moonlitelace Posted April 6, 2012 ID:540321 Share Posted April 6, 2012 I'm pretty sure I have a virus because now windows explorer is running at over 300,000k and I noticed likes and posts on my FB page that I didn't put there. I've attached the dds and attach txts. Thanks.DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421Run by O'Roak at 19:39:59 on 2012-04-05Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4252 [GMT -4:00].AV: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}SP: Trend Micro Titanium Maximum Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Windows\system32\taskhost.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\eMachines\Registration\GregHSRW.exeC:\Windows\SysWOW64\NLSSRV32.EXEC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\eMachines\eMachines Updater\UpdaterService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\WUDFHost.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\DllHost.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Trend Micro SafeSync\hrfscore.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\REGSVR32.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.yahoo.com/?ilc=1uWindow Title = Windows Internet Explorer provided by Yahoo!uInternet Settings,ProxyOverride = *.localmURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbIncr.dllmWinlogon: Userinit=userinit.exe,BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No FileBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dllBHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No FileBHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dllBHO: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbIncr.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dllTB: {9D425283-D487-4337-BAB6-AB8354A81457} - No FileTB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No FileTB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dllTB: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbIncr.dllTB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileTB: {F92A9FE4-2850-4198-B9D5-279880E49B16} - No FileTB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No FileTB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No FileTB: {69D1A568-FFDF-4EF5-8919-7003582E0EE8} - No FileTB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileTB: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No FileuRun: [incrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /cmRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymPolicies-explorer: NoActiveDesktop = 1 (0x1)mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableLUA = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)mPolicies-system: PromptOnSecureDesktop = 0 (0x0)IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLLDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cabDPF: {03A89EFD-E023-B100-A22D-45F77558EB4C} - hxxps://content10.ilinc.com/download/AXCltInst11.dllDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {2FD395CB-BD93-4BA9-AA4B-D725754E20D1} - hxxp://test.player.portalarium.com/installers/win32/PortalariumPlayer.cabDPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cabDPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - DPF: {708BFDA5-5B56-435B-8227-726021E197E9} - hxxp://us.beanfun.com/beanfun_block/embeds/BFServiceAdapter.ocxDPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} - hxxps://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CABDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cabDPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: {E8F2FD65-4CA1-4E1E-BE81-A2D0A7C4D9CC} - hxxp://esupport.trendmicro.com/media/srf/GetVBInfo.cabTCP: DhcpNameServer = 71.243.0.12 68.237.161.12TCP: Interfaces\{8AAE4FCF-7C23-44D3-B348-DB9594E7CDEB} : DhcpNameServer = 71.243.0.12 68.237.161.12Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLHandler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1102\7.1.1102\TmBpIe32.dllHandler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1313\6.8.1078\TmIEPlg32.dllHandler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dllHandler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllmASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCacheBHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No FileBHO-X64: 0x1 - No FileBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1078\TmIEPlg32.dllBHO-X64: Trend Micro NSC BHO - No FileBHO-X64: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dllBHO-X64: Trend Micro Toolbar BHO - No FileBHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No FileBHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO-X64: SkypeIEPluginBHO - No FileBHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\TmBpIe32.dllBHO-X64: TmBpIeBHO - No FileBHO-X64: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbIncr.dllBHO-X64: IncrediMail MediaBar 2 - No FileBHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dllTB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No FileTB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No FileTB-X64: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dllTB-X64: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\prxtbIncr.dllTB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileTB-X64: {F92A9FE4-2850-4198-B9D5-279880E49B16} - No FileTB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No FileTB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No FileTB-X64: {69D1A568-FFDF-4EF5-8919-7003582E0EE8} - No FileTB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileTB-X64: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No FilemRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray.================= FIREFOX ===================.FF - ProfilePath - C:\Users\O'Roak\AppData\Roaming\Mozilla\Firefox\Profiles\lmemhd1p.default\FF - prefs.js: browser.search.selectedEngine - MyStart SearchFF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/?a=DgVeEjzrYRFF - prefs.js: network.proxy.type - 0FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dllFF - plugin: C:\Users\O'Roak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll.============= SERVICES / DRIVERS ===============.R1 nnfwdk;Nielsen WFP Driver;C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys [2011-10-6 25648]R1 SBRE;SBRE;\??\C:\Windows\system32\drivers\SBREdrv.sys --> C:\Windows\system32\drivers\SBREdrv.sys [?]R1 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]R2 Greg_Service;GRegService;C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [2009-6-4 1150496]R2 nlsX86cc;NLS Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2011-3-21 68928]R2 Updater Service;Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2009-8-15 240160]R3 OnlineStorageService;OnlineStorageService;C:\Program Files\Trend Micro SafeSync\hrfscore.exe [2011-6-1 7496464]R3 tmeevw;tmeevw;C:\Windows\system32\DRIVERS\tmeevw.sys --> C:\Windows\system32\DRIVERS\tmeevw.sys [?]R3 tmnciesc;tmnciesc;C:\Windows\system32\DRIVERS\tmnciesc.sys --> C:\Windows\system32\DRIVERS\tmnciesc.sys [?]S2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-4-2 275912]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 DAZContentManagementService;DAZ Content Management Service;C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [2011-9-28 22528]S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-3 652360]S2 NielsenUpdate;Nielsen Update;C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2011-9-8 303936]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856]S3 CorelCreatorMessages;CorelCreatorMessages;"C:\Windows\system32\CorelCreatorMessages.exe" --> C:\Windows\system32\CorelCreatorMessages.exe [?]S3 hrfsmrx;hrfsmrx;C:\Windows\system32\Drivers\hrfsmrx.sys --> C:\Windows\system32\Drivers\hrfsmrx.sys [?]S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-6-25 17152]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;C:\Windows\system32\DRIVERS\lgvzandnetdiag64.sys --> C:\Windows\system32\DRIVERS\lgvzandnetdiag64.sys [?]S3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;C:\Windows\system32\DRIVERS\lgvzandnetmdm64.sys --> C:\Windows\system32\DRIVERS\lgvzandnetmdm64.sys [?]S3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;C:\Windows\system32\DRIVERS\lgvzandnetndis64.sys --> C:\Windows\system32\DRIVERS\lgvzandnetndis64.sys [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?].=============== Created Last 30 ================.2012-04-05 23:12:24 -------- d-----w- C:\Users\O'Roak\AppData\Local\ElevatedDiagnostics2012-04-05 11:52:31 -------- d-----w- C:\Program Files (x86)\Life Quest 2 - Metropoville2012-04-04 02:46:07 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\Malwarebytes2012-04-04 02:45:42 -------- d-----w- C:\ProgramData\Malwarebytes2012-04-04 02:45:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-04-04 02:19:25 -------- d-----w- C:\Program Files (x86)\IncrediMail_MediaBar_22012-04-03 23:44:23 -------- d-sh--w- C:\Windows\System32\%APPDATA%2012-04-02 11:03:02 67344 ----a-w- C:\Windows\System32\drivers\tmeevw.sys2012-04-02 11:03:00 210704 ----a-w- C:\Windows\System32\drivers\tmnciesc.sys2012-04-02 11:02:52 105744 ----a-w- C:\Windows\System32\drivers\tmtdi.sys2012-04-02 11:02:50 91920 ----a-w- C:\Windows\System32\drivers\tmactmon.sys2012-04-02 11:02:50 70928 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys2012-04-02 11:02:50 167696 ----a-w- C:\Windows\System32\drivers\tmcomm.sys2012-04-02 11:01:47 56 ----a-w- C:\Windows\System32\SupportTool.exe.bat2012-04-02 11:01:20 -------- d-----w- C:\Program Files\Trend Micro2012-04-02 03:41:37 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F384AC02-8274-4297-BA0A-C3A605B86444}\mpengine.dll2012-04-01 18:50:32 -------- d--h--w- C:\Users\O'Roak\AppData\Local\iConcepts Webcam Manager2012-04-01 18:50:32 -------- d-----w- C:\ProgramData\iConcepts Webcam Manager2012-04-01 18:50:32 -------- d-----w- C:\ProgramData\Iconcepts2012-04-01 18:49:58 -------- d-----w- C:\Program Files\iConcepts Webcam Manager2012-04-01 02:46:46 -------- d-----w- C:\Program Files (x86)\FMPatcher2012-03-28 22:13:17 -------- d-----w- C:\ProgramData\HitPoint Studios2012-03-27 20:48:38 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\Anuman2012-03-27 15:41:43 -------- d-----w- C:\Program Files (x86)\Monument Builders - Titanic2012-03-26 23:47:38 -------- d-----w- C:\Program Files (x86)\The Secrets of Arcelia Island2012-03-26 23:23:17 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\ERS Game Studios2012-03-26 22:40:09 -------- d-----w- C:\Program Files (x86)\Spirits of Mystery - Amber Maiden2012-03-23 00:19:37 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\4 Friends Games2012-03-22 22:53:35 -------- d-----w- C:\Program Files (x86)\Living Legends - Ice Rose Collector's Edition2012-03-17 02:35:23 167936 ----a-w- C:\Windows\SysWow64\Engine3D.dll2012-03-16 01:06:10 -------- d--h--w- C:\Users\O'Roak\AppData\Local\Corel2012-03-15 20:46:07 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll2012-03-15 20:44:21 -------- d-----w- C:\Program Files (x86)\Egypt - Secret of five Gods2012-03-15 20:31:00 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\BigFish All My Gods2012-03-15 07:05:18 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-03-15 07:05:18 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2012-03-15 07:05:17 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2012-03-14 07:04:59 3145728 ----a-w- C:\Windows\System32\win32k.sys2012-03-14 07:04:53 1544192 ----a-w- C:\Windows\System32\DWrite.dll2012-03-14 07:04:53 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll2012-03-14 07:02:08 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe2012-03-14 07:02:08 77312 ----a-w- C:\Windows\System32\rdpwsx.dll2012-03-14 07:02:08 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll2012-03-14 07:01:59 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll2012-03-14 07:01:59 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys2012-03-14 07:01:59 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys2012-03-14 07:01:59 1031680 ----a-w- C:\Windows\System32\rdpcore.dll2012-03-13 11:40:53 -------- d--h--w- C:\Users\O'Roak\AppData\Local\visi_coupon2012-03-11 20:12:32 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\Artifex Mundi2012-03-10 00:30:05 -------- d-----w- C:\Users\O'Roak\AppData\Roaming\Amulet_of_time2012-03-08 20:47:26 -------- d-----w- C:\e.==================== Find3M ====================.2012-03-09 13:00:03 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-02-23 13:18:36 279656 ----a-w- C:\Windows\System32\MpSigStub.exe2012-01-17 17:56:30 60304 ----a-w- C:\Users\O'Roak\g2mdlhlpx.exe2011-08-25 13:50:44 482 ----a-w- C:\Program Files (x86)\082520119504435.bat.============= FINISH: 19:48:47.18 ===============How long does it normally take to hear back from someone?Attach.txtDDS.txt Link to post Share on other sites More sharing options...
LDTate Posted April 10, 2012 ID:541165 Share Posted April 10, 2012 Logs will be closed if you haven't replied within 3 days Please don't attach the scans / logs for these tools, use "copy/paste".DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.Please run a new MBAM scan being sure to update before scanning.Post the scan resultsAlso please describe how your computer behaves at the moment.Please don't attach the scans / logs, use "copy/paste". Link to post Share on other sites More sharing options...
moonlitelace Posted April 11, 2012 Author ID:541564 Share Posted April 11, 2012 Computer is still running windows explorer at over 500,000k. Malwarebytes is suppose to startup when I start my computer but it's not showing in the icon tray. Whenever I try to search something it redirects. ThanksMalwarebytes Anti-Malware (PRO) 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.04.10.03Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421O'Roak :: OROAK-PC [administrator]Protection: Disabled4/10/2012 7:25:15 AMmbam-log-2012-04-10 (07-25-15).txtScan type: Full scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled:Objects scanned: 571261Time elapsed: 2 hour(s), 39 minute(s), 52 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
LDTate Posted April 11, 2012 ID:541566 Share Posted April 11, 2012 Vista and Windows 7 users:1. These tools MUST be run from the executable. (.exe) every time you run them 2. With Admin Rights (Right click, choose "Run as Administrator")Stay with this topic until I give you the all clean post.You might want to print these instructions out.Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.Please download ATF Cleaner by Atribune.Download - ATF Cleaner»Double-click ATF-Cleaner.exe to run the program.Under Main choose: Select AllClick the Empty Selected button.If you use Firefox browserClick Firefox at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browserClick Opera at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.It's normal after running ATF cleaner that the PC will be slower to boot the first time or two.Next:Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.Please download GooredFix from one of the locations below and save it to your DesktopDownload Mirror #1Download Mirror #2Ensure all Firefox windows are closed.To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).When prompted to run the scan, click Yes.It doesn't take long to run, once it is finished move onto the next stepNext:Download TDSSKiller from here and save it to your Desktop.Note: if the Cure option is not there, please select 'Skip'. Please read carefully and follow these steps. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.Click the Start Scan button.If a suspicious object is detected, the default action will be Skip, click on Continue.If Malicious objects are found then ensure Cure is selectedIf TDLFS File System is found then ensure Delete is selectedThen click Continue Reboot now to finish the cleaning process.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply. Link to post Share on other sites More sharing options...
moonlitelace Posted April 11, 2012 Author ID:541900 Share Posted April 11, 2012 I'm getting a few errors when I open Malwarebytes:[OpenEvent] Failed to perform desired action. Error Code: 2And I get these 2 whenever I click on scheduler settings and enable protection module:An error has occurred. Please report this issue to our support team (include the content of all error message(s) and code(s) in your submission.PROGRAM_ERROR_PROTECTION_MODULE (1068, 0, ProtectionInstall or ProtectionEnable)The dependency service or group failed to start.19:16:59.0622 3264 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:0519:17:00.0992 3264 ============================================================19:17:00.0992 3264 Current date / time: 2012/04/11 19:17:00.099219:17:00.0992 3264 SystemInfo:19:17:00.0992 3264 19:17:00.0992 3264 OS Version: 6.1.7601 ServicePack: 1.019:17:00.0992 3264 Product type: Workstation19:17:00.0992 3264 ComputerName: OROAK-PC19:17:00.0992 3264 UserName: O'Roak19:17:00.0992 3264 Windows directory: C:\Windows19:17:00.0992 3264 System windows directory: C:\Windows19:17:00.0992 3264 Running under WOW6419:17:00.0992 3264 Processor architecture: Intel x6419:17:00.0992 3264 Number of processors: 219:17:00.0992 3264 Page size: 0x100019:17:00.0992 3264 Boot type: Normal boot19:17:00.0992 3264 ============================================================19:17:01.0874 3264 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004019:17:01.0914 3264 \Device\Harddisk0\DR0:19:17:01.0914 3264 MBR used19:17:01.0914 3264 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x3200019:17:01.0914 3264 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x5570EEF019:17:01.0944 3264 Initialize success19:17:01.0944 3264 ============================================================19:17:53.0748 0724 ============================================================19:17:53.0748 0724 Scan started19:17:53.0748 0724 Mode: Manual; SigCheck; TDLFS;19:17:53.0748 0724 ============================================================19:17:56.0088 0724 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys19:17:56.0218 0724 1394ohci - ok19:17:56.0268 0724 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys19:17:56.0288 0724 ACPI - ok19:17:56.0308 0724 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys19:17:56.0348 0724 AcpiPmi - ok19:17:56.0448 0724 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe19:17:56.0468 0724 AdobeARMservice - ok19:17:56.0578 0724 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe19:17:56.0598 0724 AdobeFlashPlayerUpdateSvc - ok19:17:56.0650 0724 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys19:17:56.0690 0724 adp94xx - ok19:17:56.0700 0724 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys19:17:56.0720 0724 adpahci - ok19:17:56.0730 0724 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys19:17:56.0740 0724 adpu320 - ok19:17:56.0770 0724 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll19:17:56.0810 0724 AeLookupSvc - ok19:17:56.0880 0724 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys19:17:56.0940 0724 AFD - ok19:17:56.0970 0724 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys19:17:56.0990 0724 agp440 - ok19:17:57.0010 0724 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe19:17:57.0040 0724 ALG - ok19:17:57.0080 0724 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys19:17:57.0090 0724 aliide - ok19:17:57.0110 0724 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys19:17:57.0120 0724 amdide - ok19:17:57.0140 0724 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys19:17:57.0170 0724 AmdK8 - ok19:17:57.0180 0724 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys19:17:57.0200 0724 AmdPPM - ok19:17:57.0220 0724 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys19:17:57.0240 0724 amdsata - ok19:17:57.0240 0724 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys19:17:57.0260 0724 amdsbs - ok19:17:57.0280 0724 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys19:17:57.0290 0724 amdxata - ok19:17:57.0390 0724 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe19:17:57.0470 0724 Amsp - ok19:17:57.0500 0724 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys19:17:57.0550 0724 AppID - ok19:17:57.0560 0724 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll19:17:57.0600 0724 AppIDSvc - ok19:17:57.0630 0724 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll19:17:57.0670 0724 Appinfo - ok19:17:57.0750 0724 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe19:17:57.0780 0724 Apple Mobile Device - ok19:17:57.0830 0724 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys19:17:57.0870 0724 arc - ok19:17:57.0900 0724 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys19:17:57.0910 0724 arcsas - ok19:17:57.0950 0724 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys19:17:58.0000 0724 AsyncMac - ok19:17:58.0070 0724 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys19:17:58.0100 0724 atapi - ok19:17:58.0140 0724 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll19:17:58.0210 0724 AudioEndpointBuilder - ok19:17:58.0230 0724 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll19:17:58.0270 0724 AudioSrv - ok19:17:58.0310 0724 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll19:17:58.0340 0724 AxInstSV - ok19:17:58.0380 0724 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys19:17:58.0410 0724 b06bdrv - ok19:17:58.0430 0724 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys19:17:58.0460 0724 b57nd60a - ok19:17:58.0500 0724 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll19:17:58.0550 0724 BDESVC - ok19:17:58.0570 0724 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys19:17:58.0630 0724 Beep - ok19:17:58.0680 0724 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll19:17:58.0730 0724 BFE - ok19:17:58.0800 0724 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll19:17:58.0874 0724 BITS - ok19:17:58.0908 0724 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys19:17:58.0922 0724 blbdrive - ok19:17:58.0982 0724 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe19:17:58.0992 0724 Bonjour Service - ok19:17:59.0032 0724 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys19:17:59.0062 0724 bowser - ok19:17:59.0072 0724 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys19:17:59.0132 0724 BrFiltLo - ok19:17:59.0152 0724 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys19:17:59.0182 0724 BrFiltUp - ok19:17:59.0212 0724 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll19:17:59.0262 0724 Browser - ok19:17:59.0282 0724 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys19:17:59.0312 0724 Brserid - ok19:17:59.0332 0724 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys19:17:59.0362 0724 BrSerWdm - ok19:17:59.0372 0724 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys19:17:59.0402 0724 BrUsbMdm - ok19:17:59.0422 0724 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys19:17:59.0452 0724 BrUsbSer - ok19:17:59.0462 0724 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys19:17:59.0482 0724 BTHMODEM - ok19:17:59.0532 0724 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll19:17:59.0572 0724 bthserv - ok19:17:59.0612 0724 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys19:17:59.0652 0724 cdfs - ok19:17:59.0682 0724 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys19:17:59.0702 0724 cdrom - ok19:17:59.0752 0724 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll19:17:59.0852 0724 CertPropSvc - ok19:17:59.0872 0724 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys19:17:59.0892 0724 circlass - ok19:17:59.0912 0724 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys19:17:59.0932 0724 CLFS - ok19:17:59.0982 0724 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe19:17:59.0992 0724 clr_optimization_v2.0.50727_32 - ok19:18:00.0022 0724 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe19:18:00.0042 0724 clr_optimization_v2.0.50727_64 - ok19:18:00.0132 0724 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe19:18:00.0162 0724 clr_optimization_v4.0.30319_32 - ok19:18:00.0202 0724 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe19:18:00.0212 0724 clr_optimization_v4.0.30319_64 - ok19:18:00.0232 0724 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys19:18:00.0262 0724 CmBatt - ok19:18:00.0302 0724 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys19:18:00.0312 0724 cmdide - ok19:18:00.0362 0724 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys19:18:00.0392 0724 CNG - ok19:18:00.0412 0724 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys19:18:00.0432 0724 Compbatt - ok19:18:00.0442 0724 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys19:18:00.0472 0724 CompositeBus - ok19:18:00.0482 0724 COMSysApp - ok19:18:00.0542 0724 CorelCreatorMessages (7861e0bd7fba89d40dc76321613e7481) C:\Windows\system32\CorelCreatorMessages.exe19:18:00.0562 0724 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - warning19:18:00.0562 0724 CorelCreatorMessages - detected UnsignedFile.Multi.Generic (1)19:18:00.0582 0724 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys19:18:00.0602 0724 crcdisk - ok19:18:00.0651 0724 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll19:18:00.0694 0724 CryptSvc - ok19:18:00.0774 0724 DAZContentManagementService (958ef96991abccfdac0953c4a24081dc) C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe19:18:00.0794 0724 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - warning19:18:00.0794 0724 DAZContentManagementService - detected UnsignedFile.Multi.Generic (1)19:18:00.0854 0724 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll19:18:00.0924 0724 DcomLaunch - ok19:18:00.0974 0724 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll19:18:01.0054 0724 defragsvc - ok19:18:01.0094 0724 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys19:18:01.0134 0724 DfsC - ok19:18:01.0154 0724 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll19:18:01.0194 0724 Dhcp - ok19:18:01.0214 0724 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys19:18:01.0254 0724 discache - ok19:18:01.0264 0724 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys19:18:01.0284 0724 Disk - ok19:18:01.0314 0724 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll19:18:01.0374 0724 Dnscache - ok19:18:01.0414 0724 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll19:18:01.0464 0724 dot3svc - ok19:18:01.0494 0724 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll19:18:01.0534 0724 DPS - ok19:18:01.0554 0724 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys19:18:01.0584 0724 drmkaud - ok19:18:01.0614 0724 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys19:18:01.0644 0724 DXGKrnl - ok19:18:01.0664 0724 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll19:18:01.0704 0724 EapHost - ok19:18:01.0784 0724 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys19:18:01.0864 0724 ebdrv - ok19:18:01.0904 0724 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe19:18:01.0924 0724 EFS - ok19:18:01.0964 0724 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe19:18:01.0994 0724 ehRecvr - ok19:18:02.0024 0724 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe19:18:02.0034 0724 ehSched - ok19:18:02.0064 0724 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys19:18:02.0084 0724 elxstor - ok19:18:02.0124 0724 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys19:18:02.0144 0724 ErrDev - ok19:18:02.0174 0724 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll19:18:02.0224 0724 EventSystem - ok19:18:02.0244 0724 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys19:18:02.0284 0724 exfat - ok19:18:02.0314 0724 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys19:18:02.0354 0724 fastfat - ok19:18:02.0384 0724 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe19:18:02.0414 0724 Fax - ok19:18:02.0434 0724 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys19:18:02.0454 0724 fdc - ok19:18:02.0484 0724 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll19:18:02.0524 0724 fdPHost - ok19:18:02.0534 0724 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll19:18:02.0584 0724 FDResPub - ok19:18:02.0604 0724 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys19:18:02.0614 0724 FileInfo - ok19:18:02.0634 0724 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys19:18:02.0664 0724 Filetrace - ok19:18:02.0684 0724 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys19:18:02.0764 0724 flpydisk - ok19:18:02.0794 0724 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys19:18:02.0814 0724 FltMgr - ok19:18:02.0844 0724 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll19:18:02.0894 0724 FontCache - ok19:18:02.0936 0724 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe19:18:02.0956 0724 FontCache3.0.0.0 - ok19:18:03.0018 0724 ForceWare Intelligent Application Manager (IAM) (a9ff65ea14e4cabfcc1bb8ece111a249) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe19:18:03.0038 0724 ForceWare Intelligent Application Manager (IAM) - ok19:18:03.0048 0724 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys19:18:03.0068 0724 FsDepends - ok19:18:03.0078 0724 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys19:18:03.0103 0724 Fs_Rec - ok19:18:03.0130 0724 FTDIBUS (ed07200cff78facfb66ebb0b89f503a4) C:\Windows\system32\drivers\ftdibus.sys19:18:03.0150 0724 FTDIBUS - ok19:18:03.0181 0724 FTSER2K (9980e7584484a009e77e9bfa14c0c18a) C:\Windows\system32\drivers\ftser2k.sys19:18:03.0202 0724 FTSER2K - ok19:18:03.0232 0724 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys19:18:03.0252 0724 fvevol - ok19:18:03.0272 0724 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys19:18:03.0292 0724 gagp30kx - ok19:18:03.0352 0724 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys19:18:03.0372 0724 GEARAspiWDM - ok19:18:03.0432 0724 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll19:18:03.0502 0724 gpsvc - ok19:18:03.0572 0724 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe19:18:03.0682 0724 Greg_Service - ok19:18:03.0712 0724 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys19:18:03.0752 0724 hcw85cir - ok19:18:03.0792 0724 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys19:18:03.0822 0724 HdAudAddService - ok19:18:03.0862 0724 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys19:18:03.0882 0724 HDAudBus - ok19:18:03.0902 0724 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys19:18:03.0932 0724 HidBatt - ok19:18:03.0972 0724 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys19:18:04.0012 0724 HidBth - ok19:18:04.0022 0724 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys19:18:04.0062 0724 HidIr - ok19:18:04.0082 0724 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll19:18:04.0122 0724 hidserv - ok19:18:04.0152 0724 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys19:18:04.0172 0724 HidUsb - ok19:18:04.0252 0724 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll19:18:04.0332 0724 hkmsvc - ok19:18:04.0372 0724 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll19:18:04.0402 0724 HomeGroupListener - ok19:18:04.0442 0724 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll19:18:04.0462 0724 HomeGroupProvider - ok19:18:04.0502 0724 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys19:18:04.0512 0724 HpSAMD - ok19:18:04.0562 0724 hrfsmrx (b790afc0d0437ffd94126f06eb48e7e6) C:\Windows\System32\Drivers\hrfsmrx.sys19:18:04.0602 0724 hrfsmrx - ok19:18:04.0642 0724 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys19:18:04.0722 0724 HTTP - ok19:18:04.0752 0724 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys19:18:04.0772 0724 hwpolicy - ok19:18:04.0812 0724 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys19:18:04.0832 0724 i8042prt - ok19:18:04.0862 0724 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys19:18:04.0882 0724 iaStorV - ok19:18:04.0952 0724 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe19:18:05.0022 0724 idsvc - ok19:18:05.0052 0724 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys19:18:05.0072 0724 iirsp - ok19:18:05.0102 0724 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll19:18:05.0142 0724 IKEEXT - ok19:18:05.0202 0724 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys19:18:05.0272 0724 IntcAzAudAddService - ok19:18:05.0292 0724 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys19:18:05.0302 0724 intelide - ok19:18:05.0332 0724 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys19:18:05.0352 0724 intelppm - ok19:18:05.0392 0724 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll19:18:05.0432 0724 IPBusEnum - ok19:18:05.0462 0724 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys19:18:05.0512 0724 IpFilterDriver - ok19:18:05.0572 0724 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll19:18:05.0682 0724 iphlpsvc - ok19:18:05.0702 0724 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys19:18:05.0732 0724 IPMIDRV - ok19:18:05.0742 0724 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys19:18:05.0792 0724 IPNAT - ok19:18:05.0852 0724 iPod Service (fdf57f795098ab29af780824315c9859) C:\Program Files\iPod\bin\iPodService.exe19:18:05.0892 0724 iPod Service - ok19:18:05.0912 0724 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys19:18:05.0932 0724 IRENUM - ok19:18:05.0952 0724 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys19:18:05.0962 0724 isapnp - ok19:18:05.0982 0724 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys19:18:06.0002 0724 iScsiPrt - ok19:18:06.0022 0724 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys19:18:06.0032 0724 kbdclass - ok19:18:06.0042 0724 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys19:18:06.0062 0724 kbdhid - ok19:18:06.0102 0724 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe19:18:06.0142 0724 KeyIso - ok19:18:06.0162 0724 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys19:18:06.0182 0724 KSecDD - ok19:18:06.0212 0724 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys19:18:06.0232 0724 KSecPkg - ok19:18:06.0252 0724 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys19:18:06.0292 0724 ksthunk - ok19:18:06.0312 0724 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll19:18:06.0352 0724 KtmRm - ok19:18:06.0412 0724 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll19:18:06.0502 0724 LanmanServer - ok19:18:06.0532 0724 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll19:18:06.0572 0724 LanmanWorkstation - ok19:18:06.0662 0724 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys19:18:06.0682 0724 Lavasoft Kernexplorer - ok19:18:06.0722 0724 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys19:18:06.0772 0724 lltdio - ok19:18:06.0792 0724 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll19:18:06.0842 0724 lltdsvc - ok19:18:06.0862 0724 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll19:18:06.0892 0724 lmhosts - ok19:18:06.0932 0724 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys19:18:06.0942 0724 LSI_FC - ok19:18:06.0952 0724 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys19:18:06.0962 0724 LSI_SAS - ok19:18:06.0972 0724 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys19:18:06.0992 0724 LSI_SAS2 - ok19:18:07.0002 0724 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys19:18:07.0022 0724 LSI_SCSI - ok19:18:07.0052 0724 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys19:18:07.0092 0724 luafv - ok19:18:07.0112 0724 MBAMProtector - ok19:18:07.0162 0724 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe19:18:07.0262 0724 MBAMService - ok19:18:07.0302 0724 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll19:18:07.0322 0724 Mcx2Svc - ok19:18:07.0332 0724 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys19:18:07.0352 0724 megasas - ok19:18:07.0362 0724 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys19:18:07.0382 0724 MegaSR - ok19:18:07.0402 0724 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll19:18:07.0452 0724 MMCSS - ok19:18:07.0472 0724 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys19:18:07.0522 0724 Modem - ok19:18:07.0542 0724 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys19:18:07.0572 0724 monitor - ok19:18:07.0602 0724 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys19:18:07.0622 0724 mouclass - ok19:18:07.0642 0724 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys19:18:07.0662 0724 mouhid - ok19:18:07.0702 0724 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys19:18:07.0722 0724 mountmgr - ok19:18:07.0742 0724 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys19:18:07.0752 0724 mpio - ok19:18:07.0782 0724 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys19:18:07.0832 0724 mpsdrv - ok19:18:07.0974 0724 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll19:18:08.0054 0724 MpsSvc - ok19:18:08.0084 0724 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys19:18:08.0114 0724 MRxDAV - ok19:18:08.0154 0724 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys19:18:08.0184 0724 mrxsmb - ok19:18:08.0224 0724 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys19:18:08.0284 0724 mrxsmb10 - ok19:18:08.0304 0724 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys19:18:08.0334 0724 mrxsmb20 - ok19:18:08.0364 0724 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys19:18:08.0374 0724 msahci - ok19:18:08.0414 0724 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys19:18:08.0424 0724 msdsm - ok19:18:08.0464 0724 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe19:18:08.0524 0724 MSDTC - ok19:18:08.0544 0724 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys19:18:08.0584 0724 Msfs - ok19:18:08.0604 0724 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys19:18:08.0644 0724 mshidkmdf - ok19:18:08.0654 0724 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys19:18:08.0664 0724 msisadrv - ok19:18:08.0694 0724 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll19:18:08.0734 0724 MSiSCSI - ok19:18:08.0744 0724 msiserver - ok19:18:08.0774 0724 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys19:18:08.0824 0724 MSKSSRV - ok19:18:08.0844 0724 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys19:18:08.0884 0724 MSPCLOCK - ok19:18:08.0894 0724 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys19:18:08.0944 0724 MSPQM - ok19:18:08.0984 0724 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys19:18:09.0004 0724 MsRPC - ok19:18:09.0024 0724 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys19:18:09.0034 0724 mssmbios - ok19:18:09.0054 0724 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys19:18:09.0094 0724 MSTEE - ok19:18:09.0114 0724 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys19:18:09.0134 0724 MTConfig - ok19:18:09.0144 0724 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys19:18:09.0154 0724 Mup - ok19:18:09.0174 0724 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll19:18:09.0224 0724 napagent - ok19:18:09.0254 0724 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys19:18:09.0284 0724 NativeWifiP - ok19:18:09.0324 0724 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys19:18:09.0354 0724 NDIS - ok19:18:09.0384 0724 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys19:18:09.0414 0724 NdisCap - ok19:18:09.0444 0724 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys19:18:09.0474 0724 NdisTapi - ok19:18:09.0514 0724 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys19:18:09.0574 0724 Ndisuio - ok19:18:09.0614 0724 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys19:18:09.0664 0724 NdisWan - ok19:18:09.0694 0724 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys19:18:09.0734 0724 NDProxy - ok19:18:09.0804 0724 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe19:18:09.0824 0724 Nero BackItUp Scheduler 4.0 - ok19:18:09.0854 0724 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys19:18:09.0894 0724 NetBIOS - ok19:18:09.0934 0724 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys19:18:10.0014 0724 NetBT - ok19:18:10.0054 0724 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe19:18:10.0094 0724 Netlogon - ok19:18:10.0134 0724 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll19:18:10.0194 0724 Netman - ok19:18:10.0214 0724 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll19:18:10.0264 0724 netprofm - ok19:18:10.0294 0724 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe19:18:10.0324 0724 NetTcpPortSharing - ok19:18:10.0344 0724 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys19:18:10.0364 0724 nfrd960 - ok19:18:10.0474 0724 NielsenUpdate (c86e60ce7fea4e00891036b29344bc02) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe19:18:10.0504 0724 NielsenUpdate - ok19:18:10.0554 0724 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll19:18:10.0614 0724 NlaSvc - ok19:18:10.0694 0724 nlsX86cc (23688f610a5a16dd8b4d93d2f7bd44f6) C:\Windows\SysWOW64\NLSSRV32.EXE19:18:10.0724 0724 nlsX86cc - ok19:18:10.0794 0724 nnfwdk (3cff736f1f581069a954f7dedb2dfbfa) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys19:18:10.0834 0724 nnfwdk - ok19:18:10.0864 0724 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys19:18:10.0904 0724 Npfs - ok19:18:10.0934 0724 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll19:18:10.0984 0724 nsi - ok19:18:10.0994 0724 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys19:18:11.0044 0724 nsiproxy - ok19:18:11.0094 0724 nSvcIp (c04f5def37e55f6a34428b050f44d3d6) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe19:18:11.0124 0724 nSvcIp - ok19:18:11.0194 0724 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys19:18:11.0264 0724 Ntfs - ok19:18:11.0274 0724 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys19:18:11.0304 0724 Null - ok19:18:11.0334 0724 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys19:18:11.0374 0724 NVENETFD - ok19:18:11.0604 0724 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys19:18:11.0944 0724 nvlddmkm - ok19:18:11.0984 0724 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\Windows\system32\DRIVERS\nvmf6264.sys19:18:11.0994 0724 NVNET - ok19:18:12.0044 0724 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys19:18:12.0054 0724 nvraid - ok19:18:12.0074 0724 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys19:18:12.0094 0724 nvstor - ok19:18:12.0124 0724 nvstor64 (7c7eef51979658ce15bbc04f96a77d56) C:\Windows\system32\DRIVERS\nvstor64.sys19:18:12.0134 0724 nvstor64 - ok19:18:12.0174 0724 nvsvc (43bc8151893ae6afe42e149d663c2221) C:\Windows\system32\nvvsvc.exe19:18:12.0184 0724 nvsvc - ok19:18:12.0214 0724 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys19:18:12.0224 0724 nv_agp - ok19:18:12.0294 0724 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE19:18:12.0334 0724 odserv - ok19:18:12.0374 0724 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys19:18:12.0404 0724 ohci1394 - ok19:18:12.0614 0724 OnlineStorageService (a2d9f8d912d8c47425c8f9a726b6f2c3) C:\Program Files\Trend Micro SafeSync\hrfscore.exe19:18:12.0714 0724 OnlineStorageService - ok19:18:12.0764 0724 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE19:18:12.0784 0724 ose - ok19:18:12.0804 0724 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll19:18:12.0844 0724 p2pimsvc - ok19:18:12.0864 0724 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll19:18:12.0884 0724 p2psvc - ok19:18:12.0914 0724 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys19:18:12.0934 0724 Parport - ok19:18:12.0974 0724 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys19:18:13.0024 0724 partmgr - ok19:18:13.0044 0724 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll19:18:13.0084 0724 PcaSvc - ok19:18:13.0124 0724 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys19:18:13.0144 0724 pci - ok19:18:13.0184 0724 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys19:18:13.0194 0724 pciide - ok19:18:13.0214 0724 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys19:18:13.0234 0724 pcmcia - ok19:18:13.0244 0724 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys19:18:13.0254 0724 pcw - ok19:18:13.0284 0724 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys19:18:13.0334 0724 PEAUTH - ok19:18:13.0374 0724 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe19:18:13.0404 0724 PerfHost - ok19:18:13.0484 0724 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll19:18:13.0594 0724 pla - ok19:18:13.0694 0724 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll19:18:13.0774 0724 PlugPlay - ok19:18:13.0814 0724 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll19:18:13.0834 0724 PNRPAutoReg - ok19:18:13.0874 0724 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll19:18:13.0904 0724 PNRPsvc - ok19:18:14.0244 0724 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll19:18:14.0324 0724 PolicyAgent - ok19:18:14.0354 0724 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll19:18:14.0394 0724 Power - ok19:18:14.0424 0724 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys19:18:14.0474 0724 PptpMiniport - ok19:18:14.0494 0724 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys19:18:14.0524 0724 Processor - ok19:18:14.0554 0724 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll19:18:14.0604 0724 ProfSvc - ok19:18:14.0634 0724 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe19:18:14.0654 0724 ProtectedStorage - ok19:18:14.0684 0724 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys19:18:14.0714 0724 Psched - ok19:18:14.0794 0724 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe19:18:14.0814 0724 PSI_SVC_2 - ok19:18:14.0844 0724 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys19:18:14.0894 0724 ql2300 - ok19:18:14.0904 0724 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys19:18:14.0924 0724 ql40xx - ok19:18:14.0944 0724 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll19:18:14.0974 0724 QWAVE - ok19:18:15.0004 0724 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys19:18:15.0024 0724 QWAVEdrv - ok19:18:15.0044 0724 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys19:18:15.0084 0724 RasAcd - ok19:18:15.0114 0724 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys19:18:15.0144 0724 RasAgileVpn - ok19:18:15.0164 0724 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll19:18:15.0214 0724 RasAuto - ok19:18:15.0244 0724 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys19:18:15.0294 0724 Rasl2tp - ok19:18:15.0344 0724 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll19:18:15.0414 0724 RasMan - ok19:18:15.0434 0724 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys19:18:15.0474 0724 RasPppoe - ok19:18:15.0494 0724 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys19:18:15.0524 0724 RasSstp - ok19:18:15.0564 0724 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys19:18:15.0604 0724 rdbss - ok19:18:15.0624 0724 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys19:18:15.0644 0724 rdpbus - ok19:18:15.0664 0724 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys19:18:15.0694 0724 RDPCDD - ok19:18:15.0714 0724 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys19:18:15.0774 0724 RDPENCDD - ok19:18:15.0784 0724 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys19:18:15.0814 0724 RDPREFMP - ok19:18:15.0854 0724 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys19:18:15.0894 0724 RDPWD - ok19:18:15.0934 0724 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys19:18:15.0974 0724 rdyboost - ok19:18:16.0004 0724 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll19:18:16.0044 0724 RemoteAccess - ok19:18:16.0074 0724 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll19:18:16.0114 0724 RemoteRegistry - ok19:18:16.0144 0724 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll19:18:16.0184 0724 RpcEptMapper - ok19:18:16.0194 0724 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe19:18:16.0234 0724 RpcLocator - ok19:18:16.0284 0724 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll19:18:16.0324 0724 RpcSs - ok19:18:16.0334 0724 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys19:18:16.0374 0724 rspndr - ok19:18:16.0404 0724 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe19:18:16.0424 0724 SamSs - ok19:18:16.0464 0724 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys19:18:16.0474 0724 sbp2port - ok19:18:16.0524 0724 SBRE (fd833bee2fd9befdc0afd1941a306d9e) C:\Windows\system32\drivers\SBREdrv.sys19:18:16.0544 0724 SBRE - ok19:18:16.0564 0724 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll19:18:16.0604 0724 SCardSvr - ok19:18:16.0644 0724 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys19:18:16.0684 0724 scfilter - ok19:18:16.0724 0724 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll19:18:16.0804 0724 Schedule - ok19:18:16.0844 0724 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll19:18:16.0874 0724 SCPolicySvc - ok19:18:16.0904 0724 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll19:18:16.0934 0724 SDRSVC - ok19:18:16.0964 0724 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys19:18:16.0994 0724 secdrv - ok19:18:17.0014 0724 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll19:18:17.0054 0724 seclogon - ok19:18:17.0094 0724 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll19:18:17.0124 0724 SENS - ok19:18:17.0154 0724 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll19:18:17.0164 0724 SensrSvc - ok19:18:17.0184 0724 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys19:18:17.0214 0724 Serenum - ok19:18:17.0234 0724 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys19:18:17.0254 0724 Serial - ok19:18:17.0304 0724 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys19:18:17.0324 0724 sermouse - ok19:18:17.0364 0724 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll19:18:17.0404 0724 SessionEnv - ok19:18:17.0424 0724 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys19:18:17.0454 0724 sffdisk - ok19:18:17.0474 0724 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys19:18:17.0484 0724 sffp_mmc - ok19:18:17.0494 0724 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys19:18:17.0534 0724 sffp_sd - ok19:18:17.0544 0724 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys19:18:17.0564 0724 sfloppy - ok19:18:17.0624 0724 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll19:18:17.0714 0724 SharedAccess - ok19:18:17.0734 0724 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll19:18:17.0774 0724 ShellHWDetection - ok19:18:17.0804 0724 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys19:18:17.0814 0724 SiSRaid2 - ok19:18:17.0824 0724 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys19:18:17.0844 0724 SiSRaid4 - ok19:18:17.0924 0724 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe19:18:17.0944 0724 SkypeUpdate - ok19:18:17.0964 0724 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys19:18:18.0004 0724 Smb - ok19:18:18.0034 0724 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe19:18:18.0054 0724 SNMPTRAP - ok19:18:18.0064 0724 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys19:18:18.0084 0724 spldr - ok19:18:18.0104 0724 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe19:18:18.0144 0724 Spooler - ok19:18:18.0244 0724 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe19:18:18.0324 0724 sppsvc - ok19:18:18.0344 0724 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll19:18:18.0374 0724 sppuinotify - ok19:18:18.0424 0724 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys19:18:18.0484 0724 srv - ok19:18:18.0514 0724 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys19:18:18.0544 0724 srv2 - ok19:18:18.0564 0724 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys19:18:18.0584 0724 srvnet - ok19:18:18.0614 0724 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll19:18:18.0664 0724 SSDPSRV - ok19:18:18.0674 0724 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll19:18:18.0714 0724 SstpSvc - ok19:18:18.0734 0724 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys19:18:18.0744 0724 stexstor - ok19:18:18.0794 0724 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll19:18:18.0824 0724 stisvc - ok19:18:18.0864 0724 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys19:18:18.0874 0724 swenum - ok19:18:18.0894 0724 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll19:18:18.0944 0724 swprv - ok19:18:18.0994 0724 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll19:18:19.0074 0724 SysMain - ok19:18:19.0104 0724 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll19:18:19.0124 0724 TabletInputService - ok19:18:19.0144 0724 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll19:18:19.0184 0724 TapiSrv - ok19:18:19.0204 0724 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll19:18:19.0244 0724 TBS - ok19:18:19.0314 0724 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys19:18:19.0374 0724 Tcpip - ok19:18:19.0414 0724 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys19:18:19.0454 0724 TCPIP6 - ok19:18:19.0494 0724 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys19:18:19.0524 0724 tcpipreg - ok19:18:19.0544 0724 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys19:18:19.0574 0724 TDPIPE - ok19:18:19.0620 0724 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys19:18:19.0636 0724 TDTCP - ok19:18:19.0676 0724 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys19:18:19.0706 0724 tdx - ok19:18:19.0726 0724 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys19:18:19.0742 0724 TermDD - ok19:18:19.0788 0724 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll19:18:19.0828 0724 TermService - ok19:18:19.0848 0724 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll19:18:19.0878 0724 Themes - ok19:18:19.0898 0724 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll19:18:19.0950 0724 THREADORDER - ok19:18:19.0990 0724 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys19:18:20.0010 0724 tmactmon - ok19:18:20.0040 0724 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys19:18:20.0060 0724 tmcomm - ok19:18:20.0070 0724 tmeevw (1161f882b3cfa8076870a09924e0adc2) C:\Windows\system32\DRIVERS\tmeevw.sys19:18:20.0080 0724 tmeevw - ok19:18:20.0100 0724 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys19:18:20.0110 0724 tmevtmgr - ok19:18:20.0150 0724 tmnciesc (f0ae672ee91e7f1ef24644621b57ca7f) C:\Windows\system32\DRIVERS\tmnciesc.sys19:18:20.0160 0724 tmnciesc - ok19:18:20.0250 0724 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys19:18:20.0287 0724 tmtdi - ok19:18:20.0301 0724 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll19:18:20.0332 0724 TrkWks - ok19:18:20.0372 0724 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe19:18:20.0442 0724 TrustedInstaller - ok19:18:20.0482 0724 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys19:18:20.0522 0724 tssecsrv - ok19:18:20.0582 0724 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys19:18:20.0622 0724 TsUsbFlt - ok19:18:20.0672 0724 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys19:18:20.0742 0724 tunnel - ok19:18:20.0762 0724 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys19:18:20.0782 0724 uagp35 - ok19:18:20.0822 0724 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys19:18:20.0862 0724 udfs - ok19:18:20.0882 0724 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe19:18:20.0902 0724 UI0Detect - ok19:18:20.0952 0724 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys19:18:20.0982 0724 uliagpkx - ok19:18:21.0002 0724 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys19:18:21.0032 0724 umbus - ok19:18:21.0052 0724 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys19:18:21.0072 0724 UmPass - ok19:18:21.0132 0724 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe19:18:21.0142 0724 Updater Service - ok19:18:21.0172 0724 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll19:18:21.0222 0724 upnphost - ok19:18:21.0262 0724 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys19:18:21.0302 0724 usbaudio - ok19:18:21.0332 0724 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys19:18:21.0382 0724 usbccgp - ok19:18:21.0412 0724 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys19:18:21.0452 0724 usbcir - ok19:18:21.0472 0724 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys19:18:21.0492 0724 usbehci - ok19:18:21.0522 0724 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys19:18:21.0552 0724 usbhub - ok19:18:21.0562 0724 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys19:18:21.0582 0724 usbohci - ok19:18:21.0592 0724 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys19:18:21.0622 0724 usbprint - ok19:18:21.0652 0724 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys19:18:21.0682 0724 usbscan - ok19:18:21.0692 0724 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS19:18:21.0722 0724 USBSTOR - ok19:18:21.0742 0724 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys19:18:21.0762 0724 usbuhci - ok19:18:21.0792 0724 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys19:18:21.0812 0724 usbvideo - ok19:18:21.0832 0724 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll19:18:21.0882 0724 UxSms - ok19:18:21.0932 0724 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe19:18:21.0942 0724 VaultSvc - ok19:18:21.0952 0724 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys19:18:21.0972 0724 vdrvroot - ok19:18:22.0012 0724 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe19:18:22.0052 0724 vds - ok19:18:22.0082 0724 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys19:18:22.0102 0724 vga - ok19:18:22.0122 0724 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys19:18:22.0162 0724 VgaSave - ok19:18:22.0192 0724 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys19:18:22.0202 0724 vhdmp - ok19:18:22.0242 0724 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys19:18:22.0252 0724 viaide - ok19:18:22.0272 0724 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys19:18:22.0292 0724 volmgr - ok19:18:22.0322 0724 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys19:18:22.0342 0724 volmgrx - ok19:18:22.0362 0724 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys19:18:22.0382 0724 volsnap - ok19:18:22.0402 0724 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys19:18:22.0422 0724 vsmraid - ok19:18:22.0472 0724 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe19:18:22.0522 0724 VSS - ok19:18:22.0542 0724 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys19:18:22.0562 0724 vwifibus - ok19:18:22.0602 0724 vzandnetdiag (81843561a47a00aa302bfb7c5b678126) C:\Windows\system32\DRIVERS\lgvzandnetdiag64.sys19:18:22.0632 0724 vzandnetdiag - ok19:18:22.0672 0724 vzandnetmodem (818ca779c2457f328335fa48d507ef07) C:\Windows\system32\DRIVERS\lgvzandnetmdm64.sys19:18:22.0692 0724 vzandnetmodem - ok19:18:22.0742 0724 vzandnetndis (2862f437e09e0ddb3a9772abc57f160d) C:\Windows\system32\DRIVERS\lgvzandnetndis64.sys19:18:22.0782 0724 vzandnetndis - ok19:18:22.0822 0724 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll19:18:22.0862 0724 W32Time - ok19:18:22.0882 0724 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys19:18:22.0912 0724 WacomPen - ok19:18:22.0962 0724 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys19:18:23.0042 0724 WANARP - ok19:18:23.0042 0724 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys19:18:23.0082 0724 Wanarpv6 - ok19:18:23.0152 0724 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe19:18:23.0212 0724 WatAdminSvc - ok19:18:23.0282 0724 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe19:18:23.0362 0724 wbengine - ok19:18:23.0392 0724 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll19:18:23.0412 0724 WbioSrvc - ok19:18:23.0462 0724 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll19:18:23.0502 0724 wcncsvc - ok19:18:23.0512 0724 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll19:18:23.0542 0724 WcsPlugInService - ok19:18:23.0562 0724 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys19:18:23.0572 0724 Wd - ok19:18:23.0602 0724 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys19:18:23.0622 0724 Wdf01000 - ok19:18:23.0642 0724 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll19:18:23.0712 0724 WdiServiceHost - ok19:18:23.0712 0724 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll19:18:23.0732 0724 WdiSystemHost - ok19:18:23.0782 0724 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll19:18:23.0832 0724 WebClient - ok19:18:23.0842 0724 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll19:18:23.0882 0724 Wecsvc - ok19:18:23.0902 0724 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll19:18:23.0942 0724 wercplsupport - ok19:18:23.0972 0724 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll19:18:24.0012 0724 WerSvc - ok19:18:24.0032 0724 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys19:18:24.0062 0724 WfpLwf - ok19:18:24.0092 0724 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys19:18:24.0102 0724 WIMMount - ok19:18:24.0132 0724 WinDefend - ok19:18:24.0142 0724 WinHttpAutoProxySvc - ok19:18:24.0192 0724 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll19:18:24.0272 0724 Winmgmt - ok19:18:24.0332 0724 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll19:18:24.0422 0724 WinRM - ok19:18:24.0462 0724 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll19:18:24.0512 0724 Wlansvc - ok19:18:24.0682 0724 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE19:18:24.0732 0724 wlidsvc - ok19:18:24.0792 0724 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys19:18:24.0822 0724 WmiAcpi - ok19:18:24.0852 0724 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe19:18:24.0872 0724 wmiApSrv - ok19:18:24.0892 0724 WMPNetworkSvc - ok19:18:24.0922 0724 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll19:18:24.0952 0724 WPCSvc - ok19:18:24.0992 0724 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll19:18:25.0012 0724 WPDBusEnum - ok19:18:25.0032 0724 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys19:18:25.0072 0724 ws2ifsl - ok19:18:25.0092 0724 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll19:18:25.0192 0724 wscsvc - ok19:18:25.0202 0724 WSearch - ok19:18:25.0274 0724 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll19:18:25.0374 0724 wuauserv - ok19:18:25.0404 0724 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys19:18:25.0454 0724 WudfPf - ok19:18:25.0524 0724 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys19:18:25.0564 0724 WUDFRd - ok19:18:25.0604 0724 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll19:18:25.0684 0724 wudfsvc - ok19:18:25.0714 0724 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll19:18:25.0744 0724 WwanSvc - ok19:18:25.0764 0724 MBR (0x1B8) (70e629b51c16b3c007730c6ae57144c9) \Device\Harddisk0\DR019:18:25.0804 0724 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected19:18:25.0804 0724 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)19:18:25.0914 0724 \Device\Harddisk0\DR0 ( TDSS File System ) - warning19:18:25.0914 0724 \Device\Harddisk0\DR0 - detected TDSS File System (1)19:18:25.0944 0724 Boot (0x1200) (675ba951cd76f245a3d534b4b59972e1) \Device\Harddisk0\DR0\Partition019:18:25.0954 0724 \Device\Harddisk0\DR0\Partition0 - ok19:18:25.0974 0724 Boot (0x1200) (9f0fb2c262b52f654cf00ceda579062f) \Device\Harddisk0\DR0\Partition119:18:25.0974 0724 \Device\Harddisk0\DR0\Partition1 - ok19:18:25.0974 0724 ============================================================19:18:25.0974 0724 Scan finished19:18:25.0974 0724 ============================================================19:18:25.0984 4716 Detected object count: 419:18:25.0984 4716 Actual detected object count: 419:23:48.0294 4716 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - skipped by user19:23:48.0294 4716 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - User select action: Skip19:23:48.0304 4716 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - skipped by user19:23:48.0304 4716 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - User select action: Skip19:23:51.0044 4716 \Device\Harddisk0\DR0\# - copied to quarantine19:23:51.0054 4716 \Device\Harddisk0\DR0 - copied to quarantine19:23:51.0144 4716 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine19:23:51.0154 4716 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine19:23:51.0164 4716 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine19:23:51.0174 4716 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine19:23:51.0174 4716 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine19:23:51.0184 4716 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine19:23:56.0866 4716 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine19:23:58.0900 4716 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine19:24:06.0368 4716 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine19:24:14.0329 4716 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine19:24:19.0780 4716 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine19:24:26.0282 4716 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine19:24:32.0262 4716 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine19:24:32.0282 4716 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine19:24:32.0292 4716 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine19:24:32.0302 4716 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine19:24:32.0312 4716 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine19:24:32.0392 4716 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine19:24:38.0138 4716 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine19:24:38.0226 4716 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine19:24:38.0308 4716 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine19:24:38.0348 4716 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine19:24:38.0378 4716 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine19:24:38.0428 4716 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine19:24:38.0478 4716 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot19:24:38.0498 4716 \Device\Harddisk0\DR0 - ok19:24:38.0888 4716 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure19:24:38.0898 4716 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user19:24:38.0898 4716 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip19:25:33.0671 5068 Deinitialize success Link to post Share on other sites More sharing options...
LDTate Posted April 12, 2012 ID:541908 Share Posted April 12, 2012 Reboot, run TDSSKiller again and fix these two.19:24:38.0898 4716 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user19:24:38.0898 4716 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip Link to post Share on other sites More sharing options...
moonlitelace Posted April 12, 2012 Author ID:542149 Share Posted April 12, 2012 Neither one of them is showing up during the scan anymore. Originally when I did it, my virus protection blocked them from being opened.16:37:14.0834 3184 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:0516:37:15.0006 3184 ============================================================16:37:15.0006 3184 Current date / time: 2012/04/12 16:37:15.000616:37:15.0006 3184 SystemInfo:16:37:15.0006 3184 16:37:15.0006 3184 OS Version: 6.1.7601 ServicePack: 1.016:37:15.0006 3184 Product type: Workstation16:37:15.0006 3184 ComputerName: OROAK-PC16:37:15.0006 3184 UserName: O'Roak16:37:15.0006 3184 Windows directory: C:\Windows16:37:15.0006 3184 System windows directory: C:\Windows16:37:15.0006 3184 Running under WOW6416:37:15.0006 3184 Processor architecture: Intel x6416:37:15.0006 3184 Number of processors: 216:37:15.0006 3184 Page size: 0x100016:37:15.0006 3184 Boot type: Normal boot16:37:15.0006 3184 ============================================================16:37:16.0020 3184 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004016:37:16.0067 3184 \Device\Harddisk0\DR0:16:37:16.0082 3184 MBR used16:37:16.0082 3184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x3200016:37:16.0082 3184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x5570EEF016:37:16.0114 3184 Initialize success16:37:16.0114 3184 ============================================================16:37:21.0355 3396 ============================================================16:37:21.0355 3396 Scan started16:37:21.0355 3396 Mode: Manual; SigCheck; TDLFS;16:37:21.0355 3396 ============================================================16:37:31.0230 3396 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys16:37:31.0402 3396 1394ohci - ok16:37:31.0495 3396 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys16:37:31.0511 3396 ACPI - ok16:37:31.0573 3396 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys16:37:31.0901 3396 AcpiPmi - ok16:37:32.0010 3396 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe16:37:32.0010 3396 AdobeARMservice - ok16:37:32.0135 3396 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe16:37:32.0166 3396 AdobeFlashPlayerUpdateSvc - ok16:37:32.0228 3396 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys16:37:32.0244 3396 adp94xx - ok16:37:32.0275 3396 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys16:37:32.0291 3396 adpahci - ok16:37:32.0306 3396 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys16:37:32.0322 3396 adpu320 - ok16:37:32.0353 3396 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll16:37:32.0447 3396 AeLookupSvc - ok16:37:32.0509 3396 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys16:37:32.0556 3396 AFD - ok16:37:32.0587 3396 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys16:37:32.0603 3396 agp440 - ok16:37:32.0634 3396 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe16:37:32.0821 3396 ALG - ok16:37:32.0837 3396 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys16:37:32.0852 3396 aliide - ok16:37:32.0884 3396 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys16:37:32.0899 3396 amdide - ok16:37:32.0930 3396 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys16:37:32.0962 3396 AmdK8 - ok16:37:32.0962 3396 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys16:37:32.0993 3396 AmdPPM - ok16:37:33.0040 3396 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys16:37:33.0055 3396 amdsata - ok16:37:33.0086 3396 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys16:37:33.0102 3396 amdsbs - ok16:37:33.0133 3396 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys16:37:33.0133 3396 amdxata - ok16:37:33.0211 3396 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe16:37:33.0305 3396 Amsp - ok16:37:33.0352 3396 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys16:37:33.0523 3396 AppID - ok16:37:33.0554 3396 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll16:37:33.0617 3396 AppIDSvc - ok16:37:33.0648 3396 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll16:37:33.0695 3396 Appinfo - ok16:37:33.0835 3396 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe16:37:33.0835 3396 Apple Mobile Device - ok16:37:33.0898 3396 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys16:37:33.0898 3396 arc - ok16:37:33.0929 3396 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys16:37:33.0944 3396 arcsas - ok16:37:33.0976 3396 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys16:37:34.0022 3396 AsyncMac - ok16:37:34.0116 3396 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys16:37:34.0116 3396 atapi - ok16:37:34.0288 3396 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll16:37:34.0366 3396 AudioEndpointBuilder - ok16:37:34.0397 3396 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll16:37:34.0428 3396 AudioSrv - ok16:37:34.0506 3396 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll16:37:34.0646 3396 AxInstSV - ok16:37:34.0693 3396 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys16:37:34.0740 3396 b06bdrv - ok16:37:34.0849 3396 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys16:37:34.0896 3396 b57nd60a - ok16:37:34.0958 3396 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll16:37:34.0990 3396 BDESVC - ok16:37:35.0036 3396 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys16:37:35.0083 3396 Beep - ok16:37:35.0146 3396 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll16:37:35.0208 3396 BFE - ok16:37:35.0302 3396 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll16:37:35.0380 3396 BITS - ok16:37:35.0395 3396 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys16:37:35.0426 3396 blbdrive - ok16:37:35.0551 3396 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe16:37:35.0567 3396 Bonjour Service - ok16:37:35.0660 3396 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys16:37:35.0676 3396 bowser - ok16:37:35.0738 3396 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys16:37:35.0957 3396 BrFiltLo - ok16:37:36.0050 3396 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys16:37:36.0113 3396 BrFiltUp - ok16:37:36.0222 3396 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll16:37:36.0300 3396 Browser - ok16:37:36.0440 3396 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys16:37:36.0565 3396 Brserid - ok16:37:36.0690 3396 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys16:37:36.0752 3396 BrSerWdm - ok16:37:36.0955 3396 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys16:37:37.0002 3396 BrUsbMdm - ok16:37:37.0298 3396 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys16:37:37.0361 3396 BrUsbSer - ok16:37:37.0657 3396 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys16:37:37.0704 3396 BTHMODEM - ok16:37:37.0766 3396 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll16:37:37.0798 3396 bthserv - ok16:37:38.0016 3396 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys16:37:38.0063 3396 cdfs - ok16:37:38.0141 3396 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys16:37:38.0172 3396 cdrom - ok16:37:38.0281 3396 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll16:37:38.0344 3396 CertPropSvc - ok16:37:38.0422 3396 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys16:37:38.0437 3396 circlass - ok16:37:38.0624 3396 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys16:37:38.0640 3396 CLFS - ok16:37:38.0734 3396 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe16:37:38.0749 3396 clr_optimization_v2.0.50727_32 - ok16:37:38.0843 3396 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe16:37:38.0858 3396 clr_optimization_v2.0.50727_64 - ok16:37:38.0983 3396 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe16:37:39.0139 3396 clr_optimization_v4.0.30319_32 - ok16:37:39.0326 3396 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe16:37:39.0436 3396 clr_optimization_v4.0.30319_64 - ok16:37:39.0607 3396 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys16:37:39.0623 3396 CmBatt - ok16:37:39.0716 3396 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys16:37:39.0732 3396 cmdide - ok16:37:39.0982 3396 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys16:37:40.0044 3396 CNG - ok16:37:40.0138 3396 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys16:37:40.0153 3396 Compbatt - ok16:37:40.0262 3396 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys16:37:40.0294 3396 CompositeBus - ok16:37:40.0606 3396 COMSysApp - ok16:37:40.0855 3396 CorelCreatorMessages (7861e0bd7fba89d40dc76321613e7481) C:\Windows\system32\CorelCreatorMessages.exe16:37:40.0980 3396 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - warning16:37:40.0980 3396 CorelCreatorMessages - detected UnsignedFile.Multi.Generic (1)16:37:41.0152 3396 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys16:37:41.0183 3396 crcdisk - ok16:37:41.0432 3396 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll16:37:41.0526 3396 CryptSvc - ok16:37:41.0791 3396 DAZContentManagementService (958ef96991abccfdac0953c4a24081dc) C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe16:37:41.0854 3396 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - warning16:37:41.0854 3396 DAZContentManagementService - detected UnsignedFile.Multi.Generic (1)16:37:42.0275 3396 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll16:37:42.0415 3396 DcomLaunch - ok16:37:42.0602 3396 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll16:37:42.0727 3396 defragsvc - ok16:37:42.0930 3396 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys16:37:43.0039 3396 DfsC - ok16:37:43.0226 3396 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll16:37:43.0336 3396 Dhcp - ok16:37:43.0554 3396 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys16:37:43.0648 3396 discache - ok16:37:43.0835 3396 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys16:37:43.0866 3396 Disk - ok16:37:43.0928 3396 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll16:37:44.0084 3396 Dnscache - ok16:37:44.0225 3396 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll16:37:44.0412 3396 dot3svc - ok16:37:44.0521 3396 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll16:37:44.0599 3396 DPS - ok16:37:44.0755 3396 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys16:37:44.0818 3396 drmkaud - ok16:37:44.0989 3396 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys16:37:45.0036 3396 DXGKrnl - ok16:37:45.0208 3396 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll16:37:45.0332 3396 EapHost - ok16:37:45.0816 3396 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys16:37:45.0925 3396 ebdrv - ok16:37:46.0019 3396 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe16:37:46.0144 3396 EFS - ok16:37:46.0300 3396 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe16:37:46.0471 3396 ehRecvr - ok16:37:46.0549 3396 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe16:37:46.0627 3396 ehSched - ok16:37:46.0783 3396 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys16:37:46.0830 3396 elxstor - ok16:37:46.0924 3396 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys16:37:46.0986 3396 ErrDev - ok16:37:47.0095 3396 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll16:37:47.0173 3396 EventSystem - ok16:37:47.0220 3396 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys16:37:47.0267 3396 exfat - ok16:37:47.0314 3396 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys16:37:47.0376 3396 fastfat - ok16:37:47.0563 3396 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe16:37:47.0641 3396 Fax - ok16:37:47.0688 3396 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys16:37:47.0750 3396 fdc - ok16:37:47.0797 3396 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll16:37:47.0860 3396 fdPHost - ok16:37:47.0891 3396 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll16:37:47.0953 3396 FDResPub - ok16:37:48.0016 3396 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys16:37:48.0062 3396 FileInfo - ok16:37:48.0109 3396 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys16:37:48.0203 3396 Filetrace - ok16:37:48.0265 3396 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys16:37:48.0312 3396 flpydisk - ok16:37:48.0406 3396 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys16:37:48.0437 3396 FltMgr - ok16:37:48.0593 3396 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll16:37:48.0733 3396 FontCache - ok16:37:48.0858 3396 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe16:37:48.0874 3396 FontCache3.0.0.0 - ok16:37:49.0014 3396 ForceWare Intelligent Application Manager (IAM) (a9ff65ea14e4cabfcc1bb8ece111a249) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe16:37:49.0076 3396 ForceWare Intelligent Application Manager (IAM) - ok16:37:49.0201 3396 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys16:37:49.0232 3396 FsDepends - ok16:37:49.0295 3396 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys16:37:49.0326 3396 Fs_Rec - ok16:37:49.0404 3396 FTDIBUS (ed07200cff78facfb66ebb0b89f503a4) C:\Windows\system32\drivers\ftdibus.sys16:37:49.0404 3396 FTDIBUS - ok16:37:49.0529 3396 FTSER2K (9980e7584484a009e77e9bfa14c0c18a) C:\Windows\system32\drivers\ftser2k.sys16:37:49.0576 3396 FTSER2K - ok16:37:49.0685 3396 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys16:37:49.0716 3396 fvevol - ok16:37:49.0763 3396 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys16:37:49.0778 3396 gagp30kx - ok16:37:49.0919 3396 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys16:37:49.0934 3396 GEARAspiWDM - ok16:37:49.0997 3396 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll16:37:50.0106 3396 gpsvc - ok16:37:50.0324 3396 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe16:37:50.0402 3396 Greg_Service - ok16:37:50.0543 3396 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys16:37:50.0605 3396 hcw85cir - ok16:37:50.0714 3396 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys16:37:50.0777 3396 HdAudAddService - ok16:37:50.0824 3396 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys16:37:50.0902 3396 HDAudBus - ok16:37:50.0964 3396 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys16:37:51.0026 3396 HidBatt - ok16:37:51.0104 3396 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys16:37:51.0182 3396 HidBth - ok16:37:51.0260 3396 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys16:37:51.0323 3396 HidIr - ok16:37:51.0385 3396 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll16:37:51.0479 3396 hidserv - ok16:37:51.0572 3396 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys16:37:51.0604 3396 HidUsb - ok16:37:51.0666 3396 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll16:37:51.0760 3396 hkmsvc - ok16:37:51.0791 3396 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll16:37:51.0884 3396 HomeGroupListener - ok16:37:51.0978 3396 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll16:37:52.0040 3396 HomeGroupProvider - ok16:37:52.0118 3396 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys16:37:52.0150 3396 HpSAMD - ok16:37:52.0259 3396 hrfsmrx (b790afc0d0437ffd94126f06eb48e7e6) C:\Windows\System32\Drivers\hrfsmrx.sys16:37:52.0274 3396 hrfsmrx - ok16:37:52.0368 3396 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys16:37:52.0446 3396 HTTP - ok16:37:52.0493 3396 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys16:37:52.0524 3396 hwpolicy - ok16:37:52.0602 3396 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys16:37:52.0618 3396 i8042prt - ok16:37:52.0696 3396 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys16:37:52.0727 3396 iaStorV - ok16:37:52.0883 3396 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe16:37:52.0992 3396 idsvc - ok16:37:53.0023 3396 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys16:37:53.0039 3396 iirsp - ok16:37:53.0164 3396 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll16:37:53.0257 3396 IKEEXT - ok16:37:53.0429 3396 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys16:37:53.0460 3396 IntcAzAudAddService - ok16:37:53.0522 3396 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys16:37:53.0522 3396 intelide - ok16:37:53.0632 3396 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys16:37:53.0678 3396 intelppm - ok16:37:53.0725 3396 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll16:37:53.0834 3396 IPBusEnum - ok16:37:53.0897 3396 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys16:37:53.0975 3396 IpFilterDriver - ok16:37:54.0100 3396 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll16:37:54.0162 3396 iphlpsvc - ok16:37:54.0224 3396 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys16:37:54.0271 3396 IPMIDRV - ok16:37:54.0443 3396 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys16:37:54.0521 3396 IPNAT - ok16:37:54.0739 3396 iPod Service (fdf57f795098ab29af780824315c9859) C:\Program Files\iPod\bin\iPodService.exe16:37:54.0817 3396 iPod Service - ok16:37:54.0989 3396 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys16:37:55.0145 3396 IRENUM - ok16:37:55.0207 3396 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys16:37:55.0238 3396 isapnp - ok16:37:55.0348 3396 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys16:37:55.0394 3396 iScsiPrt - ok16:37:55.0504 3396 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys16:37:55.0519 3396 kbdclass - ok16:37:55.0628 3396 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys16:37:55.0644 3396 kbdhid - ok16:37:55.0691 3396 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe16:37:55.0706 3396 KeyIso - ok16:37:55.0722 3396 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys16:37:55.0753 3396 KSecDD - ok16:37:55.0816 3396 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys16:37:55.0847 3396 KSecPkg - ok16:37:55.0972 3396 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys16:37:56.0065 3396 ksthunk - ok16:37:56.0190 3396 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll16:37:56.0299 3396 KtmRm - ok16:37:56.0455 3396 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll16:37:56.0549 3396 LanmanServer - ok16:37:56.0720 3396 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll16:37:56.0830 3396 LanmanWorkstation - ok16:37:57.0032 3396 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys16:37:57.0095 3396 Lavasoft Kernexplorer - ok16:37:57.0204 3396 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys16:37:57.0266 3396 lltdio - ok16:37:57.0391 3396 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll16:37:57.0469 3396 lltdsvc - ok16:37:57.0532 3396 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll16:37:57.0625 3396 lmhosts - ok16:37:57.0750 3396 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys16:37:57.0781 3396 LSI_FC - ok16:37:57.0812 3396 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys16:37:57.0844 3396 LSI_SAS - ok16:37:57.0890 3396 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys16:37:57.0890 3396 LSI_SAS2 - ok16:37:58.0000 3396 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys16:37:58.0031 3396 LSI_SCSI - ok16:37:58.0062 3396 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys16:37:58.0156 3396 luafv - ok16:37:58.0234 3396 MBAMProtector - ok16:37:58.0436 3396 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe16:37:58.0483 3396 MBAMService - ok16:37:58.0546 3396 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll16:37:58.0608 3396 Mcx2Svc - ok16:37:58.0655 3396 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys16:37:58.0686 3396 megasas - ok16:37:58.0795 3396 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys16:37:58.0842 3396 MegaSR - ok16:37:59.0014 3396 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll16:37:59.0076 3396 MMCSS - ok16:37:59.0263 3396 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys16:37:59.0372 3396 Modem - ok16:37:59.0513 3396 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys16:37:59.0575 3396 monitor - ok16:37:59.0700 3396 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys16:37:59.0731 3396 mouclass - ok16:37:59.0918 3396 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys16:37:59.0981 3396 mouhid - ok16:38:00.0028 3396 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys16:38:00.0074 3396 mountmgr - ok16:38:00.0152 3396 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys16:38:00.0184 3396 mpio - ok16:38:00.0215 3396 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys16:38:00.0246 3396 mpsdrv - ok16:38:00.0355 3396 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll16:38:00.0433 3396 MpsSvc - ok16:38:00.0542 3396 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys16:38:00.0605 3396 MRxDAV - ok16:38:00.0698 3396 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys16:38:00.0792 3396 mrxsmb - ok16:38:00.0948 3396 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys16:38:01.0010 3396 mrxsmb10 - ok16:38:01.0135 3396 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys16:38:01.0166 3396 mrxsmb20 - ok16:38:01.0260 3396 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys16:38:01.0307 3396 msahci - ok16:38:01.0432 3396 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys16:38:01.0478 3396 msdsm - ok16:38:01.0572 3396 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe16:38:01.0619 3396 MSDTC - ok16:38:01.0900 3396 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys16:38:01.0978 3396 Msfs - ok16:38:02.0149 3396 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys16:38:02.0227 3396 mshidkmdf - ok16:38:02.0383 3396 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys16:38:02.0414 3396 msisadrv - ok16:38:02.0524 3396 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll16:38:02.0617 3396 MSiSCSI - ok16:38:02.0695 3396 msiserver - ok16:38:02.0804 3396 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys16:38:02.0882 3396 MSKSSRV - ok16:38:02.0914 3396 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys16:38:03.0007 3396 MSPCLOCK - ok16:38:03.0038 3396 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys16:38:03.0101 3396 MSPQM - ok16:38:03.0179 3396 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys16:38:03.0226 3396 MsRPC - ok16:38:03.0272 3396 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys16:38:03.0288 3396 mssmbios - ok16:38:03.0350 3396 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys16:38:03.0428 3396 MSTEE - ok16:38:03.0491 3396 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys16:38:03.0538 3396 MTConfig - ok16:38:03.0600 3396 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys16:38:03.0616 3396 Mup - ok16:38:03.0709 3396 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll16:38:03.0787 3396 napagent - ok16:38:03.0912 3396 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys16:38:03.0959 3396 NativeWifiP - ok16:38:04.0084 3396 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys16:38:04.0146 3396 NDIS - ok16:38:04.0224 3396 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys16:38:04.0302 3396 NdisCap - ok16:38:04.0396 3396 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys16:38:04.0458 3396 NdisTapi - ok16:38:04.0536 3396 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys16:38:04.0614 3396 Ndisuio - ok16:38:04.0645 3396 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys16:38:04.0692 3396 NdisWan - ok16:38:04.0770 3396 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys16:38:04.0832 3396 NDProxy - ok16:38:04.0973 3396 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe16:38:05.0051 3396 Nero BackItUp Scheduler 4.0 - ok16:38:05.0144 3396 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys16:38:05.0238 3396 NetBIOS - ok16:38:05.0300 3396 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys16:38:05.0394 3396 NetBT - ok16:38:05.0456 3396 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe16:38:05.0488 3396 Netlogon - ok16:38:05.0534 3396 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll16:38:05.0628 3396 Netman - ok16:38:05.0690 3396 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll16:38:05.0768 3396 netprofm - ok16:38:05.0878 3396 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe16:38:05.0909 3396 NetTcpPortSharing - ok16:38:06.0018 3396 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys16:38:06.0034 3396 nfrd960 - ok16:38:06.0190 3396 NielsenUpdate (c86e60ce7fea4e00891036b29344bc02) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe16:38:06.0236 3396 NielsenUpdate - ok16:38:06.0377 3396 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll16:38:06.0455 3396 NlaSvc - ok16:38:06.0611 3396 nlsX86cc (23688f610a5a16dd8b4d93d2f7bd44f6) C:\Windows\SysWOW64\NLSSRV32.EXE16:38:06.0642 3396 nlsX86cc - ok16:38:06.0767 3396 nnfwdk (3cff736f1f581069a954f7dedb2dfbfa) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys16:38:06.0798 3396 nnfwdk - ok16:38:06.0876 3396 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys16:38:06.0938 3396 Npfs - ok16:38:07.0250 3396 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll16:38:07.0328 3396 nsi - ok16:38:07.0391 3396 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys16:38:07.0453 3396 nsiproxy - ok16:38:07.0578 3396 nSvcIp (c04f5def37e55f6a34428b050f44d3d6) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe16:38:07.0594 3396 nSvcIp - ok16:38:07.0781 3396 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys16:38:07.0843 3396 Ntfs - ok16:38:07.0890 3396 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys16:38:07.0921 3396 Null - ok16:38:07.0984 3396 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys16:38:08.0030 3396 NVENETFD - ok16:38:08.0514 3396 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys16:38:08.0686 3396 nvlddmkm - ok16:38:08.0810 3396 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\Windows\system32\DRIVERS\nvmf6264.sys16:38:08.0826 3396 NVNET - ok16:38:08.0920 3396 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys16:38:08.0951 3396 nvraid - ok16:38:08.0998 3396 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys16:38:09.0029 3396 nvstor - ok16:38:09.0154 3396 nvstor64 (7c7eef51979658ce15bbc04f96a77d56) C:\Windows\system32\DRIVERS\nvstor64.sys16:38:09.0154 3396 nvstor64 - ok16:38:09.0200 3396 nvsvc (43bc8151893ae6afe42e149d663c2221) C:\Windows\system32\nvvsvc.exe16:38:09.0216 3396 nvsvc - ok16:38:09.0232 3396 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys16:38:09.0247 3396 nv_agp - ok16:38:09.0466 3396 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE16:38:09.0497 3396 odserv - ok16:38:09.0528 3396 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys16:38:09.0559 3396 ohci1394 - ok16:38:09.0840 3396 OnlineStorageService (a2d9f8d912d8c47425c8f9a726b6f2c3) C:\Program Files\Trend Micro SafeSync\hrfscore.exe16:38:10.0043 3396 OnlineStorageService - ok16:38:10.0152 3396 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE16:38:10.0183 3396 ose - ok16:38:10.0261 3396 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll16:38:10.0292 3396 p2pimsvc - ok16:38:10.0339 3396 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll16:38:10.0355 3396 p2psvc - ok16:38:10.0386 3396 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys16:38:10.0402 3396 Parport - ok16:38:10.0433 3396 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys16:38:10.0448 3396 partmgr - ok16:38:10.0480 3396 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll16:38:10.0495 3396 PcaSvc - ok16:38:10.0542 3396 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys16:38:10.0558 3396 pci - ok16:38:10.0604 3396 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys16:38:10.0604 3396 pciide - ok16:38:10.0636 3396 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys16:38:10.0651 3396 pcmcia - ok16:38:10.0682 3396 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys16:38:10.0682 3396 pcw - ok16:38:10.0714 3396 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys16:38:10.0760 3396 PEAUTH - ok16:38:10.0807 3396 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe16:38:10.0823 3396 PerfHost - ok16:38:10.0901 3396 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll16:38:10.0948 3396 pla - ok16:38:11.0010 3396 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll16:38:11.0041 3396 PlugPlay - ok16:38:11.0057 3396 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll16:38:11.0072 3396 PNRPAutoReg - ok16:38:11.0088 3396 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll16:38:11.0104 3396 PNRPsvc - ok16:38:11.0135 3396 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll16:38:11.0182 3396 PolicyAgent - ok16:38:11.0244 3396 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll16:38:11.0291 3396 Power - ok16:38:11.0353 3396 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys16:38:11.0400 3396 PptpMiniport - ok16:38:11.0462 3396 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys16:38:11.0494 3396 Processor - ok16:38:11.0540 3396 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll16:38:11.0587 3396 ProfSvc - ok16:38:11.0650 3396 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe16:38:11.0650 3396 ProtectedStorage - ok16:38:11.0728 3396 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys16:38:11.0806 3396 Psched - ok16:38:11.0930 3396 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe16:38:11.0946 3396 PSI_SVC_2 - ok16:38:12.0086 3396 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys16:38:12.0164 3396 ql2300 - ok16:38:12.0196 3396 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys16:38:12.0196 3396 ql40xx - ok16:38:12.0242 3396 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll16:38:12.0274 3396 QWAVE - ok16:38:12.0305 3396 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys16:38:12.0352 3396 QWAVEdrv - ok16:38:12.0445 3396 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys16:38:12.0492 3396 RasAcd - ok16:38:12.0882 3396 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys16:38:12.0913 3396 RasAgileVpn - ok16:38:12.0976 3396 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll16:38:13.0054 3396 RasAuto - ok16:38:13.0490 3396 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys16:38:13.0568 3396 Rasl2tp - ok16:38:13.0600 3396 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll16:38:13.0646 3396 RasMan - ok16:38:13.0678 3396 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys16:38:13.0709 3396 RasPppoe - ok16:38:13.0724 3396 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys16:38:13.0756 3396 RasSstp - ok16:38:13.0818 3396 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys16:38:13.0880 3396 rdbss - ok16:38:13.0943 3396 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys16:38:13.0974 3396 rdpbus - ok16:38:14.0005 3396 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys16:38:14.0036 3396 RDPCDD - ok16:38:14.0099 3396 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys16:38:14.0146 3396 RDPENCDD - ok16:38:14.0177 3396 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys16:38:14.0208 3396 RDPREFMP - ok16:38:14.0255 3396 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys16:38:14.0302 3396 RDPWD - ok16:38:14.0333 3396 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys16:38:14.0348 3396 rdyboost - ok16:38:14.0458 3396 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll16:38:14.0536 3396 RemoteAccess - ok16:38:14.0645 3396 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll16:38:14.0754 3396 RemoteRegistry - ok16:38:14.0832 3396 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll16:38:14.0894 3396 RpcEptMapper - ok16:38:14.0926 3396 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe16:38:14.0941 3396 RpcLocator - ok16:38:14.0988 3396 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll16:38:15.0035 3396 RpcSs - ok16:38:15.0097 3396 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys16:38:15.0160 3396 rspndr - ok16:38:15.0206 3396 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe16:38:15.0222 3396 SamSs - ok16:38:15.0284 3396 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys16:38:15.0284 3396 sbp2port - ok16:38:15.0362 3396 SBRE (fd833bee2fd9befdc0afd1941a306d9e) C:\Windows\system32\drivers\SBREdrv.sys16:38:15.0394 3396 SBRE - ok16:38:15.0425 3396 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll16:38:15.0472 3396 SCardSvr - ok16:38:15.0518 3396 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys16:38:15.0596 3396 scfilter - ok16:38:15.0674 3396 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll16:38:15.0784 3396 Schedule - ok16:38:15.0830 3396 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll16:38:15.0862 3396 SCPolicySvc - ok16:38:15.0893 3396 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll16:38:15.0955 3396 SDRSVC - ok16:38:16.0018 3396 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys16:38:16.0049 3396 secdrv - ok16:38:16.0096 3396 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll16:38:16.0127 3396 seclogon - ok16:38:16.0189 3396 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll16:38:16.0252 3396 SENS - ok16:38:16.0298 3396 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll16:38:16.0314 3396 SensrSvc - ok16:38:16.0361 3396 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys16:38:16.0408 3396 Serenum - ok16:38:16.0470 3396 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys16:38:16.0501 3396 Serial - ok16:38:16.0579 3396 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys16:38:16.0595 3396 sermouse - ok16:38:16.0688 3396 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll16:38:16.0782 3396 SessionEnv - ok16:38:16.0829 3396 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys16:38:16.0844 3396 sffdisk - ok16:38:16.0860 3396 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys16:38:16.0891 3396 sffp_mmc - ok16:38:16.0922 3396 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys16:38:16.0954 3396 sffp_sd - ok16:38:16.0985 3396 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys16:38:17.0000 3396 sfloppy - ok16:38:17.0078 3396 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll16:38:17.0172 3396 SharedAccess - ok16:38:17.0219 3396 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll16:38:17.0266 3396 ShellHWDetection - ok16:38:17.0344 3396 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys16:38:17.0375 3396 SiSRaid2 - ok16:38:17.0406 3396 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys16:38:17.0422 3396 SiSRaid4 - ok16:38:17.0546 3396 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe16:38:17.0562 3396 SkypeUpdate - ok16:38:17.0593 3396 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys16:38:17.0640 3396 Smb - ok16:38:17.0671 3396 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe16:38:17.0702 3396 SNMPTRAP - ok16:38:17.0734 3396 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys16:38:17.0749 3396 spldr - ok16:38:17.0765 3396 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe16:38:17.0796 3396 Spooler - ok16:38:17.0952 3396 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe16:38:18.0077 3396 sppsvc - ok16:38:18.0124 3396 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll16:38:18.0155 3396 sppuinotify - ok16:38:18.0202 3396 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys16:38:18.0233 3396 srv - ok16:38:18.0248 3396 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys16:38:18.0295 3396 srv2 - ok16:38:18.0342 3396 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys16:38:18.0358 3396 srvnet - ok16:38:18.0404 3396 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll16:38:18.0451 3396 SSDPSRV - ok16:38:18.0482 3396 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll16:38:18.0514 3396 SstpSvc - ok16:38:18.0560 3396 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys16:38:18.0576 3396 stexstor - ok16:38:18.0623 3396 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll16:38:18.0685 3396 stisvc - ok16:38:18.0732 3396 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys16:38:18.0763 3396 swenum - ok16:38:18.0810 3396 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll16:38:18.0872 3396 swprv - ok16:38:18.0919 3396 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll16:38:18.0997 3396 SysMain - ok16:38:19.0044 3396 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll16:38:19.0091 3396 TabletInputService - ok16:38:19.0138 3396 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll16:38:19.0184 3396 TapiSrv - ok16:38:19.0216 3396 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll16:38:19.0278 3396 TBS - ok16:38:19.0387 3396 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys16:38:19.0496 3396 Tcpip - ok16:38:19.0574 3396 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys16:38:19.0606 3396 TCPIP6 - ok16:38:19.0949 3396 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys16:38:20.0011 3396 tcpipreg - ok16:38:20.0214 3396 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys16:38:20.0292 3396 TDPIPE - ok16:38:20.0401 3396 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys16:38:20.0464 3396 TDTCP - ok16:38:20.0542 3396 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys16:38:20.0573 3396 tdx - ok16:38:20.0635 3396 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys16:38:20.0651 3396 TermDD - ok16:38:20.0744 3396 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll16:38:20.0838 3396 TermService - ok16:38:20.0869 3396 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll16:38:20.0885 3396 Themes - ok16:38:20.0916 3396 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll16:38:20.0947 3396 THREADORDER - ok16:38:21.0041 3396 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys16:38:21.0041 3396 tmactmon - ok16:38:21.0119 3396 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys16:38:21.0119 3396 tmcomm - ok16:38:21.0181 3396 tmeevw (1161f882b3cfa8076870a09924e0adc2) C:\Windows\system32\DRIVERS\tmeevw.sys16:38:21.0197 3396 tmeevw - ok16:38:21.0244 3396 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys16:38:21.0244 3396 tmevtmgr - ok16:38:21.0290 3396 tmnciesc (f0ae672ee91e7f1ef24644621b57ca7f) C:\Windows\system32\DRIVERS\tmnciesc.sys16:38:21.0306 3396 tmnciesc - ok16:38:21.0337 3396 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys16:38:21.0353 3396 tmtdi - ok16:38:21.0400 3396 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll16:38:21.0446 3396 TrkWks - ok16:38:21.0524 3396 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe16:38:21.0556 3396 TrustedInstaller - ok16:38:21.0618 3396 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys16:38:21.0680 3396 tssecsrv - ok16:38:21.0883 3396 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys16:38:21.0914 3396 TsUsbFlt - ok16:38:22.0086 3396 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys16:38:22.0148 3396 tunnel - ok16:38:22.0242 3396 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys16:38:22.0273 3396 uagp35 - ok16:38:22.0382 3396 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys16:38:23.0162 3396 udfs - ok16:38:23.0209 3396 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe16:38:23.0365 3396 UI0Detect - ok16:38:23.0506 3396 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys16:38:23.0537 3396 uliagpkx - ok16:38:23.0599 3396 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys16:38:23.0615 3396 umbus - ok16:38:23.0693 3396 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys16:38:23.0771 3396 UmPass - ok16:38:23.0833 3396 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe16:38:23.0896 3396 Updater Service - ok16:38:23.0942 3396 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll16:38:24.0052 3396 upnphost - ok16:38:24.0083 3396 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys16:38:24.0130 3396 usbaudio - ok16:38:24.0208 3396 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys16:38:24.0270 3396 usbccgp - ok16:38:24.0332 3396 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys16:38:24.0364 3396 usbcir - ok16:38:24.0395 3396 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys16:38:24.0426 3396 usbehci - ok16:38:24.0473 3396 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys16:38:24.0488 3396 usbhub - ok16:38:24.0551 3396 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys16:38:24.0598 3396 usbohci - ok16:38:24.0629 3396 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys16:38:24.0660 3396 usbprint - ok16:38:24.0707 3396 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys16:38:24.0738 3396 usbscan - ok16:38:24.0769 3396 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS16:38:24.0816 3396 USBSTOR - ok16:38:24.0832 3396 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys16:38:24.0847 3396 usbuhci - ok16:38:25.0019 3396 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys16:38:25.0097 3396 usbvideo - ok16:38:25.0190 3396 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll16:38:25.0268 3396 UxSms - ok16:38:25.0362 3396 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe16:38:25.0393 3396 VaultSvc - ok16:38:25.0471 3396 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys16:38:25.0518 3396 vdrvroot - ok16:38:25.0612 3396 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe16:38:25.0690 3396 vds - ok16:38:25.0721 3396 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys16:38:25.0736 3396 vga - ok16:38:25.0768 3396 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys16:38:25.0814 3396 VgaSave - ok16:38:25.0892 3396 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys16:38:25.0908 3396 vhdmp - ok16:38:25.0970 3396 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys16:38:26.0017 3396 viaide - ok16:38:26.0033 3396 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys16:38:26.0048 3396 volmgr - ok16:38:26.0111 3396 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys16:38:26.0142 3396 volmgrx - ok16:38:26.0220 3396 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys16:38:26.0267 3396 volsnap - ok16:38:26.0360 3396 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys16:38:26.0407 3396 vsmraid - ok16:38:26.0485 3396 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe16:38:26.0548 3396 VSS - ok16:38:26.0563 3396 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys16:38:26.0594 3396 vwifibus - ok16:38:26.0641 3396 vzandnetdiag (81843561a47a00aa302bfb7c5b678126) C:\Windows\system32\DRIVERS\lgvzandnetdiag64.sys16:38:26.0688 3396 vzandnetdiag - ok16:38:26.0719 3396 vzandnetmodem (818ca779c2457f328335fa48d507ef07) C:\Windows\system32\DRIVERS\lgvzandnetmdm64.sys16:38:26.0766 3396 vzandnetmodem - ok16:38:26.0813 3396 vzandnetndis (2862f437e09e0ddb3a9772abc57f160d) C:\Windows\system32\DRIVERS\lgvzandnetndis64.sys16:38:26.0860 3396 vzandnetndis - ok16:38:26.0891 3396 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll16:38:26.0938 3396 W32Time - ok16:38:26.0953 3396 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys16:38:26.0984 3396 WacomPen - ok16:38:27.0031 3396 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys16:38:27.0078 3396 WANARP - ok16:38:27.0078 3396 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys16:38:27.0109 3396 Wanarpv6 - ok16:38:27.0187 3396 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe16:38:27.0234 3396 WatAdminSvc - ok16:38:27.0296 3396 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe16:38:27.0406 3396 wbengine - ok16:38:27.0421 3396 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll16:38:27.0452 3396 WbioSrvc - ok16:38:27.0499 3396 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll16:38:27.0593 3396 wcncsvc - ok16:38:27.0624 3396 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll16:38:27.0640 3396 WcsPlugInService - ok16:38:27.0671 3396 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys16:38:27.0671 3396 Wd - ok16:38:27.0702 3396 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys16:38:27.0733 3396 Wdf01000 - ok16:38:27.0749 3396 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll16:38:27.0811 3396 WdiServiceHost - ok16:38:27.0811 3396 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll16:38:27.0842 3396 WdiSystemHost - ok16:38:27.0874 3396 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll16:38:27.0905 3396 WebClient - ok16:38:27.0920 3396 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll16:38:27.0952 3396 Wecsvc - ok16:38:27.0983 3396 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll16:38:28.0030 3396 wercplsupport - ok16:38:28.0076 3396 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll16:38:28.0108 3396 WerSvc - ok16:38:28.0139 3396 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys16:38:28.0170 3396 WfpLwf - ok16:38:28.0201 3396 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys16:38:28.0217 3396 WIMMount - ok16:38:28.0232 3396 WinDefend - ok16:38:28.0248 3396 WinHttpAutoProxySvc - ok16:38:28.0310 3396 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll16:38:28.0357 3396 Winmgmt - ok16:38:28.0404 3396 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll16:38:28.0498 3396 WinRM - ok16:38:28.0544 3396 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll16:38:28.0576 3396 Wlansvc - ok16:38:28.0778 3396 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE16:38:28.0825 3396 wlidsvc - ok16:38:28.0856 3396 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys16:38:28.0888 3396 WmiAcpi - ok16:38:28.0950 3396 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe16:38:28.0966 3396 wmiApSrv - ok16:38:28.0981 3396 WMPNetworkSvc - ok16:38:29.0028 3396 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll16:38:29.0075 3396 WPCSvc - ok16:38:29.0122 3396 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll16:38:29.0153 3396 WPDBusEnum - ok16:38:29.0184 3396 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys16:38:29.0215 3396 ws2ifsl - ok16:38:29.0246 3396 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll16:38:29.0262 3396 wscsvc - ok16:38:29.0278 3396 WSearch - ok16:38:29.0356 3396 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll16:38:29.0480 3396 wuauserv - ok16:38:29.0512 3396 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys16:38:29.0558 3396 WudfPf - ok16:38:29.0574 3396 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys16:38:29.0605 3396 WUDFRd - ok16:38:29.0621 3396 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll16:38:29.0652 3396 wudfsvc - ok16:38:29.0699 3396 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll16:38:29.0714 3396 WwanSvc - ok16:38:29.0746 3396 MBR (0x1B8) (70e629b51c16b3c007730c6ae57144c9) \Device\Harddisk0\DR016:38:32.0257 3396 \Device\Harddisk0\DR0 - ok16:38:32.0288 3396 Boot (0x1200) (675ba951cd76f245a3d534b4b59972e1) \Device\Harddisk0\DR0\Partition016:38:32.0320 3396 \Device\Harddisk0\DR0\Partition0 - ok16:38:32.0335 3396 Boot (0x1200) (9f0fb2c262b52f654cf00ceda579062f) \Device\Harddisk0\DR0\Partition116:38:32.0335 3396 \Device\Harddisk0\DR0\Partition1 - ok16:38:32.0335 3396 ============================================================16:38:32.0335 3396 Scan finished16:38:32.0335 3396 ============================================================16:38:32.0351 1444 Detected object count: 216:38:32.0351 1444 Actual detected object count: 216:39:26.0077 1444 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - skipped by user16:39:26.0077 1444 CorelCreatorMessages ( UnsignedFile.Multi.Generic ) - User select action: Skip16:39:26.0077 1444 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - skipped by user16:39:26.0077 1444 DAZContentManagementService ( UnsignedFile.Multi.Generic ) - User select action: Skip16:39:37.0637 3132 Deinitialize success Link to post Share on other sites More sharing options...
LDTate Posted April 12, 2012 ID:542153 Share Posted April 12, 2012 Are you still getting the MBAM errors? Link to post Share on other sites More sharing options...
moonlitelace Posted April 13, 2012 Author ID:542228 Share Posted April 13, 2012 Yep, still the error code 2 and 1068, 0, ProtectionInstall/ProtectionEnable errors. Otherwise windows explorer is back to running at about 50,000, my facebook account isn't posting odd links anymore and it's also stopped redirecting whenever I search!!! Thanks Link to post Share on other sites More sharing options...
LDTate Posted April 13, 2012 ID:542299 Share Posted April 13, 2012 Please do the following to see if it resolves the issue: Post back and let us know pleaseDownload and run mbam-clean.exe from here It will ask to restart your computer, please allow it to do so very important After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here Note: You will need to reactivate the program using the license you were sent via email if using the Pro version Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates. Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it. Link to post Share on other sites More sharing options...
moonlitelace Posted April 13, 2012 Author ID:542426 Share Posted April 13, 2012 It's back in the system tray! Link to post Share on other sites More sharing options...
LDTate Posted April 13, 2012 ID:542429 Share Posted April 13, 2012 Please run a new MBAM scan being sure to update before scanning.Post the scan resultsAlso please describe how your computer behaves at the moment.Please don't attach the scans / logs, use "copy/paste". Link to post Share on other sites More sharing options...
moonlitelace Posted April 14, 2012 Author ID:542586 Share Posted April 14, 2012 Everything seems to be back to normal!Malwarebytes Anti-Malware (PRO) 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.04.13.08Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421O'Roak :: OROAK-PC [administrator]Protection: Enabled4/14/2012 8:50:09 AMmbam-log-2012-04-14 (08-50-09).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled:Objects scanned: 212124Time elapsed: 8 minute(s), 31 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
LDTate Posted April 15, 2012 ID:542773 Share Posted April 15, 2012 You can delete TDSSKiller.Here's my usual all clean postTo be on the safe side, I would also change all my passwords. This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.Log looks good Link to post Share on other sites More sharing options...
LDTate Posted April 20, 2012 ID:544577 Share Posted April 20, 2012 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts