Jump to content

Avast sent me malware alert, now comes back clean....How can I ensure that my computer is not infected? /Alureon / 2nd hand pc

ahdontshoot425
 Share

Recommended Posts

ahdontshoot425

ahdontshoot425

Posted
Posted (edited)

Hello,

I recently bought a PC from a friend of mine and yesterday as I was setting it up, I noticed that internet browsing was really awful, both in Google Chrome and Internet Explorer--the pages would time out, the browser would crash--but my laptop was working perfectly fine, so it wasn't a problem with my network. He did not have anti-virus software installed and Windows Firewall was disabled. Any time I tried turning Windows Firewall on, I would get an error. The computer ran a bit slow and took quite a bit of time to boot, which I thought was odd considering it is a gaming rig that is only about a year and a half old.

Since it was a used computer and I wanted to remove all my friend's junk anyway, I did a complete restore of the OS (Windows 7 Home Premium 64-bit). The computer restored fine and I started installing my programs onto it when Avast sent me an alert that the computer was infected with a root kit (Alureon). I wasn't sure what this was at the time, so I googled the threat name Avast showed me and found a few websites about it. These websites seemed to be in agreement that simply telling Avast to delete it would not work, so I chose the "Ignore" option and put my computer in Safe Mode with Networking to try and find the files.

Using a guide on one of the websites that listed the file names I was looking to delete, I searched for the infected files but could not find them. I ran a boot-time scan using Avast which came back OK. I ran a full system scan with Avast that came back OK. I downloaded aswMBR, ran a scan and selected "FixMBR" and restarted the computer. I tried Kaspersky's TDSSKiller which also showed no threats. I ran a full system scan with Malwarebytes which also showed no threats. I downloaded Microsoft Safety Scanner which showed no threats. And lastly, I tried a full system scan with Windows Defender which also could not detect any threats.

I am at a loss for what to do. Am I overlooking the files while in Safe Mode? Did Avast give me a false positive (seems unlikely)? I would appreciate any recommendations on what to do because right now, I am refraining from using the computer for anything more than simple web browsing that doesn't require me to input any personal information. I would really like to get this computer sorted out and working as it should, but I have exhausted my limited knowledge of repairing these issues.

Thank you.

Edited by Maurice Naggar
highlights added for emphasis
Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Hello ahdontshoot and welcome to MalwareBytes forum.

Please stop running tools on your own. You must have trained guided help to fully get rid of Alureon, a.k.a. TDSS ...or for that matter any rootkit.

You said

I did a complete restore of the OS (Windows 7 Home Premium 64-bit)

Was that a Factory restore ??

What is the brand of that computer?

Did the previous owner give you the Windows DVD, if any, that might have come with the pc ?

Anytime one gets a used pc from "anybody" you want to wipe the system totally, install the operating system fresh, put on a fresh antivirus program, get all Windows updates, and only then add on your programs.

Most pc's from OEM s typically have a hidden factory restore partition which can be used (following the pc maker's directions) to reset the pc to "factory state" (meaning day 1 as it came out of the factory).

Let's have you do this:

Please download Listparts

Run the tool, click Scan and post the log (Result.txt) it makes. Do that, and answer my questions above.

Link to post
Share on other sites
ahdontshoot425

ahdontshoot425

Posted
  • Author
Posted

Hi, Thank you for responding.

The computer was custom built by my friend, so it is unbranded. There is no recovery partition. I did a clean install of Windows 7. I re-formatted the hard drive then installed Windows then installed anti-virus software and began installing programs. It was after I did the clean install that I got the Avast warning. Here is the log:

========================= Memory info ======================

Percentage of memory in use: 16%

Total physical RAM: 6143.18 MB

Available physical RAM: 5112.09 MB

Total Pagefile: 12284.55 MB

Available Pagefile: 11198.3 MB

Total Virtual: 4095.88 MB

Available Virtual: 3994.76 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:698.53 GB) (Free:664.09 GB) NTFS ==>[system with boot components (obtained from reading drive)]

2 Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]

3 Drive e: (Oblivion GOTY 1) (CDROM) (Total:4.16 GB) (Free:0 GB) UDF

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 698 GB 8 MB

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 100 MB 1024 KB

Partition 2 Primary 698 GB 101 MB

======================================================================================================

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 D System Rese NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 698 GB Healthy System (partition with boot components)

======================================================================================================

****** End Of Log ******

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

From here, going forward, do NOT put the logs inside Quote or Code boxes. Always copy/paste the contents & do not do any attachment feature.

The log from Listparts appears ok.

You must remove any CD or DVD from the tray.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Step 4

Please read carefully and follow these steps.

  • Delete the prior copies of TDSSKILLER.zip & TDSSKILLER.exe that you may have.
  • Download TDSSKiller and save it to your Desktop.
  • If on Windows 7 or Vista, RIGHT-Click on TDSSKiller.exe and select Run As Administrator to run the application.
    If on Windows XP, double-click to start.
  • Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
  • Then press Start Scan

When the scan is done, it will display a summary screen.

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 5

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 6

RE-Enable your antivirus program. :excl:

Then copy/paste the following into your post (in order):

  • the contents of aswMBR report;
  • the contents of TDSSKILLER log;
  • the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites
ahdontshoot425

ahdontshoot425

Posted
  • Author
Posted

aswMBR Report

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-08-22 14:02:49

-----------------------------

14:02:49.828 OS Version: Windows x64 6.1.7601 Service Pack 1

14:02:49.828 Number of processors: 4 586 0x403

14:02:49.828 ComputerName: VALERIE UserName:

14:02:51.637 Initialize success

14:02:51.715 AVAST engine defs: 12082200

14:03:35.279 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

14:03:35.279 Disk 0 Vendor: WDC_WD7501AALS-00E3A0 05.01D05 Size: 715404MB BusType: 3

14:03:35.295 Disk 0 MBR read successfully

14:03:35.295 Disk 0 MBR scan

14:03:35.311 Disk 0 Windows 7 default MBR code

14:03:35.311 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 100 MB offset 2048

14:03:35.326 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 715293 MB offset 206848

14:03:35.326 Disk 0 scanning C:\Windows\system32\drivers

14:03:37.214 Service scanning

14:03:43.407 Modules scanning

14:03:43.423 Scan finished successfully

14:04:25.480 Disk 0 MBR has been saved successfully to "C:\Users\Valerie\Desktop\MBR.dat"

14:04:25.480 The log file has been saved successfully to "C:\Users\Valerie\Desktop\aswMBR.txt"

TDSSKiller

14:06:23.0679 4600 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03

14:06:23.0897 4600 ============================================================

14:06:23.0897 4600 Current date / time: 2012/08/22 14:06:23.0897

14:06:23.0897 4600 SystemInfo:

14:06:23.0897 4600

14:06:23.0897 4600 OS Version: 6.1.7601 ServicePack: 1.0

14:06:23.0897 4600 Product type: Workstation

14:06:23.0897 4600 ComputerName: VALERIE

14:06:23.0897 4600 UserName: Valerie

14:06:23.0897 4600 Windows directory: C:\Windows

14:06:23.0897 4600 System windows directory: C:\Windows

14:06:23.0897 4600 Running under WOW64

14:06:23.0897 4600 Processor architecture: Intel x64

14:06:23.0897 4600 Number of processors: 4

14:06:23.0897 4600 Page size: 0x1000

14:06:23.0897 4600 Boot type: Normal boot

14:06:23.0897 4600 ============================================================

14:06:24.0583 4600 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:06:24.0583 4600 ============================================================

14:06:24.0583 4600 \Device\Harddisk0\DR0:

14:06:24.0583 4600 MBR partitions:

14:06:24.0583 4600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

14:06:24.0583 4600 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x5750EEF0

14:06:24.0583 4600 ============================================================

14:06:24.0599 4600 C: <-> \Device\Harddisk0\DR0\Partition2

14:06:24.0630 4600 D: <-> \Device\Harddisk0\DR0\Partition1

14:06:24.0630 4600 ============================================================

14:06:24.0630 4600 Initialize success

14:06:24.0630 4600 ============================================================

14:06:42.0523 4656 ============================================================

14:06:42.0523 4656 Scan started

14:06:42.0523 4656 Mode: Manual; SigCheck; TDLFS;

14:06:42.0523 4656 ============================================================

14:06:42.0882 4656 ================ Scan system memory ========================

14:06:42.0882 4656 System memory - ok

14:06:42.0882 4656 ================ Scan services =============================

14:06:43.0132 4656 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys

14:06:43.0194 4656 1394ohci - ok

14:06:43.0210 4656 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

14:06:43.0225 4656 ACPI - ok

14:06:43.0225 4656 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

14:06:43.0241 4656 AcpiPmi - ok

14:06:43.0257 4656 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

14:06:43.0257 4656 adp94xx - ok

14:06:43.0272 4656 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

14:06:43.0272 4656 adpahci - ok

14:06:43.0288 4656 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

14:06:43.0288 4656 adpu320 - ok

14:06:43.0303 4656 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

14:06:43.0335 4656 AeLookupSvc - ok

14:06:43.0335 4656 [ D31DC7A16DEA4A9BAF179F3D6FBDB38C ] AFD C:\Windows\system32\drivers\afd.sys

14:06:43.0366 4656 AFD - ok

14:06:43.0366 4656 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

14:06:43.0381 4656 agp440 - ok

14:06:43.0381 4656 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

14:06:43.0381 4656 ALG - ok

14:06:43.0397 4656 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

14:06:43.0397 4656 aliide - ok

14:06:43.0428 4656 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

14:06:43.0444 4656 AMD External Events Utility - ok

14:06:43.0444 4656 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

14:06:43.0444 4656 amdide - ok

14:06:43.0459 4656 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

14:06:43.0459 4656 AmdK8 - ok

14:06:43.0662 4656 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

14:06:43.0849 4656 amdkmdag - ok

14:06:43.0881 4656 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

14:06:43.0881 4656 amdkmdap - ok

14:06:43.0896 4656 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

14:06:43.0896 4656 AmdPPM - ok

14:06:43.0912 4656 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys

14:06:43.0912 4656 amdsata - ok

14:06:43.0927 4656 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

14:06:43.0943 4656 amdsbs - ok

14:06:43.0943 4656 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys

14:06:43.0943 4656 amdxata - ok

14:06:43.0943 4656 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

14:06:43.0974 4656 AppID - ok

14:06:43.0990 4656 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

14:06:44.0005 4656 AppIDSvc - ok

14:06:44.0021 4656 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

14:06:44.0037 4656 Appinfo - ok

14:06:44.0037 4656 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

14:06:44.0052 4656 arc - ok

14:06:44.0052 4656 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

14:06:44.0052 4656 arcsas - ok

14:06:44.0083 4656 [ DF59B8E8DF0BD2E0E303778A3806A17D ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

14:06:44.0099 4656 aswFsBlk - ok

14:06:44.0146 4656 [ F8E6AB4F876FEFF69250F2E0C29EF004 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

14:06:44.0161 4656 aswMonFlt - ok

14:06:44.0177 4656 [ AA92BC4BCBA40CA3AA3FFD1BE24F0C09 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

14:06:44.0208 4656 aswRdr - ok

14:06:44.0224 4656 [ F06E230E1E8CA9437A6474B7B551CD37 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

14:06:44.0255 4656 aswSnx - ok

14:06:44.0271 4656 [ 3610CA74A69E380424F0452DEC5C1317 ] aswSP C:\Windows\system32\drivers\aswSP.sys

14:06:44.0271 4656 aswSP - ok

14:06:44.0286 4656 [ 87DE3E31CB0091D22351349869324065 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

14:06:44.0286 4656 aswTdi - ok

14:06:44.0286 4656 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

14:06:44.0317 4656 AsyncMac - ok

14:06:44.0317 4656 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

14:06:44.0317 4656 atapi - ok

14:06:44.0395 4656 [ C24A645AEDBDF5FA0A23F7581C6F9C63 ] athur C:\Windows\system32\DRIVERS\athurx.sys

14:06:44.0442 4656 athur - ok

14:06:44.0473 4656 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

14:06:44.0489 4656 AudioEndpointBuilder - ok

14:06:44.0505 4656 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

14:06:44.0536 4656 AudioSrv - ok

14:06:44.0614 4656 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

14:06:44.0645 4656 avast! Antivirus - ok

14:06:44.0661 4656 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

14:06:44.0676 4656 AxInstSV - ok

14:06:44.0692 4656 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

14:06:44.0707 4656 b06bdrv - ok

14:06:44.0723 4656 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

14:06:44.0739 4656 b57nd60a - ok

14:06:44.0754 4656 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

14:06:44.0770 4656 BDESVC - ok

14:06:44.0770 4656 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

14:06:44.0801 4656 Beep - ok

14:06:44.0817 4656 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

14:06:44.0832 4656 BFE - ok

14:06:44.0863 4656 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

14:06:44.0910 4656 BITS - ok

14:06:44.0910 4656 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

14:06:44.0910 4656 blbdrive - ok

14:06:44.0926 4656 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

14:06:44.0941 4656 bowser - ok

14:06:44.0941 4656 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

14:06:44.0957 4656 BrFiltLo - ok

14:06:44.0957 4656 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

14:06:44.0973 4656 BrFiltUp - ok

14:06:44.0973 4656 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll

14:06:45.0004 4656 Browser - ok

14:06:45.0004 4656 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

14:06:45.0019 4656 Brserid - ok

14:06:45.0019 4656 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

14:06:45.0035 4656 BrSerWdm - ok

14:06:45.0035 4656 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

14:06:45.0035 4656 BrUsbMdm - ok

14:06:45.0051 4656 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

14:06:45.0051 4656 BrUsbSer - ok

14:06:45.0051 4656 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

14:06:45.0066 4656 BTHMODEM - ok

14:06:45.0066 4656 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

14:06:45.0097 4656 bthserv - ok

14:06:45.0097 4656 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

14:06:45.0113 4656 cdfs - ok

14:06:45.0129 4656 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

14:06:45.0129 4656 cdrom - ok

14:06:45.0144 4656 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

14:06:45.0160 4656 CertPropSvc - ok

14:06:45.0160 4656 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

14:06:45.0175 4656 circlass - ok

14:06:45.0175 4656 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

14:06:45.0191 4656 CLFS - ok

14:06:45.0285 4656 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:06:45.0316 4656 clr_optimization_v2.0.50727_32 - ok

14:06:45.0394 4656 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:06:45.0425 4656 clr_optimization_v2.0.50727_64 - ok

14:06:45.0425 4656 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

14:06:45.0441 4656 CmBatt - ok

14:06:45.0456 4656 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

14:06:45.0472 4656 cmdide - ok

14:06:45.0487 4656 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys

14:06:45.0503 4656 CNG - ok

14:06:45.0519 4656 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

14:06:45.0519 4656 Compbatt - ok

14:06:45.0534 4656 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

14:06:45.0550 4656 CompositeBus - ok

14:06:45.0550 4656 COMSysApp - ok

14:06:45.0565 4656 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

14:06:45.0565 4656 crcdisk - ok

14:06:45.0581 4656 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll

14:06:45.0597 4656 CryptSvc - ok

14:06:45.0628 4656 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

14:06:45.0659 4656 DcomLaunch - ok

14:06:45.0675 4656 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

14:06:45.0706 4656 defragsvc - ok

14:06:45.0706 4656 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

14:06:45.0737 4656 DfsC - ok

14:06:45.0737 4656 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

14:06:45.0768 4656 Dhcp - ok

14:06:45.0784 4656 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

14:06:45.0799 4656 discache - ok

14:06:45.0815 4656 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

14:06:45.0815 4656 Disk - ok

14:06:45.0831 4656 [ CD55F5355D8F55D44C9F4ED875705BD6 ] Dnscache C:\Windows\System32\dnsrslvr.dll

14:06:45.0846 4656 Dnscache - ok

14:06:45.0862 4656 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

14:06:45.0877 4656 dot3svc - ok

14:06:45.0909 4656 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

14:06:45.0924 4656 DPS - ok

14:06:45.0955 4656 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

14:06:45.0955 4656 drmkaud - ok

14:06:45.0971 4656 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

14:06:45.0987 4656 DXGKrnl - ok

14:06:46.0002 4656 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

14:06:46.0018 4656 EapHost - ok

14:06:46.0096 4656 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

14:06:46.0174 4656 ebdrv - ok

14:06:46.0189 4656 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe

14:06:46.0205 4656 EFS - ok

14:06:46.0283 4656 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

14:06:46.0314 4656 ehRecvr - ok

14:06:46.0330 4656 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

14:06:46.0330 4656 ehSched - ok

14:06:46.0345 4656 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

14:06:46.0361 4656 elxstor - ok

14:06:46.0361 4656 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

14:06:46.0361 4656 ErrDev - ok

14:06:46.0392 4656 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

14:06:46.0408 4656 EventSystem - ok

14:06:46.0423 4656 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

14:06:46.0439 4656 exfat - ok

14:06:46.0455 4656 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

14:06:46.0470 4656 fastfat - ok

14:06:46.0486 4656 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

14:06:46.0501 4656 Fax - ok

14:06:46.0517 4656 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

14:06:46.0533 4656 fdc - ok

14:06:46.0533 4656 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

14:06:46.0564 4656 fdPHost - ok

14:06:46.0564 4656 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

14:06:46.0595 4656 FDResPub - ok

14:06:46.0595 4656 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

14:06:46.0595 4656 FileInfo - ok

14:06:46.0595 4656 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

14:06:46.0626 4656 Filetrace - ok

14:06:46.0626 4656 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

14:06:46.0626 4656 flpydisk - ok

14:06:46.0642 4656 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

14:06:46.0657 4656 FltMgr - ok

14:06:46.0673 4656 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll

14:06:46.0704 4656 FontCache - ok

14:06:46.0735 4656 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:06:46.0735 4656 FontCache3.0.0.0 - ok

14:06:46.0751 4656 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

14:06:46.0751 4656 FsDepends - ok

14:06:46.0751 4656 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

14:06:46.0751 4656 Fs_Rec - ok

14:06:46.0767 4656 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

14:06:46.0767 4656 fvevol - ok

14:06:46.0782 4656 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

14:06:46.0798 4656 gagp30kx - ok

14:06:46.0813 4656 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

14:06:46.0845 4656 gpsvc - ok

14:06:46.0876 4656 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

14:06:46.0891 4656 gupdate - ok

14:06:46.0891 4656 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

14:06:46.0907 4656 gupdatem - ok

14:06:46.0907 4656 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

14:06:46.0923 4656 hcw85cir - ok

14:06:46.0923 4656 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

14:06:46.0938 4656 HdAudAddService - ok

14:06:46.0938 4656 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

14:06:46.0954 4656 HDAudBus - ok

14:06:46.0954 4656 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

14:06:46.0969 4656 HidBatt - ok

14:06:46.0969 4656 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

14:06:46.0969 4656 HidBth - ok

14:06:46.0985 4656 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

14:06:46.0985 4656 HidIr - ok

14:06:47.0016 4656 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

14:06:47.0032 4656 hidserv - ok

14:06:47.0047 4656 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

14:06:47.0047 4656 HidUsb - ok

14:06:47.0063 4656 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

14:06:47.0094 4656 hkmsvc - ok

14:06:47.0110 4656 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

14:06:47.0125 4656 HomeGroupListener - ok

14:06:47.0141 4656 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

14:06:47.0157 4656 HomeGroupProvider - ok

14:06:47.0157 4656 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

14:06:47.0172 4656 HpSAMD - ok

14:06:47.0172 4656 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

14:06:47.0203 4656 HTTP - ok

14:06:47.0203 4656 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

14:06:47.0219 4656 hwpolicy - ok

14:06:47.0235 4656 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

14:06:47.0235 4656 i8042prt - ok

14:06:47.0250 4656 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

14:06:47.0266 4656 iaStorV - ok

14:06:47.0313 4656 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:06:47.0328 4656 idsvc - ok

14:06:47.0328 4656 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

14:06:47.0328 4656 iirsp - ok

14:06:47.0344 4656 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

14:06:47.0391 4656 IKEEXT - ok

14:06:47.0406 4656 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

14:06:47.0406 4656 intelide - ok

14:06:47.0437 4656 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys

14:06:47.0469 4656 intelppm - ok

14:06:47.0469 4656 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

14:06:47.0531 4656 IPBusEnum - ok

14:06:47.0531 4656 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:06:47.0562 4656 IpFilterDriver - ok

14:06:47.0562 4656 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

14:06:47.0593 4656 iphlpsvc - ok

14:06:47.0593 4656 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

14:06:47.0609 4656 IPMIDRV - ok

14:06:47.0609 4656 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

14:06:47.0625 4656 IPNAT - ok

14:06:47.0640 4656 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

14:06:47.0656 4656 IRENUM - ok

14:06:47.0656 4656 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

14:06:47.0656 4656 isapnp - ok

14:06:47.0671 4656 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

14:06:47.0687 4656 iScsiPrt - ok

14:06:47.0765 4656 [ CF9BA304B8047B9582D72D9BFEF42EAE ] jswpsapi C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe

14:06:47.0812 4656 jswpsapi - ok

14:06:47.0827 4656 [ 5BE640E88814B77A9E84B4549B5DCC2C ] JSWPSLWF C:\Windows\system32\DRIVERS\jswpslwfx.sys

14:06:47.0843 4656 JSWPSLWF - ok

14:06:47.0859 4656 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

14:06:47.0874 4656 kbdclass - ok

14:06:47.0874 4656 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

14:06:47.0890 4656 kbdhid - ok

14:06:47.0921 4656 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe

14:06:47.0952 4656 KeyIso - ok

14:06:47.0952 4656 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

14:06:47.0968 4656 KSecDD - ok

14:06:47.0968 4656 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

14:06:47.0983 4656 KSecPkg - ok

14:06:47.0983 4656 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

14:06:48.0015 4656 ksthunk - ok

14:06:48.0046 4656 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

14:06:48.0077 4656 KtmRm - ok

14:06:48.0108 4656 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

14:06:48.0139 4656 LanmanServer - ok

14:06:48.0155 4656 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

14:06:48.0171 4656 LanmanWorkstation - ok

14:06:48.0186 4656 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

14:06:48.0202 4656 lltdio - ok

14:06:48.0217 4656 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

14:06:48.0249 4656 lltdsvc - ok

14:06:48.0249 4656 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

14:06:48.0280 4656 lmhosts - ok

14:06:48.0280 4656 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

14:06:48.0295 4656 LSI_FC - ok

14:06:48.0295 4656 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

14:06:48.0295 4656 LSI_SAS - ok

14:06:48.0311 4656 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

14:06:48.0311 4656 LSI_SAS2 - ok

14:06:48.0311 4656 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

14:06:48.0327 4656 LSI_SCSI - ok

14:06:48.0327 4656 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

14:06:48.0342 4656 luafv - ok

14:06:48.0373 4656 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

14:06:48.0373 4656 MBAMProtector - ok

14:06:48.0405 4656 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

14:06:48.0420 4656 MBAMService - ok

14:06:48.0436 4656 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

14:06:48.0451 4656 Mcx2Svc - ok

14:06:48.0451 4656 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

14:06:48.0467 4656 megasas - ok

14:06:48.0467 4656 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

14:06:48.0483 4656 MegaSR - ok

14:06:48.0483 4656 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

14:06:48.0514 4656 MMCSS - ok

14:06:48.0514 4656 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

14:06:48.0529 4656 Modem - ok

14:06:48.0529 4656 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

14:06:48.0545 4656 monitor - ok

14:06:48.0545 4656 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

14:06:48.0561 4656 mouclass - ok

14:06:48.0561 4656 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

14:06:48.0561 4656 mouhid - ok

14:06:48.0576 4656 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

14:06:48.0576 4656 mountmgr - ok

14:06:48.0576 4656 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

14:06:48.0592 4656 mpio - ok

14:06:48.0592 4656 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

14:06:48.0607 4656 mpsdrv - ok

14:06:48.0639 4656 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

14:06:48.0670 4656 MpsSvc - ok

14:06:48.0670 4656 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

14:06:48.0685 4656 MRxDAV - ok

14:06:48.0685 4656 [ FAF015B07E3A2874A790A39B7D2C579F ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

14:06:48.0701 4656 mrxsmb - ok

14:06:48.0717 4656 [ 08E2345DF129082BCDFFDC1440F9C00D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:06:48.0732 4656 mrxsmb10 - ok

14:06:48.0748 4656 [ 108D87409C5812EF47D81E22843E8C9D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:06:48.0763 4656 mrxsmb20 - ok

14:06:48.0763 4656 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

14:06:48.0779 4656 msahci - ok

14:06:48.0779 4656 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

14:06:48.0779 4656 msdsm - ok

14:06:48.0795 4656 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

14:06:48.0810 4656 MSDTC - ok

14:06:48.0810 4656 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

14:06:48.0826 4656 Msfs - ok

14:06:48.0841 4656 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

14:06:48.0857 4656 mshidkmdf - ok

14:06:48.0857 4656 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

14:06:48.0873 4656 msisadrv - ok

14:06:48.0888 4656 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

14:06:48.0904 4656 MSiSCSI - ok

14:06:48.0904 4656 msiserver - ok

14:06:48.0919 4656 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

14:06:48.0935 4656 MSKSSRV - ok

14:06:48.0935 4656 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

14:06:48.0966 4656 MSPCLOCK - ok

14:06:48.0966 4656 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

14:06:48.0982 4656 MSPQM - ok

14:06:48.0997 4656 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

14:06:49.0013 4656 MsRPC - ok

14:06:49.0013 4656 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

14:06:49.0013 4656 mssmbios - ok

14:06:49.0013 4656 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

14:06:49.0044 4656 MSTEE - ok

14:06:49.0044 4656 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

14:06:49.0044 4656 MTConfig - ok

14:06:49.0075 4656 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys

14:06:49.0075 4656 MTsensor - ok

14:06:49.0075 4656 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

14:06:49.0091 4656 Mup - ok

14:06:49.0107 4656 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

14:06:49.0138 4656 napagent - ok

14:06:49.0169 4656 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

14:06:49.0185 4656 NativeWifiP - ok

14:06:49.0200 4656 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys

14:06:49.0216 4656 NDIS - ok

14:06:49.0216 4656 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

14:06:49.0247 4656 NdisCap - ok

14:06:49.0247 4656 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

14:06:49.0278 4656 NdisTapi - ok

14:06:49.0294 4656 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

14:06:49.0309 4656 Ndisuio - ok

14:06:49.0325 4656 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

14:06:49.0341 4656 NdisWan - ok

14:06:49.0341 4656 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

14:06:49.0372 4656 NDProxy - ok

14:06:49.0372 4656 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

14:06:49.0387 4656 NetBIOS - ok

14:06:49.0403 4656 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

14:06:49.0419 4656 NetBT - ok

14:06:49.0434 4656 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe

14:06:49.0450 4656 Netlogon - ok

14:06:49.0465 4656 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

14:06:49.0481 4656 Netman - ok

14:06:49.0497 4656 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

14:06:49.0528 4656 netprofm - ok

14:06:49.0559 4656 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:06:49.0559 4656 NetTcpPortSharing - ok

14:06:49.0559 4656 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

14:06:49.0575 4656 nfrd960 - ok

14:06:49.0590 4656 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

14:06:49.0606 4656 NlaSvc - ok

14:06:49.0621 4656 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

14:06:49.0637 4656 Npfs - ok

14:06:49.0653 4656 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

14:06:49.0668 4656 nsi - ok

14:06:49.0668 4656 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

14:06:49.0699 4656 nsiproxy - ok

14:06:49.0715 4656 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

14:06:49.0746 4656 Ntfs - ok

14:06:49.0746 4656 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

14:06:49.0777 4656 Null - ok

14:06:49.0793 4656 [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys

14:06:49.0809 4656 nusb3hub - ok

14:06:49.0824 4656 [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys

14:06:49.0840 4656 nusb3xhc - ok

14:06:49.0840 4656 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys

14:06:49.0855 4656 nvraid - ok

14:06:49.0855 4656 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys

14:06:49.0871 4656 nvstor - ok

14:06:49.0871 4656 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

14:06:49.0871 4656 nv_agp - ok

14:06:49.0887 4656 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

14:06:49.0887 4656 ohci1394 - ok

14:06:49.0918 4656 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

14:06:49.0933 4656 p2pimsvc - ok

14:06:49.0949 4656 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

14:06:49.0965 4656 p2psvc - ok

14:06:49.0980 4656 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

14:06:49.0980 4656 Parport - ok

14:06:49.0996 4656 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys

14:06:49.0996 4656 partmgr - ok

14:06:49.0996 4656 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

14:06:50.0011 4656 PcaSvc - ok

14:06:50.0027 4656 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

14:06:50.0027 4656 pci - ok

14:06:50.0027 4656 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

14:06:50.0043 4656 pciide - ok

14:06:50.0043 4656 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

14:06:50.0058 4656 pcmcia - ok

14:06:50.0058 4656 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

14:06:50.0058 4656 pcw - ok

14:06:50.0074 4656 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

14:06:50.0105 4656 PEAUTH - ok

14:06:50.0277 4656 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

14:06:50.0323 4656 PerfHost - ok

14:06:50.0370 4656 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

14:06:50.0433 4656 pla - ok

14:06:50.0448 4656 [ B806E50427511BCF4AD8E8239C3E25FA ] PlugPlay C:\Windows\system32\umpnpmgr.dll

14:06:50.0479 4656 PlugPlay - ok

14:06:50.0479 4656 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

14:06:50.0495 4656 PNRPAutoReg - ok

14:06:50.0511 4656 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

14:06:50.0511 4656 PNRPsvc - ok

14:06:50.0526 4656 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

14:06:50.0557 4656 PolicyAgent - ok

14:06:50.0557 4656 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

14:06:50.0589 4656 Power - ok

14:06:50.0604 4656 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

14:06:50.0620 4656 PptpMiniport - ok

14:06:50.0620 4656 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

14:06:50.0635 4656 Processor - ok

14:06:50.0635 4656 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll

14:06:50.0667 4656 ProfSvc - ok

14:06:50.0682 4656 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe

14:06:50.0682 4656 ProtectedStorage - ok

14:06:50.0698 4656 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

14:06:50.0713 4656 Psched - ok

14:06:50.0729 4656 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

14:06:50.0760 4656 ql2300 - ok

14:06:50.0760 4656 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

14:06:50.0776 4656 ql40xx - ok

14:06:50.0791 4656 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

14:06:50.0807 4656 QWAVE - ok

14:06:50.0807 4656 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

14:06:50.0823 4656 QWAVEdrv - ok

14:06:50.0838 4656 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

14:06:50.0854 4656 RasAcd - ok

14:06:50.0869 4656 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

14:06:50.0901 4656 RasAgileVpn - ok

14:06:50.0916 4656 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

14:06:50.0947 4656 RasAuto - ok

14:06:50.0947 4656 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

14:06:50.0963 4656 Rasl2tp - ok

14:06:50.0979 4656 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

14:06:51.0010 4656 RasMan - ok

14:06:51.0010 4656 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

14:06:51.0041 4656 RasPppoe - ok

14:06:51.0041 4656 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

14:06:51.0057 4656 RasSstp - ok

14:06:51.0088 4656 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

14:06:51.0103 4656 rdbss - ok

14:06:51.0103 4656 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

14:06:51.0119 4656 rdpbus - ok

14:06:51.0119 4656 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

14:06:51.0135 4656 RDPCDD - ok

14:06:51.0150 4656 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

14:06:51.0181 4656 RDPENCDD - ok

14:06:51.0181 4656 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

14:06:51.0197 4656 RDPREFMP - ok

14:06:51.0228 4656 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

14:06:51.0228 4656 RDPWD - ok

14:06:51.0244 4656 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

14:06:51.0244 4656 rdyboost - ok

14:06:51.0259 4656 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

14:06:51.0291 4656 RemoteAccess - ok

14:06:51.0291 4656 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

14:06:51.0322 4656 RemoteRegistry - ok

14:06:51.0337 4656 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

14:06:51.0353 4656 RpcEptMapper - ok

14:06:51.0369 4656 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

14:06:51.0369 4656 RpcLocator - ok

14:06:51.0384 4656 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

14:06:51.0415 4656 RpcSs - ok

14:06:51.0415 4656 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

14:06:51.0447 4656 rspndr - ok

14:06:51.0447 4656 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

14:06:51.0462 4656 RTL8167 - ok

14:06:51.0462 4656 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe

14:06:51.0478 4656 SamSs - ok

14:06:51.0478 4656 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

14:06:51.0478 4656 sbp2port - ok

14:06:51.0493 4656 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

14:06:51.0525 4656 SCardSvr - ok

14:06:51.0525 4656 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

14:06:51.0540 4656 scfilter - ok

14:06:51.0556 4656 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

14:06:51.0603 4656 Schedule - ok

14:06:51.0618 4656 [ 2A50BE713FAF033420466C25979C028E ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys

14:06:51.0634 4656 SCMNdisP - ok

14:06:51.0634 4656 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

14:06:51.0665 4656 SCPolicySvc - ok

14:06:51.0665 4656 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

14:06:51.0681 4656 SDRSVC - ok

14:06:51.0681 4656 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

14:06:51.0712 4656 secdrv - ok

14:06:51.0712 4656 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

14:06:51.0727 4656 seclogon - ok

14:06:51.0743 4656 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

14:06:51.0774 4656 SENS - ok

14:06:51.0790 4656 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

14:06:51.0805 4656 SensrSvc - ok

14:06:51.0805 4656 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

14:06:51.0805 4656 Serenum - ok

14:06:51.0821 4656 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

14:06:51.0821 4656 Serial - ok

14:06:51.0821 4656 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

14:06:51.0837 4656 sermouse - ok

14:06:51.0852 4656 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

14:06:51.0868 4656 SessionEnv - ok

14:06:51.0883 4656 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

14:06:51.0883 4656 sffdisk - ok

14:06:51.0883 4656 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

14:06:51.0899 4656 sffp_mmc - ok

14:06:51.0899 4656 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

14:06:51.0915 4656 sffp_sd - ok

14:06:51.0915 4656 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

14:06:51.0930 4656 sfloppy - ok

14:06:51.0946 4656 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

14:06:51.0961 4656 SharedAccess - ok

14:06:51.0977 4656 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

14:06:52.0008 4656 ShellHWDetection - ok

14:06:52.0008 4656 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

14:06:52.0024 4656 SiSRaid2 - ok

14:06:52.0024 4656 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

14:06:52.0024 4656 SiSRaid4 - ok

14:06:52.0039 4656 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

14:06:52.0055 4656 Smb - ok

14:06:52.0071 4656 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

14:06:52.0086 4656 SNMPTRAP - ok

14:06:52.0086 4656 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

14:06:52.0086 4656 spldr - ok

14:06:52.0102 4656 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe

14:06:52.0133 4656 Spooler - ok

14:06:52.0195 4656 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

14:06:52.0320 4656 sppsvc - ok

14:06:52.0320 4656 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

14:06:52.0336 4656 sppuinotify - ok

14:06:52.0351 4656 [ 2098B8556D1CEC2ACA9A29CD479E3692 ] srv C:\Windows\system32\DRIVERS\srv.sys

14:06:52.0383 4656 srv - ok

14:06:52.0383 4656 [ D0F73A42040F21F92FD314B42AC5C9E7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

14:06:52.0414 4656 srv2 - ok

14:06:52.0414 4656 [ 2BA8F3250828CCDB4204ECF2C6F40B6A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

14:06:52.0429 4656 srvnet - ok

14:06:52.0461 4656 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

14:06:52.0476 4656 SSDPSRV - ok

14:06:52.0492 4656 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

14:06:52.0523 4656 SstpSvc - ok

14:06:52.0570 4656 Steam Client Service - ok

14:06:52.0570 4656 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

14:06:52.0585 4656 stexstor - ok

14:06:52.0741 4656 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

14:06:52.0788 4656 stisvc - ok

14:06:52.0788 4656 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

14:06:52.0804 4656 swenum - ok

14:06:52.0819 4656 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

14:06:52.0851 4656 swprv - ok

14:06:52.0882 4656 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

14:06:52.0913 4656 SysMain - ok

14:06:52.0929 4656 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

14:06:52.0944 4656 TabletInputService - ok

14:06:52.0944 4656 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

14:06:52.0975 4656 TapiSrv - ok

14:06:52.0991 4656 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

14:06:53.0007 4656 TBS - ok

14:06:53.0038 4656 [ 509383E505C973ED7534A06B3D19688D ] Tcpip C:\Windows\system32\drivers\tcpip.sys

14:06:53.0085 4656 Tcpip - ok

14:06:53.0100 4656 [ 509383E505C973ED7534A06B3D19688D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

14:06:53.0131 4656 TCPIP6 - ok

14:06:53.0131 4656 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

14:06:53.0147 4656 tcpipreg - ok

14:06:53.0163 4656 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

14:06:53.0163 4656 TDPIPE - ok

14:06:53.0178 4656 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

14:06:53.0178 4656 TDTCP - ok

14:06:53.0194 4656 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

14:06:53.0209 4656 tdx - ok

14:06:53.0209 4656 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

14:06:53.0225 4656 TermDD - ok

14:06:53.0241 4656 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

14:06:53.0272 4656 TermService - ok

14:06:53.0287 4656 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

14:06:53.0287 4656 Themes - ok

14:06:53.0303 4656 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

14:06:53.0319 4656 THREADORDER - ok

14:06:53.0334 4656 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

14:06:53.0350 4656 TrkWks - ok

14:06:53.0397 4656 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

14:06:53.0428 4656 TrustedInstaller - ok

14:06:53.0443 4656 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

14:06:53.0459 4656 tssecsrv - ok

14:06:53.0459 4656 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

14:06:53.0475 4656 TsUsbFlt - ok

14:06:53.0490 4656 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

14:06:53.0506 4656 TsUsbGD - ok

14:06:53.0506 4656 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

14:06:53.0537 4656 tunnel - ok

14:06:53.0537 4656 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

14:06:53.0537 4656 uagp35 - ok

14:06:53.0553 4656 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

14:06:53.0584 4656 udfs - ok

14:06:53.0599 4656 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

14:06:53.0599 4656 UI0Detect - ok

14:06:53.0615 4656 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

14:06:53.0615 4656 uliagpkx - ok

14:06:53.0615 4656 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

14:06:53.0631 4656 umbus - ok

14:06:53.0631 4656 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

14:06:53.0631 4656 UmPass - ok

14:06:53.0646 4656 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

14:06:53.0677 4656 upnphost - ok

14:06:53.0693 4656 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

14:06:53.0693 4656 usbccgp - ok

14:06:53.0709 4656 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

14:06:53.0724 4656 usbcir - ok

14:06:53.0724 4656 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

14:06:53.0724 4656 usbehci - ok

14:06:53.0740 4656 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

14:06:53.0740 4656 usbhub - ok

14:06:53.0755 4656 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

14:06:53.0755 4656 usbohci - ok

14:06:53.0755 4656 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys

14:06:53.0771 4656 usbprint - ok

14:06:53.0771 4656 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:06:53.0787 4656 USBSTOR - ok

14:06:53.0787 4656 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

14:06:53.0802 4656 usbuhci - ok

14:06:53.0818 4656 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

14:06:53.0849 4656 UxSms - ok

14:06:53.0849 4656 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe

14:06:53.0865 4656 VaultSvc - ok

14:06:53.0865 4656 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

14:06:53.0865 4656 vdrvroot - ok

14:06:53.0880 4656 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

14:06:53.0911 4656 vds - ok

14:06:53.0911 4656 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

14:06:53.0927 4656 vga - ok

14:06:53.0927 4656 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

14:06:53.0958 4656 VgaSave - ok

14:06:53.0958 4656 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

14:06:53.0958 4656 vhdmp - ok

14:06:53.0974 4656 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

14:06:53.0974 4656 viaide - ok

14:06:53.0974 4656 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

14:06:53.0989 4656 volmgr - ok

14:06:53.0989 4656 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

14:06:54.0005 4656 volmgrx - ok

14:06:54.0005 4656 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

14:06:54.0021 4656 volsnap - ok

14:06:54.0021 4656 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

14:06:54.0036 4656 vsmraid - ok

14:06:54.0052 4656 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

14:06:54.0114 4656 VSS - ok

14:06:54.0114 4656 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

14:06:54.0114 4656 vwifibus - ok

14:06:54.0130 4656 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

14:06:54.0145 4656 vwififlt - ok

14:06:54.0145 4656 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

14:06:54.0177 4656 W32Time - ok

14:06:54.0177 4656 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

14:06:54.0192 4656 WacomPen - ok

14:06:54.0192 4656 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

14:06:54.0208 4656 WANARP - ok

14:06:54.0223 4656 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

14:06:54.0239 4656 Wanarpv6 - ok

14:06:54.0270 4656 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

14:06:54.0301 4656 wbengine - ok

14:06:54.0301 4656 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

14:06:54.0317 4656 WbioSrvc - ok

14:06:54.0333 4656 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

14:06:54.0348 4656 wcncsvc - ok

14:06:54.0348 4656 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

14:06:54.0364 4656 WcsPlugInService - ok

14:06:54.0364 4656 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

14:06:54.0364 4656 Wd - ok

14:06:54.0379 4656 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

14:06:54.0395 4656 Wdf01000 - ok

14:06:54.0395 4656 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

14:06:54.0411 4656 WdiServiceHost - ok

14:06:54.0411 4656 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

14:06:54.0426 4656 WdiSystemHost - ok

14:06:54.0442 4656 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

14:06:54.0457 4656 WebClient - ok

14:06:54.0473 4656 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

14:06:54.0489 4656 Wecsvc - ok

14:06:54.0504 4656 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

14:06:54.0520 4656 wercplsupport - ok

14:06:54.0535 4656 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

14:06:54.0567 4656 WerSvc - ok

14:06:54.0567 4656 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

14:06:54.0582 4656 WfpLwf - ok

14:06:54.0598 4656 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

14:06:54.0598 4656 WIMMount - ok

14:06:54.0613 4656 WinDefend - ok

14:06:54.0613 4656 WinHttpAutoProxySvc - ok

14:06:54.0707 4656 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

14:06:54.0754 4656 Winmgmt - ok

14:06:54.0801 4656 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

14:06:54.0863 4656 WinRM - ok

14:06:54.0879 4656 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

14:06:54.0910 4656 Wlansvc - ok

14:06:54.0910 4656 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

14:06:54.0910 4656 WmiAcpi - ok

14:06:54.0941 4656 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

14:06:54.0941 4656 wmiApSrv - ok

14:06:54.0957 4656 WMPNetworkSvc - ok

14:06:54.0957 4656 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

14:06:54.0972 4656 WPCSvc - ok

14:06:54.0972 4656 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

14:06:54.0988 4656 WPDBusEnum - ok

14:06:54.0988 4656 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

14:06:55.0019 4656 ws2ifsl - ok

14:06:55.0019 4656 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

14:06:55.0035 4656 wscsvc - ok

14:06:55.0035 4656 WSearch - ok

14:06:55.0081 4656 [ 0001DC46B513A37B1E8151335CA6F28E ] WSWNA1100 C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe

14:06:55.0097 4656 WSWNA1100 - ok

14:06:55.0159 4656 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

14:06:55.0191 4656 wuauserv - ok

14:06:55.0206 4656 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

14:06:55.0222 4656 WudfPf - ok

14:06:55.0222 4656 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

14:06:55.0253 4656 wudfsvc - ok

14:06:55.0253 4656 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

14:06:55.0269 4656 WwanSvc - ok

14:06:55.0300 4656 ================ Scan global ===============================

14:06:55.0300 4656 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

14:06:55.0315 4656 [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll

14:06:55.0331 4656 [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll

14:06:55.0331 4656 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

14:06:55.0362 4656 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

14:06:55.0378 4656 [Global] - ok

14:06:55.0378 4656 ================ Scan MBR ==================================

14:06:55.0393 4656 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

14:06:55.0659 4656 \Device\Harddisk0\DR0 - ok

14:06:55.0659 4656 ================ Scan VBR ==================================

14:06:55.0690 4656 [ F2F1AA98DADE8985E81FACBAE778E996 ] \Device\Harddisk0\DR0\Partition1

14:06:55.0690 4656 \Device\Harddisk0\DR0\Partition1 - ok

14:06:55.0690 4656 [ 4AA83919C7C26980C578C77DB7A6F431 ] \Device\Harddisk0\DR0\Partition2

14:06:55.0705 4656 \Device\Harddisk0\DR0\Partition2 - ok

14:06:55.0705 4656 ============================================================

14:06:55.0705 4656 Scan finished

14:06:55.0705 4656 ============================================================

14:06:55.0752 2312 Detected object count: 0

14:06:55.0752 2312 Actual detected object count: 0

RKReport

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo...13-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: Valerie [Admin rights]

Mode: Scan -- Date: 08/22/2012 14:11:09

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD7501AALS-00E3A0 ATA Device +++++

--- User ---

[MBR] f7b1469790da98e4d5e5aa7a11b5f7e4

[bSP] 2499dd9200ff54fa592b00c30a3c8fe9 : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 715293 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

  • Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-Click RogueKiller and select Run as Administrator.
  • Wait until Prescan finishes.
  • On the RogueKiller console, click the Registry tab.
  • Then press the Delete button.
  • When done, logoff & Restart the system.
  • The log will be found as RKreport
    Copy & Paste the contents into next reply.

Save and close any work documents, close any apps that you started.

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Quick Scan.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Copy and Paste the MBAM scan log for review.

Your Avast may be giving you a false positive. What do you have in the 1st partition of the hard-drive? Your second partition appears to have the Windows install.

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.