obione

Members

View Profile See their activity

Posts
8
Joined
November 26, 2012
Last visited
November 29, 2012

Reputation

0 Neutral

winrscmde infection, help please

obione replied to obione's topic in Resolved Malware Removal Logs

ComboFix 12-11-28.02 - Sam 11/29/2012 0:50.2.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16366.12647 [GMT -6:00] Running from: c:\users\Sam\Desktop\ComboFix.exe Command switches used :: c:\users\Sam\Desktop\CFScript.txt AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 Premier Edition *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-10-28 to 2012-11-29 ))))))))))))))))))))))))))))))) . . 2012-11-29 06:56 . 2012-11-29 06:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-11-29 06:56 . 2012-11-29 06:56 -------- d-----w- c:\users\UpdatusUser.Sam-PC\AppData\Local\temp 2012-11-29 06:56 . 2012-11-29 06:56 -------- d-----w- c:\users\Mcx1-SAM-PC\AppData\Local\temp 2012-11-29 06:56 . 2012-11-29 06:56 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-28 22:06 . 2012-11-28 22:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-11-28 21:14 . 2012-11-28 21:14 -------- d-----w- c:\windows\LastGood 2012-11-28 00:56 . 2012-11-28 00:56 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-11-28 00:56 . 2012-11-28 00:56 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-27 09:02 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-11-26 10:35 . 2012-11-26 10:36 -------- d-----w- C:\FRST 2012-11-26 10:11 . 2012-11-26 10:11 -------- d-----w- C:\TDSSKiller_Quarantine 2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\users\Sam\AppData\Roaming\SpeedyPC Software 2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\users\Sam\AppData\Roaming\DriverCure 2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software 2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\programdata\SpeedyPC Software 2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\program files (x86)\SpeedyPC Software 2012-11-26 09:26 . 2012-11-26 09:27 -------- d-----w- C:\sh4ldr 2012-11-26 09:26 . 2012-11-26 09:26 -------- d-----w- c:\program files\Enigma Software Group 2012-11-14 09:07 . 2012-07-26 05:05 2560 ----a-w- c:\windows\system32\drivers\es-ES\wdf01000.sys.mui 2012-11-14 09:07 . 2012-07-26 05:15 2560 ----a-w- c:\windows\system32\drivers\he-IL\wdf01000.sys.mui 2012-11-14 09:07 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-14 09:07 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-14 09:07 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2012-11-14 09:07 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-14 09:00 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-14 09:00 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-14 09:00 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-14 09:00 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-14 09:00 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-14 09:00 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-14 09:00 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-11-14 07:07 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll 2012-11-14 07:07 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-28 00:56 . 2012-07-04 00:06 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-11-28 00:56 . 2011-10-25 01:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-11-14 09:01 . 2011-04-14 04:35 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts 2012-10-16 08:38 . 2012-11-28 03:00 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-11-28 03:00 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-11-28 03:00 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-11 03:23 . 2012-10-11 03:23 247144 ----a-w- c:\windows\system32\nvinitx.dll 2012-10-11 03:23 . 2012-10-11 03:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-10-11 03:23 . 2012-10-11 03:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-11 03:23 . 2012-09-14 12:58 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-11 03:23 . 2012-10-11 03:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-10-11 03:23 . 2012-10-11 03:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-11 03:23 . 2012-10-11 03:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-11 03:23 . 2012-10-11 03:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2012-10-11 03:23 . 2012-10-11 03:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll 2012-10-11 03:23 . 2012-10-11 03:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-11 03:23 . 2012-08-28 05:55 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-11 03:23 . 2012-03-14 01:10 973672 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-10-11 03:23 . 2012-08-28 05:56 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-11 03:23 . 2012-10-11 03:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-11 03:23 . 2012-10-11 03:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-11 03:23 . 2012-10-11 03:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-11 03:23 . 2012-10-11 03:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-10-11 03:22 . 2012-10-11 03:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-11 03:22 . 2012-08-28 05:56 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-11 03:22 . 2011-10-25 02:13 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-11 03:22 . 2012-08-28 05:55 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-11 03:22 . 2012-10-11 03:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-11 03:22 . 2012-10-11 03:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-10-11 03:22 . 2012-10-11 03:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-11 03:22 . 2012-10-11 03:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-09 18:54 . 2012-06-23 20:39 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-09 18:54 . 2011-05-20 13:49 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-09 01:00 . 2012-10-26 01:29 776864 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\srtsp64.sys 2012-10-04 01:40 . 2012-10-26 01:29 1133216 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symefa64.sys 2012-10-04 01:40 . 2012-10-26 01:29 493216 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symds64.sys 2012-10-04 01:19 . 2012-10-26 01:29 168096 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\ccsetx64.sys 2012-10-02 19:51 . 2012-03-14 01:11 3536817 ----a-w- c:\windows\system32\nvcoproc.bin 2012-10-02 19:51 . 2011-01-16 22:13 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-10-02 19:51 . 2011-01-16 22:13 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 19:50 . 2011-07-24 06:31 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:50 . 2011-01-16 22:13 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:50 . 2011-01-16 22:13 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:15 . 2012-10-02 19:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-09-29 03:30 . 2012-05-26 19:48 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS 2012-09-14 19:19 . 2012-10-09 22:29 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:28 . 2012-10-09 22:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-09-07 02:05 . 2012-10-26 01:29 432800 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symnets.sys 2012-09-07 01:48 . 2012-10-26 01:29 224416 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\ironx64.sys 2012-08-31 18:19 . 2012-10-09 22:30 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys 2012-08-31 17:17 . 2012-08-31 17:17 4278384 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2012-08-31 17:17 . 2012-08-31 17:17 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] c:\program files (x86)\Yontoo Layers Runtime\YontooIEClient.dll [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "Super-Charger"="c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe" [2011-01-25 303104] "Live Update 5"="c:\program files (x86)\MSI\Live Update 5\LU5.exe" [2011-02-01 1220608] "Q-Face agent"="c:\program files (x86)\MSI\MSI Q-Face\webtest.exe" [2008-12-15 20792] "NortonOnlineBackup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-03-05 1112920] "STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-01-21 776064] "ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544] "VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-07-13 122880] "AudioDrvEmulator"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152] "CTHelper"="CTHELPER.EXE" [2006-05-24 17920] "CTXFIREG"="CTXFIREG.exe" [2010-05-06 47104] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] "RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192] "PDF7 Registry Controller"="c:\program files (x86)\Nuance\PDF Converter 7\RegistryController.exe" [2010-08-18 121120] "CTxfiHlp"="CTXFIHLP.EXE" [2010-05-06 25600] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280] "PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-08-20 724576] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Nostromo Loadout Manager.lnk - c:\windows\Installer\{548C7B77-8B04-427E-ACD0-D0E6E6E59BCF}\NewShortcut2_548C7B778B04427EACD0D0E6E6E59BCF.exe [2011-7-25 45056] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 ALSysIO;ALSysIO;c:\users\Sam\AppData\Local\Temp\ALSysIO64.sys [x] R3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [2007-08-14 35328] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-12-12 79360] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-12 79360] R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-05-06 202840] R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-05-06 1417304] R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-05-06 94808] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 EraserUtilDrv11220;EraserUtilDrv11220;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [x] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2011-04-04 21504] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 9216] R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592] R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992] R3 RoxMediaDBGame1X;RoxMediaDBGame1X;c:\program files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [2011-02-17 1099248] R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys [2005-05-25 7168] R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2010-04-10 50720] R3 SaiH8000;SaiH8000;c:\windows\system32\DRIVERS\SaiH8000.sys [2008-04-04 178560] R3 SaiK0CCB;SaiK0CCB;c:\windows\system32\DRIVERS\SaiK0CCB.sys [2011-09-20 183104] R3 SaiU0CCB;SaiU0CCB;c:\windows\system32\DRIVERS\SaiU0CCB.sys [2011-09-20 47168] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS [2012-10-04 493216] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS [2012-10-04 1133216] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx64.sys [2012-10-23 1384608] S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys [2012-10-04 168096] S1 hugoio64;hugoio64;c:\program files (x86)\i-Menu\hugoio64.sys [2008-04-30 13856] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20121128.001\IDSvia64.sys [2012-11-23 513184] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS [2012-09-07 224416] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS [2012-09-07 432800] S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-06 169408] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376] S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-11-14 8704] S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-04-26 223088] S2 N360;Norton 360;c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\ccSvcHst.exe [2012-10-11 143928] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service [x] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-08-20 474208] S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136] S2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-05-21 13832] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-05-21 134928] S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480] S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-05-06 202840] S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-05-06 1417304] S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-05-06 94808] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-29 138912] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-07-14 22408] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-07-14 16008] S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] S3 SaiK0CD7;SaiK0CD7;c:\windows\system32\DRIVERS\SaiK0CD7.sys [2011-09-20 183104] S3 SaiU0CD7;SaiU0CD7;c:\windows\system32\DRIVERS\SaiU0CD7.sys [2011-09-20 47168] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 22451595 *NewlyCreated* - ASWMBR *Deregistered* - 22451595 *Deregistered* - aswMBR . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 18:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-11-29 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 18:54] . 2012-11-29 c:\windows\Tasks\FinalTorrent Update Checker.job - c:\program files (x86)\FinalTorrent\FTCheckForUpdates.exe [2011-05-08 21:50] . 2012-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421509916-3391201345-338949333-1000Core.job - c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-14 05:26] . 2012-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421509916-3391201345-338949333-1000UA.job - c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-14 05:26] . 2012-11-26 c:\windows\Tasks\SpeedyPC Pro.job - c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2012-10-04 20:42] . 2012-11-26 c:\windows\Tasks\SpeedyPC Registration3.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] . 2012-11-26 c:\windows\Tasks\SpeedyPC Update Version3 Startup Task.job - c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-10-04 20:42] . 2012-11-26 c:\windows\Tasks\SpeedyPC Update Version3.job - c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-10-04 20:42] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-17 6602856] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "AsioThk32Reg"="%SYSTEMROOT%\SYSWOW64\CTASIO.DLL" [bU] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] "Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 110360] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-08-14 415752] "Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-08-13 2093064] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-08-14 4195848] "ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2012-01-23 432640] "SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2012-01-23 158208] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = https://www.google.com/ uInternet Settings,ProxyOverride = *.local;192.168.*.* IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Open with Nuance PDF Converter 7.0 - c:\program files (x86)\Nuance\PDF Converter 7\cnvres_eng.dll /100 IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 65.32.5.111 65.32.5.112 DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab . - - - - ORPHANS REMOVED - - - - . AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-Search Toolbar - c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe AddRemove-vGrabber - c:\program files (x86)\vGrabber\uninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360] "ImagePath"="\"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-421509916-3391201345-338949333-1000\Software\SecuROM\License information*] "datasecu"=hex:07,6e,4a,58,0c,2d,52,60,98,34,12,3c,64,79,85,e0,f1,8a,de,68,c0, df,1c,a5,01,63,b9,f4,3a,01,87,83,9a,e2,3b,b6,e4,52,c0,c4,27,b9,6b,fb,30,7e,\ "rkeysecu"=hex:a7,30,38,a9,6e,c8,ed,54,4d,c6,5d,08,68,15,d5,aa . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-11-29 00:58:28 ComboFix-quarantined-files.txt 2012-11-29 06:58 ComboFix2.txt 2012-11-28 00:32 . Pre-Run: 279,595,356,160 bytes free Post-Run: 279,532,425,216 bytes free . - - End Of File - - A3987E49A0A592EDA08F110093E0A606 No problems PC is running fine
- November 29, 2012
- 16 replies
winrscmde infection, help please

obione replied to obione's topic in Resolved Malware Removal Logs

11:23:16.0537 31880 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 11:23:17.0083 31880 ============================================================ 11:23:17.0083 31880 Current date / time: 2012/11/28 11:23:17.0083 11:23:17.0083 31880 SystemInfo: 11:23:17.0083 31880 11:23:17.0083 31880 OS Version: 6.1.7601 ServicePack: 1.0 11:23:17.0083 31880 Product type: Workstation 11:23:17.0083 31880 ComputerName: SAM-PC 11:23:17.0083 31880 UserName: Sam 11:23:17.0083 31880 Windows directory: C:\Windows 11:23:17.0083 31880 System windows directory: C:\Windows 11:23:17.0083 31880 Running under WOW64 11:23:17.0083 31880 Processor architecture: Intel x64 11:23:17.0083 31880 Number of processors: 4 11:23:17.0083 31880 Page size: 0x1000 11:23:17.0083 31880 Boot type: Normal boot 11:23:17.0083 31880 ============================================================ 11:23:18.0190 31880 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:23:18.0190 31880 ============================================================ 11:23:18.0190 31880 \Device\Harddisk0\DR0: 11:23:18.0190 31880 MBR partitions: 11:23:18.0190 31880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 11:23:18.0190 31880 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800 11:23:18.0190 31880 ============================================================ 11:23:18.0237 31880 C: <-> \Device\Harddisk0\DR0\Partition2 11:23:18.0237 31880 ============================================================ 11:23:18.0237 31880 Initialize success 11:23:18.0237 31880 ============================================================ 11:23:33.0026 32512 ============================================================ 11:23:33.0026 32512 Scan started 11:23:33.0026 32512 Mode: Manual; 11:23:33.0026 32512 ============================================================ 11:23:34.0165 32512 ================ Scan system memory ======================== 11:23:34.0165 32512 System memory - ok 11:23:34.0165 32512 ================ Scan services ============================= 11:23:34.0461 32512 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 11:23:34.0492 32512 1394ohci - ok 11:23:34.0508 32512 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 11:23:34.0508 32512 ACPI - ok 11:23:34.0539 32512 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 11:23:34.0539 32512 AcpiPmi - ok 11:23:34.0633 32512 [ C004F38974F4D321B4C20A240E1175C0 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe 11:23:34.0648 32512 AdobeActiveFileMonitor9.0 - ok 11:23:34.0726 32512 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 11:23:34.0726 32512 AdobeFlashPlayerUpdateSvc - ok 11:23:34.0758 32512 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 11:23:34.0758 32512 adp94xx - ok 11:23:34.0773 32512 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 11:23:34.0773 32512 adpahci - ok 11:23:34.0789 32512 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 11:23:34.0804 32512 adpu320 - ok 11:23:34.0820 32512 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 11:23:34.0820 32512 AeLookupSvc - ok 11:23:34.0867 32512 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 11:23:34.0898 32512 AFD - ok 11:23:34.0914 32512 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 11:23:34.0914 32512 agp440 - ok 11:23:34.0929 32512 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 11:23:34.0929 32512 ALG - ok 11:23:34.0945 32512 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 11:23:34.0945 32512 aliide - ok 11:23:35.0023 32512 ALSysIO - ok 11:23:35.0038 32512 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 11:23:35.0038 32512 amdide - ok 11:23:35.0054 32512 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 11:23:35.0054 32512 AmdK8 - ok 11:23:35.0070 32512 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 11:23:35.0070 32512 AmdPPM - ok 11:23:35.0101 32512 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 11:23:35.0132 32512 amdsata - ok 11:23:35.0148 32512 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 11:23:35.0148 32512 amdsbs - ok 11:23:35.0163 32512 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 11:23:35.0163 32512 amdxata - ok 11:23:35.0194 32512 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 11:23:35.0194 32512 AppID - ok 11:23:35.0210 32512 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 11:23:35.0210 32512 AppIDSvc - ok 11:23:35.0241 32512 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 11:23:35.0241 32512 Appinfo - ok 11:23:35.0304 32512 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 11:23:35.0304 32512 Apple Mobile Device - ok 11:23:35.0335 32512 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 11:23:35.0335 32512 AppMgmt - ok 11:23:35.0350 32512 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 11:23:35.0350 32512 arc - ok 11:23:35.0350 32512 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 11:23:35.0366 32512 arcsas - ok 11:23:35.0444 32512 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 11:23:35.0475 32512 aspnet_state - ok 11:23:35.0475 32512 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 11:23:35.0475 32512 AsyncMac - ok 11:23:35.0491 32512 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 11:23:35.0491 32512 atapi - ok 11:23:35.0522 32512 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 11:23:35.0522 32512 AudioEndpointBuilder - ok 11:23:35.0538 32512 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 11:23:35.0538 32512 AudioSrv - ok 11:23:35.0569 32512 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 11:23:35.0569 32512 AxInstSV - ok 11:23:35.0584 32512 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 11:23:35.0600 32512 b06bdrv - ok 11:23:35.0616 32512 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 11:23:35.0631 32512 b57nd60a - ok 11:23:35.0662 32512 [ 5BE512E49C43C8466AB7B4740D1927D7 ] bcgame C:\Windows\system32\drivers\bcgame.sys 11:23:35.0662 32512 bcgame - ok 11:23:35.0678 32512 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 11:23:35.0678 32512 BDESVC - ok 11:23:35.0678 32512 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 11:23:35.0678 32512 Beep - ok 11:23:35.0725 32512 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 11:23:35.0725 32512 BFE - ok 11:23:35.0896 32512 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx64.sys 11:23:35.0896 32512 BHDrvx64 - ok 11:23:35.0943 32512 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 11:23:35.0959 32512 BITS - ok 11:23:35.0959 32512 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 11:23:35.0959 32512 blbdrive - ok 11:23:36.0006 32512 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 11:23:36.0006 32512 Bonjour Service - ok 11:23:36.0037 32512 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 11:23:36.0037 32512 bowser - ok 11:23:36.0052 32512 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 11:23:36.0052 32512 BrFiltLo - ok 11:23:36.0068 32512 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 11:23:36.0068 32512 BrFiltUp - ok 11:23:36.0084 32512 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 11:23:36.0099 32512 BridgeMP - ok 11:23:36.0115 32512 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 11:23:36.0115 32512 Browser - ok 11:23:36.0146 32512 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 11:23:36.0146 32512 Brserid - ok 11:23:36.0162 32512 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 11:23:36.0177 32512 BrSerWdm - ok 11:23:36.0177 32512 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 11:23:36.0193 32512 BrUsbMdm - ok 11:23:36.0208 32512 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 11:23:36.0224 32512 BrUsbSer - ok 11:23:36.0224 32512 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 11:23:36.0224 32512 BTHMODEM - ok 11:23:36.0240 32512 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 11:23:36.0255 32512 bthserv - ok 11:23:36.0255 32512 catchme - ok 11:23:36.0318 32512 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys 11:23:36.0333 32512 ccSet_N360 - ok 11:23:36.0333 32512 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 11:23:36.0349 32512 cdfs - ok 11:23:36.0380 32512 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 11:23:36.0380 32512 cdrom - ok 11:23:36.0411 32512 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 11:23:36.0411 32512 CertPropSvc - ok 11:23:36.0427 32512 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 11:23:36.0427 32512 circlass - ok 11:23:36.0442 32512 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 11:23:36.0442 32512 CLFS - ok 11:23:36.0474 32512 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:23:36.0489 32512 clr_optimization_v2.0.50727_32 - ok 11:23:36.0536 32512 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:23:36.0536 32512 clr_optimization_v2.0.50727_64 - ok 11:23:36.0583 32512 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:23:36.0583 32512 clr_optimization_v4.0.30319_32 - ok 11:23:36.0583 32512 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:23:36.0583 32512 clr_optimization_v4.0.30319_64 - ok 11:23:36.0598 32512 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 11:23:36.0598 32512 CmBatt - ok 11:23:36.0630 32512 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 11:23:36.0630 32512 cmdide - ok 11:23:36.0661 32512 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 11:23:36.0692 32512 CNG - ok 11:23:36.0708 32512 [ 8B0894025E4077324A460830E4CE48D3 ] COMMONFX.DLL C:\Windows\System32\COMMONFX.DLL 11:23:36.0723 32512 COMMONFX.DLL - ok 11:23:36.0739 32512 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 11:23:36.0754 32512 Compbatt - ok 11:23:36.0786 32512 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 11:23:36.0786 32512 CompositeBus - ok 11:23:36.0786 32512 COMSysApp - ok 11:23:36.0786 32512 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 11:23:36.0786 32512 crcdisk - ok 11:23:36.0817 32512 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe 11:23:36.0832 32512 Creative ALchemy AL6 Licensing Service - ok 11:23:36.0848 32512 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 11:23:36.0864 32512 Creative Audio Engine Licensing Service - ok 11:23:36.0895 32512 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 11:23:36.0895 32512 CryptSvc - ok 11:23:36.0926 32512 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 11:23:36.0942 32512 CSC - ok 11:23:36.0973 32512 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 11:23:36.0988 32512 CscService - ok 11:23:37.0004 32512 [ 229E3B8F266ABDAFD54E4A372B9D5DDC ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS 11:23:37.0020 32512 CT20XUT - ok 11:23:37.0035 32512 CT20XUT.DLL - ok 11:23:37.0035 32512 [ 229E3B8F266ABDAFD54E4A372B9D5DDC ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS 11:23:37.0035 32512 CT20XUT.SYS - ok 11:23:37.0051 32512 [ EB3843A91A10150C9E05607CBCB44090 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys 11:23:37.0082 32512 ctac32k - ok 11:23:37.0098 32512 [ BC06EFB59A2316537765462DFE40F764 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys 11:23:37.0113 32512 ctaud2k - ok 11:23:37.0129 32512 [ 044AE7EF3B00D3FF78C2499020CF5877 ] CTAUDFX.DLL C:\Windows\System32\CTAUDFX.DLL 11:23:37.0160 32512 CTAUDFX.DLL - ok 11:23:37.0222 32512 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe 11:23:37.0222 32512 CTAudSvcService - ok 11:23:37.0222 32512 [ 00406FE23F68323C5B6E5DB7C9E1F630 ] CTEAPSFX.DLL C:\Windows\System32\CTEAPSFX.DLL 11:23:37.0238 32512 CTEAPSFX.DLL - ok 11:23:37.0254 32512 [ 65DE222141B31AC3FFE6F57D3E24AF12 ] CTEDSPFX.DLL C:\Windows\System32\CTEDSPFX.DLL 11:23:37.0254 32512 CTEDSPFX.DLL - ok 11:23:37.0269 32512 [ 54F59F12BE0DB627273A55DC8EF7B35B ] CTEDSPIO.DLL C:\Windows\System32\CTEDSPIO.DLL 11:23:37.0269 32512 CTEDSPIO.DLL - ok 11:23:37.0285 32512 [ C0CBEB55E12B3D63AEB4CA5926D65FEA ] CTEDSPSY.DLL C:\Windows\System32\CTEDSPSY.DLL 11:23:37.0300 32512 CTEDSPSY.DLL - ok 11:23:37.0332 32512 [ 63B2B6CE9D3EF182981FB64BD5433DA4 ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS 11:23:37.0347 32512 CTEXFIFX - ok 11:23:37.0347 32512 CTEXFIFX.DLL - ok 11:23:37.0363 32512 [ 63B2B6CE9D3EF182981FB64BD5433DA4 ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS 11:23:37.0378 32512 CTEXFIFX.SYS - ok 11:23:37.0378 32512 [ 6D115CC80873B85FD80DDA1C41F75A2C ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS 11:23:37.0394 32512 CTHWIUT - ok 11:23:37.0394 32512 CTHWIUT.DLL - ok 11:23:37.0394 32512 [ 6D115CC80873B85FD80DDA1C41F75A2C ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS 11:23:37.0394 32512 CTHWIUT.SYS - ok 11:23:37.0425 32512 [ EBC9548EF5838CB5AA8F18B3AC28AF12 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys 11:23:37.0441 32512 ctprxy2k - ok 11:23:37.0456 32512 [ B92DFA633AB0595E1D941778844A9909 ] CTSBLFX.DLL C:\Windows\System32\CTSBLFX.DLL 11:23:37.0488 32512 CTSBLFX.DLL - ok 11:23:37.0503 32512 [ 459BEE1682121842285C162E2D98D81A ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys 11:23:37.0503 32512 ctsfm2k - ok 11:23:37.0534 32512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 11:23:37.0534 32512 DcomLaunch - ok 11:23:37.0550 32512 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 11:23:37.0550 32512 defragsvc - ok 11:23:37.0581 32512 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 11:23:37.0581 32512 DfsC - ok 11:23:37.0612 32512 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 11:23:37.0612 32512 Dhcp - ok 11:23:37.0628 32512 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 11:23:37.0644 32512 discache - ok 11:23:37.0659 32512 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 11:23:37.0659 32512 Disk - ok 11:23:37.0690 32512 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 11:23:37.0690 32512 Dnscache - ok 11:23:37.0722 32512 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 11:23:37.0722 32512 dot3svc - ok 11:23:37.0753 32512 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 11:23:37.0753 32512 DPS - ok 11:23:37.0768 32512 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 11:23:37.0784 32512 drmkaud - ok 11:23:37.0815 32512 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 11:23:37.0815 32512 DXGKrnl - ok 11:23:37.0815 32512 EagleX64 - ok 11:23:37.0831 32512 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 11:23:37.0831 32512 EapHost - ok 11:23:37.0878 32512 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 11:23:37.0924 32512 ebdrv - ok 11:23:38.0002 32512 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 11:23:38.0018 32512 eeCtrl - ok 11:23:38.0049 32512 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 11:23:38.0049 32512 EFS - ok 11:23:38.0080 32512 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 11:23:38.0096 32512 ehRecvr - ok 11:23:38.0112 32512 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 11:23:38.0112 32512 ehSched - ok 11:23:38.0143 32512 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 11:23:38.0143 32512 elxstor - ok 11:23:38.0158 32512 [ C26133B6165928FBD156C6FE570F9ED2 ] emupia C:\Windows\system32\drivers\emupia2k.sys 11:23:38.0174 32512 emupia - ok 11:23:38.0190 32512 EraserUtilDrv11220 - ok 11:23:38.0236 32512 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 11:23:38.0236 32512 EraserUtilRebootDrv - ok 11:23:38.0268 32512 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 11:23:38.0268 32512 ErrDev - ok 11:23:38.0299 32512 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 11:23:38.0299 32512 EventSystem - ok 11:23:38.0314 32512 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 11:23:38.0314 32512 exfat - ok 11:23:38.0330 32512 Fabs - ok 11:23:38.0346 32512 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 11:23:38.0346 32512 fastfat - ok 11:23:38.0377 32512 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 11:23:38.0392 32512 Fax - ok 11:23:38.0392 32512 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 11:23:38.0392 32512 fdc - ok 11:23:38.0408 32512 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 11:23:38.0408 32512 fdPHost - ok 11:23:38.0408 32512 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 11:23:38.0424 32512 FDResPub - ok 11:23:38.0424 32512 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 11:23:38.0424 32512 FileInfo - ok 11:23:38.0439 32512 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 11:23:38.0439 32512 Filetrace - ok 11:23:38.0502 32512 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe 11:23:38.0533 32512 FirebirdServerMAGIXInstance - ok 11:23:38.0548 32512 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 11:23:38.0548 32512 flpydisk - ok 11:23:38.0580 32512 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 11:23:38.0580 32512 FltMgr - ok 11:23:38.0626 32512 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 11:23:38.0626 32512 FontCache - ok 11:23:38.0658 32512 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:23:38.0673 32512 FontCache3.0.0.0 - ok 11:23:38.0673 32512 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 11:23:38.0673 32512 FsDepends - ok 11:23:38.0704 32512 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 11:23:38.0720 32512 fssfltr - ok 11:23:38.0767 32512 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 11:23:38.0814 32512 fsssvc - ok 11:23:38.0860 32512 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 11:23:38.0876 32512 Fs_Rec - ok 11:23:38.0892 32512 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 11:23:38.0907 32512 fvevol - ok 11:23:38.0907 32512 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 11:23:38.0907 32512 gagp30kx - ok 11:23:38.0938 32512 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 11:23:38.0954 32512 GEARAspiWDM - ok 11:23:38.0985 32512 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 11:23:38.0985 32512 gpsvc - ok 11:23:39.0016 32512 [ A3F010D5DBFB589A3B3288C05C2EA3F9 ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys 11:23:39.0048 32512 ha20x2k - ok 11:23:39.0048 32512 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 11:23:39.0063 32512 hcw85cir - ok 11:23:39.0110 32512 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 11:23:39.0110 32512 HdAudAddService - ok 11:23:39.0141 32512 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 11:23:39.0141 32512 HDAudBus - ok 11:23:39.0141 32512 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 11:23:39.0157 32512 HidBatt - ok 11:23:39.0172 32512 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 11:23:39.0172 32512 HidBth - ok 11:23:39.0188 32512 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 11:23:39.0204 32512 HidIr - ok 11:23:39.0219 32512 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 11:23:39.0219 32512 hidserv - ok 11:23:39.0250 32512 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 11:23:39.0250 32512 HidUsb - ok 11:23:39.0328 32512 [ E4EF2B270971648EEBED0EEE39A6D594 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe 11:23:39.0328 32512 HiPatchService - ok 11:23:39.0360 32512 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 11:23:39.0360 32512 hkmsvc - ok 11:23:39.0422 32512 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 11:23:39.0422 32512 HomeGroupListener - ok 11:23:39.0453 32512 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 11:23:39.0453 32512 HomeGroupProvider - ok 11:23:39.0469 32512 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 11:23:39.0469 32512 HpSAMD - ok 11:23:39.0500 32512 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 11:23:39.0516 32512 HTTP - ok 11:23:39.0547 32512 [ 129128E192F9470EB92DB28B6730B06B ] hugoio64 C:\Program Files (x86)\i-Menu\hugoio64.sys 11:23:39.0547 32512 hugoio64 - ok 11:23:39.0562 32512 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 11:23:39.0562 32512 hwpolicy - ok 11:23:39.0594 32512 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 11:23:39.0594 32512 i8042prt - ok 11:23:39.0609 32512 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 11:23:39.0609 32512 iaStorV - ok 11:23:39.0656 32512 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:23:39.0672 32512 idsvc - ok 11:23:39.0781 32512 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20121127.001\IDSvia64.sys 11:23:39.0781 32512 IDSVia64 - ok 11:23:39.0796 32512 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 11:23:39.0812 32512 iirsp - ok 11:23:39.0843 32512 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 11:23:39.0843 32512 IKEEXT - ok 11:23:39.0890 32512 [ 13089F31AA37CDE1CE3784EE01A48484 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 11:23:39.0906 32512 IntcAzAudAddService - ok 11:23:39.0921 32512 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 11:23:39.0921 32512 intelide - ok 11:23:39.0937 32512 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 11:23:39.0937 32512 intelppm - ok 11:23:39.0952 32512 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 11:23:39.0952 32512 IPBusEnum - ok 11:23:39.0984 32512 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:23:39.0984 32512 IpFilterDriver - ok 11:23:40.0015 32512 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 11:23:40.0015 32512 iphlpsvc - ok 11:23:40.0062 32512 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 11:23:40.0062 32512 IPMIDRV - ok 11:23:40.0093 32512 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 11:23:40.0093 32512 IPNAT - ok 11:23:40.0124 32512 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 11:23:40.0140 32512 iPod Service - ok 11:23:40.0155 32512 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 11:23:40.0155 32512 IRENUM - ok 11:23:40.0155 32512 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 11:23:40.0155 32512 isapnp - ok 11:23:40.0186 32512 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 11:23:40.0202 32512 iScsiPrt - ok 11:23:40.0218 32512 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 11:23:40.0218 32512 kbdclass - ok 11:23:40.0233 32512 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 11:23:40.0233 32512 kbdhid - ok 11:23:40.0233 32512 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 11:23:40.0233 32512 KeyIso - ok 11:23:40.0264 32512 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 11:23:40.0264 32512 KSecDD - ok 11:23:40.0296 32512 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 11:23:40.0311 32512 KSecPkg - ok 11:23:40.0311 32512 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 11:23:40.0311 32512 ksthunk - ok 11:23:40.0327 32512 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 11:23:40.0342 32512 KtmRm - ok 11:23:40.0358 32512 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 11:23:40.0358 32512 LanmanServer - ok 11:23:40.0374 32512 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 11:23:40.0389 32512 LanmanWorkstation - ok 11:23:40.0436 32512 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 11:23:40.0467 32512 LBTServ - ok 11:23:40.0498 32512 [ DB164EB571FD118D277D939510B0F562 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys 11:23:40.0498 32512 LGBusEnum - ok 11:23:40.0514 32512 [ DA1C7839CE72BB724822D1EE597DCB19 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys 11:23:40.0514 32512 LGVirHid - ok 11:23:40.0545 32512 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 11:23:40.0545 32512 LHidFilt - ok 11:23:40.0592 32512 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 11:23:40.0592 32512 LightScribeService - ok 11:23:40.0608 32512 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 11:23:40.0608 32512 lltdio - ok 11:23:40.0623 32512 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 11:23:40.0639 32512 lltdsvc - ok 11:23:40.0654 32512 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 11:23:40.0654 32512 lmhosts - ok 11:23:40.0670 32512 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 11:23:40.0686 32512 LMouFilt - ok 11:23:40.0701 32512 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 11:23:40.0701 32512 LSI_FC - ok 11:23:40.0717 32512 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 11:23:40.0717 32512 LSI_SAS - ok 11:23:40.0732 32512 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 11:23:40.0732 32512 LSI_SAS2 - ok 11:23:40.0748 32512 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 11:23:40.0748 32512 LSI_SCSI - ok 11:23:40.0764 32512 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 11:23:40.0764 32512 luafv - ok 11:23:40.0764 32512 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys 11:23:40.0779 32512 MBfilt - ok 11:23:40.0810 32512 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 11:23:40.0810 32512 Mcx2Svc - ok 11:23:40.0826 32512 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 11:23:40.0842 32512 megasas - ok 11:23:40.0857 32512 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 11:23:40.0857 32512 MegaSR - ok 11:23:40.0857 32512 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 11:23:40.0873 32512 MEIx64 - ok 11:23:40.0873 32512 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 11:23:40.0873 32512 MMCSS - ok 11:23:40.0873 32512 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 11:23:40.0873 32512 Modem - ok 11:23:40.0904 32512 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 11:23:40.0904 32512 monitor - ok 11:23:40.0951 32512 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys 11:23:40.0951 32512 motccgp - ok 11:23:40.0966 32512 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys 11:23:40.0966 32512 motccgpfl - ok 11:23:41.0029 32512 [ 3BBC6C2402242401F791548AAEBF3D39 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe 11:23:41.0029 32512 MotoHelper - ok 11:23:41.0044 32512 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys 11:23:41.0044 32512 MotoSwitchService - ok 11:23:41.0076 32512 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 11:23:41.0091 32512 mouclass - ok 11:23:41.0091 32512 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 11:23:41.0107 32512 mouhid - ok 11:23:41.0122 32512 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 11:23:41.0122 32512 mountmgr - ok 11:23:41.0138 32512 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 11:23:41.0154 32512 mpio - ok 11:23:41.0169 32512 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 11:23:41.0185 32512 mpsdrv - ok 11:23:41.0216 32512 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 11:23:41.0216 32512 MpsSvc - ok 11:23:41.0247 32512 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 11:23:41.0263 32512 MRxDAV - ok 11:23:41.0294 32512 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 11:23:41.0325 32512 mrxsmb - ok 11:23:41.0372 32512 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:23:41.0388 32512 mrxsmb10 - ok 11:23:41.0419 32512 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:23:41.0434 32512 mrxsmb20 - ok 11:23:41.0450 32512 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 11:23:41.0450 32512 msahci - ok 11:23:41.0466 32512 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 11:23:41.0481 32512 msdsm - ok 11:23:41.0481 32512 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 11:23:41.0481 32512 MSDTC - ok 11:23:41.0497 32512 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 11:23:41.0512 32512 Msfs - ok 11:23:41.0528 32512 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 11:23:41.0528 32512 mshidkmdf - ok 11:23:41.0559 32512 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 11:23:41.0559 32512 msisadrv - ok 11:23:41.0575 32512 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 11:23:41.0590 32512 MSiSCSI - ok 11:23:41.0590 32512 msiserver - ok 11:23:41.0622 32512 [ 192476C10371DC83243D67432B2CDCBF ] MSI_MSIBIOS_010507 C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys 11:23:41.0622 32512 MSI_MSIBIOS_010507 - ok 11:23:41.0637 32512 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 11:23:41.0637 32512 MSKSSRV - ok 11:23:41.0653 32512 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 11:23:41.0653 32512 MSPCLOCK - ok 11:23:41.0668 32512 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 11:23:41.0668 32512 MSPQM - ok 11:23:41.0700 32512 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 11:23:41.0700 32512 MsRPC - ok 11:23:41.0731 32512 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 11:23:41.0731 32512 mssmbios - ok 11:23:41.0731 32512 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 11:23:41.0731 32512 MSTEE - ok 11:23:41.0746 32512 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 11:23:41.0746 32512 MTConfig - ok 11:23:41.0762 32512 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 11:23:41.0762 32512 Mup - ok 11:23:41.0840 32512 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\ccSvcHst.exe 11:23:41.0840 32512 N360 - ok 11:23:41.0871 32512 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 11:23:41.0871 32512 napagent - ok 11:23:41.0887 32512 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 11:23:41.0902 32512 NativeWifiP - ok 11:23:41.0996 32512 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20121128.003\ENG64.SYS 11:23:41.0996 32512 NAVENG - ok 11:23:42.0043 32512 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20121128.003\EX64.SYS 11:23:42.0058 32512 NAVEX15 - ok 11:23:42.0105 32512 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 11:23:42.0105 32512 NDIS - ok 11:23:42.0121 32512 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 11:23:42.0121 32512 NdisCap - ok 11:23:42.0136 32512 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 11:23:42.0152 32512 NdisTapi - ok 11:23:42.0183 32512 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 11:23:42.0183 32512 Ndisuio - ok 11:23:42.0214 32512 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 11:23:42.0214 32512 NdisWan - ok 11:23:42.0246 32512 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 11:23:42.0246 32512 NDProxy - ok 11:23:42.0261 32512 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 11:23:42.0261 32512 NetBIOS - ok 11:23:42.0277 32512 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 11:23:42.0292 32512 NetBT - ok 11:23:42.0292 32512 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 11:23:42.0292 32512 Netlogon - ok 11:23:42.0308 32512 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 11:23:42.0308 32512 Netman - ok 11:23:42.0324 32512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:23:42.0324 32512 NetMsmqActivator - ok 11:23:42.0339 32512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:23:42.0339 32512 NetPipeActivator - ok 11:23:42.0355 32512 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 11:23:42.0355 32512 netprofm - ok 11:23:42.0355 32512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:23:42.0355 32512 NetTcpActivator - ok 11:23:42.0355 32512 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:23:42.0355 32512 NetTcpPortSharing - ok 11:23:42.0370 32512 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 11:23:42.0386 32512 nfrd960 - ok 11:23:42.0417 32512 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 11:23:42.0417 32512 NlaSvc - ok 11:23:42.0448 32512 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe 11:23:42.0464 32512 NMIndexingService - ok 11:23:42.0480 32512 NOBU - ok 11:23:42.0495 32512 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 11:23:42.0495 32512 Npfs - ok 11:23:42.0511 32512 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 11:23:42.0511 32512 nsi - ok 11:23:42.0511 32512 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 11:23:42.0511 32512 nsiproxy - ok 11:23:42.0558 32512 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 11:23:42.0620 32512 Ntfs - ok 11:23:42.0636 32512 [ 1B32C54B95121AB1683C7B83B2DB4B96 ] NTIOLib_1_0_4 C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys 11:23:42.0651 32512 NTIOLib_1_0_4 - ok 11:23:42.0667 32512 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 11:23:42.0667 32512 Null - ok 11:23:42.0682 32512 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 11:23:42.0714 32512 nusb3hub - ok 11:23:42.0729 32512 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 11:23:42.0729 32512 nusb3xhc - ok 11:23:42.0760 32512 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 11:23:42.0760 32512 NVHDA - ok 11:23:42.0932 32512 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 11:23:43.0010 32512 nvlddmkm - ok 11:23:43.0041 32512 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 11:23:43.0041 32512 nvraid - ok 11:23:43.0057 32512 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 11:23:43.0072 32512 nvstor - ok 11:23:43.0119 32512 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe 11:23:43.0119 32512 nvsvc - ok 11:23:43.0182 32512 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 11:23:43.0182 32512 nvUpdatusService - ok 11:23:43.0213 32512 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 11:23:43.0213 32512 nv_agp - ok 11:23:43.0244 32512 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 11:23:43.0244 32512 ohci1394 - ok 11:23:43.0275 32512 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:23:43.0275 32512 ose - ok 11:23:43.0353 32512 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 11:23:43.0431 32512 osppsvc - ok 11:23:43.0462 32512 [ 0E2DE427EBE106E7E5B52869D5C99F68 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys 11:23:43.0462 32512 ossrv - ok 11:23:43.0478 32512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 11:23:43.0478 32512 p2pimsvc - ok 11:23:43.0494 32512 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 11:23:43.0494 32512 p2psvc - ok 11:23:43.0509 32512 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 11:23:43.0509 32512 Parport - ok 11:23:43.0525 32512 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 11:23:43.0540 32512 partmgr - ok 11:23:43.0556 32512 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 11:23:43.0556 32512 PcaSvc - ok 11:23:43.0572 32512 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 11:23:43.0572 32512 pci - ok 11:23:43.0603 32512 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 11:23:43.0603 32512 pciide - ok 11:23:43.0618 32512 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 11:23:43.0618 32512 pcmcia - ok 11:23:43.0634 32512 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 11:23:43.0634 32512 pcw - ok 11:23:43.0650 32512 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 11:23:43.0650 32512 PEAUTH - ok 11:23:43.0696 32512 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 11:23:43.0696 32512 PeerDistSvc - ok 11:23:43.0743 32512 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 11:23:43.0759 32512 PerfHost - ok 11:23:43.0806 32512 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 11:23:43.0821 32512 pla - ok 11:23:43.0852 32512 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 11:23:43.0868 32512 PlugPlay - ok 11:23:43.0930 32512 [ 734D9EB27B76B2BA9F5030405345C707 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe 11:23:43.0962 32512 PMBDeviceInfoProvider - ok 11:23:43.0962 32512 PnkBstrA - ok 11:23:43.0962 32512 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 11:23:43.0977 32512 PNRPAutoReg - ok 11:23:43.0977 32512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 11:23:43.0977 32512 PNRPsvc - ok 11:23:44.0008 32512 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 11:23:44.0008 32512 PolicyAgent - ok 11:23:44.0040 32512 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 11:23:44.0040 32512 Power - ok 11:23:44.0055 32512 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 11:23:44.0071 32512 PptpMiniport - ok 11:23:44.0071 32512 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 11:23:44.0086 32512 Processor - ok 11:23:44.0118 32512 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 11:23:44.0118 32512 ProfSvc - ok 11:23:44.0133 32512 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 11:23:44.0133 32512 ProtectedStorage - ok 11:23:44.0164 32512 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 11:23:44.0164 32512 Psched - ok 11:23:44.0196 32512 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 11:23:44.0211 32512 PxHlpa64 - ok 11:23:44.0242 32512 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 11:23:44.0258 32512 ql2300 - ok 11:23:44.0274 32512 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 11:23:44.0274 32512 ql40xx - ok 11:23:44.0305 32512 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 11:23:44.0305 32512 QWAVE - ok 11:23:44.0320 32512 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 11:23:44.0320 32512 QWAVEdrv - ok 11:23:44.0336 32512 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 11:23:44.0336 32512 RasAcd - ok 11:23:44.0352 32512 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 11:23:44.0352 32512 RasAgileVpn - ok 11:23:44.0352 32512 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 11:23:44.0352 32512 RasAuto - ok 11:23:44.0383 32512 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 11:23:44.0383 32512 Rasl2tp - ok 11:23:44.0414 32512 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 11:23:44.0414 32512 RasMan - ok 11:23:44.0430 32512 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 11:23:44.0430 32512 RasPppoe - ok 11:23:44.0445 32512 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 11:23:44.0445 32512 RasSstp - ok 11:23:44.0461 32512 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 11:23:44.0461 32512 rdbss - ok 11:23:44.0476 32512 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 11:23:44.0476 32512 rdpbus - ok 11:23:44.0492 32512 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 11:23:44.0492 32512 RDPCDD - ok 11:23:44.0523 32512 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 11:23:44.0523 32512 RDPDR - ok 11:23:44.0523 32512 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 11:23:44.0523 32512 RDPENCDD - ok 11:23:44.0523 32512 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 11:23:44.0523 32512 RDPREFMP - ok 11:23:44.0586 32512 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 11:23:44.0586 32512 RdpVideoMiniport - ok 11:23:44.0617 32512 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 11:23:44.0617 32512 RDPWD - ok 11:23:44.0664 32512 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 11:23:44.0664 32512 rdyboost - ok 11:23:44.0679 32512 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 11:23:44.0679 32512 RemoteAccess - ok 11:23:44.0695 32512 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 11:23:44.0695 32512 RemoteRegistry - ok 11:23:44.0710 32512 [ 71B48DDAF5E9C2B40E64DE5C405F5AAC ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys 11:23:44.0726 32512 RimUsb - ok 11:23:44.0757 32512 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 11:23:44.0773 32512 RimVSerPort - ok 11:23:44.0788 32512 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys 11:23:44.0788 32512 ROOTMODEM - ok 11:23:44.0913 32512 [ E1AAAFF55A3CB098B80D6E8D932FBC98 ] RoxMediaDBGame1X C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe 11:23:44.0944 32512 RoxMediaDBGame1X - ok 11:23:44.0960 32512 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 11:23:44.0976 32512 RpcEptMapper - ok 11:23:44.0991 32512 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 11:23:45.0007 32512 RpcLocator - ok 11:23:45.0038 32512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 11:23:45.0038 32512 RpcSs - ok 11:23:45.0054 32512 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 11:23:45.0054 32512 rspndr - ok 11:23:45.0069 32512 [ 592065B29131AF32AA18A9E546BE9617 ] RTCore64 C:\Program Files (x86)\RMClock\RTCore64.sys 11:23:45.0085 32512 RTCore64 - ok 11:23:45.0116 32512 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 11:23:45.0116 32512 RTL8167 - ok 11:23:45.0132 32512 [ 2B38C905492F36FE42B59DA52D6B4EB7 ] RtNdPt60 C:\Windows\system32\DRIVERS\RtNdPt60.sys 11:23:45.0132 32512 RtNdPt60 - ok 11:23:45.0147 32512 [ F3F166CA4283FF6F5F2C0D883D475CF8 ] RTTEAMPT C:\Windows\system32\DRIVERS\RtTeam60.sys 11:23:45.0178 32512 RTTEAMPT - ok 11:23:45.0194 32512 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 11:23:45.0194 32512 s3cap - ok 11:23:45.0225 32512 [ CF0E5155A089C7C8D7CFD9D1088AFDA4 ] SaiH8000 C:\Windows\system32\DRIVERS\SaiH8000.sys 11:23:45.0241 32512 SaiH8000 - ok 11:23:45.0288 32512 [ 37FE3F97AC8ECAB53DF56BF275F8D2D5 ] SaiK0CCB C:\Windows\system32\DRIVERS\SaiK0CCB.sys 11:23:45.0303 32512 SaiK0CCB - ok 11:23:45.0350 32512 [ 2E6A17E1160B488C784FEE9E55EBD5E2 ] SaiK0CD7 C:\Windows\system32\DRIVERS\SaiK0CD7.sys 11:23:45.0350 32512 SaiK0CD7 - ok 11:23:45.0381 32512 [ E124BCFB55ADCD4AA273E73C3D666F9F ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys 11:23:45.0397 32512 SaiMini - ok 11:23:45.0444 32512 [ 94AB59E2D3F301DC2B6EA97A027CEBFA ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys 11:23:45.0459 32512 SaiNtBus - ok 11:23:45.0475 32512 [ 950DCA50AF39563D96EEC57AC614366C ] SaiU0CCB C:\Windows\system32\DRIVERS\SaiU0CCB.sys 11:23:45.0490 32512 SaiU0CCB - ok 11:23:45.0506 32512 [ C15DDCCE5FAD5BA211CF01558219AB21 ] SaiU0CD7 C:\Windows\system32\DRIVERS\SaiU0CD7.sys 11:23:45.0522 32512 SaiU0CD7 - ok 11:23:45.0537 32512 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 11:23:45.0553 32512 SamSs - ok 11:23:45.0568 32512 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 11:23:45.0584 32512 sbp2port - ok 11:23:45.0584 32512 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 11:23:45.0600 32512 SCardSvr - ok 11:23:45.0631 32512 [ 8475E746EB72D04F1015E6F091F50E09 ] SCBackService C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe 11:23:45.0646 32512 SCBackService - ok 11:23:45.0678 32512 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 11:23:45.0678 32512 scfilter - ok 11:23:45.0724 32512 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 11:23:45.0724 32512 Schedule - ok 11:23:45.0756 32512 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 11:23:45.0756 32512 SCPolicySvc - ok 11:23:45.0787 32512 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 11:23:45.0802 32512 SDRSVC - ok 11:23:45.0834 32512 [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 11:23:45.0834 32512 SeaPort - ok 11:23:45.0834 32512 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 11:23:45.0849 32512 secdrv - ok 11:23:45.0865 32512 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 11:23:45.0865 32512 seclogon - ok 11:23:45.0880 32512 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 11:23:45.0880 32512 SENS - ok 11:23:45.0880 32512 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 11:23:45.0880 32512 SensrSvc - ok 11:23:45.0896 32512 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 11:23:45.0896 32512 Serenum - ok 11:23:45.0912 32512 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 11:23:45.0912 32512 Serial - ok 11:23:45.0943 32512 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 11:23:45.0943 32512 sermouse - ok 11:23:45.0974 32512 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 11:23:45.0974 32512 SessionEnv - ok 11:23:46.0005 32512 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 11:23:46.0005 32512 sffdisk - ok 11:23:46.0005 32512 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 11:23:46.0005 32512 sffp_mmc - ok 11:23:46.0021 32512 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 11:23:46.0021 32512 sffp_sd - ok 11:23:46.0036 32512 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 11:23:46.0036 32512 sfloppy - ok 11:23:46.0068 32512 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 11:23:46.0068 32512 SharedAccess - ok 11:23:46.0099 32512 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 11:23:46.0099 32512 ShellHWDetection - ok 11:23:46.0114 32512 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 11:23:46.0114 32512 SiSRaid2 - ok 11:23:46.0130 32512 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 11:23:46.0130 32512 SiSRaid4 - ok 11:23:46.0146 32512 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 11:23:46.0146 32512 Smb - ok 11:23:46.0161 32512 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 11:23:46.0161 32512 SNMPTRAP - ok 11:23:46.0177 32512 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 11:23:46.0177 32512 spldr - ok 11:23:46.0208 32512 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 11:23:46.0224 32512 Spooler - ok 11:23:46.0286 32512 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 11:23:46.0317 32512 sppsvc - ok 11:23:46.0333 32512 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 11:23:46.0333 32512 sppuinotify - ok 11:23:46.0411 32512 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\N360x64\1402000.013\SRTSP64.SYS 11:23:46.0442 32512 SRTSP - ok 11:23:46.0458 32512 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS 11:23:46.0458 32512 SRTSPX - ok 11:23:46.0504 32512 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 11:23:46.0504 32512 srv - ok 11:23:46.0536 32512 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 11:23:46.0551 32512 srv2 - ok 11:23:46.0582 32512 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 11:23:46.0598 32512 srvnet - ok 11:23:46.0614 32512 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 11:23:46.0614 32512 SSDPSRV - ok 11:23:46.0614 32512 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 11:23:46.0629 32512 SstpSvc - ok 11:23:46.0660 32512 Steam Client Service - ok 11:23:46.0738 32512 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 11:23:46.0754 32512 Stereo Service - ok 11:23:46.0770 32512 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 11:23:46.0785 32512 stexstor - ok 11:23:46.0816 32512 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 11:23:46.0816 32512 stisvc - ok 11:23:46.0848 32512 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 11:23:46.0848 32512 storflt - ok 11:23:46.0863 32512 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 11:23:46.0863 32512 storvsc - ok 11:23:46.0910 32512 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 11:23:46.0910 32512 swenum - ok 11:23:46.0926 32512 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 11:23:46.0926 32512 swprv - ok 11:23:46.0941 32512 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS 11:23:46.0957 32512 SymDS - ok 11:23:46.0972 32512 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS 11:23:46.0988 32512 SymEFA - ok 11:23:47.0050 32512 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 11:23:47.0066 32512 SymEvent - ok 11:23:47.0113 32512 [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys 11:23:47.0113 32512 SymIM - ok 11:23:47.0160 32512 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS 11:23:47.0160 32512 SymIRON - ok 11:23:47.0175 32512 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS 11:23:47.0191 32512 SymNetS - ok 11:23:47.0206 32512 Synth3dVsc - ok 11:23:47.0253 32512 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 11:23:47.0253 32512 SysMain - ok 11:23:47.0300 32512 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 11:23:47.0300 32512 TabletInputService - ok 11:23:47.0331 32512 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 11:23:47.0331 32512 TapiSrv - ok 11:23:47.0331 32512 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 11:23:47.0331 32512 TBS - ok 11:23:47.0394 32512 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 11:23:47.0425 32512 Tcpip - ok 11:23:47.0440 32512 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 11:23:47.0440 32512 TCPIP6 - ok 11:23:47.0472 32512 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 11:23:47.0487 32512 tcpipreg - ok 11:23:47.0503 32512 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 11:23:47.0503 32512 TDPIPE - ok 11:23:47.0534 32512 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 11:23:47.0550 32512 TDTCP - ok 11:23:47.0565 32512 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 11:23:47.0565 32512 tdx - ok 11:23:47.0581 32512 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 11:23:47.0581 32512 TermDD - ok 11:23:47.0612 32512 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 11:23:47.0612 32512 TermService - ok 11:23:47.0628 32512 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 11:23:47.0628 32512 Themes - ok 11:23:47.0643 32512 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 11:23:47.0643 32512 THREADORDER - ok 11:23:47.0643 32512 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 11:23:47.0643 32512 TrkWks - ok 11:23:47.0690 32512 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 11:23:47.0706 32512 TrustedInstaller - ok 11:23:47.0737 32512 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 11:23:47.0737 32512 tssecsrv - ok 11:23:47.0752 32512 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 11:23:47.0752 32512 TsUsbFlt - ok 11:23:47.0752 32512 tsusbhub - ok 11:23:47.0784 32512 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 11:23:47.0784 32512 tunnel - ok 11:23:47.0815 32512 [ F37D49111A12A97DE4BB5D8FF444BD2C ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys 11:23:47.0830 32512 TurboB - ok 11:23:47.0862 32512 [ 44D81B1BFD2428274BBA98316D9606DC ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe 11:23:47.0877 32512 TurboBoost - ok 11:23:47.0893 32512 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 11:23:47.0893 32512 uagp35 - ok 11:23:47.0924 32512 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 11:23:47.0940 32512 udfs - ok 11:23:47.0955 32512 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 11:23:47.0955 32512 UI0Detect - ok 11:23:47.0971 32512 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 11:23:47.0971 32512 uliagpkx - ok 11:23:47.0986 32512 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 11:23:47.0986 32512 umbus - ok 11:23:48.0002 32512 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 11:23:48.0002 32512 UmPass - ok 11:23:48.0018 32512 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 11:23:48.0018 32512 UmRdpService - ok 11:23:48.0033 32512 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 11:23:48.0049 32512 upnphost - ok 11:23:48.0064 32512 [ 54D4B48D443E7228BF64CF7CDC3118AC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 11:23:48.0064 32512 USBAAPL64 - ok 11:23:48.0096 32512 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 11:23:48.0096 32512 usbaudio - ok 11:23:48.0127 32512 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 11:23:48.0158 32512 usbccgp - ok 11:23:48.0189 32512 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 11:23:48.0205 32512 usbcir - ok 11:23:48.0220 32512 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 11:23:48.0236 32512 usbehci - ok 11:23:48.0252 32512 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 11:23:48.0267 32512 usbhub - ok 11:23:48.0283 32512 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 11:23:48.0298 32512 usbohci - ok 11:23:48.0298 32512 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 11:23:48.0314 32512 usbprint - ok 11:23:48.0330 32512 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:23:48.0345 32512 USBSTOR - ok 11:23:48.0361 32512 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 11:23:48.0376 32512 usbuhci - ok 11:23:48.0392 32512 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 11:23:48.0392 32512 UxSms - ok 11:23:48.0392 32512 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 11:23:48.0392 32512 VaultSvc - ok 11:23:48.0408 32512 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 11:23:48.0408 32512 vdrvroot - ok 11:23:48.0439 32512 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 11:23:48.0439 32512 vds - ok 11:23:48.0454 32512 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 11:23:48.0454 32512 vga - ok 11:23:48.0470 32512 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 11:23:48.0470 32512 VgaSave - ok 11:23:48.0470 32512 VGPU - ok 11:23:48.0486 32512 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 11:23:48.0486 32512 vhdmp - ok 11:23:48.0517 32512 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 11:23:48.0517 32512 viaide - ok 11:23:48.0532 32512 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 11:23:48.0532 32512 vmbus - ok 11:23:48.0548 32512 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 11:23:48.0548 32512 VMBusHID - ok 11:23:48.0564 32512 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 11:23:48.0579 32512 volmgr - ok 11:23:48.0626 32512 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 11:23:48.0657 32512 volmgrx - ok 11:23:48.0720 32512 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 11:23:48.0751 32512 volsnap - ok 11:23:48.0782 32512 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 11:23:48.0813 32512 vsmraid - ok 11:23:49.0094 32512 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 11:23:49.0125 32512 VSS - ok 11:23:49.0141 32512 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 11:23:49.0156 32512 vwifibus - ok 11:23:49.0234 32512 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 11:23:49.0234 32512 W32Time - ok 11:23:49.0250 32512 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 11:23:49.0281 32512 WacomPen - ok 11:23:49.0312 32512 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 11:23:49.0328 32512 WANARP - ok 11:23:49.0344 32512 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 11:23:49.0344 32512 Wanarpv6 - ok 11:23:49.0578 32512 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 11:23:49.0593 32512 WatAdminSvc - ok 11:23:49.0843 32512 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 11:23:49.0874 32512 wbengine - ok 11:23:49.0905 32512 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 11:23:49.0921 32512 WbioSrvc - ok 11:23:50.0014 32512 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 11:23:50.0030 32512 wcncsvc - ok 11:23:50.0061 32512 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 11:23:50.0077 32512 WcsPlugInService - ok 11:23:50.0170 32512 [ 147C60622CB53E901EFD8BB6D44A4C46 ] WCUService_STC_IE C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe 11:23:50.0186 32512 WCUService_STC_IE - ok 11:23:50.0202 32512 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 11:23:50.0217 32512 Wd - ok 11:23:50.0264 32512 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys 11:23:50.0280 32512 WDC_SAM - ok 11:23:50.0373 32512 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 11:23:50.0919 32512 Wdf01000 - ok 11:23:50.0935 32512 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 11:23:50.0935 32512 WdiServiceHost - ok 11:23:50.0950 32512 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 11:23:50.0950 32512 WdiSystemHost - ok 11:23:51.0013 32512 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 11:23:53.0618 32512 WebClient - ok 11:23:53.0634 32512 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 11:23:53.0634 32512 Wecsvc - ok 11:23:53.0649 32512 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 11:23:53.0649 32512 wercplsupport - ok 11:23:53.0665 32512 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 11:23:53.0665 32512 WerSvc - ok 11:23:53.0680 32512 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 11:23:53.0696 32512 WfpLwf - ok 11:23:53.0712 32512 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 11:23:53.0712 32512 WIMMount - ok 11:23:53.0727 32512 WinDefend - ok 11:23:53.0727 32512 WinHttpAutoProxySvc - ok 11:23:53.0758 32512 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 11:23:53.0758 32512 Winmgmt - ok 11:23:53.0805 32512 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 11:23:53.0836 32512 WinRM - ok 11:23:53.0868 32512 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 11:23:53.0883 32512 WinUsb - ok 11:23:53.0914 32512 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 11:23:53.0914 32512 Wlansvc - ok 11:23:53.0977 32512 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 11:23:53.0977 32512 wlcrasvc - ok 11:23:54.0039 32512 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 11:23:54.0070 32512 wlidsvc - ok 11:23:54.0102 32512 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 11:23:54.0102 32512 WmiAcpi - ok 11:23:54.0117 32512 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 11:23:54.0117 32512 wmiApSrv - ok 11:23:54.0117 32512 WMPNetworkSvc - ok 11:23:54.0133 32512 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 11:23:54.0148 32512 WPCSvc - ok 11:23:54.0180 32512 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 11:23:54.0180 32512 WPDBusEnum - ok 11:23:54.0195 32512 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 11:23:54.0211 32512 ws2ifsl - ok 11:23:54.0226 32512 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 11:23:54.0226 32512 wscsvc - ok 11:23:54.0226 32512 WSearch - ok 11:23:54.0289 32512 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 11:23:54.0351 32512 wuauserv - ok 11:23:54.0382 32512 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 11:23:54.0382 32512 WudfPf - ok 11:23:54.0398 32512 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 11:23:54.0398 32512 WUDFRd - ok 11:23:54.0429 32512 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 11:23:54.0445 32512 wudfsvc - ok 11:23:54.0445 32512 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 11:23:54.0476 32512 WwanSvc - ok 11:23:54.0476 32512 ================ Scan global =============================== 11:23:54.0523 32512 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 11:23:54.0554 32512 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 11:23:54.0554 32512 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 11:23:54.0570 32512 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 11:23:54.0585 32512 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 11:23:54.0585 32512 [Global] - ok 11:23:54.0585 32512 ================ Scan MBR ================================== 11:23:54.0601 32512 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 11:23:54.0804 32512 \Device\Harddisk0\DR0 - ok 11:23:54.0804 32512 ================ Scan VBR ================================== 11:23:54.0804 32512 [ 5A2EC5C74C0A8E96D99A221CDBFE9BD5 ] \Device\Harddisk0\DR0\Partition1 11:23:54.0804 32512 \Device\Harddisk0\DR0\Partition1 - ok 11:23:54.0819 32512 [ 4573A5896519F4B1CAD4AFE181CBE0D3 ] \Device\Harddisk0\DR0\Partition2 11:23:54.0819 32512 \Device\Harddisk0\DR0\Partition2 - ok 11:23:54.0819 32512 ============================================================ 11:23:54.0819 32512 Scan finished 11:23:54.0819 32512 ============================================================ 11:23:54.0819 32672 Detected object count: 0 11:23:54.0819 32672 Actual detected object count: 0 aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2012-11-28 11:25:14 ----------------------------- 11:25:14.890 OS Version: Windows x64 6.1.7601 Service Pack 1 11:25:14.890 Number of processors: 4 586 0x2A07 11:25:14.890 ComputerName: SAM-PC UserName: Sam 11:25:16.902 Initialize success 11:26:12.613 AVAST engine defs: 12112800 11:26:19.899 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 11:26:19.899 Disk 0 Vendor: WDC_WD1002FAEX-007BA0 05.01D05 Size: 953869MB BusType: 3 11:26:19.945 Disk 0 MBR read successfully 11:26:19.945 Disk 0 MBR scan 11:26:19.961 Disk 0 Windows 7 default MBR code 11:26:19.961 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 11:26:19.961 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848 11:26:19.977 Disk 0 scanning C:\Windows\system32\drivers 11:26:29.461 Service scanning 11:26:45.935 Modules scanning 11:26:45.935 Disk 0 trace - called modules: 11:26:45.935 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 11:26:45.951 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800deda060] 11:26:45.951 3 CLASSPNP.SYS[fffff88001b6943f] -> nt!IofCallDriver -> [0xfffffa800db5d540] 11:26:46.263 5 ACPI.sys[fffff88000f587a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800db7b060] 11:26:48.462 AVAST engine scan C:\Windows 11:26:51.208 AVAST engine scan C:\Windows\system32 11:29:38.175 AVAST engine scan C:\Windows\system32\drivers 11:30:26.535 AVAST engine scan C:\Users\Sam 11:37:52.805 Disk 0 MBR has been saved successfully to "C:\Users\Sam\Desktop\MBR.dat" 11:37:52.805 The log file has been saved successfully to "C:\Users\Sam\Desktop\aswMBR.txt" No probs running either program
- November 28, 2012
- 16 replies
winrscmde infection, help please

obione replied to obione's topic in Resolved Malware Removal Logs

Restarted and seems that Its fine. Looked for the same pop ups but didnt surf long, but they seem to be gone. The first issues that brought me here seem to be fixed. Ill post later if I have any issues. I know after a few days it will be closed completely, so Ill keep you apprised. I truely appreciate your help thus far sir.
- November 28, 2012
- 16 replies
winrscmde infection, help please

obione replied to obione's topic in Resolved Malware Removal Logs

ComboFix 12-11-27.01 - Sam 11/27/2012 18:25:07.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16366.13212 [GMT -6:00] Running from: c:\users\Sam\Desktop\ComboFix.exe AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\ntuser.dat c:\windows\svchost.exe c:\windows\SysWow64\URTTemp c:\windows\SysWow64\URTTemp\regtlib.exe . . ((((((((((((((((((((((((( Files Created from 2012-10-28 to 2012-11-28 ))))))))))))))))))))))))))))))) . . 2012-11-27 09:02 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-11-26 10:35 . 2012-11-26 10:36 -------- d-----w- C:\FRST 2012-11-26 10:11 . 2012-11-26 10:11 -------- d-----w- C:\TDSSKiller_Quarantine 2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\users\Sam\AppData\Roaming\SpeedyPC Software 2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\users\Sam\AppData\Roaming\DriverCure 2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software 2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\programdata\SpeedyPC Software 2012-11-26 09:47 . 2012-11-26 09:47 -------- d-----w- c:\program files (x86)\SpeedyPC Software 2012-11-26 09:26 . 2012-11-26 09:27 -------- d-----w- C:\sh4ldr 2012-11-26 09:26 . 2012-11-26 09:26 -------- d-----w- c:\program files\Enigma Software Group 2012-11-14 09:07 . 2012-07-26 05:05 2560 ----a-w- c:\windows\system32\drivers\es-ES\wdf01000.sys.mui 2012-11-14 09:07 . 2012-07-26 05:15 2560 ----a-w- c:\windows\system32\drivers\he-IL\wdf01000.sys.mui 2012-11-14 09:07 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-14 09:07 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-14 09:07 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2012-11-14 09:07 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-14 09:00 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-14 09:00 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-14 09:00 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-14 09:00 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-14 09:00 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-14 09:00 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-14 09:00 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-11-14 07:07 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll 2012-11-14 07:07 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-14 09:01 . 2011-04-14 04:35 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-10-11 03:23 . 2012-10-11 03:23 247144 ----a-w- c:\windows\system32\nvinitx.dll 2012-10-11 03:23 . 2012-10-11 03:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2012-10-11 03:23 . 2012-10-11 03:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll 2012-10-11 03:23 . 2012-09-14 12:58 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll 2012-10-11 03:23 . 2012-10-11 03:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll 2012-10-11 03:23 . 2012-10-11 03:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2012-10-11 03:23 . 2012-10-11 03:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-11 03:23 . 2012-10-11 03:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2012-10-11 03:23 . 2012-10-11 03:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll 2012-10-11 03:23 . 2012-10-11 03:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-11 03:23 . 2012-08-28 05:55 2731880 ----a-w- c:\windows\system32\nvapi64.dll 2012-10-11 03:23 . 2012-03-14 01:10 973672 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-10-11 03:23 . 2012-08-28 05:56 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-10-11 03:23 . 2012-10-11 03:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-11 03:23 . 2012-10-11 03:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll 2012-10-11 03:23 . 2012-10-11 03:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-11 03:23 . 2012-10-11 03:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2012-10-11 03:22 . 2012-10-11 03:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll 2012-10-11 03:22 . 2012-08-28 05:56 26331496 ----a-w- c:\windows\system32\nvoglv64.dll 2012-10-11 03:22 . 2011-10-25 02:13 1760104 ----a-w- c:\windows\system32\nvdispco64.dll 2012-10-11 03:22 . 2012-08-28 05:55 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-10-11 03:22 . 2012-10-11 03:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-11 03:22 . 2012-10-11 03:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2012-10-11 03:22 . 2012-10-11 03:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-11 03:22 . 2012-10-11 03:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2012-10-09 18:54 . 2012-06-23 20:39 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-09 18:54 . 2011-05-20 13:49 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-09 01:00 . 2012-10-26 01:29 776864 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\srtsp64.sys 2012-10-04 01:40 . 2012-10-26 01:29 1133216 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symefa64.sys 2012-10-04 01:40 . 2012-10-26 01:29 493216 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symds64.sys 2012-10-04 01:19 . 2012-10-26 01:29 168096 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\ccsetx64.sys 2012-10-02 19:51 . 2012-03-14 01:11 3536817 ----a-w- c:\windows\system32\nvcoproc.bin 2012-10-02 19:51 . 2011-01-16 22:13 3293544 ----a-w- c:\windows\system32\nvsvc64.dll 2012-10-02 19:51 . 2011-01-16 22:13 6200680 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 19:50 . 2011-07-24 06:31 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:50 . 2011-01-16 22:13 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:50 . 2011-01-16 22:13 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:15 . 2012-10-02 19:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2012-09-29 03:30 . 2012-05-26 19:48 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS 2012-09-14 19:19 . 2012-10-09 22:29 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:28 . 2012-10-09 22:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-09-07 02:05 . 2012-10-26 01:29 432800 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\symnets.sys 2012-09-07 01:48 . 2012-10-26 01:29 224416 ----a-w- c:\windows\system32\drivers\N360x64\1402000.013\ironx64.sys 2012-08-31 18:19 . 2012-10-09 22:30 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys 2012-08-31 17:17 . 2012-08-31 17:17 4278384 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2012-08-31 17:17 . 2012-08-31 17:17 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2012-08-30 18:03 . 2012-10-09 22:30 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-30 17:12 . 2012-10-09 22:30 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-08-30 17:12 . 2012-10-09 22:30 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "Super-Charger"="c:\program files (x86)\MSI\Super-Charger\StartSuperCharger.exe" [2011-01-25 303104] "Live Update 5"="c:\program files (x86)\MSI\Live Update 5\LU5.exe" [2011-02-01 1220608] "Q-Face agent"="c:\program files (x86)\MSI\MSI Q-Face\webtest.exe" [2008-12-15 20792] "NortonOnlineBackup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-03-05 1112920] "STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-01-21 776064] "ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544] "VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-07-13 122880] "AudioDrvEmulator"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152] "CTHelper"="CTHELPER.EXE" [2006-05-24 17920] "CTXFIREG"="CTXFIREG.exe" [2010-05-06 47104] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] "RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192] "PDF7 Registry Controller"="c:\program files (x86)\Nuance\PDF Converter 7\RegistryController.exe" [2010-08-18 121120] "CTxfiHlp"="CTXFIHLP.EXE" [2010-05-06 25600] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-07 421736] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-08-20 724576] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Nostromo Loadout Manager.lnk - c:\windows\Installer\{548C7B77-8B04-427E-ACD0-D0E6E6E59BCF}\NewShortcut2_548C7B778B04427EACD0D0E6E6E59BCF.exe [2011-7-25 45056] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 ALSysIO;ALSysIO;c:\users\Sam\AppData\Local\Temp\ALSysIO64.sys [x] R3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [2007-08-14 35328] R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-12-12 79360] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-12 79360] R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-05-06 202840] R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-05-06 1417304] R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-05-06 94808] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 EraserUtilDrv11220;EraserUtilDrv11220;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [x] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2011-04-04 21504] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 9216] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992] R3 RoxMediaDBGame1X;RoxMediaDBGame1X;c:\program files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [2011-02-17 1099248] R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys [2005-05-25 7168] R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2010-04-10 50720] R3 SaiH8000;SaiH8000;c:\windows\system32\DRIVERS\SaiH8000.sys [2008-04-04 178560] R3 SaiK0CCB;SaiK0CCB;c:\windows\system32\DRIVERS\SaiK0CCB.sys [2011-09-20 183104] R3 SaiU0CCB;SaiU0CCB;c:\windows\system32\DRIVERS\SaiU0CCB.sys [2011-09-20 47168] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS [2012-10-04 493216] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS [2012-10-04 1133216] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20121106.001\BHDrvx64.sys [2012-10-23 1384608] S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys [2012-10-04 168096] S1 hugoio64;hugoio64;c:\program files (x86)\i-Menu\hugoio64.sys [2008-04-30 13856] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20121123.001_1cc\IDSvia64.sys [2012-11-23 513184] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS [2012-09-07 224416] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS [2012-09-07 432800] S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-06 169408] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376] S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-11-14 8704] S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-04-26 223088] S2 N360;Norton 360;c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\ccSvcHst.exe [2012-10-11 143928] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service [x] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-08-20 474208] S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136] S2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-05-21 13832] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-05-21 134928] S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480] S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-05-06 202840] S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-05-06 1417304] S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-05-06 94808] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-29 138912] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-07-14 22408] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-07-14 16008] S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344] S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592] S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] S3 SaiK0CD7;SaiK0CD7;c:\windows\system32\DRIVERS\SaiK0CD7.sys [2011-09-20 183104] S3 SaiU0CD7;SaiU0CD7;c:\windows\system32\DRIVERS\SaiU0CD7.sys [2011-09-20 47168] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 18:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-11-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 18:54] . 2012-11-27 c:\windows\Tasks\FinalTorrent Update Checker.job - c:\program files (x86)\FinalTorrent\FTCheckForUpdates.exe [2011-05-08 21:50] . 2012-11-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421509916-3391201345-338949333-1000Core.job - c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-14 05:26] . 2012-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421509916-3391201345-338949333-1000UA.job - c:\users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-14 05:26] . 2012-11-26 c:\windows\Tasks\SpeedyPC Pro.job - c:\program files (x86)\SpeedyPC Software\SpeedyPC\SpeedyPC.exe [2012-10-04 20:42] . 2012-11-26 c:\windows\Tasks\SpeedyPC Registration3.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] . 2012-11-26 c:\windows\Tasks\SpeedyPC Update Version3 Startup Task.job - c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-10-04 20:42] . 2012-11-26 c:\windows\Tasks\SpeedyPC Update Version3.job - c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2012-10-04 20:42] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-17 6602856] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] "Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 110360] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-08-14 415752] "Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-08-13 2093064] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-08-14 4195848] "ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2012-01-23 432640] "SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2012-01-23 158208] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = https://www.google.com/ uInternet Settings,ProxyOverride = *.local;192.168.*.* IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Open with Nuance PDF Converter 7.0 - c:\program files (x86)\Nuance\PDF Converter 7\cnvres_eng.dll /100 IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 65.32.5.111 65.32.5.112 DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab . . ------- File Associations ------- . JSEFile=NOTEPAD.EXE %1 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{f2c43291-151e-499c-98a7-923c120b88fa} - (no file) BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files (x86)\Yontoo Layers Runtime\YontooIEClient.dll SafeBoot-35453725.sys WebBrowser-{F2C43291-151E-499C-98A7-923C120B88FA} - (no file) HKLM-Run-AsioThk32Reg - %SYSTEMROOT%\SYSWOW64\CTASIO.DLL AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-Search Toolbar - c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe AddRemove-vGrabber - c:\program files (x86)\vGrabber\uninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360] "ImagePath"="\"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.0.19\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-421509916-3391201345-338949333-1000\Software\SecuROM\License information*] "datasecu"=hex:07,6e,4a,58,0c,2d,52,60,98,34,12,3c,64,79,85,e0,f1,8a,de,68,c0, df,1c,a5,01,63,b9,f4,3a,01,87,83,9a,e2,3b,b6,e4,52,c0,c4,27,b9,6b,fb,30,7e,\ "rkeysecu"=hex:a7,30,38,a9,6e,c8,ed,54,4d,c6,5d,08,68,15,d5,aa . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-11-27 18:32:05 ComboFix-quarantined-files.txt 2012-11-28 00:32 . Pre-Run: 257,637,412,864 bytes free Post-Run: 257,710,182,400 bytes free . - - End Of File - - 2EB580B042EB30FD564EEA288E3EC4B6 I havent restarted but it seems fine, quicker responsiveness in browser and favs. Didnt have any problems, I went thru and disabled Norton but got an error message to make sure it was. Im pretty sure I turned it all off b4 clicking on the final message to make sure it was disabled. Im going to do a restart and let you know.
- November 28, 2012
- 16 replies
winrscmde infection, help please

obione replied to obione's topic in Resolved Malware Removal Logs

Total of 3 reports = RogueKiller V8.3.1 [Nov 26 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Sam [Admin rights] Mode : Scan -- Date : 11/27/2012 16:15:45 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD1002FAEX-007BA0 ATA Device +++++ --- User --- [MBR] c2ae85e87ab201bd9e41cb9c40bce021 [bSP] 4209e8b13664d6c39144344c99715123 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_11272012_02d1615.txt >> RKreport[1]_S_11272012_02d1615.txt RogueKiller V8.3.1 [Nov 26 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Sam [Admin rights] Mode : Remove -- Date : 11/27/2012 16:15:54 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2) [HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1) [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD1002FAEX-007BA0 ATA Device +++++ --- User --- [MBR] c2ae85e87ab201bd9e41cb9c40bce021 [bSP] 4209e8b13664d6c39144344c99715123 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_D_11272012_02d1615.txt >> RKreport[1]_S_11272012_02d1615.txt ; RKreport[2]_D_11272012_02d1615.txt RogueKiller V8.3.1 [Nov 26 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Sam [Admin rights] Mode : Remove -- Date : 11/27/2012 16:16:28 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD1002FAEX-007BA0 ATA Device +++++ --- User --- [MBR] c2ae85e87ab201bd9e41cb9c40bce021 [bSP] 4209e8b13664d6c39144344c99715123 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[3]_D_11272012_02d1616.txt >> RKreport[1]_S_11272012_02d1615.txt ; RKreport[2]_D_11272012_02d1615.txt ; RKreport[3]_D_11272012_02d1616.txt
- November 27, 2012
- 16 replies
winrscmde infection, help please

obione replied to obione's topic in Resolved Malware Removal Logs

# AdwCleaner v2.009 - Logfile created 11/27/2012 at 16:04:33 # Updated 24/11/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Sam - SAM-PC # Boot Mode : Normal # Running from : C:\Users\Sam\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Program Files (x86)\AutocompletePro Folder Deleted : C:\Program Files (x86)\PageRage Folder Deleted : C:\Program Files (x86)\Search Toolbar Folder Deleted : C:\Program Files (x86)\vGrabber Folder Deleted : C:\Program Files (x86)\Yontoo Layers Runtime Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\BabylonUpdater Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\Users\Sam\AppData\Local\Babylon Folder Deleted : C:\Users\Sam\AppData\Local\Conduit Folder Deleted : C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk Folder Deleted : C:\Users\Sam\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Sam\AppData\LocalLow\PageRage Folder Deleted : C:\Users\Sam\AppData\Roaming\Babylon Folder Deleted : C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vGrabber Folder Deleted : C:\Users\Sam\Documents\DealRunner ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\Freecause Key Deleted : HKCU\Software\AppDataLow\Software\PageRage Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AutocompletePro Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9565115D-C7D6-46D3-BD63-B67B481A4368} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9565115D-C7D6-46D3-BD63-B67B481A4368} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\Zugo Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2418376 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\Software\ImInstaller Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60A4228B-CFB0-4567-92C7-3350E7FB7802} Key Deleted : HKLM\Software\PageRage Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60A4228B-CFB0-4567-92C7-3350E7FB7802} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9565115D-C7D6-46D3-BD63-B67B481A4368} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AD7E04D-F24D-4055-9D9B-0F4CE5D19E8D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1961756-9772-412C-AE0D-12BF9B84938A} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1 Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PageRage Toolbar Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Tarma Installer Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{9565115D-C7D6-46D3-BD63-B67B481A4368}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{9565115D-C7D6-46D3-BD63-B67B481A4368}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Google Chrome v23.0.1271.64 File : C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.84] : icon_url = "hxxp://www.ask.com/favicon.ico", Deleted [l.90] : search_url = "hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=15527&prt=360&am[...] ************************* AdwCleaner[s1].txt - [6473 octets] - [27/11/2012 16:04:33] ########## EOF - C:\AdwCleaner[s1].txt - [6533 octets] ##########
- November 27, 2012
- 16 replies
winrscmde infection, help please

obione replied to obione's topic in Resolved Malware Removal Logs

Issues Im Having = Blue Screen twice, but didnt get info..I know Im usless I saw the high usage message with the winrscmde listed. Looked it up and found my way here. I am having a ton of pop ups when surfing, but other than that pc is working. Think Im doing something wrong with ur programs. I followed the instructions and read through them, but... Defogger = defogger_disable by jpshortstuff (23.02.10.1) Log created at 00:01 on 27/11/2012 (Sam) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Security Check = Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Norton 360 Premier Edition WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` JavaFX 2.1.1 Java 6 Update 29 Java 7 Update 5 Java version out of Date! Adobe Flash Player 11.4.402.287 Flash Player out of Date! Adobe Reader 9 Adobe Reader out of Date! Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 Google Chrome 22.0.1229.79 Google Chrome 22.0.1229.92 Google Chrome 22.0.1229.94 Google Chrome 23.0.1271.64 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Symantec Norton Online Backup NOBuAgent.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 6% ````````````````````End of Log`````````````````````` DDS = comes back with a ton of jibberish and says it cant run in DOS.
- November 27, 2012
- 16 replies
winrscmde infection, help please

obione posted a topic in Resolved Malware Removal Logs

Topic Title says it all. Ive read other threads here on the site on the same issue. Looks like it may b different for each pc
- November 26, 2012
- 16 replies

Sign In

obione

Posts

Joined

Last visited

Reputation

winrscmde infection, help please

winrscmde infection, help please

winrscmde infection, help please

winrscmde infection, help please

winrscmde infection, help please

winrscmde infection, help please

winrscmde infection, help please

winrscmde infection, help please

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information