Jump to content

I think I am infected with a Trojan in a svchost.exe process and file


Recommended Posts

Hi, after a Malwarebytes scan it said I had a trojan in both a svchost.exe memory process and file. I attempted to remove and after rebooting my computer as Malwarebytes instructed the trojans remain. I was able to locate the file in Computer-->Local Disk C:/-->windows-->svchost. In properties for that file it says the description is winrscmde. It also looks weird because it was created 8/16/12, modified 7/13/09 and accessed 8/16/12. In Task Manager I was able to locate the svchost.exe*32 with the same description and same properties. It is using a TON more memory than all other svchost.exe processes, currently over 500,000 K but have seen as high as 900,000 K. I did try to end the memory process and then delete the file, but they both restart within seconds. I am not all that computer savvy so don't want to cause more harm pressing buttons. Any help or guidance would be greatly appreciated.

Link to post
Share on other sites

Hello msfirehead and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Please follow the instructions here:

http://forums.malwarebytes.org/index.php?showtopic=9573

Post the log files in your next reply.

Link to post
Share on other sites

Hi Maniac,

I attempted to use both dds.scr and dds.com and both times the DOS window opened for a few seconds and then I got the blue screen of death. I couldn't find anywhere in either Malwarebytes or Webroot to turn off script blocking, but I may have missed something.

I am not sure how to proceed at ths point......frustrating.

Link to post
Share on other sites

Okay, do the following:

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Link to post
Share on other sites

Ok here is the log file from Malwarebytes

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.18.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

My Hp :: MYHP-PC [administrator]

8/18/2012 11:58:16 AM

mbam-log-2012-08-18 (11-58-16).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 237820

Time elapsed: 12 minute(s), 23 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 6128 -> Delete on reboot.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

Link to post
Share on other sites

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Link to post
Share on other sites

Here is the log:

09:49:45.0024 8440 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

09:49:45.0354 8440 ============================================================

09:49:45.0354 8440 Current date / time: 2012/08/19 09:49:45.0354

09:49:45.0354 8440 SystemInfo:

09:49:45.0354 8440

09:49:45.0354 8440 OS Version: 6.1.7601 ServicePack: 1.0

09:49:45.0354 8440 Product type: Workstation

09:49:45.0354 8440 ComputerName: MYHP-PC

09:49:45.0354 8440 UserName: My Hp

09:49:45.0354 8440 Windows directory: C:\Windows

09:49:45.0354 8440 System windows directory: C:\Windows

09:49:45.0354 8440 Running under WOW64

09:49:45.0354 8440 Processor architecture: Intel x64

09:49:45.0354 8440 Number of processors: 2

09:49:45.0354 8440 Page size: 0x1000

09:49:45.0354 8440 Boot type: Normal boot

09:49:45.0354 8440 ============================================================

09:49:46.0994 8440 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:49:47.0000 8440 ============================================================

09:49:47.0000 8440 \Device\Harddisk0\DR0:

09:49:47.0000 8440 MBR partitions:

09:49:47.0000 8440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

09:49:47.0000 8440 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38444000

09:49:47.0000 8440 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x384A8000, BlocksNum 0x1EAA000

09:49:47.0000 8440 ============================================================

09:49:47.0022 8440 C: <-> \Device\Harddisk0\DR0\Partition2

09:49:47.0069 8440 D: <-> \Device\Harddisk0\DR0\Partition3

09:49:47.0069 8440 ============================================================

09:49:47.0069 8440 Initialize success

09:49:47.0069 8440 ============================================================

09:50:47.0719 6244 ============================================================

09:50:47.0720 6244 Scan started

09:50:47.0720 6244 Mode: Manual; SigCheck; TDLFS;

09:50:47.0720 6244 ============================================================

09:50:49.0603 6244 ================ Scan services =============================

09:50:49.0752 6244 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

09:50:49.0855 6244 1394ohci - ok

09:50:49.0887 6244 [ 1cffe9c06e66a57dae1452e449a58240 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys

09:50:49.0906 6244 Accelerometer - ok

09:50:49.0952 6244 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

09:50:49.0973 6244 ACPI - ok

09:50:50.0017 6244 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

09:50:50.0109 6244 AcpiPmi - ok

09:50:50.0417 6244 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

09:50:50.0437 6244 AdobeFlashPlayerUpdateSvc - ok

09:50:50.0505 6244 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

09:50:50.0528 6244 adp94xx - ok

09:50:50.0552 6244 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

09:50:50.0573 6244 adpahci - ok

09:50:50.0587 6244 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

09:50:50.0604 6244 adpu320 - ok

09:50:50.0628 6244 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

09:50:50.0829 6244 AeLookupSvc - ok

09:50:50.0905 6244 [ a6fb9db8f1a86861d955fd6975977ae0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe

09:50:50.0994 6244 AESTFilters - ok

09:50:51.0055 6244 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys

09:50:51.0131 6244 AFD - ok

09:50:51.0201 6244 [ b65f8dba54f251906bbe8611b5a0e7ab ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe

09:50:51.0246 6244 AgereModemAudio - ok

09:50:51.0278 6244 [ af4748ef93416159459769a24a0053af ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys

09:50:51.0332 6244 AgereSoftModem - ok

09:50:51.0363 6244 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

09:50:51.0377 6244 agp440 - ok

09:50:51.0407 6244 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe

09:50:51.0499 6244 ALG - ok

09:50:51.0519 6244 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys

09:50:51.0533 6244 aliide - ok

09:50:51.0565 6244 [ d0d8877969011d1b0ed9c3c55a9a9108 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

09:50:51.0584 6244 AMD External Events Utility - ok

09:50:51.0598 6244 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys

09:50:51.0612 6244 amdide - ok

09:50:51.0642 6244 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

09:50:51.0696 6244 AmdK8 - ok

09:50:51.0717 6244 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

09:50:51.0748 6244 AmdPPM - ok

09:50:51.0795 6244 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

09:50:51.0819 6244 amdsata - ok

09:50:51.0857 6244 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

09:50:51.0876 6244 amdsbs - ok

09:50:51.0888 6244 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

09:50:51.0906 6244 amdxata - ok

09:50:51.0943 6244 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys

09:50:52.0112 6244 AppID - ok

09:50:52.0141 6244 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

09:50:52.0205 6244 AppIDSvc - ok

09:50:52.0248 6244 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll

09:50:52.0289 6244 Appinfo - ok

09:50:52.0406 6244 [ f401929ee0cc92bfe7f15161ca535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

09:50:52.0440 6244 Apple Mobile Device - ok

09:50:52.0483 6244 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys

09:50:52.0499 6244 arc - ok

09:50:52.0508 6244 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

09:50:52.0522 6244 arcsas - ok

09:50:52.0545 6244 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

09:50:52.0598 6244 AsyncMac - ok

09:50:52.0632 6244 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys

09:50:52.0644 6244 atapi - ok

09:50:52.0702 6244 [ 38562a6a9cb10844759eaf2b01a7fcd3 ] athr C:\Windows\system32\DRIVERS\athrx.sys

09:50:52.0767 6244 athr - ok

09:50:52.0792 6244 [ 38467ff83c2b4265d51f418812a91e3c ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

09:50:52.0805 6244 AtiHdmiService - ok

09:50:52.0982 6244 [ c5758bf1dfd762a5b17041ff061b7750 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

09:50:53.0162 6244 atikmdag - ok

09:50:53.0214 6244 [ 7c5d273e29dcc5505469b299c6f29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys

09:50:53.0226 6244 AtiPcie - ok

09:50:53.0295 6244 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

09:50:53.0357 6244 AudioEndpointBuilder - ok

09:50:53.0378 6244 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

09:50:53.0418 6244 AudioSrv - ok

09:50:53.0459 6244 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll

09:50:53.0532 6244 AxInstSV - ok

09:50:53.0567 6244 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

09:50:53.0619 6244 b06bdrv - ok

09:50:53.0670 6244 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

09:50:53.0718 6244 b57nd60a - ok

09:50:53.0837 6244 [ 825f81a6f7dd073509db101f0ba6dc59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

09:50:53.0857 6244 BBSvc - ok

09:50:53.0891 6244 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll

09:50:53.0929 6244 BDESVC - ok

09:50:53.0945 6244 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

09:50:53.0993 6244 Beep - ok

09:50:54.0053 6244 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll

09:50:54.0130 6244 BFE - ok

09:50:54.0189 6244 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll

09:50:54.0261 6244 BITS - ok

09:50:54.0286 6244 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

09:50:54.0310 6244 blbdrive - ok

09:50:54.0385 6244 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

09:50:54.0411 6244 Bonjour Service - ok

09:50:54.0437 6244 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

09:50:54.0462 6244 bowser - ok

09:50:54.0480 6244 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:50:54.0553 6244 BrFiltLo - ok

09:50:54.0576 6244 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:50:54.0593 6244 BrFiltUp - ok

09:50:54.0629 6244 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll

09:50:54.0671 6244 Browser - ok

09:50:54.0706 6244 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys

09:50:54.0754 6244 Brserid - ok

09:50:54.0762 6244 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

09:50:54.0788 6244 BrSerWdm - ok

09:50:54.0793 6244 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

09:50:54.0810 6244 BrUsbMdm - ok

09:50:54.0816 6244 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

09:50:54.0830 6244 BrUsbSer - ok

09:50:54.0853 6244 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

09:50:54.0882 6244 BTHMODEM - ok

09:50:54.0915 6244 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll

09:50:54.0981 6244 bthserv - ok

09:50:55.0021 6244 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

09:50:55.0071 6244 cdfs - ok

09:50:55.0121 6244 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

09:50:55.0156 6244 cdrom - ok

09:50:55.0202 6244 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll

09:50:55.0270 6244 CertPropSvc - ok

09:50:55.0301 6244 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys

09:50:55.0338 6244 circlass - ok

09:50:55.0365 6244 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys

09:50:55.0390 6244 CLFS - ok

09:50:55.0460 6244 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:50:55.0475 6244 clr_optimization_v2.0.50727_32 - ok

09:50:55.0523 6244 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:50:55.0537 6244 clr_optimization_v2.0.50727_64 - ok

09:50:55.0618 6244 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:50:55.0633 6244 clr_optimization_v4.0.30319_32 - ok

09:50:55.0713 6244 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:50:55.0729 6244 clr_optimization_v4.0.30319_64 - ok

09:50:55.0755 6244 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

09:50:55.0773 6244 CmBatt - ok

09:50:55.0795 6244 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys

09:50:55.0809 6244 cmdide - ok

09:50:55.0882 6244 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys

09:50:55.0949 6244 CNG - ok

09:50:56.0021 6244 [ f9a79c5b27037821112c50a9c8fb367a ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

09:50:56.0037 6244 Com4QLBEx - ok

09:50:56.0066 6244 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

09:50:56.0082 6244 Compbatt - ok

09:50:56.0121 6244 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

09:50:56.0154 6244 CompositeBus - ok

09:50:56.0167 6244 COMSysApp - ok

09:50:56.0188 6244 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

09:50:56.0201 6244 crcdisk - ok

09:50:56.0240 6244 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

09:50:56.0283 6244 CryptSvc - ok

09:50:56.0330 6244 [ ba8e5b2291c01ef71ca80e25f0c79d55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys

09:50:56.0343 6244 ctxusbm - ok

09:50:56.0379 6244 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll

09:50:56.0433 6244 DcomLaunch - ok

09:50:56.0465 6244 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll

09:50:56.0521 6244 defragsvc - ok

09:50:56.0548 6244 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

09:50:56.0600 6244 DfsC - ok

09:50:56.0621 6244 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll

09:50:56.0683 6244 Dhcp - ok

09:50:56.0705 6244 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys

09:50:56.0764 6244 discache - ok

09:50:56.0802 6244 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys

09:50:56.0817 6244 Disk - ok

09:50:56.0854 6244 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

09:50:56.0914 6244 Dnscache - ok

09:50:56.0956 6244 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll

09:50:57.0004 6244 dot3svc - ok

09:50:57.0057 6244 [ b42ed0320c6e41102fde0005154849bb ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

09:50:57.0083 6244 Dot4 - ok

09:50:57.0116 6244 [ e9f5969233c5d89f3c35e3a66a52a361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

09:50:57.0150 6244 Dot4Print - ok

09:50:57.0172 6244 [ fd05a02b0370bc3000f402e543ca5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

09:50:57.0196 6244 dot4usb - ok

09:50:57.0214 6244 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll

09:50:57.0273 6244 DPS - ok

09:50:57.0305 6244 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

09:50:57.0333 6244 drmkaud - ok

09:50:57.0389 6244 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

09:50:57.0423 6244 DXGKrnl - ok

09:50:57.0448 6244 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll

09:50:57.0501 6244 EapHost - ok

09:50:57.0599 6244 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

09:50:57.0719 6244 ebdrv - ok

09:50:57.0763 6244 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe

09:50:57.0821 6244 EFS - ok

09:50:57.0879 6244 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

09:50:57.0922 6244 ehRecvr - ok

09:50:57.0947 6244 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe

09:50:57.0984 6244 ehSched - ok

09:50:58.0015 6244 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

09:50:58.0039 6244 elxstor - ok

09:50:58.0065 6244 [ 524c79054636d2e5751169005006460b ] enecir C:\Windows\system32\DRIVERS\enecir.sys

09:50:58.0097 6244 enecir - ok

09:50:58.0122 6244 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys

09:50:58.0145 6244 ErrDev - ok

09:50:58.0191 6244 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll

09:50:58.0247 6244 EventSystem - ok

09:50:58.0269 6244 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys

09:50:58.0313 6244 exfat - ok

09:50:58.0335 6244 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys

09:50:58.0388 6244 fastfat - ok

09:50:58.0443 6244 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe

09:50:58.0524 6244 Fax - ok

09:50:58.0550 6244 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys

09:50:58.0580 6244 fdc - ok

09:50:58.0599 6244 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll

09:50:58.0658 6244 fdPHost - ok

09:50:58.0692 6244 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

09:50:58.0752 6244 FDResPub - ok

09:50:58.0805 6244 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

09:50:58.0821 6244 FileInfo - ok

09:50:58.0837 6244 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

09:50:58.0896 6244 Filetrace - ok

09:50:58.0917 6244 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

09:50:58.0944 6244 flpydisk - ok

09:50:58.0984 6244 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

09:50:59.0028 6244 FltMgr - ok

09:50:59.0103 6244 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll

09:50:59.0210 6244 FontCache - ok

09:50:59.0275 6244 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:50:59.0288 6244 FontCache3.0.0.0 - ok

09:50:59.0314 6244 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

09:50:59.0331 6244 FsDepends - ok

09:50:59.0393 6244 [ 07da62c960ddccc2d35836aeab4fc578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

09:50:59.0415 6244 fssfltr - ok

09:50:59.0502 6244 [ 28ddeeec44e988657b732cf404d504cb ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

09:50:59.0563 6244 fsssvc - ok

09:50:59.0603 6244 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

09:50:59.0627 6244 Fs_Rec - ok

09:50:59.0696 6244 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

09:50:59.0727 6244 fvevol - ok

09:50:59.0760 6244 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

09:50:59.0796 6244 gagp30kx - ok

09:50:59.0869 6244 [ c403c5db49a0f9aaf4f2128edc0106d8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

09:50:59.0888 6244 GamesAppService - ok

09:50:59.0929 6244 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

09:50:59.0941 6244 GEARAspiWDM - ok

09:51:00.0002 6244 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll

09:51:00.0114 6244 gpsvc - ok

09:51:00.0155 6244 GSRestartSvc - ok

09:51:00.0175 6244 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

09:51:00.0211 6244 hcw85cir - ok

09:51:00.0259 6244 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

09:51:00.0286 6244 HdAudAddService - ok

09:51:00.0332 6244 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

09:51:00.0396 6244 HDAudBus - ok

09:51:00.0431 6244 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

09:51:00.0547 6244 HidBatt - ok

09:51:00.0569 6244 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

09:51:00.0618 6244 HidBth - ok

09:51:00.0686 6244 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

09:51:00.0714 6244 HidIr - ok

09:51:00.0745 6244 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll

09:51:00.0800 6244 hidserv - ok

09:51:00.0848 6244 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

09:51:00.0862 6244 HidUsb - ok

09:51:00.0892 6244 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll

09:51:00.0947 6244 hkmsvc - ok

09:51:00.0978 6244 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll

09:51:01.0020 6244 HomeGroupListener - ok

09:51:01.0055 6244 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

09:51:01.0085 6244 HomeGroupProvider - ok

09:51:01.0136 6244 [ c84bcc03858daeac4db1e95efcce1934 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

09:51:01.0151 6244 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

09:51:01.0151 6244 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

09:51:01.0182 6244 [ 05712fddbd45a5864eb326faabc6a4e3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys

09:51:01.0194 6244 hpdskflt - ok

09:51:01.0288 6244 [ 5da42d24712e00728cea2342a65009b2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

09:51:01.0307 6244 hpqcxs08 - ok

09:51:01.0325 6244 [ d86a39bf100069444d026d22d9a6e555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

09:51:01.0338 6244 hpqddsvc - ok

09:51:01.0367 6244 [ 9af482d058be59cc28bce52e7c4b747c ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

09:51:01.0404 6244 HpqKbFiltr - ok

09:51:01.0463 6244 [ fdf273a845f1ffcceadf363aaf47582f ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

09:51:01.0480 6244 hpqwmiex - ok

09:51:01.0512 6244 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

09:51:01.0526 6244 HpSAMD - ok

09:51:01.0583 6244 [ f37882f128efacefe353e0bae2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

09:51:01.0631 6244 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning

09:51:01.0631 6244 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)

09:51:01.0661 6244 [ aa036cc5f5221d9b915f4d4dce74ba9a ] hpsrv C:\Windows\system32\Hpservice.exe

09:51:01.0674 6244 hpsrv - ok

09:51:01.0714 6244 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

09:51:01.0772 6244 HTTP - ok

09:51:01.0799 6244 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

09:51:01.0811 6244 hwpolicy - ok

09:51:01.0861 6244 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

09:51:01.0879 6244 i8042prt - ok

09:51:01.0909 6244 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

09:51:01.0932 6244 iaStorV - ok

09:51:01.0974 6244 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:51:02.0012 6244 idsvc - ok

09:51:02.0151 6244 [ a87261ef1546325b559374f5689cf5bc ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

09:51:02.0305 6244 igfx - ok

09:51:02.0336 6244 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

09:51:02.0351 6244 iirsp - ok

09:51:02.0390 6244 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll

09:51:02.0454 6244 IKEEXT - ok

09:51:02.0469 6244 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys

09:51:02.0483 6244 intelide - ok

09:51:02.0525 6244 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

09:51:02.0548 6244 intelppm - ok

09:51:02.0577 6244 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll

09:51:02.0627 6244 IPBusEnum - ok

09:51:02.0655 6244 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:51:02.0707 6244 IpFilterDriver - ok

09:51:02.0741 6244 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

09:51:02.0801 6244 iphlpsvc - ok

09:51:02.0835 6244 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

09:51:02.0852 6244 IPMIDRV - ok

09:51:02.0877 6244 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

09:51:02.0918 6244 IPNAT - ok

09:51:03.0010 6244 [ a9ab99ee7d39725eafec82732d2b3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

09:51:03.0050 6244 iPod Service - ok

09:51:03.0073 6244 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

09:51:03.0139 6244 IRENUM - ok

09:51:03.0158 6244 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

09:51:03.0172 6244 isapnp - ok

09:51:03.0207 6244 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

09:51:03.0227 6244 iScsiPrt - ok

09:51:03.0261 6244 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

09:51:03.0276 6244 kbdclass - ok

09:51:03.0307 6244 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

09:51:03.0334 6244 kbdhid - ok

09:51:03.0349 6244 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe

09:51:03.0363 6244 KeyIso - ok

09:51:03.0389 6244 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

09:51:03.0404 6244 KSecDD - ok

09:51:03.0433 6244 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

09:51:03.0449 6244 KSecPkg - ok

09:51:03.0466 6244 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

09:51:03.0508 6244 ksthunk - ok

09:51:03.0541 6244 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll

09:51:03.0597 6244 KtmRm - ok

09:51:03.0636 6244 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll

09:51:03.0702 6244 LanmanServer - ok

09:51:03.0742 6244 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

09:51:03.0792 6244 LanmanWorkstation - ok

09:51:03.0850 6244 [ ed7ec050cd6c20e1a93a4dafb7efd14d ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys

09:51:03.0864 6244 LEqdUsb - ok

09:51:03.0889 6244 [ 3267bc698e29474a8381e68904eb0390 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys

09:51:03.0902 6244 LHidEqd - ok

09:51:03.0929 6244 [ 241f2648adf090e2a10095bd6d6f5dcb ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys

09:51:03.0942 6244 LHidFilt - ok

09:51:03.0985 6244 [ 83d8be94e1cbcbe2ea8372db1a95a159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

09:51:04.0000 6244 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

09:51:04.0000 6244 LightScribeService - detected UnsignedFile.Multi.Generic (1)

09:51:04.0031 6244 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

09:51:04.0068 6244 lltdio - ok

09:51:04.0107 6244 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll

09:51:04.0166 6244 lltdsvc - ok

09:51:04.0189 6244 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll

09:51:04.0225 6244 lmhosts - ok

09:51:04.0239 6244 [ 342ed5a4b3326014438f36d22d803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys

09:51:04.0253 6244 LMouFilt - ok

09:51:04.0285 6244 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

09:51:04.0300 6244 LSI_FC - ok

09:51:04.0323 6244 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

09:51:04.0339 6244 LSI_SAS - ok

09:51:04.0350 6244 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:51:04.0365 6244 LSI_SAS2 - ok

09:51:04.0391 6244 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:51:04.0407 6244 LSI_SCSI - ok

09:51:04.0430 6244 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys

09:51:04.0476 6244 luafv - ok

09:51:04.0510 6244 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

09:51:04.0538 6244 Mcx2Svc - ok

09:51:04.0554 6244 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

09:51:04.0568 6244 megasas - ok

09:51:04.0590 6244 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

09:51:04.0609 6244 MegaSR - ok

09:51:04.0635 6244 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll

09:51:04.0686 6244 MMCSS - ok

09:51:04.0701 6244 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys

09:51:04.0745 6244 Modem - ok

09:51:04.0765 6244 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys

09:51:04.0793 6244 monitor - ok

09:51:04.0830 6244 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

09:51:04.0844 6244 mouclass - ok

09:51:04.0857 6244 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

09:51:04.0872 6244 mouhid - ok

09:51:04.0901 6244 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

09:51:04.0916 6244 mountmgr - ok

09:51:04.0950 6244 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys

09:51:04.0966 6244 mpio - ok

09:51:04.0975 6244 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

09:51:05.0012 6244 mpsdrv - ok

09:51:05.0057 6244 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll

09:51:05.0127 6244 MpsSvc - ok

09:51:05.0158 6244 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

09:51:05.0191 6244 MRxDAV - ok

09:51:05.0219 6244 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

09:51:05.0245 6244 mrxsmb - ok

09:51:05.0282 6244 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:51:05.0315 6244 mrxsmb10 - ok

09:51:05.0337 6244 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:51:05.0352 6244 mrxsmb20 - ok

09:51:05.0386 6244 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys

09:51:05.0400 6244 msahci - ok

09:51:05.0439 6244 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

09:51:05.0472 6244 msdsm - ok

09:51:05.0497 6244 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe

09:51:05.0525 6244 MSDTC - ok

09:51:05.0563 6244 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

09:51:05.0601 6244 Msfs - ok

09:51:05.0623 6244 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

09:51:05.0682 6244 mshidkmdf - ok

09:51:05.0688 6244 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

09:51:05.0701 6244 msisadrv - ok

09:51:05.0736 6244 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

09:51:05.0802 6244 MSiSCSI - ok

09:51:05.0807 6244 msiserver - ok

09:51:05.0830 6244 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

09:51:05.0875 6244 MSKSSRV - ok

09:51:05.0892 6244 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

09:51:05.0928 6244 MSPCLOCK - ok

09:51:05.0942 6244 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

09:51:05.0986 6244 MSPQM - ok

09:51:06.0021 6244 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

09:51:06.0041 6244 MsRPC - ok

09:51:06.0058 6244 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

09:51:06.0073 6244 mssmbios - ok

09:51:06.0089 6244 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

09:51:06.0133 6244 MSTEE - ok

09:51:06.0164 6244 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

09:51:06.0180 6244 MTConfig - ok

09:51:06.0198 6244 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys

09:51:06.0213 6244 Mup - ok

09:51:06.0246 6244 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll

09:51:06.0305 6244 napagent - ok

09:51:06.0333 6244 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

09:51:06.0370 6244 NativeWifiP - ok

09:51:06.0400 6244 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys

09:51:06.0440 6244 NDIS - ok

09:51:06.0468 6244 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

09:51:06.0505 6244 NdisCap - ok

09:51:06.0526 6244 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

09:51:06.0562 6244 NdisTapi - ok

09:51:06.0595 6244 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

09:51:06.0644 6244 Ndisuio - ok

09:51:06.0676 6244 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

09:51:06.0719 6244 NdisWan - ok

09:51:06.0750 6244 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

09:51:06.0786 6244 NDProxy - ok

09:51:06.0837 6244 [ d4f51e88c71bf8f06ea1be320b0bb75b ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

09:51:06.0856 6244 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

09:51:06.0856 6244 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

09:51:06.0875 6244 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

09:51:06.0930 6244 NetBIOS - ok

09:51:06.0969 6244 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

09:51:07.0009 6244 NetBT - ok

09:51:07.0020 6244 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe

09:51:07.0034 6244 Netlogon - ok

09:51:07.0067 6244 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll

09:51:07.0120 6244 Netman - ok

09:51:07.0144 6244 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll

09:51:07.0188 6244 netprofm - ok

09:51:07.0207 6244 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:51:07.0220 6244 NetTcpPortSharing - ok

09:51:07.0330 6244 [ 64428dfdaf6e88366cb51f45a79c5f69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys

09:51:07.0467 6244 netw5v64 - ok

09:51:07.0483 6244 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

09:51:07.0505 6244 nfrd960 - ok

09:51:07.0528 6244 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

09:51:07.0582 6244 NlaSvc - ok

09:51:07.0605 6244 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

09:51:07.0643 6244 Npfs - ok

09:51:07.0707 6244 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll

09:51:07.0746 6244 nsi - ok

09:51:07.0792 6244 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

09:51:07.0836 6244 nsiproxy - ok

09:51:07.0908 6244 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

09:51:07.0987 6244 Ntfs - ok

09:51:08.0029 6244 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys

09:51:08.0064 6244 Null - ok

09:51:08.0095 6244 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys

09:51:08.0112 6244 nvraid - ok

09:51:08.0141 6244 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys

09:51:08.0158 6244 nvstor - ok

09:51:08.0182 6244 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

09:51:08.0199 6244 nv_agp - ok

09:51:08.0276 6244 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

09:51:08.0321 6244 odserv - ok

09:51:08.0362 6244 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

09:51:08.0378 6244 ohci1394 - ok

09:51:08.0421 6244 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:51:08.0436 6244 ose - ok

09:51:08.0462 6244 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

09:51:08.0509 6244 p2pimsvc - ok

09:51:08.0527 6244 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll

09:51:08.0549 6244 p2psvc - ok

09:51:08.0569 6244 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

09:51:08.0585 6244 Parport - ok

09:51:08.0610 6244 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys

09:51:08.0624 6244 partmgr - ok

09:51:08.0636 6244 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

09:51:08.0670 6244 PcaSvc - ok

09:51:08.0688 6244 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys

09:51:08.0704 6244 pci - ok

09:51:08.0737 6244 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys

09:51:08.0751 6244 pciide - ok

09:51:08.0777 6244 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

09:51:08.0794 6244 pcmcia - ok

09:51:08.0811 6244 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys

09:51:08.0825 6244 pcw - ok

09:51:08.0843 6244 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys

09:51:08.0900 6244 PEAUTH - ok

09:51:08.0966 6244 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe

09:51:08.0989 6244 PerfHost - ok

09:51:09.0039 6244 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll

09:51:09.0109 6244 pla - ok

09:51:09.0147 6244 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

09:51:09.0185 6244 PlugPlay - ok

09:51:09.0251 6244 [ 9a80707d8b6c1806531bfd7399b3cc76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

09:51:09.0272 6244 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

09:51:09.0272 6244 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

09:51:09.0284 6244 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

09:51:09.0311 6244 PNRPAutoReg - ok

09:51:09.0328 6244 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

09:51:09.0345 6244 PNRPsvc - ok

09:51:09.0365 6244 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

09:51:09.0428 6244 PolicyAgent - ok

09:51:09.0457 6244 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll

09:51:09.0507 6244 Power - ok

09:51:09.0531 6244 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

09:51:09.0580 6244 PptpMiniport - ok

09:51:09.0613 6244 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys

09:51:09.0636 6244 Processor - ok

09:51:09.0819 6244 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll

09:51:10.0055 6244 ProfSvc - ok

09:51:10.0066 6244 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe

09:51:10.0088 6244 ProtectedStorage - ok

09:51:10.0137 6244 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys

09:51:10.0174 6244 Psched - ok

09:51:10.0218 6244 [ a6a7ad767bf5141665f5c675f671b3e1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

09:51:10.0233 6244 PSI_SVC_2 - ok

09:51:10.0293 6244 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

09:51:10.0352 6244 ql2300 - ok

09:51:10.0377 6244 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

09:51:10.0392 6244 ql40xx - ok

09:51:10.0446 6244 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll

09:51:10.0470 6244 QWAVE - ok

09:51:10.0513 6244 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

09:51:10.0548 6244 QWAVEdrv - ok

09:51:10.0561 6244 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

09:51:10.0886 6244 RasAcd - ok

09:51:10.0958 6244 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

09:51:10.0995 6244 RasAgileVpn - ok

09:51:11.0010 6244 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll

09:51:11.0061 6244 RasAuto - ok

09:51:11.0100 6244 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

09:51:11.0142 6244 Rasl2tp - ok

09:51:11.0183 6244 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll

09:51:11.0224 6244 RasMan - ok

09:51:11.0235 6244 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

09:51:11.0283 6244 RasPppoe - ok

09:51:11.0300 6244 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

09:51:11.0338 6244 RasSstp - ok

09:51:11.0352 6244 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

09:51:11.0405 6244 rdbss - ok

09:51:11.0416 6244 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

09:51:11.0434 6244 rdpbus - ok

09:51:11.0460 6244 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

09:51:11.0495 6244 RDPCDD - ok

09:51:11.0507 6244 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

09:51:11.0561 6244 RDPENCDD - ok

09:51:11.0573 6244 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

09:51:11.0608 6244 RDPREFMP - ok

09:51:11.0641 6244 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

09:51:11.0666 6244 RDPWD - ok

09:51:11.0716 6244 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

09:51:11.0744 6244 rdyboost - ok

09:51:11.0777 6244 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll

09:51:11.0838 6244 RemoteAccess - ok

09:51:11.0867 6244 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

09:51:11.0916 6244 RemoteRegistry - ok

09:51:11.0976 6244 [ 498eb62a160674e793fa40fd65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

09:51:11.0995 6244 RichVideo - ok

09:51:12.0027 6244 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

09:51:12.0075 6244 RpcEptMapper - ok

09:51:12.0109 6244 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe

09:51:12.0140 6244 RpcLocator - ok

09:51:12.0194 6244 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll

09:51:12.0235 6244 RpcSs - ok

09:51:12.0282 6244 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

09:51:12.0338 6244 rspndr - ok

09:51:12.0414 6244 [ a5df2f732a6c95554e548fcb6932bd31 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

09:51:12.0445 6244 RSUSBSTOR - ok

09:51:12.0476 6244 [ b49dc435ae3695bac5623dd94b05732d ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

09:51:12.0523 6244 RTL8167 - ok

09:51:12.0527 6244 RtsUIR - ok

09:51:12.0541 6244 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe

09:51:12.0555 6244 SamSs - ok

09:51:12.0600 6244 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

09:51:12.0615 6244 sbp2port - ok

09:51:12.0698 6244 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll

09:51:12.0759 6244 SCardSvr - ok

09:51:12.0783 6244 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

09:51:12.0835 6244 scfilter - ok

09:51:12.0886 6244 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll

09:51:12.0961 6244 Schedule - ok

09:51:12.0983 6244 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll

09:51:13.0017 6244 SCPolicySvc - ok

09:51:13.0058 6244 [ 111e0ebc0ad79cb0fa014b907b231cf0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

09:51:13.0079 6244 sdbus - ok

09:51:13.0117 6244 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

09:51:13.0170 6244 SDRSVC - ok

09:51:13.0237 6244 [ cc781378e7eda615d2cdca3b17829fa4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

09:51:13.0270 6244 SeaPort - ok

09:51:13.0313 6244 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

09:51:13.0369 6244 secdrv - ok

09:51:13.0400 6244 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll

09:51:13.0454 6244 seclogon - ok

09:51:13.0484 6244 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll

09:51:13.0524 6244 SENS - ok

09:51:13.0558 6244 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

09:51:13.0610 6244 SensrSvc - ok

09:51:13.0631 6244 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

09:51:13.0651 6244 Serenum - ok

09:51:13.0667 6244 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

09:51:13.0692 6244 Serial - ok

09:51:13.0713 6244 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

09:51:13.0739 6244 sermouse - ok

09:51:13.0780 6244 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll

09:51:13.0829 6244 SessionEnv - ok

09:51:13.0861 6244 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

09:51:13.0892 6244 sffdisk - ok

09:51:13.0905 6244 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

09:51:13.0925 6244 sffp_mmc - ok

09:51:13.0932 6244 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

09:51:13.0964 6244 sffp_sd - ok

09:51:13.0978 6244 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

09:51:14.0004 6244 sfloppy - ok

09:51:14.0053 6244 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll

09:51:14.0114 6244 SharedAccess - ok

09:51:14.0149 6244 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll

09:51:14.0191 6244 ShellHWDetection - ok

09:51:14.0209 6244 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:51:14.0223 6244 SiSRaid2 - ok

09:51:14.0250 6244 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

09:51:14.0266 6244 SiSRaid4 - ok

09:51:14.0292 6244 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

09:51:14.0330 6244 Smb - ok

09:51:14.0364 6244 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe

09:51:14.0388 6244 SNMPTRAP - ok

09:51:14.0406 6244 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys

09:51:14.0421 6244 spldr - ok

09:51:14.0457 6244 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe

09:51:14.0494 6244 Spooler - ok

09:51:14.0596 6244 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe

09:51:14.0708 6244 sppsvc - ok

09:51:14.0721 6244 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

09:51:14.0759 6244 sppuinotify - ok

09:51:14.0786 6244 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys

09:51:14.0825 6244 srv - ok

09:51:14.0859 6244 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

09:51:14.0897 6244 srv2 - ok

09:51:14.0935 6244 [ 0c4540311e11664b245a263e1154cef8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS

09:51:14.0955 6244 SrvHsfHDA - ok

09:51:14.0988 6244 [ 02071d207a9858fbe3a48cbfd59c4a04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS

09:51:15.0047 6244 SrvHsfV92 - ok

09:51:15.0070 6244 [ 18e40c245dbfaf36fd0134a7ef2df396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

09:51:15.0104 6244 SrvHsfWinac - ok

09:51:15.0129 6244 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

09:51:15.0158 6244 srvnet - ok

09:51:15.0197 6244 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

09:51:15.0250 6244 SSDPSRV - ok

09:51:15.0268 6244 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll

09:51:15.0306 6244 SstpSvc - ok

09:51:15.0394 6244 [ 810199dcc3bdc38304d7d649992ea7bc ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe

09:51:15.0411 6244 STacSV - ok

09:51:15.0434 6244 Steam Client Service - ok

09:51:15.0452 6244 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

09:51:15.0466 6244 stexstor - ok

09:51:15.0496 6244 [ ed1722f43ce61409ef68340402d6267d ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

09:51:15.0518 6244 STHDA - ok

09:51:15.0563 6244 [ decacb6921ded1a38642642685d77dac ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

09:51:15.0591 6244 StillCam - ok

09:51:15.0649 6244 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll

09:51:15.0726 6244 stisvc - ok

09:51:15.0777 6244 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys

09:51:15.0791 6244 swenum - ok

09:51:15.0837 6244 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll

09:51:15.0897 6244 swprv - ok

09:51:15.0933 6244 [ 929c9fa0b18ad2ebc8340591c4bf00ff ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

09:51:15.0951 6244 SynTP - ok

09:51:16.0050 6244 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll

09:51:16.0118 6244 SysMain - ok

09:51:16.0153 6244 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

09:51:16.0174 6244 TabletInputService - ok

09:51:16.0195 6244 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

09:51:16.0247 6244 TapiSrv - ok

09:51:16.0259 6244 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll

09:51:16.0298 6244 TBS - ok

09:51:16.0355 6244 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

09:51:16.0419 6244 Tcpip - ok

09:51:16.0470 6244 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

09:51:16.0509 6244 TCPIP6 - ok

09:51:16.0541 6244 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

09:51:16.0589 6244 tcpipreg - ok

09:51:16.0625 6244 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

09:51:16.0662 6244 TDPIPE - ok

09:51:16.0685 6244 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

09:51:16.0713 6244 TDTCP - ok

09:51:16.0749 6244 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

09:51:16.0786 6244 tdx - ok

09:51:16.0817 6244 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys

09:51:16.0831 6244 TermDD - ok

09:51:16.0857 6244 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll

09:51:16.0921 6244 TermService - ok

09:51:16.0944 6244 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll

09:51:16.0994 6244 Themes - ok

09:51:17.0028 6244 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll

09:51:17.0065 6244 THREADORDER - ok

09:51:17.0091 6244 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll

09:51:17.0147 6244 TrkWks - ok

09:51:17.0200 6244 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

09:51:17.0256 6244 TrustedInstaller - ok

09:51:17.0289 6244 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

09:51:17.0333 6244 tssecsrv - ok

09:51:17.0381 6244 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

09:51:17.0405 6244 TsUsbFlt - ok

09:51:17.0446 6244 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

09:51:17.0482 6244 tunnel - ok

09:51:17.0503 6244 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

09:51:17.0517 6244 uagp35 - ok

09:51:17.0548 6244 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

09:51:17.0607 6244 udfs - ok

09:51:17.0644 6244 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

09:51:17.0661 6244 UI0Detect - ok

09:51:17.0698 6244 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

09:51:17.0712 6244 uliagpkx - ok

09:51:17.0748 6244 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys

09:51:17.0778 6244 umbus - ok

09:51:17.0795 6244 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

09:51:17.0821 6244 UmPass - ok

09:51:17.0845 6244 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll

09:51:17.0903 6244 upnphost - ok

09:51:17.0941 6244 [ fb251567f41bc61988b26731dec19e4b ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

09:51:17.0963 6244 USBAAPL64 - ok

09:51:17.0997 6244 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

09:51:18.0038 6244 usbccgp - ok

09:51:18.0043 6244 USBCCID - ok

09:51:18.0078 6244 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

09:51:18.0096 6244 usbcir - ok

09:51:18.0125 6244 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

09:51:18.0140 6244 usbehci - ok

09:51:18.0170 6244 [ 44d9c773febff10593b50ddfc2d6bc27 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

09:51:18.0182 6244 usbfilter - ok

09:51:18.0227 6244 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

09:51:18.0266 6244 usbhub - ok

09:51:18.0291 6244 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

09:51:18.0308 6244 usbohci - ok

09:51:18.0339 6244 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

09:51:18.0362 6244 usbprint - ok

09:51:18.0387 6244 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

09:51:18.0412 6244 usbscan - ok

09:51:18.0427 6244 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:51:18.0483 6244 USBSTOR - ok

09:51:18.0495 6244 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

09:51:18.0516 6244 usbuhci - ok

09:51:18.0559 6244 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

09:51:18.0580 6244 usbvideo - ok

09:51:18.0601 6244 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll

09:51:18.0656 6244 UxSms - ok

09:51:18.0679 6244 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe

09:51:18.0693 6244 VaultSvc - ok

09:51:18.0711 6244 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

09:51:18.0726 6244 vdrvroot - ok

09:51:18.0757 6244 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe

09:51:18.0802 6244 vds - ok

09:51:18.0828 6244 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

09:51:18.0845 6244 vga - ok

09:51:18.0857 6244 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys

09:51:18.0907 6244 VgaSave - ok

09:51:18.0939 6244 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

09:51:18.0956 6244 vhdmp - ok

09:51:18.0982 6244 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys

09:51:18.0996 6244 viaide - ok

09:51:19.0009 6244 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

09:51:19.0024 6244 volmgr - ok

09:51:19.0056 6244 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

09:51:19.0076 6244 volmgrx - ok

09:51:19.0113 6244 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

09:51:19.0132 6244 volsnap - ok

09:51:19.0158 6244 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

09:51:19.0174 6244 vsmraid - ok

09:51:19.0233 6244 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe

09:51:19.0315 6244 VSS - ok

09:51:19.0330 6244 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

09:51:19.0360 6244 vwifibus - ok

09:51:19.0379 6244 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

09:51:19.0413 6244 vwififlt - ok

09:51:19.0441 6244 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll

09:51:19.0484 6244 W32Time - ok

09:51:19.0503 6244 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

09:51:19.0518 6244 WacomPen - ok

09:51:19.0559 6244 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

09:51:19.0608 6244 WANARP - ok

09:51:19.0618 6244 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

09:51:19.0653 6244 Wanarpv6 - ok

09:51:19.0736 6244 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

09:51:19.0785 6244 WatAdminSvc - ok

09:51:19.0835 6244 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe

09:51:19.0918 6244 wbengine - ok

09:51:19.0931 6244 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

09:51:19.0953 6244 WbioSrvc - ok

09:51:19.0989 6244 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll

09:51:20.0026 6244 wcncsvc - ok

09:51:20.0046 6244 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

09:51:20.0071 6244 WcsPlugInService - ok

09:51:20.0100 6244 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys

09:51:20.0114 6244 Wd - ok

09:51:20.0144 6244 [ a3d04ebf5227886029b4532f20d026f7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

09:51:20.0164 6244 WDC_SAM - ok

09:51:20.0221 6244 [ 334e5ed94d3faff3c44f4d36b1fe1c90 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

09:51:20.0241 6244 WDDMService ( UnsignedFile.Multi.Generic ) - warning

09:51:20.0241 6244 WDDMService - detected UnsignedFile.Multi.Generic (1)

09:51:20.0280 6244 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

09:51:20.0315 6244 Wdf01000 - ok

09:51:20.0326 6244 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll

09:51:20.0428 6244 WdiServiceHost - ok

09:51:20.0432 6244 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll

09:51:20.0452 6244 WdiSystemHost - ok

09:51:20.0501 6244 [ 138ab06adbbf300aa804d7974a5aec82 ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

09:51:20.0510 6244 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning

09:51:20.0510 6244 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)

09:51:20.0537 6244 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll

09:51:20.0575 6244 WebClient - ok

09:51:20.0596 6244 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll

09:51:20.0652 6244 Wecsvc - ok

09:51:20.0673 6244 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

09:51:20.0719 6244 wercplsupport - ok

09:51:20.0736 6244 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll

09:51:20.0785 6244 WerSvc - ok

09:51:20.0804 6244 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

09:51:20.0840 6244 WfpLwf - ok

09:51:20.0863 6244 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys

09:51:20.0877 6244 WIMMount - ok

09:51:20.0886 6244 WinDefend - ok

09:51:20.0893 6244 WinHttpAutoProxySvc - ok

09:51:20.0943 6244 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

09:51:20.0988 6244 Winmgmt - ok

09:51:21.0149 6244 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll

09:51:21.0273 6244 WinRM - ok

09:51:21.0332 6244 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

09:51:21.0358 6244 WinUsb - ok

09:51:21.0389 6244 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll

09:51:21.0444 6244 Wlansvc - ok

09:51:21.0496 6244 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:51:21.0509 6244 wlcrasvc - ok

09:51:21.0600 6244 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:51:21.0673 6244 wlidsvc - ok

09:51:21.0691 6244 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

09:51:21.0706 6244 WmiAcpi - ok

09:51:21.0731 6244 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

09:51:21.0761 6244 wmiApSrv - ok

09:51:21.0783 6244 WMPNetworkSvc - ok

09:51:21.0802 6244 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll

09:51:21.0828 6244 WPCSvc - ok

09:51:21.0860 6244 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

09:51:21.0878 6244 WPDBusEnum - ok

09:51:21.0914 6244 [ 294e163ebef6125721f916a43051eae2 ] WRkrn C:\Windows\system32\drivers\WRkrn.sys

09:51:21.0929 6244 WRkrn - ok

09:51:21.0987 6244 [ e2874ffd168a5e673d4c323324bfe167 ] WRSVC C:\Program Files\Webroot\WRSA.exe

09:51:22.0017 6244 WRSVC - ok

09:51:22.0035 6244 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

09:51:22.0071 6244 ws2ifsl - ok

09:51:22.0094 6244 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\System32\wscsvc.dll

09:51:22.0121 6244 wscsvc - ok

09:51:22.0163 6244 [ 8d918b1db190a4d9b1753a66fa8c96e8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

09:51:22.0191 6244 WSDPrintDevice - ok

09:51:22.0197 6244 WSearch - ok

09:51:22.0268 6244 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll

09:51:22.0344 6244 wuauserv - ok

09:51:22.0377 6244 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

09:51:22.0433 6244 WudfPf - ok

09:51:22.0485 6244 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

09:51:22.0532 6244 WUDFRd - ok

09:51:22.0565 6244 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc

Link to post
Share on other sites

Hopefully this is right...

09:49:45.0024 8440 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

09:49:45.0354 8440 ============================================================

09:49:45.0354 8440 Current date / time: 2012/08/19 09:49:45.0354

09:49:45.0354 8440 SystemInfo:

09:49:45.0354 8440

09:49:45.0354 8440 OS Version: 6.1.7601 ServicePack: 1.0

09:49:45.0354 8440 Product type: Workstation

09:49:45.0354 8440 ComputerName: MYHP-PC

09:49:45.0354 8440 UserName: My Hp

09:49:45.0354 8440 Windows directory: C:\Windows

09:49:45.0354 8440 System windows directory: C:\Windows

09:49:45.0354 8440 Running under WOW64

09:49:45.0354 8440 Processor architecture: Intel x64

09:49:45.0354 8440 Number of processors: 2

09:49:45.0354 8440 Page size: 0x1000

09:49:45.0354 8440 Boot type: Normal boot

09:49:45.0354 8440 ============================================================

09:49:46.0994 8440 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:49:47.0000 8440 ============================================================

09:49:47.0000 8440 \Device\Harddisk0\DR0:

09:49:47.0000 8440 MBR partitions:

09:49:47.0000 8440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

09:49:47.0000 8440 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38444000

09:49:47.0000 8440 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x384A8000, BlocksNum 0x1EAA000

09:49:47.0000 8440 ============================================================

09:49:47.0022 8440 C: <-> \Device\Harddisk0\DR0\Partition2

09:49:47.0069 8440 D: <-> \Device\Harddisk0\DR0\Partition3

09:49:47.0069 8440 ============================================================

09:49:47.0069 8440 Initialize success

09:49:47.0069 8440 ============================================================

09:50:47.0719 6244 ============================================================

09:50:47.0720 6244 Scan started

09:50:47.0720 6244 Mode: Manual; SigCheck; TDLFS;

09:50:47.0720 6244 ============================================================

09:50:49.0603 6244 ================ Scan services =============================

09:50:49.0752 6244 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

09:50:49.0855 6244 1394ohci - ok

09:50:49.0887 6244 [ 1cffe9c06e66a57dae1452e449a58240 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys

09:50:49.0906 6244 Accelerometer - ok

09:50:49.0952 6244 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

09:50:49.0973 6244 ACPI - ok

09:50:50.0017 6244 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

09:50:50.0109 6244 AcpiPmi - ok

09:50:50.0417 6244 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

09:50:50.0437 6244 AdobeFlashPlayerUpdateSvc - ok

09:50:50.0505 6244 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

09:50:50.0528 6244 adp94xx - ok

09:50:50.0552 6244 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

09:50:50.0573 6244 adpahci - ok

09:50:50.0587 6244 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

09:50:50.0604 6244 adpu320 - ok

09:50:50.0628 6244 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

09:50:50.0829 6244 AeLookupSvc - ok

09:50:50.0905 6244 [ a6fb9db8f1a86861d955fd6975977ae0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe

09:50:50.0994 6244 AESTFilters - ok

09:50:51.0055 6244 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys

09:50:51.0131 6244 AFD - ok

09:50:51.0201 6244 [ b65f8dba54f251906bbe8611b5a0e7ab ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe

09:50:51.0246 6244 AgereModemAudio - ok

09:50:51.0278 6244 [ af4748ef93416159459769a24a0053af ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys

09:50:51.0332 6244 AgereSoftModem - ok

09:50:51.0363 6244 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

09:50:51.0377 6244 agp440 - ok

09:50:51.0407 6244 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe

09:50:51.0499 6244 ALG - ok

09:50:51.0519 6244 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys

09:50:51.0533 6244 aliide - ok

09:50:51.0565 6244 [ d0d8877969011d1b0ed9c3c55a9a9108 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

09:50:51.0584 6244 AMD External Events Utility - ok

09:50:51.0598 6244 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys

09:50:51.0612 6244 amdide - ok

09:50:51.0642 6244 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

09:50:51.0696 6244 AmdK8 - ok

09:50:51.0717 6244 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

09:50:51.0748 6244 AmdPPM - ok

09:50:51.0795 6244 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

09:50:51.0819 6244 amdsata - ok

09:50:51.0857 6244 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

09:50:51.0876 6244 amdsbs - ok

09:50:51.0888 6244 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

09:50:51.0906 6244 amdxata - ok

09:50:51.0943 6244 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys

09:50:52.0112 6244 AppID - ok

09:50:52.0141 6244 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

09:50:52.0205 6244 AppIDSvc - ok

09:50:52.0248 6244 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll

09:50:52.0289 6244 Appinfo - ok

09:50:52.0406 6244 [ f401929ee0cc92bfe7f15161ca535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

09:50:52.0440 6244 Apple Mobile Device - ok

09:50:52.0483 6244 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys

09:50:52.0499 6244 arc - ok

09:50:52.0508 6244 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

09:50:52.0522 6244 arcsas - ok

09:50:52.0545 6244 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

09:50:52.0598 6244 AsyncMac - ok

09:50:52.0632 6244 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys

09:50:52.0644 6244 atapi - ok

09:50:52.0702 6244 [ 38562a6a9cb10844759eaf2b01a7fcd3 ] athr C:\Windows\system32\DRIVERS\athrx.sys

09:50:52.0767 6244 athr - ok

09:50:52.0792 6244 [ 38467ff83c2b4265d51f418812a91e3c ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

09:50:52.0805 6244 AtiHdmiService - ok

09:50:52.0982 6244 [ c5758bf1dfd762a5b17041ff061b7750 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

09:50:53.0162 6244 atikmdag - ok

09:50:53.0214 6244 [ 7c5d273e29dcc5505469b299c6f29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys

09:50:53.0226 6244 AtiPcie - ok

09:50:53.0295 6244 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

09:50:53.0357 6244 AudioEndpointBuilder - ok

09:50:53.0378 6244 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

09:50:53.0418 6244 AudioSrv - ok

09:50:53.0459 6244 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll

09:50:53.0532 6244 AxInstSV - ok

09:50:53.0567 6244 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

09:50:53.0619 6244 b06bdrv - ok

09:50:53.0670 6244 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

09:50:53.0718 6244 b57nd60a - ok

09:50:53.0837 6244 [ 825f81a6f7dd073509db101f0ba6dc59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

09:50:53.0857 6244 BBSvc - ok

09:50:53.0891 6244 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll

09:50:53.0929 6244 BDESVC - ok

09:50:53.0945 6244 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

09:50:53.0993 6244 Beep - ok

09:50:54.0053 6244 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll

09:50:54.0130 6244 BFE - ok

09:50:54.0189 6244 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll

09:50:54.0261 6244 BITS - ok

09:50:54.0286 6244 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

09:50:54.0310 6244 blbdrive - ok

09:50:54.0385 6244 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

09:50:54.0411 6244 Bonjour Service - ok

09:50:54.0437 6244 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

09:50:54.0462 6244 bowser - ok

09:50:54.0480 6244 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:50:54.0553 6244 BrFiltLo - ok

09:50:54.0576 6244 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:50:54.0593 6244 BrFiltUp - ok

09:50:54.0629 6244 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll

09:50:54.0671 6244 Browser - ok

09:50:54.0706 6244 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys

09:50:54.0754 6244 Brserid - ok

09:50:54.0762 6244 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

09:50:54.0788 6244 BrSerWdm - ok

09:50:54.0793 6244 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

09:50:54.0810 6244 BrUsbMdm - ok

09:50:54.0816 6244 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

09:50:54.0830 6244 BrUsbSer - ok

09:50:54.0853 6244 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

09:50:54.0882 6244 BTHMODEM - ok

09:50:54.0915 6244 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll

09:50:54.0981 6244 bthserv - ok

09:50:55.0021 6244 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

09:50:55.0071 6244 cdfs - ok

09:50:55.0121 6244 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

09:50:55.0156 6244 cdrom - ok

09:50:55.0202 6244 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll

09:50:55.0270 6244 CertPropSvc - ok

09:50:55.0301 6244 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys

09:50:55.0338 6244 circlass - ok

09:50:55.0365 6244 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys

09:50:55.0390 6244 CLFS - ok

09:50:55.0460 6244 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:50:55.0475 6244 clr_optimization_v2.0.50727_32 - ok

09:50:55.0523 6244 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:50:55.0537 6244 clr_optimization_v2.0.50727_64 - ok

09:50:55.0618 6244 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:50:55.0633 6244 clr_optimization_v4.0.30319_32 - ok

09:50:55.0713 6244 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:50:55.0729 6244 clr_optimization_v4.0.30319_64 - ok

09:50:55.0755 6244 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

09:50:55.0773 6244 CmBatt - ok

09:50:55.0795 6244 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys

09:50:55.0809 6244 cmdide - ok

09:50:55.0882 6244 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys

09:50:55.0949 6244 CNG - ok

09:50:56.0021 6244 [ f9a79c5b27037821112c50a9c8fb367a ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

09:50:56.0037 6244 Com4QLBEx - ok

09:50:56.0066 6244 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

09:50:56.0082 6244 Compbatt - ok

09:50:56.0121 6244 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

09:50:56.0154 6244 CompositeBus - ok

09:50:56.0167 6244 COMSysApp - ok

09:50:56.0188 6244 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

09:50:56.0201 6244 crcdisk - ok

09:50:56.0240 6244 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

09:50:56.0283 6244 CryptSvc - ok

09:50:56.0330 6244 [ ba8e5b2291c01ef71ca80e25f0c79d55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys

09:50:56.0343 6244 ctxusbm - ok

09:50:56.0379 6244 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll

09:50:56.0433 6244 DcomLaunch - ok

09:50:56.0465 6244 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll

09:50:56.0521 6244 defragsvc - ok

09:50:56.0548 6244 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

09:50:56.0600 6244 DfsC - ok

09:50:56.0621 6244 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll

09:50:56.0683 6244 Dhcp - ok

09:50:56.0705 6244 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys

09:50:56.0764 6244 discache - ok

09:50:56.0802 6244 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys

09:50:56.0817 6244 Disk - ok

09:50:56.0854 6244 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

09:50:56.0914 6244 Dnscache - ok

09:50:56.0956 6244 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll

09:50:57.0004 6244 dot3svc - ok

09:50:57.0057 6244 [ b42ed0320c6e41102fde0005154849bb ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

09:50:57.0083 6244 Dot4 - ok

09:50:57.0116 6244 [ e9f5969233c5d89f3c35e3a66a52a361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

09:50:57.0150 6244 Dot4Print - ok

09:50:57.0172 6244 [ fd05a02b0370bc3000f402e543ca5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

09:50:57.0196 6244 dot4usb - ok

09:50:57.0214 6244 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll

09:50:57.0273 6244 DPS - ok

09:50:57.0305 6244 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

09:50:57.0333 6244 drmkaud - ok

09:50:57.0389 6244 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

09:50:57.0423 6244 DXGKrnl - ok

09:50:57.0448 6244 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll

09:50:57.0501 6244 EapHost - ok

09:50:57.0599 6244 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

09:50:57.0719 6244 ebdrv - ok

09:50:57.0763 6244 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe

09:50:57.0821 6244 EFS - ok

09:50:57.0879 6244 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

09:50:57.0922 6244 ehRecvr - ok

09:50:57.0947 6244 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe

09:50:57.0984 6244 ehSched - ok

09:50:58.0015 6244 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

09:50:58.0039 6244 elxstor - ok

09:50:58.0065 6244 [ 524c79054636d2e5751169005006460b ] enecir C:\Windows\system32\DRIVERS\enecir.sys

09:50:58.0097 6244 enecir - ok

09:50:58.0122 6244 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys

09:50:58.0145 6244 ErrDev - ok

09:50:58.0191 6244 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll

09:50:58.0247 6244 EventSystem - ok

09:50:58.0269 6244 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys

09:50:58.0313 6244 exfat - ok

09:50:58.0335 6244 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys

09:50:58.0388 6244 fastfat - ok

09:50:58.0443 6244 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe

09:50:58.0524 6244 Fax - ok

09:50:58.0550 6244 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys

09:50:58.0580 6244 fdc - ok

09:50:58.0599 6244 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll

09:50:58.0658 6244 fdPHost - ok

09:50:58.0692 6244 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

09:50:58.0752 6244 FDResPub - ok

09:50:58.0805 6244 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

09:50:58.0821 6244 FileInfo - ok

09:50:58.0837 6244 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

09:50:58.0896 6244 Filetrace - ok

09:50:58.0917 6244 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

09:50:58.0944 6244 flpydisk - ok

09:50:58.0984 6244 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

09:50:59.0028 6244 FltMgr - ok

09:50:59.0103 6244 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll

09:50:59.0210 6244 FontCache - ok

09:50:59.0275 6244 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:50:59.0288 6244 FontCache3.0.0.0 - ok

09:50:59.0314 6244 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

09:50:59.0331 6244 FsDepends - ok

09:50:59.0393 6244 [ 07da62c960ddccc2d35836aeab4fc578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

09:50:59.0415 6244 fssfltr - ok

09:50:59.0502 6244 [ 28ddeeec44e988657b732cf404d504cb ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

09:50:59.0563 6244 fsssvc - ok

09:50:59.0603 6244 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

09:50:59.0627 6244 Fs_Rec - ok

09:50:59.0696 6244 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

09:50:59.0727 6244 fvevol - ok

09:50:59.0760 6244 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

09:50:59.0796 6244 gagp30kx - ok

09:50:59.0869 6244 [ c403c5db49a0f9aaf4f2128edc0106d8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

09:50:59.0888 6244 GamesAppService - ok

09:50:59.0929 6244 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

09:50:59.0941 6244 GEARAspiWDM - ok

09:51:00.0002 6244 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll

09:51:00.0114 6244 gpsvc - ok

09:51:00.0155 6244 GSRestartSvc - ok

09:51:00.0175 6244 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

09:51:00.0211 6244 hcw85cir - ok

09:51:00.0259 6244 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

09:51:00.0286 6244 HdAudAddService - ok

09:51:00.0332 6244 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

09:51:00.0396 6244 HDAudBus - ok

09:51:00.0431 6244 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

09:51:00.0547 6244 HidBatt - ok

09:51:00.0569 6244 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

09:51:00.0618 6244 HidBth - ok

09:51:00.0686 6244 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

09:51:00.0714 6244 HidIr - ok

09:51:00.0745 6244 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll

09:51:00.0800 6244 hidserv - ok

09:51:00.0848 6244 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

09:51:00.0862 6244 HidUsb - ok

09:51:00.0892 6244 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll

09:51:00.0947 6244 hkmsvc - ok

09:51:00.0978 6244 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll

09:51:01.0020 6244 HomeGroupListener - ok

09:51:01.0055 6244 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

09:51:01.0085 6244 HomeGroupProvider - ok

09:51:01.0136 6244 [ c84bcc03858daeac4db1e95efcce1934 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

09:51:01.0151 6244 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

09:51:01.0151 6244 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

09:51:01.0182 6244 [ 05712fddbd45a5864eb326faabc6a4e3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys

09:51:01.0194 6244 hpdskflt - ok

09:51:01.0288 6244 [ 5da42d24712e00728cea2342a65009b2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

09:51:01.0307 6244 hpqcxs08 - ok

09:51:01.0325 6244 [ d86a39bf100069444d026d22d9a6e555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

09:51:01.0338 6244 hpqddsvc - ok

09:51:01.0367 6244 [ 9af482d058be59cc28bce52e7c4b747c ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

09:51:01.0404 6244 HpqKbFiltr - ok

09:51:01.0463 6244 [ fdf273a845f1ffcceadf363aaf47582f ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

09:51:01.0480 6244 hpqwmiex - ok

09:51:01.0512 6244 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

09:51:01.0526 6244 HpSAMD - ok

09:51:01.0583 6244 [ f37882f128efacefe353e0bae2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

09:51:01.0631 6244 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning

09:51:01.0631 6244 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)

09:51:01.0661 6244 [ aa036cc5f5221d9b915f4d4dce74ba9a ] hpsrv C:\Windows\system32\Hpservice.exe

09:51:01.0674 6244 hpsrv - ok

09:51:01.0714 6244 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

09:51:01.0772 6244 HTTP - ok

09:51:01.0799 6244 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

09:51:01.0811 6244 hwpolicy - ok

09:51:01.0861 6244 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

09:51:01.0879 6244 i8042prt - ok

09:51:01.0909 6244 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

09:51:01.0932 6244 iaStorV - ok

09:51:01.0974 6244 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:51:02.0012 6244 idsvc - ok

09:51:02.0151 6244 [ a87261ef1546325b559374f5689cf5bc ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

09:51:02.0305 6244 igfx - ok

09:51:02.0336 6244 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

09:51:02.0351 6244 iirsp - ok

09:51:02.0390 6244 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll

09:51:02.0454 6244 IKEEXT - ok

09:51:02.0469 6244 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys

09:51:02.0483 6244 intelide - ok

09:51:02.0525 6244 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

09:51:02.0548 6244 intelppm - ok

09:51:02.0577 6244 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll

09:51:02.0627 6244 IPBusEnum - ok

09:51:02.0655 6244 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:51:02.0707 6244 IpFilterDriver - ok

09:51:02.0741 6244 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

09:51:02.0801 6244 iphlpsvc - ok

09:51:02.0835 6244 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

09:51:02.0852 6244 IPMIDRV - ok

09:51:02.0877 6244 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

09:51:02.0918 6244 IPNAT - ok

09:51:03.0010 6244 [ a9ab99ee7d39725eafec82732d2b3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

09:51:03.0050 6244 iPod Service - ok

09:51:03.0073 6244 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

09:51:03.0139 6244 IRENUM - ok

09:51:03.0158 6244 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

09:51:03.0172 6244 isapnp - ok

09:51:03.0207 6244 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

09:51:03.0227 6244 iScsiPrt - ok

09:51:03.0261 6244 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

09:51:03.0276 6244 kbdclass - ok

09:51:03.0307 6244 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

09:51:03.0334 6244 kbdhid - ok

09:51:03.0349 6244 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe

09:51:03.0363 6244 KeyIso - ok

09:51:03.0389 6244 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

09:51:03.0404 6244 KSecDD - ok

09:51:03.0433 6244 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

09:51:03.0449 6244 KSecPkg - ok

09:51:03.0466 6244 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

09:51:03.0508 6244 ksthunk - ok

09:51:03.0541 6244 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll

09:51:03.0597 6244 KtmRm - ok

09:51:03.0636 6244 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll

09:51:03.0702 6244 LanmanServer - ok

09:51:03.0742 6244 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

09:51:03.0792 6244 LanmanWorkstation - ok

09:51:03.0850 6244 [ ed7ec050cd6c20e1a93a4dafb7efd14d ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys

09:51:03.0864 6244 LEqdUsb - ok

09:51:03.0889 6244 [ 3267bc698e29474a8381e68904eb0390 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys

09:51:03.0902 6244 LHidEqd - ok

09:51:03.0929 6244 [ 241f2648adf090e2a10095bd6d6f5dcb ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys

09:51:03.0942 6244 LHidFilt - ok

09:51:03.0985 6244 [ 83d8be94e1cbcbe2ea8372db1a95a159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

09:51:04.0000 6244 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

09:51:04.0000 6244 LightScribeService - detected UnsignedFile.Multi.Generic (1)

09:51:04.0031 6244 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

09:51:04.0068 6244 lltdio - ok

09:51:04.0107 6244 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll

09:51:04.0166 6244 lltdsvc - ok

09:51:04.0189 6244 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll

09:51:04.0225 6244 lmhosts - ok

09:51:04.0239 6244 [ 342ed5a4b3326014438f36d22d803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys

09:51:04.0253 6244 LMouFilt - ok

09:51:04.0285 6244 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

09:51:04.0300 6244 LSI_FC - ok

09:51:04.0323 6244 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

09:51:04.0339 6244 LSI_SAS - ok

09:51:04.0350 6244 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:51:04.0365 6244 LSI_SAS2 - ok

09:51:04.0391 6244 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:51:04.0407 6244 LSI_SCSI - ok

09:51:04.0430 6244 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys

09:51:04.0476 6244 luafv - ok

09:51:04.0510 6244 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

09:51:04.0538 6244 Mcx2Svc - ok

09:51:04.0554 6244 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

09:51:04.0568 6244 megasas - ok

09:51:04.0590 6244 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

09:51:04.0609 6244 MegaSR - ok

09:51:04.0635 6244 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll

09:51:04.0686 6244 MMCSS - ok

09:51:04.0701 6244 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys

09:51:04.0745 6244 Modem - ok

09:51:04.0765 6244 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys

09:51:04.0793 6244 monitor - ok

09:51:04.0830 6244 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

09:51:04.0844 6244 mouclass - ok

09:51:04.0857 6244 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

09:51:04.0872 6244 mouhid - ok

09:51:04.0901 6244 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

09:51:04.0916 6244 mountmgr - ok

09:51:04.0950 6244 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys

09:51:04.0966 6244 mpio - ok

09:51:04.0975 6244 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

09:51:05.0012 6244 mpsdrv - ok

09:51:05.0057 6244 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll

09:51:05.0127 6244 MpsSvc - ok

09:51:05.0158 6244 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

09:51:05.0191 6244 MRxDAV - ok

09:51:05.0219 6244 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

09:51:05.0245 6244 mrxsmb - ok

09:51:05.0282 6244 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:51:05.0315 6244 mrxsmb10 - ok

09:51:05.0337 6244 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:51:05.0352 6244 mrxsmb20 - ok

09:51:05.0386 6244 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys

09:51:05.0400 6244 msahci - ok

09:51:05.0439 6244 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

09:51:05.0472 6244 msdsm - ok

09:51:05.0497 6244 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe

09:51:05.0525 6244 MSDTC - ok

09:51:05.0563 6244 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

09:51:05.0601 6244 Msfs - ok

09:51:05.0623 6244 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

09:51:05.0682 6244 mshidkmdf - ok

09:51:05.0688 6244 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

09:51:05.0701 6244 msisadrv - ok

09:51:05.0736 6244 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

09:51:05.0802 6244 MSiSCSI - ok

09:51:05.0807 6244 msiserver - ok

09:51:05.0830 6244 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

09:51:05.0875 6244 MSKSSRV - ok

09:51:05.0892 6244 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

09:51:05.0928 6244 MSPCLOCK - ok

09:51:05.0942 6244 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

09:51:05.0986 6244 MSPQM - ok

09:51:06.0021 6244 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

09:51:06.0041 6244 MsRPC - ok

09:51:06.0058 6244 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

09:51:06.0073 6244 mssmbios - ok

09:51:06.0089 6244 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

09:51:06.0133 6244 MSTEE - ok

09:51:06.0164 6244 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

09:51:06.0180 6244 MTConfig - ok

09:51:06.0198 6244 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys

09:51:06.0213 6244 Mup - ok

09:51:06.0246 6244 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll

09:51:06.0305 6244 napagent - ok

09:51:06.0333 6244 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

09:51:06.0370 6244 NativeWifiP - ok

09:51:06.0400 6244 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys

09:51:06.0440 6244 NDIS - ok

09:51:06.0468 6244 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

09:51:06.0505 6244 NdisCap - ok

09:51:06.0526 6244 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

09:51:06.0562 6244 NdisTapi - ok

09:51:06.0595 6244 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

09:51:06.0644 6244 Ndisuio - ok

09:51:06.0676 6244 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

09:51:06.0719 6244 NdisWan - ok

09:51:06.0750 6244 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

09:51:06.0786 6244 NDProxy - ok

09:51:06.0837 6244 [ d4f51e88c71bf8f06ea1be320b0bb75b ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

09:51:06.0856 6244 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

09:51:06.0856 6244 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

09:51:06.0875 6244 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

09:51:06.0930 6244 NetBIOS - ok

09:51:06.0969 6244 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

09:51:07.0009 6244 NetBT - ok

09:51:07.0020 6244 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe

09:51:07.0034 6244 Netlogon - ok

09:51:07.0067 6244 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll

09:51:07.0120 6244 Netman - ok

09:51:07.0144 6244 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll

09:51:07.0188 6244 netprofm - ok

09:51:07.0207 6244 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:51:07.0220 6244 NetTcpPortSharing - ok

09:51:07.0330 6244 [ 64428dfdaf6e88366cb51f45a79c5f69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys

09:51:07.0467 6244 netw5v64 - ok

09:51:07.0483 6244 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

09:51:07.0505 6244 nfrd960 - ok

09:51:07.0528 6244 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

09:51:07.0582 6244 NlaSvc - ok

09:51:07.0605 6244 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

09:51:07.0643 6244 Npfs - ok

09:51:07.0707 6244 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll

09:51:07.0746 6244 nsi - ok

09:51:07.0792 6244 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

09:51:07.0836 6244 nsiproxy - ok

09:51:07.0908 6244 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

09:51:07.0987 6244 Ntfs - ok

09:51:08.0029 6244 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys

09:51:08.0064 6244 Null - ok

09:51:08.0095 6244 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys

09:51:08.0112 6244 nvraid - ok

09:51:08.0141 6244 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys

09:51:08.0158 6244 nvstor - ok

09:51:08.0182 6244 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

09:51:08.0199 6244 nv_agp - ok

09:51:08.0276 6244 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

09:51:08.0321 6244 odserv - ok

09:51:08.0362 6244 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

09:51:08.0378 6244 ohci1394 - ok

09:51:08.0421 6244 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:51:08.0436 6244 ose - ok

09:51:08.0462 6244 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

09:51:08.0509 6244 p2pimsvc - ok

09:51:08.0527 6244 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll

09:51:08.0549 6244 p2psvc - ok

09:51:08.0569 6244 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

09:51:08.0585 6244 Parport - ok

09:51:08.0610 6244 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys

09:51:08.0624 6244 partmgr - ok

09:51:08.0636 6244 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

09:51:08.0670 6244 PcaSvc - ok

09:51:08.0688 6244 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys

09:51:08.0704 6244 pci - ok

09:51:08.0737 6244 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys

09:51:08.0751 6244 pciide - ok

09:51:08.0777 6244 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

09:51:08.0794 6244 pcmcia - ok

09:51:08.0811 6244 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys

09:51:08.0825 6244 pcw - ok

09:51:08.0843 6244 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys

09:51:08.0900 6244 PEAUTH - ok

09:51:08.0966 6244 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe

09:51:08.0989 6244 PerfHost - ok

09:51:09.0039 6244 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll

09:51:09.0109 6244 pla - ok

09:51:09.0147 6244 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

09:51:09.0185 6244 PlugPlay - ok

09:51:09.0251 6244 [ 9a80707d8b6c1806531bfd7399b3cc76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

09:51:09.0272 6244 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

09:51:09.0272 6244 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

09:51:09.0284 6244 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

09:51:09.0311 6244 PNRPAutoReg - ok

09:51:09.0328 6244 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

09:51:09.0345 6244 PNRPsvc - ok

09:51:09.0365 6244 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

09:51:09.0428 6244 PolicyAgent - ok

09:51:09.0457 6244 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll

09:51:09.0507 6244 Power - ok

09:51:09.0531 6244 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

09:51:09.0580 6244 PptpMiniport - ok

09:51:09.0613 6244 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys

09:51:09.0636 6244 Processor - ok

09:51:09.0819 6244 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll

09:51:10.0055 6244 ProfSvc - ok

09:51:10.0066 6244 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe

09:51:10.0088 6244 ProtectedStorage - ok

09:51:10.0137 6244 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys

09:51:10.0174 6244 Psched - ok

09:51:10.0218 6244 [ a6a7ad767bf5141665f5c675f671b3e1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

09:51:10.0233 6244 PSI_SVC_2 - ok

09:51:10.0293 6244 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

09:51:10.0352 6244 ql2300 - ok

09:51:10.0377 6244 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

09:51:10.0392 6244 ql40xx - ok

09:51:10.0446 6244 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll

09:51:10.0470 6244 QWAVE - ok

09:51:10.0513 6244 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

09:51:10.0548 6244 QWAVEdrv - ok

09:51:10.0561 6244 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

09:51:10.0886 6244 RasAcd - ok

09:51:10.0958 6244 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

09:51:10.0995 6244 RasAgileVpn - ok

09:51:11.0010 6244 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll

09:51:11.0061 6244 RasAuto - ok

09:51:11.0100 6244 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

09:51:11.0142 6244 Rasl2tp - ok

09:51:11.0183 6244 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll

09:51:11.0224 6244 RasMan - ok

09:51:11.0235 6244 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

09:51:11.0283 6244 RasPppoe - ok

09:51:11.0300 6244 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

09:51:11.0338 6244 RasSstp - ok

09:51:11.0352 6244 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

09:51:11.0405 6244 rdbss - ok

09:51:11.0416 6244 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

09:51:11.0434 6244 rdpbus - ok

09:51:11.0460 6244 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

09:51:11.0495 6244 RDPCDD - ok

09:51:11.0507 6244 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

09:51:11.0561 6244 RDPENCDD - ok

09:51:11.0573 6244 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

09:51:11.0608 6244 RDPREFMP - ok

09:51:11.0641 6244 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

09:51:11.0666 6244 RDPWD - ok

09:51:11.0716 6244 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

09:51:11.0744 6244 rdyboost - ok

09:51:11.0777 6244 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll

09:51:11.0838 6244 RemoteAccess - ok

09:51:11.0867 6244 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

09:51:11.0916 6244 RemoteRegistry - ok

09:51:11.0976 6244 [ 498eb62a160674e793fa40fd65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

09:51:11.0995 6244 RichVideo - ok

09:51:12.0027 6244 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

09:51:12.0075 6244 RpcEptMapper - ok

09:51:12.0109 6244 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe

09:51:12.0140 6244 RpcLocator - ok

09:51:12.0194 6244 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll

09:51:12.0235 6244 RpcSs - ok

09:51:12.0282 6244 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

09:51:12.0338 6244 rspndr - ok

09:51:12.0414 6244 [ a5df2f732a6c95554e548fcb6932bd31 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

09:51:12.0445 6244 RSUSBSTOR - ok

09:51:12.0476 6244 [ b49dc435ae3695bac5623dd94b05732d ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

09:51:12.0523 6244 RTL8167 - ok

09:51:12.0527 6244 RtsUIR - ok

09:51:12.0541 6244 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe

09:51:12.0555 6244 SamSs - ok

09:51:12.0600 6244 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

09:51:12.0615 6244 sbp2port - ok

09:51:12.0698 6244 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll

09:51:12.0759 6244 SCardSvr - ok

09:51:12.0783 6244 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

09:51:12.0835 6244 scfilter - ok

09:51:12.0886 6244 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll

09:51:12.0961 6244 Schedule - ok

09:51:12.0983 6244 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll

09:51:13.0017 6244 SCPolicySvc - ok

09:51:13.0058 6244 [ 111e0ebc0ad79cb0fa014b907b231cf0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

09:51:13.0079 6244 sdbus - ok

09:51:13.0117 6244 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

09:51:13.0170 6244 SDRSVC - ok

09:51:13.0237 6244 [ cc781378e7eda615d2cdca3b17829fa4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

09:51:13.0270 6244 SeaPort - ok

09:51:13.0313 6244 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

09:51:13.0369 6244 secdrv - ok

09:51:13.0400 6244 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll

09:51:13.0454 6244 seclogon - ok

09:51:13.0484 6244 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll

09:51:13.0524 6244 SENS - ok

09:51:13.0558 6244 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

09:51:13.0610 6244 SensrSvc - ok

09:51:13.0631 6244 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

09:51:13.0651 6244 Serenum - ok

09:51:13.0667 6244 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

09:51:13.0692 6244 Serial - ok

09:51:13.0713 6244 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

09:51:13.0739 6244 sermouse - ok

09:51:13.0780 6244 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll

09:51:13.0829 6244 SessionEnv - ok

09:51:13.0861 6244 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

09:51:13.0892 6244 sffdisk - ok

09:51:13.0905 6244 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

09:51:13.0925 6244 sffp_mmc - ok

09:51:13.0932 6244 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

09:51:13.0964 6244 sffp_sd - ok

09:51:13.0978 6244 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

09:51:14.0004 6244 sfloppy - ok

09:51:14.0053 6244 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll

09:51:14.0114 6244 SharedAccess - ok

09:51:14.0149 6244 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll

09:51:14.0191 6244 ShellHWDetection - ok

09:51:14.0209 6244 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:51:14.0223 6244 SiSRaid2 - ok

09:51:14.0250 6244 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

09:51:14.0266 6244 SiSRaid4 - ok

09:51:14.0292 6244 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

09:51:14.0330 6244 Smb - ok

09:51:14.0364 6244 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe

09:51:14.0388 6244 SNMPTRAP - ok

09:51:14.0406 6244 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys

09:51:14.0421 6244 spldr - ok

09:51:14.0457 6244 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe

09:51:14.0494 6244 Spooler - ok

09:51:14.0596 6244 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe

09:51:14.0708 6244 sppsvc - ok

09:51:14.0721 6244 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

09:51:14.0759 6244 sppuinotify - ok

09:51:14.0786 6244 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys

09:51:14.0825 6244 srv - ok

09:51:14.0859 6244 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

09:51:14.0897 6244 srv2 - ok

09:51:14.0935 6244 [ 0c4540311e11664b245a263e1154cef8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS

09:51:14.0955 6244 SrvHsfHDA - ok

09:51:14.0988 6244 [ 02071d207a9858fbe3a48cbfd59c4a04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS

09:51:15.0047 6244 SrvHsfV92 - ok

09:51:15.0070 6244 [ 18e40c245dbfaf36fd0134a7ef2df396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

09:51:15.0104 6244 SrvHsfWinac - ok

09:51:15.0129 6244 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

09:51:15.0158 6244 srvnet - ok

09:51:15.0197 6244 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

09:51:15.0250 6244 SSDPSRV - ok

09:51:15.0268 6244 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll

09:51:15.0306 6244 SstpSvc - ok

09:51:15.0394 6244 [ 810199dcc3bdc38304d7d649992ea7bc ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe

09:51:15.0411 6244 STacSV - ok

09:51:15.0434 6244 Steam Client Service - ok

09:51:15.0452 6244 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

09:51:15.0466 6244 stexstor - ok

09:51:15.0496 6244 [ ed1722f43ce61409ef68340402d6267d ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

09:51:15.0518 6244 STHDA - ok

09:51:15.0563 6244 [ decacb6921ded1a38642642685d77dac ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

09:51:15.0591 6244 StillCam - ok

09:51:15.0649 6244 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll

09:51:15.0726 6244 stisvc - ok

09:51:15.0777 6244 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys

09:51:15.0791 6244 swenum - ok

09:51:15.0837 6244 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll

09:51:15.0897 6244 swprv - ok

09:51:15.0933 6244 [ 929c9fa0b18ad2ebc8340591c4bf00ff ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

09:51:15.0951 6244 SynTP - ok

09:51:16.0050 6244 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll

09:51:16.0118 6244 SysMain - ok

09:51:16.0153 6244 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

09:51:16.0174 6244 TabletInputService - ok

09:51:16.0195 6244 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

09:51:16.0247 6244 TapiSrv - ok

09:51:16.0259 6244 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll

09:51:16.0298 6244 TBS - ok

09:51:16.0355 6244 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

09:51:16.0419 6244 Tcpip - ok

09:51:16.0470 6244 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

09:51:16.0509 6244 TCPIP6 - ok

09:51:16.0541 6244 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

09:51:16.0589 6244 tcpipreg - ok

09:51:16.0625 6244 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

09:51:16.0662 6244 TDPIPE - ok

09:51:16.0685 6244 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

09:51:16.0713 6244 TDTCP - ok

09:51:16.0749 6244 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

09:51:16.0786 6244 tdx - ok

09:51:16.0817 6244 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys

09:51:16.0831 6244 TermDD - ok

09:51:16.0857 6244 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll

09:51:16.0921 6244 TermService - ok

09:51:16.0944 6244 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll

09:51:16.0994 6244 Themes - ok

09:51:17.0028 6244 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll

09:51:17.0065 6244 THREADORDER - ok

09:51:17.0091 6244 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll

09:51:17.0147 6244 TrkWks - ok

09:51:17.0200 6244 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

09:51:17.0256 6244 TrustedInstaller - ok

09:51:17.0289 6244 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

09:51:17.0333 6244 tssecsrv - ok

09:51:17.0381 6244 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

09:51:17.0405 6244 TsUsbFlt - ok

09:51:17.0446 6244 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

09:51:17.0482 6244 tunnel - ok

09:51:17.0503 6244 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

09:51:17.0517 6244 uagp35 - ok

09:51:17.0548 6244 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

09:51:17.0607 6244 udfs - ok

09:51:17.0644 6244 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

09:51:17.0661 6244 UI0Detect - ok

09:51:17.0698 6244 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

09:51:17.0712 6244 uliagpkx - ok

09:51:17.0748 6244 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys

09:51:17.0778 6244 umbus - ok

09:51:17.0795 6244 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

09:51:17.0821 6244 UmPass - ok

09:51:17.0845 6244 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll

09:51:17.0903 6244 upnphost - ok

09:51:17.0941 6244 [ fb251567f41bc61988b26731dec19e4b ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

09:51:17.0963 6244 USBAAPL64 - ok

09:51:17.0997 6244 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

09:51:18.0038 6244 usbccgp - ok

09:51:18.0043 6244 USBCCID - ok

09:51:18.0078 6244 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

09:51:18.0096 6244 usbcir - ok

09:51:18.0125 6244 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

09:51:18.0140 6244 usbehci - ok

09:51:18.0170 6244 [ 44d9c773febff10593b50ddfc2d6bc27 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

09:51:18.0182 6244 usbfilter - ok

09:51:18.0227 6244 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

09:51:18.0266 6244 usbhub - ok

09:51:18.0291 6244 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

09:51:18.0308 6244 usbohci - ok

09:51:18.0339 6244 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

09:51:18.0362 6244 usbprint - ok

09:51:18.0387 6244 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

09:51:18.0412 6244 usbscan - ok

09:51:18.0427 6244 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:51:18.0483 6244 USBSTOR - ok

09:51:18.0495 6244 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

09:51:18.0516 6244 usbuhci - ok

09:51:18.0559 6244 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

09:51:18.0580 6244 usbvideo - ok

09:51:18.0601 6244 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll

09:51:18.0656 6244 UxSms - ok

09:51:18.0679 6244 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe

09:51:18.0693 6244 VaultSvc - ok

09:51:18.0711 6244 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

09:51:18.0726 6244 vdrvroot - ok

09:51:18.0757 6244 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe

09:51:18.0802 6244 vds - ok

09:51:18.0828 6244 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

09:51:18.0845 6244 vga - ok

09:51:18.0857 6244 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys

09:51:18.0907 6244 VgaSave - ok

09:51:18.0939 6244 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

09:51:18.0956 6244 vhdmp - ok

09:51:18.0982 6244 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys

09:51:18.0996 6244 viaide - ok

09:51:19.0009 6244 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

09:51:19.0024 6244 volmgr - ok

09:51:19.0056 6244 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

09:51:19.0076 6244 volmgrx - ok

09:51:19.0113 6244 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

09:51:19.0132 6244 volsnap - ok

09:51:19.0158 6244 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

09:51:19.0174 6244 vsmraid - ok

09:51:19.0233 6244 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe

09:51:19.0315 6244 VSS - ok

09:51:19.0330 6244 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

09:51:19.0360 6244 vwifibus - ok

09:51:19.0379 6244 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

09:51:19.0413 6244 vwififlt - ok

09:51:19.0441 6244 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll

09:51:19.0484 6244 W32Time - ok

09:51:19.0503 6244 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

09:51:19.0518 6244 WacomPen - ok

09:51:19.0559 6244 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

09:51:19.0608 6244 WANARP - ok

09:51:19.0618 6244 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

09:51:19.0653 6244 Wanarpv6 - ok

09:51:19.0736 6244 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

09:51:19.0785 6244 WatAdminSvc - ok

09:51:19.0835 6244 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe

09:51:19.0918 6244 wbengine - ok

09:51:19.0931 6244 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

09:51:19.0953 6244 WbioSrvc - ok

09:51:19.0989 6244 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll

09:51:20.0026 6244 wcncsvc - ok

09:51:20.0046 6244 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

09:51:20.0071 6244 WcsPlugInService - ok

09:51:20.0100 6244 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys

09:51:20.0114 6244 Wd - ok

09:51:20.0144 6244 [ a3d04ebf5227886029b4532f20d026f7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

09:51:20.0164 6244 WDC_SAM - ok

09:51:20.0221 6244 [ 334e5ed94d3faff3c44f4d36b1fe1c90 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

09:51:20.0241 6244 WDDMService ( UnsignedFile.Multi.Generic ) - warning

09:51:20.0241 6244 WDDMService - detected UnsignedFile.Multi.Generic (1)

09:51:20.0280 6244 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

09:51:20.0315 6244 Wdf01000 - ok

09:51:20.0326 6244 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll

09:51:20.0428 6244 WdiServiceHost - ok

09:51:20.0432 6244 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll

09:51:20.0452 6244 WdiSystemHost - ok

09:51:20.0501 6244 [ 138ab06adbbf300aa804d7974a5aec82 ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

09:51:20.0510 6244 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning

09:51:20.0510 6244 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)

09:51:20.0537 6244 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll

09:51:20.0575 6244 WebClient - ok

09:51:20.0596 6244 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll

09:51:20.0652 6244 Wecsvc - ok

09:51:20.0673 6244 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

09:51:20.0719 6244 wercplsupport - ok

09:51:20.0736 6244 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll

09:51:20.0785 6244 WerSvc - ok

09:51:20.0804 6244 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

09:51:20.0840 6244 WfpLwf - ok

09:51:20.0863 6244 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys

09:51:20.0877 6244 WIMMount - ok

09:51:20.0886 6244 WinDefend - ok

09:51:20.0893 6244 WinHttpAutoProxySvc - ok

09:51:20.0943 6244 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

09:51:20.0988 6244 Winmgmt - ok

09:51:21.0149 6244 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll

09:51:21.0273 6244 WinRM - ok

09:51:21.0332 6244 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

09:51:21.0358 6244 WinUsb - ok

09:51:21.0389 6244 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll

09:51:21.0444 6244 Wlansvc - ok

09:51:21.0496 6244 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:51:21.0509 6244 wlcrasvc - ok

09:51:21.0600 6244 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:51:21.0673 6244 wlidsvc - ok

09:51:21.0691 6244 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

09:51:21.0706 6244 WmiAcpi - ok

09:51:21.0731 6244 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

09:51:21.0761 6244 wmiApSrv - ok

09:51:21.0783 6244 WMPNetworkSvc - ok

09:51:21.0802 6244 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll

09:51:21.0828 6244 WPCSvc - ok

09:51:21.0860 6244 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

09:51:21.0878 6244 WPDBusEnum - ok

09:51:21.0914 6244 [ 294e163ebef6125721f916a43051eae2 ] WRkrn C:\Windows\system32\drivers\WRkrn.sys

09:51:21.0929 6244 WRkrn - ok

09:51:21.0987 6244 [ e2874ffd168a5e673d4c323324bfe167 ] WRSVC C:\Program Files\Webroot\WRSA.exe

09:51:22.0017 6244 WRSVC - ok

09:51:22.0035 6244 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

09:51:22.0071 6244 ws2ifsl - ok

09:51:22.0094 6244 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\System32\wscsvc.dll

09:51:22.0121 6244 wscsvc - ok

09:51:22.0163 6244 [ 8d918b1db190a4d9b1753a66fa8c96e8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

09:51:22.0191 6244 WSDPrintDevice - ok

09:51:22.0197 6244 WSearch - ok

09:51:22.0268 6244 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll

09:51:22.0344 6244 wuauserv - ok

09:51:22.0377 6244 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

09:51:22.0433 6244 WudfPf - ok

09:51:22.0485 6244 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

09:51:22.0532 6244 WUDFRd - ok

09:51:22.0565 6244 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc

Link to post
Share on other sites

Sorry, thought I was. Maybe third time is the charm? I appreciate your help and patience!!

09:49:45.0024 8440 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

09:49:45.0354 8440 ============================================================

09:49:45.0354 8440 Current date / time: 2012/08/19 09:49:45.0354

09:49:45.0354 8440 SystemInfo:

09:49:45.0354 8440

09:49:45.0354 8440 OS Version: 6.1.7601 ServicePack: 1.0

09:49:45.0354 8440 Product type: Workstation

09:49:45.0354 8440 ComputerName: MYHP-PC

09:49:45.0354 8440 UserName: My Hp

09:49:45.0354 8440 Windows directory: C:\Windows

09:49:45.0354 8440 System windows directory: C:\Windows

09:49:45.0354 8440 Running under WOW64

09:49:45.0354 8440 Processor architecture: Intel x64

09:49:45.0354 8440 Number of processors: 2

09:49:45.0354 8440 Page size: 0x1000

09:49:45.0354 8440 Boot type: Normal boot

09:49:45.0354 8440 ============================================================

09:49:46.0994 8440 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:49:47.0000 8440 ============================================================

09:49:47.0000 8440 \Device\Harddisk0\DR0:

09:49:47.0000 8440 MBR partitions:

09:49:47.0000 8440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

09:49:47.0000 8440 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38444000

09:49:47.0000 8440 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x384A8000, BlocksNum 0x1EAA000

09:49:47.0000 8440 ============================================================

09:49:47.0022 8440 C: <-> \Device\Harddisk0\DR0\Partition2

09:49:47.0069 8440 D: <-> \Device\Harddisk0\DR0\Partition3

09:49:47.0069 8440 ============================================================

09:49:47.0069 8440 Initialize success

09:49:47.0069 8440 ============================================================

09:50:47.0719 6244 ============================================================

09:50:47.0720 6244 Scan started

09:50:47.0720 6244 Mode: Manual; SigCheck; TDLFS;

09:50:47.0720 6244 ============================================================

09:50:49.0603 6244 ================ Scan services =============================

09:50:49.0752 6244 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

09:50:49.0855 6244 1394ohci - ok

09:50:49.0887 6244 [ 1cffe9c06e66a57dae1452e449a58240 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys

09:50:49.0906 6244 Accelerometer - ok

09:50:49.0952 6244 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

09:50:49.0973 6244 ACPI - ok

09:50:50.0017 6244 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

09:50:50.0109 6244 AcpiPmi - ok

09:50:50.0417 6244 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

09:50:50.0437 6244 AdobeFlashPlayerUpdateSvc - ok

09:50:50.0505 6244 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

09:50:50.0528 6244 adp94xx - ok

09:50:50.0552 6244 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

09:50:50.0573 6244 adpahci - ok

09:50:50.0587 6244 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

09:50:50.0604 6244 adpu320 - ok

09:50:50.0628 6244 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

09:50:50.0829 6244 AeLookupSvc - ok

09:50:50.0905 6244 [ a6fb9db8f1a86861d955fd6975977ae0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe

09:50:50.0994 6244 AESTFilters - ok

09:50:51.0055 6244 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys

09:50:51.0131 6244 AFD - ok

09:50:51.0201 6244 [ b65f8dba54f251906bbe8611b5a0e7ab ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe

09:50:51.0246 6244 AgereModemAudio - ok

09:50:51.0278 6244 [ af4748ef93416159459769a24a0053af ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys

09:50:51.0332 6244 AgereSoftModem - ok

09:50:51.0363 6244 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

09:50:51.0377 6244 agp440 - ok

09:50:51.0407 6244 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe

09:50:51.0499 6244 ALG - ok

09:50:51.0519 6244 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys

09:50:51.0533 6244 aliide - ok

09:50:51.0565 6244 [ d0d8877969011d1b0ed9c3c55a9a9108 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

09:50:51.0584 6244 AMD External Events Utility - ok

09:50:51.0598 6244 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys

09:50:51.0612 6244 amdide - ok

09:50:51.0642 6244 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

09:50:51.0696 6244 AmdK8 - ok

09:50:51.0717 6244 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

09:50:51.0748 6244 AmdPPM - ok

09:50:51.0795 6244 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

09:50:51.0819 6244 amdsata - ok

09:50:51.0857 6244 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

09:50:51.0876 6244 amdsbs - ok

09:50:51.0888 6244 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

09:50:51.0906 6244 amdxata - ok

09:50:51.0943 6244 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys

09:50:52.0112 6244 AppID - ok

09:50:52.0141 6244 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

09:50:52.0205 6244 AppIDSvc - ok

09:50:52.0248 6244 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll

09:50:52.0289 6244 Appinfo - ok

09:50:52.0406 6244 [ f401929ee0cc92bfe7f15161ca535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

09:50:52.0440 6244 Apple Mobile Device - ok

09:50:52.0483 6244 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys

09:50:52.0499 6244 arc - ok

09:50:52.0508 6244 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

09:50:52.0522 6244 arcsas - ok

09:50:52.0545 6244 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

09:50:52.0598 6244 AsyncMac - ok

09:50:52.0632 6244 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys

09:50:52.0644 6244 atapi - ok

09:50:52.0702 6244 [ 38562a6a9cb10844759eaf2b01a7fcd3 ] athr C:\Windows\system32\DRIVERS\athrx.sys

09:50:52.0767 6244 athr - ok

09:50:52.0792 6244 [ 38467ff83c2b4265d51f418812a91e3c ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

09:50:52.0805 6244 AtiHdmiService - ok

09:50:52.0982 6244 [ c5758bf1dfd762a5b17041ff061b7750 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

09:50:53.0162 6244 atikmdag - ok

09:50:53.0214 6244 [ 7c5d273e29dcc5505469b299c6f29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys

09:50:53.0226 6244 AtiPcie - ok

09:50:53.0295 6244 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

09:50:53.0357 6244 AudioEndpointBuilder - ok

09:50:53.0378 6244 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

09:50:53.0418 6244 AudioSrv - ok

09:50:53.0459 6244 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll

09:50:53.0532 6244 AxInstSV - ok

09:50:53.0567 6244 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

09:50:53.0619 6244 b06bdrv - ok

09:50:53.0670 6244 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

09:50:53.0718 6244 b57nd60a - ok

09:50:53.0837 6244 [ 825f81a6f7dd073509db101f0ba6dc59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

09:50:53.0857 6244 BBSvc - ok

09:50:53.0891 6244 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll

09:50:53.0929 6244 BDESVC - ok

09:50:53.0945 6244 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

09:50:53.0993 6244 Beep - ok

09:50:54.0053 6244 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll

09:50:54.0130 6244 BFE - ok

09:50:54.0189 6244 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll

09:50:54.0261 6244 BITS - ok

09:50:54.0286 6244 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

09:50:54.0310 6244 blbdrive - ok

09:50:54.0385 6244 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

09:50:54.0411 6244 Bonjour Service - ok

09:50:54.0437 6244 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

09:50:54.0462 6244 bowser - ok

09:50:54.0480 6244 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:50:54.0553 6244 BrFiltLo - ok

09:50:54.0576 6244 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:50:54.0593 6244 BrFiltUp - ok

09:50:54.0629 6244 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll

09:50:54.0671 6244 Browser - ok

09:50:54.0706 6244 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys

09:50:54.0754 6244 Brserid - ok

09:50:54.0762 6244 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

09:50:54.0788 6244 BrSerWdm - ok

09:50:54.0793 6244 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

09:50:54.0810 6244 BrUsbMdm - ok

09:50:54.0816 6244 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

09:50:54.0830 6244 BrUsbSer - ok

09:50:54.0853 6244 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

09:50:54.0882 6244 BTHMODEM - ok

09:50:54.0915 6244 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll

09:50:54.0981 6244 bthserv - ok

09:50:55.0021 6244 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

09:50:55.0071 6244 cdfs - ok

09:50:55.0121 6244 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

09:50:55.0156 6244 cdrom - ok

09:50:55.0202 6244 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll

09:50:55.0270 6244 CertPropSvc - ok

09:50:55.0301 6244 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys

09:50:55.0338 6244 circlass - ok

09:50:55.0365 6244 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys

09:50:55.0390 6244 CLFS - ok

09:50:55.0460 6244 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:50:55.0475 6244 clr_optimization_v2.0.50727_32 - ok

09:50:55.0523 6244 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:50:55.0537 6244 clr_optimization_v2.0.50727_64 - ok

09:50:55.0618 6244 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:50:55.0633 6244 clr_optimization_v4.0.30319_32 - ok

09:50:55.0713 6244 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:50:55.0729 6244 clr_optimization_v4.0.30319_64 - ok

09:50:55.0755 6244 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

09:50:55.0773 6244 CmBatt - ok

09:50:55.0795 6244 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys

09:50:55.0809 6244 cmdide - ok

09:50:55.0882 6244 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys

09:50:55.0949 6244 CNG - ok

09:50:56.0021 6244 [ f9a79c5b27037821112c50a9c8fb367a ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

09:50:56.0037 6244 Com4QLBEx - ok

09:50:56.0066 6244 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

09:50:56.0082 6244 Compbatt - ok

09:50:56.0121 6244 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

09:50:56.0154 6244 CompositeBus - ok

09:50:56.0167 6244 COMSysApp - ok

09:50:56.0188 6244 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

09:50:56.0201 6244 crcdisk - ok

09:50:56.0240 6244 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

09:50:56.0283 6244 CryptSvc - ok

09:50:56.0330 6244 [ ba8e5b2291c01ef71ca80e25f0c79d55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys

09:50:56.0343 6244 ctxusbm - ok

09:50:56.0379 6244 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll

09:50:56.0433 6244 DcomLaunch - ok

09:50:56.0465 6244 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll

09:50:56.0521 6244 defragsvc - ok

09:50:56.0548 6244 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

09:50:56.0600 6244 DfsC - ok

09:50:56.0621 6244 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll

09:50:56.0683 6244 Dhcp - ok

09:50:56.0705 6244 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys

09:50:56.0764 6244 discache - ok

09:50:56.0802 6244 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys

09:50:56.0817 6244 Disk - ok

09:50:56.0854 6244 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

09:50:56.0914 6244 Dnscache - ok

09:50:56.0956 6244 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll

09:50:57.0004 6244 dot3svc - ok

09:50:57.0057 6244 [ b42ed0320c6e41102fde0005154849bb ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

09:50:57.0083 6244 Dot4 - ok

09:50:57.0116 6244 [ e9f5969233c5d89f3c35e3a66a52a361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

09:50:57.0150 6244 Dot4Print - ok

09:50:57.0172 6244 [ fd05a02b0370bc3000f402e543ca5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

09:50:57.0196 6244 dot4usb - ok

09:50:57.0214 6244 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll

09:50:57.0273 6244 DPS - ok

09:50:57.0305 6244 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

09:50:57.0333 6244 drmkaud - ok

09:50:57.0389 6244 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

09:50:57.0423 6244 DXGKrnl - ok

09:50:57.0448 6244 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll

09:50:57.0501 6244 EapHost - ok

09:50:57.0599 6244 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

09:50:57.0719 6244 ebdrv - ok

09:50:57.0763 6244 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe

09:50:57.0821 6244 EFS - ok

09:50:57.0879 6244 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

09:50:57.0922 6244 ehRecvr - ok

09:50:57.0947 6244 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe

09:50:57.0984 6244 ehSched - ok

09:50:58.0015 6244 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

09:50:58.0039 6244 elxstor - ok

09:50:58.0065 6244 [ 524c79054636d2e5751169005006460b ] enecir C:\Windows\system32\DRIVERS\enecir.sys

09:50:58.0097 6244 enecir - ok

09:50:58.0122 6244 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys

09:50:58.0145 6244 ErrDev - ok

09:50:58.0191 6244 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll

09:50:58.0247 6244 EventSystem - ok

09:50:58.0269 6244 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys

09:50:58.0313 6244 exfat - ok

09:50:58.0335 6244 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys

09:50:58.0388 6244 fastfat - ok

09:50:58.0443 6244 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe

09:50:58.0524 6244 Fax - ok

09:50:58.0550 6244 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys

09:50:58.0580 6244 fdc - ok

09:50:58.0599 6244 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll

09:50:58.0658 6244 fdPHost - ok

09:50:58.0692 6244 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

09:50:58.0752 6244 FDResPub - ok

09:50:58.0805 6244 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

09:50:58.0821 6244 FileInfo - ok

09:50:58.0837 6244 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

09:50:58.0896 6244 Filetrace - ok

09:50:58.0917 6244 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

09:50:58.0944 6244 flpydisk - ok

09:50:58.0984 6244 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

09:50:59.0028 6244 FltMgr - ok

09:50:59.0103 6244 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll

09:50:59.0210 6244 FontCache - ok

09:50:59.0275 6244 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:50:59.0288 6244 FontCache3.0.0.0 - ok

09:50:59.0314 6244 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

09:50:59.0331 6244 FsDepends - ok

09:50:59.0393 6244 [ 07da62c960ddccc2d35836aeab4fc578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

09:50:59.0415 6244 fssfltr - ok

09:50:59.0502 6244 [ 28ddeeec44e988657b732cf404d504cb ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

09:50:59.0563 6244 fsssvc - ok

09:50:59.0603 6244 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

09:50:59.0627 6244 Fs_Rec - ok

09:50:59.0696 6244 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

09:50:59.0727 6244 fvevol - ok

09:50:59.0760 6244 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

09:50:59.0796 6244 gagp30kx - ok

09:50:59.0869 6244 [ c403c5db49a0f9aaf4f2128edc0106d8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

09:50:59.0888 6244 GamesAppService - ok

09:50:59.0929 6244 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

09:50:59.0941 6244 GEARAspiWDM - ok

09:51:00.0002 6244 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll

09:51:00.0114 6244 gpsvc - ok

09:51:00.0155 6244 GSRestartSvc - ok

09:51:00.0175 6244 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

09:51:00.0211 6244 hcw85cir - ok

09:51:00.0259 6244 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

09:51:00.0286 6244 HdAudAddService - ok

09:51:00.0332 6244 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

09:51:00.0396 6244 HDAudBus - ok

09:51:00.0431 6244 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

09:51:00.0547 6244 HidBatt - ok

09:51:00.0569 6244 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

09:51:00.0618 6244 HidBth - ok

09:51:00.0686 6244 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

09:51:00.0714 6244 HidIr - ok

09:51:00.0745 6244 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll

09:51:00.0800 6244 hidserv - ok

09:51:00.0848 6244 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

09:51:00.0862 6244 HidUsb - ok

09:51:00.0892 6244 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll

09:51:00.0947 6244 hkmsvc - ok

09:51:00.0978 6244 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll

09:51:01.0020 6244 HomeGroupListener - ok

09:51:01.0055 6244 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

09:51:01.0085 6244 HomeGroupProvider - ok

09:51:01.0136 6244 [ c84bcc03858daeac4db1e95efcce1934 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

09:51:01.0151 6244 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

09:51:01.0151 6244 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

09:51:01.0182 6244 [ 05712fddbd45a5864eb326faabc6a4e3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys

09:51:01.0194 6244 hpdskflt - ok

09:51:01.0288 6244 [ 5da42d24712e00728cea2342a65009b2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

09:51:01.0307 6244 hpqcxs08 - ok

09:51:01.0325 6244 [ d86a39bf100069444d026d22d9a6e555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

09:51:01.0338 6244 hpqddsvc - ok

09:51:01.0367 6244 [ 9af482d058be59cc28bce52e7c4b747c ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

09:51:01.0404 6244 HpqKbFiltr - ok

09:51:01.0463 6244 [ fdf273a845f1ffcceadf363aaf47582f ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

09:51:01.0480 6244 hpqwmiex - ok

09:51:01.0512 6244 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

09:51:01.0526 6244 HpSAMD - ok

09:51:01.0583 6244 [ f37882f128efacefe353e0bae2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

09:51:01.0631 6244 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning

09:51:01.0631 6244 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)

09:51:01.0661 6244 [ aa036cc5f5221d9b915f4d4dce74ba9a ] hpsrv C:\Windows\system32\Hpservice.exe

09:51:01.0674 6244 hpsrv - ok

09:51:01.0714 6244 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

09:51:01.0772 6244 HTTP - ok

09:51:01.0799 6244 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

09:51:01.0811 6244 hwpolicy - ok

09:51:01.0861 6244 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

09:51:01.0879 6244 i8042prt - ok

09:51:01.0909 6244 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

09:51:01.0932 6244 iaStorV - ok

09:51:01.0974 6244 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:51:02.0012 6244 idsvc - ok

09:51:02.0151 6244 [ a87261ef1546325b559374f5689cf5bc ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

09:51:02.0305 6244 igfx - ok

09:51:02.0336 6244 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

09:51:02.0351 6244 iirsp - ok

09:51:02.0390 6244 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll

09:51:02.0454 6244 IKEEXT - ok

09:51:02.0469 6244 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys

09:51:02.0483 6244 intelide - ok

09:51:02.0525 6244 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

09:51:02.0548 6244 intelppm - ok

09:51:02.0577 6244 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll

09:51:02.0627 6244 IPBusEnum - ok

09:51:02.0655 6244 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:51:02.0707 6244 IpFilterDriver - ok

09:51:02.0741 6244 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

09:51:02.0801 6244 iphlpsvc - ok

09:51:02.0835 6244 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

09:51:02.0852 6244 IPMIDRV - ok

09:51:02.0877 6244 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

09:51:02.0918 6244 IPNAT - ok

09:51:03.0010 6244 [ a9ab99ee7d39725eafec82732d2b3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

09:51:03.0050 6244 iPod Service - ok

09:51:03.0073 6244 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

09:51:03.0139 6244 IRENUM - ok

09:51:03.0158 6244 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

09:51:03.0172 6244 isapnp - ok

09:51:03.0207 6244 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

09:51:03.0227 6244 iScsiPrt - ok

09:51:03.0261 6244 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

09:51:03.0276 6244 kbdclass - ok

09:51:03.0307 6244 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

09:51:03.0334 6244 kbdhid - ok

09:51:03.0349 6244 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe

09:51:03.0363 6244 KeyIso - ok

09:51:03.0389 6244 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

09:51:03.0404 6244 KSecDD - ok

09:51:03.0433 6244 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

09:51:03.0449 6244 KSecPkg - ok

09:51:03.0466 6244 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

09:51:03.0508 6244 ksthunk - ok

09:51:03.0541 6244 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll

09:51:03.0597 6244 KtmRm - ok

09:51:03.0636 6244 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll

09:51:03.0702 6244 LanmanServer - ok

09:51:03.0742 6244 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

09:51:03.0792 6244 LanmanWorkstation - ok

09:51:03.0850 6244 [ ed7ec050cd6c20e1a93a4dafb7efd14d ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys

09:51:03.0864 6244 LEqdUsb - ok

09:51:03.0889 6244 [ 3267bc698e29474a8381e68904eb0390 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys

09:51:03.0902 6244 LHidEqd - ok

09:51:03.0929 6244 [ 241f2648adf090e2a10095bd6d6f5dcb ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys

09:51:03.0942 6244 LHidFilt - ok

09:51:03.0985 6244 [ 83d8be94e1cbcbe2ea8372db1a95a159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

09:51:04.0000 6244 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

09:51:04.0000 6244 LightScribeService - detected UnsignedFile.Multi.Generic (1)

09:51:04.0031 6244 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

09:51:04.0068 6244 lltdio - ok

09:51:04.0107 6244 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll

09:51:04.0166 6244 lltdsvc - ok

09:51:04.0189 6244 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll

09:51:04.0225 6244 lmhosts - ok

09:51:04.0239 6244 [ 342ed5a4b3326014438f36d22d803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys

09:51:04.0253 6244 LMouFilt - ok

09:51:04.0285 6244 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

09:51:04.0300 6244 LSI_FC - ok

09:51:04.0323 6244 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

09:51:04.0339 6244 LSI_SAS - ok

09:51:04.0350 6244 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:51:04.0365 6244 LSI_SAS2 - ok

09:51:04.0391 6244 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:51:04.0407 6244 LSI_SCSI - ok

09:51:04.0430 6244 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys

09:51:04.0476 6244 luafv - ok

09:51:04.0510 6244 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

09:51:04.0538 6244 Mcx2Svc - ok

09:51:04.0554 6244 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

09:51:04.0568 6244 megasas - ok

09:51:04.0590 6244 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

09:51:04.0609 6244 MegaSR - ok

09:51:04.0635 6244 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll

09:51:04.0686 6244 MMCSS - ok

09:51:04.0701 6244 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys

09:51:04.0745 6244 Modem - ok

09:51:04.0765 6244 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys

09:51:04.0793 6244 monitor - ok

09:51:04.0830 6244 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

09:51:04.0844 6244 mouclass - ok

09:51:04.0857 6244 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

09:51:04.0872 6244 mouhid - ok

09:51:04.0901 6244 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

09:51:04.0916 6244 mountmgr - ok

09:51:04.0950 6244 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys

09:51:04.0966 6244 mpio - ok

09:51:04.0975 6244 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

09:51:05.0012 6244 mpsdrv - ok

09:51:05.0057 6244 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll

09:51:05.0127 6244 MpsSvc - ok

09:51:05.0158 6244 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

09:51:05.0191 6244 MRxDAV - ok

09:51:05.0219 6244 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

09:51:05.0245 6244 mrxsmb - ok

09:51:05.0282 6244 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:51:05.0315 6244 mrxsmb10 - ok

09:51:05.0337 6244 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:51:05.0352 6244 mrxsmb20 - ok

09:51:05.0386 6244 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys

09:51:05.0400 6244 msahci - ok

09:51:05.0439 6244 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

09:51:05.0472 6244 msdsm - ok

09:51:05.0497 6244 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe

09:51:05.0525 6244 MSDTC - ok

09:51:05.0563 6244 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

09:51:05.0601 6244 Msfs - ok

09:51:05.0623 6244 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

09:51:05.0682 6244 mshidkmdf - ok

09:51:05.0688 6244 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

09:51:05.0701 6244 msisadrv - ok

09:51:05.0736 6244 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

09:51:05.0802 6244 MSiSCSI - ok

09:51:05.0807 6244 msiserver - ok

09:51:05.0830 6244 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

09:51:05.0875 6244 MSKSSRV - ok

09:51:05.0892 6244 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

09:51:05.0928 6244 MSPCLOCK - ok

09:51:05.0942 6244 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

09:51:05.0986 6244 MSPQM - ok

09:51:06.0021 6244 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

09:51:06.0041 6244 MsRPC - ok

09:51:06.0058 6244 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

09:51:06.0073 6244 mssmbios - ok

09:51:06.0089 6244 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

09:51:06.0133 6244 MSTEE - ok

09:51:06.0164 6244 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

09:51:06.0180 6244 MTConfig - ok

09:51:06.0198 6244 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys

09:51:06.0213 6244 Mup - ok

09:51:06.0246 6244 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll

09:51:06.0305 6244 napagent - ok

09:51:06.0333 6244 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

09:51:06.0370 6244 NativeWifiP - ok

09:51:06.0400 6244 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys

09:51:06.0440 6244 NDIS - ok

09:51:06.0468 6244 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

09:51:06.0505 6244 NdisCap - ok

09:51:06.0526 6244 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

09:51:06.0562 6244 NdisTapi - ok

09:51:06.0595 6244 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

09:51:06.0644 6244 Ndisuio - ok

09:51:06.0676 6244 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

09:51:06.0719 6244 NdisWan - ok

09:51:06.0750 6244 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

09:51:06.0786 6244 NDProxy - ok

09:51:06.0837 6244 [ d4f51e88c71bf8f06ea1be320b0bb75b ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

09:51:06.0856 6244 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

09:51:06.0856 6244 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

09:51:06.0875 6244 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

09:51:06.0930 6244 NetBIOS - ok

09:51:06.0969 6244 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

09:51:07.0009 6244 NetBT - ok

09:51:07.0020 6244 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe

09:51:07.0034 6244 Netlogon - ok

09:51:07.0067 6244 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll

09:51:07.0120 6244 Netman - ok

09:51:07.0144 6244 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll

09:51:07.0188 6244 netprofm - ok

09:51:07.0207 6244 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:51:07.0220 6244 NetTcpPortSharing - ok

09:51:07.0330 6244 [ 64428dfdaf6e88366cb51f45a79c5f69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys

09:51:07.0467 6244 netw5v64 - ok

09:51:07.0483 6244 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

09:51:07.0505 6244 nfrd960 - ok

09:51:07.0528 6244 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

09:51:07.0582 6244 NlaSvc - ok

09:51:07.0605 6244 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

09:51:07.0643 6244 Npfs - ok

09:51:07.0707 6244 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll

09:51:07.0746 6244 nsi - ok

09:51:07.0792 6244 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

09:51:07.0836 6244 nsiproxy - ok

09:51:07.0908 6244 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

09:51:07.0987 6244 Ntfs - ok

09:51:08.0029 6244 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys

09:51:08.0064 6244 Null - ok

09:51:08.0095 6244 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys

09:51:08.0112 6244 nvraid - ok

09:51:08.0141 6244 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys

09:51:08.0158 6244 nvstor - ok

09:51:08.0182 6244 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

09:51:08.0199 6244 nv_agp - ok

09:51:08.0276 6244 [ 785f487a64950f3cb8e9f16253ba3b7b ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

09:51:08.0321 6244 odserv - ok

09:51:08.0362 6244 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

09:51:08.0378 6244 ohci1394 - ok

09:51:08.0421 6244 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:51:08.0436 6244 ose - ok

09:51:08.0462 6244 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

09:51:08.0509 6244 p2pimsvc - ok

09:51:08.0527 6244 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll

09:51:08.0549 6244 p2psvc - ok

09:51:08.0569 6244 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

09:51:08.0585 6244 Parport - ok

09:51:08.0610 6244 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys

09:51:08.0624 6244 partmgr - ok

09:51:08.0636 6244 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

09:51:08.0670 6244 PcaSvc - ok

09:51:08.0688 6244 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys

09:51:08.0704 6244 pci - ok

09:51:08.0737 6244 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys

09:51:08.0751 6244 pciide - ok

09:51:08.0777 6244 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

09:51:08.0794 6244 pcmcia - ok

09:51:08.0811 6244 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys

09:51:08.0825 6244 pcw - ok

09:51:08.0843 6244 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys

09:51:08.0900 6244 PEAUTH - ok

09:51:08.0966 6244 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe

09:51:08.0989 6244 PerfHost - ok

09:51:09.0039 6244 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll

09:51:09.0109 6244 pla - ok

09:51:09.0147 6244 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

09:51:09.0185 6244 PlugPlay - ok

09:51:09.0251 6244 [ 9a80707d8b6c1806531bfd7399b3cc76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

09:51:09.0272 6244 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

09:51:09.0272 6244 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

09:51:09.0284 6244 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

09:51:09.0311 6244 PNRPAutoReg - ok

09:51:09.0328 6244 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

09:51:09.0345 6244 PNRPsvc - ok

09:51:09.0365 6244 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

09:51:09.0428 6244 PolicyAgent - ok

09:51:09.0457 6244 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll

09:51:09.0507 6244 Power - ok

09:51:09.0531 6244 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

09:51:09.0580 6244 PptpMiniport - ok

09:51:09.0613 6244 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys

09:51:09.0636 6244 Processor - ok

09:51:09.0819 6244 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll

09:51:10.0055 6244 ProfSvc - ok

09:51:10.0066 6244 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe

09:51:10.0088 6244 ProtectedStorage - ok

09:51:10.0137 6244 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys

09:51:10.0174 6244 Psched - ok

09:51:10.0218 6244 [ a6a7ad767bf5141665f5c675f671b3e1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

09:51:10.0233 6244 PSI_SVC_2 - ok

09:51:10.0293 6244 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

09:51:10.0352 6244 ql2300 - ok

09:51:10.0377 6244 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

09:51:10.0392 6244 ql40xx - ok

09:51:10.0446 6244 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll

09:51:10.0470 6244 QWAVE - ok

09:51:10.0513 6244 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

09:51:10.0548 6244 QWAVEdrv - ok

09:51:10.0561 6244 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

09:51:10.0886 6244 RasAcd - ok

09:51:10.0958 6244 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

09:51:10.0995 6244 RasAgileVpn - ok

09:51:11.0010 6244 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll

09:51:11.0061 6244 RasAuto - ok

09:51:11.0100 6244 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

09:51:11.0142 6244 Rasl2tp - ok

09:51:11.0183 6244 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll

09:51:11.0224 6244 RasMan - ok

09:51:11.0235 6244 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

09:51:11.0283 6244 RasPppoe - ok

09:51:11.0300 6244 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

09:51:11.0338 6244 RasSstp - ok

09:51:11.0352 6244 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

09:51:11.0405 6244 rdbss - ok

09:51:11.0416 6244 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

09:51:11.0434 6244 rdpbus - ok

09:51:11.0460 6244 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

09:51:11.0495 6244 RDPCDD - ok

09:51:11.0507 6244 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

09:51:11.0561 6244 RDPENCDD - ok

09:51:11.0573 6244 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

09:51:11.0608 6244 RDPREFMP - ok

09:51:11.0641 6244 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

09:51:11.0666 6244 RDPWD - ok

09:51:11.0716 6244 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

09:51:11.0744 6244 rdyboost - ok

09:51:11.0777 6244 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll

09:51:11.0838 6244 RemoteAccess - ok

09:51:11.0867 6244 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

09:51:11.0916 6244 RemoteRegistry - ok

09:51:11.0976 6244 [ 498eb62a160674e793fa40fd65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

09:51:11.0995 6244 RichVideo - ok

09:51:12.0027 6244 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

09:51:12.0075 6244 RpcEptMapper - ok

09:51:12.0109 6244 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe

09:51:12.0140 6244 RpcLocator - ok

09:51:12.0194 6244 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll

09:51:12.0235 6244 RpcSs - ok

09:51:12.0282 6244 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

09:51:12.0338 6244 rspndr - ok

09:51:12.0414 6244 [ a5df2f732a6c95554e548fcb6932bd31 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

09:51:12.0445 6244 RSUSBSTOR - ok

09:51:12.0476 6244 [ b49dc435ae3695bac5623dd94b05732d ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

09:51:12.0523 6244 RTL8167 - ok

09:51:12.0527 6244 RtsUIR - ok

09:51:12.0541 6244 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe

09:51:12.0555 6244 SamSs - ok

09:51:12.0600 6244 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

09:51:12.0615 6244 sbp2port - ok

09:51:12.0698 6244 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll

09:51:12.0759 6244 SCardSvr - ok

09:51:12.0783 6244 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

09:51:12.0835 6244 scfilter - ok

09:51:12.0886 6244 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll

09:51:12.0961 6244 Schedule - ok

09:51:12.0983 6244 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll

09:51:13.0017 6244 SCPolicySvc - ok

09:51:13.0058 6244 [ 111e0ebc0ad79cb0fa014b907b231cf0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

09:51:13.0079 6244 sdbus - ok

09:51:13.0117 6244 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

09:51:13.0170 6244 SDRSVC - ok

09:51:13.0237 6244 [ cc781378e7eda615d2cdca3b17829fa4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

09:51:13.0270 6244 SeaPort - ok

09:51:13.0313 6244 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

09:51:13.0369 6244 secdrv - ok

09:51:13.0400 6244 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll

09:51:13.0454 6244 seclogon - ok

09:51:13.0484 6244 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll

09:51:13.0524 6244 SENS - ok

09:51:13.0558 6244 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

09:51:13.0610 6244 SensrSvc - ok

09:51:13.0631 6244 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

09:51:13.0651 6244 Serenum - ok

09:51:13.0667 6244 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

09:51:13.0692 6244 Serial - ok

09:51:13.0713 6244 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

09:51:13.0739 6244 sermouse - ok

09:51:13.0780 6244 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll

09:51:13.0829 6244 SessionEnv - ok

09:51:13.0861 6244 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

09:51:13.0892 6244 sffdisk - ok

09:51:13.0905 6244 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

09:51:13.0925 6244 sffp_mmc - ok

09:51:13.0932 6244 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

09:51:13.0964 6244 sffp_sd - ok

09:51:13.0978 6244 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

09:51:14.0004 6244 sfloppy - ok

09:51:14.0053 6244 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll

09:51:14.0114 6244 SharedAccess - ok

09:51:14.0149 6244 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll

09:51:14.0191 6244 ShellHWDetection - ok

09:51:14.0209 6244 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:51:14.0223 6244 SiSRaid2 - ok

09:51:14.0250 6244 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

09:51:14.0266 6244 SiSRaid4 - ok

09:51:14.0292 6244 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

09:51:14.0330 6244 Smb - ok

09:51:14.0364 6244 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe

09:51:14.0388 6244 SNMPTRAP - ok

09:51:14.0406 6244 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys

09:51:14.0421 6244 spldr - ok

09:51:14.0457 6244 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe

09:51:14.0494 6244 Spooler - ok

09:51:14.0596 6244 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe

09:51:14.0708 6244 sppsvc - ok

09:51:14.0721 6244 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

09:51:14.0759 6244 sppuinotify - ok

09:51:14.0786 6244 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys

09:51:14.0825 6244 srv - ok

09:51:14.0859 6244 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

09:51:14.0897 6244 srv2 - ok

09:51:14.0935 6244 [ 0c4540311e11664b245a263e1154cef8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS

09:51:14.0955 6244 SrvHsfHDA - ok

09:51:14.0988 6244 [ 02071d207a9858fbe3a48cbfd59c4a04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS

09:51:15.0047 6244 SrvHsfV92 - ok

09:51:15.0070 6244 [ 18e40c245dbfaf36fd0134a7ef2df396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

09:51:15.0104 6244 SrvHsfWinac - ok

09:51:15.0129 6244 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

09:51:15.0158 6244 srvnet - ok

09:51:15.0197 6244 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

09:51:15.0250 6244 SSDPSRV - ok

09:51:15.0268 6244 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll

09:51:15.0306 6244 SstpSvc - ok

09:51:15.0394 6244 [ 810199dcc3bdc38304d7d649992ea7bc ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe

09:51:15.0411 6244 STacSV - ok

09:51:15.0434 6244 Steam Client Service - ok

09:51:15.0452 6244 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

09:51:15.0466 6244 stexstor - ok

09:51:15.0496 6244 [ ed1722f43ce61409ef68340402d6267d ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

09:51:15.0518 6244 STHDA - ok

09:51:15.0563 6244 [ decacb6921ded1a38642642685d77dac ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

09:51:15.0591 6244 StillCam - ok

09:51:15.0649 6244 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll

09:51:15.0726 6244 stisvc - ok

09:51:15.0777 6244 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys

09:51:15.0791 6244 swenum - ok

09:51:15.0837 6244 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll

09:51:15.0897 6244 swprv - ok

09:51:15.0933 6244 [ 929c9fa0b18ad2ebc8340591c4bf00ff ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

09:51:15.0951 6244 SynTP - ok

09:51:16.0050 6244 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll

09:51:16.0118 6244 SysMain - ok

09:51:16.0153 6244 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

09:51:16.0174 6244 TabletInputService - ok

09:51:16.0195 6244 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

09:51:16.0247 6244 TapiSrv - ok

09:51:16.0259 6244 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll

09:51:16.0298 6244 TBS - ok

09:51:16.0355 6244 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

09:51:16.0419 6244 Tcpip - ok

09:51:16.0470 6244 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

09:51:16.0509 6244 TCPIP6 - ok

09:51:16.0541 6244 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

09:51:16.0589 6244 tcpipreg - ok

09:51:16.0625 6244 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

09:51:16.0662 6244 TDPIPE - ok

09:51:16.0685 6244 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

09:51:16.0713 6244 TDTCP - ok

09:51:16.0749 6244 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

09:51:16.0786 6244 tdx - ok

09:51:16.0817 6244 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys

09:51:16.0831 6244 TermDD - ok

09:51:16.0857 6244 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll

09:51:16.0921 6244 TermService - ok

09:51:16.0944 6244 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll

09:51:16.0994 6244 Themes - ok

09:51:17.0028 6244 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll

09:51:17.0065 6244 THREADORDER - ok

09:51:17.0091 6244 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll

09:51:17.0147 6244 TrkWks - ok

09:51:17.0200 6244 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

09:51:17.0256 6244 TrustedInstaller - ok

09:51:17.0289 6244 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

09:51:17.0333 6244 tssecsrv - ok

09:51:17.0381 6244 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

09:51:17.0405 6244 TsUsbFlt - ok

09:51:17.0446 6244 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

09:51:17.0482 6244 tunnel - ok

09:51:17.0503 6244 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

09:51:17.0517 6244 uagp35 - ok

09:51:17.0548 6244 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

09:51:17.0607 6244 udfs - ok

09:51:17.0644 6244 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

09:51:17.0661 6244 UI0Detect - ok

09:51:17.0698 6244 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

09:51:17.0712 6244 uliagpkx - ok

09:51:17.0748 6244 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys

09:51:17.0778 6244 umbus - ok

09:51:17.0795 6244 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

09:51:17.0821 6244 UmPass - ok

09:51:17.0845 6244 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll

09:51:17.0903 6244 upnphost - ok

09:51:17.0941 6244 [ fb251567f41bc61988b26731dec19e4b ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

09:51:17.0963 6244 USBAAPL64 - ok

09:51:17.0997 6244 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

09:51:18.0038 6244 usbccgp - ok

09:51:18.0043 6244 USBCCID - ok

09:51:18.0078 6244 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

09:51:18.0096 6244 usbcir - ok

09:51:18.0125 6244 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

09:51:18.0140 6244 usbehci - ok

09:51:18.0170 6244 [ 44d9c773febff10593b50ddfc2d6bc27 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

09:51:18.0182 6244 usbfilter - ok

09:51:18.0227 6244 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

09:51:18.0266 6244 usbhub - ok

09:51:18.0291 6244 [ 9840fc418b4cbd632d3d0a667a725c31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

09:51:18.0308 6244 usbohci - ok

09:51:18.0339 6244 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

09:51:18.0362 6244 usbprint - ok

09:51:18.0387 6244 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

09:51:18.0412 6244 usbscan - ok

09:51:18.0427 6244 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:51:18.0483 6244 USBSTOR - ok

09:51:18.0495 6244 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

09:51:18.0516 6244 usbuhci - ok

09:51:18.0559 6244 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

09:51:18.0580 6244 usbvideo - ok

09:51:18.0601 6244 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll

09:51:18.0656 6244 UxSms - ok

09:51:18.0679 6244 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe

09:51:18.0693 6244 VaultSvc - ok

09:51:18.0711 6244 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

09:51:18.0726 6244 vdrvroot - ok

09:51:18.0757 6244 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe

09:51:18.0802 6244 vds - ok

09:51:18.0828 6244 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

09:51:18.0845 6244 vga - ok

09:51:18.0857 6244 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys

09:51:18.0907 6244 VgaSave - ok

09:51:18.0939 6244 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

09:51:18.0956 6244 vhdmp - ok

09:51:18.0982 6244 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys

09:51:18.0996 6244 viaide - ok

09:51:19.0009 6244 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

09:51:19.0024 6244 volmgr - ok

09:51:19.0056 6244 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

09:51:19.0076 6244 volmgrx - ok

09:51:19.0113 6244 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

09:51:19.0132 6244 volsnap - ok

09:51:19.0158 6244 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

09:51:19.0174 6244 vsmraid - ok

09:51:19.0233 6244 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe

09:51:19.0315 6244 VSS - ok

09:51:19.0330 6244 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

09:51:19.0360 6244 vwifibus - ok

09:51:19.0379 6244 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

09:51:19.0413 6244 vwififlt - ok

09:51:19.0441 6244 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll

09:51:19.0484 6244 W32Time - ok

09:51:19.0503 6244 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

09:51:19.0518 6244 WacomPen - ok

09:51:19.0559 6244 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

09:51:19.0608 6244 WANARP - ok

09:51:19.0618 6244 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

09:51:19.0653 6244 Wanarpv6 - ok

09:51:19.0736 6244 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

09:51:19.0785 6244 WatAdminSvc - ok

09:51:19.0835 6244 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe

09:51:19.0918 6244 wbengine - ok

09:51:19.0931 6244 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

09:51:19.0953 6244 WbioSrvc - ok

09:51:19.0989 6244 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll

09:51:20.0026 6244 wcncsvc - ok

09:51:20.0046 6244 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

09:51:20.0071 6244 WcsPlugInService - ok

09:51:20.0100 6244 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys

09:51:20.0114 6244 Wd - ok

09:51:20.0144 6244 [ a3d04ebf5227886029b4532f20d026f7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

09:51:20.0164 6244 WDC_SAM - ok

09:51:20.0221 6244 [ 334e5ed94d3faff3c44f4d36b1fe1c90 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

09:51:20.0241 6244 WDDMService ( UnsignedFile.Multi.Generic ) - warning

09:51:20.0241 6244 WDDMService - detected UnsignedFile.Multi.Generic (1)

09:51:20.0280 6244 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

09:51:20.0315 6244 Wdf01000 - ok

09:51:20.0326 6244 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll

09:51:20.0428 6244 WdiServiceHost - ok

09:51:20.0432 6244 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll

09:51:20.0452 6244 WdiSystemHost - ok

09:51:20.0501 6244 [ 138ab06adbbf300aa804d7974a5aec82 ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

09:51:20.0510 6244 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning

09:51:20.0510 6244 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)

09:51:20.0537 6244 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll

09:51:20.0575 6244 WebClient - ok

09:51:20.0596 6244 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll

09:51:20.0652 6244 Wecsvc - ok

09:51:20.0673 6244 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

09:51:20.0719 6244 wercplsupport - ok

09:51:20.0736 6244 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll

09:51:20.0785 6244 WerSvc - ok

09:51:20.0804 6244 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

09:51:20.0840 6244 WfpLwf - ok

09:51:20.0863 6244 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys

09:51:20.0877 6244 WIMMount - ok

09:51:20.0886 6244 WinDefend - ok

09:51:20.0893 6244 WinHttpAutoProxySvc - ok

09:51:20.0943 6244 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

09:51:20.0988 6244 Winmgmt - ok

09:51:21.0149 6244 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll

09:51:21.0273 6244 WinRM - ok

09:51:21.0332 6244 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

09:51:21.0358 6244 WinUsb - ok

09:51:21.0389 6244 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll

09:51:21.0444 6244 Wlansvc - ok

09:51:21.0496 6244 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:51:21.0509 6244 wlcrasvc - ok

09:51:21.0600 6244 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:51:21.0673 6244 wlidsvc - ok

09:51:21.0691 6244 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

09:51:21.0706 6244 WmiAcpi - ok

09:51:21.0731 6244 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

09:51:21.0761 6244 wmiApSrv - ok

09:51:21.0783 6244 WMPNetworkSvc - ok

09:51:21.0802 6244 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll

09:51:21.0828 6244 WPCSvc - ok

09:51:21.0860 6244 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

09:51:21.0878 6244 WPDBusEnum - ok

09:51:21.0914 6244 [ 294e163ebef6125721f916a43051eae2 ] WRkrn C:\Windows\system32\drivers\WRkrn.sys

09:51:21.0929 6244 WRkrn - ok

09:51:21.0987 6244 [ e2874ffd168a5e673d4c323324bfe167 ] WRSVC C:\Program Files\Webroot\WRSA.exe

09:51:22.0017 6244 WRSVC - ok

09:51:22.0035 6244 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

09:51:22.0071 6244 ws2ifsl - ok

09:51:22.0094 6244 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\System32\wscsvc.dll

09:51:22.0121 6244 wscsvc - ok

09:51:22.0163 6244 [ 8d918b1db190a4d9b1753a66fa8c96e8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

09:51:22.0191 6244 WSDPrintDevice - ok

09:51:22.0197 6244 WSearch - ok

09:51:22.0268 6244 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll

09:51:22.0344 6244 wuauserv - ok

09:51:22.0377 6244 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

09:51:22.0433 6244 WudfPf - ok

09:51:22.0485 6244 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

09:51:22.0532 6244 WUDFRd - ok

09:51:22.0565 6244 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

09:51:22.0602 6244 wudfsvc - ok

09:51:22.0626 6244 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll

09:51:22.0656 6244 WwanSvc - ok

09:51:22.0758 6244 [ dd0042f0c3b606a6a8b92d49afb18ad6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

09:51:22.0813 6244 YahooAUService - ok

09:51:22.0844 6244 [ b3eeacf62445e24fbb2cd4b0fb4db026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys

09:51:22.0879 6244 yukonw7 - ok

09:51:22.0936 6244 [ 74983addca2d9618512c088d856d6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

09:51:22.0952 6244 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok

09:51:22.0958 6244 ================ Scan global ===============================

09:51:22.0983 6244 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll

09:51:23.0016 6244 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll

09:51:23.0030 6244 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll

09:51:23.0054 6244 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll

09:51:23.0081 6244 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe

09:51:23.0087 6244 [Global] - ok

09:51:23.0090 6244 ================ Scan MBR ==================================

09:51:23.0094 6244 MBR (0x1B8) (54899efeddc7cc50fad782dfcf105eae) \Device\Harddisk0\DR0

09:51:23.0094 6244 Suspicious mbr (Forged): \Device\Harddisk0\DR0

09:51:23.0156 6244 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

09:51:23.0156 6244 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

09:51:23.0241 6244 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

09:51:23.0241 6244 \Device\Harddisk0\DR0 - detected TDSS File System (1)

09:51:23.0242 6244 ================ Scan VBR ==================================

09:51:23.0246 6244 Boot (0x1200) (f5a260e92c6640c1b0825ecbf5f83e74) \Device\Harddisk0\DR0\Partition1

09:51:23.0248 6244 \Device\Harddisk0\DR0\Partition1 - ok

09:51:23.0284 6244 Boot (0x1200) (983054ded5b96046f45f317903ad762d) \Device\Harddisk0\DR0\Partition2

09:51:23.0287 6244 \Device\Harddisk0\DR0\Partition2 - ok

09:51:23.0315 6244 Boot (0x1200) (43b303da30f02fb8753d57f7b820e70b) \Device\Harddisk0\DR0\Partition3

09:51:23.0317 6244 \Device\Harddisk0\DR0\Partition3 - ok

09:51:23.0318 6244 ============================================================

09:51:23.0318 6244 Scan finished

09:51:23.0318 6244 ============================================================

09:51:23.0332 8108 Detected object count: 9

09:51:23.0332 8108 Actual detected object count: 9

09:52:38.0821 8108 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user

09:52:38.0821 8108 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:52:38.0822 8108 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user

09:52:38.0822 8108 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:52:38.0824 8108 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

09:52:38.0824 8108 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:52:38.0827 8108 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

09:52:38.0827 8108 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:52:38.0829 8108 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

09:52:38.0829 8108 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:52:38.0831 8108 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user

09:52:38.0831 8108 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:52:38.0833 8108 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user

09:52:38.0833 8108 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:52:39.0893 8108 \Device\Harddisk0\DR0\# - copied to quarantine

09:52:39.0917 8108 \Device\Harddisk0\DR0 - copied to quarantine

09:52:40.0190 8108 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

09:52:40.0196 8108 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

09:52:40.0211 8108 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

09:52:40.0227 8108 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

09:52:40.0302 8108 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

09:52:40.0333 8108 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

09:52:40.0342 8108 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

09:52:40.0349 8108 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

09:52:40.0355 8108 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

09:52:40.0367 8108 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

09:52:40.0391 8108 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

09:52:40.0459 8108 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

09:52:40.0469 8108 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

09:52:40.0479 8108 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

09:52:40.0494 8108 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

09:52:40.0501 8108 \Device\Harddisk0\DR0 - ok

09:52:41.0424 8108 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

09:52:41.0424 8108 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

09:52:41.0424 8108 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

09:52:57.0849 1116 Deinitialize success

09:55:16.0459 3796 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

09:55:16.0834 3796 ============================================================

09:55:16.0834 3796 Current date / time: 2012/08/19 09:55:16.0834

09:55:16.0834 3796 SystemInfo:

09:55:16.0834 3796

09:55:16.0834 3796 OS Version: 6.1.7601 ServicePack: 1.0

09:55:16.0834 3796 Product type: Workstation

09:55:16.0834 3796 ComputerName: MYHP-PC

09:55:16.0834 3796 UserName: My Hp

09:55:16.0834 3796 Windows directory: C:\Windows

09:55:16.0834 3796 System windows directory: C:\Windows

09:55:16.0834 3796 Running under WOW64

09:55:16.0834 3796 Processor architecture: Intel x64

09:55:16.0834 3796 Number of processors: 2

09:55:16.0834 3796 Page size: 0x1000

09:55:16.0834 3796 Boot type: Normal boot

09:55:16.0834 3796 ============================================================

09:55:17.0785 3796 BG loaded

09:55:18.0612 3796 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:55:18.0612 3796 ============================================================

09:55:18.0612 3796 \Device\Harddisk0\DR0:

09:55:18.0612 3796 MBR partitions:

09:55:18.0612 3796 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

09:55:18.0612 3796 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38444000

09:55:18.0612 3796 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x384A8000, BlocksNum 0x1EAA000

09:55:18.0612 3796 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830

09:55:18.0612 3796 ============================================================

09:55:18.0643 3796 C: <-> \Device\Harddisk0\DR0\Partition2

09:55:18.0737 3796 D: <-> \Device\Harddisk0\DR0\Partition3

09:55:18.0737 3796 ============================================================

09:55:18.0737 3796 Initialize success

09:55:18.0737 3796 ============================================================

10:10:10.0992 3708 Deinitialize success

Link to post
Share on other sites

Good! :)

Step 1

Re-run TDSSKiller and use Delete option for this entry:

09:52:41.0424 8108 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

09:52:41.0424 8108 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Step 2

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

Here is the Combofix file

ComboFix 12-08-18.03 - My Hp 08/19/2012 23:46:25.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2151 [GMT -4:00]

Running from: c:\users\My Hp\Desktop\ComboFix.exe

AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}

SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Search Toolbar

c:\program files (x86)\Search Toolbar\icon.ico

c:\program files (x86)\Search Toolbar\SearchToolbar.dll

c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe

c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe

c:\users\My Hp\AppData\Roaming\.#

c:\users\My Hp\AppData\Roaming\31649.bat

c:\users\My Hp\AppData\Roaming\completescan

c:\users\My Hp\AppData\Roaming\install

c:\users\Public\videos\HP MediaSmart Demo.exe

c:\windows\svchost.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-07-20 to 2012-08-20 )))))))))))))))))))))))))))))))

.

.

2012-08-20 04:04 . 2012-08-20 04:04 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-19 13:52 . 2012-08-20 03:04 -------- d-----w- C:\TDSSKiller_Quarantine

2012-08-17 20:22 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D5379FD-5257-4078-973A-673C7AE0A3A8}\mpengine.dll

2012-08-16 20:31 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-08-16 20:31 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2012-08-16 15:22 . 2012-08-16 15:22 -------- d-----w- c:\users\My Hp\AppData\Roaming\GameMill Entertainment

2012-08-16 07:08 . 2012-06-29 04:55 17809920 ----a-w- c:\windows\system32\mshtml.dll

2012-08-16 07:08 . 2012-06-29 04:09 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-08-15 17:08 . 2012-08-15 18:54 -------- d-----w- c:\users\My Hp\AppData\Roaming\LegacyInteractive

2012-08-13 02:21 . 2012-08-13 02:28 -------- d-----w- c:\users\My Hp\AppData\Local\Geek Squad 24 Hour Computer Support

2012-08-12 17:03 . 2012-08-12 17:03 -------- d-----w- c:\program files\iPod

2012-08-12 17:03 . 2012-08-12 17:03 -------- d-----w- c:\program files\iTunes

2012-08-12 17:03 . 2012-08-12 17:03 -------- d-----w- c:\program files (x86)\iTunes

2012-08-05 13:43 . 2012-08-05 13:43 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-08-05 13:42 . 2012-08-05 13:42 476976 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-08-05 13:41 . 2012-08-05 13:41 -------- d-----w- c:\programdata\McAfee

2012-08-05 01:06 . 2012-08-05 01:06 -------- d-----w- c:\users\My Hp\AppData\Local\JollyBear

2012-08-05 01:06 . 2012-08-05 01:06 -------- d-----w- c:\programdata\JollyBear

2012-07-29 19:17 . 2012-07-29 19:17 -------- d-----w- c:\windows\Sun

2012-07-29 15:33 . 2012-07-29 15:33 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-07-22 19:47 . 2012-07-22 19:47 -------- d-----w- c:\users\My Hp\AppData\Roaming\PopCap Games

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-16 07:00 . 2009-12-15 12:21 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-08-15 05:02 . 2012-04-01 19:36 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 05:02 . 2011-05-12 22:33 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-05 13:42 . 2011-08-28 15:41 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-07-14 02:00 . 2010-06-24 16:33 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-07-09 16:35 . 2012-01-03 01:47 148664 ----a-w- c:\windows\SysWow64\WRusr.dll

2012-07-09 16:35 . 2012-01-03 01:47 101808 ----a-w- c:\windows\system32\WRusr.dll

2012-07-09 16:35 . 2012-01-03 01:47 113168 ----a-w- c:\windows\system32\drivers\WRkrn.sys

2012-07-03 17:46 . 2010-10-23 17:37 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-09 05:43 . 2012-07-10 19:53 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 06:06 . 2012-07-10 19:53 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-10 19:53 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-10 19:52 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-10 19:53 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-10 19:53 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-10 19:53 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-08 20:34 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-08 20:35 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-08 20:35 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-08 20:35 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-08 20:34 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-08 20:35 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-08 20:34 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 19:19 . 2012-06-08 20:34 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 19:15 . 2012-06-08 20:34 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-10 19:53 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-10 19:53 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:48 . 2012-07-10 19:53 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:45 . 2012-07-10 19:53 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-10 19:53 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-10 19:53 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-10 19:53 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-10 19:53 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-10 19:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-05-31 16:25 . 2009-12-14 23:43 279656 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{00f2c0c6-2194-484e-9064-44e57787867b}"= "c:\program files (x86)\SearchElf_1.1\tbSear.dll" [2010-11-14 3913000]

"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll" [2012-06-11 1524056]

.

[HKEY_CLASSES_ROOT\clsid\{00f2c0c6-2194-484e-9064-44e57787867b}]

.

[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]

[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]

[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]

[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{00f2c0c6-2194-484e-9064-44e57787867b}]

2010-11-14 02:58 3913000 ----a-w- c:\program files (x86)\SearchElf_1.1\tbSear.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2010-11-14 02:58 3913000 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]

2009-06-08 21:41 120104 ----a-w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{00f2c0c6-2194-484e-9064-44e57787867b}"= "c:\program files (x86)\SearchElf_1.1\tbSear.dll" [2010-11-14 3913000]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-11-14 3913000]

.

[HKEY_CLASSES_ROOT\clsid\{00f2c0c6-2194-484e-9064-44e57787867b}]

.

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-02-23 6591800]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2010-05-12 300472]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]

"WRSVC"="c:\program files\Webroot\WRSA.exe" [2012-07-02 688360]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2119488]

WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]

"WallpaperStyle"= 2

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 GSRestartSvc;GSRestartSvc;c:\programdata\Geek Squad\Customizer\GSRestartSvc.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2011-07-13 206072]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 216576]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys [2012-07-09 113168]

S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2010-04-16 87600]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/11/21 00:47];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-07-24 04:45 146928]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-02 203264]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]

S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 129536]

S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

S2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [2012-07-02 688360]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]

S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056]

S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-03-09 36408]

S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-06-17 20:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 05:02]

.

2012-08-10 c:\windows\Tasks\HPCeeScheduleForMy Hp.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 09:22]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-15 171520]

"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]

"LogiScrollApp"="c:\program files\Logitech\ScrollApp\KhalScroll.exe" [2011-12-14 156440]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://www.yahoo.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\My Hp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

TCP: DhcpNameServer = 192.168.1.254

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

.

- - - - ORPHANS REMOVED - - - -

.

SafeBoot-77956846.sys

WebBrowser-{00F2C0C6-2194-484E-9064-44E57787867B} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-EADM - c:\program files (x86)\Electronic Arts\EADM\Uninstall.exe

AddRemove-Search Toolbar - c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe

AddRemove-{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11993617} - c:\program files (x86)\Yahoo! Games\Virtual Villagers - New Believers\Uninstall.exe

AddRemove-{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119999463} - c:\program files (x86)\Yahoo! Games\Sinister City\Uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]

"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,

eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c

"{9D425283-D487-4337-BAB6-AB8354A81457}"=hex:51,66,7a,6c,4c,1d,38,12,ed,51,51,

99,b5,9a,59,06,c5,a0,e8,c3,51,f6,50,43

"{00F2C0C6-2194-484E-9064-44E57787867B}"=hex:51,66,7a,6c,4c,1d,38,12,a8,c3,e1,

04,a6,6f,20,0d,ef,72,07,a5,72,d9,c2,6f

"{30F9B915-B755-4826-820B-08FBA6BD249D}"=hex:51,66,7a,6c,4c,1d,38,12,7b,ba,ea,

34,67,f9,48,0d,fd,1d,4b,bb,a3,e3,60,89

"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,

89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b

"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,

51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,

06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64

"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,

07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,

9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d

"{ABD3B5E1-B268-407B-A150-2641DAB8D898}"=hex:51,66,7a,6c,4c,1d,38,12,8f,b6,c0,

af,5a,fc,15,05,de,46,65,01,df,e6,9c,8c

"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,

d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,

f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95

"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,

fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:a3,a2,79,ea,88,a6,cc,01

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

c:\program files (x86)\CyberLink\Shared files\RichVideo.exe

c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

.

**************************************************************************

.

Completion time: 2012-08-20 00:27:57 - machine was rebooted

ComboFix-quarantined-files.txt 2012-08-20 04:27

.

Pre-Run: 398,065,823,744 bytes free

Post-Run: 403,002,679,296 bytes free

.

- - End Of File - - BE5CB0ED148DADDCE249EE18F06220BA

Link to post
Share on other sites

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

Folder::
c:\program files (x86)\SearchElf_1.1
c:\program files (x86)\ConduitEngine
c:\program files (x86)\Search Toolbar

Registry::
[-HKEY_CLASSES_ROOT\clsid\{00f2c0c6-2194-484e-9064-44e57787867b}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{00f2c0c6-2194-484e-9064-44e57787867b}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_CLASSES_ROOT\clsid\{00f2c0c6-2194-484e-9064-44e57787867b}]
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00f2c0c6-2194-484e-9064-44e57787867b}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{00f2c0c6-2194-484e-9064-44e57787867b}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-

JavaClearCache::

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Link to post
Share on other sites

Here you go:

ComboFix 12-08-20.01 - My Hp 08/20/2012 9:36.2.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1992 [GMT -4:00]

Running from: c:\users\My Hp\Desktop\ComboFix.exe

Command switches used :: c:\users\My Hp\Desktop\CFScript.txt

AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}

SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

Infected copy of c:\windows\SysWow64\userinit.exe was found and disinfected

Restored copy from - c:\windows\erdnt\cache86\userinit.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-07-20 to 2012-08-20 )))))))))))))))))))))))))))))))

.

.

2012-08-20 14:29 . 2012-08-20 14:29 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp

2012-08-20 14:29 . 2012-08-20 14:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-20 14:29 . 2012-08-20 14:29 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2012-08-19 13:52 . 2012-08-20 03:04 -------- d-----w- C:\TDSSKiller_Quarantine

2012-08-16 20:31 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-08-16 20:31 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2012-08-16 15:22 . 2012-08-16 15:22 -------- d-----w- c:\users\My Hp\AppData\Roaming\GameMill Entertainment

2012-08-16 07:08 . 2012-06-29 04:55 17809920 ----a-w- c:\windows\system32\mshtml.dll

2012-08-16 07:08 . 2012-06-29 04:09 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-08-15 17:08 . 2012-08-15 18:54 -------- d-----w- c:\users\My Hp\AppData\Roaming\LegacyInteractive

2012-08-13 02:21 . 2012-08-13 02:28 -------- d-----w- c:\users\My Hp\AppData\Local\Geek Squad 24 Hour Computer Support

2012-08-12 17:03 . 2012-08-12 17:03 -------- d-----w- c:\program files\iPod

2012-08-12 17:03 . 2012-08-12 17:03 -------- d-----w- c:\program files\iTunes

2012-08-12 17:03 . 2012-08-12 17:03 -------- d-----w- c:\program files (x86)\iTunes

2012-08-05 13:43 . 2012-08-05 13:43 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-08-05 13:42 . 2012-08-05 13:42 476976 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-08-05 13:41 . 2012-08-05 13:41 -------- d-----w- c:\programdata\McAfee

2012-08-05 01:06 . 2012-08-05 01:06 -------- d-----w- c:\users\My Hp\AppData\Local\JollyBear

2012-08-05 01:06 . 2012-08-05 01:06 -------- d-----w- c:\programdata\JollyBear

2012-07-29 19:17 . 2012-07-29 19:17 -------- d-----w- c:\windows\Sun

2012-07-29 15:33 . 2012-07-29 15:33 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-07-22 19:47 . 2012-07-22 19:47 -------- d-----w- c:\users\My Hp\AppData\Roaming\PopCap Games

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-16 07:00 . 2009-12-15 12:21 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-08-15 05:02 . 2012-04-01 19:36 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 05:02 . 2011-05-12 22:33 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-05 13:42 . 2011-08-28 15:41 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-07-14 02:00 . 2010-06-24 16:33 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-07-09 16:35 . 2012-01-03 01:47 148664 ----a-w- c:\windows\SysWow64\WRusr.dll

2012-07-09 16:35 . 2012-01-03 01:47 101808 ----a-w- c:\windows\system32\WRusr.dll

2012-07-09 16:35 . 2012-01-03 01:47 113168 ----a-w- c:\windows\system32\drivers\WRkrn.sys

2012-07-03 17:46 . 2010-10-23 17:37 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-29 10:04 . 2012-08-17 20:22 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D5379FD-5257-4078-973A-673C7AE0A3A8}\mpengine.dll

2012-06-09 05:43 . 2012-07-10 19:53 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 06:06 . 2012-07-10 19:53 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-10 19:53 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-10 19:52 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-10 19:53 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-10 19:53 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-10 19:53 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-08 20:34 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-08 20:35 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-08 20:35 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-08 20:35 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-08 20:34 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-08 20:35 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-08 20:34 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 19:19 . 2012-06-08 20:34 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 19:15 . 2012-06-08 20:34 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-10 19:53 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-10 19:53 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:48 . 2012-07-10 19:53 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:45 . 2012-07-10 19:53 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-10 19:53 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-10 19:53 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-10 19:53 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-10 19:53 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-10 19:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-05-31 16:25 . 2009-12-14 23:43 279656 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-20_04.07.11 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-08-15 04:52 . 2012-08-20 04:32 52506 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-08-20 04:32 65188 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2009-12-15 02:00 . 2012-08-20 04:32 14370 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3948536922-3562738022-896154980-1000_UserData.bin

+ 2010-06-11 07:21 . 2012-08-20 04:29 3032 c:\windows\system32\wdi\ERCQueuedResolutions.dat

- 2012-08-20 04:06 . 2012-08-20 04:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-20 14:30 . 2012-08-20 14:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-08-20 04:06 . 2012-08-20 04:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-08-20 14:30 . 2012-08-20 14:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-12-31 22:04 . 2012-08-20 13:21 373210 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2009-07-14 05:01 . 2012-08-20 14:30 328004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2012-08-20 04:05 328004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-12-15 01:57 . 2012-08-20 14:30 4452108 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3948536922-3562738022-896154980-1000-8192.dat

- 2009-12-15 01:57 . 2012-08-20 04:05 4452108 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3948536922-3562738022-896154980-1000-8192.dat

+ 2011-12-04 02:06 . 2012-08-20 14:30 26772508 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3948536922-3562738022-896154980-1000-4096.dat

- 2011-12-04 02:06 . 2012-08-20 04:05 26772508 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3948536922-3562738022-896154980-1000-4096.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{00f2c0c6-2194-484e-9064-44e57787867b}"= "c:\program files (x86)\SearchElf_1.1\tbSear.dll" [2010-11-14 3913000]

"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll" [2012-06-11 1524056]

.

[HKEY_CLASSES_ROOT\clsid\{00f2c0c6-2194-484e-9064-44e57787867b}]

.

[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]

[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]

[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]

[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{00f2c0c6-2194-484e-9064-44e57787867b}]

2010-11-14 02:58 3913000 ----a-w- c:\program files (x86)\SearchElf_1.1\tbSear.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2010-11-14 02:58 3913000 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]

2009-06-08 21:41 120104 ----a-w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{00f2c0c6-2194-484e-9064-44e57787867b}"= "c:\program files (x86)\SearchElf_1.1\tbSear.dll" [2010-11-14 3913000]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-11-14 3913000]

.

[HKEY_CLASSES_ROOT\clsid\{00f2c0c6-2194-484e-9064-44e57787867b}]

.

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-02-23 6591800]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2010-05-12 300472]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]

"WRSVC"="c:\program files\Webroot\WRSA.exe" [2012-07-02 688360]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2119488]

WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]

"WallpaperStyle"= 2

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 GSRestartSvc;GSRestartSvc;c:\programdata\Geek Squad\Customizer\GSRestartSvc.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2011-07-13 206072]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 216576]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys [2012-07-09 113168]

S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2010-04-16 87600]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/11/21 00:47];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-07-24 04:45 146928]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-02 203264]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]

S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 129536]

S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

S2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [2012-07-02 688360]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]

S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056]

S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-03-09 36408]

S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-06-17 20:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 05:02]

.

2012-08-10 c:\windows\Tasks\HPCeeScheduleForMy Hp.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 09:22]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-15 171520]

"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]

"LogiScrollApp"="c:\program files\Logitech\ScrollApp\KhalScroll.exe" [2011-12-14 156440]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://www.yahoo.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\My Hp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

TCP: DhcpNameServer = 192.168.1.254

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{00F2C0C6-2194-484E-9064-44E57787867B} - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]

"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,

eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c

"{9D425283-D487-4337-BAB6-AB8354A81457}"=hex:51,66,7a,6c,4c,1d,38,12,ed,51,51,

99,b5,9a,59,06,c5,a0,e8,c3,51,f6,50,43

"{00F2C0C6-2194-484E-9064-44E57787867B}"=hex:51,66,7a,6c,4c,1d,38,12,a8,c3,e1,

04,a6,6f,20,0d,ef,72,07,a5,72,d9,c2,6f

"{30F9B915-B755-4826-820B-08FBA6BD249D}"=hex:51,66,7a,6c,4c,1d,38,12,7b,ba,ea,

34,67,f9,48,0d,fd,1d,4b,bb,a3,e3,60,89

"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,

89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b

"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,

51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,

06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64

"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,

07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,

9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d

"{ABD3B5E1-B268-407B-A150-2641DAB8D898}"=hex:51,66,7a,6c,4c,1d,38,12,8f,b6,c0,

af,5a,fc,15,05,de,46,65,01,df,e6,9c,8c

"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,

d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,

f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95

"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,

fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:a3,a2,79,ea,88,a6,cc,01

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

c:\program files (x86)\CyberLink\Shared files\RichVideo.exe

c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

.

**************************************************************************

.

Completion time: 2012-08-20 10:37:16 - machine was rebooted

ComboFix-quarantined-files.txt 2012-08-20 14:37

ComboFix2.txt 2012-08-20 04:28

.

Pre-Run: 402,899,238,912 bytes free

Post-Run: 402,687,610,880 bytes free

.

- - End Of File - - 11106DFE6F5722DE0DB6A4ED522EDA7E

Link to post
Share on other sites

I am not sure how to make sure the script is activated. I copied all the text in the box and saved it with the file name as instructed. I reran combofix and here is that log. If I am missing a step please let me know.

ComboFix 12-08-20.01 - My Hp 08/20/2012 12:20:12.3.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2292 [GMT -4:00]

Running from: c:\users\My Hp\Desktop\ComboFix.exe

Command switches used :: c:\users\My Hp\Desktop\CFScript.txt

AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}

SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\ConduitEngine

c:\program files (x86)\ConduitEngine\appContextMenu.xml

c:\program files (x86)\ConduitEngine\ConduitEngine.dll

c:\program files (x86)\ConduitEngine\ConduitEngineHelper.exe

c:\program files (x86)\ConduitEngine\ConduitEngineUninstall.exe

c:\program files (x86)\ConduitEngine\engineContextMenu.xml

c:\program files (x86)\ConduitEngine\EngineSettings.json

c:\program files (x86)\ConduitEngine\INSTALL.LOG

c:\program files (x86)\ConduitEngine\toolbar.cfg

c:\program files (x86)\SearchElf_1.1

c:\program files (x86)\SearchElf_1.1\GottenAppsContextMenu.xml

c:\program files (x86)\SearchElf_1.1\OtherAppsContextMenu.xml

c:\program files (x86)\SearchElf_1.1\SearchElf_1.1ToolbarHelper.exe

c:\program files (x86)\SearchElf_1.1\SharedAppsContextMenu.xml

c:\program files (x86)\SearchElf_1.1\tbSear.dll

c:\program files (x86)\SearchElf_1.1\toolbar.cfg

c:\program files (x86)\SearchElf_1.1\ToolbarContextMenu.xml

c:\program files (x86)\SearchElf_1.1\UNWISE.EXE

.

.

((((((((((((((((((((((((( Files Created from 2012-07-20 to 2012-08-20 )))))))))))))))))))))))))))))))

.

.

2012-08-20 16:37 . 2012-08-20 16:37 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp

2012-08-20 16:37 . 2012-08-20 16:37 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-20 16:37 . 2012-08-20 16:37 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2012-08-19 13:52 . 2012-08-20 03:04 -------- d-----w- C:\TDSSKiller_Quarantine

2012-08-17 20:22 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D5379FD-5257-4078-973A-673C7AE0A3A8}\mpengine.dll

2012-08-16 20:31 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-08-16 20:31 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2012-08-16 15:22 . 2012-08-16 15:22 -------- d-----w- c:\users\My Hp\AppData\Roaming\GameMill Entertainment

2012-08-16 07:08 . 2012-06-29 04:55 17809920 ----a-w- c:\windows\system32\mshtml.dll

2012-08-16 07:08 . 2012-06-29 04:09 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-08-15 17:08 . 2012-08-15 18:54 -------- d-----w- c:\users\My Hp\AppData\Roaming\LegacyInteractive

2012-08-13 02:21 . 2012-08-13 02:28 -------- d-----w- c:\users\My Hp\AppData\Local\Geek Squad 24 Hour Computer Support

2012-08-12 17:03 . 2012-08-12 17:03 -------- d-----w- c:\program files\iPod

2012-08-12 17:03 . 2012-08-12 17:03 -------- d-----w- c:\program files\iTunes

2012-08-12 17:03 . 2012-08-12 17:03 -------- d-----w- c:\program files (x86)\iTunes

2012-08-05 13:43 . 2012-08-05 13:43 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-08-05 13:42 . 2012-08-05 13:42 476976 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-08-05 13:41 . 2012-08-05 13:41 -------- d-----w- c:\programdata\McAfee

2012-08-05 01:06 . 2012-08-05 01:06 -------- d-----w- c:\users\My Hp\AppData\Local\JollyBear

2012-08-05 01:06 . 2012-08-05 01:06 -------- d-----w- c:\programdata\JollyBear

2012-07-29 19:17 . 2012-07-29 19:17 -------- d-----w- c:\windows\Sun

2012-07-29 15:33 . 2012-07-29 15:33 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-07-22 19:47 . 2012-07-22 19:47 -------- d-----w- c:\users\My Hp\AppData\Roaming\PopCap Games

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-16 07:00 . 2009-12-15 12:21 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-08-15 05:02 . 2012-04-01 19:36 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 05:02 . 2011-05-12 22:33 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-05 13:42 . 2011-08-28 15:41 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-07-14 02:00 . 2010-06-24 16:33 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-07-09 16:35 . 2012-01-03 01:47 148664 ----a-w- c:\windows\SysWow64\WRusr.dll

2012-07-09 16:35 . 2012-01-03 01:47 101808 ----a-w- c:\windows\system32\WRusr.dll

2012-07-09 16:35 . 2012-01-03 01:47 113168 ----a-w- c:\windows\system32\drivers\WRkrn.sys

2012-07-03 17:46 . 2010-10-23 17:37 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-09 05:43 . 2012-07-10 19:53 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 06:06 . 2012-07-10 19:53 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-10 19:53 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-10 19:52 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-10 19:53 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-10 19:53 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-10 19:53 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-08 20:34 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-08 20:35 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-08 20:35 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-08 20:35 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-08 20:34 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-08 20:35 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-08 20:34 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 19:19 . 2012-06-08 20:34 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 19:15 . 2012-06-08 20:34 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-10 19:53 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-10 19:53 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:48 . 2012-07-10 19:53 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:45 . 2012-07-10 19:53 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-10 19:53 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-10 19:53 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-10 19:53 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-10 19:53 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-10 19:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-05-31 16:25 . 2009-12-14 23:43 279656 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-20_04.07.11 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-08-15 04:52 . 2012-08-20 14:44 52586 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-08-20 14:44 65346 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2009-12-15 02:00 . 2012-08-20 14:44 14378 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3948536922-3562738022-896154980-1000_UserData.bin

+ 2010-06-11 07:21 . 2012-08-20 04:29 3032 c:\windows\system32\wdi\ERCQueuedResolutions.dat

- 2012-08-20 04:06 . 2012-08-20 04:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-20 16:38 . 2012-08-20 16:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-08-20 04:06 . 2012-08-20 04:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-08-20 16:38 . 2012-08-20 16:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-12-31 22:04 . 2012-08-20 13:21 373210 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2009-07-14 05:01 . 2012-08-20 16:38 328004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2012-08-20 04:05 328004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-12-15 01:57 . 2012-08-20 16:38 4452108 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3948536922-3562738022-896154980-1000-8192.dat

- 2009-12-15 01:57 . 2012-08-20 04:05 4452108 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3948536922-3562738022-896154980-1000-8192.dat

+ 2011-12-04 02:06 . 2012-08-20 16:38 26772508 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3948536922-3562738022-896154980-1000-4096.dat

- 2011-12-04 02:06 . 2012-08-20 04:05 26772508 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3948536922-3562738022-896154980-1000-4096.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll" [2012-06-11 1524056]

.

[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]

[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]

[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]

[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]

2009-06-08 21:41 120104 ----a-w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-02-23 6591800]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2010-05-12 300472]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]

"WRSVC"="c:\program files\Webroot\WRSA.exe" [2012-07-02 688360]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2119488]

WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]

"WallpaperStyle"= 2

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 GSRestartSvc;GSRestartSvc;c:\programdata\Geek Squad\Customizer\GSRestartSvc.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2011-07-13 206072]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 216576]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys [2012-07-09 113168]

S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2010-04-16 87600]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/11/21 00:47];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-07-24 04:45 146928]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-02 203264]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]

S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 129536]

S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

S2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [2012-07-02 688360]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]

S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056]

S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-03-09 36408]

S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-06-17 20:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 05:02]

.

2012-08-10 c:\windows\Tasks\HPCeeScheduleForMy Hp.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 09:22]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-15 171520]

"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]

"LogiScrollApp"="c:\program files\Logitech\ScrollApp\KhalScroll.exe" [2011-12-14 156440]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://www.yahoo.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\My Hp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

TCP: DhcpNameServer = 192.168.1.254

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-conduitEngine - c:\progra~2\CONDUI~1\ConduitEngineUninstall.exe

AddRemove-SearchElf_1.1 Toolbar - c:\progra~2\SEARCH~1.1\UNWISE.EXE

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]

"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,

eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c

"{9D425283-D487-4337-BAB6-AB8354A81457}"=hex:51,66,7a,6c,4c,1d,38,12,ed,51,51,

99,b5,9a,59,06,c5,a0,e8,c3,51,f6,50,43

"{00F2C0C6-2194-484E-9064-44E57787867B}"=hex:51,66,7a,6c,4c,1d,38,12,a8,c3,e1,

04,a6,6f,20,0d,ef,72,07,a5,72,d9,c2,6f

"{30F9B915-B755-4826-820B-08FBA6BD249D}"=hex:51,66,7a,6c,4c,1d,38,12,7b,ba,ea,

34,67,f9,48,0d,fd,1d,4b,bb,a3,e3,60,89

"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,

89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b

"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,

51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,

06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64

"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,

07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,

9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d

"{ABD3B5E1-B268-407B-A150-2641DAB8D898}"=hex:51,66,7a,6c,4c,1d,38,12,8f,b6,c0,

af,5a,fc,15,05,de,46,65,01,df,e6,9c,8c

"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,

d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,

f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95

"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,

fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:a3,a2,79,ea,88,a6,cc,01

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

c:\program files (x86)\CyberLink\Shared files\RichVideo.exe

c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

.

**************************************************************************

.

Completion time: 2012-08-20 12:59:56 - machine was rebooted

ComboFix-quarantined-files.txt 2012-08-20 16:59

ComboFix2.txt 2012-08-20 14:37

ComboFix3.txt 2012-08-20 04:28

.

Pre-Run: 402,775,834,624 bytes free

Post-Run: 402,334,961,664 bytes free

.

- - End Of File - - 6BB70B39A963B7C22F6BD706216D117C

Link to post
Share on other sites

It is okay now. :)

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites

This is all that was in the log file. I followed path C:\-->Program Files (x86)-->ESET-->ESET Online Scanner-->log . At the end of the scan it did tell me that it cleaned 19 items but I never saw a log like in the previous scans.

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

Link to post
Share on other sites

That's strange. What exactly is the problem with these updates?

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

Link to post
Share on other sites

I get an error message "Code 646 Windows encountered an unknown error". There are 14 update errors all titled a security update for office 2007. I looked back over my update history and it is only the updates for Microsoft Office that fail. Windows defender definitions update ok. I looked on the trouble shooter and it said to download the Microsoft Fix It tool which I did but it doesn't work. There are manual instructions, but it involves modifying the registry but it also cautioned if you do that incorrectly more problems could be caused so I didn't attempt.

Here is the log:

Farbar Service Scanner Version: 06-08-2012

Ran by My Hp (administrator) on 21-08-2012 at 21:39:31

Running from "C:\Users\My Hp\Desktop"

Microsoft Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.