863-A243-4E52-8A6F-ECEE343E67CD}\D6160736D607 : DHCPNameServer = 75.75.75.75 75.75.76.76 Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll SSODL: WebCheck - <orphaned> SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4 x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [sBRegRebootCleaner] "C:\Program Files (x86)\Ad-Aware Antivirus\SBRC.exe" x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2012-3-19 89536] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\AESTSr64.exe [2011-7-10 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-9-22 203264] R2 cag;Citrix cag plugin for Access Gateway;C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys [2011-6-9 100952] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-15 399432] R2 nsverctl;Citrix Secure Access Client Service;C:\Program Files\Citrix\Secure Access Client\nsverctl.exe [2011-9-27 154776] R3 ctxva51;Citrix Virtual Adapter;C:\Windows\System32\drivers\ctxva51.sys [2011-9-27 45720] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-8-18 25928] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-7-10 34872] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-15 676936] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-10 1255736] . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2012-10-16 04:41:04 5110 ----a-w- C:\Windows\System32\PerfStringBackup.TMP 2012-09-07 22:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 11:02:12.64 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-10-14.05) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 7/10/2011 6:32:26 PM System Uptime: 10/16/2012 10:23:49 AM (1 hours ago) . Motherboard: Hewlett-Packard | | 3656 Processor: AMD Turion Neo X2 Dual Core Processor L625 | Socket AM2/S1G2 | 1600/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 287 GiB total, 208.054 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: SBRE Device ID: ROOT\LEGACY_SBRE\0000 Manufacturer: Name: SBRE PNP Device ID: ROOT\LEGACY_SBRE\0000 Service: SBRE . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Windows Firewall Authorization Driver Device ID: ROOT\LEGACY_MPSDRV\0000 Manufacturer: Name: Windows Firewall Authorization Driver PNP Device ID: ROOT\LEGACY_MPSDRV\0000 Service: mpsdrv . ==== System Restore Points =================== . RP145: 8/27/2012 10:04:25 PM - Removed Ad-Aware Antivirus. RP146: 9/5/2012 8:45:35 PM - Windows Update RP148: 9/8/2012 9:39:14 AM - Windows Defender Checkpoint RP150: 9/9/2012 1:51:32 PM - Windows Defender Checkpoint RP152: 9/10/2012 7:01:22 PM - Windows Defender Checkpoint RP154: 9/17/2012 8:24:06 PM - Windows Defender Checkpoint RP156: 9/24/2012 7:18:23 PM - Windows Defender Checkpoint RP158: 10/1/2012 6:09:19 PM - Windows Defender Checkpoint RP160: 10/2/2012 8:12:08 PM - Windows Defender Checkpoint RP162: 10/4/2012 6:03:52 PM - Windows Defender Checkpoint RP164: 10/5/2012 6:47:03 PM - Windows Defender Checkpoint RP166: 10/10/2012 7:11:14 PM - Windows Defender Checkpoint RP168: 10/12/2012 10:34:04 PM - Windows Defender Checkpoint RP170: 10/14/2012 5:06:21 PM - Windows Defender Checkpoint RP172: 10/15/2012 6:42:33 PM - Windows Defender Checkpoint . ==== Installed Programs ====================== . µTorrent Adobe AIR Adobe Flash Player 11 ActiveX 64-bit Adobe Reader X (10.1.4) AMD USB Filter Driver Apple Application Support Apple Mobile Device Support Apple Software Update ATI Catalyst Install Manager Bonjour Broadcom 802.11 Wireless LAN Adapter Canon MP250 series MP Drivers Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Citrix Access Gateway Plug-in Citrix online plug-in Citrix online plug-in (DV) Citrix online plug-in (HDX) Citrix online plug-in (PNA) Citrix online plug-in (SSON) Citrix online plug-in (USB) Citrix online plug-in (Web) Compatibility Pack for the 2007 Office system Google Chrome Google Toolbar for Internet Explorer IDT Audio iTunes Java Auto Updater Java 6 Update 26 Malwarebytes Anti-Malware version 1.65.0.1400 McAfee Security Scan Plus Microsoft .NET Framework 4 Client Profile Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 OpenOffice.org 3.3 PowerISO QuickTime Rosetta Stone V3 Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Usmleworld QBank WinRAR 4.01 (32-bit) . ==== Event Viewer Messages From Past Week ======== . 10/16/2012 12:04:59 AM, Error: ACPI [5] - AMLI: ACPI BIOS is attempting to write to an illegal IO port address (0x71), which lies in the 0x70 - 0x71 protected address range. This could lead to system instability. Please contact your system vendor for technical assistance. 10/16/2012 10:52:41 AM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file. 10/15/2012 7:03:57 PM, Error: ACPI [5] - AMLI: ACPI BIOS is attempting to write to an illegal IO port address (0x70), which lies in the 0x70 - 0x71 protected address range. This could lead to system instability. Please contact your system vendor for technical assistance. 10/15/2012 11:37:18 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 10/15/2012 11:36:57 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom SBRE 10/15/2012 11:36:54 PM, Error: Service Control Manager [7023] - The Sandboxu service terminated with the following error: The specified module could not be found. 10/15/2012 11:36:52 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists. 10/15/2012 11:36:52 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists. 10/15/2012 11:36:47 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter . ==== End Of File =========================== Thanks again
  3. Hi, I'm not a computer moron, but i have had no real luck removing the virus on this computer, and am begging for some assistance. This is my girlfriends laptop, so I have no real idea of how she got the virus, but it has been redirecting and on occasion causing pop-ups. I haven't run anything crazy like combofix, but have been using malwarebytes, the full version. I have read some of the other threads on the topic and have a basic idea of how the process works, but I have never actually posted on the forum. Any help would be greatly appreciated.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.