Help with "rootkit.0access"

[OzoGirl]

Malwarebytes quarantined a "rootkit.0access" virus and I deleted it, but it keeps coming back. I also get an error every time I reboot my computer...."host process for windows services stopped working and was closed." Windows Update doesn't work anymore and neither does Microsoft Security Essentials. How do I get rid of this? I saw in another thread to download tdsskiller and I ran that and it doesn't find anything. Here is the report:

19:31:58.0647 4040 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35

19:31:59.0062 4040 ============================================================

19:31:59.0062 4040 Current date / time: 2012/07/16 19:31:59.0062

19:31:59.0062 4040 SystemInfo:

19:31:59.0062 4040

19:31:59.0062 4040 OS Version: 6.1.7601 ServicePack: 1.0

19:31:59.0062 4040 Product type: Workstation

19:31:59.0062 4040 ComputerName: PESTERINO

19:31:59.0063 4040 UserName: test

19:31:59.0063 4040 Windows directory: C:\Windows

19:31:59.0063 4040 System windows directory: C:\Windows

19:31:59.0063 4040 Running under WOW64

19:31:59.0063 4040 Processor architecture: Intel x64

19:31:59.0063 4040 Number of processors: 2

19:31:59.0063 4040 Page size: 0x1000

19:31:59.0063 4040 Boot type: Normal boot

19:31:59.0063 4040 ============================================================

19:32:01.0194 4040 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:32:01.0255 4040 ============================================================

19:32:01.0255 4040 \Device\Harddisk0\DR0:

19:32:01.0260 4040 MBR partitions:

19:32:01.0261 4040 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

19:32:01.0261 4040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x237B2800

19:32:01.0261 4040 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23816800, BlocksNum 0x1BE2800

19:32:01.0261 4040 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253F9000, BlocksNum 0x35800

19:32:01.0261 4040 ============================================================

19:32:01.0429 4040 C: <-> \Device\Harddisk0\DR0\Partition1

19:32:01.0615 4040 D: <-> \Device\Harddisk0\DR0\Partition2

19:32:01.0807 4040 ============================================================

19:32:01.0807 4040 Initialize success

19:32:01.0807 4040 ============================================================

19:32:42.0967 5224 ============================================================

19:32:42.0967 5224 Scan started

19:32:42.0967 5224 Mode: Manual; SigCheck; TDLFS;

19:32:42.0967 5224 ============================================================

19:32:46.0790 5224 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

19:32:47.0371 5224 1394ohci - ok

19:32:47.0435 5224 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

19:32:47.0489 5224 ACPI - ok

19:32:47.0516 5224 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

19:32:47.0877 5224 AcpiPmi - ok

19:32:48.0020 5224 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

19:32:48.0062 5224 AdobeARMservice - ok

19:32:48.0151 5224 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

19:32:48.0235 5224 adp94xx - ok

19:32:48.0305 5224 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

19:32:48.0353 5224 adpahci - ok

19:32:48.0703 5224 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

19:32:48.0744 5224 adpu320 - ok

19:32:48.0787 5224 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

19:32:48.0989 5224 AeLookupSvc - ok

19:32:49.0058 5224 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

19:32:49.0182 5224 AFD - ok

19:32:49.0234 5224 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

19:32:49.0267 5224 agp440 - ok

19:32:49.0314 5224 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

19:32:49.0386 5224 ALG - ok

19:32:49.0429 5224 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

19:32:49.0459 5224 aliide - ok

19:32:49.0536 5224 AMD External Events Utility (29c151492510640343b00b63996e4070) C:\Windows\system32\atiesrxx.exe

19:32:49.0668 5224 AMD External Events Utility - ok

19:32:49.0777 5224 AMD FUEL Service - ok

19:32:49.0883 5224 AMD Reservation Manager (dd27f6c3de9bfe50635c721e09edc5dd) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe

19:32:49.0912 5224 AMD Reservation Manager - ok

19:32:49.0956 5224 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

19:32:49.0969 5224 amdide - ok

19:32:50.0007 5224 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys

19:32:50.0781 5224 amdiox64 - ok

19:32:50.0818 5224 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

19:32:50.0918 5224 AmdK8 - ok

19:32:51.0459 5224 amdkmdag (2c9c4824664c61351ff1e0169262d026) C:\Windows\system32\DRIVERS\atikmdag.sys

19:32:51.0735 5224 amdkmdag - ok

19:32:52.0185 5224 amdkmdap (ef7382689d3b17ac2983202e7a40ab45) C:\Windows\system32\DRIVERS\atikmpag.sys

19:32:52.0243 5224 amdkmdap - ok

19:32:52.0290 5224 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

19:32:52.0327 5224 AmdPPM - ok

19:32:52.0367 5224 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

19:32:52.0388 5224 amdsata - ok

19:32:52.0431 5224 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

19:32:52.0448 5224 amdsbs - ok

19:32:52.0468 5224 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

19:32:52.0482 5224 amdxata - ok

19:32:52.0505 5224 amd_sata (08e8a4172c57abd7693a6915cf1e7a99) C:\Windows\system32\DRIVERS\amd_sata.sys

19:32:52.0515 5224 amd_sata - ok

19:32:52.0538 5224 amd_xata (9866af4e4ad7f16e810b6c0b8473f9cd) C:\Windows\system32\DRIVERS\amd_xata.sys

19:32:52.0549 5224 amd_xata - ok

19:32:52.0593 5224 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

19:32:52.0860 5224 AppID - ok

19:32:52.0900 5224 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

19:32:52.0966 5224 AppIDSvc - ok

19:32:53.0015 5224 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

19:32:53.0111 5224 Appinfo - ok

19:32:53.0398 5224 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:32:53.0422 5224 Apple Mobile Device - ok

19:32:53.0487 5224 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

19:32:53.0508 5224 arc - ok

19:32:53.0549 5224 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

19:32:53.0568 5224 arcsas - ok

19:32:53.0593 5224 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

19:32:53.0688 5224 AsyncMac - ok

19:32:53.0737 5224 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

19:32:53.0750 5224 atapi - ok

19:32:53.0799 5224 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys

19:32:53.0813 5224 AtiHdmiService - ok

19:32:54.0478 5224 atikmdag (2c9c4824664c61351ff1e0169262d026) C:\Windows\system32\DRIVERS\atikmdag.sys

19:32:54.0611 5224 atikmdag - ok

19:32:55.0006 5224 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys

19:32:55.0030 5224 AtiPcie - ok

19:32:55.0128 5224 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

19:32:55.0250 5224 AudioEndpointBuilder - ok

19:32:55.0259 5224 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

19:32:55.0304 5224 AudioSrv - ok

19:32:55.0377 5224 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

19:32:55.0511 5224 AxInstSV - ok

19:32:55.0608 5224 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

19:32:55.0725 5224 b06bdrv - ok

19:32:55.0774 5224 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

19:32:55.0850 5224 b57nd60a - ok

19:32:56.0090 5224 BCM43XX (0e7a9264576b40638a3fbc804de1ff76) C:\Windows\system32\DRIVERS\bcmwl664.sys

19:32:56.0241 5224 BCM43XX - ok

19:32:56.0549 5224 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

19:32:56.0648 5224 BDESVC - ok

19:32:56.0796 5224 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

19:32:56.0878 5224 Beep - ok

19:32:56.0908 5224 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

19:32:56.0932 5224 blbdrive - ok

19:32:57.0035 5224 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

19:32:57.0061 5224 Bonjour Service - ok

19:32:57.0116 5224 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

19:32:57.0183 5224 bowser - ok

19:32:57.0223 5224 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:32:57.0344 5224 BrFiltLo - ok

19:32:57.0366 5224 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:32:57.0395 5224 BrFiltUp - ok

19:32:57.0431 5224 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

19:32:57.0538 5224 Browser - ok

19:32:57.0590 5224 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

19:32:57.0691 5224 Brserid - ok

19:32:57.0725 5224 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

19:32:57.0771 5224 BrSerWdm - ok

19:32:57.0792 5224 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:32:57.0827 5224 BrUsbMdm - ok

19:32:57.0871 5224 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

19:32:57.0950 5224 BrUsbSer - ok

19:32:58.0048 5224 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

19:32:58.0108 5224 BTHMODEM - ok

19:32:58.0155 5224 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

19:32:58.0236 5224 bthserv - ok

19:32:58.0272 5224 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

19:32:58.0325 5224 cdfs - ok

19:32:58.0372 5224 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

19:32:58.0418 5224 cdrom - ok

19:32:58.0468 5224 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

19:32:58.0576 5224 CertPropSvc - ok

19:32:58.0607 5224 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

19:32:58.0650 5224 circlass - ok

19:32:58.0703 5224 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

19:32:58.0755 5224 CLFS - ok

19:32:58.0877 5224 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:32:58.0913 5224 clr_optimization_v2.0.50727_32 - ok

19:32:59.0020 5224 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

19:32:59.0081 5224 clr_optimization_v2.0.50727_64 - ok

19:32:59.0324 5224 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:32:59.0470 5224 clr_optimization_v4.0.30319_32 - ok

19:32:59.0640 5224 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

19:32:59.0673 5224 clr_optimization_v4.0.30319_64 - ok

19:32:59.0737 5224 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys

19:32:59.0765 5224 clwvd - ok

19:32:59.0818 5224 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

19:32:59.0866 5224 CmBatt - ok

19:32:59.0906 5224 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

19:32:59.0931 5224 cmdide - ok

19:32:59.0995 5224 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

19:33:00.0105 5224 CNG - ok

19:33:00.0166 5224 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

19:33:00.0196 5224 Compbatt - ok

19:33:00.0233 5224 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

19:33:00.0269 5224 CompositeBus - ok

19:33:00.0288 5224 COMSysApp - ok

19:33:00.0326 5224 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

19:33:00.0343 5224 crcdisk - ok

19:33:00.0380 5224 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

19:33:00.0451 5224 CryptSvc - ok

19:33:00.0505 5224 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

19:33:00.0681 5224 DcomLaunch - ok

19:33:00.0739 5224 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

19:33:00.0856 5224 defragsvc - ok

19:33:00.0890 5224 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

19:33:00.0948 5224 DfsC - ok

19:33:01.0006 5224 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

19:33:01.0102 5224 Dhcp - ok

19:33:01.0136 5224 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

19:33:01.0176 5224 discache - ok

19:33:01.0223 5224 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

19:33:01.0255 5224 Disk - ok

19:33:01.0302 5224 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

19:33:01.0455 5224 Dnscache - ok

19:33:01.0500 5224 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

19:33:01.0608 5224 dot3svc - ok

19:33:01.0665 5224 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

19:33:01.0714 5224 DPS - ok

19:33:01.0767 5224 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

19:33:01.0807 5224 drmkaud - ok

19:33:01.0916 5224 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

19:33:01.0991 5224 DXGKrnl - ok

19:33:02.0044 5224 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

19:33:02.0109 5224 EapHost - ok

19:33:02.0341 5224 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

19:33:02.0502 5224 ebdrv - ok

19:33:02.0795 5224 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

19:33:02.0870 5224 EFS - ok

19:33:03.0032 5224 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

19:33:03.0176 5224 ehRecvr - ok

19:33:03.0271 5224 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

19:33:03.0350 5224 ehSched - ok

19:33:03.0526 5224 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

19:33:03.0574 5224 elxstor - ok

19:33:03.0606 5224 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

19:33:03.0642 5224 ErrDev - ok

19:33:03.0724 5224 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

19:33:03.0817 5224 EventSystem - ok

19:33:03.0846 5224 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

19:33:03.0889 5224 exfat - ok

19:33:03.0911 5224 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

19:33:03.0978 5224 fastfat - ok

19:33:04.0085 5224 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

19:33:04.0177 5224 Fax - ok

19:33:04.0211 5224 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

19:33:04.0261 5224 fdc - ok

19:33:04.0300 5224 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

19:33:04.0387 5224 fdPHost - ok

19:33:04.0407 5224 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

19:33:04.0472 5224 FDResPub - ok

19:33:04.0511 5224 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

19:33:04.0538 5224 FileInfo - ok

19:33:04.0547 5224 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

19:33:04.0602 5224 Filetrace - ok

19:33:04.0630 5224 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

19:33:04.0646 5224 flpydisk - ok

19:33:04.0706 5224 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

19:33:04.0758 5224 FltMgr - ok

19:33:04.0866 5224 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

19:33:05.0001 5224 FontCache - ok

19:33:05.0106 5224 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:33:05.0132 5224 FontCache3.0.0.0 - ok

19:33:05.0269 5224 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

19:33:05.0299 5224 FsDepends - ok

19:33:05.0340 5224 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

19:33:05.0370 5224 Fs_Rec - ok

19:33:05.0441 5224 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

19:33:05.0490 5224 fvevol - ok

19:33:05.0521 5224 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

19:33:05.0541 5224 gagp30kx - ok

19:33:05.0725 5224 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

19:33:05.0772 5224 GameConsoleService - ok

19:33:05.0823 5224 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

19:33:05.0846 5224 GEARAspiWDM - ok

19:33:05.0926 5224 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

19:33:06.0010 5224 gpsvc - ok

19:33:06.0046 5224 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

19:33:06.0147 5224 hcw85cir - ok

19:33:06.0248 5224 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

19:33:06.0318 5224 HdAudAddService - ok

19:33:06.0341 5224 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

19:33:06.0416 5224 HDAudBus - ok

19:33:06.0470 5224 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

19:33:06.0498 5224 HidBatt - ok

19:33:06.0653 5224 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

19:33:06.0731 5224 HidBth - ok

19:33:06.0756 5224 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

19:33:06.0790 5224 HidIr - ok

19:33:06.0823 5224 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

19:33:06.0899 5224 hidserv - ok

19:33:06.0944 5224 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

19:33:06.0963 5224 HidUsb - ok

19:33:07.0007 5224 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

19:33:07.0102 5224 hkmsvc - ok

19:33:07.0147 5224 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

19:33:07.0211 5224 HomeGroupListener - ok

19:33:07.0257 5224 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

19:33:07.0311 5224 HomeGroupProvider - ok

19:33:07.0496 5224 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

19:33:07.0521 5224 HP Wireless Assistant Service - ok

19:33:07.0613 5224 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

19:33:07.0661 5224 HPClientSvc - ok

19:33:07.0859 5224 hpqwmiex (59cb6a1ca093edc2881598a45518857d) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

19:33:07.0919 5224 hpqwmiex - ok

19:33:08.0350 5224 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

19:33:08.0383 5224 HpSAMD - ok

19:33:08.0441 5224 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

19:33:08.0456 5224 HPWMISVC - ok

19:33:08.0527 5224 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

19:33:08.0657 5224 HTTP - ok

19:33:08.0678 5224 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

19:33:08.0692 5224 hwpolicy - ok

19:33:08.0753 5224 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

19:33:08.0786 5224 i8042prt - ok

19:33:08.0849 5224 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

19:33:08.0896 5224 iaStorV - ok

19:33:09.0076 5224 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

19:33:09.0147 5224 idsvc - ok

19:33:09.0529 5224 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys

19:33:09.0765 5224 igfx - ok

19:33:10.0190 5224 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

19:33:10.0214 5224 iirsp - ok

19:33:10.0294 5224 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

19:33:10.0401 5224 IKEEXT - ok

19:33:10.0437 5224 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

19:33:10.0455 5224 intelide - ok

19:33:10.0502 5224 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

19:33:10.0527 5224 intelppm - ok

19:33:10.0561 5224 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

19:33:10.0625 5224 IPBusEnum - ok

19:33:10.0657 5224 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:33:10.0725 5224 IpFilterDriver - ok

19:33:10.0761 5224 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

19:33:10.0781 5224 IPMIDRV - ok

19:33:10.0821 5224 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

19:33:10.0903 5224 IPNAT - ok

19:33:11.0058 5224 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

19:33:11.0096 5224 iPod Service - ok

19:33:11.0137 5224 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

19:33:11.0212 5224 IRENUM - ok

19:33:11.0256 5224 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

19:33:11.0269 5224 isapnp - ok

19:33:11.0307 5224 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

19:33:11.0331 5224 iScsiPrt - ok

19:33:11.0354 5224 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

19:33:11.0373 5224 kbdclass - ok

19:33:11.0421 5224 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

19:33:11.0461 5224 kbdhid - ok

19:33:11.0501 5224 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:33:11.0513 5224 KeyIso - ok

19:33:11.0536 5224 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

19:33:11.0551 5224 KSecDD - ok

19:33:11.0576 5224 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

19:33:11.0591 5224 KSecPkg - ok

19:33:11.0618 5224 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

19:33:11.0679 5224 ksthunk - ok

19:33:11.0740 5224 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

19:33:11.0859 5224 KtmRm - ok

19:33:11.0941 5224 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

19:33:12.0050 5224 LanmanServer - ok

19:33:12.0095 5224 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

19:33:12.0189 5224 LanmanWorkstation - ok

19:33:12.0226 5224 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

19:33:12.0303 5224 lltdio - ok

19:33:12.0364 5224 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

19:33:12.0467 5224 lltdsvc - ok

19:33:12.0474 5224 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

19:33:12.0514 5224 lmhosts - ok

19:33:12.0579 5224 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

19:33:12.0594 5224 LSI_FC - ok

19:33:12.0612 5224 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

19:33:12.0627 5224 LSI_SAS - ok

19:33:12.0650 5224 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:33:12.0666 5224 LSI_SAS2 - ok

19:33:12.0694 5224 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:33:12.0710 5224 LSI_SCSI - ok

19:33:12.0737 5224 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

19:33:12.0796 5224 luafv - ok

19:33:12.0832 5224 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys

19:33:12.0855 5224 MBAMProtector - ok

19:33:13.0031 5224 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

19:33:13.0062 5224 MBAMService - ok

19:33:13.0093 5224 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

19:33:13.0136 5224 Mcx2Svc - ok

19:33:13.0171 5224 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

19:33:13.0210 5224 megasas - ok

19:33:13.0261 5224 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

19:33:13.0316 5224 MegaSR - ok

19:33:13.0497 5224 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

19:33:13.0527 5224 Microsoft Office Groove Audit Service - ok

19:33:13.0562 5224 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

19:33:13.0657 5224 MMCSS - ok

19:33:13.0692 5224 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

19:33:13.0755 5224 Modem - ok

19:33:13.0773 5224 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

19:33:13.0792 5224 monitor - ok

19:33:13.0811 5224 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

19:33:13.0825 5224 mouclass - ok

19:33:13.0847 5224 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

19:33:13.0861 5224 mouhid - ok

19:33:13.0895 5224 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

19:33:13.0909 5224 mountmgr - ok

19:33:13.0977 5224 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

19:33:14.0006 5224 MozillaMaintenance - ok

19:33:14.0067 5224 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys

19:33:14.0114 5224 MpFilter - ok

19:33:14.0144 5224 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

19:33:14.0168 5224 mpio - ok

19:33:14.0198 5224 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

19:33:14.0249 5224 mpsdrv - ok

19:33:14.0274 5224 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

19:33:14.0306 5224 MRxDAV - ok

19:33:14.0348 5224 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:33:14.0409 5224 mrxsmb - ok

19:33:14.0450 5224 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:33:14.0501 5224 mrxsmb10 - ok

19:33:14.0527 5224 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:33:14.0554 5224 mrxsmb20 - ok

19:33:14.0589 5224 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

19:33:14.0608 5224 msahci - ok

19:33:14.0640 5224 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

19:33:14.0662 5224 msdsm - ok

19:33:14.0705 5224 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

19:33:14.0746 5224 MSDTC - ok

19:33:14.0785 5224 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

19:33:14.0835 5224 Msfs - ok

19:33:14.0840 5224 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

19:33:14.0880 5224 mshidkmdf - ok

19:33:14.0905 5224 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

19:33:14.0918 5224 msisadrv - ok

19:33:14.0969 5224 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

19:33:15.0034 5224 MSiSCSI - ok

19:33:15.0039 5224 msiserver - ok

19:33:15.0067 5224 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

19:33:15.0121 5224 MSKSSRV - ok

19:33:15.0128 5224 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

19:33:15.0184 5224 MSPCLOCK - ok

19:33:15.0189 5224 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

19:33:15.0243 5224 MSPQM - ok

19:33:15.0290 5224 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

19:33:15.0325 5224 MsRPC - ok

19:33:15.0366 5224 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

19:33:15.0380 5224 mssmbios - ok

19:33:15.0419 5224 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

19:33:15.0478 5224 MSTEE - ok

19:33:15.0512 5224 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

19:33:15.0533 5224 MTConfig - ok

19:33:15.0556 5224 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

19:33:15.0570 5224 Mup - ok

19:33:15.0632 5224 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

19:33:15.0718 5224 napagent - ok

19:33:15.0771 5224 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

19:33:15.0825 5224 NativeWifiP - ok

19:33:15.0919 5224 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

19:33:15.0997 5224 NDIS - ok

19:33:16.0045 5224 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

19:33:16.0116 5224 NdisCap - ok

19:33:16.0134 5224 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

19:33:16.0182 5224 NdisTapi - ok

19:33:16.0236 5224 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

19:33:16.0302 5224 Ndisuio - ok

19:33:16.0330 5224 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

19:33:16.0435 5224 NdisWan - ok

19:33:16.0475 5224 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

19:33:16.0527 5224 NDProxy - ok

19:33:16.0567 5224 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

19:33:16.0634 5224 NetBIOS - ok

19:33:16.0672 5224 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

19:33:16.0748 5224 NetBT - ok

19:33:16.0773 5224 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:33:16.0794 5224 Netlogon - ok

19:33:16.0864 5224 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

19:33:16.0971 5224 Netman - ok

19:33:17.0035 5224 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

19:33:17.0137 5224 netprofm - ok

19:33:17.0264 5224 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:33:17.0282 5224 NetTcpPortSharing - ok

19:33:17.0636 5224 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

19:33:17.0827 5224 netw5v64 - ok

19:33:18.0456 5224 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

19:33:18.0487 5224 nfrd960 - ok

19:33:18.0531 5224 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

19:33:18.0548 5224 NisDrv - ok

19:33:18.0679 5224 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe

19:33:18.0711 5224 NisSrv - ok

19:33:18.0780 5224 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

19:33:18.0852 5224 NlaSvc - ok

19:33:18.0893 5224 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

19:33:18.0962 5224 Npfs - ok

19:33:18.0993 5224 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

19:33:19.0045 5224 nsi - ok

19:33:19.0051 5224 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

19:33:19.0102 5224 nsiproxy - ok

19:33:19.0224 5224 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

19:33:19.0312 5224 Ntfs - ok

19:33:19.0702 5224 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

19:33:19.0797 5224 Null - ok

19:33:19.0845 5224 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

19:33:19.0868 5224 nvraid - ok

19:33:19.0895 5224 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

19:33:19.0915 5224 nvstor - ok

19:33:19.0953 5224 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

19:33:19.0978 5224 nv_agp - ok

19:33:20.0169 5224 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

19:33:20.0226 5224 odserv - ok

19:33:20.0266 5224 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

19:33:20.0309 5224 ohci1394 - ok

19:33:20.0392 5224 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:33:20.0426 5224 ose - ok

19:33:20.0495 5224 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

19:33:20.0599 5224 p2pimsvc - ok

19:33:20.0653 5224 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

19:33:20.0709 5224 p2psvc - ok

19:33:20.0878 5224 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

19:33:20.0930 5224 Parport - ok

19:33:20.0965 5224 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

19:33:20.0997 5224 partmgr - ok

19:33:21.0026 5224 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

19:33:21.0113 5224 PcaSvc - ok

19:33:21.0156 5224 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

19:33:21.0178 5224 pci - ok

19:33:21.0192 5224 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

19:33:21.0207 5224 pciide - ok

19:33:21.0252 5224 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

19:33:21.0291 5224 pcmcia - ok

19:33:21.0330 5224 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

19:33:21.0345 5224 pcw - ok

19:33:21.0399 5224 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

19:33:21.0485 5224 PEAUTH - ok

19:33:21.0711 5224 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

19:33:21.0753 5224 PerfHost - ok

19:33:21.0901 5224 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

19:33:22.0009 5224 pla - ok

19:33:22.0075 5224 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

19:33:22.0176 5224 PlugPlay - ok

19:33:22.0212 5224 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

19:33:22.0252 5224 PNRPAutoReg - ok

19:33:22.0296 5224 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

19:33:22.0320 5224 PNRPsvc - ok

19:33:22.0387 5224 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

19:33:22.0474 5224 PolicyAgent - ok

19:33:22.0512 5224 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

19:33:22.0575 5224 Power - ok

19:33:22.0727 5224 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

19:33:22.0794 5224 PptpMiniport - ok

19:33:22.0828 5224 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

19:33:22.0861 5224 Processor - ok

19:33:22.0900 5224 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

19:33:22.0976 5224 ProfSvc - ok

19:33:23.0002 5224 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:33:23.0015 5224 ProtectedStorage - ok

19:33:23.0067 5224 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

19:33:23.0123 5224 Psched - ok

19:33:23.0266 5224 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

19:33:23.0362 5224 ql2300 - ok

19:33:23.0770 5224 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

19:33:23.0805 5224 ql40xx - ok

19:33:23.0849 5224 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

19:33:23.0909 5224 QWAVE - ok

19:33:23.0928 5224 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

19:33:23.0959 5224 QWAVEdrv - ok

19:33:23.0965 5224 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

19:33:24.0014 5224 RasAcd - ok

19:33:24.0049 5224 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:33:24.0115 5224 RasAgileVpn - ok

19:33:24.0156 5224 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

19:33:24.0232 5224 RasAuto - ok

19:33:24.0267 5224 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:33:24.0320 5224 Rasl2tp - ok

19:33:24.0364 5224 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

19:33:24.0461 5224 RasMan - ok

19:33:24.0496 5224 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

19:33:24.0587 5224 RasPppoe - ok

19:33:24.0614 5224 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

19:33:24.0664 5224 RasSstp - ok

19:33:24.0695 5224 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

19:33:24.0774 5224 rdbss - ok

19:33:24.0802 5224 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

19:33:24.0829 5224 rdpbus - ok

19:33:24.0865 5224 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:33:24.0932 5224 RDPCDD - ok

19:33:24.0942 5224 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

19:33:24.0995 5224 RDPENCDD - ok

19:33:25.0004 5224 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

19:33:25.0073 5224 RDPREFMP - ok

19:33:25.0111 5224 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

19:33:25.0172 5224 RDPWD - ok

19:33:25.0226 5224 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

19:33:25.0269 5224 rdyboost - ok

19:33:25.0311 5224 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

19:33:25.0389 5224 RemoteAccess - ok

19:33:25.0453 5224 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

19:33:25.0551 5224 RemoteRegistry - ok

19:33:25.0838 5224 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

19:33:25.0886 5224 RoxioNow Service - ok

19:33:25.0953 5224 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

19:33:26.0042 5224 RpcEptMapper - ok

19:33:26.0072 5224 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

19:33:26.0108 5224 RpcLocator - ok

19:33:26.0177 5224 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

19:33:26.0244 5224 RpcSs - ok

19:33:26.0435 5224 RSPCIESTOR (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys

19:33:26.0475 5224 RSPCIESTOR - ok

19:33:26.0510 5224 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

19:33:26.0563 5224 rspndr - ok

19:33:26.0625 5224 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys

19:33:26.0663 5224 RTL8167 - ok

19:33:26.0771 5224 RTL8192Ce (7a19650e6f9c15b13b1ba4dbf2fb9d45) C:\Windows\system32\DRIVERS\rtl8192Ce.sys

19:33:26.0845 5224 RTL8192Ce - ok

19:33:26.0876 5224 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:33:26.0892 5224 SamSs - ok

19:33:26.0927 5224 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

19:33:26.0958 5224 sbp2port - ok

19:33:27.0003 5224 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

19:33:27.0063 5224 SCardSvr - ok

19:33:27.0095 5224 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

19:33:27.0150 5224 scfilter - ok

19:33:27.0238 5224 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

19:33:27.0324 5224 Schedule - ok

19:33:27.0357 5224 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

19:33:27.0407 5224 SCPolicySvc - ok

19:33:27.0460 5224 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

19:33:27.0493 5224 sdbus - ok

19:33:27.0522 5224 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

19:33:27.0595 5224 SDRSVC - ok

19:33:27.0639 5224 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

19:33:27.0696 5224 secdrv - ok

19:33:27.0705 5224 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

19:33:27.0760 5224 seclogon - ok

19:33:27.0796 5224 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

19:33:27.0838 5224 SENS - ok

19:33:27.0864 5224 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

19:33:27.0964 5224 SensrSvc - ok

19:33:28.0004 5224 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

19:33:28.0040 5224 Serenum - ok

19:33:28.0063 5224 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

19:33:28.0097 5224 Serial - ok

19:33:28.0120 5224 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

19:33:28.0146 5224 sermouse - ok

19:33:28.0193 5224 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

19:33:28.0247 5224 SessionEnv - ok

19:33:28.0260 5224 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

19:33:28.0333 5224 sffdisk - ok

19:33:28.0356 5224 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

19:33:28.0384 5224 sffp_mmc - ok

19:33:28.0402 5224 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

19:33:28.0427 5224 sffp_sd - ok

19:33:28.0463 5224 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

19:33:28.0494 5224 sfloppy - ok

19:33:28.0555 5224 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

19:33:28.0647 5224 ShellHWDetection - ok

19:33:28.0689 5224 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:33:28.0703 5224 SiSRaid2 - ok

19:33:28.0734 5224 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

19:33:28.0749 5224 SiSRaid4 - ok

19:33:28.0776 5224 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

19:33:28.0836 5224 Smb - ok

19:33:28.0890 5224 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

19:33:28.0921 5224 SNMPTRAP - ok

19:33:28.0930 5224 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

19:33:28.0942 5224 spldr - ok

19:33:29.0019 5224 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

19:33:29.0078 5224 Spooler - ok

19:33:29.0305 5224 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

19:33:29.0461 5224 sppsvc - ok

19:33:29.0780 5224 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

19:33:29.0859 5224 sppuinotify - ok

19:33:30.0022 5224 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

19:33:30.0104 5224 srv - ok

19:33:30.0153 5224 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

19:33:30.0206 5224 srv2 - ok

19:33:30.0261 5224 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

19:33:30.0313 5224 SrvHsfHDA - ok

19:33:30.0425 5224 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

19:33:30.0501 5224 SrvHsfV92 - ok

19:33:30.0957 5224 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

19:33:31.0017 5224 SrvHsfWinac - ok

19:33:31.0052 5224 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

19:33:31.0070 5224 srvnet - ok

19:33:31.0128 5224 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

19:33:31.0183 5224 SSDPSRV - ok

19:33:31.0201 5224 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

19:33:31.0248 5224 SstpSvc - ok

19:33:31.0461 5224 STacSV (7c49a5e1943afda4672d80726af3bae4) C:\Program Files\IDT\WDM\STacSV64.exe

19:33:31.0568 5224 STacSV - ok

19:33:31.0597 5224 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

19:33:31.0613 5224 stexstor - ok

19:33:31.0689 5224 STHDA (0aad250a31a7ee96e0945ab9e1f3baa7) C:\Windows\system32\DRIVERS\stwrt64.sys

19:33:31.0750 5224 STHDA - ok

19:33:31.0826 5224 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

19:33:31.0901 5224 stisvc - ok

19:33:31.0930 5224 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

19:33:31.0944 5224 swenum - ok

19:33:31.0999 5224 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

19:33:32.0088 5224 swprv - ok

19:33:32.0173 5224 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys

19:33:32.0231 5224 SynTP - ok

19:33:32.0397 5224 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

19:33:32.0504 5224 SysMain - ok

19:33:32.0807 5224 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

19:33:32.0871 5224 TabletInputService - ok

19:33:32.0923 5224 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

19:33:33.0016 5224 TapiSrv - ok

19:33:33.0048 5224 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

19:33:33.0104 5224 TBS - ok

19:33:33.0403 5224 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

19:33:33.0514 5224 Tcpip - ok

19:33:34.0272 5224 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

19:33:34.0331 5224 TCPIP6 - ok

19:33:34.0740 5224 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

19:33:34.0825 5224 tcpipreg - ok

19:33:34.0870 5224 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

19:33:34.0932 5224 TDPIPE - ok

19:33:34.0960 5224 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

19:33:34.0999 5224 TDTCP - ok

19:33:35.0080 5224 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

19:33:35.0161 5224 tdx - ok

19:33:35.0189 5224 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

19:33:35.0207 5224 TermDD - ok

19:33:35.0281 5224 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

19:33:35.0373 5224 TermService - ok

19:33:35.0401 5224 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

19:33:35.0448 5224 Themes - ok

19:33:35.0473 5224 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

19:33:35.0521 5224 THREADORDER - ok

19:33:35.0535 5224 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

19:33:35.0590 5224 TrkWks - ok

19:33:35.0665 5224 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

19:33:35.0761 5224 TrustedInstaller - ok

19:33:35.0798 5224 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:33:35.0856 5224 tssecsrv - ok

19:33:35.0897 5224 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

19:33:35.0965 5224 TsUsbFlt - ok

19:33:35.0994 5224 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

19:33:36.0065 5224 tunnel - ok

19:33:36.0101 5224 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

19:33:36.0133 5224 uagp35 - ok

19:33:36.0190 5224 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

19:33:36.0284 5224 udfs - ok

19:33:36.0318 5224 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

19:33:36.0350 5224 UI0Detect - ok

19:33:36.0373 5224 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

19:33:36.0386 5224 uliagpkx - ok

19:33:36.0423 5224 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

19:33:36.0461 5224 umbus - ok

19:33:36.0489 5224 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

19:33:36.0520 5224 UmPass - ok

19:33:36.0591 5224 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

19:33:36.0672 5224 upnphost - ok

19:33:36.0724 5224 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

19:33:36.0791 5224 USBAAPL64 - ok

19:33:36.0831 5224 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

19:33:36.0887 5224 usbccgp - ok

19:33:36.0933 5224 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

19:33:36.0959 5224 usbcir - ok

19:33:36.0981 5224 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

19:33:37.0017 5224 usbehci - ok

19:33:37.0056 5224 usbfilter (dc2b306861f42eeeb92ef525f4119f08) C:\Windows\system32\DRIVERS\usbfilter.sys

19:33:37.0080 5224 usbfilter - ok

19:33:37.0138 5224 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

19:33:37.0175 5224 usbhub - ok

19:33:37.0199 5224 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

19:33:37.0234 5224 usbohci - ok

19:33:37.0268 5224 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

19:33:37.0301 5224 usbprint - ok

19:33:37.0343 5224 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:33:37.0435 5224 USBSTOR - ok

19:33:37.0458 5224 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

19:33:37.0502 5224 usbuhci - ok

19:33:37.0552 5224 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

19:33:37.0602 5224 usbvideo - ok

19:33:37.0641 5224 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

19:33:37.0718 5224 UxSms - ok

19:33:37.0749 5224 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

19:33:37.0876 5224 VaultSvc - ok

19:33:37.0911 5224 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

19:33:37.0934 5224 vdrvroot - ok

19:33:38.0000 5224 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

19:33:38.0068 5224 vds - ok

19:33:38.0093 5224 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

19:33:38.0125 5224 vga - ok

19:33:38.0135 5224 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

19:33:38.0204 5224 VgaSave - ok

19:33:38.0228 5224 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

19:33:38.0253 5224 vhdmp - ok

19:33:38.0266 5224 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

19:33:38.0284 5224 viaide - ok

19:33:38.0310 5224 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

19:33:38.0324 5224 volmgr - ok

19:33:38.0377 5224 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

19:33:38.0422 5224 volmgrx - ok

19:33:38.0454 5224 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

19:33:38.0496 5224 volsnap - ok

19:33:38.0549 5224 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

19:33:38.0577 5224 vsmraid - ok

19:33:38.0703 5224 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

19:33:38.0827 5224 VSS - ok

19:33:39.0285 5224 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

19:33:39.0336 5224 vwifibus - ok

19:33:39.0373 5224 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

19:33:39.0418 5224 vwififlt - ok

19:33:39.0477 5224 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

19:33:39.0543 5224 W32Time - ok

19:33:39.0653 5224 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

19:33:39.0718 5224 WacomPen - ok

19:33:39.0923 5224 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

19:33:40.0020 5224 WANARP - ok

19:33:40.0036 5224 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

19:33:40.0082 5224 Wanarpv6 - ok

19:33:40.0235 5224 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

19:33:40.0339 5224 WatAdminSvc - ok

19:33:40.0553 5224 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

19:33:40.0670 5224 wbengine - ok

19:33:40.0992 5224 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

19:33:41.0057 5224 WbioSrvc - ok

19:33:41.0122 5224 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

19:33:41.0205 5224 wcncsvc - ok

19:33:41.0236 5224 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

19:33:41.0318 5224 WcsPlugInService - ok

19:33:41.0451 5224 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

19:33:41.0480 5224 Wd - ok

19:33:41.0552 5224 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

19:33:41.0601 5224 Wdf01000 - ok

19:33:41.0643 5224 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

19:33:41.0751 5224 WdiServiceHost - ok

19:33:41.0759 5224 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

19:33:41.0785 5224 WdiSystemHost - ok

19:33:41.0836 5224 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

19:33:41.0918 5224 WebClient - ok

19:33:41.0972 5224 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

19:33:42.0081 5224 Wecsvc - ok

19:33:42.0105 5224 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

19:33:42.0173 5224 wercplsupport - ok

19:33:42.0202 5224 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

19:33:42.0260 5224 WerSvc - ok

19:33:42.0389 5224 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

19:33:42.0471 5224 WfpLwf - ok

19:33:42.0488 5224 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

19:33:42.0503 5224 WIMMount - ok

19:33:42.0513 5224 WinHttpAutoProxySvc - ok

19:33:42.0654 5224 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

19:33:42.0763 5224 Winmgmt - ok

19:33:42.0914 5224 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

19:33:43.0068 5224 WinRM - ok

19:33:43.0542 5224 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

19:33:43.0580 5224 WinUsb - ok

19:33:43.0677 5224 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

19:33:43.0761 5224 Wlansvc - ok

19:33:43.0848 5224 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

19:33:43.0875 5224 wlcrasvc - ok

19:33:44.0372 5224 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

19:33:44.0435 5224 wlidsvc - ok

19:33:44.0838 5224 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

19:33:44.0889 5224 WmiAcpi - ok

19:33:45.0034 5224 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

19:33:45.0100 5224 wmiApSrv - ok

19:33:45.0183 5224 WMPNetworkSvc - ok

19:33:45.0224 5224 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

19:33:45.0298 5224 WPCSvc - ok

19:33:45.0334 5224 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

19:33:45.0452 5224 WPDBusEnum - ok

19:33:45.0487 5224 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

19:33:45.0542 5224 ws2ifsl - ok

19:33:45.0548 5224 WSearch - ok

19:33:45.0602 5224 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

19:33:45.0665 5224 WudfPf - ok

19:33:45.0716 5224 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:33:45.0793 5224 WUDFRd - ok

19:33:45.0814 5224 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

19:33:45.0867 5224 wudfsvc - ok

19:33:45.0912 5224 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

19:33:45.0982 5224 WwanSvc - ok

19:33:46.0048 5224 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

19:33:46.0103 5224 yukonw7 - ok

19:33:46.0166 5224 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

19:33:48.0543 5224 \Device\Harddisk0\DR0 - ok

19:33:48.0558 5224 Boot (0x1200) (0d81582e7f348d66720fedee8e90ae75) \Device\Harddisk0\DR0\Partition0

19:33:48.0562 5224 \Device\Harddisk0\DR0\Partition0 - ok

19:33:48.0578 5224 Boot (0x1200) (03c9480d26905fb8c1d77336e0f6ee53) \Device\Harddisk0\DR0\Partition1

19:33:48.0582 5224 \Device\Harddisk0\DR0\Partition1 - ok

19:33:48.0619 5224 Boot (0x1200) (e3446067584a7bd15d23db3dde3d4a1d) \Device\Harddisk0\DR0\Partition2

19:33:48.0623 5224 \Device\Harddisk0\DR0\Partition2 - ok

19:33:48.0649 5224 Boot (0x1200) (813f7d9d56cd8a828404d7a1816b61f1) \Device\Harddisk0\DR0\Partition3

19:33:48.0652 5224 \Device\Harddisk0\DR0\Partition3 - ok

19:33:48.0653 5224 ============================================================

19:33:48.0653 5224 Scan finished

19:33:48.0653 5224 ============================================================

19:33:48.0681 4528 Detected object count: 0

19:33:48.0681 4528 Actual detected object count: 0

[MrCharlie]

Welcome to the forum, please don't run any other tools unless I instruct you to.....

.....please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs.....DDS.txt and Attach.txt

<====><====><====><====><====><====><====><====>

Next.......

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

[OzoGirl]

Ok, here are the attachments and I downloaded RogueKiller. Thank you in advance for your help!

DDS.txt

Attach.txt

[OzoGirl]

RogueKiller report...

RKreport1.txt

[MrCharlie]

Your computer is infected with a nasty rootkit. Please read the following information first.

You're infected with Rootkit.ZeroAccess, a BackDoor Trojan.

BACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

http://www.dslreports.com/faq/10451

When Should I Format, How Should I Reinstall

http://www.dslreports.com/faq/10063

I will try my best to clean this machine but I can't guarantee that it will be 100% secure afterwards.

Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

-----------------------------------------

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

How to tell > 32 or 64 bit

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
  
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  
• Use the arrow keys to select the Repair your computer menu item.
  
• Select US as the keyboard language settings, and then click Next.
  
• Select the operating system you want to repair, and then click Next.
  
• Select your user account an click Next.
  

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
  
• Restart your computer.
  
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  
• Click Repair your computer.
  
• Select US as the keyboard language settings, and then click Next.
  
• Select the operating system you want to repair, and then click Next.
  
• Select your user account and click Next.
  

On the System Recovery Options menu you will get the following options:

• 
  
  • 
    Startup Repair
    System Restore
    Windows Complete PC Restore
    Windows Memory Diagnostic Tool
    Command Prompt
    

  [*]Select Command Prompt

  [*]In the command window type in notepad and press Enter.

  [*]The notepad opens. Under File menu select Open.

  [*]Select "Computer" and find your flash drive letter and close the notepad.

  [*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

  Note: Replace letter e with the drive letter of your flash drive.

  [*]The tool will start to run.

  [*]When the tool opens click Yes to disclaimer.

  [*]Press Scan button.

  [*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

MrC

[OzoGirl]

I guess I'm doing something wrong because when I restart my computer I get stuck on the "hp" screen that has "press ESC key for Startup Menu" in the corner. I try F8 and nothing happens. I push ESC and nothing happens.

[MrCharlie]

Try holding down the control key while it boots, MrC

[OzoGirl]

It still doesn't work...

[MrCharlie]

OK, just download the tool to your desktop and right click on it choose run as administrator.

It should run and give us some sort of log, you need the 64bit version.

Post the log when done, it should be on your desktop.

MrC

[OzoGirl]

Thanks... The log is attached

FRST.txt

[MrCharlie]

OK, please run this scan...........should clear most of the malware out!

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[OzoGirl]

combofix results attached..

combofix.txt

[MrCharlie]

Rescan the system with RogueKiller and post the new log please, MrC

[OzoGirl]

RK report attached

RKreport2.txt

[MrCharlie]

Run RogueKiller again and click Scan, when the scan completes

Click the Files tab and put a check next to these and uncheck the rest

Now click Delete under Options on the right hand column.

Reboot and rescan with RogueKiller > post the new log, MrC

¤¤¤ Particular Files / Folders: ¤¤¤

[ZeroAccess][FOLDER] U : c:\windows\installer\{0897f896-86fd-6c5d-3f02-05be245cec4c}\U --> FOUND

[ZeroAccess][FOLDER] L : c:\windows\installer\{0897f896-86fd-6c5d-3f02-05be245cec4c}\L --> FOUND

[ZeroAccess][FILE] @ : c:\users\test\appdata\local\{0897f896-86fd-6c5d-3f02-05be245cec4c}\@ --> FOUND

[ZeroAccess][FOLDER] U : c:\users\test\appdata\local\{0897f896-86fd-6c5d-3f02-05be245cec4c}\U --> FOUND

[ZeroAccess][FOLDER] L : c:\users\test\appdata\local\{0897f896-86fd-6c5d-3f02-05be245cec4c}\L --> FOUND

[OzoGirl]

attached!

RKreport4.txt

RKreport5.txt

[MrCharlie]

Next.................

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

[OzoGirl]

Ok! See attached

TDSSKiller.2.7.46.0_17.07.2012_15.07.48_log.txt

[MrCharlie]

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

[OzoGirl]

Malwarebytes Anti-Malware (PRO) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.07.17.13

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

test :: PESTERINO [administrator]

Protection: Enabled

7/17/2012 3:45:01 PM

mbam-log-2012-07-17 (15-45-01).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 259762

Time elapsed: 3 minute(s), 54 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

It's running really well! Windows Update is back and I'm not getting anymore "host problem" errors!

[MrCharlie]

Great

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Please download OTL from one of the links below: (you may already have OTL on the system)

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, etc....

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

[OzoGirl]

Question... I tried to install new updates in Windows Update and I get an error: Code 80246008. Does that have anything to do with this? Thanks

[MrCharlie]

Maybe...............

Please remove any usb or external drives from the computer before you run these scan!

Please download Farbar Service Scanner and run it on the computer with the issue.

• Make sure the following options are checked:
  
  • Internet Services
    
  • Windows Firewall
    
  • System Restore
    
  • Security Center
    
  • Windows Update
    

  [*]Press "Scan".

  [*]It will create a log (FSS.txt) in the same directory the tool is run.

  [*]Please copy and paste the log to your reply.

MrC

[OzoGirl]

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

BITS Service is not running. Checking service configuration:

Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.

The ImagePath of BITS service is OK.

The ServiceDll of BITS service is OK.

Windows Autoupdate Disabled Policy:

============================

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

[MrCharlie]

That doesn't look like the whole log, can you try again. MrC