cordelia Posted May 1, 2012 ID:547750 Share Posted May 1, 2012 Hello,Yesterday I managed to come down with an ugly mass of malware including Smart Fortress 2012. I downloaded MalwareBytes which thankfully got my computer running again, but is still giving me repeated warnings about blocking Rootkit 0Access.H. Everytime I scan, I find another bunch of the rootkits. Here are my DDS logs:.DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 9.0.8112.16421Run by Sophia at 23:37:53 on 2012-04-30Microsoft Windows 7 Starter 6.1.7600.0.1252.2.1033.18.1015.80 [GMT -7:00].AV: avast! antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}SP: avast! antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\windows\system32\wininit.exeC:\windows\system32\lsm.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k LocalServiceC:\windows\system32\svchost.exe -k NetworkServiceC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\Citrix\ICA Client\ssonsvr.exeC:\windows\system32\Dwm.exeC:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exeC:\windows\Explorer.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Synaptics\SynTP\SynAsusAcpi.exeC:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Alwil Software\Avast4\ashDisp.exeC:\Program Files\Citrix\ICA Client\concentr.exeC:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Windows\WindowsMobile\wmdc.exeC:\windows\system32\igfxsrvc.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\Program Files\Winamp\winampa.exeC:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exeC:\windows\System32\spoolsv.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\windows\system32\taskhost.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\ASUS\Eee Docking\Eee Docking.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\uTorrent\uTorrent.exeC:\Program Files\Citrix\ICA Client\WFCRUN32.EXEC:\Windows\System32\AsusService.exeC:\Program Files\EeePC\SHE\SuperHybridEngine.exeC:\Program Files\Microsoft\BingBar\SeaPort.EXEC:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC:\windows\System32\svchost.exe -k LocalServiceNoNetworkC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\EeePC\HotkeyService\HotKeyMon.exeC:\Program Files\Kodak\AiO\Center\EKAiOHostService.exeC:\windows\system32\svchost.exe -k imgsvcC:\Program Files\TeamViewer\Version5\TeamViewer_Service.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\windows\system32\svchost.exe -k WindowsMobileC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Citrix\ICA Client\PNAMAIN.EXEC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\windows\system32\wbem\wmiprvse.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\windows\system32\svchost.exe -k bthsvcsC:\Program Files\OpenOffice.org 3\program\soffice.exeC:\Program Files\OpenOffice.org 3\program\soffice.binC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Common Files\Java\Java Update\jucheck.exeC:\Program Files\Malwarebytes' Anti-Malware\mbam.exeC:\windows\system32\taskhost.exeC:\Users\Sophia\AppData\Roaming\Google\Google Talk\googletalk.exeC:\windows\system32\conhost.exeC:\Program Files\Opera\opera.exeC:\windows\system32\conhost.exeC:\windows\system32\msiexec.exeC:\windows\System32\svchost.exe -k swprvC:\windows\system32\NOTEPAD.EXEC:\windows\system32\conhost.exeC:\windows\System32\svchost.exe -k WerSvcGroupC:\windows\system32\conhost.exeC:\windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://asus.msn.comuDefault_Page_URL = hxxp://asus.msn.comuWinlogon: Shell=c:\program files\oceanis\systemsetting\WallPaperAgent.exeBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"BHO: Windows 7 Starter Helper: {d381ff29-7cfb-4d4e-b92a-c4eddc696614} - c:\program files\oceanis\systemsetting\StarterHelper.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dllTB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileuRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exeuRun: [googletalk] c:\users\sophia\appdata\roaming\google\google talk\googletalk.exe /autostartuRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZEDmRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exemRun: [synAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exemRun: [superHybridEngine] AsusSender.exe c:\program files\eeepc\she\SuperHybridEngine.exemRun: [HotkeyService] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotkeyService.exemRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exemRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe"mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startupmRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exemRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"mRun: [Conime] %windir%\system32\conime.exemRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exemRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttraymRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\programdata\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScriptStartupFolder: c:\users\sophia\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\asusvi~1.lnk - c:\program files\asus\asusvibe\AsusVibeLauncher.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hotkey~1.lnk - c:\program files\eeepc\hotkeyservice\HotKeyMon.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\online~1.lnk - c:\windows\installer\{b8a2256e-6225-4d9e-b1c9-c26ca1e22feb}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\tmchlang.lnk - c:\program files\trend micro\internet security\TmChLang.exeuPolicies-explorer: HideSCAHealth = 1 (0x1)mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableLUA = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)mPolicies-system: PromptOnSecureDesktop = 0 (0x0)IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htmIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htmIE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dllIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dllIE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dllIE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dllIE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dllIE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLLLSP: mswsock.dllDPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cabDPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100TCP: DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD} : DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\24C454E4A502552434 : DhcpNameServer = 192.168.0.1TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\742796E646 : DhcpNameServer = 192.168.1.1 64.59.150.134TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\751667563734F666665656 : DhcpNameServer = 192.168.1.1TCP: Interfaces\{853186AB-46C4-45FE-B101-4168BC3608D6} : DhcpNameServer = 64.71.255.198 64.71.255.253TCP: Interfaces\{F3DE0D00-0A55-4134-BAD8-1F1FA770FF7B} : DhcpNameServer = 192.168.0.1Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dllNotify: igfxcui - igfxdev.dll.============= SERVICES / DRIVERS ===============.R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-12-5 114768]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-5 20560]R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-12-5 53328]R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-12-6 29472]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888].=============== Created Last 30 ================.2012-05-01 06:32:29 388096 ----a-r- c:\users\sophia\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe2012-05-01 06:32:28 -------- d-----w- c:\program files\Trend Micro2012-05-01 06:22:15 54016 ----a-w- c:\windows\system32\drivers\jxgc.sys2012-04-30 15:53:45 -------- d-----w- c:\users\sophia\appdata\local\{F86687B7-AB8A-4FD4-9535-43E43B885297}2012-04-30 15:52:36 -------- d-----w- c:\users\sophia\appdata\local\{55A5E1F2-E45A-4C22-9824-DDB986C07951}2012-04-30 06:37:26 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-04-30 06:29:43 -------- d-----w- c:\users\sophia\appdata\local\{C2D573D6-F57C-45A5-AA3B-FC96F238D57E}2012-04-30 05:54:23 -------- d-----w- c:\users\sophia\appdata\roaming\Malwarebytes2012-04-30 05:53:57 -------- d-----w- c:\programdata\Malwarebytes2012-04-30 05:53:52 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-04-30 05:53:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-04-30 04:19:54 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys2012-04-30 04:19:53 -------- d-----w- c:\program files\common files\PC Tools2012-04-30 04:19:50 -------- d-----w- c:\program files\PC Tools2012-04-30 04:15:21 -------- d-----w- c:\programdata\PC Tools2012-04-30 04:15:12 -------- d-----w- c:\users\sophia\appdata\roaming\TestApp2012-04-30 04:10:29 87552 ----a-w- c:\programdata\JByNm7Ot.exe2012-04-30 03:50:15 0 --sha-w- c:\windows\system32\dds_trash_log.cmd2012-04-30 03:49:43 -------- d-----w- c:\program files\common files\Media2012-04-30 03:49:37 -------- d-----w- c:\programdata\F4D55F0200049ADC0021DE69A60145BE2012-04-27 21:01:17 6734704 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{38bc171e-8ac5-4f99-8e67-a1c16fba402c}\mpengine.dll2012-04-12 13:42:42 -------- d-----w- c:\users\sophia\appdata\local\{4790FD7E-E933-47BB-A5ED-236E5AB64449}2012-04-11 14:13:43 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys2012-04-11 14:13:42 5120 ----a-w- c:\windows\system32\wmi.dll2012-04-11 14:13:42 172544 ----a-w- c:\windows\system32\wintrust.dll2012-04-11 14:13:41 158720 ----a-w- c:\windows\system32\imagehlp.dll2012-04-11 14:12:45 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-04-11 14:12:40 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe2012-04-06 20:48:23 -------- d-----w- c:\users\sophia\appdata\roaming\OpenOffice.org.==================== Find3M ====================.2012-04-30 06:37:26 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-04-05 04:39:54 472808 ----a-w- c:\windows\system32\deployJava1.dll2012-03-03 00:00:00 197120 ----a-w- c:\windows\system32\bzpdf.dll2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-02-23 17:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe2012-02-15 05:44:57 826368 ----a-w- c:\windows\system32\rdpcore.dll2012-02-15 04:22:43 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-02-15 04:22:18 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys2012-02-10 05:41:38 1074176 ----a-w- c:\windows\system32\DWrite.dll2012-02-10 05:41:20 218624 ----a-w- c:\windows\system32\d3d10_1core.dll2012-02-10 05:41:20 161792 ----a-w- c:\windows\system32\d3d10_1.dll2012-02-10 05:41:20 1170944 ----a-w- c:\windows\system32\d3d10warp.dll2012-02-10 05:41:19 739840 ----a-w- c:\windows\system32\d2d1.dll2012-02-07 18:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX2012-02-03 04:01:58 2341376 ----a-w- c:\windows\system32\win32k.sys.============= FINISH: 23:41:04.07 ===============Thank you very much!Attach.txt Link to post Share on other sites More sharing options...
Maniac Posted May 1, 2012 ID:547778 Share Posted May 1, 2012 Hello cordelia and ! My name is Maniac and I will be glad to help you solve your malware problem.Please note:If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.BACKDOOR WARNINGOne or more of the identified infections is known to use a backdoor.This allows hackers to remotely control your computer, steal critical system information and download and execute files.I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I ReinstallWe can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.Step 1Please uninstall µTorrent, because of our policy:http://forums.malwarebytes.org/index.php?showtopic=97700Step 2Download the latest version of TDSSKiller from here and save it to your Desktop.Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.Click the Start Scan button.If a suspicious object is detected, the default action will be Skip, click on Continue.If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.Step 3Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version. Go to Scanner tab and select Perform Quick Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.In your next reply, post the following log files:TDSSKiller logMalwarebytes' Anti-Malware loga new fresh DDS log file Link to post Share on other sites More sharing options...
cordelia Posted May 2, 2012 Author ID:548101 Share Posted May 2, 2012 Hi Maniac,Thank you so much for your help. I have decided to try and remove the Rootkits before reformatting...I followed your instructions and attached my logs.For the TDSSKiller, none of the three processes found could be cured so I skipped them all. I have attached the log. For MalwareBytes, I followed your instructions and removed the one process found. Here is the log:Malwarebytes Anti-Malware (Trial) 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.05.01.09Windows 7 x86 NTFSInternet Explorer 9.0.8112.16421Sophia :: JONAS-NET [administrator]Protection: Enabled01/05/2012 7:37:10 PMmbam-log-2012-05-01 (19-37-10).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 223956Time elapsed: 17 minute(s), 48 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 1C:\Windows\System32\backupexecrpcservice.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.(end)MalwareBytes has given me warnings about the following processes in the past couple hours - after I had already scanned, removed, and restarted. C:\WINDOWS\SYSTEM32\SYMMPI.DLLROOTKIT.0ACCESS.HC:\WINDOWS\SYSTEM32\VX1000.DLLROOTKIT.0ACCESS.HC:\WINDOWS\SYSTEM32\CDRBSDRV.DLLROOTKIT.0ACCESS.HI chose to quarantine all these files, but clearly something is still at work on my computer.Here is the DDS log (I have attached the other one):.DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 9.0.8112.16421Run by Sophia at 20:54:23 on 2012-05-01Microsoft Windows 7 Starter 6.1.7600.0.1252.2.1033.18.1015.203 [GMT -7:00].AV: avast! antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}SP: avast! antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\windows\system32\wininit.exeC:\windows\system32\lsm.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k LocalServiceC:\windows\system32\svchost.exe -k NetworkServiceC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\Citrix\ICA Client\ssonsvr.exeC:\windows\system32\Dwm.exeC:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exeC:\windows\Explorer.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Synaptics\SynTP\SynAsusAcpi.exeC:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Alwil Software\Avast4\ashDisp.exeC:\Program Files\Citrix\ICA Client\concentr.exeC:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\windows\System32\spoolsv.exeC:\Windows\WindowsMobile\wmdc.exeC:\windows\system32\taskhost.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\windows\system32\igfxsrvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Windows\System32\AsusService.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Microsoft\BingBar\SeaPort.EXEC:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exeC:\Program Files\Citrix\ICA Client\WFCRUN32.EXEC:\Program Files\EeePC\HotkeyService\HotkeyService.exeC:\Program Files\EeePC\SHE\SuperHybridEngine.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC:\windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Kodak\AiO\Center\EKAiOHostService.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\windows\system32\svchost.exe -k imgsvcC:\Program Files\ASUS\Eee Docking\Eee Docking.exeC:\Program Files\TeamViewer\Version5\TeamViewer_Service.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files\EeePC\HotkeyService\HotKeyMon.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\windows\system32\svchost.exe -k WindowsMobileC:\windows\system32\wbem\wmiprvse.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\windows\system32\svchost.exe -k bthsvcsC:\Program Files\Citrix\ICA Client\PNAMAIN.EXEC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files\OpenOffice.org 3\program\soffice.exeC:\windows\system32\SearchIndexer.exeC:\Program Files\OpenOffice.org 3\program\soffice.binC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Skype\Toolbars\Shared\SkypeNames.exeC:\Program Files\Common Files\Java\Java Update\jucheck.exeC:\windows\system32\notepad.exeC:\Program Files\Windows Live\Companion\companionuser.exeC:\windows\system32\NOTEPAD.EXEC:\windows\system32\taskmgr.exeC:\windows\system32\svchost.exe -k SDRSVCC:\Program Files\Opera\opera.exeC:\Program Files\Malwarebytes' Anti-Malware\mbam.exeC:\windows\system32\taskhost.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\windows\system32\conhost.exeC:\windows\system32\conhost.exeC:\windows\system32\conhost.exeC:\ProgramData\JByNm7Ot.exeC:\windows\system32\conhost.exeC:\ProgramData\JByNm7Ot.exeC:\ProgramData\JByNm7Ot.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Microsoft\BingBar\BingBar.exeC:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exeC:\Program Files\Microsoft\BingBar\BingApp.exeC:\windows\system32\wbem\wmiprvse.exeC:\Program Files\Internet Explorer\iexplore.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://asus.msn.comuDefault_Page_URL = hxxp://asus.msn.comuWinlogon: Shell=c:\program files\oceanis\systemsetting\WallPaperAgent.exeBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"BHO: Windows 7 Starter Helper: {d381ff29-7cfb-4d4e-b92a-c4eddc696614} - c:\program files\oceanis\systemsetting\StarterHelper.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dllTB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileuRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exeuRun: [googletalk] c:\users\sophia\appdata\roaming\google\google talk\googletalk.exe /autostartuRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZEDmRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exemRun: [synAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exemRun: [superHybridEngine] AsusSender.exe c:\program files\eeepc\she\SuperHybridEngine.exemRun: [HotkeyService] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotkeyService.exemRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exemRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe"mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startupmRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exemRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"mRun: [Conime] %windir%\system32\conime.exemRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exemRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttrayStartupFolder: c:\users\sophia\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\asusvi~1.lnk - c:\program files\asus\asusvibe\AsusVibeLauncher.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetoothsoftware\BTTray.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hotkey~1.lnk - c:\program files\eeepc\hotkeyservice\HotKeyMon.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\online~1.lnk - c:\windows\installer\{b8a2256e-6225-4d9e-b1c9-c26ca1e22feb}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\tmchlang.lnk - c:\program files\trend micro\internetsecurity\TmChLang.exeuPolicies-explorer: HideSCAHealth = 1 (0x1)mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableLUA = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)mPolicies-system: PromptOnSecureDesktop = 0 (0x0)IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htmIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htmIE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dllIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dllIE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dllIE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dllIE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dllIE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLLLSP: mswsock.dllDPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cabDPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100TCP: DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD} : DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\24C454E4A502552434 : DhcpNameServer = 192.168.0.1TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\742796E646 : DhcpNameServer = 192.168.1.1 64.59.150.134TCP: Interfaces\{30241194-5E19-4930-8815-E2BA8533BFFD}\751667563734F666665656 : DhcpNameServer = 192.168.1.1TCP: Interfaces\{853186AB-46C4-45FE-B101-4168BC3608D6} : DhcpNameServer = 64.71.255.198 64.71.255.253TCP: Interfaces\{F3DE0D00-0A55-4134-BAD8-1F1FA770FF7B} : DhcpNameServer = 192.168.0.1Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dllNotify: igfxcui - igfxdev.dll.============= SERVICES / DRIVERS ===============..=============== Created Last 30 ================.2012-05-01 16:12:03 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2012-05-01 06:32:29 388096 ----a-r- c:\users\sophia\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe2012-05-01 06:32:28 -------- d-----w- c:\program files\Trend Micro2012-04-30 15:53:45 -------- d-----w- c:\users\sophia\appdata\local\{F86687B7-AB8A-4FD4-9535-43E43B885297}2012-04-30 15:52:36 -------- d-----w- c:\users\sophia\appdata\local\{55A5E1F2-E45A-4C22-9824-DDB986C07951}2012-04-30 06:37:26 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-04-30 06:29:43 -------- d-----w- c:\users\sophia\appdata\local\{C2D573D6-F57C-45A5-AA3B-FC96F238D57E}2012-04-30 05:54:23 -------- d-----w- c:\users\sophia\appdata\roaming\Malwarebytes2012-04-30 05:53:57 -------- d-----w- c:\programdata\Malwarebytes2012-04-30 05:53:52 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-04-30 05:53:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-04-30 04:19:54 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys2012-04-30 04:19:53 -------- d-----w- c:\program files\common files\PC Tools2012-04-30 04:19:50 -------- d-----w- c:\program files\PC Tools2012-04-30 04:15:21 -------- d-----w- c:\programdata\PC Tools2012-04-30 04:15:12 -------- d-----w- c:\users\sophia\appdata\roaming\TestApp2012-04-30 04:10:29 87552 ----a-w- c:\programdata\JByNm7Ot.exe2012-04-30 03:50:15 0 --sha-w- c:\windows\system32\dds_trash_log.cmd2012-04-30 03:49:43 -------- d-----w- c:\program files\common files\Media2012-04-30 03:49:37 -------- d-----w- c:\programdata\F4D55F0200049ADC0021DE69A60145BE2012-04-27 21:01:17 6734704 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{38bc171e-8ac5-4f99-8e67-a1c16fba402c}\mpengine.dll2012-04-12 13:42:42 -------- d-----w- c:\users\sophia\appdata\local\{4790FD7E-E933-47BB-A5ED-236E5AB64449}2012-04-11 14:13:43 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys2012-04-11 14:13:42 5120 ----a-w- c:\windows\system32\wmi.dll2012-04-11 14:13:42 172544 ----a-w- c:\windows\system32\wintrust.dll2012-04-11 14:13:41 158720 ----a-w- c:\windows\system32\imagehlp.dll2012-04-11 14:12:45 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-04-11 14:12:40 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe2012-04-06 20:48:23 -------- d-----w- c:\users\sophia\appdata\roaming\OpenOffice.org.==================== Find3M ====================.2012-04-30 06:37:26 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-04-05 04:39:54 472808 ----a-w- c:\windows\system32\deployJava1.dll2012-03-03 00:00:00 197120 ----a-w- c:\windows\system32\bzpdf.dll2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-02-23 17:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe2012-02-15 05:44:57 826368 ----a-w- c:\windows\system32\rdpcore.dll2012-02-15 04:22:43 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-02-15 04:22:18 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys2012-02-10 05:41:38 1074176 ----a-w- c:\windows\system32\DWrite.dll2012-02-10 05:41:20 218624 ----a-w- c:\windows\system32\d3d10_1core.dll2012-02-10 05:41:20 161792 ----a-w- c:\windows\system32\d3d10_1.dll2012-02-10 05:41:20 1170944 ----a-w- c:\windows\system32\d3d10warp.dll2012-02-10 05:41:19 739840 ----a-w- c:\windows\system32\d2d1.dll2012-02-07 18:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX2012-02-03 04:01:58 2341376 ----a-w- c:\windows\system32\win32k.sys.============= FINISH: 20:59:14.12 ===============Thank you very much for your help!TDSSKiller.2.7.33.0_01.05.2012_09.07.15_log.txtAttach.txt Link to post Share on other sites More sharing options...
Maniac Posted May 2, 2012 ID:548163 Share Posted May 2, 2012 Please don't attach your log files. I have a problem with TDSSKiller log. Please post them. Link to post Share on other sites More sharing options...
cordelia Posted May 2, 2012 Author ID:548241 Share Posted May 2, 2012 Hi Maniac,I couldn't post my TDSS log because the forum kept telling me that the post was too long, or my browser would freeze when I posted it. I'll try to post it over multiple posts, then. Sorry for the inconvenience. TDSS Log, part 1:09:07:15.0698 1036 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:4309:07:17.0609 1036 ============================================================09:07:17.0610 1036 Current date / time: 2012/05/01 09:07:17.060909:07:17.0610 1036 SystemInfo:09:07:17.0610 103609:07:17.0610 1036 OS Version: 6.1.7600 ServicePack: 0.009:07:17.0610 1036 Product type: Workstation09:07:17.0611 1036 ComputerName: JONAS-NET09:07:17.0611 1036 UserName: Sophia09:07:17.0611 1036 Windows directory: C:\windows09:07:17.0611 1036 System windows directory: C:\windows09:07:17.0612 1036 Processor architecture: Intel x8609:07:17.0612 1036 Number of processors: 209:07:17.0612 1036 Page size: 0x100009:07:17.0612 1036 Boot type: Normal boot09:07:17.0612 1036 ============================================================09:07:20.0133 1036 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005009:07:20.0150 1036 ============================================================09:07:20.0150 1036 \Device\Harddisk0\DR0:09:07:20.0151 1036 MBR partitions:09:07:20.0151 1036 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC80000009:07:20.0151 1036 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC800800, BlocksNum 0xF5BC80009:07:20.0151 1036 ============================================================09:07:20.0208 1036 C: <-> \Device\Harddisk0\DR0\Partition009:07:20.0311 1036 D: <-> \Device\Harddisk0\DR0\Partition109:07:20.0311 1036 ============================================================09:07:20.0311 1036 Initialize success09:07:20.0311 1036 ============================================================09:07:44.0631 7864 ============================================================09:07:44.0631 7864 Scan started09:07:44.0631 7864 Mode: Manual; SigCheck; TDLFS;09:07:44.0631 7864 ============================================================09:07:52.0021 7864 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys09:07:54.0416 7864 1394ohci - ok09:07:55.0095 7864 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys09:07:55.0651 7864 ACPI - ok09:07:55.0783 7864 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys09:07:56.0279 7864 AcpiPmi - ok09:07:58.0794 7864 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe09:07:58.0886 7864 AdobeFlashPlayerUpdateSvc - ok09:07:59.0427 7864 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys09:07:59.0808 7864 adp94xx - ok09:08:01.0224 7864 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys09:08:02.0482 7864 adpahci - ok09:08:02.0813 7864 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys09:08:02.0899 7864 adpu320 - ok09:08:04.0397 7864 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll09:08:04.0936 7864 AeLookupSvc - ok09:08:05.0606 7864 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys09:08:06.0042 7864 AFD - ok09:08:06.0123 7864 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys09:08:06.0265 7864 agp440 - ok09:08:06.0494 7864 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys09:08:06.0668 7864 aic78xx - ok09:08:07.0050 7864 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe09:08:07.0297 7864 ALG - ok09:08:07.0473 7864 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys09:08:07.0525 7864 aliide - ok09:08:07.0575 7864 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys09:08:07.0628 7864 amdagp - ok09:08:07.0781 7864 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys09:08:07.0828 7864 amdide - ok09:08:07.0887 7864 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys09:08:08.0375 7864 AmdK8 - ok09:08:08.0569 7864 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys09:08:08.0692 7864 AmdPPM - ok09:08:08.0911 7864 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys09:08:09.0018 7864 amdsata - ok09:08:09.0489 7864 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys09:08:09.0568 7864 amdsbs - ok09:08:09.0689 7864 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys09:08:09.0798 7864 amdxata - ok09:08:09.0931 7864 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys09:08:10.0220 7864 AppID - ok09:08:10.0277 7864 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll09:08:10.0979 7864 AppIDSvc - ok09:08:12.0756 7864 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\windows\System32\appinfo.dll09:08:13.0727 7864 Appinfo - ok09:08:14.0317 7864 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe09:08:14.0424 7864 Apple Mobile Device - ok09:08:14.0673 7864 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys09:08:14.0750 7864 arc - ok09:08:15.0305 7864 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys09:08:15.0518 7864 arcsas - ok09:08:15.0615 7864 arkbcfltr - ok09:08:15.0652 7864 arrayssl_vpn_service3,0,1,9 - ok09:08:16.0143 7864 AsusService (c4fb2613d3c75364bb159b9c23a00e7a) C:\Windows\System32\AsusService.exe09:08:16.0348 7864 AsusService ( UnsignedFile.Multi.Generic ) - warning09:08:16.0348 7864 AsusService - detected UnsignedFile.Multi.Generic (1)09:08:16.0501 7864 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys09:08:18.0459 7864 aswFsBlk - ok09:08:18.0560 7864 aswMonFlt (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys09:08:18.0706 7864 aswMonFlt - ok09:08:18.0775 7864 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys09:08:18.0852 7864 aswRdr - ok09:08:19.0263 7864 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys09:08:19.0375 7864 aswSP - ok09:08:19.0478 7864 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys09:08:19.0519 7864 aswTdi - ok09:08:19.0576 7864 aswUpdSv (5debc3519d489411073fa7e56ffb4a93) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe09:08:19.0672 7864 aswUpdSv - ok09:08:19.0730 7864 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys09:08:20.0512 7864 AsyncMac - ok09:08:20.0662 7864 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys09:08:20.0708 7864 atapi - ok09:08:21.0381 7864 athr (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys09:08:21.0681 7864 athr - ok09:08:22.0244 7864 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll09:08:22.0504 7864 AudioEndpointBuilder - ok09:08:22.0528 7864 Audiosrv (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll09:08:22.0687 7864 Audiosrv - ok09:08:22.0895 7864 avast! Antivirus (0aaf6b848185899cf76ae04e62eab3d2) C:\Program Files\Alwil Software\Avast4\ashServ.exe09:08:22.0955 7864 avast! Antivirus - ok09:08:23.0020 7864 avast! Mail Scanner (b2f564dc59b67763c73269e1a9da7f18) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe09:08:23.0095 7864 avast! Mail Scanner - ok09:08:23.0399 7864 avast! Web Scanner (d86010c96abadda75356834d6113d37d) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe09:08:23.0464 7864 avast! Web Scanner - ok09:08:23.0525 7864 avg7updsvc - ok09:08:23.0686 7864 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\windows\System32\AxInstSV.dll09:08:23.0993 7864 AxInstSV - ok09:08:24.0833 7864 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys09:08:25.0130 7864 b06bdrv - ok09:08:25.0403 7864 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys09:08:25.0517 7864 b57nd60x - ok09:08:25.0882 7864 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE09:08:26.0023 7864 BBSvc - ok09:08:26.0236 7864 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE09:08:26.0466 7864 BBUpdate - ok09:08:26.0766 7864 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll09:08:27.0078 7864 BDESVC - ok09:08:27.0118 7864 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys09:08:27.0261 7864 Beep - ok09:08:27.0689 7864 BITS (53f476476f55a27f580661bde09c4ec4) C:\windows\System32\qmgr.dll09:08:28.0172 7864 BITS - ok09:08:28.0250 7864 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys09:08:28.0456 7864 blbdrive - ok09:08:28.0749 7864 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe09:08:28.0841 7864 Bonjour Service - ok09:08:29.0010 7864 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys09:08:29.0186 7864 bowser - ok09:08:29.0280 7864 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys09:08:29.0429 7864 BrFiltLo - ok09:08:29.0457 7864 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys09:08:29.0551 7864 BrFiltUp - ok09:08:29.0727 7864 Browser (598e1280e7ff3744f4b8329366cc5635) C:\windows\System32\browser.dll09:08:29.0972 7864 Browser - ok09:08:30.0076 7864 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys09:08:30.0200 7864 Brserid - ok09:08:30.0298 7864 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys09:08:30.0450 7864 BrSerWdm - ok09:08:30.0490 7864 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys09:08:30.0565 7864 BrUsbMdm - ok09:08:30.0612 7864 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys09:08:30.0695 7864 BrUsbSer - ok09:08:30.0779 7864 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys09:08:30.0887 7864 BthEnum - ok09:08:30.0956 7864 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys09:08:31.0029 7864 BTHMODEM - ok09:08:31.0276 7864 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys09:08:31.0378 7864 BthPan - ok09:08:31.0739 7864 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys09:08:31.0917 7864 BTHPORT - ok09:08:32.0184 7864 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll09:08:32.0337 7864 bthserv - ok09:08:32.0472 7864 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys09:08:32.0538 7864 BTHUSB - ok09:08:32.0703 7864 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\windows\system32\drivers\btwaudio.sys09:08:32.0768 7864 btwaudio - ok09:08:32.0843 7864 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\windows\system32\DRIVERS\btwavdt.sys09:08:32.0887 7864 btwavdt - ok09:08:33.0320 7864 btwdins (f7434401ae320bb97903a3c1865242fb) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe09:08:33.0477 7864 btwdins - ok09:08:33.0538 7864 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\windows\system32\DRIVERS\btwl2cap.sys09:08:33.0578 7864 btwl2cap - ok09:08:33.0634 7864 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\windows\system32\DRIVERS\btwrchid.sys09:08:33.0669 7864 btwrchid - ok09:08:33.0779 7864 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys09:08:33.0940 7864 cdfs - ok09:08:34.0076 7864 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys09:08:34.0196 7864 cdrom - ok09:08:34.0329 7864 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll09:08:34.0511 7864 CertPropSvc - ok09:08:34.0603 7864 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys09:08:34.0686 7864 circlass - ok09:08:34.0810 7864 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys09:08:34.0890 7864 CLFS - ok09:08:35.0113 7864 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe09:08:35.0170 7864 clr_optimization_v2.0.50727_32 - ok09:08:35.0418 7864 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe09:08:35.0580 7864 clr_optimization_v4.0.30319_32 - ok09:08:35.0658 7864 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys09:08:35.0760 7864 CmBatt - ok09:08:35.0855 7864 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys09:08:35.0901 7864 cmdide - ok09:08:36.0080 7864 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\windows\system32\Drivers\cng.sys09:08:36.0198 7864 CNG - ok09:08:36.0276 7864 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys09:08:36.0325 7864 Compbatt - ok09:08:36.0435 7864 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys09:08:36.0519 7864 CompositeBus - ok09:08:36.0549 7864 COMSysApp - ok09:08:36.0636 7864 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys09:08:36.0701 7864 crcdisk - ok09:08:37.0002 7864 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\windows\system32\cryptsvc.dll09:08:37.0243 7864 CryptSvc - ok09:08:37.0377 7864 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\windows\system32\DRIVERS\ctxusbm.sys09:08:37.0490 7864 ctxusbm - ok09:08:37.0673 7864 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll09:08:37.0864 7864 DcomLaunch - ok09:08:38.0098 7864 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll09:08:38.0421 7864 defragsvc - ok09:08:38.0586 7864 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys09:08:38.0738 7864 DfsC - ok09:08:38.0960 7864 Dhcp (c56495fbd770712367cad35e5de72da6) C:\windows\system32\dhcpcore.dll09:08:39.0231 7864 Dhcp - ok09:08:39.0350 7864 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys09:08:39.0534 7864 discache - ok09:08:39.0680 7864 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys09:08:39.0729 7864 Disk - ok09:08:40.0056 7864 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\windows\System32\dnsrslvr.dll09:08:40.0171 7864 Dnscache - ok09:08:40.0334 7864 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\windows\System32\dot3svc.dll09:08:40.0515 7864 dot3svc - ok09:08:40.0712 7864 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\windows\system32\dps.dll09:08:40.0838 7864 DPS - ok09:08:40.0916 7864 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys09:08:41.0041 7864 drmkaud - ok09:08:41.0681 7864 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys09:08:41.0796 7864 DXGKrnl - ok09:08:41.0828 7864 DynDNS_Updater_Service - ok09:08:42.0232 7864 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll09:08:42.0396 7864 EapHost - ok09:08:45.0343 7864 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys09:08:45.0667 7864 ebdrv - ok09:08:46.0786 7864 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\System32\lsass.exe09:08:46.0891 7864 EFS - ok09:08:47.0282 7864 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys09:08:47.0400 7864 elxstor - ok09:08:47.0422 7864 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys09:08:47.0488 7864 ErrDev - ok09:08:47.0690 7864 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll09:08:47.0846 7864 EventSystem - ok09:08:48.0014 7864 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys09:08:48.0154 7864 exfat - ok09:08:48.0188 7864 fallback - ok09:08:48.0244 7864 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys09:08:48.0409 7864 fastfat - ok09:08:48.0784 7864 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\windows\system32\fxssvc.exe09:08:49.0000 7864 Fax - ok09:08:49.0083 7864 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys09:08:49.0206 7864 fdc - ok09:08:49.0236 7864 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll09:08:49.0405 7864 fdPHost - ok09:08:49.0473 7864 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll09:08:49.0644 7864 FDResPub - ok09:08:49.0900 7864 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys09:08:50.0011 7864 FileInfo - ok09:08:50.0108 7864 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys09:08:50.0226 7864 Filetrace - ok09:08:50.0260 7864 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys09:08:50.0343 7864 flpydisk - ok09:08:50.0452 7864 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys09:08:50.0512 7864 FltMgr - ok09:08:52.0004 7864 FontCache (7fe4995528a7529a761875151ee3d512) C:\windows\system32\FntCache.dll09:08:52.0269 7864 FontCache - ok09:08:52.0460 7864 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe09:08:52.0520 7864 FontCache3.0.0.0 - ok09:08:52.0617 7864 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys09:08:52.0743 7864 FsDepends - ok09:08:52.0855 7864 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\windows\system32\DRIVERS\fssfltr.sys09:08:52.0896 7864 fssfltr - ok09:08:54.0177 7864 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe09:08:54.0374 7864 fsssvc - ok09:08:54.0935 7864 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\windows\system32\drivers\Fs_Rec.sys09:08:54.0983 7864 Fs_Rec - ok09:08:55.0091 7864 FTDIBUS (aae37f0f2f613218dce17b42a18c38db) C:\windows\system32\drivers\ftdibus.sys09:08:55.0155 7864 FTDIBUS - ok09:08:55.0212 7864 ftsata2 - ok09:08:55.0325 7864 FTSER2K (48bfd1ba45c9c9e7ab339e25abfba1d2) C:\windows\system32\drivers\ftser2k.sys09:08:55.0379 7864 FTSER2K - ok09:08:55.0559 7864 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys09:08:55.0629 7864 fvevol - ok09:08:55.0715 7864 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys09:08:55.0762 7864 gagp30kx - ok09:08:55.0805 7864 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys09:08:55.0846 7864 GEARAspiWDM - ok09:08:56.0104 7864 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\windows\System32\gpsvc.dll09:08:56.0273 7864 gpsvc - ok09:08:56.0499 7864 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe09:08:56.0544 7864 gupdate - ok09:08:56.0615 7864 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe09:08:56.0660 7864 gupdatem - ok09:08:56.0774 7864 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe09:08:56.0841 7864 gusvc - ok09:08:56.0872 7864 hcf_msft - ok09:08:56.0922 7864 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys09:08:57.0156 7864 hcw85cir - ok09:08:57.0366 7864 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys09:08:57.0483 7864 HdAudAddService - ok09:08:57.0683 7864 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys09:08:57.0810 7864 HDAudBus - ok09:08:57.0901 7864 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys09:08:58.0009 7864 HidBatt - ok09:08:58.0103 7864 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys09:08:58.0213 7864 HidBth - ok09:08:58.0262 7864 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys09:08:58.0362 7864 HidIr - ok09:08:58.0432 7864 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll09:08:58.0553 7864 hidserv - ok09:08:58.0633 7864 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys09:08:58.0730 7864 HidUsb - ok09:08:58.0784 7864 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\windows\system32\kmsvc.dll09:08:58.0932 7864 hkmsvc - ok09:08:58.0978 7864 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\windows\system32\ListSvc.dll09:08:59.0140 7864 HomeGroupListener - ok09:08:59.0367 7864 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\windows\system32\provsvc.dll09:08:59.0462 7864 HomeGroupProvider - ok09:08:59.0531 7864 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys09:08:59.0586 7864 HpSAMD - ok09:08:59.0670 7864 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys09:08:59.0838 7864 HTTP - ok09:08:59.0878 7864 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys09:08:59.0926 7864 hwpolicy - ok09:09:00.0109 7864 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys09:09:00.0195 7864 i8042prt - ok09:09:00.0269 7864 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys09:09:00.0390 7864 iaStor - ok09:09:00.0664 7864 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys09:09:00.0748 7864 iaStorV - ok09:09:00.0949 7864 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe09:09:01.0075 7864 idsvc - ok09:09:01.0634 7864 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\windows\system32\DRIVERS\igdkmd32.sys09:09:02.0005 7864 igfx - ok09:09:02.0163 7864 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys09:09:02.0216 7864 iirsp - ok09:09:02.0329 7864 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\windows\System32\ikeext.dll09:09:02.0525 7864 IKEEXT - ok09:09:02.0970 7864 IntcAzAudAddService (e345ec27c8dff8728f5c6f0413699dc5) C:\windows\system32\drivers\RTKVHDA.sys09:09:03.0272 7864 IntcAzAudAddService - ok09:09:03.0436 7864 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys09:09:03.0487 7864 intelide - ok09:09:03.0537 7864 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys09:09:03.0608 7864 intelppm - ok09:09:03.0665 7864 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll09:09:03.0807 7864 IPBusEnum - ok09:09:03.0833 7864 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys09:09:03.0956 7864 IpFilterDriver - ok09:09:04.0000 7864 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys09:09:04.0078 7864 IPMIDRV - ok09:09:04.0125 7864 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys09:09:04.0257 7864 IPNAT - ok09:09:04.0377 7864 iPod Service (7a3611564fce7c8be50b03f58cb3eb7d) C:\Program Files\iPod\bin\iPodService.exe09:09:04.0471 7864 iPod Service - ok09:09:04.0514 7864 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys09:09:04.0653 7864 IRENUM - ok09:09:04.0702 7864 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys09:09:04.0751 7864 isapnp - ok09:09:04.0911 7864 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys09:09:05.0005 7864 iScsiPrt - ok09:09:05.0080 7864 itmrtsvc - ok09:09:05.0133 7864 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys09:09:05.0191 7864 kbdclass - ok09:09:05.0225 7864 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys09:09:05.0300 7864 kbdhid - ok09:09:05.0344 7864 kbfiltr (3eb803312987ff44265c87cb960df6ab) C:\windows\system32\DRIVERS\kbfiltr.sys09:09:05.0413 7864 kbfiltr - ok09:09:05.0472 7864 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe09:09:05.0531 7864 KeyIso - ok09:09:05.0568 7864 klif - ok09:09:06.0512 7864 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe09:09:06.0622 7864 Kodak AiO Network Discovery Service - ok09:09:06.0826 7864 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\windows\system32\Drivers\ksecdd.sys09:09:06.0941 7864 KSecDD - ok09:09:07.0160 7864 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\windows\system32\Drivers\ksecpkg.sys09:09:07.0305 7864 KSecPkg - ok09:09:07.0580 7864 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll09:09:07.0822 7864 KtmRm - ok09:09:08.0001 7864 L1C (a158cea8644b8a5c1ec0e9a81b70f65a) C:\windows\system32\DRIVERS\L1C62x86.sys09:09:08.0113 7864 L1C - ok09:09:08.0475 7864 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\windows\system32\srvsvc.dll09:09:08.0603 7864 LanmanServer - ok09:09:08.0784 7864 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\windows\System32\wkssvc.dll09:09:08.0978 7864 LanmanWorkstation - ok09:09:09.0098 7864 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys09:09:09.0216 7864 lltdio - ok09:09:09.0339 7864 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll09:09:09.0579 7864 lltdsvc - ok09:09:09.0613 7864 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll09:09:09.0741 7864 lmhosts - ok09:09:09.0823 7864 LMouFilt - ok09:09:10.0004 7864 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys09:09:10.0080 7864 LSI_FC - ok09:09:10.0303 7864 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys09:09:10.0370 7864 LSI_SAS - ok09:09:10.0563 7864 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys09:09:10.0872 7864 LSI_SAS2 - ok09:09:11.0038 7864 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys09:09:11.0119 7864 LSI_SCSI - ok09:09:11.0255 7864 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys09:09:11.0490 7864 luafv - ok09:09:11.0523 7864 lusbaudio - ok09:09:11.0573 7864 macformatservice - ok09:09:11.0744 7864 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys09:09:11.0848 7864 MBAMProtector - ok09:09:12.0171 7864 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe09:09:12.0372 7864 MBAMService - ok09:09:12.0496 7864 mclogmanagerservice - ok09:09:12.0583 7864 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys09:09:12.0643 7864 megasas - ok09:09:12.0905 7864 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys09:09:13.0000 7864 MegaSR - ok09:09:13.0138 7864 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll09:09:13.0308 7864 MMCSS - ok09:09:13.0398 7864 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys09:09:13.0540 7864 Modem - ok09:09:13.0631 7864 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys09:09:13.0710 7864 monitor - ok09:09:13.0829 7864 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys09:09:13.0881 7864 mouclass - ok09:09:13.0943 7864 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys09:09:14.0047 7864 mouhid - ok09:09:14.0213 7864 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys09:09:14.0277 7864 mountmgr - ok09:09:14.0488 7864 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys09:09:14.0570 7864 mpio - ok09:09:14.0667 7864 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys09:09:14.0804 7864 mpsdrv - ok09:09:14.0907 7864 mr2kserv - ok09:09:15.0072 7864 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys09:09:15.0176 7864 MRxDAV - ok09:09:15.0237 7864 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys09:09:15.0388 7864 mrxsmb - ok09:09:15.0746 7864 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys09:09:15.0952 7864 mrxsmb10 - ok09:09:16.0117 7864 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys09:09:16.0241 7864 mrxsmb20 - ok09:09:16.0352 7864 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys09:09:16.0409 7864 msahci - ok09:09:16.0538 7864 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys09:09:16.0613 7864 msdsm - ok09:09:16.0840 7864 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe09:09:16.0943 7864 MSDTC - ok09:09:17.0030 7864 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys09:09:17.0165 7864 Msfs - ok09:09:17.0195 7864 msfwsvc - ok09:09:17.0238 7864 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys09:09:17.0378 7864 mshidkmdf - ok09:09:17.0434 7864 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys09:09:17.0490 7864 msisadrv - ok09:09:17.0677 7864 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll09:09:17.0856 7864 MSiSCSI - ok09:09:17.0871 7864 msiserver - ok09:09:17.0942 7864 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys09:09:18.0093 7864 MSKSSRV - ok09:09:18.0127 7864 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys09:09:18.0243 7864 MSPCLOCK - ok09:09:18.0366 7864 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys09:09:18.0506 7864 MSPQM - ok09:09:18.0835 7864 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys09:09:18.0942 7864 MsRPC - ok09:09:19.0157 7864 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys09:09:19.0211 7864 mssmbios - ok09:09:19.0273 7864 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys09:09:19.0410 7864 MSTEE - ok09:09:19.0462 7864 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys09:09:19.0544 7864 MTConfig - ok09:09:19.0647 7864 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys09:09:19.0700 7864 Mup - ok09:09:20.0371 7864 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\windows\system32\qagentRT.dll09:09:20.0659 7864 napagent - ok09:09:20.0890 7864 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys09:09:21.0062 7864 NativeWifiP - ok09:09:21.0847 7864 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys09:09:21.0991 7864 NDIS - ok09:09:22.0034 7864 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys09:09:22.0204 7864 NdisCap - ok09:09:22.0294 7864 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys09:09:22.0455 7864 NdisTapi - ok09:09:22.0576 7864 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys09:09:22.0714 7864 Ndisuio - ok09:09:22.0896 7864 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys09:09:23.0039 7864 NdisWan - ok09:09:23.0127 7864 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys09:09:23.0243 7864 NDProxy - ok09:09:23.0302 7864 Netaapl (29c45722e20572b6440b57e3359e73ee) C:\windows\system32\DRIVERS\netaapl.sys09:09:23.0411 7864 Netaapl - ok09:09:23.0499 7864 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys09:09:23.0665 7864 NetBIOS - ok09:09:24.0000 7864 NetBT (14797e657fcfe2f62b1c315bfd6b9006) C:\windows\system32\DRIVERS\netbt.sys09:09:24.0130 7864 NetBT ( UnsignedFile.Multi.Generic ) - warning09:09:24.0130 7864 NetBT - detected UnsignedFile.Multi.Generic (1)09:09:24.0227 7864 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe09:09:24.0293 7864 Netlogon - ok09:09:24.0886 7864 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll09:09:25.0288 7864 Netman - ok09:09:26.0002 7864 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll09:09:26.0236 7864 netprofm - ok09:09:26.0676 7864 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe09:09:26.0765 7864 NetTcpPortSharing - ok09:09:26.0882 7864 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys09:09:26.0931 7864 nfrd960 - ok09:09:27.0367 7864 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\windows\System32\nlasvc.dll09:09:27.0605 7864 NlaSvc - ok09:09:27.0692 7864 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys09:09:27.0807 7864 Npfs - ok09:09:27.0922 7864 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll09:09:28.0046 7864 nsi - ok09:09:28.0098 7864 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys09:09:28.0254 7864 nsiproxy - ok09:09:30.0293 7864 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys09:09:30.0464 7864 Ntfs - ok09:09:30.0479 7864 ntlmssp - ok09:09:30.0551 7864 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys09:09:30.0691 7864 Null - ok09:09:30.0903 7864 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys09:09:31.0064 7864 nvraid - ok09:09:31.0319 7864 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys09:09:31.0426 7864 nvstor - ok09:09:31.0664 7864 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys09:09:31.0757 7864 nv_agp - ok09:09:32.0869 7864 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE09:09:33.0220 7864 odserv - ok09:09:33.0361 7864 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys09:09:33.0424 7864 ohci1394 - ok09:09:33.0676 7864 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE09:09:33.0770 7864 ose - ok09:09:34.0245 7864 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll09:09:34.0525 7864 p2pimsvc - ok09:09:35.0160 7864 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll09:09:35.0501 7864 p2psvc - ok09:09:35.0708 7864 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys09:09:35.0844 7864 Parport - ok09:09:36.0035 7864 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys09:09:36.0139 7864 partmgr - ok09:09:36.0198 7864 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys09:09:36.0284 7864 Parvdm - ok09:09:36.0646 7864 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll09:09:36.0785 7864 PcaSvc - ok09:09:37.0105 7864 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys09:09:37.0250 7864 pci - ok09:09:37.0308 7864 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys09:09:37.0354 7864 pciide - ok09:09:37.0609 7864 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys09:09:37.0714 7864 pcmcia - ok09:09:37.0825 7864 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys09:09:37.0873 7864 pcw - ok09:09:38.0679 7864 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys09:09:39.0077 7864 PEAUTH - ok09:09:40.0864 7864 pla (9c1bff7910c89a1d12e57343475840cb) C:\windows\system32\pla.dll09:09:41.0225 7864 pla - ok09:09:42.0989 7864 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\windows\system32\umpnpmgr.dll09:09:43.0223 7864 PlugPlay - ok09:09:43.0286 7864 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll09:09:43.0382 7864 PNRPAutoReg - ok09:09:43.0883 7864 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll09:09:43.0955 7864 PNRPsvc - ok09:09:44.0284 7864 Point32 (7d7a9c17d5455203dea11e5ef886cc59) C:\windows\system32\DRIVERS\point32.sys09:09:44.0341 7864 Point32 - ok09:09:44.0472 7864 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\windows\System32\ipsecsvc.dll09:09:44.0724 7864 PolicyAgent - ok09:09:44.0991 7864 Power (dbff83f709a91049621c1d35dd45c92c) C:\windows\system32\umpo.dll09:09:45.0251 7864 Power - ok09:09:45.0318 7864 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys09:09:45.0436 7864 PptpMiniport - ok09:09:45.0472 7864 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys09:09:45.0538 7864 Processor - ok09:09:45.0584 7864 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\windows\system32\profsvc.dll09:09:45.0754 7864 ProfSvc - ok09:09:45.0848 7864 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe09:09:45.0905 7864 ProtectedStorage - ok09:09:46.0033 7864 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys09:09:46.0167 7864 Psched - ok09:09:46.0195 7864 qbposdbservices - ok09:09:46.0450 7864 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys09:09:46.0616 7864 ql2300 - ok09:09:46.0810 7864 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys09:09:46.0871 7864 ql40xx - ok09:09:46.0941 7864 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll09:09:47.0042 7864 QWAVE - ok09:09:47.0081 7864 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys09:09:47.0160 7864 QWAVEdrv - ok09:09:47.0238 7864 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\windows\WindowsMobile\rapimgr.dll09:09:47.0299 7864 RapiMgr - ok09:09:47.0345 7864 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys09:09:47.0470 7864 RasAcd - ok09:09:47.0512 7864 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys09:09:47.0647 7864 RasAgileVpn - ok09:09:47.0702 7864 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll09:09:47.0836 7864 RasAuto - ok09:09:47.0870 7864 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys09:09:47.0997 7864 Rasl2tp - ok09:09:48.0041 7864 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\windows\System32\rasmans.dll09:09:48.0194 7864 RasMan - ok09:09:48.0228 7864 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys09:09:48.0344 7864 RasPppoe - ok09:09:48.0400 7864 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys09:09:48.0508 7864 RasSstp - ok09:09:48.0573 7864 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys09:09:48.0731 7864 rdbss - ok09:09:48.0800 7864 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys09:09:48.0899 7864 rdpbus - ok09:09:48.0924 7864 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys09:09:49.0051 7864 RDPCDD - ok09:09:49.0138 7864 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys09:09:49.0257 7864 RDPENCDD - ok09:09:49.0297 7864 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys09:09:49.0422 7864 RDPREFMP - ok09:09:49.0485 7864 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\windows\system32\drivers\RDPWD.sys09:09:49.0600 7864 RDPWD - ok09:09:49.0663 7864 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys09:09:49.0727 7864 rdyboost - ok09:09:49.0790 7864 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll09:09:49.0915 7864 RemoteAccess - ok09:09:49.0964 7864 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll09:09:50.0097 7864 RemoteRegistry - ok09:09:50.0154 7864 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys09:09:50.0230 7864 RFCOMM - ok09:09:50.0369 7864 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll09:09:50.0533 7864 RpcEptMapper - ok09:09:50.0575 7864 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe09:09:50.0652 7864 RpcLocator - ok09:09:50.0718 7864 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll09:09:50.0850 7864 RpcSs - ok09:09:50.0896 7864 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys09:09:51.0026 7864 rspndr - ok09:09:51.0060 7864 s116obex - ok09:09:51.0109 7864 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe09:09:51.0173 7864 SamSs - ok09:09:51.0311 7864 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys09:09:51.0384 7864 sbp2port - ok09:09:51.0576 7864 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll09:09:51.0732 7864 SCardSvr - ok09:09:51.0759 7864 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys09:09:51.0878 7864 scfilter - ok09:09:51.0991 7864 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\windows\system32\schedsvc.dll09:09:52.0166 7864 Schedule - ok09:09:52.0201 7864 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll09:09:52.0324 7864 SCPolicySvc - ok09:09:52.0374 7864 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\windows\System32\SDRSVC.dll09:09:52.0508 7864 SDRSVC - ok09:09:52.0542 7864 se58unic - ok09:09:52.0593 7864 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys09:09:52.0739 7864 secdrv - ok09:09:52.0778 7864 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll09:09:52.0936 7864 seclogon - ok09:09:52.0971 7864 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll09:09:53.0129 7864 SENS - ok09:09:53.0234 7864 ser2at (0d78c1c2469888bd18e25406ee9b41f6) C:\windows\system32\DRIVERS\ser2at.sys09:09:53.0312 7864 ser2at - ok09:09:53.0365 7864 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys09:09:53.0430 7864 Serenum - ok09:09:53.0475 7864 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys09:09:53.0542 7864 Serial - ok09:09:53.0573 7864 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys09:09:53.0674 7864 sermouse - ok09:09:53.0753 7864 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\windows\system32\sessenv.dll09:09:53.0924 7864 SessionEnv - ok09:09:53.0976 7864 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys09:09:54.0043 7864 sffdisk - ok09:09:54.0085 7864 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys09:09:54.0162 7864 sffp_mmc - ok09:09:54.0190 7864 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys09:09:54.0276 7864 sffp_sd - ok09:09:54.0341 7864 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys09:09:54.0401 7864 sfloppy - ok09:09:54.0492 7864 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll09:09:54.0644 7864 SharedAccess - ok09:09:54.0704 7864 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\windows\System32\shsvcs.dll09:09:54.0812 7864 ShellHWDetection - ok09:09:54.0859 7864 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys09:09:54.0928 7864 sisagp - ok09:09:54.0977 7864 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys09:09:55.0033 7864 SiSRaid2 - ok09:09:55.0079 7864 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys09:09:55.0131 7864 SiSRaid4 - ok09:09:55.0175 7864 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys09:09:55.0331 7864 Smb - ok09:09:55.0416 7864 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe09:09:55.0504 7864 SNMPTRAP - ok09:09:55.0552 7864 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys09:09:55.0605 7864 spldr - ok09:09:55.0666 7864 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\windows\System32\spoolsv.exe09:09:55.0788 7864 Spooler - ok09:09:56.0076 7864 sppsvc (4c287f9069fedbd791178876ee9de536) C:\windows\system32\sppsvc.exe09:09:56.0346 7864 sppsvc - ok09:09:56.0878 7864 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\windows\system32\sppuinotify.dll09:09:57.0170 7864 sppuinotify - ok09:09:57.0302 7864 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys09:09:57.0441 7864 srv - ok09:09:57.0530 7864 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys09:09:57.0657 7864 srv2 - ok09:09:57.0699 7864 SRVLOC - ok09:09:57.0761 7864 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys09:09:57.0875 7864 srvnet - ok09:09:57.0918 7864 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll09:09:58.0093 7864 SSDPSRV - ok09:09:58.0144 7864 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll09:09:58.0327 7864 SstpSvc - ok09:09:58.0380 7864 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys09:09:58.0437 7864 stexstor - ok09:09:58.0617 7864 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\windows\System32\wiaservc.dll09:09:58.0779 7864 StiSvc - ok09:09:58.0854 7864 sursayra (e6d35f3aa51a65eb35c1f2340154a25e) C:\windows\system32\drivers\jxgc.sys09:09:58.0911 7864 sursayra ( UnsignedFile.Multi.Generic ) - warning09:09:58.0911 7864 sursayra - detected UnsignedFile.Multi.Generic (1)09:09:58.0956 7864 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys09:09:59.0012 7864 swenum - ok09:09:59.0081 7864 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll09:09:59.0250 7864 swprv - ok09:09:59.0314 7864 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys09:09:59.0369 7864 SynTP - ok09:09:59.0486 7864 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\windows\system32\sysmain.dll09:09:59.0619 7864 SysMain - ok09:09:59.0649 7864 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\windows\System32\TabSvc.dll09:09:59.0767 7864 TabletInputService - ok09:09:59.0817 7864 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\windows\System32\tapisrv.dll09:09:59.0972 7864 TapiSrv - ok09:10:00.0023 7864 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll09:10:00.0167 7864 TBS - ok09:10:00.0401 7864 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys09:10:00.0540 7864 Tcpip - ok09:10:00.0603 7864 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys09:10:00.0721 7864 TCPIP6 - ok09:10:00.0804 7864 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys09:10:00.0926 7864 tcpipreg - ok09:10:00.0954 7864 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys09:10:01.0012 7864 TDPIPE - ok09:10:01.0058 7864 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\windows\system32\drivers\tdtcp.sys09:10:01.0125 7864 TDTCP - ok09:10:01.0154 7864 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys09:10:01.0264 7864 tdx - ok09:10:01.0398 7864 TeamViewer5 (2a96c8fa665c02e6ad596c321b583112) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe09:10:01.0451 7864 TeamViewer5 - ok09:10:01.0488 7864 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys09:10:01.0538 7864 TermDD - ok09:10:01.0613 7864 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\windows\System32\termsrv.dll09:10:01.0784 7864 TermService - ok09:10:01.0810 7864 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll09:10:01.0895 7864 Themes - ok09:10:01.0937 7864 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll09:10:02.0054 7864 THREADORDER - ok09:10:02.0087 7864 tpsrv - ok09:10:02.0131 7864 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll09:10:02.0292 7864 TrkWks - ok09:10:02.0378 7864 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\windows\servicing\TrustedInstaller.exe09:10:02.0467 7864 TrustedInstaller - ok09:10:02.0527 7864 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys09:10:02.0648 7864 tssecsrv - ok09:10:02.0714 7864 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys09:10:02.0843 7864 tunnel - ok09:10:02.0891 7864 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys09:10:02.0941 7864 uagp35 - ok09:10:02.0984 7864 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys09:10:03.0108 7864 udfs - ok09:10:03.0162 7864 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe09:10:03.0248 7864 UI0Detect - ok09:10:03.0305 7864 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys09:10:03.0355 7864 uliagpkx - ok09:10:03.0402 7864 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys09:10:03.0458 7864 umbus - ok09:10:03.0484 7864 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys09:10:03.0538 7864 UmPass - ok09:10:03.0597 7864 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll09:10:03.0778 7864 upnphost - ok09:10:03.0816 7864 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\windows\system32\Drivers\usbaapl.sys09:10:03.0892 7864 USBAAPL - ok09:10:03.0935 7864 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys09:10:04.0041 7864 usbccgp - ok09:10:04.0092 7864 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys09:10:04.0157 7864 usbcir - ok09:10:04.0201 7864 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys09:10:04.0282 7864 usbehci - ok09:10:04.0387 7864 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys09:10:04.0473 7864 usbhub - ok09:10:04.0505 7864 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys09:10:04.0570 7864 usbohci - ok09:10:04.0644 7864 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys09:10:04.0748 7864 usbprint - ok09:10:04.0807 7864 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys09:10:04.0894 7864 usbscan - ok09:10:04.0939 7864 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS09:10:05.0054 7864 USBSTOR - ok09:10:05.0092 7864 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys09:10:05.0160 7864 usbuhci - ok09:10:05.0209 7864 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys09:10:05.0297 7864 usbvideo - ok09:10:05.0341 7864 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\windows\system32\DRIVERS\usb8023x.sys09:10:05.0425 7864 usb_rndisx - ok09:10:05.0457 7864 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll09:10:05.0579 7864 UxSms - ok09:10:05.0619 7864 vaiomediaplatform-photoserver-appserver - ok09:10:05.0669 7864 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe09:10:05.0725 7864 VaultSvc - ok09:10:05.0753 7864 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys09:10:05.0799 7864 vdrvroot - ok09:10:05.0884 7864 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\windows\System32\vds.exe09:10:05.0997 7864 vds - ok09:10:06.0043 7864 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys09:10:06.0108 7864 vga - ok09:10:06.0140 7864 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys09:10:06.0270 7864 VgaSave - ok09:10:06.0315 7864 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys09:10:06.0372 7864 vhdmp - ok09:10:06.0406 7864 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys09:10:06.0456 7864 viaagp - ok09:10:06.0486 7864 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys09:10:06.0553 7864 ViaC7 - ok09:10:06.0581 7864 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys09:10:06.0629 7864 viaide - ok09:10:06.0655 7864 videoacceleratorengine - ok09:10:06.0688 7864 vnxservice - ok09:10:06.0741 7864 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys09:10:06.0798 7864 volmgr - ok09:10:06.0844 7864 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys09:10:06.0917 7864 volmgrx - ok09:10:06.0964 7864 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys09:10:07.0042 7864 volsnap - ok09:10:07.0089 7864 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys09:10:07.0153 7864 vsmraid - ok09:10:07.0272 7864 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\windows\system32\vssvc.exe09:10:07.0406 7864 VSS - ok09:10:07.0430 7864 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys09:10:07.0499 7864 vwifibus - ok09:10:07.0537 7864 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys09:10:07.0605 7864 vwififlt - ok09:10:07.0653 7864 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys09:10:07.0718 7864 vwifimp - ok09:10:07.0804 7864 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll09:10:07.0989 7864 W32Time - ok09:10:08.0051 7864 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys09:10:08.0109 7864 WacomPen - ok09:10:08.0159 7864 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys09:10:08.0277 7864 WANARP - ok09:10:08.0309 7864 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys09:10:08.0423 7864 Wanarpv6 - ok09:10:08.0557 7864 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\windows\system32\wbengine.exe09:10:08.0732 7864 wbengine - ok09:10:08.0790 7864 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll09:10:08.0890 7864 WbioSrvc - ok09:10:08.0978 7864 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\windows\WindowsMobile\wcescomm.dll09:10:09.0049 7864 WcesComm - ok09:10:09.0121 7864 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\windows\System32\wcncsvc.dll09:10:09.0248 7864 wcncsvc - ok09:10:09.0287 7864 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll09:10:09.0421 7864 WcsPlugInService - ok09:10:09.0493 7864 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys09:10:09.0543 7864 Wd - ok09:10:09.0885 7864 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys09:10:09.0980 7864 Wdf01000 - ok09:10:10.0032 7864 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll09:10:10.0125 7864 WdiServiceHost - ok09:10:10.0137 7864 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll09:10:10.0228 7864 WdiSystemHost - ok09:10:10.0311 7864 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\windows\System32\webclnt.dll09:10:10.0430 7864 WebClient - ok09:10:10.0483 7864 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll09:10:10.0634 7864 Wecsvc - ok09:10:10.0681 7864 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll09:10:10.0803 7864 wercplsupport - ok09:10:10.0868 7864 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll09:10:11.0005 7864 WerSvc - ok09:10:11.0047 7864 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys09:10:11.0159 7864 WfpLwf - ok09:10:11.0201 7864 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys09:10:11.0247 7864 WIMMount - ok09:10:11.0281 7864 WinHttpAutoProxySvc - ok09:10:11.0365 7864 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll09:10:11.0504 7864 Winmgmt - ok09:10:11.0638 7864 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\windows\system32\WsmSvc.dll09:10:11.0830 7864 WinRM - ok09:10:11.0966 7864 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys09:10:12.0041 7864 WinUsb - ok09:10:12.0151 7864 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll09:10:12.0306 7864 Wlansvc - ok09:10:12.0562 7864 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE09:10:12.0727 7864 wlidsvc - ok09:10:12.0911 7864 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys09:10:12.0982 7864 WmiAcpi - ok09:10:13.0091 7864 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe09:10:13.0182 7864 wmiApSrv - ok09:10:13.0374 7864 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe09:10:13.0568 7864 WMPNetworkSvc - ok09:10:13.0606 7864 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll09:10:13.0724 7864 WPCSvc - ok09:10:13.0758 7864 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\windows\system32\wpdbusenum.dll09:10:13.0903 7864 WPDBusEnum - ok09:10:13.0990 7864 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys09:10:14.0108 7864 ws2ifsl - ok09:10:14.0128 7864 WSearch - ok09:10:14.0327 7864 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\windows\system32\wuaueng.dll09:10:14.0634 7864 wuauserv - ok09:10:14.0824 7864 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys09:10:14.0960 7864 WudfPf - ok09:10:15.0024 7864 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys09:10:15.0152 7864 WUDFRd - ok09:10:15.0227 7864 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\windows\System32\WUDFSvc.dll09:10:15.0395 7864 wudfsvc - ok09:10:15.0632 7864 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll09:10:15.0755 7864 WwanSvc - ok09:10:15.0867 7864 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR009:10:16.0081 7864 \Device\Harddisk0\DR0 - ok09:10:16.0092 7864 Boot (0x1200) (63216fc123dfb3a96ab997153c169ae1) \Device\Harddisk0\DR0\Partition009:10:16.0096 7864 \Device\Harddisk0\DR0\Partition0 - ok09:10:16.0134 7864 Boot (0x1200) (216285b664e1e91b5f69990f91c2ba61) \Device\Harddisk0\DR0\Partition109:10:16.0138 7864 \Device\Harddisk0\DR0\Partition1 - ok Link to post Share on other sites More sharing options...
cordelia Posted May 2, 2012 Author ID:548242 Share Posted May 2, 2012 TDSS Log, Part 2:09:10:16.0140 7864 ============================================================09:10:16.0140 7864 Scan finished09:10:16.0140 7864 ============================================================09:10:16.0211 4164 Detected object count: 309:10:16.0212 4164 Actual detected object count: 309:11:09.0358 4164 AsusService ( UnsignedFile.Multi.Generic ) - skipped by user09:11:09.0358 4164 AsusService ( UnsignedFile.Multi.Generic ) - User select action: Skip09:11:09.0361 4164 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user09:11:09.0362 4164 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip09:11:09.0371 4164 sursayra ( UnsignedFile.Multi.Generic ) - skipped by user09:11:09.0371 4164 sursayra ( UnsignedFile.Multi.Generic ) - User select action: Skip19:24:24.0656 3652 ============================================================19:24:24.0695 3652 Scan started19:24:24.0695 3652 Mode: Manual; SigCheck; TDLFS;19:24:24.0695 3652 ============================================================19:24:30.0833 3652 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys19:24:32.0645 3652 1394ohci - ok19:24:32.0889 3652 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys19:24:33.0007 3652 ACPI - ok19:24:33.0244 3652 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys19:24:33.0838 3652 AcpiPmi - ok19:24:35.0261 3652 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe19:24:35.0621 3652 AdobeFlashPlayerUpdateSvc - ok19:24:36.0065 3652 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys19:24:36.0271 3652 adp94xx - ok19:24:36.0549 3652 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys19:24:36.0755 3652 adpahci - ok19:24:36.0884 3652 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys19:24:37.0145 3652 adpu320 - ok19:24:37.0245 3652 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll19:24:37.0655 3652 AeLookupSvc - ok19:24:38.0610 3652 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys19:24:39.0117 3652 AFD - ok19:24:39.0278 3652 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys19:24:39.0348 3652 agp440 - ok19:24:39.0526 3652 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys19:24:39.0782 3652 aic78xx - ok19:24:40.0153 3652 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe19:24:40.0421 3652 ALG - ok19:24:40.0532 3652 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys19:24:40.0648 3652 aliide - ok19:24:40.0746 3652 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys19:24:40.0890 3652 amdagp - ok19:24:40.0969 3652 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys19:24:41.0041 3652 amdide - ok19:24:41.0194 3652 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys19:24:41.0354 3652 AmdK8 - ok19:24:41.0511 3652 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys19:24:41.0715 3652 AmdPPM - ok19:24:41.0929 3652 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys19:24:41.0982 3652 amdsata - ok19:24:42.0162 3652 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys19:24:42.0247 3652 amdsbs - ok19:24:42.0319 3652 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys19:24:42.0404 3652 amdxata - ok19:24:42.0477 3652 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys19:24:42.0699 3652 AppID - ok19:24:42.0817 3652 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll19:24:43.0677 3652 AppIDSvc - ok19:24:43.0945 3652 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\windows\System32\appinfo.dll19:24:44.0196 3652 Appinfo - ok19:24:45.0153 3652 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe19:24:45.0246 3652 Apple Mobile Device - ok19:24:45.0408 3652 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys19:24:45.0504 3652 arc - ok19:24:45.0716 3652 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys19:24:45.0855 3652 arcsas - ok19:24:45.0937 3652 arkbcfltr - ok19:24:45.0997 3652 arrayssl_vpn_service3,0,1,9 - ok19:24:46.0069 3652 AsusService (c4fb2613d3c75364bb159b9c23a00e7a) C:\Windows\System32\AsusService.exe19:24:46.0253 3652 AsusService ( UnsignedFile.Multi.Generic ) - warning19:24:46.0263 3652 AsusService - detected UnsignedFile.Multi.Generic (1)19:24:46.0386 3652 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\windows\system32\DRIVERS\aswFsBlk.sys19:24:46.0572 3652 aswFsBlk - ok19:24:46.0656 3652 aswMonFlt (e2851cb7dbb831888eaea46c55c05e44) C:\windows\system32\DRIVERS\aswMonFlt.sys19:24:46.0793 3652 aswMonFlt - ok19:24:46.0890 3652 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\windows\system32\drivers\aswRdr.sys19:24:46.0930 3652 aswRdr - ok19:24:47.0280 3652 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\windows\system32\drivers\aswSP.sys19:24:47.0359 3652 aswSP - ok19:24:47.0498 3652 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\windows\system32\drivers\aswTdi.sys19:24:47.0571 3652 aswTdi - ok19:24:47.0761 3652 aswUpdSv (5debc3519d489411073fa7e56ffb4a93) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe19:24:47.0789 3652 aswUpdSv - ok19:24:47.0887 3652 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys19:24:49.0509 3652 AsyncMac - ok19:24:49.0651 3652 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys19:24:49.0808 3652 atapi - ok19:24:52.0311 3652 athr (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys19:24:52.0776 3652 athr - ok19:24:53.0671 3652 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll19:24:53.0968 3652 AudioEndpointBuilder - ok19:24:54.0005 3652 Audiosrv (510c873bfa135aa829f4180352772734) C:\windows\System32\Audiosrv.dll19:24:54.0149 3652 Audiosrv - ok19:24:54.0526 3652 avast! Antivirus (0aaf6b848185899cf76ae04e62eab3d2) C:\Program Files\Alwil Software\Avast4\ashServ.exe19:24:54.0585 3652 avast! Antivirus - ok19:24:55.0172 3652 avast! Mail Scanner (b2f564dc59b67763c73269e1a9da7f18) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe19:24:55.0318 3652 avast! Mail Scanner - ok19:24:56.0031 3652 avast! Web Scanner (d86010c96abadda75356834d6113d37d) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe19:24:56.0342 3652 avast! Web Scanner - ok19:24:56.0516 3652 avg7updsvc - ok19:24:56.0841 3652 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\windows\System32\AxInstSV.dll19:24:57.0325 3652 AxInstSV - ok19:24:57.0994 3652 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys19:24:58.0285 3652 b06bdrv - ok19:24:58.0542 3652 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys19:24:58.0784 3652 b57nd60x - ok19:24:59.0512 3652 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE19:24:59.0720 3652 BBSvc - ok19:25:00.0347 3652 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE19:25:00.0528 3652 BBUpdate - ok19:25:00.0603 3652 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll19:25:01.0151 3652 BDESVC - ok19:25:01.0192 3652 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys19:25:01.0398 3652 Beep - ok19:25:02.0664 3652 BITS (53f476476f55a27f580661bde09c4ec4) C:\windows\System32\qmgr.dll19:25:02.0908 3652 BITS - ok19:25:02.0938 3652 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys19:25:03.0064 3652 blbdrive - ok19:25:03.0680 3652 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe19:25:03.0865 3652 Bonjour Service - ok19:25:04.0074 3652 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys19:25:04.0375 3652 bowser - ok19:25:04.0464 3652 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys19:25:04.0602 3652 BrFiltLo - ok19:25:04.0667 3652 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys19:25:04.0760 3652 BrFiltUp - ok19:25:04.0905 3652 Browser (598e1280e7ff3744f4b8329366cc5635) C:\windows\System32\browser.dll19:25:05.0105 3652 Browser - ok19:25:05.0266 3652 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys19:25:05.0455 3652 Brserid - ok19:25:05.0566 3652 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys19:25:05.0699 3652 BrSerWdm - ok19:25:05.0724 3652 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys19:25:05.0818 3652 BrUsbMdm - ok19:25:05.0891 3652 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys19:25:05.0992 3652 BrUsbSer - ok19:25:06.0105 3652 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys19:25:06.0311 3652 BthEnum - ok19:25:06.0383 3652 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys19:25:06.0512 3652 BTHMODEM - ok19:25:06.0584 3652 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys19:25:06.0774 3652 BthPan - ok19:25:06.0940 3652 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys19:25:07.0185 3652 BTHPORT - ok19:25:07.0416 3652 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll19:25:07.0622 3652 bthserv - ok19:25:07.0713 3652 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys19:25:07.0841 3652 BTHUSB - ok19:25:08.0079 3652 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\windows\system32\drivers\btwaudio.sys19:25:08.0288 3652 btwaudio - ok19:25:08.0549 3652 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\windows\system32\DRIVERS\btwavdt.sys19:25:08.0626 3652 btwavdt - ok19:25:09.0820 3652 btwdins (f7434401ae320bb97903a3c1865242fb) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe19:25:10.0019 3652 btwdins - ok19:25:10.0140 3652 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\windows\system32\DRIVERS\btwl2cap.sys19:25:10.0276 3652 btwl2cap - ok19:25:10.0399 3652 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\windows\system32\DRIVERS\btwrchid.sys19:25:10.0470 3652 btwrchid - ok19:25:10.0602 3652 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys19:25:10.0819 3652 cdfs - ok19:25:11.0153 3652 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys19:25:11.0416 3652 cdrom - ok19:25:11.0603 3652 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll19:25:11.0824 3652 CertPropSvc - ok19:25:11.0939 3652 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys19:25:12.0083 3652 circlass - ok19:25:12.0331 3652 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys19:25:12.0692 3652 CLFS - ok19:25:13.0153 3652 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe19:25:13.0256 3652 clr_optimization_v2.0.50727_32 - ok19:25:13.0741 3652 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe19:25:14.0107 3652 clr_optimization_v4.0.30319_32 - ok19:25:14.0178 3652 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys19:25:14.0312 3652 CmBatt - ok19:25:14.0637 3652 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys19:25:14.0749 3652 cmdide - ok19:25:15.0343 3652 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\windows\system32\Drivers\cng.sys19:25:15.0705 3652 CNG - ok19:25:15.0883 3652 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys19:25:15.0995 3652 Compbatt - ok19:25:16.0181 3652 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys19:25:16.0381 3652 CompositeBus - ok19:25:16.0434 3652 COMSysApp - ok19:25:16.0498 3652 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys19:25:16.0619 3652 crcdisk - ok19:25:17.0063 3652 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\windows\system32\cryptsvc.dll19:25:17.0456 3652 CryptSvc - ok19:25:17.0632 3652 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\windows\system32\DRIVERS\ctxusbm.sys19:25:17.0701 3652 ctxusbm - ok19:25:17.0852 3652 CVPNDRVA - ok19:25:18.0584 3652 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll19:25:18.0877 3652 DcomLaunch - ok19:25:18.0994 3652 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll19:25:19.0446 3652 defragsvc - ok19:25:19.0692 3652 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys19:25:19.0925 3652 DfsC - ok19:25:20.0483 3652 Dhcp (c56495fbd770712367cad35e5de72da6) C:\windows\system32\dhcpcore.dll19:25:20.0882 3652 Dhcp - ok19:25:21.0083 3652 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys19:25:21.0259 3652 discache - ok19:25:21.0504 3652 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys19:25:21.0615 3652 Disk - ok19:25:21.0851 3652 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\windows\System32\dnsrslvr.dll19:25:22.0105 3652 Dnscache - ok19:25:22.0207 3652 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\windows\System32\dot3svc.dll19:25:22.0452 3652 dot3svc - ok19:25:22.0809 3652 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\windows\system32\dps.dll19:25:23.0030 3652 DPS - ok19:25:23.0131 3652 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys19:25:23.0274 3652 drmkaud - ok19:25:23.0422 3652 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys19:25:23.0627 3652 DXGKrnl - ok19:25:23.0675 3652 DynDNS_Updater_Service - ok19:25:23.0932 3652 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll19:25:24.0058 3652 EapHost - ok19:25:29.0610 3652 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys19:25:30.0351 3652 ebdrv - ok19:25:32.0109 3652 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\System32\lsass.exe19:25:32.0297 3652 EFS - ok19:25:34.0575 3652 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys19:25:34.0852 3652 elxstor - ok19:25:34.0926 3652 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys19:25:35.0091 3652 ErrDev - ok19:25:35.0933 3652 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll19:25:36.0163 3652 EventSystem - ok19:25:36.0479 3652 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys19:25:36.0864 3652 exfat - ok19:25:36.0978 3652 fallback - ok19:25:37.0815 3652 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys19:25:38.0626 3652 fastfat - ok19:25:40.0630 3652 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\windows\system32\fxssvc.exe19:25:41.0186 3652 Fax - ok19:25:41.0257 3652 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys19:25:41.0488 3652 fdc - ok19:25:41.0976 3652 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll19:25:42.0375 3652 fdPHost - ok19:25:42.0787 3652 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll19:25:43.0009 3652 FDResPub - ok19:25:43.0390 3652 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys19:25:43.0446 3652 FileInfo - ok19:25:43.0926 3652 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys19:25:44.0325 3652 Filetrace - ok19:25:44.0514 3652 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys19:25:44.0655 3652 flpydisk - ok19:25:44.0774 3652 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys19:25:44.0854 3652 FltMgr - ok19:25:48.0862 3652 FontCache (7fe4995528a7529a761875151ee3d512) C:\windows\system32\FntCache.dll19:25:50.0985 3652 FontCache - ok19:25:51.0607 3652 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe19:25:51.0887 3652 FontCache3.0.0.0 - ok19:25:52.0374 3652 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys19:25:52.0542 3652 FsDepends - ok19:25:52.0763 3652 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\windows\system32\DRIVERS\fssfltr.sys19:25:52.0813 3652 fssfltr - ok19:25:58.0459 3652 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe19:25:58.0839 3652 fsssvc - ok19:26:00.0252 3652 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\windows\system32\drivers\Fs_Rec.sys19:26:00.0365 3652 Fs_Rec - ok19:26:00.0689 3652 FTDIBUS (aae37f0f2f613218dce17b42a18c38db) C:\windows\system32\drivers\ftdibus.sys19:26:00.0812 3652 FTDIBUS - ok19:26:00.0947 3652 ftsata2 - ok19:26:01.0455 3652 FTSER2K (48bfd1ba45c9c9e7ab339e25abfba1d2) C:\windows\system32\drivers\ftser2k.sys19:26:01.0566 3652 FTSER2K - ok19:26:02.0583 3652 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys19:26:02.0995 3652 fvevol - ok19:26:03.0201 3652 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys19:26:03.0395 3652 gagp30kx - ok19:26:03.0713 3652 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys19:26:03.0814 3652 GEARAspiWDM - ok19:26:04.0321 3652 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\windows\System32\gpsvc.dll19:26:04.0634 3652 gpsvc - ok19:26:06.0707 3652 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe19:26:06.0883 3652 gupdate - ok19:26:07.0039 3652 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe19:26:07.0166 3652 gupdatem - ok19:26:07.0656 3652 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe19:26:08.0222 3652 gusvc - ok19:26:08.0307 3652 hcf_msft - ok19:26:08.0477 3652 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys19:26:09.0054 3652 hcw85cir - ok19:26:09.0834 3652 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys19:26:10.0090 3652 HdAudAddService - ok19:26:10.0394 3652 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys19:26:10.0557 3652 HDAudBus - ok19:26:10.0688 3652 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys19:26:10.0807 3652 HidBatt - ok19:26:11.0186 3652 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys19:26:11.0480 3652 HidBth - ok19:26:11.0676 3652 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys19:26:11.0824 3652 HidIr - ok19:26:12.0002 3652 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll19:26:12.0605 3652 hidserv - ok19:26:13.0049 3652 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys19:26:13.0205 3652 HidUsb - ok19:26:16.0506 3652 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\windows\system32\kmsvc.dll19:26:17.0498 3652 hkmsvc - ok19:26:18.0058 3652 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\windows\system32\ListSvc.dll19:26:18.0470 3652 HomeGroupListener - ok19:26:18.0847 3652 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\windows\system32\provsvc.dll19:26:19.0152 3652 HomeGroupProvider - ok19:26:19.0275 3652 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys19:26:19.0339 3652 HpSAMD - ok19:26:20.0240 3652 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys19:26:20.0605 3652 HTTP - ok19:26:20.0683 3652 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys19:26:20.0749 3652 hwpolicy - ok19:26:21.0068 3652 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys19:26:21.0241 3652 i8042prt - ok19:26:22.0089 3652 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys19:26:22.0252 3652 iaStor - ok19:26:23.0325 3652 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys19:26:23.0600 3652 iaStorV - ok19:26:25.0575 3652 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe19:26:25.0795 3652 idsvc - ok19:26:44.0245 3652 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\windows\system32\DRIVERS\igdkmd32.sys19:26:45.0291 3652 igfx - ok19:26:47.0053 3652 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys19:26:47.0186 3652 iirsp - ok19:26:48.0827 3652 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\windows\System32\ikeext.dll19:26:49.0972 3652 IKEEXT - ok19:26:54.0574 3652 IntcAzAudAddService (e345ec27c8dff8728f5c6f0413699dc5) C:\windows\system32\drivers\RTKVHDA.sys19:26:55.0114 3652 IntcAzAudAddService - ok19:26:56.0395 3652 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys19:26:56.0513 3652 intelide - ok19:26:56.0695 3652 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys19:26:56.0874 3652 intelppm - ok19:26:57.0031 3652 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll19:26:57.0246 3652 IPBusEnum - ok19:26:57.0473 3652 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys19:26:57.0649 3652 IpFilterDriver - ok19:26:57.0932 3652 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys19:26:58.0105 3652 IPMIDRV - ok19:26:58.0222 3652 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys19:26:58.0374 3652 IPNAT - ok19:27:00.0330 3652 iPod Service (7a3611564fce7c8be50b03f58cb3eb7d) C:\Program Files\iPod\bin\iPodService.exe19:27:00.0498 3652 iPod Service - ok19:27:00.0623 3652 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys19:27:00.0997 3652 IRENUM - ok19:27:01.0362 3652 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys19:27:01.0575 3652 isapnp - ok19:27:02.0226 3652 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys19:27:02.0434 3652 iScsiPrt - ok19:27:02.0567 3652 itmrtsvc - ok19:27:02.0734 3652 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys19:27:02.0889 3652 kbdclass - ok19:27:02.0953 3652 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys19:27:03.0046 3652 kbdhid - ok19:27:03.0231 3652 kbfiltr (3eb803312987ff44265c87cb960df6ab) C:\windows\system32\DRIVERS\kbfiltr.sys19:27:03.0284 3652 kbfiltr - ok19:27:03.0434 3652 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe19:27:03.0519 3652 KeyIso - ok19:27:03.0594 3652 klif - ok19:27:04.0650 3652 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe19:27:04.0965 3652 Kodak AiO Network Discovery Service - ok19:27:05.0320 3652 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\windows\system32\Drivers\ksecdd.sys19:27:05.0427 3652 KSecDD - ok19:27:05.0862 3652 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\windows\system32\Drivers\ksecpkg.sys19:27:05.0939 3652 KSecPkg - ok19:27:06.0623 3652 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll19:27:07.0157 3652 KtmRm - ok19:27:07.0497 3652 L1C (a158cea8644b8a5c1ec0e9a81b70f65a) C:\windows\system32\DRIVERS\L1C62x86.sys19:27:07.0881 3652 L1C - ok19:27:08.0302 3652 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\windows\system32\srvsvc.dll19:27:08.0506 3652 LanmanServer - ok19:27:08.0697 3652 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\windows\System32\wkssvc.dll19:27:08.0905 3652 LanmanWorkstation - ok19:27:09.0100 3652 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys19:27:09.0239 3652 lltdio - ok19:27:09.0799 3652 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll19:27:10.0462 3652 lltdsvc - ok19:27:10.0594 3652 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll19:27:11.0372 3652 lmhosts - ok19:27:11.0616 3652 LMouFilt - ok19:27:11.0835 3652 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys19:27:11.0933 3652 LSI_FC - ok19:27:12.0527 3652 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys19:27:12.0813 3652 LSI_SAS - ok19:27:12.0941 3652 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys19:27:13.0021 3652 LSI_SAS2 - ok19:27:13.0362 3652 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys19:27:13.0571 3652 LSI_SCSI - ok19:27:13.0839 3652 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys19:27:14.0045 3652 luafv - ok19:27:14.0190 3652 lusbaudio - ok19:27:14.0223 3652 macformatservice - ok19:27:14.0858 3652 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys19:27:15.0115 3652 MBAMProtector - ok19:27:16.0866 3652 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe19:27:17.0044 3652 MBAMService - ok19:27:17.0274 3652 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\windows\system32\drivers\mbamswissarmy.sys19:27:17.0348 3652 MBAMSwissArmy - ok19:27:17.0392 3652 mclogmanagerservice - ok19:27:17.0544 3652 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys19:27:17.0647 3652 megasas - ok19:27:17.0928 3652 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys19:27:18.0059 3652 MegaSR - ok19:27:18.0254 3652 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll19:27:18.0437 3652 MMCSS - ok19:27:18.0539 3652 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys19:27:18.0679 3652 Modem - ok19:27:18.0826 3652 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys19:27:19.0122 3652 monitor - ok19:27:19.0288 3652 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys19:27:19.0353 3652 mouclass - ok19:27:19.0566 3652 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys19:27:19.0734 3652 mouhid - ok19:27:20.0009 3652 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys19:27:20.0079 3652 mountmgr - ok19:27:20.0363 3652 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys19:27:20.0442 3652 mpio - ok19:27:20.0676 3652 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys19:27:21.0090 3652 mpsdrv - ok19:27:21.0226 3652 mr2kserv - ok19:27:21.0443 3652 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys19:27:21.0575 3652 MRxDAV - ok19:27:21.0835 3652 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys19:27:22.0202 3652 mrxsmb - ok19:27:22.0408 3652 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys19:27:22.0565 3652 mrxsmb10 - ok19:27:22.0667 3652 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys19:27:22.0778 3652 mrxsmb20 - ok19:27:22.0895 3652 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys19:27:22.0961 3652 msahci - ok19:27:23.0045 3652 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys19:27:23.0116 3652 msdsm - ok19:27:23.0232 3652 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe19:27:23.0398 3652 MSDTC - ok19:27:23.0523 3652 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys19:27:23.0697 3652 Msfs - ok19:27:23.0710 3652 msfwsvc - ok19:27:23.0742 3652 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys19:27:23.0897 3652 mshidkmdf - ok19:27:23.0981 3652 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys19:27:24.0029 3652 msisadrv - ok19:27:24.0214 3652 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll19:27:24.0379 3652 MSiSCSI - ok19:27:24.0586 3652 msiserver - ok19:27:24.0667 3652 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys19:27:24.0788 3652 MSKSSRV - ok19:27:24.0819 3652 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys19:27:24.0963 3652 MSPCLOCK - ok19:27:25.0057 3652 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys19:27:25.0253 3652 MSPQM - ok19:27:25.0482 3652 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys19:27:25.0558 3652 MsRPC - ok19:27:25.0676 3652 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys19:27:25.0732 3652 mssmbios - ok19:27:25.0776 3652 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys19:27:25.0927 3652 MSTEE - ok19:27:26.0041 3652 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys19:27:26.0159 3652 MTConfig - ok19:27:26.0193 3652 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys19:27:26.0246 3652 Mup - ok19:27:26.0734 3652 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\windows\system32\qagentRT.dll19:27:26.0922 3652 napagent - ok19:27:27.0103 3652 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys19:27:27.0225 3652 NativeWifiP - ok19:27:27.0663 3652 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys19:27:27.0778 3652 NDIS - ok19:27:27.0887 3652 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys19:27:28.0409 3652 NdisCap - ok19:27:28.0533 3652 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys19:27:28.0702 3652 NdisTapi - ok19:27:28.0860 3652 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys19:27:29.0062 3652 Ndisuio - ok19:27:29.0311 3652 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys19:27:29.0474 3652 NdisWan - ok19:27:29.0605 3652 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys19:27:29.0791 3652 NDProxy - ok19:27:29.0942 3652 Netaapl (29c45722e20572b6440b57e3359e73ee) C:\windows\system32\DRIVERS\netaapl.sys19:27:30.0025 3652 Netaapl - ok19:27:30.0111 3652 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys19:27:30.0349 3652 NetBIOS - ok19:27:30.0810 3652 NetBT (14797e657fcfe2f62b1c315bfd6b9006) C:\windows\system32\DRIVERS\netbt.sys19:27:30.0932 3652 NetBT ( UnsignedFile.Multi.Generic ) - warning19:27:30.0962 3652 NetBT - detected UnsignedFile.Multi.Generic (1)19:27:31.0091 3652 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe19:27:31.0235 3652 Netlogon - ok19:27:31.0547 3652 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll19:27:31.0866 3652 Netman - ok19:27:32.0315 3652 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll19:27:32.0569 3652 netprofm - ok19:27:32.0996 3652 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe19:27:33.0079 3652 NetTcpPortSharing - ok19:27:33.0167 3652 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys19:27:33.0264 3652 nfrd960 - ok19:27:33.0610 3652 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\windows\System32\nlasvc.dll19:27:33.0913 3652 NlaSvc - ok19:27:34.0125 3652 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys19:27:34.0437 3652 Npfs - ok19:27:34.0575 3652 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll19:27:34.0810 3652 nsi - ok19:27:34.0979 3652 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys19:27:35.0190 3652 nsiproxy - ok19:27:35.0783 3652 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys19:27:35.0983 3652 Ntfs - ok19:27:36.0004 3652 ntlmssp - ok19:27:36.0120 3652 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys19:27:36.0258 3652 Null - ok19:27:36.0648 3652 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys19:27:36.0713 3652 nvraid - ok19:27:36.0782 3652 nvsmu - ok19:27:37.0607 3652 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys19:27:37.0739 3652 nvstor - ok19:27:37.0856 3652 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys19:27:37.0931 3652 nv_agp - ok19:27:38.0571 3652 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE19:27:38.0749 3652 odserv - ok19:27:38.0879 3652 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys19:27:38.0997 3652 ohci1394 - ok19:27:39.0182 3652 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE19:27:39.0241 3652 ose - ok19:27:39.0749 3652 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll19:27:39.0999 3652 p2pimsvc - ok19:27:40.0516 3652 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll19:27:40.0676 3652 p2psvc - ok19:27:40.0764 3652 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys19:27:40.0890 3652 Parport - ok19:27:40.0967 3652 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys19:27:41.0028 3652 partmgr - ok19:27:41.0095 3652 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys19:27:41.0227 3652 Parvdm - ok19:27:41.0587 3652 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll19:27:41.0686 3652 PcaSvc - ok19:27:41.0861 3652 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys19:27:41.0921 3652 pci - ok19:27:41.0982 3652 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys19:27:42.0099 3652 pciide - ok19:27:42.0248 3652 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys19:27:42.0323 3652 pcmcia - ok19:27:42.0689 3652 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys19:27:42.0737 3652 pcw - ok19:27:43.0194 3652 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys19:27:43.0400 3652 PEAUTH - ok19:27:45.0441 3652 pla (9c1bff7910c89a1d12e57343475840cb) C:\windows\system32\pla.dll19:27:45.0765 3652 pla - ok19:27:46.0939 3652 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\windows\system32\umpnpmgr.dll19:27:47.0155 3652 PlugPlay - ok19:27:47.0292 3652 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll19:27:47.0376 3652 PNRPAutoReg - ok19:27:47.0786 3652 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll19:27:47.0854 3652 PNRPsvc - ok19:27:48.0259 3652 Point32 (7d7a9c17d5455203dea11e5ef886cc59) C:\windows\system32\DRIVERS\point32.sys19:27:48.0318 3652 Point32 - ok19:27:48.0780 3652 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\windows\System32\ipsecsvc.dll19:27:49.0007 3652 PolicyAgent - ok19:27:49.0402 3652 Power (dbff83f709a91049621c1d35dd45c92c) C:\windows\system32\umpo.dll19:27:49.0576 3652 Power - ok19:27:49.0818 3652 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys19:27:49.0995 3652 PptpMiniport - ok19:27:50.0136 3652 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys19:27:50.0246 3652 Processor - ok19:27:50.0666 3652 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\windows\system32\profsvc.dll19:27:50.0838 3652 ProfSvc - ok19:27:50.0957 3652 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe19:27:51.0012 3652 ProtectedStorage - ok19:27:51.0074 3652 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys19:27:51.0212 3652 Psched - ok19:27:51.0255 3652 qbposdbservices - ok19:27:52.0964 3652 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys19:27:53.0161 3652 ql2300 - ok19:27:55.0025 3652 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys19:27:55.0140 3652 ql40xx - ok19:27:55.0490 3652 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll19:27:55.0680 3652 QWAVE - ok19:27:55.0777 3652 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys19:27:55.0885 3652 QWAVEdrv - ok19:27:56.0532 3652 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\windows\WindowsMobile\rapimgr.dll19:27:56.0627 3652 RapiMgr - ok19:27:56.0734 3652 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys19:27:56.0871 3652 RasAcd - ok19:27:57.0097 3652 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys19:27:57.0400 3652 RasAgileVpn - ok19:27:57.0557 3652 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll19:27:57.0696 3652 RasAuto - ok19:27:57.0917 3652 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys19:27:58.0113 3652 Rasl2tp - ok19:27:58.0408 3652 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\windows\System32\rasmans.dll19:27:58.0660 3652 RasMan - ok19:27:58.0725 3652 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys19:27:58.0883 3652 RasPppoe - ok19:27:59.0016 3652 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys19:27:59.0130 3652 RasSstp - ok19:27:59.0182 3652 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys19:27:59.0487 3652 rdbss - ok19:27:59.0583 3652 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys19:27:59.0751 3652 rdpbus - ok19:27:59.0852 3652 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys19:28:00.0032 3652 RDPCDD - ok19:28:00.0132 3652 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys19:28:00.0256 3652 RDPENCDD - ok19:28:00.0314 3652 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys19:28:00.0477 3652 RDPREFMP - ok19:28:00.0737 3652 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\windows\system32\drivers\RDPWD.sys19:28:01.0075 3652 RDPWD - ok19:28:01.0367 3652 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys19:28:01.0519 3652 rdyboost - ok19:28:01.0718 3652 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll19:28:01.0864 3652 RemoteAccess - ok19:28:02.0077 3652 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll19:28:02.0205 3652 RemoteRegistry - ok19:28:02.0511 3652 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys19:28:02.0675 3652 RFCOMM - ok19:28:02.0836 3652 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll19:28:03.0034 3652 RpcEptMapper - ok19:28:03.0209 3652 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe19:28:03.0328 3652 RpcLocator - ok19:28:04.0118 3652 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\windows\system32\rpcss.dll19:28:04.0340 3652 RpcSs - ok19:28:04.0551 3652 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys19:28:04.0719 3652 rspndr - ok19:28:04.0808 3652 s116obex - ok19:28:04.0942 3652 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe19:28:05.0009 3652 SamSs - ok19:28:05.0185 3652 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys19:28:05.0236 3652 sbp2port - ok19:28:05.0329 3652 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll19:28:05.0554 3652 SCardSvr - ok19:28:05.0626 3652 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys19:28:05.0753 3652 scfilter - ok19:28:11.0993 3652 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\windows\system32\schedsvc.dll19:28:12.0232 3652 Schedule - ok19:28:12.0296 3652 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\windows\System32\certprop.dll19:28:12.0512 3652 SCPolicySvc - ok19:28:12.0613 3652 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\windows\System32\SDRSVC.dll19:28:12.0803 3652 SDRSVC - ok19:28:12.0880 3652 se58unic - ok19:28:12.0987 3652 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys19:28:13.0116 3652 secdrv - ok19:28:13.0222 3652 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll19:28:13.0355 3652 seclogon - ok19:28:13.0466 3652 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll19:28:13.0621 3652 SENS - ok19:28:13.0801 3652 ser2at (0d78c1c2469888bd18e25406ee9b41f6) C:\windows\system32\DRIVERS\ser2at.sys19:28:13.0902 3652 ser2at - ok19:28:13.0930 3652 SeratoUsb - ok19:28:13.0991 3652 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys19:28:14.0078 3652 Serenum - ok19:28:14.0143 3652 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys19:28:14.0233 3652 Serial - ok19:28:14.0311 3652 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys19:28:14.0394 3652 sermouse - ok19:28:14.0757 3652 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\windows\system32\sessenv.dll19:28:14.0909 3652 SessionEnv - ok19:28:14.0983 3652 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys19:28:15.0070 3652 sffdisk - ok19:28:15.0140 3652 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys19:28:15.0210 3652 sffp_mmc - ok19:28:15.0288 3652 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys19:28:15.0404 3652 sffp_sd - ok19:28:15.0704 3652 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys19:28:15.0802 3652 sfloppy - ok19:28:16.0770 3652 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll19:28:16.0939 3652 SharedAccess - ok19:28:17.0036 3652 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\windows\System32\shsvcs.dll19:28:17.0289 3652 ShellHWDetection - ok19:28:17.0376 3652 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys19:28:17.0425 3652 sisagp - ok19:28:17.0580 3652 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys19:28:17.0657 3652 SiSRaid2 - ok19:28:17.0802 3652 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys19:28:17.0866 3652 SiSRaid4 - ok19:28:17.0997 3652 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys19:28:18.0135 3652 Smb - ok19:28:18.0310 3652 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe19:28:18.0405 3652 SNMPTRAP - ok19:28:18.0476 3652 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys19:28:18.0529 3652 spldr - ok19:28:18.0952 3652 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\windows\System32\spoolsv.exe19:28:19.0082 3652 Spooler - ok19:28:22.0298 3652 sppsvc (4c287f9069fedbd791178876ee9de536) C:\windows\system32\sppsvc.exe19:28:22.0718 3652 sppsvc - ok19:28:23.0843 3652 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\windows\system32\sppuinotify.dll19:28:24.0157 3652 sppuinotify - ok19:28:24.0251 3652 Spsmqvsm - ok19:28:24.0555 3652 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys19:28:24.0766 3652 srv - ok19:28:25.0068 3652 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys19:28:25.0193 3652 srv2 - ok19:28:25.0248 3652 SRVLOC - ok19:28:25.0491 3652 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys19:28:25.0605 3652 srvnet - ok19:28:25.0799 3652 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll19:28:25.0992 3652 SSDPSRV - ok19:28:26.0115 3652 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll19:28:26.0408 3652 SstpSvc - ok19:28:26.0479 3652 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys19:28:26.0527 3652 stexstor - ok19:28:26.0643 3652 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\windows\System32\wiaservc.dll19:28:26.0964 3652 StiSvc - ok19:28:27.0116 3652 sursayra (e6d35f3aa51a65eb35c1f2340154a25e) C:\windows\system32\drivers\jxgc.sys19:28:27.0176 3652 sursayra ( UnsignedFile.Multi.Generic ) - warning19:28:27.0177 3652 sursayra - detected UnsignedFile.Multi.Generic (1)19:28:27.0272 3652 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys19:28:27.0321 3652 swenum - ok19:28:27.0421 3652 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll19:28:27.0688 3652 swprv - ok19:28:27.0807 3652 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys19:28:27.0870 3652 SynTP - ok19:28:28.0303 3652 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\windows\system32\sysmain.dll19:28:28.0463 3652 SysMain - ok19:28:28.0515 3652 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\windows\System32\TabSvc.dll19:28:28.0624 3652 TabletInputService - ok19:28:28.0696 3652 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\windows\System32\tapisrv.dll19:28:28.0863 3652 TapiSrv - ok19:28:28.0912 3652 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll19:28:29.0056 3652 TBS - ok19:28:29.0255 3652 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys19:28:29.0404 3652 Tcpip - ok19:28:29.0445 3652 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys19:28:29.0560 3652 TCPIP6 - ok19:28:29.0615 3652 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys19:28:29.0755 3652 tcpipreg - ok19:28:29.0809 3652 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys19:28:29.0877 3652 TDPIPE - ok19:28:29.0935 3652 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\windows\system32\drivers\tdtcp.sys19:28:29.0987 3652 TDTCP - ok19:28:30.0031 3652 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys19:28:30.0142 3652 tdx - ok19:28:30.0344 3652 TeamViewer5 (2a96c8fa665c02e6ad596c321b583112) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe19:28:30.0404 3652 TeamViewer5 - ok19:28:30.0563 3652 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys19:28:30.0613 3652 TermDD - ok19:28:30.0735 3652 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\windows\System32\termsrv.dll19:28:30.0964 3652 TermService - ok19:28:31.0018 3652 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll19:28:31.0116 3652 Themes - ok19:28:31.0184 3652 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll19:28:31.0306 3652 THREADORDER - ok19:28:31.0344 3652 tpsrv - ok19:28:31.0416 3652 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll19:28:31.0573 3652 TrkWks - ok19:28:31.0652 3652 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\windows\servicing\TrustedInstaller.exe19:28:31.0739 3652 TrustedInstaller - ok19:28:31.0875 3652 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys19:28:32.0034 3652 tssecsrv - ok19:28:32.0119 3652 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys19:28:32.0249 3652 tunnel - ok19:28:32.0340 3652 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys19:28:32.0390 3652 uagp35 - ok19:28:32.0467 3652 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys19:28:32.0609 3652 udfs - ok19:28:32.0700 3652 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe19:28:32.0809 3652 UI0Detect - ok19:28:32.0929 3652 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys19:28:32.0985 3652 uliagpkx - ok19:28:33.0027 3652 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys19:28:33.0094 3652 umbus - ok19:28:33.0142 3652 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys19:28:33.0195 3652 UmPass - ok19:28:33.0401 3652 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll19:28:33.0583 3652 upnphost - ok19:28:33.0651 3652 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\windows\system32\Drivers\usbaapl.sys19:28:33.0757 3652 USBAAPL - ok19:28:33.0815 3652 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys19:28:33.0920 3652 usbccgp - ok19:28:34.0026 3652 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys19:28:34.0098 3652 usbcir - ok19:28:34.0189 3652 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys19:28:34.0255 3652 usbehci - ok19:28:34.0378 3652 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys19:28:34.0495 3652 usbhub - ok19:28:34.0571 3652 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys19:28:34.0638 3652 usbohci - ok19:28:34.0713 3652 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys19:28:34.0793 3652 usbprint - ok19:28:34.0943 3652 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys19:28:35.0033 3652 usbscan - ok19:28:35.0223 3652 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS19:28:35.0348 3652 USBSTOR - ok19:28:35.0453 3652 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys19:28:35.0522 3652 usbuhci - ok19:28:35.0799 3652 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys19:28:35.0912 3652 usbvideo - ok19:28:35.0989 3652 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\windows\system32\DRIVERS\usb8023x.sys19:28:36.0063 3652 usb_rndisx - ok19:28:36.0176 3652 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll19:28:36.0334 3652 UxSms - ok19:28:36.0402 3652 vaiomediaplatform-photoserver-appserver - ok19:28:36.0470 3652 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\windows\system32\lsass.exe19:28:36.0544 3652 VaultSvc - ok19:28:36.0611 3652 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys19:28:36.0658 3652 vdrvroot - ok19:28:37.0350 3652 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\windows\System32\vds.exe19:28:37.0460 3652 vds - ok19:28:37.0527 3652 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys19:28:37.0615 3652 vga - ok19:28:37.0680 3652 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys19:28:37.0805 3652 VgaSave - ok19:28:37.0924 3652 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys19:28:38.0009 3652 vhdmp - ok19:28:38.0069 3652 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys19:28:38.0155 3652 viaagp - ok19:28:38.0202 3652 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys19:28:38.0269 3652 ViaC7 - ok19:28:38.0319 3652 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys19:28:38.0369 3652 viaide - ok19:28:38.0464 3652 videoacceleratorengine - ok19:28:38.0549 3652 vnxservice - ok19:28:38.0705 3652 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys19:28:38.0774 3652 volmgr - ok19:28:39.0041 3652 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys19:28:39.0123 3652 volmgrx - ok19:28:39.0370 3652 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys19:28:39.0438 3652 volsnap - ok19:28:39.0617 3652 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys19:28:39.0684 3652 vsmraid - ok19:28:40.0236 3652 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\windows\system32\vssvc.exe19:28:40.0424 3652 VSS - ok19:28:40.0472 3652 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys19:28:40.0557 3652 vwifibus - ok19:28:40.0663 3652 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys19:28:40.0743 3652 vwififlt - ok19:28:40.0822 3652 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys19:28:40.0916 3652 vwifimp - ok19:28:41.0099 3652 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll19:28:41.0266 3652 W32Time - ok19:28:41.0353 3652 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys19:28:41.0443 3652 WacomPen - ok19:28:41.0495 3652 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys19:28:41.0639 3652 WANARP - ok19:28:41.0687 3652 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys19:28:41.0800 3652 Wanarpv6 - ok19:28:42.0133 3652 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\windows\system32\wbengine.exe19:28:42.0320 3652 wbengine - ok19:28:42.0405 3652 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll19:28:42.0510 3652 WbioSrvc - ok19:28:42.0806 3652 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\windows\WindowsMobile\wcescomm.dll19:28:42.0892 3652 WcesComm - ok19:28:43.0070 3652 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\windows\System32\wcncsvc.dll19:28:43.0230 3652 wcncsvc - ok19:28:43.0288 3652 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll19:28:43.0428 3652 WcsPlugInService - ok19:28:43.0565 3652 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys19:28:43.0615 3652 Wd - ok19:28:43.0744 3652 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys19:28:43.0835 3652 Wdf01000 - ok19:28:44.0058 3652 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll19:28:44.0162 3652 WdiServiceHost - ok19:28:44.0186 3652 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll19:28:44.0262 3652 WdiSystemHost - ok19:28:44.0353 3652 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\windows\System32\webclnt.dll19:28:44.0470 3652 WebClient - ok19:28:44.0599 3652 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll19:28:44.0743 3652 Wecsvc - ok19:28:44.0788 3652 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll19:28:44.0927 3652 wercplsupport - ok19:28:44.0995 3652 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll19:28:45.0141 3652 WerSvc - ok19:28:45.0229 3652 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys19:28:45.0365 3652 WfpLwf - ok19:28:45.0412 3652 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys19:28:45.0461 3652 WIMMount - ok19:28:45.0504 3652 WinHttpAutoProxySvc - ok19:28:45.0613 3652 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll19:28:45.0775 3652 Winmgmt - ok19:28:46.0363 3652 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\windows\system32\WsmSvc.dll19:28:46.0686 3652 WinRM - ok19:28:46.0867 3652 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys19:28:46.0938 3652 WinUsb - ok19:28:47.0163 3652 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll19:28:47.0324 3652 Wlansvc - ok19:28:48.0255 3652 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE19:28:48.0446 3652 wlidsvc - ok19:28:48.0689 3652 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys19:28:48.0771 3652 WmiAcpi - ok19:28:48.0944 3652 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe19:28:49.0036 3652 wmiApSrv - ok19:28:50.0130 3652 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe19:28:50.0447 3652 WMPNetworkSvc - ok19:28:50.0484 3652 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll19:28:50.0633 3652 WPCSvc - ok19:28:50.0719 3652 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\windows\system32\wpdbusenum.dll19:28:50.0903 3652 WPDBusEnum - ok19:28:51.0024 3652 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys19:28:51.0153 3652 ws2ifsl - ok19:28:51.0190 3652 WSearch - ok19:28:52.0333 3652 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\windows\system32\wuaueng.dll19:28:52.0632 3652 wuauserv - ok19:28:52.0945 3652 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys19:28:53.0075 3652 WudfPf - ok19:28:53.0148 3652 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys19:28:53.0328 3652 WUDFRd - ok19:28:53.0381 3652 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\windows\System32\WUDFSvc.dll19:28:53.0553 3652 wudfsvc - ok19:28:53.0667 3652 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll19:28:53.0788 3652 WwanSvc - ok19:28:53.0966 3652 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR019:28:55.0071 3652 \Device\Harddisk0\DR0 - ok19:28:55.0112 3652 Boot (0x1200) (63216fc123dfb3a96ab997153c169ae1) \Device\Harddisk0\DR0\Partition019:28:55.0116 3652 \Device\Harddisk0\DR0\Partition0 - ok19:28:55.0168 3652 Boot (0x1200) (216285b664e1e91b5f69990f91c2ba61) \Device\Harddisk0\DR0\Partition119:28:55.0174 3652 \Device\Harddisk0\DR0\Partition1 - ok19:28:55.0176 3652 ============================================================19:28:55.0176 3652 Scan finished19:28:55.0176 3652 ============================================================19:28:55.0664 6800 Detected object count: 319:28:55.0664 6800 Actual detected object count: 319:36:52.0173 6800 AsusService ( UnsignedFile.Multi.Generic ) - skipped by user19:36:52.0180 6800 AsusService ( UnsignedFile.Multi.Generic ) - User select action: Skip19:36:52.0226 6800 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user19:36:52.0227 6800 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip19:36:52.0236 6800 sursayra ( UnsignedFile.Multi.Generic ) - skipped by user19:36:52.0237 6800 sursayra ( UnsignedFile.Multi.Generic ) - User select action: Skip Link to post Share on other sites More sharing options...
cordelia Posted May 2, 2012 Author ID:548243 Share Posted May 2, 2012 Here's attach.txt. Sorry for the multiple posts..UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows 7 StarterBoot Device: \Device\HarddiskVolume1Install Date: 06/12/2009 2:01:09 PMSystem Uptime: 01/05/2012 7:58:16 PM (1 hours ago).Motherboard: ASUSTeK Computer INC. | | 1005HAProcessor: Intel® Atom CPU N270 @ 1.60GHz | PBGA 437 | 1600/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 100 GiB total, 18.867 GiB free.D: is FIXED (NTFS) - 123 GiB total, 90.42 GiB free..==== Disabled Device Manager Items =============.==== System Restore Points ===================..==== Installed Programs ======================.Update for Microsoft Office 2007 (KB2508958)7-Zip 9.20AC3Filter 1.63bAcrobat.comAdobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader 9.4.6 MUIaioprntaioscnnrAlice GreenfingersAMCapApple Application SupportApple Mobile Device SupportApple Software UpdateASUSUpdate for Eee PCAsusVibe2.0AsusVibeCheckUpdateAtheros Client Installation ProgramAtheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driveravast! AntivirusBass Audio Decoder (remove only)Bing BarBonjourBullzip PDF Printer 8.2.0.1394CD Audio Reader Filter (remove only)centerChicken Invaders 2Citrix online plug-inCitrix online plug-in (DV)Citrix online plug-in (HDX)Citrix online plug-in (PNA)Citrix online plug-in (SSON)Citrix online plug-in (USB)Citrix online plug-in (Web)Citrix Web ClientCompatibility Pack for the 2007 Office systemD3DX10DCoder Image Source (remove only)DirectVobSub (remove only)Dream Day Wedding Married in ManhattanDScaler 5 Mpeg DecodersE-CamEee Docking 2.4.0EeeSplendidessentialsffdshow v1.1.3966 [2011-08-09]FFMPEG Core Files (remove only)FontResizerGabest MPEG Splitter (remove only)GamePark ConsoleGoogle ChromeGoogle Talk (remove only)Google Toolbar for Internet ExplorerGoogle Update HelperHaali Media SplitterHiJackThisHotkey ServiceIntel® Graphics Media Accelerator DriveriTunesJava Auto UpdaterJava 6 Update 22Junk Mail filter updateKodak AIO PrinterKODAK AiO SoftwareLast.fm 1.5.4.27091LAV Filters (remove only)LocaleMeMalwarebytes Anti-Malware version 1.61.0.1400Messenger CompanionMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft IntelliPoint 8.1Microsoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (Dutch) 2007Microsoft Office Access MUI (French) 2007Microsoft Office Access MUI (German) 2007Microsoft Office Access MUI (Italian) 2007Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)Microsoft Office Excel MUI (Dutch) 2007Microsoft Office Excel MUI (English) 2007Microsoft Office Excel MUI (French) 2007Microsoft Office Excel MUI (German) 2007Microsoft Office Excel MUI (Italian) 2007Microsoft Office Groove MUI (Dutch) 2007Microsoft Office Groove MUI (French) 2007Microsoft Office Groove MUI (German) 2007Microsoft Office Groove MUI (Italian) 2007Microsoft Office Home and Student 2007Microsoft Office InfoPath MUI (Dutch) 2007Microsoft Office InfoPath MUI (French) 2007Microsoft Office InfoPath MUI (German) 2007Microsoft Office InfoPath MUI (Italian) 2007Microsoft Office Language Pack 2007 - Dutch/NederlandsMicrosoft Office Language Pack 2007 - French/FrançaisMicrosoft Office Language Pack 2007 - German/DeutschMicrosoft Office Language Pack 2007 - Italian/ItalianoMicrosoft Office Live Add-in 1.3Microsoft Office O MUI (Dutch) 2007Microsoft Office O MUI (French) 2007Microsoft Office O MUI (German) 2007Microsoft Office O MUI (Italian) 2007Microsoft Office OneNote MUI (Dutch) 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office OneNote MUI (French) 2007Microsoft Office OneNote MUI (German) 2007Microsoft Office OneNote MUI (Italian) 2007Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)Microsoft Office Outlook MUI (Dutch) 2007Microsoft Office Outlook MUI (French) 2007Microsoft Office Outlook MUI (German) 2007Microsoft Office Outlook MUI (Italian) 2007Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)Microsoft Office PowerPoint MUI (Dutch) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint MUI (French) 2007Microsoft Office PowerPoint MUI (German) 2007Microsoft Office PowerPoint MUI (Italian) 2007Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Proof (Arabic) 2007Microsoft Office Proof (Dutch) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (German) 2007Microsoft Office Proof (Italian) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (Dutch) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing (French) 2007Microsoft Office Proofing (German) 2007Microsoft Office Proofing (Italian) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (Dutch) 2007Microsoft Office Publisher MUI (French) 2007Microsoft Office Publisher MUI (German) 2007Microsoft Office Publisher MUI (Italian) 2007Microsoft Office Shared MUI (Dutch) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared MUI (French) 2007Microsoft Office Shared MUI (German) 2007Microsoft Office Shared MUI (Italian) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)Microsoft Office SharePoint Designer MUI (Dutch) 2007Microsoft Office SharePoint Designer MUI (French) 2007Microsoft Office SharePoint Designer MUI (German) 2007Microsoft Office SharePoint Designer MUI (Italian) 2007Microsoft Office Suite Activation AssistantMicrosoft Office Word 2007 Help - Aggiornamento (KB963665)Microsoft Office Word MUI (Dutch) 2007Microsoft Office Word MUI (English) 2007Microsoft Office Word MUI (French) 2007Microsoft Office Word MUI (German) 2007Microsoft Office Word MUI (Italian) 2007Microsoft Office X MUI (Dutch) 2007Microsoft Office X MUI (French) 2007Microsoft Office X MUI (German) 2007Microsoft Office X MUI (Italian) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WorksMise à jour Microsoft Office Excel 2007 Help (KB963678)Mise à jour Microsoft Office Outlook 2007 Help (KB963677)Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)Mise à jour Microsoft Office Word 2007 Help (KB963665)MSVCRTOceanis Change Background Windows 7ocrOpenOffice.org 3.3OpenSource AVI Splitter (remove only)OpenSource DTS/AC3/DD+ Source Filter (remove only)OpenSource Flash Video Splitter (remove only)Opera 11.60PiccoloTaxiPigglyPreReqQuickTimeRalink RT2860 Wireless LAN CardRealMedia (remove only)Realtek High Definition Audio DriverSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-BitEditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-BitEditionSkype web featuresSkype™ 5.5SmileyvilleSuper Hybrid EngineSynaptics Pointing Device DriverTeamViewer 5Update für Microsoft Office Excel 2007 Help (KB963678)Update für Microsoft Office Outlook 2007 Help (KB963677)Update für Microsoft Office Powerpoint 2007 Help (KB963669)Update für Microsoft Office Word 2007 Help (KB963665)Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596651) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596789) 32-Bit EditionUpdate for Microsoft Office Excel 2007 (KB2596596) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Update voor Microsoft Office Excel 2007 Help (KB963678)Update voor Microsoft Office Powerpoint 2007 Help (KB963669)Update voor Microsoft Office Word 2007 Help (KB963665)WIDCOMM Bluetooth SoftwareWinampWinamp Detector Plug-inWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MailWindows Live MessengerWindows Live Messenger Companion CoreWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Mobile Device CenterWindows Mobile Device Center Driver UpdateWinRAR 4.01 (32-bit)Xfp Ver_2.0.13 - TDK_2.0.17Zoom Player (remove only).==== Event Viewer Messages From Past Week ========.30/04/2012 9:57:03 PM, Error: Service Control Manager [7023] - The Sfusvcservice terminated with the following error: The specified procedure couldnot be found.30/04/2012 9:44:43 PM, Error: Service Control Manager [7023] - The Symredrvservice terminated with the following error: The specified procedure couldnot be found.30/04/2012 9:12:05 PM, Error: Service Control Manager [7023] - TheAlteraByteBlaster service terminated with the following error: Thespecified procedure could not be found.30/04/2012 9:00:06 PM, Error: Service Control Manager [7023] - TheLktimesync service terminated with the following error: The specifiedprocedure could not be found.30/04/2012 8:42:05 PM, Error: Service Control Manager [7023] - The PID_08A0service terminated with the following error: The specified procedure couldnot be found.30/04/2012 8:27:01 PM, Error: Service Control Manager [7023] - The DELTAservice terminated with the following error: The specified procedure couldnot be found.30/04/2012 8:11:57 PM, Error: Service Control Manager [7023] - The GcKernelservice terminated with the following error: The specified procedure couldnot be found.30/04/2012 8:11:01 PM, Error: Service Control Manager [7023] - The Atiavpciservice terminated with the following error: The specified procedure couldnot be found.30/04/2012 7:57:30 PM, Error: Service Control Manager [7023] - TheFa_scheduler service terminated with the following error: The specifiedprocedure could not be found.30/04/2012 7:49:42 PM, Error: Service Control Manager [7023] - The GBDeviceservice terminated with the following error: The specified procedure couldnot be found.30/04/2012 11:57:04 PM, Error: Service Control Manager [7023] - The Msmpsvcservice terminated with the following error: The specified procedure couldnot be found.30/04/2012 11:42:37 PM, Error: Service Control Manager [7023] - The Fsauaservice terminated with the following error: The specified procedure couldnot be found.30/04/2012 11:27:01 PM, Error: Service Control Manager [7023] - The ASUSVRCservice terminated with the following error: The specified procedure couldnot be found.30/04/2012 11:12:02 PM, Error: Service Control Manager [7023] - TheIksysflt service terminated with the following error: The specifiedprocedure could not be found.30/04/2012 10:57:01 PM, Error: Service Control Manager [7023] - The Z800busservice terminated with the following error: The specified procedure couldnot be found.30/04/2012 10:41:59 PM, Error: Service Control Manager [7023] - TheTMBMServer service terminated with the following error: The specifiedprocedure could not be found.30/04/2012 10:27:21 PM, Error: Service Control Manager [7023] - TheElbycdio service terminated with the following error: The specifiedprocedure could not be found.30/04/2012 10:12:00 PM, Error: Service Control Manager [7023] - TheLmimaint service terminated with the following error: The specifiedprocedure could not be found.01/05/2012 9:34:58 AM, Error: Service Control Manager [7023] - TheWMIService service terminated with the following error: The specifiedprocedure could not be found.01/05/2012 9:20:20 AM, Error: Service Control Manager [7023] - TheMcafeeframework service terminated with the following error: The specifiedprocedure could not be found.01/05/2012 9:04:57 AM, Error: Service Control Manager [7023] - The RadProbeservice terminated with the following error: The specified procedure couldnot be found.01/05/2012 9:03:38 AM, Error: Service Control Manager [7023] - The Mssql$sony_mediamgr service terminated with the following error: The specifiedprocedure could not be found.01/05/2012 8:58:56 PM, Error: Microsoft-Windows-DNS-Client [1012] - Therewas an error while attempting to read the local hosts file.01/05/2012 8:53:26 PM, Error: Service Control Manager [7023] - TheSmartscaps service terminated with the following error: The specifiedprocedure could not be found.01/05/2012 8:39:01 PM, Error: Service Control Manager [7023] - The W39n51service terminated with the following error: The specified procedure couldnot be found.01/05/2012 8:23:44 PM, Error: Service Control Manager [7023] - ThePatrolagent service terminated with the following error: The specifiedprocedure could not be found.01/05/2012 8:16:21 PM, Error: Service Control Manager [7034] - The iPodService service terminated unexpectedly. It has done this 1 time(s).01/05/2012 8:08:48 PM, Error: Service Control Manager [7023] - TheMaya70docserver service terminated with the following error: The specifiedprocedure could not be found.01/05/2012 8:07:56 PM, Error: Service Control Manager [7023] - The Lpdsservice terminated with the following error: The specified procedure couldnot be found.01/05/2012 7:59:12 PM, Error: Service Control Manager [7026] - Thefollowing boot-start or system-start driver(s) failed to load: cdrom luafv01/05/2012 7:59:09 PM, Error: Service Control Manager [7023] - The Ser2plmsservice terminated with the following error: The system cannot find thefile specified.01/05/2012 7:59:07 PM, Error: Service Control Manager [7023] - The Nvgtsservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:07 PM, Error: Service Control Manager [7023] - The Fsauaservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:07 PM, Error: Service Control Manager [7023] - TheFa_scheduler service terminated with the following error: The specifiedmodule could not be found.01/05/2012 7:59:07 PM, Error: Service Control Manager [7023] - The DELTAservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The SED133xservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The Pdlndsdlservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The Msmpsvcservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - TheMcafeeframework service terminated with the following error: The specifiedmodule could not be found.01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - TheLxrsge10s service terminated with the following error: The specified modulecould not be found.01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - TheLktimesync service terminated with the following error: The specifiedmodule could not be found.01/05/2012 7:59:06 PM, Error: Service Control Manager [7023] - The GBDeviceservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:05 PM, Error: Service Control Manager [7023] - TheWMIService service terminated with the following error: The specifiedmodule could not be found.01/05/2012 7:59:05 PM, Error: Service Control Manager [7023] - TheVideoacceleratorengine service terminated with the following error: Thespecified module could not be found.01/05/2012 7:59:05 PM, Error: Service Control Manager [7023] - TheTrlokom_rmhsvc service terminated with the following error: The systemcannot find the file specified.01/05/2012 7:59:05 PM, Error: Service Control Manager [7023] - The Lmimaintservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:05 PM, Error: Service Control Manager [7003] - The IPsecPolicy Agent service depends the following service: BFE. This service mightnot be installed.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Z800busservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - TheWmp54gssvc service terminated with the following error: The specifiedmodule could not be found.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - TheTMBMServer service terminated with the following error: The specifiedmodule could not be found.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Symredrvservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The PID_08A0service terminated with the following error: The specified module could notbe found.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - TheOracleorahome92tnslistener service terminated with the following error: Thesystem cannot find the file specified.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Iksysfltservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The GcKernelservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Elbycdioservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - The Atiavpciservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:04 PM, Error: Service Control Manager [7023] - TheAlteraByteBlaster service terminated with the following error: Thespecified module could not be found.01/05/2012 7:59:04 PM, Error: Service Control Manager [7003] - The IKE andAuthIP IPsec Keying Modules service depends the following service: BFE. Thisservice might not be installed.01/05/2012 7:59:03 PM, Error: Service Control Manager [7023] - The Sntnlusbservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:03 PM, Error: Service Control Manager [7023] - The RadProbeservice terminated with the following error: The specified module could notbe found.01/05/2012 7:59:03 PM, Error: Service Control Manager [7023] - The ComputerBrowser service terminated with the following error: The specified servicedoes not exist as an installed service.01/05/2012 7:59:03 PM, Error: Service Control Manager [7023] - TheBootScreen service terminated with the following error: The system cannotfind the file specified.01/05/2012 7:59:02 PM, Error: Service Control Manager [7023] - The Maplomservice terminated with the following error: The specified module could notbe found.01/05/2012 7:58:59 PM, Error: Service Control Manager [7023] - The Sfusvcservice terminated with the following error: The specified module could notbe found.01/05/2012 7:58:59 PM, Error: Service Control Manager [7023] - The Mssql$sony_mediamgr service terminated with the following error: The specifiedmodule could not be found.01/05/2012 7:58:59 PM, Error: Service Control Manager [7023] - The Jukebox3service terminated with the following error: The system cannot find thefile specified.01/05/2012 7:58:59 PM, Error: Service Control Manager [7023] - The ASUSVRCservice terminated with the following error: The specified module could notbe found.01/05/2012 7:54:24 PM, Error: Service Control Manager [7023] - TheLxrsge10s service terminated with the following error: The specifiedprocedure could not be found.01/05/2012 7:40:01 PM, Error: Service Control Manager [7023] - The Pdlndsdlservice terminated with the following error: The specified procedure couldnot be found.01/05/2012 7:23:51 PM, Error: Service Control Manager [7023] - The SED133xservice terminated with the following error: The specified procedure couldnot be found.01/05/2012 7:23:04 PM, Error: Service Control Manager [7011] - A timeout(30000 milliseconds) was reached while waiting for a transaction responsefrom the FDResPub service.01/05/2012 7:22:26 PM, Error: Service Control Manager [7023] - The Maplomservice terminated with the following error: The specified procedure couldnot be found.01/05/2012 7:22:10 PM, Error: Server [2505] - The server could not bind tothe transport \Device\NetBT_Tcpip_{30241194-5E19-4930-8815-E2BA8533BFFD}because another computer on the network has the same name. The server couldnot start.01/05/2012 6:00:18 AM, Error: Service Control Manager [7011] - A timeout(30000 milliseconds) was reached while waiting for a transaction responsefrom the Netman service.01/05/2012 3:53:03 PM, Error: Service Control Manager [7009] - A timeoutwas reached (30000 milliseconds) while waiting for the Windows ErrorReporting Service service to connect.01/05/2012 3:51:39 PM, Error: Service Control Manager [7011] - A timeout(30000 milliseconds) was reached while waiting for a transaction responsefrom the Wlansvc service..==== End Of File =========================== Link to post Share on other sites More sharing options...
Maniac Posted May 3, 2012 ID:548553 Share Posted May 3, 2012 Thanks!Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Please include the C:\ComboFix.txt in your next reply for further review. Link to post Share on other sites More sharing options...
cordelia Posted May 4, 2012 Author ID:548677 Share Posted May 4, 2012 I ran ComboFix and it claimed to have found the ZeroAccess rootkit. Now computer is running quite a bit faster and despite MalwareBytes protection running again, I haven't noticed any rootkit warnings yet.Here's my log:ComboFix 12-05-03.03 - Sophia 03/05/2012 23:45:16.1.2 - x86Microsoft Windows 7 Starter 6.1.7600.0.1252.2.1033.18.1015.350 [GMT -7:00]Running from: c:\users\Sophia\Desktop\ComboFix.exeAV: avast! antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}SP: avast! antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\JByNm7Ot.exec:\users\Jonas\AppData\Roaming\.#c:\windows\$NtUninstallKB44522$\503164951\@c:\windows\$NtUninstallKB44522$\503164951\cfg.inic:\windows\$NtUninstallKB44522$\503164951\Desktop.inic:\windows\$NtUninstallKB44522$\503164951\L\xadqgnnkc:\windows\$NtUninstallKB44522$\503164951\oemidc:\windows\$NtUninstallKB44522$\503164951\U\00000001.@c:\windows\$NtUninstallKB44522$\503164951\U\00000002.@c:\windows\$NtUninstallKB44522$\503164951\U\00000004.@c:\windows\$NtUninstallKB44522$\503164951\U\80000000.@c:\windows\$NtUninstallKB44522$\503164951\U\80000004.@c:\windows\$NtUninstallKB44522$\503164951\U\80000032.@c:\windows\$NtUninstallKB44522$\503164951\versionc:\windows\$NtUninstallKB44522$\880855060c:\windows\system32\actser.dllc:\windows\system32\amfilter.dllc:\windows\system32\AR5523.dllc:\windows\system32\artourservice.dllc:\windows\system32\atinrvxx.dllc:\windows\system32\dds_trash_log.cmdc:\windows\system32\DXEC02.dllc:\windows\system32\ipnat.dllc:\windows\system32\ipsecmon.dllc:\windows\system32\modemcsa.dllc:\windows\system32\nfmservice.dllc:\windows\system32\nsm1bus.dllc:\windows\system32\oracle_load_balancer_60_client-forms6i.dllc:\windows\system32\pcradminserver.dllc:\windows\system32\quickbooksdb.dllc:\windows\system32\Slpsvdr.dllc:\windows\system32\smserial.dllc:\windows\system32\snoopfreesvc.dllc:\windows\system32\Thumbs.dbc:\windows\system32\usbio.dllc:\windows\system32\vrmonsvc.dllc:\windows\system32\zpnodecollector.dllc:\windows\Tasks\At1.jobc:\windows\Tasks\At10.jobc:\windows\Tasks\At12.jobc:\windows\$NtUninstallKB44522$ . . . . Failed to delete..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Service_SaiMini-------\Service_kpf4..((((((((((((((((((((((((( Files Created from 2012-04-04 to 2012-05-04 )))))))))))))))))))))))))))))))..2012-05-04 07:10 . 2012-05-04 07:10 -------- d-----w- c:\users\Jonas\AppData\Local\temp2012-05-04 07:10 . 2012-05-04 07:13 -------- d-----w- c:\users\Sophia\AppData\Local\temp2012-05-04 07:10 . 2012-05-04 07:10 -------- d-----w- c:\users\Default\AppData\Local\temp2012-05-04 06:58 . 2012-05-04 06:58 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{38BC171E-8AC5-4F99-8E67-A1C16FBA402C}\offreg.dll2012-05-03 16:35 . 2012-05-03 16:35 -------- d-----w- c:\users\Sophia\Pavark2012-05-03 16:33 . 2012-05-04 04:20 -------- d-----w- c:\programdata\Spybot - Search & Destroy2012-05-03 16:33 . 2012-05-03 16:50 -------- d-----w- c:\program files\Spybot - Search & Destroy2012-05-01 06:32 . 2012-05-01 06:32 388096 ----a-r- c:\users\Sophia\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe2012-05-01 06:32 . 2012-05-01 06:32 -------- d-----w- c:\program files\Trend Micro2012-04-30 06:37 . 2012-04-30 06:37 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-04-30 05:54 . 2012-04-30 05:54 -------- d-----w- c:\users\Sophia\AppData\Roaming\Malwarebytes2012-04-30 05:53 . 2012-04-30 05:53 -------- d-----w- c:\programdata\Malwarebytes2012-04-30 05:53 . 2012-04-04 22:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-04-30 05:53 . 2012-04-30 05:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-04-30 04:19 . 2012-02-24 17:36 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys2012-04-30 04:19 . 2012-05-01 03:03 -------- d-----w- c:\program files\Common Files\PC Tools2012-04-30 04:19 . 2012-04-30 06:25 -------- d-----w- c:\program files\PC Tools2012-04-30 04:15 . 2012-05-01 02:55 -------- d-----w- c:\programdata\PC Tools2012-04-30 04:15 . 2012-04-30 04:15 -------- d-----w- c:\users\Sophia\AppData\Roaming\TestApp2012-04-30 03:49 . 2012-04-30 07:19 -------- d-----w- c:\program files\Common Files\Media2012-04-30 03:49 . 2012-04-30 06:22 -------- d-----w- c:\programdata\F4D55F0200049ADC0021DE69A60145BE2012-04-27 21:01 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{38BC171E-8AC5-4F99-8E67-A1C16FBA402C}\mpengine.dll2012-04-11 14:13 . 2012-03-01 05:53 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys2012-04-11 14:13 . 2012-03-01 05:49 172544 ----a-w- c:\windows\system32\wintrust.dll2012-04-11 14:13 . 2012-03-01 05:40 5120 ----a-w- c:\windows\system32\wmi.dll2012-04-11 14:13 . 2012-03-01 05:45 158720 ----a-w- c:\windows\system32\imagehlp.dll2012-04-11 14:12 . 2012-03-06 05:59 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-04-11 14:12 . 2012-03-06 05:59 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe2012-04-06 20:48 . 2012-04-06 20:48 -------- d-----w- c:\users\Sophia\AppData\Roaming\OpenOffice.org...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-04-30 06:37 . 2012-01-08 01:51 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-04-05 04:39 . 2010-05-16 23:19 472808 ----a-w- c:\windows\system32\deployJava1.dll2012-03-03 00:00 . 2012-03-31 23:06 197120 ----a-w- c:\windows\system32\bzpdf.dll2012-02-23 17:18 . 2009-12-07 00:30 237072 ------w- c:\windows\system32\MpSigStub.exe2012-02-22 07:30 . 2012-02-22 07:30 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe2012-02-22 07:30 . 2012-02-22 07:30 161792 ----a-w- c:\windows\system32\msls31.dll2012-02-22 07:30 . 2012-02-22 07:30 110592 ----a-w- c:\windows\system32\IEAdvpack.dll2012-02-22 07:30 . 2012-02-22 07:30 86528 ----a-w- c:\windows\system32\iesysprep.dll2012-02-22 07:30 . 2012-02-22 07:30 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe2012-02-22 07:30 . 2012-02-22 07:30 74752 ----a-w- c:\windows\system32\iesetup.dll2012-02-22 07:30 . 2012-02-22 07:30 63488 ----a-w- c:\windows\system32\tdc.ocx2012-02-22 07:30 . 2012-02-22 07:30 48640 ----a-w- c:\windows\system32\mshtmler.dll2012-02-22 07:30 . 2012-02-22 07:30 420864 ----a-w- c:\windows\system32\vbscript.dll2012-02-22 07:30 . 2012-02-22 07:30 367104 ----a-w- c:\windows\system32\html.iec2012-02-22 07:30 . 2012-02-22 07:30 23552 ----a-w- c:\windows\system32\licmgr10.dll2012-02-22 07:30 . 2012-02-22 07:30 152064 ----a-w- c:\windows\system32\wextract.exe2012-02-22 07:30 . 2012-02-22 07:30 150528 ----a-w- c:\windows\system32\iexpress.exe2012-02-22 07:30 . 2012-02-22 07:30 142848 ----a-w- c:\windows\system32\ieUnatt.exe2012-02-22 07:30 . 2012-02-22 07:30 11776 ----a-w- c:\windows\system32\mshta.exe2012-02-22 07:30 . 2012-02-22 07:30 101888 ----a-w- c:\windows\system32\admparse.dll2012-02-22 07:30 . 2012-02-22 07:30 35840 ----a-w- c:\windows\system32\imgutil.dll2012-02-15 05:44 . 2012-03-13 21:56 826368 ----a-w- c:\windows\system32\rdpcore.dll2012-02-15 04:22 . 2012-03-13 21:56 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-02-15 04:22 . 2012-03-13 21:56 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys2012-02-10 05:41 . 2012-03-13 21:58 1074176 ----a-w- c:\windows\system32\DWrite.dll2012-02-10 05:41 . 2012-03-13 21:58 218624 ----a-w- c:\windows\system32\d3d10_1core.dll2012-02-10 05:41 . 2012-03-13 21:58 1170944 ----a-w- c:\windows\system32\d3d10warp.dll2012-02-10 05:41 . 2012-03-13 21:58 161792 ----a-w- c:\windows\system32\d3d10_1.dll2012-02-10 05:41 . 2012-03-13 21:58 739840 ----a-w- c:\windows\system32\d2d1.dll2012-02-07 18:02 . 2012-02-07 18:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-08-17 402608]"googletalk"="c:\users\Sophia\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512]"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-07-20 83240]"SuperHybridEngine"="AsusSender.exe" [2009-08-18 27648]"HotkeyService"="AsusSender.exe" [2009-08-18 27648]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-20 7625248]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-13 141600]"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-13 103768]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592]"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552]"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 1808784]"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-10-26 74752]"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2011-06-17 2510848]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408].c:\users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 0 (0x0)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableLUA"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"mixer2"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp.[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusOverride"=dword:00000001"FirewallOverride"=dword:00000001.R1 etswtnjg;etswtnjg;c:\windows\system32\drivers\etswtnjg.sys [x]R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-06 133104]R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 253088]R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-06 133104]R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2009-08-29 17408]R3 ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at.sys [2009-10-15 80896]S1 aswSP;avast! Self Protection; [x]S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-09-09 65584]S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-14 249648]S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\EKAiOHostService.exe [2011-12-20 394672]S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]..[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvcWindowsMobile REG_MULTI_SZ wcescomm rapimgrLocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr.NETSVCS REQUIRES REPAIRS - current entries shownAeLookupSvcCertPropSvcSCPolicySvclanmanservergpsvcIKEEXTAudioSrvFastUserSwitchingCompatibilityIasIrmonNlaNtmssvcNWCWorkstationNwsapagentRasautoRasmanRemoteaccessSENSSharedaccessSRServiceTapisrvWmiWmdmPmSpvnxserviceESDCRrootmodempinnacleupdatesvcusbbusSWUMX20InCDsrvRwandrvsweepsrv.sysEPOWERROCKEYNTse44busPDExchangetunmporacleorahomepagingservertbhsdUWProSysoracleorahomemanagementservervwkernelavgarclnSRVLOCMRV6X32Pssm_mdmfallbackcpsvcNsTrcNTdlcj_deviceUSBMN1X1asmagentKMW_KBDJavaQuickStarterServicees1371s716unicpgpsdkserviceiviaspipdcompfasttraksvcds1rtl8185oracleservicesecinstnHancertpsrvLMouFiltmclogmanagerserviceitmrtsvcbthidmgrqbposdbservicesmr2kservlusbaudiovaiomediaplatform-photoserver-appserverarkbcfltrnvsmuNIPALKsi3114rnvstor32websenserealtimeanalyzerwinproxyJL2005CftrtsvcagrsrvceboboclipsrvMaVctrltng-dobacypresslinklanusbWaveEnrollmentServicePGPsdkDriverUSB28xxOEMwin32sla016busstllssvrSaiNtSubbgs_sdservicecompaq_rbanoipducserviceipsecmonibmfilterpdiddcciretinaengineWaveFDENVTCPsysmgmthppnarpdpti2oProcObsrvGT890xsscdmdmIOSLINKUSBDeviceServiceDevUppers716obexflashcomcmudaMKEMUSBumpusbxpAGVdigictrlEpfwndispacsptisvrnvrd32stirusbWIBUKEYvmodemvc8secsnetcfgsvrCE3clientserviceW700mgmts716nd5srtspxnuvaud2mqdmbusprocexp90AlteraByteBlasterwencrservicewanatwasuskeyboardserviceOneCareMPAX88772viaagp1nmaplvhidsvcTICalcsmstsmgrpersfwSecureStorageServiceSrvcEKIOMngrhpcioraclesnmppeerencapsulatortfsnpoolSGIRsurveyortos_sps32dbmanagerschedulerKLOGNTtme3srvbeatjamupnpmusicserverszkgSeratoUsbCVPNDRVASpsmqvsms116obexarrayssl_vpn_service3,0,1,9hcf_msftmsfwsvcavg7updsvcklifse58unicvideoacceleratorenginemacformatservicetranscode360rpcnetbc_tdi_fadiloaderWDM_YAMAHAAC97kraidsvcsrnetdeviocccredmgrLHidKerismxdpipahelper.exewpsdrvntwinpppoverethernetNOWMEMDFacedrv05prism_a02btkrnlw200mgmtUMAXPCLSsymndisDynDNS_Updater_ServicemysqlREVOSENSsshrmdnalntservicenimcdfxkRTSTORAKSIFDHctsfm2kwebrootcommagentservicearcltsrvharmonymapserver6.3cdvpnscirdabhmonitorserviceiwebcallxdm_deviceftsata2gv3ntlmsspTermServicewuauservBITSShellHWDetectionLogonHoursPCAudithelpsvcuploadmgriphlpsvcseclogonAppInfomsiscsiMMCSSwercplsupportEapHostProfSvcschedulehkmsvcSessionEnvwinmgmtbrowserThemesBDESVC.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs..Contents of the 'Scheduled Tasks' folder.2012-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 06:37].2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-06 01:02].2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-06 01:02]..------- Supplementary Scan -------.uStart Page = hxxp://www.google.com/IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htmTCP: DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)HKLM-Run-Conime - c:\windows\system32\conime.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]@Denied: (2) (LocalSystem)"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7"{22BF413B-C6D2-4D91-82A9-A0F997BA588C}"=hex:51,66,7a,6c,4c,1d,38,12,55,42,ac,26,e0,88,ff,08,fd,bf,e3,b9,92,e4,1c,98"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,94,30,02,d1,0f,f1,da,12,24,73,56,27,d2"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b"{D381FF29-7CFB-4D4E-B92A-C4EDDC696614}"=hex:51,66,7a,6c,4c,1d,38,12,47,fc,92,d7,c9,32,20,08,c6,3c,87,ad,d9,37,22,00"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b.[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]@Denied: (2) (LocalSystem)"Timestamp"=hex:72,db,ec,c7,87,26,cd,01.[HKEY_USERS\S-1-5-21-525104032-3259978678-3439254954-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.Email.1".[HKEY_USERS\S-1-5-21-525104032-3259978678-3439254954-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.VCard.1".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'Explorer.exe'(5356)c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dllc:\program files\WIDCOMM\Bluetooth Software\btncopy.dll.------------------------ Other Running Processes ------------------------.c:\program files\Alwil Software\Avast4\aswUpdSv.exec:\program files\Alwil Software\Avast4\ashServ.exec:\program files\Citrix\ICA Client\ssonsvr.exec:\windows\system32\conhost.exec:\windows\system32\taskhost.exec:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exec:\program files\Bonjour\mDNSResponder.exec:\program files\WIDCOMM\Bluetooth Software\btwdins.exec:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEc:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exec:\program files\Synaptics\SynTP\SynTPHelper.exec:\windows\system32\igfxsrvc.exec:\program files\Citrix\ICA Client\WFCRUN32.EXEc:\program files\WIDCOMM\Bluetooth Software\BTTray.exec:\program files\EeePC\HotkeyService\HotKeyMon.exec:\program files\Citrix\ICA Client\PNAMAIN.EXEc:\program files\OpenOffice.org 3\program\soffice.exec:\program files\OpenOffice.org 3\program\soffice.binc:\program files\Alwil Software\Avast4\ashWebSv.exec:\program files\Alwil Software\Avast4\ashMaiSv.exec:\program files\iPod\bin\iPodService.exec:\program files\Windows Media Player\wmpnetwk.exec:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exec:\windows\system32\sppsvc.exec:\windows\system32\AsusSender.exec:\windows\system32\AsusSender.exec:\windows\system32\AsusSender.exec:\windows\system32\AsusSender.exe.**************************************************************************.Completion time: 2012-05-04 00:25:26 - machine was rebootedComboFix-quarantined-files.txt 2012-05-04 07:25.Pre-Run: 24,468,480,000 bytes freePost-Run: 23,787,503,616 bytes free.- - End Of File - - ADBCEFF9FF8607308FA30BBEA94F67DBThank you! Link to post Share on other sites More sharing options...
Maniac Posted May 5, 2012 ID:548938 Share Posted May 5, 2012 We have still some work to do.Step 1Open notepad and copy and paste next present in the quotebox below in it (don't forget to copy and paste REGEDIT4):REGEDIT4[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]"netsvcs"=hex(7):36,74,6f,34,00,41,70,70,4d,67,6d,74,00,41,75,64,69,6f,53,72,\ 76,00,42,72,6f,77,73,65,72,00,43,72,79,70,74,53,76,63,00,44,4d,53,65,72,76,\ 65,72,00,44,48,43,50,00,45,52,53,76,63,00,45,76,65,6e,74,53,79,73,74,65,6d,\ 00,46,61,73,74,55,73,65,72,53,77,69,74,63,68,69,6e,67,43,6f,6d,70,61,74,69,\ 62,69,6c,69,74,79,00,48,69,64,53,65,72,76,00,49,61,73,00,49,70,72,69,70,00,\ 49,72,6d,6f,6e,00,4c,61,6e,6d,61,6e,53,65,72,76,65,72,00,4c,61,6e,6d,61,6e,\ 57,6f,72,6b,73,74,61,74,69,6f,6e,00,4d,65,73,73,65,6e,67,65,72,00,4e,65,74,\ 6d,61,6e,00,4e,6c,61,00,4e,74,6d,73,73,76,63,00,4e,57,43,57,6f,72,6b,73,74,\ 61,74,69,6f,6e,00,4e,77,73,61,70,61,67,65,6e,74,00,52,61,73,61,75,74,6f,00,\ 52,61,73,6d,61,6e,00,52,65,6d,6f,74,65,61,63,63,65,73,73,00,53,63,68,65,64,\ 75,6c,65,00,53,65,63,6c,6f,67,6f,6e,00,53,45,4e,53,00,53,68,61,72,65,64,61,\ 63,63,65,73,73,00,53,52,53,65,72,76,69,63,65,00,54,61,70,69,73,72,76,00,54,\ 68,65,6d,65,73,00,54,72,6b,57,6b,73,00,57,33,32,54,69,6d,65,00,57,5a,43,53,\ 56,43,00,57,6d,69,00,57,6d,64,6d,50,6d,53,70,00,77,69,6e,6d,67,6d,74,00,77,\ 73,63,73,76,63,00,78,6d,6c,70,72,6f,76,00,6e,61,70,61,67,65,6e,74,00,68,6b,\ 6d,73,76,63,00,42,49,54,53,00,77,75,61,75,73,65,72,76,00,53,68,65,6c,6c,48,\ 57,44,65,74,65,63,74,69,6f,6e,00,68,65,6c,70,73,76,63,00,00Save this as fix.reg Choose to save as *all files and place it on your desktop.It should look like this: Doubleclick on it and when it asks you if you want to merge the contents to the registry, click yes/ok.Finally, reboot your PC.Step 2Delete your TDSSKiller copy and download a new fresh one. Re-run it and follow the instructions above again. Post the log file in your next reply. Link to post Share on other sites More sharing options...
cordelia Posted May 5, 2012 Author ID:549011 Share Posted May 5, 2012 I ran the registry edit (pasted correctly, including REGEDIT4) and it definitely did not go well...I rebooting my computer and all the icons on the taskbar were blank, my wireless internet didn't work and all my files on both the Desktop and My Documents were completely gone. I needed my computer today so I decided to go ahead and run system restore. I had a restore point (after running ComboFix and everything) so it was no big deal, but I'm not sure what my plan of action should be now. Link to post Share on other sites More sharing options...
Maniac Posted May 6, 2012 ID:549107 Share Posted May 6, 2012 Check again Backdoor Warning in my first post.http://forums.malwarebytes.org/index.php?showtopic=109369&view=findpost&p=547778Anything is possible to happen, so that I warned you. I recommend you reinstall. Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 13, 2012 ID:551163 Share Posted May 13, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts