Infection

moonlitelace · April 6, 2012

I'm pretty sure I have a virus because now windows explorer is running at over 300,000k and I noticed likes and posts on my FB page that I didn't put there. I've attached the dds and attach txts. Thanks

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by O'Roak at 19:39:59 on 2012-04-05

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4252 [GMT -4:00]

.

AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}

SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe

C:\Windows\SysWOW64\NLSSRV32.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Trend Micro SafeSync\hrfscore.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\REGSVR32.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/?ilc=1

uWindow Title = Windows Internet Explorer provided by Yahoo!

uInternet Settings,ProxyOverride = *.local

mURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbIncr.dll

mWinlogon: Userinit=userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll

BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll

BHO: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbIncr.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

TB: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbIncr.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: {F92A9FE4-2850-4198-B9D5-279880E49B16} - No File

TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File

TB: {69D1A568-FFDF-4EF5-8919-7003582E0EE8} - No File

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File

uRun: [incrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {03A89EFD-E023-B100-A22D-45F77558EB4C} - hxxps://content10.ilinc.com/download/AXCltInst11.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {2FD395CB-BD93-4BA9-AA4B-D725754E20D1} - hxxp://test.player.portalarium.com/installers/win32/PortalariumPlayer.cab

DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

DPF: {708BFDA5-5B56-435B-8227-726021E197E9} - hxxp://us.beanfun.com/beanfun_block/embeds/BFServiceAdapter.ocx

DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} - hxxps://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E8F2FD65-4CA1-4E1E-BE81-A2D0A7C4D9CC} - hxxp://esupport.trendmicro.com/media/srf/GetVBInfo.cab

TCP: DhcpNameServer = 71.243.0.12 68.237.161.12

TCP: Interfaces\{8AAE4FCF-7C23-44D3-B348-DB9594E7CDEB} : DhcpNameServer = 71.243.0.12 68.237.161.12

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll

Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache

BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dll

BHO-X64: Trend Micro NSC BHO - No File

BHO-X64: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

BHO-X64: Trend Micro Toolbar BHO - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dll

BHO-X64: TmBpIeBHO - No File

BHO-X64: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbIncr.dll

BHO-X64: IncrediMail MediaBar 2 - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB-X64: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

TB-X64: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbIncr.dll

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB-X64: {F92A9FE4-2850-4198-B9D5-279880E49B16} - No File

TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File

TB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File

TB-X64: {69D1A568-FFDF-4EF5-8919-7003582E0EE8} - No File

TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB-X64: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\O'Roak\AppData\Roaming\Mozilla\Firefox\Profiles\lmemhd1p.default\

FF - prefs.js: browser.search.selectedEngine - MyStart Search

FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/?a=DgVeEjzrYR

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll

FF - plugin: C:\Users\O'Roak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R1 nnfwdk;Nielsen WFP Driver;C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys [2011-10-6 25648]

R1 SBRE;SBRE;\??\C:\Windows\system32\drivers\SBREdrv.sys --> C:\Windows\system32\drivers\SBREdrv.sys [?]

R1 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 Greg_Service;GRegService;C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [2009-6-4 1150496]

R2 nlsX86cc;NLS Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2011-3-21 68928]

R2 Updater Service;Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2009-8-15 240160]

R3 OnlineStorageService;OnlineStorageService;C:\Program Files\Trend Micro SafeSync\hrfscore.exe [2011-6-1 7496464]

R3 tmeevw;tmeevw;C:\Windows\system32\DRIVERS\tmeevw.sys --> C:\Windows\system32\DRIVERS\tmeevw.sys [?]

R3 tmnciesc;tmnciesc;C:\Windows\system32\DRIVERS\tmnciesc.sys --> C:\Windows\system32\DRIVERS\tmnciesc.sys [?]

S2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-4-2 275912]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 DAZContentManagementService;DAZ Content Management Service;C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [2011-9-28 22528]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-3 652360]

S2 NielsenUpdate;Nielsen Update;C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2011-9-8 303936]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856]

S3 CorelCreatorMessages;CorelCreatorMessages;"C:\Windows\system32\CorelCreatorMessages.exe" --> C:\Windows\system32\CorelCreatorMessages.exe [?]

S3 hrfsmrx;hrfsmrx;C:\Windows\system32\Drivers\hrfsmrx.sys --> C:\Windows\system32\Drivers\hrfsmrx.sys [?]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-6-25 17152]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;C:\Windows\system32\DRIVERS\lgvzandnetdiag64.sys --> C:\Windows\system32\DRIVERS\lgvzandnetdiag64.sys [?]

S3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;C:\Windows\system32\DRIVERS\lgvzandnetmdm64.sys --> C:\Windows\system32\DRIVERS\lgvzandnetmdm64.sys [?]

S3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;C:\Windows\system32\DRIVERS\lgvzandnetndis64.sys --> C:\Windows\system32\DRIVERS\lgvzandnetndis64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-04-05 23:12:24 -------- d-----w- C:\Users\O'Roak\AppData\Local\ElevatedDiagnostics

2012-04-05 11:52:31 -------- d-----w- C:\Program Files (x86)\Life Quest 2 - Metropoville

2012-04-04 02:46:07 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\Malwarebytes

2012-04-04 02:45:42 -------- d-----w- C:\ProgramData\Malwarebytes

2012-04-04 02:45:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-04-04 02:19:25 -------- d-----w- C:\Program Files (x86)\IncrediMail_MediaBar_2

2012-04-03 23:44:23 -------- d-sh--w- C:\Windows\System32\%APPDATA%

2012-04-02 11:03:02 67344 ----a-w- C:\Windows\System32\drivers\tmeevw.sys

2012-04-02 11:03:00 210704 ----a-w- C:\Windows\System32\drivers\tmnciesc.sys

2012-04-02 11:02:52 105744 ----a-w- C:\Windows\System32\drivers\tmtdi.sys

2012-04-02 11:02:50 91920 ----a-w- C:\Windows\System32\drivers\tmactmon.sys

2012-04-02 11:02:50 70928 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys

2012-04-02 11:02:50 167696 ----a-w- C:\Windows\System32\drivers\tmcomm.sys

2012-04-02 11:01:47 56 ----a-w- C:\Windows\System32\SupportTool.exe.bat

2012-04-02 11:01:20 -------- d-----w- C:\Program Files\Trend Micro

2012-04-02 03:41:37 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F384AC02-8274-4297-BA0A-C3A605B86444}\mpengine.dll

2012-04-01 18:50:32 -------- d--h--w- C:\Users\O'Roak\AppData\Local\iConcepts Webcam Manager

2012-04-01 18:50:32 -------- d-----w- C:\ProgramData\iConcepts Webcam Manager

2012-04-01 18:50:32 -------- d-----w- C:\ProgramData\Iconcepts

2012-04-01 18:49:58 -------- d-----w- C:\Program Files\iConcepts Webcam Manager

2012-04-01 02:46:46 -------- d-----w- C:\Program Files (x86)\FMPatcher

2012-03-28 22:13:17 -------- d-----w- C:\ProgramData\HitPoint Studios

2012-03-27 20:48:38 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\Anuman

2012-03-27 15:41:43 -------- d-----w- C:\Program Files (x86)\Monument Builders - Titanic

2012-03-26 23:47:38 -------- d-----w- C:\Program Files (x86)\The Secrets of Arcelia Island

2012-03-26 23:23:17 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\ERS Game Studios

2012-03-26 22:40:09 -------- d-----w- C:\Program Files (x86)\Spirits of Mystery - Amber Maiden

2012-03-23 00:19:37 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\4 Friends Games

2012-03-22 22:53:35 -------- d-----w- C:\Program Files (x86)\Living Legends - Ice Rose Collector's Edition

2012-03-17 02:35:23 167936 ----a-w- C:\Windows\SysWow64\Engine3D.dll

2012-03-16 01:06:10 -------- d--h--w- C:\Users\O'Roak\AppData\Local\Corel

2012-03-15 20:46:07 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll

2012-03-15 20:44:21 -------- d-----w- C:\Program Files (x86)\Egypt - Secret of five Gods

2012-03-15 20:31:00 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\BigFish All My Gods

2012-03-15 07:05:18 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-15 07:05:18 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-15 07:05:17 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-03-14 07:04:59 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-03-14 07:04:53 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-03-14 07:04:53 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-03-14 07:02:08 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-03-14 07:02:08 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-03-14 07:02:08 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-03-14 07:01:59 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-14 07:01:59 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-03-14 07:01:59 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-03-14 07:01:59 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-03-13 11:40:53 -------- d--h--w- C:\Users\O'Roak\AppData\Local\visi_coupon

2012-03-11 20:12:32 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\Artifex Mundi

2012-03-10 00:30:05 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\Amulet_of_time

2012-03-08 20:47:26 -------- d-----w- C:\e

.

==================== Find3M ====================

.

2012-03-09 13:00:03 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-23 13:18:36 279656 ----a-w- C:\Windows\System32\MpSigStub.exe

2012-01-17 17:56:30 60304 ----a-w- C:\Users\O'Roak\g2mdlhlpx.exe

2011-08-25 13:50:44 482 ----a-w- C:\Program Files (x86)\082520119504435.bat

.

============= FINISH: 19:48:47.18 ===============

How long does it normally take to hear back from someone?

Attach.txt

DDS.txt

LDTate · April 10, 2012

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

moonlitelace · April 11, 2012

Computer is still running windows explorer at over 500,000k. Malwarebytes is suppose to startup when I start my computer but it's not showing in the icon tray. Whenever I try to search something it redirects. Thanks

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.04.10.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

O'Roak :: OROAK-PC [administrator]

Protection: Disabled

4/10/2012 7:25:15 AM

mbam-log-2012-04-10 (07-25-15).txt

Scan type: Full scan

Scan options disabled:

Objects scanned: 571261

Time elapsed: 2 hour(s), 39 minute(s), 52 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

LDTate · April 11, 2012

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner»

Double-click ATF-Cleaner.exe to run the program.

Under Main choose: Select All

Click the Empty Selected button.

If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

It's normal after running ATF cleaner that the PC will be slower to boot the first time or two.

Next:

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

Ensure all Firefox windows are closed.
To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
When prompted to run the scan, click Yes.
It doesn't take long to run, once it is finished move onto the next step

Next:

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If Malicious objects are found then ensure Cure is selected
If TDLFS File System is found then ensure Delete is selected
Then click Continue Reboot now to finish the cleaning process.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

moonlitelace · April 11, 2012

I'm getting a few errors when I open Malwarebytes:

[OpenEvent] Failed to perform desired action. Error Code: 2

And I get these 2 whenever I click on scheduler settings and enable protection module:

An error has occurred. Please report this issue to our support team (include the content of all error message(s) and code(s) in your submission.

PROGRAM_ERROR_PROTECTION_MODULE (1068, 0, ProtectionInstall or ProtectionEnable)

The dependency service or group failed to start.

19:16:59.0622 3264 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05

19:17:00.0992 3264 ============================================================

19:17:00.0992 3264 Current date / time: 2012/04/11 19:17:00.0992

19:17:00.0992 3264 SystemInfo:

19:17:00.0992 3264

19:17:00.0992 3264 OS Version: 6.1.7601 ServicePack: 1.0

19:17:00.0992 3264 Product type: Workstation

19:17:00.0992 3264 ComputerName: OROAK-PC

19:17:00.0992 3264 UserName: O'Roak

19:17:00.0992 3264 Windows directory: C:\Windows

19:17:00.0992 3264 System windows directory: C:\Windows

19:17:00.0992 3264 Running under WOW64

19:17:00.0992 3264 Processor architecture: Intel x64

19:17:00.0992 3264 Number of processors: 2

19:17:00.0992 3264 Page size: 0x1000

19:17:00.0992 3264 Boot type: Normal boot

19:17:00.0992 3264 ============================================================

19:17:01.0874 3264 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:17:01.0914 3264 \Device\Harddisk0\DR0:

19:17:01.0914 3264 MBR used

19:17:01.0914 3264 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000

19:17:01.0914 3264 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x5570EEF0

19:17:01.0944 3264 Initialize success

19:17:01.0944 3264 ============================================================

19:17:53.0748 0724 ============================================================

19:17:53.0748 0724 Scan started

19:17:53.0748 0724 Mode: Manual; SigCheck; TDLFS;

19:17:53.0748 0724 ============================================================

19:17:56.0088 0724 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

19:17:56.0218 0724 1394ohci - ok

19:17:56.0268 0724 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

19:17:56.0288 0724 ACPI - ok

19:17:56.0308 0724 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

19:17:56.0348 0724 AcpiPmi - ok

19:17:56.0448 0724 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

19:17:56.0468 0724 AdobeARMservice - ok

19:17:56.0578 0724 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

19:17:56.0598 0724 AdobeFlashPlayerUpdateSvc - ok

19:17:56.0650 0724 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

19:17:56.0690 0724 adp94xx - ok

19:17:56.0700 0724 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

19:17:56.0720 0724 adpahci - ok

19:17:56.0730 0724 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

19:17:56.0740 0724 adpu320 - ok

19:17:56.0770 0724 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

19:17:56.0810 0724 AeLookupSvc - ok

19:17:56.0880 0724 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

19:17:56.0940 0724 AFD - ok

19:17:56.0970 0724 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

19:17:56.0990 0724 agp440 - ok

19:17:57.0010 0724 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

19:17:57.0040 0724 ALG - ok

19:17:57.0080 0724 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

19:17:57.0090 0724 aliide - ok

19:17:57.0110 0724 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

19:17:57.0120 0724 amdide - ok

19:17:57.0140 0724 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

19:17:57.0170 0724 AmdK8 - ok

19:17:57.0180 0724 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

19:17:57.0200 0724 AmdPPM - ok

19:17:57.0220 0724 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

19:17:57.0240 0724 amdsata - ok

19:17:57.0240 0724 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

19:17:57.0260 0724 amdsbs - ok

19:17:57.0280 0724 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

19:17:57.0290 0724 amdxata - ok

19:17:57.0390 0724 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

19:17:57.0470 0724 Amsp - ok

19:17:57.0500 0724 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

19:17:57.0550 0724 AppID - ok

19:17:57.0560 0724 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

19:17:57.0600 0724 AppIDSvc - ok

19:17:57.0630 0724 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

19:17:57.0670 0724 Appinfo - ok

19:17:57.0750 0724 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:17:57.0780 0724 Apple Mobile Device - ok

19:17:57.0830 0724 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

19:17:57.0870 0724 arc - ok

19:17:57.0900 0724 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

19:17:57.0910 0724 arcsas - ok

19:17:57.0950 0724 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

19:17:58.0000 0724 AsyncMac - ok

19:17:58.0070 0724 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

19:17:58.0100 0724 atapi - ok

19:17:58.0140 0724 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

19:17:58.0210 0724 AudioEndpointBuilder - ok

19:17:58.0230 0724 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

19:17:58.0270 0724 AudioSrv - ok

19:17:58.0310 0724 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

19:17:58.0340 0724 AxInstSV - ok

19:17:58.0380 0724 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

19:17:58.0410 0724 b06bdrv - ok

19:17:58.0430 0724 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

19:17:58.0460 0724 b57nd60a - ok

19:17:58.0500 0724 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

19:17:58.0550 0724 BDESVC - ok

19:17:58.0570 0724 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

19:17:58.0630 0724 Beep - ok

19:17:58.0680 0724 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

19:17:58.0730 0724 BFE - ok

19:17:58.0800 0724 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

19:17:58.0874 0724 BITS - ok

19:17:58.0908 0724 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

19:17:58.0922 0724 blbdrive - ok

19:17:58.0982 0724 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

19:17:58.0992 0724 Bonjour Service - ok

19:17:59.0032 0724 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

19:17:59.0062 0724 bowser - ok

19:17:59.0072 0724 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:17:59.0132 0724 BrFiltLo - ok

19:17:59.0152 0724 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:17:59.0182 0724 BrFiltUp - ok

19:17:59.0212 0724 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

19:17:59.0262 0724 Browser - ok

19:17:59.0282 0724 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

19:17:59.0312 0724 Brserid - ok

19:17:59.0332 0724 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

19:17:59.0362 0724 BrSerWdm - ok

19:17:59.0372 0724 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:17:59.0402 0724 BrUsbMdm - ok

19:17:59.0422 0724 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

19:17:59.0452 0724 BrUsbSer - ok

19:17:59.0462 0724 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

19:17:59.0482 0724 BTHMODEM - ok

19:17:59.0532 0724 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

19:17:59.0572 0724 bthserv - ok

19:17:59.0612 0724 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

19:17:59.0652 0724 cdfs - ok

19:17:59.0682 0724 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

19:17:59.0702 0724 cdrom - ok

19:17:59.0752 0724 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

19:17:59.0852 0724 CertPropSvc - ok

19:17:59.0872 0724 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

19:17:59.0892 0724 circlass - ok

19:17:59.0912 0724 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

19:17:59.0932 0724 CLFS - ok

19:17:59.0982 0724 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:17:59.0992 0724 clr_optimization_v2.0.50727_32 - ok

19:18:00.0022 0724 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

19:18:00.0042 0724 clr_optimization_v2.0.50727_64 - ok

19:18:00.0132 0724 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:18:00.0162 0724 clr_optimization_v4.0.30319_32 - ok

19:18:00.0202 0724 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

19:18:00.0212 0724 clr_optimization_v4.0.30319_64 - ok

19:18:00.0232 0724 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

19:18:00.0262 0724 CmBatt - ok

19:18:00.0302 0724 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

19:18:00.0312 0724 cmdide - ok

19:18:00.0362 0724 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

19:18:00.0392 0724 CNG - ok

19:18:00.0412 0724 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

19:18:00.0432 0724 Compbatt - ok

19:18:00.0442 0724 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

19:18:00.0472 0724 CompositeBus - ok

19:18:00.0482 0724 COMSysApp - ok

19:18:00.0542 0724 CorelCreatorMessages (7861e0bd7fba89d40dc76321613e7481) C:\Windows\system32\CorelCreatorMessages.exe

19:18:00.0562 0724 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - warning

19:18:00.0562 0724 CorelCreatorMessages - detected UnsignedFile.Multi.Generic (1)

19:18:00.0582 0724 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

19:18:00.0602 0724 crcdisk - ok

19:18:00.0651 0724 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

19:18:00.0694 0724 CryptSvc - ok

19:18:00.0774 0724 DAZContentManagementService (958ef96991abccfdac0953c4a24081dc) C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe

19:18:00.0794 0724 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - warning

19:18:00.0794 0724 DAZContentManagementService - detected UnsignedFile.Multi.Generic (1)

19:18:00.0854 0724 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

19:18:00.0924 0724 DcomLaunch - ok

19:18:00.0974 0724 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

19:18:01.0054 0724 defragsvc - ok

19:18:01.0094 0724 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

19:18:01.0134 0724 DfsC - ok

19:18:01.0154 0724 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

19:18:01.0194 0724 Dhcp - ok

19:18:01.0214 0724 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

19:18:01.0254 0724 discache - ok

19:18:01.0264 0724 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

19:18:01.0284 0724 Disk - ok

19:18:01.0314 0724 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

19:18:01.0374 0724 Dnscache - ok

19:18:01.0414 0724 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

19:18:01.0464 0724 dot3svc - ok

19:18:01.0494 0724 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

19:18:01.0534 0724 DPS - ok

19:18:01.0554 0724 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

19:18:01.0584 0724 drmkaud - ok

19:18:01.0614 0724 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

19:18:01.0644 0724 DXGKrnl - ok

19:18:01.0664 0724 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

19:18:01.0704 0724 EapHost - ok

19:18:01.0784 0724 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

19:18:01.0864 0724 ebdrv - ok

19:18:01.0904 0724 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

19:18:01.0924 0724 EFS - ok

19:18:01.0964 0724 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

19:18:01.0994 0724 ehRecvr - ok

19:18:02.0024 0724 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

19:18:02.0034 0724 ehSched - ok

19:18:02.0064 0724 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

19:18:02.0084 0724 elxstor - ok

19:18:02.0124 0724 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

19:18:02.0144 0724 ErrDev - ok

19:18:02.0174 0724 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

19:18:02.0224 0724 EventSystem - ok

19:18:02.0244 0724 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

19:18:02.0284 0724 exfat - ok

19:18:02.0314 0724 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

19:18:02.0354 0724 fastfat - ok

19:18:02.0384 0724 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

19:18:02.0414 0724 Fax - ok

19:18:02.0434 0724 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

19:18:02.0454 0724 fdc - ok

19:18:02.0484 0724 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

19:18:02.0524 0724 fdPHost - ok

19:18:02.0534 0724 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

19:18:02.0584 0724 FDResPub - ok

19:18:02.0604 0724 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

19:18:02.0614 0724 FileInfo - ok

19:18:02.0634 0724 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

19:18:02.0664 0724 Filetrace - ok

19:18:02.0684 0724 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

19:18:02.0764 0724 flpydisk - ok

19:18:02.0794 0724 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

19:18:02.0814 0724 FltMgr - ok

19:18:02.0844 0724 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

19:18:02.0894 0724 FontCache - ok

19:18:02.0936 0724 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:18:02.0956 0724 FontCache3.0.0.0 - ok

19:18:03.0018 0724 ForceWare Intelligent Application Manager (IAM) (a9ff65ea14e4cabfcc1bb8ece111a249) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

19:18:03.0038 0724 ForceWare Intelligent Application Manager (IAM) - ok

19:18:03.0048 0724 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

19:18:03.0068 0724 FsDepends - ok

19:18:03.0078 0724 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

19:18:03.0103 0724 Fs_Rec - ok

19:18:03.0130 0724 FTDIBUS (ed07200cff78facfb66ebb0b89f503a4) C:\Windows\system32\drivers\ftdibus.sys

19:18:03.0150 0724 FTDIBUS - ok

19:18:03.0181 0724 FTSER2K (9980e7584484a009e77e9bfa14c0c18a) C:\Windows\system32\drivers\ftser2k.sys

19:18:03.0202 0724 FTSER2K - ok

19:18:03.0232 0724 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

19:18:03.0252 0724 fvevol - ok

19:18:03.0272 0724 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

19:18:03.0292 0724 gagp30kx - ok

19:18:03.0352 0724 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

19:18:03.0372 0724 GEARAspiWDM - ok

19:18:03.0432 0724 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

19:18:03.0502 0724 gpsvc - ok

19:18:03.0572 0724 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe

19:18:03.0682 0724 Greg_Service - ok

19:18:03.0712 0724 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

19:18:03.0752 0724 hcw85cir - ok

19:18:03.0792 0724 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

19:18:03.0822 0724 HdAudAddService - ok

19:18:03.0862 0724 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

19:18:03.0882 0724 HDAudBus - ok

19:18:03.0902 0724 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

19:18:03.0932 0724 HidBatt - ok

19:18:03.0972 0724 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

19:18:04.0012 0724 HidBth - ok

19:18:04.0022 0724 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

19:18:04.0062 0724 HidIr - ok

19:18:04.0082 0724 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

19:18:04.0122 0724 hidserv - ok

19:18:04.0152 0724 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

19:18:04.0172 0724 HidUsb - ok

19:18:04.0252 0724 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

19:18:04.0332 0724 hkmsvc - ok

19:18:04.0372 0724 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

19:18:04.0402 0724 HomeGroupListener - ok

19:18:04.0442 0724 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

19:18:04.0462 0724 HomeGroupProvider - ok

19:18:04.0502 0724 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

19:18:04.0512 0724 HpSAMD - ok

19:18:04.0562 0724 hrfsmrx (b790afc0d0437ffd94126f06eb48e7e6) C:\Windows\System32\Drivers\hrfsmrx.sys

19:18:04.0602 0724 hrfsmrx - ok

19:18:04.0642 0724 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

19:18:04.0722 0724 HTTP - ok

19:18:04.0752 0724 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

19:18:04.0772 0724 hwpolicy - ok

19:18:04.0812 0724 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

19:18:04.0832 0724 i8042prt - ok

19:18:04.0862 0724 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

19:18:04.0882 0724 iaStorV - ok

19:18:04.0952 0724 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

19:18:05.0022 0724 idsvc - ok

19:18:05.0052 0724 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

19:18:05.0072 0724 iirsp - ok

19:18:05.0102 0724 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

19:18:05.0142 0724 IKEEXT - ok

19:18:05.0202 0724 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys

19:18:05.0272 0724 IntcAzAudAddService - ok

19:18:05.0292 0724 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

19:18:05.0302 0724 intelide - ok

19:18:05.0332 0724 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

19:18:05.0352 0724 intelppm - ok

19:18:05.0392 0724 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

19:18:05.0432 0724 IPBusEnum - ok

19:18:05.0462 0724 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:18:05.0512 0724 IpFilterDriver - ok

19:18:05.0572 0724 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

19:18:05.0682 0724 iphlpsvc - ok

19:18:05.0702 0724 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

19:18:05.0732 0724 IPMIDRV - ok

19:18:05.0742 0724 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

19:18:05.0792 0724 IPNAT - ok

19:18:05.0852 0724 iPod Service (fdf57f795098ab29af780824315c9859) C:\Program Files\iPod\bin\iPodService.exe

19:18:05.0892 0724 iPod Service - ok

19:18:05.0912 0724 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

19:18:05.0932 0724 IRENUM - ok

19:18:05.0952 0724 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

19:18:05.0962 0724 isapnp - ok

19:18:05.0982 0724 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

19:18:06.0002 0724 iScsiPrt - ok

19:18:06.0022 0724 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

19:18:06.0032 0724 kbdclass - ok

19:18:06.0042 0724 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

19:18:06.0062 0724 kbdhid - ok

19:18:06.0102 0724 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:18:06.0142 0724 KeyIso - ok

19:18:06.0162 0724 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

19:18:06.0182 0724 KSecDD - ok

19:18:06.0212 0724 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

19:18:06.0232 0724 KSecPkg - ok

19:18:06.0252 0724 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

19:18:06.0292 0724 ksthunk - ok

19:18:06.0312 0724 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

19:18:06.0352 0724 KtmRm - ok

19:18:06.0412 0724 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

19:18:06.0502 0724 LanmanServer - ok

19:18:06.0532 0724 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

19:18:06.0572 0724 LanmanWorkstation - ok

19:18:06.0662 0724 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys

19:18:06.0682 0724 Lavasoft Kernexplorer - ok

19:18:06.0722 0724 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

19:18:06.0772 0724 lltdio - ok

19:18:06.0792 0724 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

19:18:06.0842 0724 lltdsvc - ok

19:18:06.0862 0724 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

19:18:06.0892 0724 lmhosts - ok

19:18:06.0932 0724 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

19:18:06.0942 0724 LSI_FC - ok

19:18:06.0952 0724 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

19:18:06.0962 0724 LSI_SAS - ok

19:18:06.0972 0724 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:18:06.0992 0724 LSI_SAS2 - ok

19:18:07.0002 0724 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:18:07.0022 0724 LSI_SCSI - ok

19:18:07.0052 0724 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

19:18:07.0092 0724 luafv - ok

19:18:07.0112 0724 MBAMProtector - ok

19:18:07.0162 0724 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

19:18:07.0262 0724 MBAMService - ok

19:18:07.0302 0724 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

19:18:07.0322 0724 Mcx2Svc - ok

19:18:07.0332 0724 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

19:18:07.0352 0724 megasas - ok

19:18:07.0362 0724 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

19:18:07.0382 0724 MegaSR - ok

19:18:07.0402 0724 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

19:18:07.0452 0724 MMCSS - ok

19:18:07.0472 0724 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

19:18:07.0522 0724 Modem - ok

19:18:07.0542 0724 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

19:18:07.0572 0724 monitor - ok

19:18:07.0602 0724 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

19:18:07.0622 0724 mouclass - ok

19:18:07.0642 0724 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

19:18:07.0662 0724 mouhid - ok

19:18:07.0702 0724 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

19:18:07.0722 0724 mountmgr - ok

19:18:07.0742 0724 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

19:18:07.0752 0724 mpio - ok

19:18:07.0782 0724 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

19:18:07.0832 0724 mpsdrv - ok

19:18:07.0974 0724 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

19:18:08.0054 0724 MpsSvc - ok

19:18:08.0084 0724 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

19:18:08.0114 0724 MRxDAV - ok

19:18:08.0154 0724 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:18:08.0184 0724 mrxsmb - ok

19:18:08.0224 0724 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:18:08.0284 0724 mrxsmb10 - ok

19:18:08.0304 0724 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:18:08.0334 0724 mrxsmb20 - ok

19:18:08.0364 0724 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

19:18:08.0374 0724 msahci - ok

19:18:08.0414 0724 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

19:18:08.0424 0724 msdsm - ok

19:18:08.0464 0724 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

19:18:08.0524 0724 MSDTC - ok

19:18:08.0544 0724 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

19:18:08.0584 0724 Msfs - ok

19:18:08.0604 0724 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

19:18:08.0644 0724 mshidkmdf - ok

19:18:08.0654 0724 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

19:18:08.0664 0724 msisadrv - ok

19:18:08.0694 0724 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

19:18:08.0734 0724 MSiSCSI - ok

19:18:08.0744 0724 msiserver - ok

19:18:08.0774 0724 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

19:18:08.0824 0724 MSKSSRV - ok

19:18:08.0844 0724 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

19:18:08.0884 0724 MSPCLOCK - ok

19:18:08.0894 0724 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

19:18:08.0944 0724 MSPQM - ok

19:18:08.0984 0724 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

19:18:09.0004 0724 MsRPC - ok

19:18:09.0024 0724 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

19:18:09.0034 0724 mssmbios - ok

19:18:09.0054 0724 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

19:18:09.0094 0724 MSTEE - ok

19:18:09.0114 0724 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

19:18:09.0134 0724 MTConfig - ok

19:18:09.0144 0724 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

19:18:09.0154 0724 Mup - ok

19:18:09.0174 0724 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

19:18:09.0224 0724 napagent - ok

19:18:09.0254 0724 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

19:18:09.0284 0724 NativeWifiP - ok

19:18:09.0324 0724 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

19:18:09.0354 0724 NDIS - ok

19:18:09.0384 0724 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

19:18:09.0414 0724 NdisCap - ok

19:18:09.0444 0724 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

19:18:09.0474 0724 NdisTapi - ok

19:18:09.0514 0724 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

19:18:09.0574 0724 Ndisuio - ok

19:18:09.0614 0724 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

19:18:09.0664 0724 NdisWan - ok

19:18:09.0694 0724 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

19:18:09.0734 0724 NDProxy - ok

19:18:09.0804 0724 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

19:18:09.0824 0724 Nero BackItUp Scheduler 4.0 - ok

19:18:09.0854 0724 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

19:18:09.0894 0724 NetBIOS - ok

19:18:09.0934 0724 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

19:18:10.0014 0724 NetBT - ok

19:18:10.0054 0724 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:18:10.0094 0724 Netlogon - ok

19:18:10.0134 0724 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

19:18:10.0194 0724 Netman - ok

19:18:10.0214 0724 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

19:18:10.0264 0724 netprofm - ok

19:18:10.0294 0724 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:18:10.0324 0724 NetTcpPortSharing - ok

19:18:10.0344 0724 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

19:18:10.0364 0724 nfrd960 - ok

19:18:10.0474 0724 NielsenUpdate (c86e60ce7fea4e00891036b29344bc02) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe

19:18:10.0504 0724 NielsenUpdate - ok

19:18:10.0554 0724 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

19:18:10.0614 0724 NlaSvc - ok

19:18:10.0694 0724 nlsX86cc (23688f610a5a16dd8b4d93d2f7bd44f6) C:\Windows\SysWOW64\NLSSRV32.EXE

19:18:10.0724 0724 nlsX86cc - ok

19:18:10.0794 0724 nnfwdk (3cff736f1f581069a954f7dedb2dfbfa) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys

19:18:10.0834 0724 nnfwdk - ok

19:18:10.0864 0724 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

19:18:10.0904 0724 Npfs - ok

19:18:10.0934 0724 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

19:18:10.0984 0724 nsi - ok

19:18:10.0994 0724 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

19:18:11.0044 0724 nsiproxy - ok

19:18:11.0094 0724 nSvcIp (c04f5def37e55f6a34428b050f44d3d6) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

19:18:11.0124 0724 nSvcIp - ok

19:18:11.0194 0724 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

19:18:11.0264 0724 Ntfs - ok

19:18:11.0274 0724 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

19:18:11.0304 0724 Null - ok

19:18:11.0334 0724 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys

19:18:11.0374 0724 NVENETFD - ok

19:18:11.0604 0724 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys

19:18:11.0944 0724 nvlddmkm - ok

19:18:11.0984 0724 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\Windows\system32\DRIVERS\nvmf6264.sys

19:18:11.0994 0724 NVNET - ok

19:18:12.0044 0724 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

19:18:12.0054 0724 nvraid - ok

19:18:12.0074 0724 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

19:18:12.0094 0724 nvstor - ok

19:18:12.0124 0724 nvstor64 (7c7eef51979658ce15bbc04f96a77d56) C:\Windows\system32\DRIVERS\nvstor64.sys

19:18:12.0134 0724 nvstor64 - ok

19:18:12.0174 0724 nvsvc (43bc8151893ae6afe42e149d663c2221) C:\Windows\system32\nvvsvc.exe

19:18:12.0184 0724 nvsvc - ok

19:18:12.0214 0724 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

19:18:12.0224 0724 nv_agp - ok

19:18:12.0294 0724 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

19:18:12.0334 0724 odserv - ok

19:18:12.0374 0724 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

19:18:12.0404 0724 ohci1394 - ok

19:18:12.0614 0724 OnlineStorageService (a2d9f8d912d8c47425c8f9a726b6f2c3) C:\Program Files\Trend Micro SafeSync\hrfscore.exe

19:18:12.0714 0724 OnlineStorageService - ok

19:18:12.0764 0724 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:18:12.0784 0724 ose - ok

19:18:12.0804 0724 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

19:18:12.0844 0724 p2pimsvc - ok

19:18:12.0864 0724 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

19:18:12.0884 0724 p2psvc - ok

19:18:12.0914 0724 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

19:18:12.0934 0724 Parport - ok

19:18:12.0974 0724 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

19:18:13.0024 0724 partmgr - ok

19:18:13.0044 0724 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

19:18:13.0084 0724 PcaSvc - ok

19:18:13.0124 0724 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

19:18:13.0144 0724 pci - ok

19:18:13.0184 0724 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

19:18:13.0194 0724 pciide - ok

19:18:13.0214 0724 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

19:18:13.0234 0724 pcmcia - ok

19:18:13.0244 0724 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

19:18:13.0254 0724 pcw - ok

19:18:13.0284 0724 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

19:18:13.0334 0724 PEAUTH - ok

19:18:13.0374 0724 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

19:18:13.0404 0724 PerfHost - ok

19:18:13.0484 0724 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

19:18:13.0594 0724 pla - ok

19:18:13.0694 0724 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

19:18:13.0774 0724 PlugPlay - ok

19:18:13.0814 0724 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

19:18:13.0834 0724 PNRPAutoReg - ok

19:18:13.0874 0724 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

19:18:13.0904 0724 PNRPsvc - ok

19:18:14.0244 0724 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

19:18:14.0324 0724 PolicyAgent - ok

19:18:14.0354 0724 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

19:18:14.0394 0724 Power - ok

19:18:14.0424 0724 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

19:18:14.0474 0724 PptpMiniport - ok

19:18:14.0494 0724 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

19:18:14.0524 0724 Processor - ok

19:18:14.0554 0724 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

19:18:14.0604 0724 ProfSvc - ok

19:18:14.0634 0724 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:18:14.0654 0724 ProtectedStorage - ok

19:18:14.0684 0724 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

19:18:14.0714 0724 Psched - ok

19:18:14.0794 0724 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

19:18:14.0814 0724 PSI_SVC_2 - ok

19:18:14.0844 0724 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

19:18:14.0894 0724 ql2300 - ok

19:18:14.0904 0724 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

19:18:14.0924 0724 ql40xx - ok

19:18:14.0944 0724 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

19:18:14.0974 0724 QWAVE - ok

19:18:15.0004 0724 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

19:18:15.0024 0724 QWAVEdrv - ok

19:18:15.0044 0724 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

19:18:15.0084 0724 RasAcd - ok

19:18:15.0114 0724 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:18:15.0144 0724 RasAgileVpn - ok

19:18:15.0164 0724 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

19:18:15.0214 0724 RasAuto - ok

19:18:15.0244 0724 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:18:15.0294 0724 Rasl2tp - ok

19:18:15.0344 0724 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

19:18:15.0414 0724 RasMan - ok

19:18:15.0434 0724 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

19:18:15.0474 0724 RasPppoe - ok

19:18:15.0494 0724 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

19:18:15.0524 0724 RasSstp - ok

19:18:15.0564 0724 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

19:18:15.0604 0724 rdbss - ok

19:18:15.0624 0724 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

19:18:15.0644 0724 rdpbus - ok

19:18:15.0664 0724 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:18:15.0694 0724 RDPCDD - ok

19:18:15.0714 0724 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

19:18:15.0774 0724 RDPENCDD - ok

19:18:15.0784 0724 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

19:18:15.0814 0724 RDPREFMP - ok

19:18:15.0854 0724 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

19:18:15.0894 0724 RDPWD - ok

19:18:15.0934 0724 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

19:18:15.0974 0724 rdyboost - ok

19:18:16.0004 0724 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

19:18:16.0044 0724 RemoteAccess - ok

19:18:16.0074 0724 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

19:18:16.0114 0724 RemoteRegistry - ok

19:18:16.0144 0724 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

19:18:16.0184 0724 RpcEptMapper - ok

19:18:16.0194 0724 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

19:18:16.0234 0724 RpcLocator - ok

19:18:16.0284 0724 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

19:18:16.0324 0724 RpcSs - ok

19:18:16.0334 0724 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

19:18:16.0374 0724 rspndr - ok

19:18:16.0404 0724 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:18:16.0424 0724 SamSs - ok

19:18:16.0464 0724 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

19:18:16.0474 0724 sbp2port - ok

19:18:16.0524 0724 SBRE (fd833bee2fd9befdc0afd1941a306d9e) C:\Windows\system32\drivers\SBREdrv.sys

19:18:16.0544 0724 SBRE - ok

19:18:16.0564 0724 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

19:18:16.0604 0724 SCardSvr - ok

19:18:16.0644 0724 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

19:18:16.0684 0724 scfilter - ok

19:18:16.0724 0724 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

19:18:16.0804 0724 Schedule - ok

19:18:16.0844 0724 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

19:18:16.0874 0724 SCPolicySvc - ok

19:18:16.0904 0724 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

19:18:16.0934 0724 SDRSVC - ok

19:18:16.0964 0724 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

19:18:16.0994 0724 secdrv - ok

19:18:17.0014 0724 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

19:18:17.0054 0724 seclogon - ok

19:18:17.0094 0724 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

19:18:17.0124 0724 SENS - ok

19:18:17.0154 0724 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

19:18:17.0164 0724 SensrSvc - ok

19:18:17.0184 0724 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

19:18:17.0214 0724 Serenum - ok

19:18:17.0234 0724 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

19:18:17.0254 0724 Serial - ok

19:18:17.0304 0724 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

19:18:17.0324 0724 sermouse - ok

19:18:17.0364 0724 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

19:18:17.0404 0724 SessionEnv - ok

19:18:17.0424 0724 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

19:18:17.0454 0724 sffdisk - ok

19:18:17.0474 0724 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

19:18:17.0484 0724 sffp_mmc - ok

19:18:17.0494 0724 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

19:18:17.0534 0724 sffp_sd - ok

19:18:17.0544 0724 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

19:18:17.0564 0724 sfloppy - ok

19:18:17.0624 0724 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

19:18:17.0714 0724 SharedAccess - ok

19:18:17.0734 0724 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

19:18:17.0774 0724 ShellHWDetection - ok

19:18:17.0804 0724 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:18:17.0814 0724 SiSRaid2 - ok

19:18:17.0824 0724 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

19:18:17.0844 0724 SiSRaid4 - ok

19:18:17.0924 0724 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe

19:18:17.0944 0724 SkypeUpdate - ok

19:18:17.0964 0724 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

19:18:18.0004 0724 Smb - ok

19:18:18.0034 0724 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

19:18:18.0054 0724 SNMPTRAP - ok

19:18:18.0064 0724 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

19:18:18.0084 0724 spldr - ok

19:18:18.0104 0724 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

19:18:18.0144 0724 Spooler - ok

19:18:18.0244 0724 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

19:18:18.0324 0724 sppsvc - ok

19:18:18.0344 0724 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

19:18:18.0374 0724 sppuinotify - ok

19:18:18.0424 0724 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

19:18:18.0484 0724 srv - ok

19:18:18.0514 0724 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

19:18:18.0544 0724 srv2 - ok

19:18:18.0564 0724 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

19:18:18.0584 0724 srvnet - ok

19:18:18.0614 0724 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

19:18:18.0664 0724 SSDPSRV - ok

19:18:18.0674 0724 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

19:18:18.0714 0724 SstpSvc - ok

19:18:18.0734 0724 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

19:18:18.0744 0724 stexstor - ok

19:18:18.0794 0724 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

19:18:18.0824 0724 stisvc - ok

19:18:18.0864 0724 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

19:18:18.0874 0724 swenum - ok

19:18:18.0894 0724 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

19:18:18.0944 0724 swprv - ok

19:18:18.0994 0724 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

19:18:19.0074 0724 SysMain - ok

19:18:19.0104 0724 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

19:18:19.0124 0724 TabletInputService - ok

19:18:19.0144 0724 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

19:18:19.0184 0724 TapiSrv - ok

19:18:19.0204 0724 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

19:18:19.0244 0724 TBS - ok

19:18:19.0314 0724 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

19:18:19.0374 0724 Tcpip - ok

19:18:19.0414 0724 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

19:18:19.0454 0724 TCPIP6 - ok

19:18:19.0494 0724 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

19:18:19.0524 0724 tcpipreg - ok

19:18:19.0544 0724 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

19:18:19.0574 0724 TDPIPE - ok

19:18:19.0620 0724 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

19:18:19.0636 0724 TDTCP - ok

19:18:19.0676 0724 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

19:18:19.0706 0724 tdx - ok

19:18:19.0726 0724 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

19:18:19.0742 0724 TermDD - ok

19:18:19.0788 0724 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

19:18:19.0828 0724 TermService - ok

19:18:19.0848 0724 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

19:18:19.0878 0724 Themes - ok

19:18:19.0898 0724 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

19:18:19.0950 0724 THREADORDER - ok

19:18:19.0990 0724 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys

19:18:20.0010 0724 tmactmon - ok

19:18:20.0040 0724 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys

19:18:20.0060 0724 tmcomm - ok

19:18:20.0070 0724 tmeevw (1161f882b3cfa8076870a09924e0adc2) C:\Windows\system32\DRIVERS\tmeevw.sys

19:18:20.0080 0724 tmeevw - ok

19:18:20.0100 0724 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys

19:18:20.0110 0724 tmevtmgr - ok

19:18:20.0150 0724 tmnciesc (f0ae672ee91e7f1ef24644621b57ca7f) C:\Windows\system32\DRIVERS\tmnciesc.sys

19:18:20.0160 0724 tmnciesc - ok

19:18:20.0250 0724 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys

19:18:20.0287 0724 tmtdi - ok

19:18:20.0301 0724 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

19:18:20.0332 0724 TrkWks - ok

19:18:20.0372 0724 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

19:18:20.0442 0724 TrustedInstaller - ok

19:18:20.0482 0724 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:18:20.0522 0724 tssecsrv - ok

19:18:20.0582 0724 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

19:18:20.0622 0724 TsUsbFlt - ok

19:18:20.0672 0724 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

19:18:20.0742 0724 tunnel - ok

19:18:20.0762 0724 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

19:18:20.0782 0724 uagp35 - ok

19:18:20.0822 0724 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

19:18:20.0862 0724 udfs - ok

19:18:20.0882 0724 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

19:18:20.0902 0724 UI0Detect - ok

19:18:20.0952 0724 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

19:18:20.0982 0724 uliagpkx - ok

19:18:21.0002 0724 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

19:18:21.0032 0724 umbus - ok

19:18:21.0052 0724 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

19:18:21.0072 0724 UmPass - ok

19:18:21.0132 0724 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe

19:18:21.0142 0724 Updater Service - ok

19:18:21.0172 0724 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

19:18:21.0222 0724 upnphost - ok

19:18:21.0262 0724 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

19:18:21.0302 0724 usbaudio - ok

19:18:21.0332 0724 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

19:18:21.0382 0724 usbccgp - ok

19:18:21.0412 0724 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

19:18:21.0452 0724 usbcir - ok

19:18:21.0472 0724 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

19:18:21.0492 0724 usbehci - ok

19:18:21.0522 0724 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

19:18:21.0552 0724 usbhub - ok

19:18:21.0562 0724 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

19:18:21.0582 0724 usbohci - ok

19:18:21.0592 0724 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

19:18:21.0622 0724 usbprint - ok

19:18:21.0652 0724 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

19:18:21.0682 0724 usbscan - ok

19:18:21.0692 0724 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:18:21.0722 0724 USBSTOR - ok

19:18:21.0742 0724 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

19:18:21.0762 0724 usbuhci - ok

19:18:21.0792 0724 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

19:18:21.0812 0724 usbvideo - ok

19:18:21.0832 0724 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

19:18:21.0882 0724 UxSms - ok

19:18:21.0932 0724 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:18:21.0942 0724 VaultSvc - ok

19:18:21.0952 0724 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

19:18:21.0972 0724 vdrvroot - ok

19:18:22.0012 0724 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

19:18:22.0052 0724 vds - ok

19:18:22.0082 0724 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

19:18:22.0102 0724 vga - ok

19:18:22.0122 0724 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

19:18:22.0162 0724 VgaSave - ok

19:18:22.0192 0724 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

19:18:22.0202 0724 vhdmp - ok

19:18:22.0242 0724 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

19:18:22.0252 0724 viaide - ok

19:18:22.0272 0724 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

19:18:22.0292 0724 volmgr - ok

19:18:22.0322 0724 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

19:18:22.0342 0724 volmgrx - ok

19:18:22.0362 0724 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

19:18:22.0382 0724 volsnap - ok

19:18:22.0402 0724 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

19:18:22.0422 0724 vsmraid - ok

19:18:22.0472 0724 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

19:18:22.0522 0724 VSS - ok

19:18:22.0542 0724 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

19:18:22.0562 0724 vwifibus - ok

19:18:22.0602 0724 vzandnetdiag (81843561a47a00aa302bfb7c5b678126) C:\Windows\system32\DRIVERS\lgvzandnetdiag64.sys

19:18:22.0632 0724 vzandnetdiag - ok

19:18:22.0672 0724 vzandnetmodem (818ca779c2457f328335fa48d507ef07) C:\Windows\system32\DRIVERS\lgvzandnetmdm64.sys

19:18:22.0692 0724 vzandnetmodem - ok

19:18:22.0742 0724 vzandnetndis (2862f437e09e0ddb3a9772abc57f160d) C:\Windows\system32\DRIVERS\lgvzandnetndis64.sys

19:18:22.0782 0724 vzandnetndis - ok

19:18:22.0822 0724 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

19:18:22.0862 0724 W32Time - ok

19:18:22.0882 0724 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

19:18:22.0912 0724 WacomPen - ok

19:18:22.0962 0724 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

19:18:23.0042 0724 WANARP - ok

19:18:23.0042 0724 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

19:18:23.0082 0724 Wanarpv6 - ok

19:18:23.0152 0724 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

19:18:23.0212 0724 WatAdminSvc - ok

19:18:23.0282 0724 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

19:18:23.0362 0724 wbengine - ok

19:18:23.0392 0724 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

19:18:23.0412 0724 WbioSrvc - ok

19:18:23.0462 0724 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

19:18:23.0502 0724 wcncsvc - ok

19:18:23.0512 0724 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

19:18:23.0542 0724 WcsPlugInService - ok

19:18:23.0562 0724 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

19:18:23.0572 0724 Wd - ok

19:18:23.0602 0724 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

19:18:23.0622 0724 Wdf01000 - ok

19:18:23.0642 0724 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

19:18:23.0712 0724 WdiServiceHost - ok

19:18:23.0712 0724 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

19:18:23.0732 0724 WdiSystemHost - ok

19:18:23.0782 0724 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

19:18:23.0832 0724 WebClient - ok

19:18:23.0842 0724 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

19:18:23.0882 0724 Wecsvc - ok

19:18:23.0902 0724 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

19:18:23.0942 0724 wercplsupport - ok

19:18:23.0972 0724 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

19:18:24.0012 0724 WerSvc - ok

19:18:24.0032 0724 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

19:18:24.0062 0724 WfpLwf - ok

19:18:24.0092 0724 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

19:18:24.0102 0724 WIMMount - ok

19:18:24.0132 0724 WinDefend - ok

19:18:24.0142 0724 WinHttpAutoProxySvc - ok

19:18:24.0192 0724 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

19:18:24.0272 0724 Winmgmt - ok

19:18:24.0332 0724 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

19:18:24.0422 0724 WinRM - ok

19:18:24.0462 0724 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

19:18:24.0512 0724 Wlansvc - ok

19:18:24.0682 0724 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

19:18:24.0732 0724 wlidsvc - ok

19:18:24.0792 0724 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

19:18:24.0822 0724 WmiAcpi - ok

19:18:24.0852 0724 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

19:18:24.0872 0724 wmiApSrv - ok

19:18:24.0892 0724 WMPNetworkSvc - ok

19:18:24.0922 0724 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

19:18:24.0952 0724 WPCSvc - ok

19:18:24.0992 0724 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

19:18:25.0012 0724 WPDBusEnum - ok

19:18:25.0032 0724 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

19:18:25.0072 0724 ws2ifsl - ok

19:18:25.0092 0724 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

19:18:25.0192 0724 wscsvc - ok

19:18:25.0202 0724 WSearch - ok

19:18:25.0274 0724 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

19:18:25.0374 0724 wuauserv - ok

19:18:25.0404 0724 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

19:18:25.0454 0724 WudfPf - ok

19:18:25.0524 0724 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:18:25.0564 0724 WUDFRd - ok

19:18:25.0604 0724 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

19:18:25.0684 0724 wudfsvc - ok

19:18:25.0714 0724 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

19:18:25.0744 0724 WwanSvc - ok

19:18:25.0764 0724 MBR (0x1B8) (70e629b51c16b3c007730c6ae57144c9) \Device\Harddisk0\DR0

19:18:25.0804 0724 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected

19:18:25.0804 0724 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)

19:18:25.0914 0724 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

19:18:25.0914 0724 \Device\Harddisk0\DR0 - detected TDSS File System (1)

19:18:25.0944 0724 Boot (0x1200) (675ba951cd76f245a3d534b4b59972e1) \Device\Harddisk0\DR0\Partition0

19:18:25.0954 0724 \Device\Harddisk0\DR0\Partition0 - ok

19:18:25.0974 0724 Boot (0x1200) (9f0fb2c262b52f654cf00ceda579062f) \Device\Harddisk0\DR0\Partition1

19:18:25.0974 0724 \Device\Harddisk0\DR0\Partition1 - ok

19:18:25.0974 0724 ============================================================

19:18:25.0974 0724 Scan finished

19:18:25.0974 0724 ============================================================

19:18:25.0984 4716 Detected object count: 4

19:18:25.0984 4716 Actual detected object count: 4

19:23:48.0294 4716 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - skipped by user

19:23:48.0294 4716 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - User select action: Skip

19:23:48.0304 4716 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - skipped by user

19:23:48.0304 4716 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - User select action: Skip

19:23:51.0044 4716 \Device\Harddisk0\DR0\# - copied to quarantine

19:23:51.0054 4716 \Device\Harddisk0\DR0 - copied to quarantine

19:23:51.0144 4716 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine

19:23:51.0154 4716 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine

19:23:51.0164 4716 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine

19:23:51.0174 4716 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine

19:23:51.0174 4716 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine

19:23:51.0184 4716 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine

19:23:56.0866 4716 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine

19:23:58.0900 4716 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine

19:24:06.0368 4716 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine

19:24:14.0329 4716 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

19:24:19.0780 4716 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

19:24:26.0282 4716 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

19:24:32.0262 4716 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

19:24:32.0282 4716 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine

19:24:32.0292 4716 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine

19:24:32.0302 4716 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine

19:24:32.0312 4716 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine

19:24:32.0392 4716 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine

19:24:38.0138 4716 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine

19:24:38.0226 4716 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine

19:24:38.0308 4716 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine

19:24:38.0348 4716 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine

19:24:38.0378 4716 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine

19:24:38.0428 4716 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine

19:24:38.0478 4716 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot

19:24:38.0498 4716 \Device\Harddisk0\DR0 - ok

19:24:38.0888 4716 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure

19:24:38.0898 4716 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

19:24:38.0898 4716 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

19:25:33.0671 5068 Deinitialize success

LDTate · April 12, 2012

Reboot, run TDSSKiller again and fix these two.

19:24:38.0898 4716 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

19:24:38.0898 4716 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

moonlitelace · April 12, 2012

Neither one of them is showing up during the scan anymore. Originally when I did it, my virus protection blocked them from being opened.

16:37:14.0834 3184 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05

16:37:15.0006 3184 ============================================================

16:37:15.0006 3184 Current date / time: 2012/04/12 16:37:15.0006

16:37:15.0006 3184 SystemInfo:

16:37:15.0006 3184

16:37:15.0006 3184 OS Version: 6.1.7601 ServicePack: 1.0

16:37:15.0006 3184 Product type: Workstation

16:37:15.0006 3184 ComputerName: OROAK-PC

16:37:15.0006 3184 UserName: O'Roak

16:37:15.0006 3184 Windows directory: C:\Windows

16:37:15.0006 3184 System windows directory: C:\Windows

16:37:15.0006 3184 Running under WOW64

16:37:15.0006 3184 Processor architecture: Intel x64

16:37:15.0006 3184 Number of processors: 2

16:37:15.0006 3184 Page size: 0x1000

16:37:15.0006 3184 Boot type: Normal boot

16:37:15.0006 3184 ============================================================

16:37:16.0020 3184 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:37:16.0067 3184 \Device\Harddisk0\DR0:

16:37:16.0082 3184 MBR used

16:37:16.0082 3184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000

16:37:16.0082 3184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x5570EEF0

16:37:16.0114 3184 Initialize success

16:37:16.0114 3184 ============================================================

16:37:21.0355 3396 ============================================================

16:37:21.0355 3396 Scan started

16:37:21.0355 3396 Mode: Manual; SigCheck; TDLFS;

16:37:21.0355 3396 ============================================================

16:37:31.0230 3396 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

16:37:31.0402 3396 1394ohci - ok

16:37:31.0495 3396 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

16:37:31.0511 3396 ACPI - ok

16:37:31.0573 3396 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

16:37:31.0901 3396 AcpiPmi - ok

16:37:32.0010 3396 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:37:32.0010 3396 AdobeARMservice - ok

16:37:32.0135 3396 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

16:37:32.0166 3396 AdobeFlashPlayerUpdateSvc - ok

16:37:32.0228 3396 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

16:37:32.0244 3396 adp94xx - ok

16:37:32.0275 3396 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

16:37:32.0291 3396 adpahci - ok

16:37:32.0306 3396 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

16:37:32.0322 3396 adpu320 - ok

16:37:32.0353 3396 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

16:37:32.0447 3396 AeLookupSvc - ok

16:37:32.0509 3396 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

16:37:32.0556 3396 AFD - ok

16:37:32.0587 3396 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

16:37:32.0603 3396 agp440 - ok

16:37:32.0634 3396 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

16:37:32.0821 3396 ALG - ok

16:37:32.0837 3396 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

16:37:32.0852 3396 aliide - ok

16:37:32.0884 3396 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

16:37:32.0899 3396 amdide - ok

16:37:32.0930 3396 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

16:37:32.0962 3396 AmdK8 - ok

16:37:32.0962 3396 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

16:37:32.0993 3396 AmdPPM - ok

16:37:33.0040 3396 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

16:37:33.0055 3396 amdsata - ok

16:37:33.0086 3396 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

16:37:33.0102 3396 amdsbs - ok

16:37:33.0133 3396 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

16:37:33.0133 3396 amdxata - ok

16:37:33.0211 3396 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

16:37:33.0305 3396 Amsp - ok

16:37:33.0352 3396 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

16:37:33.0523 3396 AppID - ok

16:37:33.0554 3396 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

16:37:33.0617 3396 AppIDSvc - ok

16:37:33.0648 3396 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

16:37:33.0695 3396 Appinfo - ok

16:37:33.0835 3396 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:37:33.0835 3396 Apple Mobile Device - ok

16:37:33.0898 3396 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

16:37:33.0898 3396 arc - ok

16:37:33.0929 3396 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

16:37:33.0944 3396 arcsas - ok

16:37:33.0976 3396 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:37:34.0022 3396 AsyncMac - ok

16:37:34.0116 3396 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

16:37:34.0116 3396 atapi - ok

16:37:34.0288 3396 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

16:37:34.0366 3396 AudioEndpointBuilder - ok

16:37:34.0397 3396 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

16:37:34.0428 3396 AudioSrv - ok

16:37:34.0506 3396 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

16:37:34.0646 3396 AxInstSV - ok

16:37:34.0693 3396 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

16:37:34.0740 3396 b06bdrv - ok

16:37:34.0849 3396 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:37:34.0896 3396 b57nd60a - ok

16:37:34.0958 3396 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

16:37:34.0990 3396 BDESVC - ok

16:37:35.0036 3396 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:37:35.0083 3396 Beep - ok

16:37:35.0146 3396 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

16:37:35.0208 3396 BFE - ok

16:37:35.0302 3396 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

16:37:35.0380 3396 BITS - ok

16:37:35.0395 3396 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:37:35.0426 3396 blbdrive - ok

16:37:35.0551 3396 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

16:37:35.0567 3396 Bonjour Service - ok

16:37:35.0660 3396 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

16:37:35.0676 3396 bowser - ok

16:37:35.0738 3396 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:37:35.0957 3396 BrFiltLo - ok

16:37:36.0050 3396 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:37:36.0113 3396 BrFiltUp - ok

16:37:36.0222 3396 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

16:37:36.0300 3396 Browser - ok

16:37:36.0440 3396 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:37:36.0565 3396 Brserid - ok

16:37:36.0690 3396 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:37:36.0752 3396 BrSerWdm - ok

16:37:36.0955 3396 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:37:37.0002 3396 BrUsbMdm - ok

16:37:37.0298 3396 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:37:37.0361 3396 BrUsbSer - ok

16:37:37.0657 3396 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

16:37:37.0704 3396 BTHMODEM - ok

16:37:37.0766 3396 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

16:37:37.0798 3396 bthserv - ok

16:37:38.0016 3396 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:37:38.0063 3396 cdfs - ok

16:37:38.0141 3396 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

16:37:38.0172 3396 cdrom - ok

16:37:38.0281 3396 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

16:37:38.0344 3396 CertPropSvc - ok

16:37:38.0422 3396 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

16:37:38.0437 3396 circlass - ok

16:37:38.0624 3396 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:37:38.0640 3396 CLFS - ok

16:37:38.0734 3396 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:37:38.0749 3396 clr_optimization_v2.0.50727_32 - ok

16:37:38.0843 3396 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:37:38.0858 3396 clr_optimization_v2.0.50727_64 - ok

16:37:38.0983 3396 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:37:39.0139 3396 clr_optimization_v4.0.30319_32 - ok

16:37:39.0326 3396 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:37:39.0436 3396 clr_optimization_v4.0.30319_64 - ok

16:37:39.0607 3396 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

16:37:39.0623 3396 CmBatt - ok

16:37:39.0716 3396 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

16:37:39.0732 3396 cmdide - ok

16:37:39.0982 3396 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

16:37:40.0044 3396 CNG - ok

16:37:40.0138 3396 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

16:37:40.0153 3396 Compbatt - ok

16:37:40.0262 3396 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

16:37:40.0294 3396 CompositeBus - ok

16:37:40.0606 3396 COMSysApp - ok

16:37:40.0855 3396 CorelCreatorMessages (7861e0bd7fba89d40dc76321613e7481) C:\Windows\system32\CorelCreatorMessages.exe

16:37:40.0980 3396 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - warning

16:37:40.0980 3396 CorelCreatorMessages - detected UnsignedFile.Multi.Generic (1)

16:37:41.0152 3396 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

16:37:41.0183 3396 crcdisk - ok

16:37:41.0432 3396 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

16:37:41.0526 3396 CryptSvc - ok

16:37:41.0791 3396 DAZContentManagementService (958ef96991abccfdac0953c4a24081dc) C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe

16:37:41.0854 3396 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - warning

16:37:41.0854 3396 DAZContentManagementService - detected UnsignedFile.Multi.Generic (1)

16:37:42.0275 3396 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

16:37:42.0415 3396 DcomLaunch - ok

16:37:42.0602 3396 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

16:37:42.0727 3396 defragsvc - ok

16:37:42.0930 3396 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

16:37:43.0039 3396 DfsC - ok

16:37:43.0226 3396 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

16:37:43.0336 3396 Dhcp - ok

16:37:43.0554 3396 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:37:43.0648 3396 discache - ok

16:37:43.0835 3396 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

16:37:43.0866 3396 Disk - ok

16:37:43.0928 3396 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

16:37:44.0084 3396 Dnscache - ok

16:37:44.0225 3396 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

16:37:44.0412 3396 dot3svc - ok

16:37:44.0521 3396 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

16:37:44.0599 3396 DPS - ok

16:37:44.0755 3396 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:37:44.0818 3396 drmkaud - ok

16:37:44.0989 3396 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

16:37:45.0036 3396 DXGKrnl - ok

16:37:45.0208 3396 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

16:37:45.0332 3396 EapHost - ok

16:37:45.0816 3396 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

16:37:45.0925 3396 ebdrv - ok

16:37:46.0019 3396 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

16:37:46.0144 3396 EFS - ok

16:37:46.0300 3396 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

16:37:46.0471 3396 ehRecvr - ok

16:37:46.0549 3396 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

16:37:46.0627 3396 ehSched - ok

16:37:46.0783 3396 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

16:37:46.0830 3396 elxstor - ok

16:37:46.0924 3396 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

16:37:46.0986 3396 ErrDev - ok

16:37:47.0095 3396 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

16:37:47.0173 3396 EventSystem - ok

16:37:47.0220 3396 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:37:47.0267 3396 exfat - ok

16:37:47.0314 3396 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:37:47.0376 3396 fastfat - ok

16:37:47.0563 3396 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

16:37:47.0641 3396 Fax - ok

16:37:47.0688 3396 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

16:37:47.0750 3396 fdc - ok

16:37:47.0797 3396 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

16:37:47.0860 3396 fdPHost - ok

16:37:47.0891 3396 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

16:37:47.0953 3396 FDResPub - ok

16:37:48.0016 3396 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:37:48.0062 3396 FileInfo - ok

16:37:48.0109 3396 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:37:48.0203 3396 Filetrace - ok

16:37:48.0265 3396 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

16:37:48.0312 3396 flpydisk - ok

16:37:48.0406 3396 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

16:37:48.0437 3396 FltMgr - ok

16:37:48.0593 3396 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

16:37:48.0733 3396 FontCache - ok

16:37:48.0858 3396 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:37:48.0874 3396 FontCache3.0.0.0 - ok

16:37:49.0014 3396 ForceWare Intelligent Application Manager (IAM) (a9ff65ea14e4cabfcc1bb8ece111a249) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

16:37:49.0076 3396 ForceWare Intelligent Application Manager (IAM) - ok

16:37:49.0201 3396 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:37:49.0232 3396 FsDepends - ok

16:37:49.0295 3396 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

16:37:49.0326 3396 Fs_Rec - ok

16:37:49.0404 3396 FTDIBUS (ed07200cff78facfb66ebb0b89f503a4) C:\Windows\system32\drivers\ftdibus.sys

16:37:49.0404 3396 FTDIBUS - ok

16:37:49.0529 3396 FTSER2K (9980e7584484a009e77e9bfa14c0c18a) C:\Windows\system32\drivers\ftser2k.sys

16:37:49.0576 3396 FTSER2K - ok

16:37:49.0685 3396 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:37:49.0716 3396 fvevol - ok

16:37:49.0763 3396 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

16:37:49.0778 3396 gagp30kx - ok

16:37:49.0919 3396 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:37:49.0934 3396 GEARAspiWDM - ok

16:37:49.0997 3396 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

16:37:50.0106 3396 gpsvc - ok

16:37:50.0324 3396 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe

16:37:50.0402 3396 Greg_Service - ok

16:37:50.0543 3396 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:37:50.0605 3396 hcw85cir - ok

16:37:50.0714 3396 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

16:37:50.0777 3396 HdAudAddService - ok

16:37:50.0824 3396 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

16:37:50.0902 3396 HDAudBus - ok

16:37:50.0964 3396 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

16:37:51.0026 3396 HidBatt - ok

16:37:51.0104 3396 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

16:37:51.0182 3396 HidBth - ok

16:37:51.0260 3396 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

16:37:51.0323 3396 HidIr - ok

16:37:51.0385 3396 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

16:37:51.0479 3396 hidserv - ok

16:37:51.0572 3396 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

16:37:51.0604 3396 HidUsb - ok

16:37:51.0666 3396 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

16:37:51.0760 3396 hkmsvc - ok

16:37:51.0791 3396 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

16:37:51.0884 3396 HomeGroupListener - ok

16:37:51.0978 3396 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

16:37:52.0040 3396 HomeGroupProvider - ok

16:37:52.0118 3396 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

16:37:52.0150 3396 HpSAMD - ok

16:37:52.0259 3396 hrfsmrx (b790afc0d0437ffd94126f06eb48e7e6) C:\Windows\System32\Drivers\hrfsmrx.sys

16:37:52.0274 3396 hrfsmrx - ok

16:37:52.0368 3396 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

16:37:52.0446 3396 HTTP - ok

16:37:52.0493 3396 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

16:37:52.0524 3396 hwpolicy - ok

16:37:52.0602 3396 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

16:37:52.0618 3396 i8042prt - ok

16:37:52.0696 3396 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

16:37:52.0727 3396 iaStorV - ok

16:37:52.0883 3396 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:37:52.0992 3396 idsvc - ok

16:37:53.0023 3396 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

16:37:53.0039 3396 iirsp - ok

16:37:53.0164 3396 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

16:37:53.0257 3396 IKEEXT - ok

16:37:53.0429 3396 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys

16:37:53.0460 3396 IntcAzAudAddService - ok

16:37:53.0522 3396 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

16:37:53.0522 3396 intelide - ok

16:37:53.0632 3396 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:37:53.0678 3396 intelppm - ok

16:37:53.0725 3396 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

16:37:53.0834 3396 IPBusEnum - ok

16:37:53.0897 3396 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:37:53.0975 3396 IpFilterDriver - ok

16:37:54.0100 3396 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

16:37:54.0162 3396 iphlpsvc - ok

16:37:54.0224 3396 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

16:37:54.0271 3396 IPMIDRV - ok

16:37:54.0443 3396 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:37:54.0521 3396 IPNAT - ok

16:37:54.0739 3396 iPod Service (fdf57f795098ab29af780824315c9859) C:\Program Files\iPod\bin\iPodService.exe

16:37:54.0817 3396 iPod Service - ok

16:37:54.0989 3396 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:37:55.0145 3396 IRENUM - ok

16:37:55.0207 3396 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

16:37:55.0238 3396 isapnp - ok

16:37:55.0348 3396 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

16:37:55.0394 3396 iScsiPrt - ok

16:37:55.0504 3396 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

16:37:55.0519 3396 kbdclass - ok

16:37:55.0628 3396 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

16:37:55.0644 3396 kbdhid - ok

16:37:55.0691 3396 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:37:55.0706 3396 KeyIso - ok

16:37:55.0722 3396 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

16:37:55.0753 3396 KSecDD - ok

16:37:55.0816 3396 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

16:37:55.0847 3396 KSecPkg - ok

16:37:55.0972 3396 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:37:56.0065 3396 ksthunk - ok

16:37:56.0190 3396 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

16:37:56.0299 3396 KtmRm - ok

16:37:56.0455 3396 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

16:37:56.0549 3396 LanmanServer - ok

16:37:56.0720 3396 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

16:37:56.0830 3396 LanmanWorkstation - ok

16:37:57.0032 3396 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys

16:37:57.0095 3396 Lavasoft Kernexplorer - ok

16:37:57.0204 3396 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:37:57.0266 3396 lltdio - ok

16:37:57.0391 3396 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

16:37:57.0469 3396 lltdsvc - ok

16:37:57.0532 3396 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

16:37:57.0625 3396 lmhosts - ok

16:37:57.0750 3396 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

16:37:57.0781 3396 LSI_FC - ok

16:37:57.0812 3396 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

16:37:57.0844 3396 LSI_SAS - ok

16:37:57.0890 3396 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:37:57.0890 3396 LSI_SAS2 - ok

16:37:58.0000 3396 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:37:58.0031 3396 LSI_SCSI - ok

16:37:58.0062 3396 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:37:58.0156 3396 luafv - ok

16:37:58.0234 3396 MBAMProtector - ok

16:37:58.0436 3396 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

16:37:58.0483 3396 MBAMService - ok

16:37:58.0546 3396 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

16:37:58.0608 3396 Mcx2Svc - ok

16:37:58.0655 3396 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

16:37:58.0686 3396 megasas - ok

16:37:58.0795 3396 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

16:37:58.0842 3396 MegaSR - ok

16:37:59.0014 3396 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

16:37:59.0076 3396 MMCSS - ok

16:37:59.0263 3396 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:37:59.0372 3396 Modem - ok

16:37:59.0513 3396 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:37:59.0575 3396 monitor - ok

16:37:59.0700 3396 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

16:37:59.0731 3396 mouclass - ok

16:37:59.0918 3396 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:37:59.0981 3396 mouhid - ok

16:38:00.0028 3396 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

16:38:00.0074 3396 mountmgr - ok

16:38:00.0152 3396 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

16:38:00.0184 3396 mpio - ok

16:38:00.0215 3396 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:38:00.0246 3396 mpsdrv - ok

16:38:00.0355 3396 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

16:38:00.0433 3396 MpsSvc - ok

16:38:00.0542 3396 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

16:38:00.0605 3396 MRxDAV - ok

16:38:00.0698 3396 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:38:00.0792 3396 mrxsmb - ok

16:38:00.0948 3396 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:38:01.0010 3396 mrxsmb10 - ok

16:38:01.0135 3396 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:38:01.0166 3396 mrxsmb20 - ok

16:38:01.0260 3396 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

16:38:01.0307 3396 msahci - ok

16:38:01.0432 3396 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

16:38:01.0478 3396 msdsm - ok

16:38:01.0572 3396 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

16:38:01.0619 3396 MSDTC - ok

16:38:01.0900 3396 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:38:01.0978 3396 Msfs - ok

16:38:02.0149 3396 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:38:02.0227 3396 mshidkmdf - ok

16:38:02.0383 3396 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

16:38:02.0414 3396 msisadrv - ok

16:38:02.0524 3396 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

16:38:02.0617 3396 MSiSCSI - ok

16:38:02.0695 3396 msiserver - ok

16:38:02.0804 3396 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:38:02.0882 3396 MSKSSRV - ok

16:38:02.0914 3396 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:38:03.0007 3396 MSPCLOCK - ok

16:38:03.0038 3396 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:38:03.0101 3396 MSPQM - ok

16:38:03.0179 3396 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

16:38:03.0226 3396 MsRPC - ok

16:38:03.0272 3396 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

16:38:03.0288 3396 mssmbios - ok

16:38:03.0350 3396 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:38:03.0428 3396 MSTEE - ok

16:38:03.0491 3396 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

16:38:03.0538 3396 MTConfig - ok

16:38:03.0600 3396 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:38:03.0616 3396 Mup - ok

16:38:03.0709 3396 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

16:38:03.0787 3396 napagent - ok

16:38:03.0912 3396 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:38:03.0959 3396 NativeWifiP - ok

16:38:04.0084 3396 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

16:38:04.0146 3396 NDIS - ok

16:38:04.0224 3396 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:38:04.0302 3396 NdisCap - ok

16:38:04.0396 3396 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:38:04.0458 3396 NdisTapi - ok

16:38:04.0536 3396 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

16:38:04.0614 3396 Ndisuio - ok

16:38:04.0645 3396 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

16:38:04.0692 3396 NdisWan - ok

16:38:04.0770 3396 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

16:38:04.0832 3396 NDProxy - ok

16:38:04.0973 3396 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

16:38:05.0051 3396 Nero BackItUp Scheduler 4.0 - ok

16:38:05.0144 3396 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:38:05.0238 3396 NetBIOS - ok

16:38:05.0300 3396 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

16:38:05.0394 3396 NetBT - ok

16:38:05.0456 3396 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:38:05.0488 3396 Netlogon - ok

16:38:05.0534 3396 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

16:38:05.0628 3396 Netman - ok

16:38:05.0690 3396 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

16:38:05.0768 3396 netprofm - ok

16:38:05.0878 3396 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:38:05.0909 3396 NetTcpPortSharing - ok

16:38:06.0018 3396 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

16:38:06.0034 3396 nfrd960 - ok

16:38:06.0190 3396 NielsenUpdate (c86e60ce7fea4e00891036b29344bc02) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe

16:38:06.0236 3396 NielsenUpdate - ok

16:38:06.0377 3396 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

16:38:06.0455 3396 NlaSvc - ok

16:38:06.0611 3396 nlsX86cc (23688f610a5a16dd8b4d93d2f7bd44f6) C:\Windows\SysWOW64\NLSSRV32.EXE

16:38:06.0642 3396 nlsX86cc - ok

16:38:06.0767 3396 nnfwdk (3cff736f1f581069a954f7dedb2dfbfa) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys

16:38:06.0798 3396 nnfwdk - ok

16:38:06.0876 3396 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:38:06.0938 3396 Npfs - ok

16:38:07.0250 3396 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

16:38:07.0328 3396 nsi - ok

16:38:07.0391 3396 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:38:07.0453 3396 nsiproxy - ok

16:38:07.0578 3396 nSvcIp (c04f5def37e55f6a34428b050f44d3d6) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

16:38:07.0594 3396 nSvcIp - ok

16:38:07.0781 3396 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

16:38:07.0843 3396 Ntfs - ok

16:38:07.0890 3396 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:38:07.0921 3396 Null - ok

16:38:07.0984 3396 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys

16:38:08.0030 3396 NVENETFD - ok

16:38:08.0514 3396 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys

16:38:08.0686 3396 nvlddmkm - ok

16:38:08.0810 3396 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\Windows\system32\DRIVERS\nvmf6264.sys

16:38:08.0826 3396 NVNET - ok

16:38:08.0920 3396 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

16:38:08.0951 3396 nvraid - ok

16:38:08.0998 3396 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

16:38:09.0029 3396 nvstor - ok

16:38:09.0154 3396 nvstor64 (7c7eef51979658ce15bbc04f96a77d56) C:\Windows\system32\DRIVERS\nvstor64.sys

16:38:09.0154 3396 nvstor64 - ok

16:38:09.0200 3396 nvsvc (43bc8151893ae6afe42e149d663c2221) C:\Windows\system32\nvvsvc.exe

16:38:09.0216 3396 nvsvc - ok

16:38:09.0232 3396 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

16:38:09.0247 3396 nv_agp - ok

16:38:09.0466 3396 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

16:38:09.0497 3396 odserv - ok

16:38:09.0528 3396 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

16:38:09.0559 3396 ohci1394 - ok

16:38:09.0840 3396 OnlineStorageService (a2d9f8d912d8c47425c8f9a726b6f2c3) C:\Program Files\Trend Micro SafeSync\hrfscore.exe

16:38:10.0043 3396 OnlineStorageService - ok

16:38:10.0152 3396 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:38:10.0183 3396 ose - ok

16:38:10.0261 3396 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

16:38:10.0292 3396 p2pimsvc - ok

16:38:10.0339 3396 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

16:38:10.0355 3396 p2psvc - ok

16:38:10.0386 3396 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

16:38:10.0402 3396 Parport - ok

16:38:10.0433 3396 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

16:38:10.0448 3396 partmgr - ok

16:38:10.0480 3396 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

16:38:10.0495 3396 PcaSvc - ok

16:38:10.0542 3396 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

16:38:10.0558 3396 pci - ok

16:38:10.0604 3396 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

16:38:10.0604 3396 pciide - ok

16:38:10.0636 3396 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

16:38:10.0651 3396 pcmcia - ok

16:38:10.0682 3396 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:38:10.0682 3396 pcw - ok

16:38:10.0714 3396 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:38:10.0760 3396 PEAUTH - ok

16:38:10.0807 3396 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

16:38:10.0823 3396 PerfHost - ok

16:38:10.0901 3396 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

16:38:10.0948 3396 pla - ok

16:38:11.0010 3396 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

16:38:11.0041 3396 PlugPlay - ok

16:38:11.0057 3396 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

16:38:11.0072 3396 PNRPAutoReg - ok

16:38:11.0088 3396 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

16:38:11.0104 3396 PNRPsvc - ok

16:38:11.0135 3396 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

16:38:11.0182 3396 PolicyAgent - ok

16:38:11.0244 3396 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

16:38:11.0291 3396 Power - ok

16:38:11.0353 3396 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

16:38:11.0400 3396 PptpMiniport - ok

16:38:11.0462 3396 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

16:38:11.0494 3396 Processor - ok

16:38:11.0540 3396 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

16:38:11.0587 3396 ProfSvc - ok

16:38:11.0650 3396 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:38:11.0650 3396 ProtectedStorage - ok

16:38:11.0728 3396 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

16:38:11.0806 3396 Psched - ok

16:38:11.0930 3396 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

16:38:11.0946 3396 PSI_SVC_2 - ok

16:38:12.0086 3396 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

16:38:12.0164 3396 ql2300 - ok

16:38:12.0196 3396 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

16:38:12.0196 3396 ql40xx - ok

16:38:12.0242 3396 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

16:38:12.0274 3396 QWAVE - ok

16:38:12.0305 3396 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:38:12.0352 3396 QWAVEdrv - ok

16:38:12.0445 3396 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:38:12.0492 3396 RasAcd - ok

16:38:12.0882 3396 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:38:12.0913 3396 RasAgileVpn - ok

16:38:12.0976 3396 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

16:38:13.0054 3396 RasAuto - ok

16:38:13.0490 3396 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:38:13.0568 3396 Rasl2tp - ok

16:38:13.0600 3396 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

16:38:13.0646 3396 RasMan - ok

16:38:13.0678 3396 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:38:13.0709 3396 RasPppoe - ok

16:38:13.0724 3396 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:38:13.0756 3396 RasSstp - ok

16:38:13.0818 3396 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

16:38:13.0880 3396 rdbss - ok

16:38:13.0943 3396 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

16:38:13.0974 3396 rdpbus - ok

16:38:14.0005 3396 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:38:14.0036 3396 RDPCDD - ok

16:38:14.0099 3396 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:38:14.0146 3396 RDPENCDD - ok

16:38:14.0177 3396 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:38:14.0208 3396 RDPREFMP - ok

16:38:14.0255 3396 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

16:38:14.0302 3396 RDPWD - ok

16:38:14.0333 3396 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

16:38:14.0348 3396 rdyboost - ok

16:38:14.0458 3396 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

16:38:14.0536 3396 RemoteAccess - ok

16:38:14.0645 3396 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

16:38:14.0754 3396 RemoteRegistry - ok

16:38:14.0832 3396 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

16:38:14.0894 3396 RpcEptMapper - ok

16:38:14.0926 3396 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

16:38:14.0941 3396 RpcLocator - ok

16:38:14.0988 3396 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

16:38:15.0035 3396 RpcSs - ok

16:38:15.0097 3396 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:38:15.0160 3396 rspndr - ok

16:38:15.0206 3396 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:38:15.0222 3396 SamSs - ok

16:38:15.0284 3396 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

16:38:15.0284 3396 sbp2port - ok

16:38:15.0362 3396 SBRE (fd833bee2fd9befdc0afd1941a306d9e) C:\Windows\system32\drivers\SBREdrv.sys

16:38:15.0394 3396 SBRE - ok

16:38:15.0425 3396 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

16:38:15.0472 3396 SCardSvr - ok

16:38:15.0518 3396 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

16:38:15.0596 3396 scfilter - ok

16:38:15.0674 3396 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

16:38:15.0784 3396 Schedule - ok

16:38:15.0830 3396 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

16:38:15.0862 3396 SCPolicySvc - ok

16:38:15.0893 3396 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

16:38:15.0955 3396 SDRSVC - ok

16:38:16.0018 3396 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:38:16.0049 3396 secdrv - ok

16:38:16.0096 3396 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

16:38:16.0127 3396 seclogon - ok

16:38:16.0189 3396 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

16:38:16.0252 3396 SENS - ok

16:38:16.0298 3396 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

16:38:16.0314 3396 SensrSvc - ok

16:38:16.0361 3396 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

16:38:16.0408 3396 Serenum - ok

16:38:16.0470 3396 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

16:38:16.0501 3396 Serial - ok

16:38:16.0579 3396 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

16:38:16.0595 3396 sermouse - ok

16:38:16.0688 3396 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

16:38:16.0782 3396 SessionEnv - ok

16:38:16.0829 3396 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

16:38:16.0844 3396 sffdisk - ok

16:38:16.0860 3396 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

16:38:16.0891 3396 sffp_mmc - ok

16:38:16.0922 3396 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

16:38:16.0954 3396 sffp_sd - ok

16:38:16.0985 3396 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

16:38:17.0000 3396 sfloppy - ok

16:38:17.0078 3396 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

16:38:17.0172 3396 SharedAccess - ok

16:38:17.0219 3396 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

16:38:17.0266 3396 ShellHWDetection - ok

16:38:17.0344 3396 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:38:17.0375 3396 SiSRaid2 - ok

16:38:17.0406 3396 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

16:38:17.0422 3396 SiSRaid4 - ok

16:38:17.0546 3396 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe

16:38:17.0562 3396 SkypeUpdate - ok

16:38:17.0593 3396 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:38:17.0640 3396 Smb - ok

16:38:17.0671 3396 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

16:38:17.0702 3396 SNMPTRAP - ok

16:38:17.0734 3396 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:38:17.0749 3396 spldr - ok

16:38:17.0765 3396 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

16:38:17.0796 3396 Spooler - ok

16:38:17.0952 3396 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

16:38:18.0077 3396 sppsvc - ok

16:38:18.0124 3396 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

16:38:18.0155 3396 sppuinotify - ok

16:38:18.0202 3396 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

16:38:18.0233 3396 srv - ok

16:38:18.0248 3396 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

16:38:18.0295 3396 srv2 - ok

16:38:18.0342 3396 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

16:38:18.0358 3396 srvnet - ok

16:38:18.0404 3396 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

16:38:18.0451 3396 SSDPSRV - ok

16:38:18.0482 3396 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

16:38:18.0514 3396 SstpSvc - ok

16:38:18.0560 3396 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

16:38:18.0576 3396 stexstor - ok

16:38:18.0623 3396 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

16:38:18.0685 3396 stisvc - ok

16:38:18.0732 3396 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

16:38:18.0763 3396 swenum - ok

16:38:18.0810 3396 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

16:38:18.0872 3396 swprv - ok

16:38:18.0919 3396 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

16:38:18.0997 3396 SysMain - ok

16:38:19.0044 3396 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

16:38:19.0091 3396 TabletInputService - ok

16:38:19.0138 3396 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

16:38:19.0184 3396 TapiSrv - ok

16:38:19.0216 3396 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

16:38:19.0278 3396 TBS - ok

16:38:19.0387 3396 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

16:38:19.0496 3396 Tcpip - ok

16:38:19.0574 3396 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

16:38:19.0606 3396 TCPIP6 - ok

16:38:19.0949 3396 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

16:38:20.0011 3396 tcpipreg - ok

16:38:20.0214 3396 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:38:20.0292 3396 TDPIPE - ok

16:38:20.0401 3396 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

16:38:20.0464 3396 TDTCP - ok

16:38:20.0542 3396 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

16:38:20.0573 3396 tdx - ok

16:38:20.0635 3396 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

16:38:20.0651 3396 TermDD - ok

16:38:20.0744 3396 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

16:38:20.0838 3396 TermService - ok

16:38:20.0869 3396 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

16:38:20.0885 3396 Themes - ok

16:38:20.0916 3396 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

16:38:20.0947 3396 THREADORDER - ok

16:38:21.0041 3396 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys

16:38:21.0041 3396 tmactmon - ok

16:38:21.0119 3396 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys

16:38:21.0119 3396 tmcomm - ok

16:38:21.0181 3396 tmeevw (1161f882b3cfa8076870a09924e0adc2) C:\Windows\system32\DRIVERS\tmeevw.sys

16:38:21.0197 3396 tmeevw - ok

16:38:21.0244 3396 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys

16:38:21.0244 3396 tmevtmgr - ok

16:38:21.0290 3396 tmnciesc (f0ae672ee91e7f1ef24644621b57ca7f) C:\Windows\system32\DRIVERS\tmnciesc.sys

16:38:21.0306 3396 tmnciesc - ok

16:38:21.0337 3396 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys

16:38:21.0353 3396 tmtdi - ok

16:38:21.0400 3396 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

16:38:21.0446 3396 TrkWks - ok

16:38:21.0524 3396 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

16:38:21.0556 3396 TrustedInstaller - ok

16:38:21.0618 3396 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:38:21.0680 3396 tssecsrv - ok

16:38:21.0883 3396 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

16:38:21.0914 3396 TsUsbFlt - ok

16:38:22.0086 3396 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

16:38:22.0148 3396 tunnel - ok

16:38:22.0242 3396 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

16:38:22.0273 3396 uagp35 - ok

16:38:22.0382 3396 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

16:38:23.0162 3396 udfs - ok

16:38:23.0209 3396 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

16:38:23.0365 3396 UI0Detect - ok

16:38:23.0506 3396 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

16:38:23.0537 3396 uliagpkx - ok

16:38:23.0599 3396 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

16:38:23.0615 3396 umbus - ok

16:38:23.0693 3396 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

16:38:23.0771 3396 UmPass - ok

16:38:23.0833 3396 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe

16:38:23.0896 3396 Updater Service - ok

16:38:23.0942 3396 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

16:38:24.0052 3396 upnphost - ok

16:38:24.0083 3396 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

16:38:24.0130 3396 usbaudio - ok

16:38:24.0208 3396 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

16:38:24.0270 3396 usbccgp - ok

16:38:24.0332 3396 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

16:38:24.0364 3396 usbcir - ok

16:38:24.0395 3396 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

16:38:24.0426 3396 usbehci - ok

16:38:24.0473 3396 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

16:38:24.0488 3396 usbhub - ok

16:38:24.0551 3396 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

16:38:24.0598 3396 usbohci - ok

16:38:24.0629 3396 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

16:38:24.0660 3396 usbprint - ok

16:38:24.0707 3396 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

16:38:24.0738 3396 usbscan - ok

16:38:24.0769 3396 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:38:24.0816 3396 USBSTOR - ok

16:38:24.0832 3396 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

16:38:24.0847 3396 usbuhci - ok

16:38:25.0019 3396 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

16:38:25.0097 3396 usbvideo - ok

16:38:25.0190 3396 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

16:38:25.0268 3396 UxSms - ok

16:38:25.0362 3396 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

16:38:25.0393 3396 VaultSvc - ok

16:38:25.0471 3396 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

16:38:25.0518 3396 vdrvroot - ok

16:38:25.0612 3396 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

16:38:25.0690 3396 vds - ok

16:38:25.0721 3396 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:38:25.0736 3396 vga - ok

16:38:25.0768 3396 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:38:25.0814 3396 VgaSave - ok

16:38:25.0892 3396 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

16:38:25.0908 3396 vhdmp - ok

16:38:25.0970 3396 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

16:38:26.0017 3396 viaide - ok

16:38:26.0033 3396 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

16:38:26.0048 3396 volmgr - ok

16:38:26.0111 3396 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

16:38:26.0142 3396 volmgrx - ok

16:38:26.0220 3396 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

16:38:26.0267 3396 volsnap - ok

16:38:26.0360 3396 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

16:38:26.0407 3396 vsmraid - ok

16:38:26.0485 3396 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

16:38:26.0548 3396 VSS - ok

16:38:26.0563 3396 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

16:38:26.0594 3396 vwifibus - ok

16:38:26.0641 3396 vzandnetdiag (81843561a47a00aa302bfb7c5b678126) C:\Windows\system32\DRIVERS\lgvzandnetdiag64.sys

16:38:26.0688 3396 vzandnetdiag - ok

16:38:26.0719 3396 vzandnetmodem (818ca779c2457f328335fa48d507ef07) C:\Windows\system32\DRIVERS\lgvzandnetmdm64.sys

16:38:26.0766 3396 vzandnetmodem - ok

16:38:26.0813 3396 vzandnetndis (2862f437e09e0ddb3a9772abc57f160d) C:\Windows\system32\DRIVERS\lgvzandnetndis64.sys

16:38:26.0860 3396 vzandnetndis - ok

16:38:26.0891 3396 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

16:38:26.0938 3396 W32Time - ok

16:38:26.0953 3396 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

16:38:26.0984 3396 WacomPen - ok

16:38:27.0031 3396 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:38:27.0078 3396 WANARP - ok

16:38:27.0078 3396 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:38:27.0109 3396 Wanarpv6 - ok

16:38:27.0187 3396 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

16:38:27.0234 3396 WatAdminSvc - ok

16:38:27.0296 3396 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

16:38:27.0406 3396 wbengine - ok

16:38:27.0421 3396 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

16:38:27.0452 3396 WbioSrvc - ok

16:38:27.0499 3396 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

16:38:27.0593 3396 wcncsvc - ok

16:38:27.0624 3396 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

16:38:27.0640 3396 WcsPlugInService - ok

16:38:27.0671 3396 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

16:38:27.0671 3396 Wd - ok

16:38:27.0702 3396 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:38:27.0733 3396 Wdf01000 - ok

16:38:27.0749 3396 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

16:38:27.0811 3396 WdiServiceHost - ok

16:38:27.0811 3396 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

16:38:27.0842 3396 WdiSystemHost - ok

16:38:27.0874 3396 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

16:38:27.0905 3396 WebClient - ok

16:38:27.0920 3396 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

16:38:27.0952 3396 Wecsvc - ok

16:38:27.0983 3396 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

16:38:28.0030 3396 wercplsupport - ok

16:38:28.0076 3396 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

16:38:28.0108 3396 WerSvc - ok

16:38:28.0139 3396 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:38:28.0170 3396 WfpLwf - ok

16:38:28.0201 3396 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:38:28.0217 3396 WIMMount - ok

16:38:28.0232 3396 WinDefend - ok

16:38:28.0248 3396 WinHttpAutoProxySvc - ok

16:38:28.0310 3396 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

16:38:28.0357 3396 Winmgmt - ok

16:38:28.0404 3396 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

16:38:28.0498 3396 WinRM - ok

16:38:28.0544 3396 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

16:38:28.0576 3396 Wlansvc - ok

16:38:28.0778 3396 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

16:38:28.0825 3396 wlidsvc - ok

16:38:28.0856 3396 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

16:38:28.0888 3396 WmiAcpi - ok

16:38:28.0950 3396 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

16:38:28.0966 3396 wmiApSrv - ok

16:38:28.0981 3396 WMPNetworkSvc - ok

16:38:29.0028 3396 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

16:38:29.0075 3396 WPCSvc - ok

16:38:29.0122 3396 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

16:38:29.0153 3396 WPDBusEnum - ok

16:38:29.0184 3396 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

16:38:29.0215 3396 ws2ifsl - ok

16:38:29.0246 3396 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

16:38:29.0262 3396 wscsvc - ok

16:38:29.0278 3396 WSearch - ok

16:38:29.0356 3396 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

16:38:29.0480 3396 wuauserv - ok

16:38:29.0512 3396 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

16:38:29.0558 3396 WudfPf - ok

16:38:29.0574 3396 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:38:29.0605 3396 WUDFRd - ok

16:38:29.0621 3396 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

16:38:29.0652 3396 wudfsvc - ok

16:38:29.0699 3396 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

16:38:29.0714 3396 WwanSvc - ok

16:38:29.0746 3396 MBR (0x1B8) (70e629b51c16b3c007730c6ae57144c9) \Device\Harddisk0\DR0

16:38:32.0257 3396 \Device\Harddisk0\DR0 - ok

16:38:32.0288 3396 Boot (0x1200) (675ba951cd76f245a3d534b4b59972e1) \Device\Harddisk0\DR0\Partition0

16:38:32.0320 3396 \Device\Harddisk0\DR0\Partition0 - ok

16:38:32.0335 3396 Boot (0x1200) (9f0fb2c262b52f654cf00ceda579062f) \Device\Harddisk0\DR0\Partition1

16:38:32.0335 3396 \Device\Harddisk0\DR0\Partition1 - ok

16:38:32.0335 3396 ============================================================

16:38:32.0335 3396 Scan finished

16:38:32.0335 3396 ============================================================

16:38:32.0351 1444 Detected object count: 2

16:38:32.0351 1444 Actual detected object count: 2

16:39:26.0077 1444 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - skipped by user

16:39:26.0077 1444 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:39:26.0077 1444 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - skipped by user

16:39:26.0077 1444 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:39:37.0637 3132 Deinitialize success

LDTate · April 12, 2012

Are you still getting the MBAM errors?

moonlitelace · April 13, 2012

Yep, still the error code 2 and 1068, 0, ProtectionInstall/ProtectionEnable errors. Otherwise windows explorer is back to running at about 50,000, my facebook account isn't posting odd links anymore and it's also stopped redirecting whenever I search!!! Thanks

LDTate · April 13, 2012

Please do the following to see if it resolves the issue: Post back and let us know please

Download and run mbam-clean.exe from here
It will ask to restart your computer, please allow it to do so very important
After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
- Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
- Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
  Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

moonlitelace · April 13, 2012

It's back in the system tray!

LDTate · April 13, 2012

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

moonlitelace · April 14, 2012

Everything seems to be back to normal!

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.04.13.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

O'Roak :: OROAK-PC [administrator]

Protection: Enabled

4/14/2012 8:50:09 AM

mbam-log-2012-04-14 (08-50-09).txt

Scan type: Quick scan

Scan options disabled:

Objects scanned: 212124

Time elapsed: 8 minute(s), 31 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

LDTate · April 15, 2012

You can delete TDSSKiller.

Here's my usual all clean post

To be on the safe side, I would also change all my passwords.

This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.

Log looks good

LDTate · April 20, 2012

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.

Infection

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information