Jump to content

Trojan! Windows 7 update error! Malwarebytes denied!


Recommended Posts

Hi, Ive tried everything in the FAQ section and nothin seems to be working. I previously had malware anit-malware on my computer but its not letting me run it, error, access denied. Ive updating my windows 7 but its also showing me errors. I have pop up ads playing in the background and nothing is even running. I believe im infected with a trojan virus. Could someone please help?

Thanks

Link to post
Share on other sites

Hello br3wskee! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Please follow the instructions here and post the log files in your next reply:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by B-Nash at 11:55:18 on 2012-07-03

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.1731 [GMT -5:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\atieclxx.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\StikyNot.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Windows\system32\conhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\DllHost.exe

C:\PROGRA~2\MICROS~3\Office12\OUTLOOK.EXE

-netsvcs

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

uSearch Bar = Preserve

mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=zx4300&r=17360910c100p0437y115k46l1r248

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=zx4300&r=17360910c100p0437y115k46l1r248

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll

mWinlogon: Userinit=userinit.exe

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Ant.com browser helper (video detector): {346fde31-dff9-418a-90c8-ba31dc9ff2ef} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll

BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll

BHO: DepositFiles IE BHO: {9dfe2fe9-cf99-4adf-a28e-9b5adb8dc74f} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll

BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll

BHO: Shop to Win 18: {ca2f8e90-0e43-46ad-89c0-7634a233ed00} - C:\Program Files (x86)\Shop to Win 18\Shop to Win 18.dll

BHO: Shop to Win 8: {dac028c6-2a41-4730-b91f-dfbcb26c82b3} - C:\Program Files (x86)\Shop to Win 8\ShoppingBHO.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll

BHO: Yontoo Layers (Drop Down Deals): {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll

TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

TB: Ant.com Download Toolbar: {2e924f4f-67f0-4bd8-9560-49f468e843d2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll

TB: Deposit IE Toolbar: {6aa40521-14e7-4b1d-b1b4-98528c1388c9} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll

TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll

EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\B-Nash\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden

uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [updReg] C:\Windows\UpdReg.EXE

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [T-Mobile webConnect Manager] "C:\Program Files (x86)\T-Mobile\webConnect Manager\TMobileCM.exe" -a

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [<NO NAME>]

mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRunOnce: [innoSetupRegFile.0000000001] "C:\Windows\is-ACNL9.exe" /REG /REGSVRMODE

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

IE: {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

IE: {D5AD327A-A089-4F04-89FD-4EA9812B3913} - {D5AD327A-A089-4F04-89FD-4EA9812B3913} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 10.0.1.1

TCP: Interfaces\{B6652785-8AE5-4A00-8B10-BCAA791D1B10} : DhcpNameServer = 10.0.1.1

TCP: Interfaces\{B6652785-8AE5-4A00-8B10-BCAA791D1B10}\14E64627F696461405 : DhcpNameServer = 192.168.43.1

TCP: Interfaces\{B6652785-8AE5-4A00-8B10-BCAA791D1B10}\3425F4353575146554D263333353 : DhcpNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{B6652785-8AE5-4A00-8B10-BCAA791D1B10}\E4544574541425 : DhcpNameServer = 192.168.0.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Ant.com browser helper (video detector): {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - C:\Program Files (x86)\Ant.com\IE add-on\Download.dll

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll

BHO-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll

BHO-X64: DepositFiles IE BHO: {9DFE2FE9-CF99-4ADF-A28E-9B5ADB8DC74F} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL

BHO-X64: DepositFiles.com BHO - No File

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

BHO-X64: DCA BHO: {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll

BHO-X64: DCA - No File

BHO-X64: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll

BHO-X64: MegaIEMn - No File

BHO-X64: Shop to Win 18: {CA2F8E90-0E43-46AD-89C0-7634A233ED00} - C:\Program Files (x86)\Shop to Win 18\Shop to Win 18.dll

BHO-X64: Freecause Shopping BHO - No File

BHO-X64: Shop to Win 8: {DAC028C6-2A41-4730-B91F-DFBCB26C82B3} - C:\Program Files (x86)\Shop to Win 8\ShoppingBHO.dll

BHO-X64: Freecause Shopping BHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

BHO-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll

BHO-X64: Yontoo Layers (Drop Down Deals): {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll

BHO-X64: Yontoo Layer (Drop Down Deals)s - No File

TB-X64: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

TB-X64: Ant.com Download Toolbar: {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll

TB-X64: Deposit IE Toolbar: {6AA40521-14E7-4B1D-B1B4-98528C1388C9} - C:\PROGRA~2\DEPOSI~1\DFMANA~1\DEPOSI~1.DLL

TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll

TB-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll

EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [updReg] C:\Windows\UpdReg.EXE

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

mRun-x64: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun-x64: [T-Mobile webConnect Manager] "C:\Program Files (x86)\T-Mobile\webConnect Manager\TMobileCM.exe" -a

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [(Default)]

mRun-x64: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRunOnce-x64: [innoSetupRegFile.0000000001] "C:\Windows\is-ACNL9.exe" /REG /REGSVRMODE

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

Hosts: 94.63.147.16 www.google.com

Hosts: 94.63.147.17 www.bing.com

.

============= SERVICES / DRIVERS ===============

.

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-6-27 791488]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 DigiNet;Digidesign Ethernet Support;C:\Windows\system32\DRIVERS\diginet.sys --> C:\Windows\system32\DRIVERS\diginet.sys [?]

R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-2-14 76288]

R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-21 654408]

R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-4-12 243232]

R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-3-12 918880]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]

R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 tmobile_mf691_dc_enum;tmobile_mf691_dc_enum;C:\Windows\system32\DRIVERS\tmobile_mf691_dc_enum.sys --> C:\Windows\system32\DRIVERS\tmobile_mf691_dc_enum.sys [?]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2011-10-12 4433248]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-26 135664]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-8 257224]

S3 CATmobile;T-Mobile Con App Svc;C:\Program Files (x86)\T-Mobile\webConnect Manager\conappssvc.exe [2010-12-22 118784]

S3 dalwdmservice;dal service;C:\Windows\system32\drivers\dalwdm.sys --> C:\Windows\system32\drivers\dalwdm.sys [?]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?]

S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys --> C:\Windows\system32\DRIVERS\ewusbnet.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-26 135664]

S3 MBX2DFU;MBX2DFU;C:\Windows\system32\DRIVERS\MBX2DFU.sys --> C:\Windows\system32\DRIVERS\MBX2DFU.sys [?]

S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;C:\Windows\system32\drivers\mbx2midk.sys --> C:\Windows\system32\drivers\mbx2midk.sys [?]

S3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;\??\C:\Windows\system32\PCTINDIS5X64.SYS --> C:\Windows\system32\PCTINDIS5X64.SYS [?]

S3 TMobileRcAppSvc;T-Mobile RcApp Svc;C:\Program Files (x86)\T-Mobile\webConnect Manager\RcAppSvc.exe [2010-12-22 114688]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\Windows\system32\drivers\CM10664.sys --> C:\Windows\system32\drivers\CM10664.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-07-03 16:51:44 711240 ----a-w- C:\Windows\is-ACNL9.exe

2012-07-03 15:49:29 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7A7E1C01-FECB-4646-AA19-DF4282DC9DE3}\offreg.dll

2012-07-03 04:11:44 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

2012-07-02 22:33:06 -------- d-----w- C:\Program Files (x86)\Oracle

2012-07-02 22:32:20 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-07-02 22:17:42 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-07-02 22:15:20 -------- d-----w- C:\Program Files (x86)\Application Updater

2012-07-02 22:15:19 -------- d-----w- C:\Program Files (x86)\YouTube Downloader Toolbar

2012-07-02 22:15:19 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot

.

==================== Find3M ====================

.

2012-07-03 00:01:32 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-03 00:01:32 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

.

============= FINISH: 11:59:17.04 ===============

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 9/26/2010 2:44:04 PM

System Uptime: 7/3/2012 9:49:09 AM (2 hours ago)

.

Motherboard: Gateway | | ZX4300

Processor: AMD Athlon II X2 235e Processor | CPU 1 | 2700/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 581 GiB total, 335.531 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP174: 7/2/2012 5:17:58 PM - Installed Microsoft Fix it 50123

RP175: 7/2/2012 5:30:40 PM - Installed Java 7 Update 5

RP176: 7/2/2012 5:32:29 PM - Installed JavaFX 2.1.1

RP177: 7/2/2012 8:12:58 PM - Installed Microsoft Fix it 50123

RP178: 7/2/2012 8:31:12 PM - Windows Update

RP179: 7/2/2012 8:59:10 PM - Windows Update

RP180: 7/2/2012 9:02:07 PM - Windows Update

RP181: 7/2/2012 9:04:12 PM - Windows Update

RP182: 7/2/2012 11:02:54 PM - Windows Update

RP183: 7/2/2012 11:14:18 PM - Windows Update

RP184: 7/3/2012 12:11:19 AM - Windows Update

RP185: 7/3/2012 12:39:04 AM - Windows Update

RP186: 7/3/2012 3:00:15 AM - Windows Update

RP187: 7/3/2012 8:17:15 AM - Windows Update

RP188: 7/3/2012 8:39:59 AM - Installed AVG 2012

RP189: 7/3/2012 10:10:50 AM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Acrobat.com

Add or Remove Adobe Creative Suite 3 Master Collection

Adobe Acrobat 8 Professional

Adobe After Effects CS3

Adobe After Effects CS3 Presets

Adobe AIR

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe BridgeTalk Plugin CS3

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color - Photoshop Specific

Adobe Color Common Settings

Adobe Color EU Extra Settings

Adobe Color JA Extra Settings

Adobe Color NA Recommended Settings

Adobe Community Help

Adobe Contribute CS3

Adobe Creative Suite 3 Master Collection

Adobe Default Language CS3

Adobe Device Central CS3

Adobe Download Assistant

Adobe Dreamweaver CS3

Adobe Encore CS3

Adobe Encore CS3 Codecs

Adobe ExtendScript Toolkit 2

Adobe Extension Manager CS3

Adobe Fireworks CS3

Adobe Flash CS3

Adobe Flash Player 11 ActiveX

Adobe Flash Player 9 Plugin

Adobe Flash Video Encoder

Adobe Fonts All

Adobe Help Viewer CS3

Adobe Illustrator CS3

Adobe InDesign CS3

Adobe InDesign CS3 Icon Handler

Adobe Linguistics CS3

Adobe MotionPicture Color Files

Adobe PDF Library Files

Adobe Photoshop CS3

Adobe Premiere Pro CS3

Adobe Premiere Pro CS3 Functional Content

Adobe Premiere Pro CS3 Third Party Content

Adobe Reader 9.5.1 MUI

Adobe Setup

Adobe SING CS3

Adobe Soundbooth CS3

Adobe Soundbooth CS3 Codecs

Adobe Stock Photos CS3

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe Version Cue CS3 Server

Adobe Video Profiles

Adobe WAS CS3

Adobe WinSoft Linguistics Plugin

Adobe XMP DVA Panels CS3

Adobe XMP Panels CS3

Advertising Center

AHV content for Acrobat and Flash

AMD DnD V1.0.19

Ant.com IE add-on

Antares Auto-Tune Evo RTAS

Apple Application Support

Apple Software Update

Ashampoo Burning Studio 11 v.11.0.2

ASIO4ALL

AVG PC Tuneup

AVS Update Manager 1.0

AVS Video Converter 8

AVS4YOU Software Navigator 1.4

Bejeweled 2 Deluxe

Best Buy Software Installer

Blackhawk Striker 2

Bob the Builder Can-Do-Zoo

Build-a-lot 2

Comcast Desktop Software (v1.2.1)

Compatibility Pack for the 2007 Office system

CyberLink PowerCinema

CyberLink PowerCinema Movie

CyberLink Touch Browser

CyberLink YouCam

D3DX10

DepositFiles FileManager 0.9.9.206

Digidesign Audio Drivers 8.0

Digidesign Pro Tools Creative Collection 8.0

Digidesign Pro Tools LE 8.0

DVD Flick 1.3.0.7

Escape Rosecliff Island

Faerie Solitaire

FATE - The Traitor Soul

FL Studio 10

Free DigiRack Plug-Ins 8.0

Freemake Video Downloader

Gateway Game Console

Gateway Games

Gateway InfoCentre

Gateway Recovery Management

Gateway Registration

Gateway ScreenSaver

Gateway Touch Suite

Gateway Updater

Google Chrome

Google Earth Plug-in

Google Update Helper

Identity Card

IL Download Manager

ImagXpress

ImgBurn

Internet TV for Windows Media Center

ITE Infrared Transceiver

Java Auto Updater

Java 6 Update 29

Java 7 Update 5

JavaFX 2.1.1

Jewel Quest Solitaire 3

Junk Mail filter update

Malwarebytes Anti-Malware version 1.60.1.1000

Mega Manager

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Touch Pack for Windows 7

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Microsoft XNA Framework Redistributable 3.0

Microsoft XNA Framework Redistributable 3.1

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

Miro

Monopoly

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mystery P.I. - Lost in Los Angeles

MyTomTom 3.1.0.530

Nero 9 Essentials

Nero ControlCenter

Nero DiscSpeed

Nero DiscSpeed Help

Nero DriveSpeed

Nero DriveSpeed Help

Nero Express Help

Nero InfoTool

Nero InfoTool Help

Nero Installer

Nero Online Upgrade

Nero StartSmart

Nero StartSmart Help

Nero StartSmart OEM

NeroExpress

neroxml

Netbits Contextual Tracking

PDF Settings

Penguins!

Plants vs. Zombies

Polar Bowler

Polar Golfer

QuickTime

RapidShare Manager 2

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Safari

Scrabble Plus

Search Toolbar

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Shop To Win

Shop to Win 8

SIW version 2011.10.29

Skype™ 5.3

The Price is Right

THX TruStudio PC

TouchSettings

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Virtual DJ Home - Atomix Productions

Virtual DJ Pro Full - Atomix Productions

Virtual Families

Virtual Villagers - A New Home

VirtualDJ Home FREE

Visual Studio 2008 x64 Redistributables

Visual Studio C++ 10.0 Runtime

Welcome Center

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Center Add-in for Silverlight

WinRAR archiver

WinZip 15.5

Wise Registry Cleaner 6.14

Yahoo! Messenger

Yahoo! Software Update

Yahtzee

YouCam

YouTube Downloader Toolbar v6.0

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

7/3/2012 9:52:27 AM, Error: Microsoft-Windows-WMPNSS-Service [14346] - A new media server was not initialized because RegisterRunningDevice() encountered error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service.

7/3/2012 10:11:21 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2679255).

7/2/2012 7:11:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect.

7/2/2012 7:11:35 PM, Error: Service Control Manager [7000] - The Freemake Improver service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

7/2/2012 5:59:35 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

7/2/2012 3:42:19 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: Access is denied.

7/2/2012 3:42:19 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: Access is denied.

7/2/2012 3:42:19 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80070005.

7/2/2012 3:31:55 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user Br3wskee\Guest SID (S-1-5-21-1876199669-471561695-2787328992-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

.

==== End Of File ===========================

Link to post
Share on other sites

Step 1

Please uninstall the following applications:

Ant.com IE add-on

Search Toolbar

YouTube Downloader Toolbar v6.0

Step 2

Please follow the instructions here to run Malwarebytes Anti-Malware:

http://forums.malwarebytes.org/index.php?showtopic=85715&view=findpost&p=434002

Post the log file in your next reply.

Step 3

Please download unhide.exe from here and save it to your Desktop. Double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run. When Unhide is complete, it will create a logfile on the Windows Desktop called Unhide.txt .

In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • unhide log

Link to post
Share on other sites

OK everytime i run a quick scan it tells me to restart. After i restart i run a quick scan to make sure the two trojan virus are gone and they are still there.

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.07.03.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

B-Nash :: BR3WSKEE [administrator]

Protection: Disabled

7/3/2012 4:09:04 PM

mbam-log-2012-07-03 (16-09-04).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 238954

Time elapsed: 5 minute(s), 8 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 3508 -> Delete on reboot.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

Link to post
Share on other sites

Unhide by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2012 BleepingComputer.com

More Information about Unhide.exe can be found at this link:

http://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 07/03/2012 04:30:58 PM

Windows Version: Windows 7

Please be patient while your files are made visible again.

Processing the C:\ drive

Finished processing the C:\ drive. 509666 files processed.

The C:\Users\B-Nash\AppData\Local\Temp\smtmp\ folder does not exist!!

Unhide cannot restore your missing shortcuts!!

Please see this topic in order to learn how to restore default

Start Menu shortcuts: http://www.bleepingcomputer.com/forums/topic405109.html

Searching for Windows Registry changes made by FakeHDD rogues.

- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

* NoActiveDesktopChanges policy was found and deleted!

- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

Restarting Explorer.exe in order to apply changes.

Program finished at: 07/03/2012 04:59:50 PM

Execution time: 0 hours(s), 28 minute(s), and 51 seconds(s)

Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.07.03.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

B-Nash :: BR3WSKEE [administrator]

Protection: Enabled

7/3/2012 12:54:10 PM

mbam-log-2012-07-03 (12-54-10).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 643165

Time elapsed: 1 hour(s), 46 minute(s), 43 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 3204 -> Delete on reboot.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 4

HKCR\CLSID\{6d5ae610-803a-e578-8b93-ee9ce23be350} (Adware.Dymanet) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c45937cb-b4b6-07c9-dd9d-60d02b747663 (Adware.MediaPass) -> Quarantined and deleted successfully.

HKCR\AppID\GamevanceText.DLL (Adware.GameVance) -> Quarantined and deleted successfully.

HKCU\Software\AppDataLow\gvtl (Adware.GameVance) -> Quarantined and deleted successfully.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 3

C:\Program Files (x86)\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Users\B-Nash\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com (Adware.GamesVance) -> Quarantined and deleted successfully.

C:\Users\B-Nash\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components (Adware.GamesVance) -> Quarantined and deleted successfully.

Files Detected: 8

C:\Users\Guest\AppData\Local\Temp\4N3bLw3hnsqDCq.exe.tmp (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Windows\System32\c45937cb-b4b6-07c9-dd9d-60d02b747663.exe (Adware.MediaPass) -> Quarantined and deleted successfully.

C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\B-Nash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateDrv.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

C:\Program Files (x86)\Gamevance\ars.cfg (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Program Files (x86)\Gamevance\icon.ico (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Users\B-Nash\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\chrome.manifest (Adware.GamesVance) -> Quarantined and deleted successfully.

C:\Users\B-Nash\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components\gvtlf.dll (Adware.GamesVance) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

ComboFix 12-07-04.04 - B-Nash 07/04/2012 16:35:57.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2607 [GMT -5:00]

Running from: c:\users\B-Nash\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\data

c:\data\1htmia44_o\us_sres.data

c:\data\default\us_sres.data

c:\program files (x86)\Shop to Win 8\ShOPpingbho.dll

c:\program files (x86)\Shop to Win

c:\program files (x86)\Shop to Win\STWNotify.exe

c:\program files (x86)\Shop to Win\STWSetup-FF.exe

c:\program files (x86)\Shop to Win\STWSetup-IE.exe

c:\program files (x86)\Shop to Win\unins000.dat

c:\program files (x86)\Shop to Win\unins000.exe

c:\windows\security\Database\tmp.edb

c:\windows\svchost.exe

c:\windows\system\fltr106.dll

.

.

((((((((((((((((((((((((( Files Created from 2012-06-04 to 2012-07-04 )))))))))))))))))))))))))))))))

.

.

2012-07-03 23:12 . 2012-05-18 01:51 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-07-03 23:11 . 2012-05-18 02:02 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll

2012-07-03 23:11 . 2012-05-18 02:01 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll

2012-07-03 23:11 . 2012-05-17 22:38 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll

2012-07-03 23:11 . 2012-05-17 22:37 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll

2012-07-03 23:10 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-07-03 23:10 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-07-03 23:10 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-07-03 23:10 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll

2012-07-03 23:09 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll

2012-07-03 23:09 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-07-03 23:09 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll

2012-07-03 23:09 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll

2012-07-03 23:09 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys

2012-07-03 23:09 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-07-03 23:09 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-07-03 23:08 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll

2012-07-03 23:08 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2012-07-03 23:08 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll

2012-07-03 23:08 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2012-07-03 23:08 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll

2012-07-03 23:08 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2012-07-03 23:07 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-07-03 23:06 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2012-07-03 23:06 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2012-07-03 23:06 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-07-03 23:06 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2012-07-03 23:06 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-07-03 22:55 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-07-03 22:55 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

2012-07-03 22:55 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-07-03 22:55 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-07-03 22:55 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

2012-07-03 22:55 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-07-03 22:55 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-07-03 22:55 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-07-03 22:55 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-07-03 22:47 . 2012-07-03 22:47 -------- d-----w- c:\users\B-Nash\AppData\Local\AVG Secure Search

2012-07-03 04:11 . 2012-07-03 04:11 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE

2012-07-02 22:33 . 2012-07-02 22:33 -------- d-----w- c:\program files (x86)\Oracle

2012-07-02 22:32 . 2012-05-05 00:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-07-02 22:17 . 2012-07-02 22:17 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-07-02 20:35 . 2012-07-02 20:35 -------- d-----w- c:\users\Guest\AppData\Local\Diagnostics

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-03 00:01 . 2012-04-12 18:05 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-07-03 00:01 . 2011-05-16 19:37 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-18 08:12 . 2012-07-03 23:40 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{50791925-4902-425C-9D81-61FD455AAD2E}\mpengine.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-07-03 22:25 2068536 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9DFE2FE9-CF99-4ADF-A28E-9B5ADB8DC74F}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-07-03 2068536]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Desktop Software"="c:\program files (x86)\Common Files\SupportSoft\bin\bcont.exe" [2009-04-24 1025320]

"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]

"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-11 624248]

"DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Drivers\MMERefresh.exe" [2008-12-04 77824]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]

"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2011-02-18 136488]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-03 1104440]

"T-Mobile webConnect Manager"="c:\program files (x86)\T-Mobile\webConnect Manager\TMobileCM.exe" [2011-01-20 12800]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Best Buy Software Installer.lnk - c:\program files\Best Buy Software Installer\Best Buy Software Installer.exe [2010-2-15 1135560]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 135664]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-03 257224]

R3 CATmobile;T-Mobile Con App Svc;c:\program files (x86)\T-Mobile\webConnect Manager\conappssvc.exe [2010-12-22 118784]

R3 dalwdmservice;dal service;c:\windows\system32\drivers\dalwdm.sys [2008-12-04 162832]

R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]

R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-09-01 256000]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 135664]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]

R3 MBX2DFU;MBX2DFU;c:\windows\system32\DRIVERS\MBX2DFU.sys [2008-12-04 31120]

R3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;c:\windows\system32\drivers\mbx2midk.sys [2008-12-04 32400]

R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [2010-12-22 43032]

R3 TMobileRcAppSvc;T-Mobile RcApp Svc;c:\program files (x86)\T-Mobile\webConnect Manager\RcAppSvc.exe [2010-12-22 114688]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys [2009-09-30 1307648]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-28 1255736]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-01-13 202752]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys [2008-12-04 21520]

S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-02-10 76288]

S2 Greg_Service;GRegService;c:\program files (x86)\Gateway\Registration\GregHSRW.exe [2009-08-28 1150496]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 Updater Service;Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [2010-01-28 243232]

S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-07-03 935480]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-01-13 6327296]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-01-13 185344]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-04-14 31216]

S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2010-07-13 69736]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]

S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-03-29 925984]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-12-19 314400]

S3 tmobile_mf691_dc_enum;tmobile_mf691_dc_enum;c:\windows\system32\DRIVERS\tmobile_mf691_dc_enum.sys [2010-04-09 75776]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 00:01]

.

2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 20:37]

.

2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-26 20:37]

.

2012-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1876199669-471561695-2787328992-1000Core.job

- c:\users\B-Nash\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 20:36]

.

2012-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1876199669-471561695-2787328992-1000UA.job

- c:\users\B-Nash\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 20:36]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=zx4300&r=17360910c100p0437y115k46l1r248

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 10.0.1.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe

Wow6432Node-HKLM-Run-ROC_roc_dec12 - c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe

Toolbar-Locked - (no file)

WebBrowser-{6AA40521-14E7-4B1D-B1B4-98528C1388C9} - (no file)

AddRemove-{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1 - c:\program files (x86)\Shop To Win\unins000.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,

7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de

"{9D425283-D487-4337-BAB6-AB8354A81457}"=hex:51,66,7a,6c,4c,1d,38,12,ed,51,51,

99,b5,9a,59,06,c5,a0,e8,c3,51,f6,50,43

"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,

43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87

"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}"=hex:51,66,7a,6c,4c,1d,38,12,8a,de,68,

55,95,ad,1e,00,cd,08,68,12,b3,4d,db,d3

"{2E924F4F-67F0-4BD8-9560-49F468E843D2}"=hex:51,66,7a,6c,4c,1d,38,12,21,4c,81,

2a,c2,29,b6,0e,ea,76,0a,b4,6d,b6,07,c6

"{6AA40521-14E7-4B1D-B1B4-98528C1388C9}"=hex:51,66,7a,6c,4c,1d,38,12,4f,06,b7,

6e,d5,5a,73,0e,ce,a2,db,12,89,4d,cc,dd

"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,

89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b

"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,

91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27

"{F3FEE66E-E034-436A-86E4-9690573BEE8A}"=hex:51,66,7a,6c,4c,1d,38,12,00,e5,ed,

f7,06,ae,04,06,f9,f2,d5,d0,52,65,aa,9e

"{074C1DC5-9320-4A9A-947D-C042949C6216}"=hex:51,66,7a,6c,4c,1d,38,12,ab,1e,5f,

03,12,dd,f4,0f,eb,6b,83,02,91,c2,26,02

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{346FDE31-DFF9-418A-90C8-BA31DC9FF2EF}"=hex:51,66,7a,6c,4c,1d,38,12,5f,dd,7c,

30,cb,91,e4,04,ef,de,f9,71,d9,c1,b6,fb

"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,

38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4

"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,

64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c

"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,

69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18

"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,

6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f

"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,

76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9DFE2FE9-CF99-4ADF-A28E-9B5ADB8DC74F}"=hex:51,66,7a,6c,4c,1d,38,12,87,2c,ed,

99,ab,81,b1,0f,dd,98,d8,1a,de,d3,83,5b

"{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,

aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04

"{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}"=hex:51,66,7a,6c,4c,1d,38,12,92,9a,85,

b0,57,58,7a,01,de,dd,87,e2,a1,ff,7a,f8

"{BF00E119-21A3-4FD1-B178-3B8537E75C92}"=hex:51,66,7a,6c,4c,1d,38,12,77,e2,13,

bb,91,6f,bf,0a,ce,6e,78,c5,32,b9,18,86

"{CA2F8E90-0E43-46AD-89C0-7634A233ED00}"=hex:51,66,7a,6c,4c,1d,38,12,fe,8d,3c,

ce,71,40,c3,03,f6,d6,35,74,a7,6d,a9,14

"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,

d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b

"{DAC028C6-2A41-4730-B91F-DFBCB26C82B3}"=hex:51,66,7a,6c,4c,1d,38,12,a8,2b,d3,

de,73,64,5e,02,c6,09,9c,fc,b7,32,c6,a7

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,38,12,70,05,61,

f9,ec,d1,23,0d,da,9c,48,eb,44,0f,8e,cc

"{182EC0BE-5110-49C8-A062-BEB1D02A220B}"=hex:51,66,7a,6c,4c,1d,38,12,d0,c3,3d,

1c,22,1f,a6,0c,df,74,fd,f1,d5,74,66,1f

"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,

2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:e5,0e,a3,b2,ea,18,cd,01

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\program files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe

c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

c:\program files (x86)\Internet Explorer\IELowutil.exe

c:\\.\globalroot\systemroot\svchost.exe

.

**************************************************************************

.

Completion time: 2012-07-04 17:28:06 - machine was rebooted

ComboFix-quarantined-files.txt 2012-07-04 22:27

.

Pre-Run: 357,586,292,736 bytes free

Post-Run: 357,051,260,928 bytes free

.

- - End Of File - - 00F30D1A69E44F421F28DCA5B8169BAC

Link to post
Share on other sites

Step 1

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 2

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • ESET Online Scanner log

Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.07.05.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

B-Nash :: BR3WSKEE [administrator]

Protection: Disabled

7/5/2012 9:09:39 AM

mbam-log-2012-07-05 (09-09-39).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 240914

Time elapsed: 2 minute(s), 41 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 3560 -> Delete on reboot.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

Link to post
Share on other sites

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • TDSSKiller log
  • Malwarebytes' Anti-Malware log

Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.07.05.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

B-Nash :: BR3WSKEE [administrator]

Protection: Disabled

7/5/2012 11:39:52 AM

mbam-log-2012-07-05 (11-39-52).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 240852

Time elapsed: 3 minute(s), 1 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

13:16:22.0381 4028 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08

13:16:22.0771 4028 ============================================================

13:16:22.0771 4028 Current date / time: 2012/07/06 13:16:22.0771

13:16:22.0771 4028 SystemInfo:

13:16:22.0771 4028

13:16:22.0771 4028 OS Version: 6.1.7601 ServicePack: 1.0

13:16:22.0771 4028 Product type: Workstation

13:16:22.0771 4028 ComputerName: BR3WSKEE

13:16:22.0771 4028 UserName: B-Nash

13:16:22.0771 4028 Windows directory: C:\Windows

13:16:22.0771 4028 System windows directory: C:\Windows

13:16:22.0771 4028 Running under WOW64

13:16:22.0771 4028 Processor architecture: Intel x64

13:16:22.0771 4028 Number of processors: 2

13:16:22.0771 4028 Page size: 0x1000

13:16:22.0771 4028 Boot type: Normal boot

13:16:22.0771 4028 ============================================================

13:16:24.0160 4028 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:16:24.0160 4028 ============================================================

13:16:24.0160 4028 \Device\Harddisk0\DR0:

13:16:24.0160 4028 MBR partitions:

13:16:24.0160 4028 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000

13:16:24.0160 4028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x48A25000

13:16:24.0160 4028 ============================================================

13:16:24.0175 4028 C: <-> \Device\Harddisk0\DR0\Partition1

13:16:24.0175 4028 ============================================================

13:16:24.0175 4028 Initialize success

13:16:24.0175 4028 ============================================================

13:17:06.0158 3532 ============================================================

13:17:06.0158 3532 Scan started

13:17:06.0158 3532 Mode: Manual; SigCheck; TDLFS;

13:17:06.0158 3532 ============================================================

13:17:06.0688 3532 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:17:06.0766 3532 1394ohci - ok

13:17:06.0797 3532 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:17:06.0813 3532 ACPI - ok

13:17:06.0844 3532 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:17:06.0860 3532 AcpiPmi - ok

13:17:06.0953 3532 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

13:17:07.0000 3532 Adobe Version Cue CS3 - ok

13:17:07.0140 3532 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

13:17:07.0156 3532 AdobeFlashPlayerUpdateSvc - ok

13:17:07.0218 3532 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

13:17:07.0234 3532 adp94xx - ok

13:17:07.0265 3532 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

13:17:07.0281 3532 adpahci - ok

13:17:07.0296 3532 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

13:17:07.0312 3532 adpu320 - ok

13:17:07.0328 3532 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

13:17:07.0374 3532 AeLookupSvc - ok

13:17:07.0421 3532 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

13:17:07.0468 3532 AFD - ok

13:17:07.0499 3532 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:17:07.0530 3532 agp440 - ok

13:17:07.0562 3532 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

13:17:07.0608 3532 ALG - ok

13:17:07.0640 3532 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:17:07.0655 3532 aliide - ok

13:17:07.0686 3532 AMD External Events Utility (8f6c0ff277dbfe5ebed24e3543da7bfa) C:\Windows\system32\atiesrxx.exe

13:17:07.0702 3532 AMD External Events Utility - ok

13:17:07.0718 3532 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:17:07.0718 3532 amdide - ok

13:17:07.0749 3532 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

13:17:07.0780 3532 AmdK8 - ok

13:17:08.0201 3532 amdkmdag (9673319070166e26660eba4edf316fa2) C:\Windows\system32\DRIVERS\atipmdag.sys

13:17:08.0326 3532 amdkmdag - ok

13:17:08.0451 3532 amdkmdap (430d06d63952848e64cbbf23b5c1479e) C:\Windows\system32\DRIVERS\atikmpag.sys

13:17:08.0498 3532 amdkmdap - ok

13:17:08.0544 3532 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

13:17:08.0560 3532 AmdPPM - ok

13:17:08.0591 3532 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys

13:17:08.0607 3532 amdsata - ok

13:17:08.0638 3532 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

13:17:08.0654 3532 amdsbs - ok

13:17:08.0669 3532 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys

13:17:08.0669 3532 amdxata - ok

13:17:08.0716 3532 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:17:08.0794 3532 AppID - ok

13:17:08.0856 3532 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

13:17:08.0919 3532 AppIDSvc - ok

13:17:08.0950 3532 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

13:17:09.0028 3532 Appinfo - ok

13:17:09.0122 3532 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

13:17:09.0153 3532 Apple Mobile Device - ok

13:17:09.0168 3532 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

13:17:09.0184 3532 arc - ok

13:17:09.0200 3532 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

13:17:09.0231 3532 arcsas - ok

13:17:09.0231 3532 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:17:09.0278 3532 AsyncMac - ok

13:17:09.0309 3532 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:17:09.0309 3532 atapi - ok

13:17:09.0324 3532 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys

13:17:09.0340 3532 AtiPcie - ok

13:17:09.0402 3532 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:17:09.0449 3532 AudioEndpointBuilder - ok

13:17:09.0449 3532 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:17:09.0480 3532 AudioSrv - ok

13:17:09.0870 3532 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

13:17:09.0948 3532 AVGIDSAgent - ok

13:17:10.0058 3532 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

13:17:10.0089 3532 AVGIDSDriver - ok

13:17:10.0120 3532 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

13:17:10.0136 3532 AVGIDSFilter - ok

13:17:10.0151 3532 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

13:17:10.0167 3532 Avgldx64 - ok

13:17:10.0182 3532 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

13:17:10.0198 3532 Avgmfx64 - ok

13:17:10.0214 3532 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

13:17:10.0214 3532 Avgrkx64 - ok

13:17:10.0245 3532 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

13:17:10.0260 3532 Avgtdia - ok

13:17:10.0338 3532 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

13:17:10.0354 3532 avgwd - ok

13:17:10.0401 3532 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

13:17:10.0463 3532 AxInstSV - ok

13:17:10.0526 3532 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

13:17:10.0588 3532 b06bdrv - ok

13:17:10.0651 3532 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:17:10.0701 3532 b57nd60a - ok

13:17:10.0731 3532 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

13:17:10.0797 3532 BDESVC - ok

13:17:10.0812 3532 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:17:10.0845 3532 Beep - ok

13:17:10.0916 3532 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

13:17:10.0971 3532 BFE - ok

13:17:11.0042 3532 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll

13:17:11.0097 3532 BITS - ok

13:17:11.0129 3532 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

13:17:11.0166 3532 blbdrive - ok

13:17:11.0252 3532 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

13:17:11.0288 3532 Bonjour Service - ok

13:17:11.0324 3532 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:17:11.0342 3532 bowser - ok

13:17:11.0357 3532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

13:17:11.0379 3532 BrFiltLo - ok

13:17:11.0398 3532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

13:17:11.0409 3532 BrFiltUp - ok

13:17:11.0439 3532 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

13:17:11.0468 3532 BridgeMP - ok

13:17:11.0499 3532 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

13:17:11.0552 3532 Browser - ok

13:17:11.0582 3532 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:17:11.0613 3532 Brserid - ok

13:17:11.0628 3532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:17:11.0660 3532 BrSerWdm - ok

13:17:11.0675 3532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:17:11.0738 3532 BrUsbMdm - ok

13:17:11.0738 3532 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:17:11.0753 3532 BrUsbSer - ok

13:17:11.0753 3532 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

13:17:11.0769 3532 BTHMODEM - ok

13:17:11.0816 3532 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

13:17:11.0847 3532 bthserv - ok

13:17:11.0847 3532 catchme - ok

13:17:11.0925 3532 CATmobile (a17eedc1b59232346753d5e9a652ce26) C:\Program Files (x86)\T-Mobile\webConnect Manager\conappssvc.exe

13:17:11.0956 3532 CATmobile ( UnsignedFile.Multi.Generic ) - warning

13:17:11.0956 3532 CATmobile - detected UnsignedFile.Multi.Generic (1)

13:17:11.0987 3532 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:17:12.0065 3532 cdfs - ok

13:17:12.0096 3532 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

13:17:12.0128 3532 cdrom - ok

13:17:12.0159 3532 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:17:12.0206 3532 CertPropSvc - ok

13:17:12.0221 3532 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

13:17:12.0237 3532 circlass - ok

13:17:12.0330 3532 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:17:12.0377 3532 CLFS - ok

13:17:12.0440 3532 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:17:12.0455 3532 clr_optimization_v2.0.50727_32 - ok

13:17:12.0502 3532 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:17:12.0533 3532 clr_optimization_v2.0.50727_64 - ok

13:17:12.0611 3532 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:17:12.0642 3532 clr_optimization_v4.0.30319_32 - ok

13:17:12.0705 3532 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:17:12.0736 3532 clr_optimization_v4.0.30319_64 - ok

13:17:12.0752 3532 clwvd (e13a438f9e51dd034730678e33b73290) C:\Windows\system32\DRIVERS\clwvd.sys

13:17:12.0767 3532 clwvd - ok

13:17:12.0783 3532 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

13:17:12.0814 3532 CmBatt - ok

13:17:12.0830 3532 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:17:12.0845 3532 cmdide - ok

13:17:12.0892 3532 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

13:17:12.0923 3532 CNG - ok

13:17:12.0923 3532 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

13:17:12.0939 3532 Compbatt - ok

13:17:12.0970 3532 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

13:17:13.0017 3532 CompositeBus - ok

13:17:13.0032 3532 COMSysApp - ok

13:17:13.0032 3532 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

13:17:13.0048 3532 crcdisk - ok

13:17:13.0079 3532 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

13:17:13.0110 3532 CryptSvc - ok

13:17:13.0157 3532 dalwdmservice (20b51198df64dd6ced07be75abc4df93) C:\Windows\system32\drivers\dalwdm.sys

13:17:13.0188 3532 dalwdmservice - ok

13:17:13.0266 3532 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:17:13.0360 3532 DcomLaunch - ok

13:17:13.0391 3532 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

13:17:13.0454 3532 defragsvc - ok

13:17:13.0485 3532 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:17:13.0547 3532 DfsC - ok

13:17:13.0610 3532 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

13:17:13.0656 3532 Dhcp - ok

13:17:13.0672 3532 DigiNet (faa97c2e28a2a7afbb156b78ff30f710) C:\Windows\system32\DRIVERS\diginet.sys

13:17:13.0688 3532 DigiNet - ok

13:17:13.0734 3532 DigiRefresh - ok

13:17:13.0812 3532 digiSPTIService (52e112e8b13522352db42b78ac9bab0c) C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe

13:17:13.0844 3532 digiSPTIService ( UnsignedFile.Multi.Generic ) - warning

13:17:13.0844 3532 digiSPTIService - detected UnsignedFile.Multi.Generic (1)

13:17:13.0875 3532 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:17:13.0968 3532 discache - ok

13:17:14.0000 3532 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

13:17:14.0031 3532 Disk - ok

13:17:14.0078 3532 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

13:17:14.0109 3532 Dnscache - ok

13:17:14.0171 3532 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

13:17:14.0265 3532 dot3svc - ok

13:17:14.0296 3532 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

13:17:14.0343 3532 DPS - ok

13:17:14.0358 3532 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:17:14.0374 3532 drmkaud - ok

13:17:14.0499 3532 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:17:14.0546 3532 DXGKrnl - ok

13:17:14.0577 3532 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

13:17:14.0624 3532 EapHost - ok

13:17:14.0858 3532 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

13:17:14.0936 3532 ebdrv - ok

13:17:15.0045 3532 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

13:17:15.0092 3532 EFS - ok

13:17:15.0201 3532 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

13:17:15.0294 3532 ehRecvr - ok

13:17:15.0326 3532 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

13:17:15.0357 3532 ehSched - ok

13:17:15.0419 3532 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

13:17:15.0450 3532 elxstor - ok

13:17:15.0497 3532 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:17:15.0591 3532 ErrDev - ok

13:17:15.0669 3532 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

13:17:15.0731 3532 EventSystem - ok

13:17:15.0762 3532 ewusbnet (d83eb7ade99d99a4cd6568ac1261d35e) C:\Windows\system32\DRIVERS\ewusbnet.sys

13:17:15.0794 3532 ewusbnet - ok

13:17:15.0825 3532 ew_hwusbdev (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys

13:17:15.0872 3532 ew_hwusbdev - ok

13:17:15.0903 3532 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:17:15.0965 3532 exfat - ok

13:17:15.0996 3532 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:17:16.0028 3532 fastfat - ok

13:17:16.0121 3532 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

13:17:16.0168 3532 Fax - ok

13:17:16.0184 3532 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

13:17:16.0215 3532 fdc - ok

13:17:16.0230 3532 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

13:17:16.0277 3532 fdPHost - ok

13:17:16.0293 3532 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

13:17:16.0340 3532 FDResPub - ok

13:17:16.0355 3532 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:17:16.0371 3532 FileInfo - ok

13:17:16.0371 3532 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:17:16.0418 3532 Filetrace - ok

13:17:16.0558 3532 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

13:17:16.0574 3532 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning

13:17:16.0574 3532 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)

13:17:16.0620 3532 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

13:17:16.0652 3532 flpydisk - ok

13:17:16.0698 3532 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:17:16.0714 3532 FltMgr - ok

13:17:16.0808 3532 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

13:17:16.0886 3532 FontCache - ok

13:17:16.0948 3532 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:17:16.0964 3532 FontCache3.0.0.0 - ok

13:17:17.0042 3532 Freemake Improver (5b0348b8e06d0d2597ed0e86ff47cd88) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

13:17:17.0073 3532 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning

13:17:17.0073 3532 Freemake Improver - detected UnsignedFile.Multi.Generic (1)

13:17:17.0104 3532 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:17:17.0135 3532 FsDepends - ok

13:17:17.0213 3532 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

13:17:17.0244 3532 Fs_Rec - ok

13:17:17.0291 3532 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:17:17.0322 3532 fvevol - ok

13:17:17.0338 3532 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

13:17:17.0338 3532 gagp30kx - ok

13:17:17.0416 3532 GameConsoleService (6858c318e8daa40e747e6fb9b214e104) C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe

13:17:17.0447 3532 GameConsoleService - ok

13:17:17.0478 3532 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

13:17:17.0494 3532 GEARAspiWDM - ok

13:17:17.0572 3532 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

13:17:17.0650 3532 gpsvc - ok

13:17:17.0790 3532 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe

13:17:17.0822 3532 Greg_Service - ok

13:17:17.0900 3532 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:17:17.0931 3532 gupdate - ok

13:17:17.0931 3532 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:17:17.0946 3532 gupdatem - ok

13:17:18.0040 3532 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:17:18.0102 3532 hcw85cir - ok

13:17:18.0165 3532 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

13:17:18.0227 3532 HdAudAddService - ok

13:17:18.0258 3532 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

13:17:18.0290 3532 HDAudBus - ok

13:17:18.0305 3532 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

13:17:18.0352 3532 HidBatt - ok

13:17:18.0368 3532 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

13:17:18.0383 3532 HidBth - ok

13:17:18.0414 3532 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

13:17:18.0414 3532 HidIr - ok

13:17:18.0430 3532 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

13:17:18.0477 3532 hidserv - ok

13:17:18.0492 3532 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

13:17:18.0492 3532 HidUsb - ok

13:17:18.0524 3532 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

13:17:18.0555 3532 hkmsvc - ok

13:17:18.0602 3532 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

13:17:18.0633 3532 HomeGroupListener - ok

13:17:18.0680 3532 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

13:17:18.0726 3532 HomeGroupProvider - ok

13:17:18.0758 3532 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:17:18.0773 3532 HpSAMD - ok

13:17:18.0851 3532 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:17:18.0914 3532 HTTP - ok

13:17:18.0914 3532 huawei_enumerator - ok

13:17:18.0945 3532 hwdatacard (6e05228393cd614b983568ec40c262c3) C:\Windows\system32\DRIVERS\ewusbmdm.sys

13:17:18.0992 3532 hwdatacard - ok

13:17:19.0023 3532 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:17:19.0054 3532 hwpolicy - ok

13:17:19.0070 3532 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

13:17:19.0085 3532 i8042prt - ok

13:17:19.0116 3532 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:17:19.0148 3532 iaStorV - ok

13:17:19.0272 3532 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:17:19.0335 3532 idsvc - ok

13:17:19.0350 3532 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

13:17:19.0366 3532 iirsp - ok

13:17:19.0444 3532 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

13:17:19.0491 3532 IKEEXT - ok

13:17:19.0538 3532 int15.sys (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\System32\OEM\Factory\int15.sys

13:17:19.0569 3532 int15.sys - ok

13:17:19.0725 3532 IntcAzAudAddService (e80469090249f7d6d64be772cfa8c4c1) C:\Windows\system32\drivers\RTKVHD64.sys

13:17:19.0772 3532 IntcAzAudAddService - ok

13:17:19.0881 3532 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:17:19.0896 3532 intelide - ok

13:17:19.0912 3532 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

13:17:19.0943 3532 intelppm - ok

13:17:19.0974 3532 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

13:17:20.0021 3532 IPBusEnum - ok

13:17:20.0052 3532 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:17:20.0084 3532 IpFilterDriver - ok

13:17:20.0146 3532 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

13:17:20.0193 3532 iphlpsvc - ok

13:17:20.0224 3532 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:17:20.0255 3532 IPMIDRV - ok

13:17:20.0286 3532 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:17:20.0349 3532 IPNAT - ok

13:17:20.0536 3532 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

13:17:20.0583 3532 iPod Service - ok

13:17:20.0598 3532 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:17:20.0645 3532 IRENUM - ok

13:17:20.0676 3532 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:17:20.0723 3532 isapnp - ok

13:17:20.0832 3532 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:17:20.0864 3532 iScsiPrt - ok

13:17:20.0895 3532 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys

13:17:20.0910 3532 itecir - ok

13:17:20.0926 3532 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

13:17:20.0942 3532 kbdclass - ok

13:17:20.0957 3532 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

13:17:20.0973 3532 kbdhid - ok

13:17:20.0988 3532 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:17:21.0004 3532 KeyIso - ok

13:17:21.0020 3532 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

13:17:21.0035 3532 KSecDD - ok

13:17:21.0051 3532 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

13:17:21.0051 3532 KSecPkg - ok

13:17:21.0066 3532 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:17:21.0113 3532 ksthunk - ok

13:17:21.0144 3532 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

13:17:21.0191 3532 KtmRm - ok

13:17:21.0238 3532 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll

13:17:21.0285 3532 LanmanServer - ok

13:17:21.0316 3532 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

13:17:21.0363 3532 LanmanWorkstation - ok

13:17:21.0378 3532 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:17:21.0425 3532 lltdio - ok

13:17:21.0472 3532 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

13:17:21.0503 3532 lltdsvc - ok

13:17:21.0503 3532 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

13:17:21.0534 3532 lmhosts - ok

13:17:21.0566 3532 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

13:17:21.0581 3532 LSI_FC - ok

13:17:21.0581 3532 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

13:17:21.0597 3532 LSI_SAS - ok

13:17:21.0612 3532 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

13:17:21.0612 3532 LSI_SAS2 - ok

13:17:21.0628 3532 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

13:17:21.0659 3532 LSI_SCSI - ok

13:17:21.0675 3532 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:17:21.0768 3532 luafv - ok

13:17:21.0800 3532 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

13:17:21.0800 3532 MBAMProtector - ok

13:17:21.0924 3532 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

13:17:21.0971 3532 MBAMService - ok

13:17:21.0987 3532 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys

13:17:21.0987 3532 MBfilt - ok

13:17:22.0018 3532 MBX2DFU (8246015402271e38e91d3aa49dbc5f5c) C:\Windows\system32\DRIVERS\MBX2DFU.sys

13:17:22.0049 3532 MBX2DFU - ok

13:17:22.0065 3532 MBX2MIDK (a8e67055e039356f81c29d25357f22f2) C:\Windows\system32\drivers\mbx2midk.sys

13:17:22.0080 3532 MBX2MIDK - ok

13:17:22.0112 3532 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

13:17:22.0158 3532 Mcx2Svc - ok

13:17:22.0190 3532 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

13:17:22.0190 3532 megasas - ok

13:17:22.0236 3532 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

13:17:22.0252 3532 MegaSR - ok

13:17:22.0314 3532 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

13:17:22.0330 3532 Microsoft Office Groove Audit Service - ok

13:17:22.0361 3532 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:17:22.0424 3532 MMCSS - ok

13:17:22.0439 3532 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:17:22.0470 3532 Modem - ok

13:17:22.0502 3532 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:17:22.0533 3532 monitor - ok

13:17:22.0564 3532 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

13:17:22.0580 3532 mouclass - ok

13:17:22.0595 3532 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:17:22.0626 3532 mouhid - ok

13:17:22.0658 3532 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:17:22.0658 3532 mountmgr - ok

13:17:22.0704 3532 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:17:22.0751 3532 mpio - ok

13:17:22.0767 3532 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:17:22.0814 3532 mpsdrv - ok

13:17:22.0892 3532 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

13:17:22.0938 3532 MpsSvc - ok

13:17:22.0970 3532 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:17:23.0032 3532 MRxDAV - ok

13:17:23.0079 3532 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:17:23.0126 3532 mrxsmb - ok

13:17:23.0172 3532 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:17:23.0204 3532 mrxsmb10 - ok

13:17:23.0235 3532 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:17:23.0266 3532 mrxsmb20 - ok

13:17:23.0297 3532 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:17:23.0313 3532 msahci - ok

13:17:23.0344 3532 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:17:23.0360 3532 msdsm - ok

13:17:23.0391 3532 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

13:17:23.0438 3532 MSDTC - ok

13:17:23.0469 3532 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:17:23.0500 3532 Msfs - ok

13:17:23.0500 3532 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:17:23.0547 3532 mshidkmdf - ok

13:17:23.0562 3532 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:17:23.0562 3532 msisadrv - ok

13:17:23.0594 3532 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

13:17:23.0640 3532 MSiSCSI - ok

13:17:23.0640 3532 msiserver - ok

13:17:23.0656 3532 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:17:23.0703 3532 MSKSSRV - ok

13:17:23.0718 3532 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:17:23.0796 3532 MSPCLOCK - ok

13:17:23.0812 3532 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:17:23.0859 3532 MSPQM - ok

13:17:23.0906 3532 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:17:23.0921 3532 MsRPC - ok

13:17:23.0921 3532 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

13:17:23.0937 3532 mssmbios - ok

13:17:23.0952 3532 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:17:23.0984 3532 MSTEE - ok

13:17:23.0999 3532 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

13:17:23.0999 3532 MTConfig - ok

13:17:24.0015 3532 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:17:24.0030 3532 Mup - ok

13:17:24.0093 3532 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

13:17:24.0171 3532 napagent - ok

13:17:24.0202 3532 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:17:24.0264 3532 NativeWifiP - ok

13:17:24.0358 3532 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

13:17:24.0389 3532 NDIS - ok

13:17:24.0405 3532 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:17:24.0436 3532 NdisCap - ok

13:17:24.0452 3532 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:17:24.0467 3532 NdisTapi - ok

13:17:24.0498 3532 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:17:24.0530 3532 Ndisuio - ok

13:17:24.0576 3532 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:17:24.0670 3532 NdisWan - ok

13:17:24.0701 3532 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:17:24.0732 3532 NDProxy - ok

13:17:24.0873 3532 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

13:17:24.0920 3532 Nero BackItUp Scheduler 4.0 - ok

13:17:24.0935 3532 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:17:24.0982 3532 NetBIOS - ok

13:17:25.0029 3532 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:17:25.0091 3532 NetBT - ok

13:17:25.0122 3532 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:17:25.0122 3532 Netlogon - ok

13:17:25.0169 3532 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

13:17:25.0216 3532 Netman - ok

13:17:25.0263 3532 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

13:17:25.0310 3532 netprofm - ok

13:17:25.0419 3532 netr28x (6b605adc90a1dd4a9bd94fc23ef52884) C:\Windows\system32\DRIVERS\netr28x.sys

13:17:25.0450 3532 netr28x - ok

13:17:25.0497 3532 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:17:25.0528 3532 NetTcpPortSharing - ok

13:17:25.0559 3532 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

13:17:25.0575 3532 nfrd960 - ok

13:17:25.0637 3532 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

13:17:25.0684 3532 NlaSvc - ok

13:17:25.0700 3532 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:17:25.0731 3532 Npfs - ok

13:17:25.0746 3532 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

13:17:25.0793 3532 nsi - ok

13:17:25.0809 3532 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:17:25.0840 3532 nsiproxy - ok

13:17:25.0965 3532 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:17:26.0012 3532 Ntfs - ok

13:17:26.0090 3532 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:17:26.0152 3532 Null - ok

13:17:26.0183 3532 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:17:26.0230 3532 nvraid - ok

13:17:26.0246 3532 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:17:26.0261 3532 nvstor - ok

13:17:26.0292 3532 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:17:26.0324 3532 nv_agp - ok

13:17:26.0402 3532 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

13:17:26.0448 3532 odserv - ok

13:17:26.0464 3532 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

13:17:26.0495 3532 ohci1394 - ok

13:17:26.0526 3532 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:17:26.0542 3532 ose - ok

13:17:26.0573 3532 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:17:26.0604 3532 p2pimsvc - ok

13:17:26.0651 3532 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

13:17:26.0667 3532 p2psvc - ok

13:17:26.0698 3532 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

13:17:26.0714 3532 Parport - ok

13:17:26.0745 3532 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

13:17:26.0760 3532 partmgr - ok

13:17:26.0776 3532 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

13:17:26.0807 3532 PcaSvc - ok

13:17:26.0838 3532 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:17:26.0854 3532 pci - ok

13:17:26.0870 3532 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:17:26.0870 3532 pciide - ok

13:17:26.0901 3532 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

13:17:26.0916 3532 pcmcia - ok

13:17:26.0948 3532 PCTINDIS5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\Windows\system32\PCTINDIS5X64.SYS

13:17:26.0948 3532 PCTINDIS5X64 - ok

13:17:26.0979 3532 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:17:26.0979 3532 pcw - ok

13:17:27.0026 3532 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:17:27.0072 3532 PEAUTH - ok

13:17:27.0150 3532 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

13:17:27.0182 3532 PerfHost - ok

13:17:27.0338 3532 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

13:17:27.0478 3532 pla - ok

13:17:27.0509 3532 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

13:17:27.0572 3532 PlugPlay - ok

13:17:27.0634 3532 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

13:17:27.0665 3532 PNRPAutoReg - ok

13:17:27.0696 3532 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:17:27.0728 3532 PNRPsvc - ok

13:17:27.0759 3532 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

13:17:27.0806 3532 PolicyAgent - ok

13:17:27.0852 3532 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

13:17:27.0884 3532 Power - ok

13:17:27.0962 3532 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:17:28.0040 3532 PptpMiniport - ok

13:17:28.0071 3532 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

13:17:28.0086 3532 Processor - ok

13:17:28.0133 3532 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

13:17:28.0164 3532 ProfSvc - ok

13:17:28.0180 3532 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:17:28.0196 3532 ProtectedStorage - ok

13:17:28.0227 3532 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:17:28.0305 3532 Psched - ok

13:17:28.0414 3532 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

13:17:28.0445 3532 ql2300 - ok

13:17:28.0554 3532 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

13:17:28.0570 3532 ql40xx - ok

13:17:28.0617 3532 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

13:17:28.0648 3532 QWAVE - ok

13:17:28.0664 3532 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:17:28.0679 3532 QWAVEdrv - ok

13:17:28.0695 3532 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:17:28.0742 3532 RasAcd - ok

13:17:28.0773 3532 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:17:28.0820 3532 RasAgileVpn - ok

13:17:28.0835 3532 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

13:17:28.0913 3532 RasAuto - ok

13:17:28.0944 3532 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:17:28.0991 3532 Rasl2tp - ok

13:17:29.0038 3532 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

13:17:29.0085 3532 RasMan - ok

13:17:29.0085 3532 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:17:29.0132 3532 RasPppoe - ok

13:17:29.0147 3532 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:17:29.0194 3532 RasSstp - ok

13:17:29.0241 3532 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:17:29.0288 3532 rdbss - ok

13:17:29.0303 3532 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

13:17:29.0319 3532 rdpbus - ok

13:17:29.0334 3532 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:17:29.0381 3532 RDPCDD - ok

13:17:29.0397 3532 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:17:29.0444 3532 RDPENCDD - ok

13:17:29.0459 3532 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:17:29.0490 3532 RDPREFMP - ok

13:17:29.0537 3532 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

13:17:29.0600 3532 RDPWD - ok

13:17:29.0631 3532 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:17:29.0646 3532 rdyboost - ok

13:17:29.0678 3532 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

13:17:29.0709 3532 RemoteAccess - ok

13:17:29.0740 3532 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

13:17:29.0787 3532 RemoteRegistry - ok

13:17:29.0802 3532 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

13:17:29.0834 3532 RpcEptMapper - ok

13:17:29.0865 3532 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

13:17:29.0880 3532 RpcLocator - ok

13:17:29.0943 3532 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:17:29.0990 3532 RpcSs - ok

13:17:30.0005 3532 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:17:30.0114 3532 rspndr - ok

13:17:30.0146 3532 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\Windows\System32\Drivers\RtsUStor.sys

13:17:30.0177 3532 RSUSBSTOR - ok

13:17:30.0208 3532 RTL8167 (66f9f7161d147b6486a22feb9425930d) C:\Windows\system32\DRIVERS\Rt64win7.sys

13:17:30.0224 3532 RTL8167 - ok

13:17:30.0255 3532 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:17:30.0255 3532 SamSs - ok

13:17:30.0286 3532 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:17:30.0302 3532 sbp2port - ok

13:17:30.0333 3532 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

13:17:30.0364 3532 SCardSvr - ok

13:17:30.0395 3532 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:17:30.0426 3532 scfilter - ok

13:17:30.0520 3532 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

13:17:30.0582 3532 Schedule - ok

13:17:30.0629 3532 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:17:30.0645 3532 SCPolicySvc - ok

13:17:30.0692 3532 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

13:17:30.0738 3532 SDRSVC - ok

13:17:30.0770 3532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:17:30.0832 3532 secdrv - ok

13:17:30.0894 3532 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

13:17:31.0019 3532 seclogon - ok

13:17:31.0113 3532 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll

13:17:31.0175 3532 SENS - ok

13:17:31.0191 3532 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

13:17:31.0222 3532 SensrSvc - ok

13:17:31.0238 3532 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

13:17:31.0253 3532 Serenum - ok

13:17:31.0269 3532 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

13:17:31.0269 3532 Serial - ok

13:17:31.0300 3532 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

13:17:31.0316 3532 sermouse - ok

13:17:31.0347 3532 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

13:17:31.0409 3532 SessionEnv - ok

13:17:31.0425 3532 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

13:17:31.0456 3532 sffdisk - ok

13:17:31.0472 3532 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:17:31.0503 3532 sffp_mmc - ok

13:17:31.0518 3532 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

13:17:31.0565 3532 sffp_sd - ok

13:17:31.0565 3532 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

13:17:31.0581 3532 sfloppy - ok

13:17:31.0659 3532 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

13:17:31.0721 3532 SharedAccess - ok

13:17:31.0768 3532 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

13:17:31.0815 3532 ShellHWDetection - ok

13:17:31.0830 3532 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

13:17:31.0830 3532 SiSRaid2 - ok

13:17:31.0846 3532 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

13:17:31.0862 3532 SiSRaid4 - ok

13:17:31.0877 3532 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:17:31.0908 3532 Smb - ok

13:17:31.0940 3532 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

13:17:31.0955 3532 SNMPTRAP - ok

13:17:31.0971 3532 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:17:31.0986 3532 spldr - ok

13:17:32.0018 3532 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

13:17:32.0064 3532 Spooler - ok

13:17:32.0376 3532 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

13:17:32.0470 3532 sppsvc - ok

13:17:32.0548 3532 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

13:17:32.0626 3532 sppuinotify - ok

13:17:32.0704 3532 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:17:32.0751 3532 srv - ok

13:17:32.0798 3532 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:17:32.0844 3532 srv2 - ok

13:17:32.0876 3532 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:17:32.0891 3532 srvnet - ok

13:17:32.0922 3532 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

13:17:32.0985 3532 SSDPSRV - ok

13:17:33.0000 3532 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

13:17:33.0032 3532 SstpSvc - ok

13:17:33.0047 3532 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

13:17:33.0063 3532 stexstor - ok

13:17:33.0110 3532 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

13:17:33.0156 3532 stisvc - ok

13:17:33.0172 3532 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

13:17:33.0188 3532 swenum - ok

13:17:33.0219 3532 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

13:17:33.0266 3532 swprv - ok

13:17:33.0406 3532 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

13:17:33.0453 3532 SysMain - ok

13:17:33.0562 3532 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

13:17:33.0640 3532 TabletInputService - ok

13:17:33.0702 3532 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

13:17:33.0765 3532 TapiSrv - ok

13:17:33.0796 3532 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

13:17:33.0827 3532 TBS - ok

13:17:34.0014 3532 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

13:17:34.0061 3532 Tcpip - ok

13:17:34.0233 3532 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

13:17:34.0264 3532 TCPIP6 - ok

13:17:34.0342 3532 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:17:34.0404 3532 tcpipreg - ok

13:17:34.0451 3532 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:17:34.0498 3532 TDPIPE - ok

13:17:34.0545 3532 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

13:17:34.0576 3532 TDTCP - ok

13:17:34.0638 3532 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:17:34.0701 3532 tdx - ok

13:17:34.0732 3532 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

13:17:34.0748 3532 TermDD - ok

13:17:34.0794 3532 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

13:17:34.0841 3532 TermService - ok

13:17:34.0872 3532 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

13:17:34.0904 3532 Themes - ok

13:17:34.0919 3532 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:17:34.0950 3532 THREADORDER - ok

13:17:35.0028 3532 TMobileRcAppSvc (d44d1fd2a03351bab109e1fc14d08cfb) C:\Program Files (x86)\T-Mobile\webConnect Manager\RcAppSvc.exe

13:17:35.0060 3532 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - warning

13:17:35.0060 3532 TMobileRcAppSvc - detected UnsignedFile.Multi.Generic (1)

13:17:35.0122 3532 tmobile_mf691_dc_enum (265cd57b1c3700cdbc0b815791bc3b56) C:\Windows\system32\DRIVERS\tmobile_mf691_dc_enum.sys

13:17:35.0169 3532 tmobile_mf691_dc_enum - ok

13:17:35.0216 3532 Tpkd (7cace8801848966b7541e664000e4ee4) C:\Windows\system32\drivers\Tpkd.sys

13:17:35.0231 3532 Tpkd - ok

13:17:35.0247 3532 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

13:17:35.0325 3532 TrkWks - ok

13:17:35.0387 3532 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

13:17:35.0434 3532 TrustedInstaller - ok

13:17:35.0450 3532 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:17:35.0496 3532 tssecsrv - ok

13:17:35.0528 3532 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:17:35.0574 3532 TsUsbFlt - ok

13:17:35.0621 3532 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:17:35.0684 3532 tunnel - ok

13:17:35.0715 3532 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

13:17:35.0730 3532 uagp35 - ok

13:17:35.0777 3532 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:17:35.0824 3532 udfs - ok

13:17:35.0855 3532 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

13:17:35.0871 3532 UI0Detect - ok

13:17:35.0902 3532 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:17:35.0902 3532 uliagpkx - ok

13:17:35.0933 3532 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

13:17:35.0980 3532 umbus - ok

13:17:35.0996 3532 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

13:17:36.0011 3532 UmPass - ok

13:17:36.0089 3532 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

13:17:36.0120 3532 Updater Service - ok

13:17:36.0261 3532 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

13:17:36.0354 3532 upnphost - ok

13:17:36.0386 3532 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

13:17:36.0448 3532 USBAAPL64 - ok

13:17:36.0479 3532 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

13:17:36.0557 3532 usbaudio - ok

13:17:36.0573 3532 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:17:36.0604 3532 usbccgp - ok

13:17:36.0635 3532 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:17:36.0651 3532 usbcir - ok

13:17:36.0651 3532 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

13:17:36.0666 3532 usbehci - ok

13:17:36.0698 3532 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

13:17:36.0729 3532 usbhub - ok

13:17:36.0838 3532 USBMULCD (f9b3054339a71f16430f6585ebc8be96) C:\Windows\system32\drivers\CM10664.sys

13:17:36.0900 3532 USBMULCD - ok

13:17:36.0916 3532 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

13:17:36.0932 3532 usbohci - ok

13:17:36.0963 3532 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

13:17:36.0978 3532 usbprint - ok

13:17:37.0010 3532 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

13:17:37.0041 3532 usbscan - ok

13:17:37.0072 3532 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:17:37.0103 3532 USBSTOR - ok

13:17:37.0119 3532 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

13:17:37.0134 3532 usbuhci - ok

13:17:37.0166 3532 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

13:17:37.0197 3532 usbvideo - ok

13:17:37.0228 3532 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

13:17:37.0228 3532 usb_rndisx - ok

13:17:37.0259 3532 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

13:17:37.0290 3532 UxSms - ok

13:17:37.0322 3532 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:17:37.0322 3532 VaultSvc - ok

13:17:37.0337 3532 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:17:37.0353 3532 vdrvroot - ok

13:17:37.0400 3532 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

13:17:37.0446 3532 vds - ok

13:17:37.0462 3532 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:17:37.0478 3532 vga - ok

13:17:37.0493 3532 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:17:37.0524 3532 VgaSave - ok

13:17:37.0556 3532 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:17:37.0571 3532 vhdmp - ok

13:17:37.0618 3532 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:17:37.0634 3532 viaide - ok

13:17:37.0665 3532 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:17:37.0680 3532 volmgr - ok

13:17:37.0727 3532 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:17:37.0758 3532 volmgrx - ok

13:17:37.0821 3532 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:17:37.0837 3532 volsnap - ok

13:17:37.0868 3532 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

13:17:37.0883 3532 vsmraid - ok

13:17:38.0039 3532 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

13:17:38.0117 3532 VSS - ok

13:17:38.0320 3532 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

13:17:38.0351 3532 vToolbarUpdater11.1.0 - ok

13:17:38.0445 3532 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

13:17:38.0476 3532 vwifibus - ok

13:17:38.0492 3532 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

13:17:38.0523 3532 vwififlt - ok

13:17:38.0570 3532 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

13:17:38.0632 3532 W32Time - ok

13:17:38.0648 3532 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

13:17:38.0663 3532 WacomPen - ok

13:17:38.0695 3532 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:17:38.0726 3532 WANARP - ok

13:17:38.0741 3532 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:17:38.0757 3532 Wanarpv6 - ok

13:17:38.0913 3532 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

13:17:38.0960 3532 WatAdminSvc - ok

13:17:39.0100 3532 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

13:17:39.0194 3532 wbengine - ok

13:17:39.0272 3532 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

13:17:39.0303 3532 WbioSrvc - ok

13:17:39.0365 3532 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

13:17:39.0381 3532 wcncsvc - ok

13:17:39.0397 3532 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

13:17:39.0412 3532 WcsPlugInService - ok

13:17:39.0459 3532 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

13:17:39.0459 3532 Wd - ok

13:17:39.0521 3532 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

Link to post
Share on other sites

13:17:39.0537 3532 Wdf01000 - ok

13:17:39.0568 3532 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:17:39.0677 3532 WdiServiceHost - ok

13:17:39.0677 3532 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:17:39.0709 3532 WdiSystemHost - ok

13:17:40.0192 3532 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

13:17:40.0270 3532 WebClient - ok

13:17:41.0066 3532 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

13:17:41.0159 3532 Wecsvc - ok

13:17:41.0222 3532 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

13:17:41.0253 3532 wercplsupport - ok

13:17:41.0300 3532 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

13:17:41.0331 3532 WerSvc - ok

13:17:41.0378 3532 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:17:41.0409 3532 WfpLwf - ok

13:17:41.0440 3532 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:17:41.0440 3532 WIMMount - ok

13:17:41.0487 3532 WinDefend - ok

13:17:41.0487 3532 WinHttpAutoProxySvc - ok

13:17:41.0565 3532 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

13:17:41.0596 3532 Winmgmt - ok

13:17:42.0157 3532 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

13:17:42.0263 3532 WinRM - ok

13:17:42.0513 3532 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

13:17:42.0529 3532 WinUsb - ok

13:17:42.0653 3532 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

13:17:42.0716 3532 Wlansvc - ok

13:17:43.0075 3532 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

13:17:43.0121 3532 wlidsvc - ok

13:17:43.0277 3532 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

13:17:43.0293 3532 WmiAcpi - ok

13:17:43.0387 3532 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

13:17:43.0418 3532 wmiApSrv - ok

13:17:43.0465 3532 WMPNetworkSvc - ok

13:17:43.0496 3532 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

13:17:43.0511 3532 WPCSvc - ok

13:17:43.0558 3532 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

13:17:43.0589 3532 WPDBusEnum - ok

13:17:43.0636 3532 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:17:43.0652 3532 ws2ifsl - ok

13:17:43.0683 3532 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll

13:17:43.0714 3532 wscsvc - ok

13:17:43.0714 3532 WSearch - ok

13:17:44.0073 3532 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

13:17:44.0198 3532 wuauserv - ok

13:17:44.0323 3532 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:17:44.0385 3532 WudfPf - ok

13:17:44.0447 3532 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:17:44.0494 3532 WUDFRd - ok

13:17:44.0557 3532 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

13:17:44.0588 3532 wudfsvc - ok

13:17:44.0650 3532 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

13:17:44.0666 3532 WwanSvc - ok

13:17:44.0884 3532 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

13:17:44.0900 3532 YahooAUService - ok

13:17:44.0931 3532 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

13:17:45.0227 3532 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

13:17:45.0227 3532 \Device\Harddisk0\DR0 - detected TDSS File System (1)

13:17:45.0227 3532 Boot (0x1200) (4ac6ac884e4e510142115c2c4ae60203) \Device\Harddisk0\DR0\Partition0

13:17:45.0227 3532 \Device\Harddisk0\DR0\Partition0 - ok

13:17:45.0243 3532 Boot (0x1200) (c82dac81d78fd4d7b804a2eb2a4220b6) \Device\Harddisk0\DR0\Partition1

13:17:45.0259 3532 \Device\Harddisk0\DR0\Partition1 - ok

13:17:45.0259 3532 ============================================================

13:17:45.0259 3532 Scan finished

13:17:45.0259 3532 ============================================================

13:17:45.0259 1164 Detected object count: 6

13:17:45.0259 1164 Actual detected object count: 6

13:18:09.0085 1164 CATmobile ( UnsignedFile.Multi.Generic ) - skipped by user

13:18:09.0085 1164 CATmobile ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:18:09.0085 1164 digiSPTIService ( UnsignedFile.Multi.Generic ) - skipped by user

13:18:09.0085 1164 digiSPTIService ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:18:09.0085 1164 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

13:18:09.0085 1164 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:18:09.0085 1164 Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user

13:18:09.0085 1164 Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:18:09.0085 1164 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - skipped by user

13:18:09.0085 1164 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:18:09.0085 1164 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

13:18:09.0085 1164 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

13:19:32.0794 0652 ============================================================

13:19:32.0794 0652 Scan started

13:19:32.0794 0652 Mode: Manual; SigCheck; TDLFS;

13:19:32.0794 0652 ============================================================

13:19:33.0418 0652 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:19:33.0449 0652 1394ohci - ok

13:19:33.0480 0652 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:19:33.0496 0652 ACPI - ok

13:19:33.0527 0652 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:19:33.0527 0652 AcpiPmi - ok

13:19:33.0621 0652 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

13:19:33.0652 0652 Adobe Version Cue CS3 - ok

13:19:33.0777 0652 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

13:19:33.0808 0652 AdobeFlashPlayerUpdateSvc - ok

13:19:33.0855 0652 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

13:19:33.0870 0652 adp94xx - ok

13:19:33.0917 0652 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

13:19:33.0917 0652 adpahci - ok

13:19:33.0933 0652 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

13:19:33.0948 0652 adpu320 - ok

13:19:33.0980 0652 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

13:19:33.0995 0652 AeLookupSvc - ok

13:19:34.0073 0652 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

13:19:34.0104 0652 AFD - ok

13:19:34.0120 0652 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:19:34.0136 0652 agp440 - ok

13:19:34.0167 0652 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

13:19:34.0167 0652 ALG - ok

13:19:34.0182 0652 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:19:34.0198 0652 aliide - ok

13:19:34.0229 0652 AMD External Events Utility (8f6c0ff277dbfe5ebed24e3543da7bfa) C:\Windows\system32\atiesrxx.exe

13:19:34.0245 0652 AMD External Events Utility - ok

13:19:34.0245 0652 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:19:34.0245 0652 amdide - ok

13:19:34.0260 0652 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

13:19:34.0276 0652 AmdK8 - ok

13:19:34.0760 0652 amdkmdag (9673319070166e26660eba4edf316fa2) C:\Windows\system32\DRIVERS\atipmdag.sys

13:19:34.0822 0652 amdkmdag - ok

13:19:34.0947 0652 amdkmdap (430d06d63952848e64cbbf23b5c1479e) C:\Windows\system32\DRIVERS\atikmpag.sys

13:19:34.0962 0652 amdkmdap - ok

13:19:34.0978 0652 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

13:19:34.0994 0652 AmdPPM - ok

13:19:35.0009 0652 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys

13:19:35.0025 0652 amdsata - ok

13:19:35.0056 0652 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

13:19:35.0056 0652 amdsbs - ok

13:19:35.0072 0652 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys

13:19:35.0087 0652 amdxata - ok

13:19:35.0118 0652 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:19:35.0150 0652 AppID - ok

13:19:35.0181 0652 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

13:19:35.0212 0652 AppIDSvc - ok

13:19:35.0243 0652 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

13:19:35.0274 0652 Appinfo - ok

13:19:35.0368 0652 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

13:19:35.0384 0652 Apple Mobile Device - ok

13:19:35.0399 0652 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

13:19:35.0415 0652 arc - ok

13:19:35.0540 0652 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

13:19:35.0571 0652 arcsas - ok

13:19:35.0602 0652 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:19:35.0649 0652 AsyncMac - ok

13:19:35.0680 0652 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:19:35.0680 0652 atapi - ok

13:19:35.0696 0652 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys

13:19:35.0696 0652 AtiPcie - ok

13:19:35.0774 0652 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:19:35.0805 0652 AudioEndpointBuilder - ok

13:19:35.0820 0652 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:19:35.0852 0652 AudioSrv - ok

13:19:36.0257 0652 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

13:19:36.0335 0652 AVGIDSAgent - ok

13:19:36.0444 0652 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

13:19:36.0460 0652 AVGIDSDriver - ok

13:19:36.0476 0652 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

13:19:36.0491 0652 AVGIDSFilter - ok

13:19:36.0522 0652 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

13:19:36.0538 0652 Avgldx64 - ok

13:19:36.0554 0652 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

13:19:36.0569 0652 Avgmfx64 - ok

13:19:36.0585 0652 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

13:19:36.0585 0652 Avgrkx64 - ok

13:19:36.0616 0652 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

13:19:36.0632 0652 Avgtdia - ok

13:19:36.0678 0652 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

13:19:36.0678 0652 avgwd - ok

13:19:36.0725 0652 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

13:19:36.0741 0652 AxInstSV - ok

13:19:36.0788 0652 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

13:19:36.0803 0652 b06bdrv - ok

13:19:36.0834 0652 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:19:36.0834 0652 b57nd60a - ok

13:19:36.0866 0652 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

13:19:36.0881 0652 BDESVC - ok

13:19:36.0897 0652 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:19:36.0912 0652 Beep - ok

13:19:36.0990 0652 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

13:19:37.0022 0652 BFE - ok

13:19:37.0100 0652 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll

13:19:37.0131 0652 BITS - ok

13:19:37.0162 0652 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

13:19:37.0162 0652 blbdrive - ok

13:19:37.0256 0652 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

13:19:37.0271 0652 Bonjour Service - ok

13:19:37.0318 0652 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:19:37.0334 0652 bowser - ok

13:19:37.0349 0652 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

13:19:37.0380 0652 BrFiltLo - ok

13:19:37.0380 0652 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

13:19:37.0396 0652 BrFiltUp - ok

13:19:37.0412 0652 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

13:19:37.0443 0652 BridgeMP - ok

13:19:37.0474 0652 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

13:19:37.0505 0652 Browser - ok

13:19:37.0521 0652 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:19:37.0536 0652 Brserid - ok

13:19:37.0552 0652 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:19:37.0552 0652 BrSerWdm - ok

13:19:37.0568 0652 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:19:37.0583 0652 BrUsbMdm - ok

13:19:37.0583 0652 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:19:37.0599 0652 BrUsbSer - ok

13:19:37.0599 0652 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

13:19:37.0614 0652 BTHMODEM - ok

13:19:37.0646 0652 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

13:19:37.0661 0652 bthserv - ok

13:19:37.0677 0652 catchme - ok

13:19:37.0739 0652 CATmobile (a17eedc1b59232346753d5e9a652ce26) C:\Program Files (x86)\T-Mobile\webConnect Manager\conappssvc.exe

13:19:37.0755 0652 CATmobile ( UnsignedFile.Multi.Generic ) - warning

13:19:37.0755 0652 CATmobile - detected UnsignedFile.Multi.Generic (1)

13:19:37.0786 0652 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:19:37.0817 0652 cdfs - ok

13:19:37.0848 0652 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

13:19:37.0864 0652 cdrom - ok

13:19:37.0895 0652 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:19:37.0926 0652 CertPropSvc - ok

13:19:37.0926 0652 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

13:19:37.0942 0652 circlass - ok

13:19:37.0973 0652 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:19:37.0989 0652 CLFS - ok

13:19:38.0036 0652 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:19:38.0051 0652 clr_optimization_v2.0.50727_32 - ok

13:19:38.0098 0652 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:19:38.0114 0652 clr_optimization_v2.0.50727_64 - ok

13:19:38.0192 0652 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:19:38.0207 0652 clr_optimization_v4.0.30319_32 - ok

13:19:38.0270 0652 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:19:38.0285 0652 clr_optimization_v4.0.30319_64 - ok

13:19:38.0301 0652 clwvd (e13a438f9e51dd034730678e33b73290) C:\Windows\system32\DRIVERS\clwvd.sys

13:19:38.0316 0652 clwvd - ok

13:19:38.0316 0652 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

13:19:38.0332 0652 CmBatt - ok

13:19:38.0363 0652 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:19:38.0363 0652 cmdide - ok

13:19:38.0441 0652 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

13:19:38.0472 0652 CNG - ok

13:19:38.0488 0652 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

13:19:38.0504 0652 Compbatt - ok

13:19:38.0535 0652 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

13:19:38.0550 0652 CompositeBus - ok

13:19:38.0550 0652 COMSysApp - ok

13:19:38.0566 0652 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

13:19:38.0566 0652 crcdisk - ok

13:19:38.0613 0652 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

13:19:38.0613 0652 CryptSvc - ok

13:19:38.0660 0652 dalwdmservice (20b51198df64dd6ced07be75abc4df93) C:\Windows\system32\drivers\dalwdm.sys

13:19:38.0660 0652 dalwdmservice - ok

13:19:38.0722 0652 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:19:38.0753 0652 DcomLaunch - ok

13:19:38.0800 0652 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

13:19:38.0831 0652 defragsvc - ok

13:19:38.0862 0652 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:19:38.0894 0652 DfsC - ok

13:19:38.0940 0652 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

13:19:38.0972 0652 Dhcp - ok

13:19:38.0972 0652 DigiNet (faa97c2e28a2a7afbb156b78ff30f710) C:\Windows\system32\DRIVERS\diginet.sys

13:19:38.0987 0652 DigiNet - ok

13:19:39.0034 0652 DigiRefresh - ok

13:19:39.0112 0652 digiSPTIService (52e112e8b13522352db42b78ac9bab0c) C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe

13:19:39.0112 0652 digiSPTIService ( UnsignedFile.Multi.Generic ) - warning

13:19:39.0112 0652 digiSPTIService - detected UnsignedFile.Multi.Generic (1)

13:19:39.0128 0652 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:19:39.0174 0652 discache - ok

13:19:39.0206 0652 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

13:19:39.0206 0652 Disk - ok

13:19:39.0252 0652 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

13:19:39.0268 0652 Dnscache - ok

13:19:39.0299 0652 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

13:19:39.0330 0652 dot3svc - ok

13:19:39.0362 0652 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

13:19:39.0393 0652 DPS - ok

13:19:39.0408 0652 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:19:39.0408 0652 drmkaud - ok

13:19:39.0518 0652 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:19:39.0533 0652 DXGKrnl - ok

13:19:39.0549 0652 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

13:19:39.0580 0652 EapHost - ok

13:19:39.0798 0652 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

13:19:39.0830 0652 ebdrv - ok

13:19:39.0939 0652 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

13:19:39.0954 0652 EFS - ok

13:19:40.0048 0652 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

13:19:40.0064 0652 ehRecvr - ok

13:19:40.0095 0652 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

13:19:40.0095 0652 ehSched - ok

13:19:40.0173 0652 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

13:19:40.0188 0652 elxstor - ok

13:19:40.0235 0652 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:19:40.0235 0652 ErrDev - ok

13:19:40.0282 0652 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

13:19:40.0313 0652 EventSystem - ok

13:19:40.0360 0652 ewusbnet (d83eb7ade99d99a4cd6568ac1261d35e) C:\Windows\system32\DRIVERS\ewusbnet.sys

13:19:40.0360 0652 ewusbnet - ok

13:19:40.0407 0652 ew_hwusbdev (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys

13:19:40.0407 0652 ew_hwusbdev - ok

13:19:40.0438 0652 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:19:40.0454 0652 exfat - ok

13:19:40.0485 0652 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:19:40.0516 0652 fastfat - ok

13:19:40.0625 0652 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

13:19:40.0641 0652 Fax - ok

13:19:40.0641 0652 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

13:19:40.0656 0652 fdc - ok

13:19:40.0672 0652 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

13:19:40.0703 0652 fdPHost - ok

13:19:40.0703 0652 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

13:19:40.0734 0652 FDResPub - ok

13:19:40.0750 0652 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:19:40.0766 0652 FileInfo - ok

13:19:40.0766 0652 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:19:40.0797 0652 Filetrace - ok

13:19:40.0922 0652 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

13:19:40.0953 0652 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning

13:19:40.0953 0652 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)

13:19:40.0968 0652 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

13:19:40.0984 0652 flpydisk - ok

13:19:41.0031 0652 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:19:41.0062 0652 FltMgr - ok

13:19:41.0171 0652 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

13:19:41.0202 0652 FontCache - ok

13:19:41.0265 0652 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:19:41.0280 0652 FontCache3.0.0.0 - ok

13:19:41.0374 0652 Freemake Improver (5b0348b8e06d0d2597ed0e86ff47cd88) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

13:19:41.0374 0652 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning

13:19:41.0374 0652 Freemake Improver - detected UnsignedFile.Multi.Generic (1)

13:19:41.0405 0652 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:19:41.0421 0652 FsDepends - ok

13:19:41.0452 0652 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

13:19:41.0468 0652 Fs_Rec - ok

13:19:41.0499 0652 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:19:41.0514 0652 fvevol - ok

13:19:41.0530 0652 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

13:19:41.0546 0652 gagp30kx - ok

13:19:41.0624 0652 GameConsoleService (6858c318e8daa40e747e6fb9b214e104) C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe

13:19:41.0639 0652 GameConsoleService - ok

13:19:41.0686 0652 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

13:19:41.0702 0652 GEARAspiWDM - ok

13:19:41.0795 0652 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

13:19:41.0842 0652 gpsvc - ok

13:19:41.0982 0652 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe

13:19:42.0029 0652 Greg_Service - ok

13:19:42.0107 0652 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:19:42.0123 0652 gupdate - ok

13:19:42.0138 0652 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:19:42.0138 0652 gupdatem - ok

13:19:42.0232 0652 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:19:42.0263 0652 hcw85cir - ok

13:19:42.0310 0652 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

13:19:42.0326 0652 HdAudAddService - ok

13:19:42.0357 0652 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

13:19:42.0388 0652 HDAudBus - ok

13:19:42.0404 0652 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

13:19:42.0419 0652 HidBatt - ok

13:19:42.0450 0652 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

13:19:42.0466 0652 HidBth - ok

13:19:42.0513 0652 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

13:19:42.0528 0652 HidIr - ok

13:19:42.0622 0652 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

13:19:42.0653 0652 hidserv - ok

13:19:42.0747 0652 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

13:19:42.0762 0652 HidUsb - ok

13:19:42.0794 0652 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

13:19:42.0825 0652 hkmsvc - ok

13:19:42.0872 0652 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

13:19:42.0887 0652 HomeGroupListener - ok

13:19:42.0934 0652 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

13:19:42.0965 0652 HomeGroupProvider - ok

13:19:42.0996 0652 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:19:42.0996 0652 HpSAMD - ok

13:19:43.0152 0652 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:19:43.0199 0652 HTTP - ok

13:19:43.0199 0652 huawei_enumerator - ok

13:19:43.0277 0652 hwdatacard (6e05228393cd614b983568ec40c262c3) C:\Windows\system32\DRIVERS\ewusbmdm.sys

13:19:43.0293 0652 hwdatacard - ok

13:19:43.0324 0652 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:19:43.0340 0652 hwpolicy - ok

13:19:43.0371 0652 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

13:19:43.0386 0652 i8042prt - ok

13:19:43.0418 0652 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:19:43.0433 0652 iaStorV - ok

13:19:43.0620 0652 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:19:43.0680 0652 idsvc - ok

13:19:43.0715 0652 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

13:19:43.0727 0652 iirsp - ok

13:19:43.0850 0652 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

13:19:43.0897 0652 IKEEXT - ok

13:19:43.0967 0652 int15.sys (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\System32\OEM\Factory\int15.sys

13:19:44.0062 0652 int15.sys - ok

13:19:44.0287 0652 IntcAzAudAddService (e80469090249f7d6d64be772cfa8c4c1) C:\Windows\system32\drivers\RTKVHD64.sys

13:19:44.0334 0652 IntcAzAudAddService - ok

13:19:44.0607 0652 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:19:44.0607 0652 intelide - ok

13:19:44.0669 0652 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

13:19:44.0685 0652 intelppm - ok

13:19:44.0700 0652 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

13:19:44.0731 0652 IPBusEnum - ok

13:19:44.0778 0652 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:19:44.0809 0652 IpFilterDriver - ok

13:19:44.0856 0652 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

13:19:44.0887 0652 iphlpsvc - ok

13:19:44.0919 0652 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:19:44.0934 0652 IPMIDRV - ok

13:19:44.0965 0652 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:19:44.0981 0652 IPNAT - ok

13:19:45.0153 0652 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

13:19:45.0184 0652 iPod Service - ok

13:19:45.0199 0652 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:19:45.0215 0652 IRENUM - ok

13:19:45.0231 0652 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:19:45.0246 0652 isapnp - ok

13:19:45.0293 0652 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:19:45.0309 0652 iScsiPrt - ok

13:19:45.0340 0652 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys

13:19:45.0340 0652 itecir - ok

13:19:45.0355 0652 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

13:19:45.0371 0652 kbdclass - ok

13:19:45.0371 0652 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

13:19:45.0387 0652 kbdhid - ok

13:19:45.0402 0652 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:19:45.0418 0652 KeyIso - ok

13:19:45.0433 0652 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

13:19:45.0449 0652 KSecDD - ok

13:19:45.0465 0652 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

13:19:45.0480 0652 KSecPkg - ok

13:19:45.0480 0652 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:19:45.0511 0652 ksthunk - ok

13:19:45.0558 0652 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

13:19:45.0589 0652 KtmRm - ok

13:19:45.0636 0652 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll

13:19:45.0667 0652 LanmanServer - ok

13:19:45.0714 0652 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

13:19:45.0730 0652 LanmanWorkstation - ok

13:19:45.0761 0652 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:19:45.0778 0652 lltdio - ok

13:19:45.0824 0652 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

13:19:45.0856 0652 lltdsvc - ok

13:19:45.0856 0652 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

13:19:45.0887 0652 lmhosts - ok

13:19:45.0918 0652 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

13:19:45.0918 0652 LSI_FC - ok

13:19:45.0934 0652 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

13:19:45.0949 0652 LSI_SAS - ok

13:19:45.0949 0652 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

13:19:45.0965 0652 LSI_SAS2 - ok

13:19:45.0980 0652 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

13:19:45.0996 0652 LSI_SCSI - ok

13:19:46.0012 0652 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:19:46.0043 0652 luafv - ok

13:19:46.0074 0652 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

13:19:46.0090 0652 MBAMProtector - ok

13:19:46.0214 0652 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

13:19:46.0246 0652 MBAMService - ok

13:19:46.0261 0652 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys

13:19:46.0277 0652 MBfilt - ok

13:19:46.0308 0652 MBX2DFU (8246015402271e38e91d3aa49dbc5f5c) C:\Windows\system32\DRIVERS\MBX2DFU.sys

13:19:46.0308 0652 MBX2DFU - ok

13:19:46.0324 0652 MBX2MIDK (a8e67055e039356f81c29d25357f22f2) C:\Windows\system32\drivers\mbx2midk.sys

13:19:46.0339 0652 MBX2MIDK - ok

13:19:46.0370 0652 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

13:19:46.0386 0652 Mcx2Svc - ok

13:19:46.0402 0652 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

13:19:46.0402 0652 megasas - ok

13:19:46.0433 0652 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

13:19:46.0448 0652 MegaSR - ok

13:19:46.0495 0652 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

13:19:46.0511 0652 Microsoft Office Groove Audit Service - ok

13:19:46.0526 0652 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:19:46.0558 0652 MMCSS - ok

13:19:46.0573 0652 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:19:46.0604 0652 Modem - ok

13:19:46.0620 0652 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:19:46.0636 0652 monitor - ok

13:19:46.0667 0652 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

13:19:46.0682 0652 mouclass - ok

13:19:46.0682 0652 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:19:46.0698 0652 mouhid - ok

13:19:46.0745 0652 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:19:46.0745 0652 mountmgr - ok

13:19:46.0792 0652 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:19:46.0792 0652 mpio - ok

13:19:46.0823 0652 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:19:46.0854 0652 mpsdrv - ok

13:19:46.0932 0652 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

13:19:46.0963 0652 MpsSvc - ok

13:19:47.0010 0652 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:19:47.0026 0652 MRxDAV - ok

13:19:47.0057 0652 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:19:47.0072 0652 mrxsmb - ok

13:19:47.0119 0652 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:19:47.0119 0652 mrxsmb10 - ok

13:19:47.0182 0652 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:19:47.0197 0652 mrxsmb20 - ok

13:19:47.0244 0652 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:19:47.0244 0652 msahci - ok

13:19:47.0369 0652 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:19:47.0384 0652 msdsm - ok

13:19:47.0416 0652 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

13:19:47.0447 0652 MSDTC - ok

13:19:47.0462 0652 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:19:47.0494 0652 Msfs - ok

13:19:47.0509 0652 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:19:47.0540 0652 mshidkmdf - ok

13:19:47.0540 0652 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:19:47.0556 0652 msisadrv - ok

13:19:47.0587 0652 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

13:19:47.0618 0652 MSiSCSI - ok

13:19:47.0618 0652 msiserver - ok

13:19:47.0634 0652 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:19:47.0665 0652 MSKSSRV - ok

13:19:47.0681 0652 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:19:47.0696 0652 MSPCLOCK - ok

13:19:47.0712 0652 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:19:47.0743 0652 MSPQM - ok

13:19:47.0790 0652 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:19:47.0806 0652 MsRPC - ok

13:19:47.0837 0652 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

13:19:47.0837 0652 mssmbios - ok

13:19:47.0852 0652 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:19:47.0884 0652 MSTEE - ok

13:19:47.0884 0652 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

13:19:47.0899 0652 MTConfig - ok

13:19:47.0915 0652 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:19:47.0915 0652 Mup - ok

13:19:47.0993 0652 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

13:19:48.0024 0652 napagent - ok

13:19:48.0040 0652 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:19:48.0055 0652 NativeWifiP - ok

13:19:48.0133 0652 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

13:19:48.0149 0652 NDIS - ok

13:19:48.0164 0652 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:19:48.0196 0652 NdisCap - ok

13:19:48.0211 0652 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:19:48.0242 0652 NdisTapi - ok

13:19:48.0258 0652 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:19:48.0289 0652 Ndisuio - ok

13:19:48.0336 0652 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:19:48.0398 0652 NdisWan - ok

13:19:48.0430 0652 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:19:48.0461 0652 NDProxy - ok

13:19:48.0601 0652 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

13:19:48.0632 0652 Nero BackItUp Scheduler 4.0 - ok

13:19:48.0664 0652 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:19:48.0695 0652 NetBIOS - ok

13:19:48.0742 0652 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:19:48.0773 0652 NetBT - ok

13:19:48.0804 0652 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:19:48.0804 0652 Netlogon - ok

13:19:48.0851 0652 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

13:19:48.0882 0652 Netman - ok

13:19:48.0913 0652 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

13:19:48.0944 0652 netprofm - ok

13:19:49.0038 0652 netr28x (6b605adc90a1dd4a9bd94fc23ef52884) C:\Windows\system32\DRIVERS\netr28x.sys

13:19:49.0069 0652 netr28x - ok

13:19:49.0132 0652 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:19:49.0132 0652 NetTcpPortSharing - ok

13:19:49.0147 0652 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

13:19:49.0163 0652 nfrd960 - ok

13:19:49.0210 0652 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

13:19:49.0241 0652 NlaSvc - ok

13:19:49.0256 0652 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:19:49.0288 0652 Npfs - ok

13:19:49.0303 0652 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

13:19:49.0319 0652 nsi - ok

13:19:49.0334 0652 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:19:49.0366 0652 nsiproxy - ok

13:19:49.0506 0652 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:19:49.0537 0652 Ntfs - ok

13:19:49.0631 0652 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:19:49.0693 0652 Null - ok

13:19:49.0724 0652 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:19:49.0740 0652 nvraid - ok

13:19:49.0771 0652 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:19:49.0787 0652 nvstor - ok

13:19:49.0802 0652 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:19:49.0818 0652 nv_agp - ok

13:19:49.0912 0652 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

13:19:49.0943 0652 odserv - ok

13:19:49.0974 0652 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

13:19:49.0990 0652 ohci1394 - ok

13:19:50.0036 0652 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:19:50.0036 0652 ose - ok

13:19:50.0099 0652 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:19:50.0114 0652 p2pimsvc - ok

13:19:50.0146 0652 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

13:19:50.0161 0652 p2psvc - ok

13:19:50.0177 0652 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

13:19:50.0192 0652 Parport - ok

13:19:50.0224 0652 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

13:19:50.0239 0652 partmgr - ok

13:19:50.0255 0652 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

13:19:50.0270 0652 PcaSvc - ok

13:19:50.0286 0652 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:19:50.0302 0652 pci - ok

13:19:50.0317 0652 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:19:50.0317 0652 pciide - ok

13:19:50.0348 0652 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

13:19:50.0348 0652 pcmcia - ok

13:19:50.0380 0652 PCTINDIS5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\Windows\system32\PCTINDIS5X64.SYS

13:19:50.0395 0652 PCTINDIS5X64 - ok

13:19:50.0411 0652 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:19:50.0426 0652 pcw - ok

13:19:50.0473 0652 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:19:50.0504 0652 PEAUTH - ok

13:19:50.0582 0652 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

13:19:50.0598 0652 PerfHost - ok

13:19:50.0754 0652 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

13:19:50.0816 0652 pla - ok

13:19:50.0879 0652 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

13:19:50.0879 0652 PlugPlay - ok

13:19:50.0894 0652 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

13:19:50.0910 0652 PNRPAutoReg - ok

13:19:50.0957 0652 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:19:50.0972 0652 PNRPsvc - ok

13:19:51.0004 0652 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

13:19:51.0035 0652 PolicyAgent - ok

13:19:51.0066 0652 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

13:19:51.0097 0652 Power - ok

13:19:51.0160 0652 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:19:51.0222 0652 PptpMiniport - ok

13:19:51.0238 0652 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

13:19:51.0253 0652 Processor - ok

13:19:51.0284 0652 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

13:19:51.0300 0652 ProfSvc - ok

13:19:51.0331 0652 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:19:51.0347 0652 ProtectedStorage - ok

13:19:51.0378 0652 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:19:51.0409 0652 Psched - ok

13:19:51.0534 0652 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

13:19:51.0581 0652 ql2300 - ok

13:19:51.0643 0652 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

13:19:51.0659 0652 ql40xx - ok

13:19:51.0690 0652 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

13:19:51.0690 0652 QWAVE - ok

13:19:51.0706 0652 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:19:51.0721 0652 QWAVEdrv - ok

13:19:51.0737 0652 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:19:51.0768 0652 RasAcd - ok

13:19:51.0799 0652 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:19:51.0815 0652 RasAgileVpn - ok

13:19:51.0830 0652 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

13:19:51.0862 0652 RasAuto - ok

13:19:51.0908 0652 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:19:51.0924 0652 Rasl2tp - ok

13:19:51.0986 0652 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

13:19:52.0018 0652 RasMan - ok

13:19:52.0033 0652 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:19:52.0064 0652 RasPppoe - ok

13:19:52.0080 0652 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:19:52.0111 0652 RasSstp - ok

13:19:52.0142 0652 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:19:52.0174 0652 rdbss - ok

13:19:52.0189 0652 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

13:19:52.0205 0652 rdpbus - ok

13:19:52.0205 0652 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:19:52.0236 0652 RDPCDD - ok

13:19:52.0252 0652 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:19:52.0283 0652 RDPENCDD - ok

13:19:52.0298 0652 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:19:52.0314 0652 RDPREFMP - ok

13:19:52.0517 0652 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

13:19:52.0548 0652 RDPWD - ok

13:19:52.0595 0652 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:19:52.0610 0652 rdyboost - ok

13:19:52.0642 0652 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

13:19:52.0673 0652 RemoteAccess - ok

13:19:52.0704 0652 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

13:19:52.0735 0652 RemoteRegistry - ok

13:19:52.0751 0652 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

13:19:52.0782 0652 RpcEptMapper - ok

13:19:52.0798 0652 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

13:19:52.0798 0652 RpcLocator - ok

13:19:52.0876 0652 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:19:52.0938 0652 RpcSs - ok

13:19:52.0954 0652 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:19:52.0985 0652 rspndr - ok

13:19:53.0016 0652 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\Windows\System32\Drivers\RtsUStor.sys

13:19:53.0032 0652 RSUSBSTOR - ok

13:19:53.0078 0652 RTL8167 (66f9f7161d147b6486a22feb9425930d) C:\Windows\system32\DRIVERS\Rt64win7.sys

13:19:53.0078 0652 RTL8167 - ok

13:19:53.0110 0652 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:19:53.0125 0652 SamSs - ok

13:19:53.0156 0652 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:19:53.0172 0652 sbp2port - ok

13:19:53.0188 0652 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

13:19:53.0219 0652 SCardSvr - ok

13:19:53.0250 0652 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:19:53.0281 0652 scfilter - ok

13:19:53.0406 0652 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

13:19:53.0453 0652 Schedule - ok

13:19:53.0484 0652 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:19:53.0515 0652 SCPolicySvc - ok

13:19:53.0562 0652 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

13:19:53.0593 0652 SDRSVC - ok

13:19:53.0624 0652 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:19:53.0656 0652 secdrv - ok

13:19:53.0687 0652 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

13:19:53.0718 0652 seclogon - ok

13:19:53.0749 0652 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll

13:19:53.0780 0652 SENS - ok

13:19:53.0796 0652 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

13:19:53.0812 0652 SensrSvc - ok

13:19:53.0827 0652 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

13:19:53.0827 0652 Serenum - ok

13:19:53.0843 0652 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

13:19:53.0843 0652 Serial - ok

13:19:53.0858 0652 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

13:19:53.0874 0652 sermouse - ok

13:19:53.0921 0652 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

13:19:53.0936 0652 SessionEnv - ok

13:19:53.0968 0652 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

13:19:53.0983 0652 sffdisk - ok

13:19:53.0999 0652 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:19:54.0014 0652 sffp_mmc - ok

13:19:54.0030 0652 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

13:19:54.0030 0652 sffp_sd - ok

13:19:54.0046 0652 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

13:19:54.0046 0652 sfloppy - ok

13:19:54.0092 0652 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

13:19:54.0124 0652 SharedAccess - ok

13:19:54.0186 0652 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

13:19:54.0217 0652 ShellHWDetection - ok

13:19:54.0217 0652 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

13:19:54.0233 0652 SiSRaid2 - ok

13:19:54.0248 0652 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

13:19:54.0264 0652 SiSRaid4 - ok

13:19:54.0264 0652 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:19:54.0295 0652 Smb - ok

13:19:54.0326 0652 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

13:19:54.0326 0652 SNMPTRAP - ok

13:19:54.0342 0652 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:19:54.0358 0652 spldr - ok

13:19:54.0404 0652 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

13:19:54.0436 0652 Spooler - ok

13:19:54.0732 0652 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

13:19:54.0810 0652 sppsvc - ok

13:19:54.0888 0652 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

13:19:54.0935 0652 sppuinotify - ok

13:19:55.0028 0652 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:19:55.0044 0652 srv - ok

13:19:55.0075 0652 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:19:55.0091 0652 srv2 - ok

13:19:55.0122 0652 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:19:55.0138 0652 srvnet - ok

13:19:55.0153 0652 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

13:19:55.0184 0652 SSDPSRV - ok

13:19:55.0216 0652 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

13:19:55.0247 0652 SstpSvc - ok

13:19:55.0262 0652 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

13:19:55.0278 0652 stexstor - ok

13:19:55.0356 0652 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

13:19:55.0387 0652 stisvc - ok

13:19:55.0418 0652 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

13:19:55.0418 0652 swenum - ok

13:19:55.0465 0652 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

13:19:55.0496 0652 swprv - ok

13:19:55.0652 0652 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

13:19:55.0684 0652 SysMain - ok

13:19:55.0777 0652 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

13:19:55.0824 0652 TabletInputService - ok

13:19:55.0886 0652 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

13:19:55.0949 0652 TapiSrv - ok

13:19:55.0964 0652 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

13:19:55.0996 0652 TBS - ok

13:19:56.0183 0652 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

13:19:56.0214 0652 Tcpip - ok

13:19:56.0401 0652 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

13:19:56.0432 0652 TCPIP6 - ok

13:19:56.0510 0652 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:19:56.0526 0652 tcpipreg - ok

13:19:56.0557 0652 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:19:56.0573 0652 TDPIPE - ok

13:19:56.0604 0652 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

13:19:56.0604 0652 TDTCP - ok

13:19:56.0651 0652 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:19:56.0666 0652 tdx - ok

13:19:56.0698 0652 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

13:19:56.0713 0652 TermDD - ok

13:19:56.0776 0652 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

13:19:56.0807 0652 TermService - ok

13:19:56.0822 0652 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

13:19:56.0838 0652 Themes - ok

13:19:56.0869 0652 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:19:56.0885 0652 THREADORDER - ok

13:19:56.0978 0652 TMobileRcAppSvc (d44d1fd2a03351bab109e1fc14d08cfb) C:\Program Files (x86)\T-Mobile\webConnect Manager\RcAppSvc.exe

13:19:56.0978 0652 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - warning

13:19:56.0978 0652 TMobileRcAppSvc - detected UnsignedFile.Multi.Generic (1)

13:19:57.0025 0652 tmobile_mf691_dc_enum (265cd57b1c3700cdbc0b815791bc3b56) C:\Windows\system32\DRIVERS\tmobile_mf691_dc_enum.sys

13:19:57.0041 0652 tmobile_mf691_dc_enum - ok

13:19:57.0088 0652 Tpkd (7cace8801848966b7541e664000e4ee4) C:\Windows\system32\drivers\Tpkd.sys

13:19:57.0103 0652 Tpkd - ok

13:19:57.0119 0652 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

13:19:57.0150 0652 TrkWks - ok

13:19:57.0212 0652 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

13:19:57.0259 0652 TrustedInstaller - ok

13:19:57.0306 0652 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:19:57.0322 0652 tssecsrv - ok

13:19:57.0353 0652 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:19:57.0368 0652 TsUsbFlt - ok

13:19:57.0415 0652 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:19:57.0431 0652 tunnel - ok

13:19:57.0462 0652 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

13:19:57.0478 0652 uagp35 - ok

13:19:57.0805 0652 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:19:57.0883 0652 udfs - ok

13:19:57.0914 0652 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

13:19:57.0914 0652 UI0Detect - ok

13:19:57.0961 0652 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:19:57.0961 0652 uliagpkx - ok

13:19:57.0992 0652 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

13:19:58.0008 0652 umbus - ok

13:19:58.0008 0652 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

13:19:58.0024 0652 UmPass - ok

13:19:58.0086 0652 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

13:19:58.0086 0652 Updater Service - ok

13:19:58.0117 0652 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

13:19:58.0148 0652 upnphost - ok

13:19:58.0195 0652 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

13:19:58.0195 0652 USBAAPL64 - ok

13:19:58.0226 0652 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

13:19:58.0242 0652 usbaudio - ok

13:19:58.0273 0652 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:19:58.0273 0652 usbccgp - ok

13:19:58.0304 0652 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:19:58.0320 0652 usbcir - ok

13:19:58.0336 0652 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

13:19:58.0351 0652 usbehci - ok

13:19:58.0382 0652 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

13:19:58.0398 0652 usbhub - ok

13:19:58.0507 0652 USBMULCD (f9b3054339a71f16430f6585ebc8be96) C:\Windows\system32\drivers\CM10664.sys

13:19:58.0523 0652 USBMULCD - ok

13:19:58.0538 0652 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

13:19:58.0554 0652 usbohci - ok

13:19:58.0570 0652 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

13:19:58.0570 0652 usbprint - ok

13:19:58.0601 0652 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

13:19:58.0616 0652 usbscan - ok

13:19:58.0632 0652 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:19:58.0648 0652 USBSTOR - ok

13:19:58.0663 0652 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

13:19:58.0663 0652 usbuhci - ok

13:19:58.0694 0652 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

13:19:58.0710 0652 usbvideo - ok

13:19:58.0741 0652 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

13:19:58.0757 0652 usb_rndisx - ok

13:19:58.0772 0652 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

13:19:58.0804 0652 UxSms - ok

13:19:58.0835 0652 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:19:58.0850 0652 VaultSvc - ok

13:19:58.0866 0652 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:19:58.0866 0652 vdrvroot - ok

13:19:58.0928 0652 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

13:19:58.0960 0652 vds - ok

13:19:58.0975 0652 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:19:58.0991 0652 vga - ok

13:19:59.0006 0652 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:19:59.0038 0652 VgaSave - ok

13:19:59.0069 0652 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:19:59.0069 0652 vhdmp - ok

13:19:59.0100 0652 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:19:59.0116 0652 viaide - ok

13:19:59.0131 0652 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:19:59.0131 0652 volmgr - ok

13:19:59.0194 0652 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:19:59.0225 0652 volmgrx - ok

13:19:59.0256 0652 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:19:59.0272 0652 volsnap - ok

13:19:59.0287 0652 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

13:19:59.0303 0652 vsmraid - ok

13:19:59.0443 0652 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

13:19:59.0490 0652 VSS - ok

13:19:59.0677 0652 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe

13:19:59.0708 0652 vToolbarUpdater11.1.0 - ok

13:19:59.0802 0652 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

13:19:59.0802 0652 vwifibus - ok

13:19:59.0833 0652 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

13:19:59.0833 0652 vwififlt - ok

13:19:59.0880 0652 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

13:19:59.0911 0652 W32Time - ok

13:19:59.0927 0652 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

13:19:59.0927 0652 WacomPen - ok

13:19:59.0974 0652 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:20:00.0036 0652 WANARP - ok

13:20:00.0036 0652 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:20:00.0067 0652 Wanarpv6 - ok

13:20:00.0192 0652 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

13:20:00.0223 0652 WatAdminSvc - ok

13:20:00.0426 0652 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

13:20:00.0457 0652 wbengine - ok

13:20:00.0520 0652 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

13:20:00.0535 0652 WbioSrvc - ok

13:20:00.0598 0652 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

13:20:00.0629 0652 wcncsvc - ok

13:20:00.0644 0652 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

13:20:00.0644 0652 WcsPlugInService - ok

13:20:00.0676 0652 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

13:20:00.0691 0652 Wd - ok

13:20:00.0738 0652 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

13:20:00.0754 0652 Wdf01000 - ok

13:20:00.0769 0652 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:20:00.0785 0652 WdiServiceHost - ok

13:20:00.0800 0652 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:20:00.0816 0652 WdiSystemHost - ok

13:20:00.0863 0652 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

13:20:00.0878 0652 WebClient - ok

13:20:00.0910 0652 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

13:20:00.0941 0652 Wecsvc - ok

13:20:00.0956 0652 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

13:20:00.0972 0652 wercplsupport - ok

13:20:01.0003 0652 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

13:20:01.0034 0652 WerSvc - ok

13:20:01.0050 0652 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:20:01.0081 0652 WfpLwf - ok

13:20:01.0097 0652 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:20:01.0112 0652 WIMMount - ok

13:20:01.0144 0652 WinDefend - ok

13:20:01.0159 0652 WinHttpAutoProxySvc - ok

13:20:01.0222 0652 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

13:20:01.0268 0652 Winmgmt - ok

13:20:01.0440 0652 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

13:20:01.0487 0652 WinRM - ok

13:20:01.0596 0652 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

13:20:01.0627 0652 WinUsb - ok

13:20:01.0705 0652 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

13:20:01.0736 0652 Wlansvc - ok

13:20:01.0986 0652 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

13:20:02.0033 0652 wlidsvc - ok

13:20:02.0111 0652 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

13:20:02.0111 0652 WmiAcpi - ok

13:20:02.0189 0652 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

13:20:02.0189 0652 wmiApSrv - ok

13:20:02.0251 0652 WMPNetworkSvc - ok

13:20:02.0267 0652 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

13:20:02.0267 0652 WPCSvc - ok

13:20:02.0314 0652 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

13:20:02.0329 0652 WPDBusEnum - ok

13:20:02.0345 0652 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:20:02.0376 0652 ws2ifsl - ok

13:20:02.0392 0652 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll

13:20:02.0407 0652 wscsvc - ok

13:20:02.0423 0652 WSearch - ok

13:20:02.0594 0652 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

13:20:02.0641 0652 wuauserv - ok

13:20:02.0766 0652 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:20:02.0828 0652 WudfPf - ok

13:20:02.0844 0652 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:20:02.0875 0652 WUDFRd - ok

13:20:02.0906 0652 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

13:20:02.0938 0652 wudfsvc - ok

13:20:02.0969 0652 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

13:20:02.0984 0652 WwanSvc - ok

13:20:03.0140 0652 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

13:20:03.0156 0652 YahooAUService - ok

13:20:03.0203 0652 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

13:20:03.0577 0652 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

13:20:03.0577 0652 \Device\Harddisk0\DR0 - detected TDSS File System (1)

13:20:03.0577 0652 Boot (0x1200) (4ac6ac884e4e510142115c2c4ae60203) \Device\Harddisk0\DR0\Partition0

13:20:03.0577 0652 \Device\Harddisk0\DR0\Partition0 - ok

13:20:03.0608 0652 Boot (0x1200) (c82dac81d78fd4d7b804a2eb2a4220b6) \Device\Harddisk0\DR0\Partition1

13:20:03.0608 0652 \Device\Harddisk0\DR0\Partition1 - ok

13:20:03.0608 0652 ============================================================

13:20:03.0608 0652 Scan finished

13:20:03.0608 0652 ============================================================

13:20:03.0624 2928 Detected object count: 6

13:20:03.0624 2928 Actual detected object count: 6

13:21:20.0586 2928 CATmobile ( UnsignedFile.Multi.Generic ) - skipped by user

13:21:20.0586 2928 CATmobile ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:21:20.0586 2928 digiSPTIService ( UnsignedFile.Multi.Generic ) - skipped by user

13:21:20.0586 2928 digiSPTIService ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:21:20.0586 2928 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

13:21:20.0586 2928 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:21:20.0602 2928 Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user

13:21:20.0602 2928 Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:21:20.0602 2928 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - skipped by user

13:21:20.0602 2928 TMobileRcAppSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:21:20.0602 2928 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

13:21:20.0602 2928 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

13:21:49.0426 1284 Deinitialize success

Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.07.06.10

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

B-Nash :: BR3WSKEE [administrator]

Protection: Disabled

7/6/2012 1:27:31 PM

mbam-log-2012-07-06 (13-27-31).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 241478

Time elapsed: 3 minute(s), 6 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Step 1

Please re-run TDSSKiller and use Delete option for these entries:

13:21:20.0602 2928 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

13:21:20.0602 2928 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Step 2

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named)

Click the cog in the upper right

AVPfront.gif

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

avpsettings.gif

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post it in your next reply.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.