morrowc Posted August 27, 2012 ID:590352 Share Posted August 27, 2012 Hello,I'm posting this message after following the instructions from the "I'm infected - What do I do now?" page.A week or so ago I began noticing that a certain file - svchost.exe - would gradually begin taking up more and more memory causing major slowdowns. I have been using task manager to try and manually "end the process," which works temporarily but the file just restarts a few minutes later. Lately I have been noticing random background music/radio broadcasts as well.I found this site and downloaded the free MAM tool - everytime I run the scan (either quick/full or flash), the software tagsup 2-3 "svchost.exe" files as infected trojan files. I click remove or quarantine, reboot the computer but the problem continues - almost right away. So I downloaded and ran the DSS program, per the instructions for posting this topic. Here's a paste of the DDS.txt. THANK YOU in advance for all your help - it is greatly appreciated!!!!!.DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514Run by Morrow at 21:41:17 on 2012-08-26Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2464 [GMT -5:00].AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Program Files\Alienware\Command Center\AlienSense\FAService.exeC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\system32\conhost.exeC:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXEC:\Program Files\Dell\DW WLAN Card\bcmwltry.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Realtek\Audio\HDA\AERTSr64.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exeC:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exeC:\Program Files (x86)\Norton Security Suite\Engine\6.0.0.145\ccSvcHst.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Norton Security Suite\Engine\6.0.0.145\ccSvcHst.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Dell\DW WLAN Card\WLTRAY.EXEC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exeC:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exeC:\Program Files\Logitech\SetPointP\SetPoint.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files (x86)\RAMRush\RAMRush.exeC:\Program Files\MotioninJoy\ds3\DS3_Tool.exeC:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXEC:\Users\Morrow\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exeC:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exeC:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exeC:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exeC:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exeC:\Program Files (x86)\Java\jre6\bin\jusched.exeC:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exeC:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exeC:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exeC:\Windows\system32\conhost.exeC:\Windows\system32\conhost.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe-netsvcsC:\Windows\system32\conhost.exeC:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exeC:\Users\Morrow\AppData\Local\DIRECTV Player\NDSPCShowServer.exeC:\Windows\system32\conhost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://xfinity.comcast.net/?cid=cgps08232012mSearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4mWinlogon: Userinit=userinit.exe,BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dllBHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.0.0.145\coIEPlg.dllBHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\6.0.0.145\IPS\IPSBHO.DLLBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dllBHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.1.730.1\NativeBHO.dllBHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dllBHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dllTB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\6.0.0.145\coIEPlg.dllTB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileuRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silentuRun: [ftweak_RAMRush] C:\Program Files (x86)\RAMRush\RAMRush.exeuRun: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe -miniuRun: [PCShowServer] "C:\Users\Morrow\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunmRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -startmRun: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exemRun: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exemRun: [FAStartup] mRun: [uCam_Menu] "c:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"mRun: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /smRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exemRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScriptStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXEStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\MyColors\SDDelayedLaunch.exemPolicies-explorer: NoActiveDesktop = 1 (0x1)mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableLUA = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)mPolicies-system: PromptOnSecureDesktop = 0 (0x0)IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.htmlDPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cabDPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cabDPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: DhcpNameServer = 192.168.1.1TCP: Interfaces\{73EC8447-D6E5-4A06-83B1-BD7E41AE19DD} : DhcpNameServer = 192.168.1.1TCP: Interfaces\{73EC8447-D6E5-4A06-83B1-BD7E41AE19DD}\13637796C65697 : DhcpNameServer = 209.18.47.61 209.18.47.62TCP: Interfaces\{73EC8447-D6E5-4A06-83B1-BD7E41AE19DD}\2456C6B696E6F5052756D2E4F5232373632343 : DhcpNameServer = 192.168.2.1TCP: Interfaces\{73EC8447-D6E5-4A06-83B1-BD7E41AE19DD}\2656C6B696E6E233465636 : DhcpNameServer = 192.168.2.1TCP: Interfaces\{73EC8447-D6E5-4A06-83B1-BD7E41AE19DD}\8497164747 : DhcpNameServer = 10.71.0.1 4.2.2.1Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dllLSA: Notification Packages = scecli FAPassSyncmASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCacheBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dllBHO-X64: XFINITY Toolbar - No FileBHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.0.0.145\coIEPlg.dllBHO-X64: Norton Identity Protection - No FileBHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\6.0.0.145\IPS\IPSBHO.DLLBHO-X64: Norton Vulnerability Protection - No FileBHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dllBHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.1.730.1\NativeBHO.dllBHO-X64: Constant Guard Protection Suite (COM) - No FileBHO-X64: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dllBHO-X64: Updater For XFIN_PORTAL - No FileBHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dllBHO-X64: SSOIEAddonBHO - No FileBHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB-X64: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dllTB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.0.0.145\coIEPlg.dllTB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FilemRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun-x64: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -startmRun-x64: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exemRun-x64: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exemRun-x64: [FAStartup] mRun-x64: [uCam_Menu] "c:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"mRun-x64: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /smRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWmRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun-x64: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exemRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript.============= SERVICES / DRIVERS ===============.R0 EMSC;COMPAL Embedded System Control;C:\Windows\System32\drivers\EMSC.sys [2009-6-26 13680]R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdflt.sys --> C:\Windows\system32\DRIVERS\stdflt.sys [?]R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0600000.091\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0600000.091\SYMDS64.SYS [?]R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0600000.091\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0600000.091\SYMEFA64.SYS [?]R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120803.001\BHDrvx64.sys [2012-8-3 1161376]R1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\system32\drivers\N360x64\0600000.091\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0600000.091\ccSetx64.sys [?]R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120824.001\IDSviA64.sys [2012-8-25 512672]R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0600000.091\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0600000.091\Ironx64.SYS [?]R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\drivers\N360x64\0600000.091\SYMNETS.SYS --> C:\Windows\system32\drivers\N360x64\0600000.091\SYMNETS.SYS [?]R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/12 10:16:40];C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-9-2 148976]R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-10-18 98208]R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-11-12 83240]R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-11-12 75048]R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-11-12 292136]R2 FAService;FAService;C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2010-4-4 2409800]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-10-18 13336]R2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-8-3 66160]R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2010-10-18 60928]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-23 655944]R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\6.0.0.145\ccSvcHst.exe [2012-8-23 138248]R2 ntk_PowerDVD;ntk_PowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-11-12 75248]R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-6-12 2253120]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Acceler.sys --> C:\Windows\system32\DRIVERS\Acceler.sys [?]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-24 138912]R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]S0 johci;JMicron 1394 Filter Driver;C:\Windows\system32\DRIVERS\johci.sys --> C:\Windows\system32\DRIVERS\johci.sys [?]S2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2010-5-21 14648]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-18 136176]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-13 250056]S3 CamdAudio;CamdAudio;C:\Windows\system32\drivers\CamdAudio.sys --> C:\Windows\system32\drivers\CamdAudio.sys [?]S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-18 136176]S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?]S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?]S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?].=============== Created Last 30 ================.2012-08-26 13:46:09 20480 ------w- C:\Windows\svchost.exe2012-08-24 04:04:12 -------- d-----w- C:\Users\Morrow\AppData\Roaming\Malwarebytes2012-08-24 04:03:49 -------- d-----w- C:\ProgramData\Malwarebytes2012-08-24 04:03:48 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-08-24 04:03:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-08-24 03:46:29 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS2012-08-24 03:46:29 -------- d-----w- C:\Program Files\Symantec2012-08-24 03:46:29 -------- d-----w- C:\Program Files\Common Files\Symantec Shared2012-08-24 03:46:10 738936 ----a-r- C:\Windows\System32\drivers\N360x64\0600000.091\srtsp64.sys2012-08-24 03:46:10 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0600000.091\SymDS64.sys2012-08-24 03:46:10 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0600000.091\symnets.sys2012-08-24 03:46:10 37496 ----a-r- C:\Windows\System32\drivers\N360x64\0600000.091\srtspx64.sys2012-08-24 03:46:10 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0600000.091\Ironx64.sys2012-08-24 03:46:10 167048 ----a-r- C:\Windows\System32\drivers\N360x64\0600000.091\ccSetx64.sys2012-08-24 03:46:10 1092728 ----a-r- C:\Windows\System32\drivers\N360x64\0600000.091\SymEFA64.sys2012-08-24 03:45:59 -------- d-----w- C:\Windows\System32\drivers\N360x64\0600000.0912012-08-24 03:45:59 -------- d-----w- C:\Windows\System32\drivers\N360x642012-08-24 03:45:57 -------- d-----w- C:\Program Files (x86)\Norton Security Suite2012-08-24 03:45:31 -------- d-----w- C:\Program Files (x86)\NortonInstaller2012-08-24 03:33:44 -------- d-----w- C:\ProgramData\IsolatedStorage2012-08-24 03:33:43 -------- d-----w- C:\Users\Morrow\AppData\Local\ID Vault2012-08-24 03:32:57 -------- d-----w- C:\Users\Morrow\AppData\Roaming\ID Vault2012-08-24 03:32:06 -------- d-----w- C:\Program Files (x86)\xfin_portal2012-08-24 03:31:52 -------- d-----w- C:\Program Files (x86)\Constant Guard Protection Suite2012-08-24 03:31:38 -------- d-----w- C:\ProgramData\White Sky, Inc2012-08-14 04:56:39 2622464 ----a-w- C:\Windows\System32\wucltux.dll2012-08-14 04:56:20 36864 ----a-w- C:\Windows\System32\wuapp.exe2012-08-14 04:56:20 186752 ----a-w- C:\Windows\System32\wuwebv.dll2012-08-14 04:47:32 63120 ----a-r- C:\Users\Morrow\AppData\Roaming\Microsoft\Installer\{C199DEA2-657E-46C2-9FDB-7C1C068B6B35}\ARPPRODUCTICON.exe2012-08-14 04:47:31 -------- d-----w- C:\Users\Morrow\AppData\Local\DIRECTV Player2012-08-14 04:47:04 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-08-14 04:37:19 -------- d-----w- C:\Users\Morrow\AppData\Local\DIRECTV2012-08-14 04:29:58 -------- d-----w- C:\Users\Morrow\AppData\Roaming\Nomad2012-08-14 04:29:11 145256 ----a-r- C:\Users\Morrow\AppData\Roaming\Microsoft\Installer\{BA7E4D7B-24E6-46D0-809E-E77E92FC757F}\ARPPRODUCTICON.exe2012-08-14 04:28:32 -------- d-----w- C:\Program Files (x86)\DIRECTV2012-08-14 04:28:12 -------- d-----w- C:\Users\Morrow\AppData\Local\Downloaded Installations2012-08-12 03:18:56 -------- d-----w- C:\Users\Morrow\AppData\Local\The Lord of the Rings Online2012-08-12 02:37:32 -------- d-----w- C:\Users\Morrow\AppData\Local\Turbine2012-08-11 22:36:00 -------- d-----w- C:\Users\Morrow\AppData\Local\ApplicationHistory2012-08-11 22:34:05 -------- d-----w- C:\Windows\SysWow64\URTTEMP2012-08-11 21:59:56 -------- d-----w- C:\Program Files (x86)\Turbine2012-08-11 03:43:26 -------- d-----w- C:\Program Files (x86)\Pando Networks2012-07-30 03:24:59 -------- d-----w- C:\Users\Morrow\AppData\Roaming\To the Moon - Freebird Games.==================== Find3M ====================.2012-08-15 22:28:34 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl.============= FINISH: 21:43:55.62 =============== Link to post Share on other sites More sharing options...
TheDarkKnight Posted August 27, 2012 ID:590384 Share Posted August 27, 2012 I am The Dark Knight and will be assisting you. Please ask questions if anything is unclear. Please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool:http://www.bleepingc...to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF).Please go here to see a list of programs that need to be disabled.**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.****Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**Please include the C:\ComboFix.txt in your next reply for further review.==========Then, please download MBRCheck by a_d_13 to your Desktop from one of these locations:http://ad13.geekstogo.com/MBRCheck.exehttp://download.blee...al/MBRCheck.exehttp://www.kernelmod...fo/MBRCheck.exeClose all opened programs/ windows and double-click on MBRCheck.exe.It will produce a log file saved automatically on your Desktop as "MBRCheck_[Date]_[Time].txt".Press the "Enter" key to close the MBRCheck window and post the contents of the log file.==========In your reply please provide the following:ComboFix.txt.MBRCheck log.How is your computer running now? Link to post Share on other sites More sharing options...
morrowc Posted August 28, 2012 Author ID:590731 Share Posted August 28, 2012 TheDarkKnight,Thank you for your reply. I downloaded combofix and ran it after disabling my antivirus software. After the screen said "stage_completed 50" I got the blue screen of death. I rebooted, tried again and got the same results. So I rebooted again, logged in using "safe mode" and the program completed. Below is the combofix.txt (not sure if it matters that it was run while in safe mode).I also downloaded and ran mbrcheck and I've pasted the log below underneath the combofix.txt. When I last rebooted and started MAM, I almost immediately got another notice that a svchost.exe needed to be quarantined...Thanks again for your help!Combofix:ComboFix 12-08-25.04 - Morrow 08/27/2012 22:35:42.3.2 - x64 NETWORKMicrosoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.3507 [GMT -5:00]Running from: c:\users\Morrow\Desktop\ComboFix.exeSP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..C:\datac:\data\cmdline.cfgC:\install.exec:\users\Morrow\Favorites\Games.urlc:\windows\svchost.exec:\windows\SysWow64\drivers\hwinterface.sysc:\windows\SysWow64\tmp1D50.tmpc:\windows\SysWow64\tmp2A09.tmpc:\windows\SysWow64\tmp2A1A.tmpc:\windows\SysWow64\tmp5059.tmpc:\windows\SysWow64\tmp5089.tmpc:\windows\SysWow64\tmpA1EA.tmpc:\windows\SysWow64\tmpA1FB.tmpc:\windows\SysWow64\tmpE2C8.tmpc:\windows\SysWow64\URTTempc:\windows\SysWow64\URTTemp\regtlib.exec:\windows\wtc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\controlPanel\index.htmlc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\update_info\data.wtsc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmp.dllc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpi.jarc:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpv.dllc:\windows\wt\wtupdates\dmmp\3.0.2.000\install\dmmp.cdanfoc:\windows\wt\wtupdates\dmmp\3.0.2.000\install\DMMP_Uninstall.cdasc:\windows\wt\wtupdates\DRM\3.2.0.19\files\controlPanel\index.htmlc:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dllc:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jarc:\windows\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dllc:\windows\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dllc:\windows\wt\wtupdates\DRM\3.2.0.19\files\wt.stoc:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfoc:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdasc:\windows\wt\wtupdates\Webd\4.1.1\files\actorobject.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\controlPanel\index.htmlc:\windows\wt\wtupdates\Webd\4.1.1\files\dx5drv.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\dx7drv.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\jdriver.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\legacy\data.wtsc:\windows\wt\wtupdates\Webd\4.1.1\files\legacy\webdriver.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\legacy\wt3d.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\npWTHost.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\nsIWTHostPlugin.xptc:\windows\wt\wtupdates\Webd\4.1.1\files\ObjectBundle.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\rdriver.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\Sound.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\update_info\data.wtsc:\windows\wt\wtupdates\Webd\4.1.1\files\wdcaps.dedc:\windows\wt\wtupdates\Webd\4.1.1\files\wdengine.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\Webd331.cdanfoc:\windows\wt\wtupdates\Webd\4.1.1\files\Webd331_fileList.cdasc:\windows\wt\wtupdates\Webd\4.1.1\files\Webd331_Uninstall.cdasc:\windows\wt\wtupdates\Webd\4.1.1\files\webdriver.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\wildtangent.jarc:\windows\wt\wtupdates\Webd\4.1.1\files\wt3d.inic:\windows\wt\wtupdates\Webd\4.1.1\files\WTHost.exec:\windows\wt\wtupdates\Webd\4.1.1\files\WTHostCtl.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\wtmulti.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\wtmulti.jarc:\windows\wt\wtupdates\Webd\4.1.1\files\wtvh.dllc:\windows\wt\wtupdates\Webd\4.1.1\files\wtwmplug.axc:\windows\wt\wtupdates\Webd\4.1.1\files\wtwmplug.inic:\windows\wt\wtupdates\Webd\4.1.1\install\Webd4_1_1.cdanfoc:\windows\wt\wtupdates\Webd\4.1.1\install\Webd4_1_1_Uninstall.cdasc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\controlpanel\index.htmlc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl.cdanfoc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl_Uninstall.cdasc:\windows\wt\wtupdates\WireControl\1.0.0.63\files\WireControl.dll..((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-28 )))))))))))))))))))))))))))))))..2012-08-28 03:47 . 2012-08-28 03:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp2012-08-28 03:47 . 2012-08-28 03:47 -------- d-----w- c:\users\Default\AppData\Local\temp2012-08-28 02:50 . 2009-07-14 01:14 20480 ----a-w- c:\windows\svchost.exe2012-08-24 04:04 . 2012-08-24 04:04 -------- d-----w- c:\users\Morrow\AppData\Roaming\Malwarebytes2012-08-24 04:03 . 2012-08-24 04:03 -------- d-----w- c:\programdata\Malwarebytes2012-08-24 04:03 . 2012-08-24 04:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2012-08-24 04:03 . 2012-07-03 18:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys2012-08-24 03:33 . 2012-08-24 03:33 -------- d-----w- c:\programdata\IsolatedStorage2012-08-24 03:33 . 2012-08-24 03:48 -------- d-----w- c:\users\Morrow\AppData\Local\ID Vault2012-08-24 03:32 . 2012-08-28 03:16 -------- d-----w- c:\users\Morrow\AppData\Roaming\ID Vault2012-08-24 03:32 . 2012-08-24 03:32 -------- d-----w- c:\program files (x86)\xfin_portal2012-08-24 03:31 . 2012-08-25 15:37 -------- d-----w- c:\program files (x86)\Constant Guard Protection Suite2012-08-24 03:31 . 2012-08-24 03:31 -------- d-----w- c:\programdata\White Sky, Inc2012-08-14 04:56 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe2012-08-14 04:56 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll2012-08-14 04:56 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll2012-08-14 04:56 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll2012-08-14 04:56 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll2012-08-14 04:56 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe2012-08-14 04:47 . 2012-08-14 04:47 63120 ----a-r- c:\users\Morrow\AppData\Roaming\Microsoft\Installer\{C199DEA2-657E-46C2-9FDB-7C1C068B6B35}\ARPPRODUCTICON.exe2012-08-14 04:47 . 2012-08-14 04:47 -------- d-----w- c:\users\Morrow\AppData\Local\DIRECTV Player2012-08-14 04:47 . 2012-08-15 22:28 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-08-14 04:47 . 2012-08-14 04:47 -------- d-----w- c:\windows\system32\Macromed2012-08-14 04:37 . 2012-08-14 04:37 -------- d-----w- c:\users\Morrow\AppData\Local\DIRECTV2012-08-14 04:29 . 2012-08-14 04:30 -------- d-----w- c:\users\Morrow\AppData\Roaming\Nomad2012-08-14 04:29 . 2012-08-14 04:29 -------- d-----w- c:\users\Morrow\AppData\Roaming\InstallShield Installation Information2012-08-14 04:29 . 2012-08-14 04:29 145256 ----a-r- c:\users\Morrow\AppData\Roaming\Microsoft\Installer\{BA7E4D7B-24E6-46D0-809E-E77E92FC757F}\ARPPRODUCTICON.exe2012-08-14 04:28 . 2012-08-14 04:28 -------- d-----w- c:\program files (x86)\DIRECTV2012-08-14 04:28 . 2012-08-14 04:28 -------- d-----w- c:\users\Morrow\AppData\Local\Downloaded Installations2012-08-12 03:18 . 2012-08-12 03:18 -------- d-----w- c:\users\Morrow\AppData\Local\The Lord of the Rings Online2012-08-12 02:37 . 2012-08-12 02:43 -------- d-----w- c:\users\Morrow\AppData\Local\Turbine2012-08-11 22:36 . 2012-08-12 04:05 -------- d-----w- c:\users\Morrow\AppData\Local\ApplicationHistory2012-08-11 21:59 . 2012-08-11 21:59 -------- d-----w- c:\program files (x86)\Turbine2012-08-11 03:43 . 2012-08-11 03:43 -------- d-----w- c:\program files (x86)\Pando Networks2012-07-30 03:24 . 2012-07-30 04:12 -------- d-----w- c:\users\Morrow\AppData\Roaming\To the Moon - Freebird Games...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-08-15 22:28 . 2011-10-28 02:35 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-05-31 04:04 . 2012-07-05 02:24 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BE1194C6-A320-4CD0-87F9-AD021E6D2182}\mpengine.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-18 39408]"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-08-07 1353080]"ftweak_RAMRush"="c:\program files (x86)\RAMRush\RAMRush.exe" [2009-09-17 670720]"DS3 Tool"="c:\program files\MotioninJoy\ds3\DS3_Tool.exe" [2010-10-02 92672]"PCShowServer"="c:\users\Morrow\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe" [2012-07-19 524976].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]"AlienwareOn-ScreenDisplay"="c:\program files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe" [2010-04-23 1361264]"FATrayAlert"="c:\program files\Alienware\Command Center\AlienSense\FATrayMon.exe" [2010-04-04 95560]"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-18 218408]"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2011-04-20 136600]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]"RemoteControl11"="c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe" [2011-09-14 230696]"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk - c:\program files (x86)\Constant Guard Protection Suite\IDVault.exe [2012-8-3 6530160]Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]Stardock MyColors.lnk - c:\program files (x86)\Stardock\MyColors\SDDelayedLaunch.exe [2009-12-15 11520].c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk - c:\program files (x86)\Stardock\MyColors\IconPackager.exe [2009-12-16 1387688].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 0 (0x0)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableLUA"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]2010-04-04 18:43 144712 ----a-w- c:\program files\Alienware\Command Center\AlienSense\FALogNot.dll.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Notification Packages REG_MULTI_SZ scecli FAPassSync.R0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys [2009-11-10 20392]R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [x]R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2010-05-21 14648]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-18 136176]R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]R3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x]R3 CamdAudio;CamdAudio;c:\windows\system32\drivers\CamdAudio.sys [2011-04-01 34040]R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-18 136176]R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-09-30 144496]R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2010-08-24 74320]R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2010-08-24 13392]R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2010-10-21 97552]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-12-15 51712]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-23 1255736]S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS [2009-06-26 16752]S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [2010-01-05 19504]S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/12 10:16];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-09-02 18:08 148976]S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2010-04-19 98208]S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-09-02 75048]S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-09-02 292136]S2 FAService;FAService;c:\program files\Alienware\Command Center\AlienSense\FAService.exe [2010-04-04 2409800]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]S2 IDVaultSvc;CGPS Service;c:\program files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-08-03 66160]S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2010-02-10 60928]S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-08-24 75248]S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2010-02-10 25648]S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-29 67072]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-07-07 174184]..Contents of the 'Scheduled Tasks' folder.2012-08-28 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 22:28].2012-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-18 19:58].2012-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-18 19:58]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-19 10144288]"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-17 5470208]"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2010-02-24 2883584]"AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2010-05-21 63304]"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 162328]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 386584]"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 417304].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"LoadAppInit_DLLs"=0x0.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://xfinity.comcast.net/?cid=cgps08232012mLocal Page = c:\windows\SysWOW64\blank.htmIE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.htmlTCP: DhcpNameServer = 192.168.1.1.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)Wow6432Node-HKLM-Run-FAStartup - (no file)HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - startToolbar-Locked - (no file)HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exeHKLM-Run-(Default) - (no file)AddRemove-{173F2B02-2AAA-414F-A2D8-44870BB98F7A} - c:\program files (x86)\InstallShield Installation Information\{173F2B02-2AAA-414F-A2D8-44870BB98F7A}\setup.exe...[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\users\Morrow\AppData\Local\DIRECTV Player\NDSPCShowServer.exec:\program files\Alienware\Command Center\AlienSense\FATrayAlert.exec:\\.\globalroot\systemroot\svchost.exec:\program files\Alienware\Command Center\AlienFXHook32Mngr.exe.**************************************************************************.Completion time: 2012-08-27 23:00:45 - machine was rebootedComboFix-quarantined-files.txt 2012-08-28 04:00.Pre-Run: 48,160,583,680 bytes freePost-Run: 48,053,350,400 bytes free.- - End Of File - - ECAEE339E37E11CED935F8ED082CFD8DMBRCHECKLOG:MBRCheck, version 1.2.3© 2010, ADCommand-line: Windows Version: Windows 7 Home Premium EditionWindows Information: Service Pack 1 (build 7601), 64-bitBase Board Manufacturer: AlienwareBIOS Manufacturer: AlienwareSystem Manufacturer: AlienwareSystem Product Name: M11xLogical Drives Mask: 0x0000000cKernel Drivers (total 200): 0x03050000 \SystemRoot\system32\ntoskrnl.exe 0x03007000 \SystemRoot\system32\hal.dll 0x00BA0000 \SystemRoot\system32\kdcom.dll 0x00CF1000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00D40000 \SystemRoot\system32\PSHED.dll 0x00D54000 \SystemRoot\system32\CLFS.SYS 0x00C00000 \SystemRoot\system32\CI.dll 0x00EB6000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F5A000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00F69000 \SystemRoot\system32\drivers\ACPI.sys 0x00FC0000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00FC9000 \SystemRoot\system32\drivers\msisadrv.sys 0x00E00000 \SystemRoot\system32\drivers\pci.sys 0x00E33000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00E40000 \SystemRoot\System32\drivers\partmgr.sys 0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x00E6A000 \SystemRoot\system32\drivers\volmgr.sys 0x010F5000 \SystemRoot\System32\drivers\volmgrx.sys 0x01151000 \SystemRoot\System32\drivers\mountmgr.sys 0x01227000 \SystemRoot\system32\DRIVERS\iaStor.sys 0x01431000 \SystemRoot\system32\drivers\atapi.sys 0x0143A000 \SystemRoot\system32\drivers\ataport.SYS 0x01464000 \SystemRoot\system32\drivers\msahci.sys 0x0146F000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x0147F000 \SystemRoot\system32\drivers\amdxata.sys 0x0148A000 \SystemRoot\system32\drivers\fltmgr.sys 0x014D6000 \SystemRoot\system32\drivers\fileinfo.sys 0x01618000 \SystemRoot\System32\Drivers\Ntfs.sys 0x014EA000 \SystemRoot\System32\Drivers\msrpc.sys 0x017BB000 \SystemRoot\System32\Drivers\ksecdd.sys 0x01548000 \SystemRoot\System32\Drivers\cng.sys 0x017D6000 \SystemRoot\System32\drivers\pcw.sys 0x017E7000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01000000 \SystemRoot\system32\drivers\ndis.sys 0x0116B000 \SystemRoot\system32\drivers\NETIO.SYS 0x015BA000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x018CD000 \SystemRoot\System32\drivers\tcpip.sys 0x01AD1000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01B1B000 \SystemRoot\system32\drivers\volsnap.sys 0x01B67000 \SystemRoot\system32\DRIVERS\stdflt.sys 0x01B6F000 \SystemRoot\System32\Drivers\spldr.sys 0x01B77000 \SystemRoot\System32\drivers\rdyboost.sys 0x01BB1000 \SystemRoot\System32\Drivers\mup.sys 0x01BCC000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01800000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x0183A000 \SystemRoot\system32\DRIVERS\EMSC.SYS 0x01844000 \SystemRoot\system32\DRIVERS\disk.sys 0x0185A000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x03EB7000 \SystemRoot\System32\Drivers\Null.SYS 0x03EC0000 \SystemRoot\System32\Drivers\Beep.SYS 0x03EC7000 \SystemRoot\System32\drivers\vga.sys 0x03ED5000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x03EFA000 \SystemRoot\System32\drivers\watchdog.sys 0x03F0A000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x03F13000 \SystemRoot\system32\drivers\rdpencdd.sys 0x03F1C000 \SystemRoot\system32\drivers\rdprefmp.sys 0x03F25000 \SystemRoot\System32\Drivers\Msfs.SYS 0x03F30000 \SystemRoot\System32\Drivers\Npfs.SYS 0x03F41000 \SystemRoot\system32\DRIVERS\tdx.sys 0x03F63000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x03F70000 \SystemRoot\System32\DRIVERS\netbt.sys 0x02E20000 \SystemRoot\system32\drivers\afd.sys 0x02EA9000 \SystemRoot\system32\drivers\ws2ifsl.sys 0x02EB4000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x02EBD000 \SystemRoot\system32\DRIVERS\pacer.sys 0x02EE3000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x02EF9000 \SystemRoot\system32\DRIVERS\netbios.sys 0x02F08000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x02F23000 \SystemRoot\system32\drivers\termdd.sys 0x02F37000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x02F88000 \SystemRoot\system32\drivers\nsiproxy.sys 0x02F94000 \SystemRoot\system32\drivers\mssmbios.sys 0x02F9F000 \SystemRoot\System32\Drivers\ElbyCDIO.sys 0x02FAA000 \SystemRoot\System32\drivers\discache.sys 0x02FB9000 \SystemRoot\System32\Drivers\dfsc.sys 0x02FD7000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x03FB5000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x0F23F000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x0FEB6000 \SystemRoot\System32\Drivers\nvBridge.kmd 0x0FEBB000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x0FFAF000 \SystemRoot\System32\drivers\dxgmms1.sys 0x0F200000 \SystemRoot\system32\drivers\HDAudBus.sys 0x0F224000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x03C00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x02FE8000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x02E00000 \SystemRoot\system32\DRIVERS\L1C62x64.sys 0x042C2000 \SystemRoot\system32\DRIVERS\bcmwl664.sys 0x045B0000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x04227000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS 0x04256000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x0425B000 \SystemRoot\system32\drivers\i8042prt.sys 0x04279000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x040F6000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x04146000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x04148000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x04157000 \SystemRoot\system32\DRIVERS\Acceler.sys 0x04166000 \SystemRoot\system32\drivers\wmiacpi.sys 0x0416F000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x04185000 \SystemRoot\system32\drivers\CompositeBus.sys 0x04195000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x041AB000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x041CF000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x04000000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x0402F000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x0404A000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x0406B000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x04085000 \SystemRoot\system32\DRIVERS\VClone.sys 0x04094000 \SystemRoot\system32\drivers\swenum.sys 0x04096000 \SystemRoot\system32\drivers\ks.sys 0x040D9000 \SystemRoot\system32\drivers\umbus.sys 0x04A38000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x04A92000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x04AA7000 \SystemRoot\system32\drivers\nvhda64v.sys 0x04AD4000 \SystemRoot\system32\drivers\portcls.sys 0x04B11000 \SystemRoot\system32\drivers\drmk.sys 0x04B33000 \SystemRoot\system32\drivers\ksthunk.sys 0x0583E000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x05A78000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x00000000 \SystemRoot\System32\win32k.sys 0x05AA2000 \SystemRoot\System32\drivers\Dxapi.sys 0x05AAE000 \SystemRoot\System32\Drivers\crashdmp.sys 0x03C56000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x05ABC000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x05ACF000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x05AEC000 \SystemRoot\System32\Drivers\usbvideo.sys 0x05B1A000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x05B28000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x05B41000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x05B4A000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x05B58000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x05B65000 \SystemRoot\system32\DRIVERS\monitor.sys 0x005D0000 \SystemRoot\System32\TSDDD.dll 0x006D0000 \SystemRoot\System32\cdd.dll 0x00950000 \SystemRoot\System32\ATMFD.DLL 0x05B73000 \SystemRoot\system32\drivers\luafv.sys 0x05B96000 \SystemRoot\system32\drivers\WudfPf.sys 0x05BB7000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x04B39000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x05BCC000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x05BDF000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x05C48000 \SystemRoot\system32\drivers\HTTP.sys 0x05D11000 \SystemRoot\system32\DRIVERS\bowser.sys 0x05D79000 \SystemRoot\System32\drivers\mpsdrv.sys 0x05D91000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x04B8C000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x05DC0000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x03E60000 \SystemRoot\system32\DRIVERS\atksgt.sys 0x05DE4000 \SystemRoot\system32\DRIVERS\lirsgt.sys 0x05C00000 \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys 0x06EAB000 \SystemRoot\system32\drivers\peauth.sys 0x06F51000 \SystemRoot\System32\Drivers\secdrv.SYS 0x06F5C000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x06F8D000 \SystemRoot\System32\drivers\tcpipreg.sys 0x06F9F000 \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl 0x06E00000 \SystemRoot\System32\DRIVERS\srv2.sys 0x07613000 \SystemRoot\System32\DRIVERS\srv.sys 0x076AB000 \SystemRoot\system32\drivers\BCM42RLY.sys 0x076B4000 \??\C:\Windows\system32\drivers\mbam.sys 0x0772F000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS 0x77A10000 \Windows\System32\ntdll.dll 0x47FE0000 \Windows\System32\smss.exe 0xFFD30000 \Windows\System32\apisetschema.dll 0xFF560000 \Windows\System32\autochk.exe 0xFFBF0000 \Windows\System32\rpcrt4.dll 0xFFB50000 \Windows\System32\clbcatq.dll 0x77BE0000 \Windows\System32\normaliz.dll 0xFFA70000 \Windows\System32\advapi32.dll 0xFFA50000 \Windows\System32\sechost.dll 0xFFA40000 \Windows\System32\nsi.dll 0x77BD0000 \Windows\System32\psapi.dll 0xFF9F0000 \Windows\System32\ws2_32.dll 0xFF790000 \Windows\System32\iertutil.dll 0xFF610000 \Windows\System32\urlmon.dll 0xFF540000 \Windows\System32\usp10.dll 0xFF4A0000 \Windows\System32\msvcrt.dll 0xFF370000 \Windows\System32\wininet.dll 0xFF310000 \Windows\System32\Wldap32.dll 0x778F0000 \Windows\System32\kernel32.dll 0xFF130000 \Windows\System32\setupapi.dll 0xFF120000 \Windows\System32\lpk.dll 0xFF100000 \Windows\System32\imagehlp.dll 0xFF090000 \Windows\System32\gdi32.dll 0xFF010000 \Windows\System32\shlwapi.dll 0xFEE00000 \Windows\System32\ole32.dll 0x777F0000 \Windows\System32\user32.dll 0xFED20000 \Windows\System32\oleaut32.dll 0xFEC10000 \Windows\System32\msctf.dll 0xFEB70000 \Windows\System32\comdlg32.dll 0xFEB40000 \Windows\System32\imm32.dll 0xFDDB0000 \Windows\System32\shell32.dll 0xFDD30000 \Windows\System32\difxapi.dll 0xFDC90000 \Windows\System32\comctl32.dll 0xFDC70000 \Windows\System32\devobj.dll 0xFDC30000 \Windows\System32\cfgmgr32.dll 0xFDBC0000 \Windows\System32\KernelBase.dll 0xFDA50000 \Windows\System32\crypt32.dll 0xFDA10000 \Windows\System32\wintrust.dll 0xFDA00000 \Windows\System32\msasn1.dll 0x75A60000 \Windows\SysWOW64\normaliz.dllProcesses (total 80): 0 System Idle Process 4 System 276 C:\Windows\System32\smss.exe 496 csrss.exe 560 csrss.exe 568 C:\Windows\System32\wininit.exe 644 C:\Windows\System32\winlogon.exe 692 C:\Windows\System32\services.exe 700 C:\Windows\System32\lsass.exe 712 C:\Windows\System32\lsm.exe 880 C:\Windows\System32\svchost.exe 952 C:\Windows\System32\nvvsvc.exe 988 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 296 C:\Windows\System32\svchost.exe 304 C:\Windows\System32\svchost.exe 812 C:\Windows\System32\svchost.exe 1032 C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe 1092 C:\Windows\System32\svchost.exe 1204 C:\Windows\System32\svchost.exe 1240 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 1252 C:\Windows\System32\nvvsvc.exe 1544 C:\Windows\System32\svchost.exe 1960 C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE 1968 C:\Windows\System32\wlanext.exe 1980 C:\Windows\System32\conhost.exe 1104 C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE 1612 C:\Windows\System32\spoolsv.exe 1700 C:\Windows\System32\svchost.exe 1832 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 2160 C:\Windows\System32\taskhost.exe 2264 C:\Windows\System32\dwm.exe 2320 C:\Windows\explorer.exe 2384 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2392 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2404 C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE 2412 C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe 2420 C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe 2436 C:\Program Files\Logitech\SetPointP\SetPoint.exe 2468 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2488 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 2372 C:\Program Files (x86)\RAMRush\RAMRush.exe 2108 C:\Users\Morrow\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe 2080 C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe 2792 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 2824 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 2932 C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe 2960 C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe 3064 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 3056 C:\Program Files (x86)\Java\jre6\bin\jusched.exe 1056 C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe 2476 C:\Users\Morrow\AppData\Local\DIRECTV Player\NDSPCShowServer.exe 1308 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 2556 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe 2688 C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe 564 C:\Windows\System32\conhost.exe 2708 C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe 3172 C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe 3344 C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe 3492 C:\Windows\System32\svchost.exe 3620 C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe 4068 C:\Windows\System32\svchost.exe 3392 C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe 3604 WmiPrvSE.exe 4624 C:\Windows\svchost.exe 4696 C:\Windows\System32\conhost.exe 4936 C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe 4948 C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe 4968 C:\Windows\System32\conhost.exe 4976 C:\Windows\System32\conhost.exe 3924 C:\Windows\System32\SearchIndexer.exe 4584 C:\Windows\System32\UI0Detect.exe 4908 C:\Program Files\Windows Media Player\wmpnetwk.exe 5144 C:\Windows\System32\svchost.exe 5988 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 2012 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 5620 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 1460 C:\Windows\System32\SearchProtocolHost.exe 5860 C:\Windows\System32\SearchFilterHost.exe 5716 C:\Users\Morrow\Desktop\MBRCheck.exe 2888 C:\Windows\System32\conhost.exe\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`a1800000 (NTFS)PhysicalDrive0 Model Number: ST9160314AS, Rev: D005DEM1 Size Device Name MBR Status -------------------------------------------- 149 GB \\.\PhysicalDrive0 MBR Code Faked! SHA1: 006DAC41B85DE862D5301245E653DB2869A80603Found non-standard or infected MBR.Enter 'Y' and hit ENTER for more options, or 'N' to exit: Options: [1] Dump the MBR of a physical disk to file. [2] Restore the MBR of a physical disk with a standard boot code. [3] Exit.Enter your choice: Link to post Share on other sites More sharing options...
TheDarkKnight Posted August 28, 2012 ID:590753 Share Posted August 28, 2012 Hello morrowc. Your log seems to show a Whistler-bootkit infection.Please print out these instructions or copy them to a Notepad file for an easier reading and run MBRCheck.At "Found non-standard or infected MBR.Enter 'Y' and hit ENTER for more options, or 'N' to exit"; type Y and hit the "Enter".At "Options:[1] Dump the MBR of a physical disk to file.[2] Restore the MBR of a physical disk with a standard boot code.[3] Exit.Enter your choice"; type 2 and hit "Enter".At "Enter the physical disk number to fix (0-99, -1 to cancel):" Enter 0 for drive C: At "Available MBR codes:[ 0] Default (Windows XP)[ 1] Windows XP[ 2] Windows Server 2003[ 3] Windows Vista[ 4] Windows 2008[ 5] Windows 7[-1] CancelPlease select the MBR code to write to this drive"; type 5 and hit "Enter".At "Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue:"; type YES and hit "Enter".You will receive a "Successfully wrote new MBR code!" message.At "Done! Press ENTER to exit..."; press the "Enter" key and reboot your computer.Please re-run MBRCheck.It will produce a log file saved automatically on your Desktop as "MBRCheck_[Date]_[Time].txt".Press the "Enter" key to close the MBRCheck window and post the contents of the log file in your reply.How is your computer running now? Are the warnings gone? Link to post Share on other sites More sharing options...
morrowc Posted August 29, 2012 Author ID:591135 Share Posted August 29, 2012 Hello,I ran the MBRCheck as noted above, rebooted and re-ran the program. I've pasted the results below. Unfortunately I'm still having the same issues...after a few minutes MAM will pop-up an alert saying "Successfully blocked access to a potentially malicious website; process: svchost.exe." Then the radio/ads/music starts in the background again... Any other ideas? Again, I really appreciate your help!MBRCheck, version 1.2.3© 2010, ADCommand-line: Windows Version: Windows 7 Home Premium EditionWindows Information: Service Pack 1 (build 7601), 64-bitBase Board Manufacturer: AlienwareBIOS Manufacturer: AlienwareSystem Manufacturer: AlienwareSystem Product Name: M11xLogical Drives Mask: 0x0000000cKernel Drivers (total 202): 0x0305B000 \SystemRoot\system32\ntoskrnl.exe 0x03012000 \SystemRoot\system32\hal.dll 0x00BC6000 \SystemRoot\system32\kdcom.dll 0x00C85000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00CD4000 \SystemRoot\system32\PSHED.dll 0x00CE8000 \SystemRoot\system32\CLFS.SYS 0x00EAB000 \SystemRoot\system32\CI.dll 0x00E00000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F6B000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00F7A000 \SystemRoot\system32\drivers\ACPI.sys 0x00FD1000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00FDA000 \SystemRoot\system32\drivers\msisadrv.sys 0x00D46000 \SystemRoot\system32\drivers\pci.sys 0x00FE4000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00D79000 \SystemRoot\System32\drivers\partmgr.sys 0x00FF1000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x00D8E000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x00D9A000 \SystemRoot\system32\drivers\volmgr.sys 0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys 0x00C5C000 \SystemRoot\System32\drivers\mountmgr.sys 0x0104E000 \SystemRoot\system32\DRIVERS\iaStor.sys 0x01258000 \SystemRoot\system32\drivers\atapi.sys 0x01261000 \SystemRoot\system32\drivers\ataport.SYS 0x0128B000 \SystemRoot\system32\drivers\msahci.sys 0x01296000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x012A6000 \SystemRoot\system32\drivers\amdxata.sys 0x012B1000 \SystemRoot\system32\drivers\fltmgr.sys 0x012FD000 \SystemRoot\system32\drivers\fileinfo.sys 0x0143E000 \SystemRoot\System32\Drivers\Ntfs.sys 0x01311000 \SystemRoot\System32\Drivers\msrpc.sys 0x015E1000 \SystemRoot\System32\Drivers\ksecdd.sys 0x0136F000 \SystemRoot\System32\Drivers\cng.sys 0x01400000 \SystemRoot\System32\drivers\pcw.sys 0x01411000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01672000 \SystemRoot\system32\drivers\ndis.sys 0x01765000 \SystemRoot\system32\drivers\NETIO.SYS 0x017C5000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x018A7000 \SystemRoot\System32\drivers\tcpip.sys 0x01AAB000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01AF5000 \SystemRoot\system32\drivers\volsnap.sys 0x01B41000 \SystemRoot\system32\DRIVERS\stdflt.sys 0x01B49000 \SystemRoot\System32\Drivers\spldr.sys 0x01B51000 \SystemRoot\System32\drivers\rdyboost.sys 0x01B8B000 \SystemRoot\System32\Drivers\mup.sys 0x01B9D000 \SystemRoot\system32\DRIVERS\johci.sys 0x01BA6000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01BAF000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x01BE9000 \SystemRoot\system32\DRIVERS\EMSC.SYS 0x01800000 \SystemRoot\system32\DRIVERS\disk.sys 0x01816000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x03F3D000 \SystemRoot\System32\Drivers\Null.SYS 0x03F46000 \SystemRoot\System32\Drivers\Beep.SYS 0x03F4D000 \SystemRoot\System32\drivers\vga.sys 0x03F5B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x03F80000 \SystemRoot\System32\drivers\watchdog.sys 0x03F90000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x03F99000 \SystemRoot\system32\drivers\rdpencdd.sys 0x03FA2000 \SystemRoot\system32\drivers\rdprefmp.sys 0x03FAB000 \SystemRoot\System32\Drivers\Msfs.SYS 0x03FB6000 \SystemRoot\System32\Drivers\Npfs.SYS 0x03FC7000 \SystemRoot\system32\DRIVERS\tdx.sys 0x03FE9000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x03C00000 \SystemRoot\System32\DRIVERS\netbt.sys 0x03C45000 \SystemRoot\system32\drivers\afd.sys 0x03CCE000 \SystemRoot\system32\drivers\ws2ifsl.sys 0x03CD9000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x03F13000 \SystemRoot\system32\DRIVERS\pacer.sys 0x01854000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x03CE2000 \SystemRoot\system32\DRIVERS\netbios.sys 0x0186A000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x01885000 \SystemRoot\system32\drivers\termdd.sys 0x01600000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x01899000 \SystemRoot\system32\drivers\nsiproxy.sys 0x01BF3000 \SystemRoot\system32\drivers\mssmbios.sys 0x01651000 \SystemRoot\System32\Drivers\ElbyCDIO.sys 0x0165C000 \SystemRoot\System32\drivers\discache.sys 0x0141B000 \SystemRoot\System32\Drivers\dfsc.sys 0x013E1000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x01000000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x0F24C000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x0FEC3000 \SystemRoot\System32\Drivers\nvBridge.kmd 0x0FEC8000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x0F200000 \SystemRoot\System32\drivers\dxgmms1.sys 0x0FFBC000 \SystemRoot\system32\drivers\HDAudBus.sys 0x0FFE0000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x02E53000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x02EA9000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x02EBA000 \SystemRoot\system32\DRIVERS\L1C62x64.sys 0x042D8000 \SystemRoot\system32\DRIVERS\bcmwl664.sys 0x045C6000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x045D3000 \SystemRoot\system32\drivers\ohci1394.sys 0x045E5000 \SystemRoot\system32\drivers\1394BUS.SYS 0x04200000 \SystemRoot\system32\DRIVERS\jmcr.sys 0x04227000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS 0x04256000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x0425B000 \SystemRoot\system32\drivers\i8042prt.sys 0x04279000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x04288000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x045FD000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x02ECF000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x02EDE000 \SystemRoot\system32\DRIVERS\Acceler.sys 0x02EED000 \SystemRoot\system32\drivers\wmiacpi.sys 0x02EF6000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x02F0C000 \SystemRoot\system32\drivers\CompositeBus.sys 0x02F1C000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x02F32000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x02F56000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x02F62000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x02F91000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x02FAC000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x02FCD000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x02FE7000 \SystemRoot\system32\DRIVERS\VClone.sys 0x02FF6000 \SystemRoot\system32\drivers\swenum.sys 0x02E00000 \SystemRoot\system32\drivers\ks.sys 0x0FFED000 \SystemRoot\system32\drivers\umbus.sys 0x046CC000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x04726000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x0473B000 \SystemRoot\system32\drivers\nvhda64v.sys 0x04768000 \SystemRoot\system32\drivers\portcls.sys 0x047A5000 \SystemRoot\system32\drivers\drmk.sys 0x047C7000 \SystemRoot\system32\drivers\ksthunk.sys 0x058EA000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x05B24000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x000D0000 \SystemRoot\System32\win32k.sys 0x05B4E000 \SystemRoot\System32\drivers\Dxapi.sys 0x05B5A000 \SystemRoot\System32\Drivers\crashdmp.sys 0x03CF1000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x05B68000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x05B7B000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x05B98000 \SystemRoot\System32\Drivers\usbvideo.sys 0x05BC6000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x05BD4000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x05BED000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x05800000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x0580E000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x0581B000 \SystemRoot\system32\DRIVERS\monitor.sys 0x004B0000 \SystemRoot\System32\TSDDD.dll 0x00740000 \SystemRoot\System32\cdd.dll 0x00870000 \SystemRoot\System32\ATMFD.DLL 0x05829000 \SystemRoot\system32\drivers\luafv.sys 0x0584C000 \SystemRoot\system32\drivers\WudfPf.sys 0x0586D000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x05882000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x058D5000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x047CD000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x04600000 \SystemRoot\system32\drivers\HTTP.sys 0x01026000 \SystemRoot\system32\DRIVERS\bowser.sys 0x03EFB000 \SystemRoot\System32\drivers\mpsdrv.sys 0x05CE6000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x05D13000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x05D61000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x05D85000 \SystemRoot\system32\DRIVERS\atksgt.sys 0x05DD4000 \SystemRoot\system32\DRIVERS\lirsgt.sys 0x05C00000 \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys 0x05C23000 \SystemRoot\system32\drivers\peauth.sys 0x05CC9000 \SystemRoot\System32\Drivers\secdrv.SYS 0x0703D000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x0706E000 \SystemRoot\System32\drivers\tcpipreg.sys 0x07080000 \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl 0x070AD000 \SystemRoot\System32\DRIVERS\srv2.sys 0x07116000 \SystemRoot\System32\DRIVERS\srv.sys 0x071AE000 \SystemRoot\system32\drivers\BCM42RLY.sys 0x77530000 \Windows\System32\ntdll.dll 0x47F60000 \Windows\System32\smss.exe 0xFF850000 \Windows\System32\apisetschema.dll 0xFF7D0000 \Windows\System32\autochk.exe 0x77700000 \Windows\System32\psapi.dll 0xFF730000 \Windows\System32\msctf.dll 0xFF710000 \Windows\System32\imagehlp.dll 0xFF670000 \Windows\System32\msvcrt.dll 0xFF590000 \Windows\System32\advapi32.dll 0xFF580000 \Windows\System32\nsi.dll 0xFF4E0000 \Windows\System32\clbcatq.dll 0xFF3B0000 \Windows\System32\wininet.dll 0xFF330000 \Windows\System32\shlwapi.dll 0xFF2C0000 \Windows\System32\gdi32.dll 0xFF240000 \Windows\System32\difxapi.dll 0xFEFE0000 \Windows\System32\iertutil.dll 0xFEE60000 \Windows\System32\urlmon.dll 0xFEE30000 \Windows\System32\imm32.dll 0x77430000 \Windows\System32\user32.dll 0x77310000 \Windows\System32\kernel32.dll 0xFEC20000 \Windows\System32\ole32.dll 0xFEC00000 \Windows\System32\sechost.dll 0xFDE70000 \Windows\System32\shell32.dll 0xFDC90000 \Windows\System32\setupapi.dll 0xFDC30000 \Windows\System32\Wldap32.dll 0xFDBE0000 \Windows\System32\ws2_32.dll 0x776F0000 \Windows\System32\normaliz.dll 0xFDB00000 \Windows\System32\oleaut32.dll 0xFDA30000 \Windows\System32\usp10.dll 0xFD900000 \Windows\System32\rpcrt4.dll 0xFD8F0000 \Windows\System32\lpk.dll 0xFD850000 \Windows\System32\comdlg32.dll 0xFD7E0000 \Windows\System32\KernelBase.dll 0xFD7A0000 \Windows\System32\cfgmgr32.dll 0xFD630000 \Windows\System32\crypt32.dll 0xFD5F0000 \Windows\System32\wintrust.dll 0xFD5D0000 \Windows\System32\devobj.dll 0xFD530000 \Windows\System32\comctl32.dll 0xFD520000 \Windows\System32\msasn1.dll 0x75370000 \Windows\SysWOW64\normaliz.dllProcesses (total 87): 0 System Idle Process 4 System 276 C:\Windows\System32\smss.exe 496 csrss.exe 560 csrss.exe 568 C:\Windows\System32\wininit.exe 636 C:\Windows\System32\winlogon.exe 696 C:\Windows\System32\services.exe 704 C:\Windows\System32\lsass.exe 712 C:\Windows\System32\lsm.exe 888 C:\Windows\System32\svchost.exe 960 C:\Windows\System32\nvvsvc.exe 996 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 292 C:\Windows\System32\svchost.exe 768 C:\Windows\System32\svchost.exe 604 C:\Windows\System32\svchost.exe 1028 C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe 1080 C:\Windows\System32\svchost.exe 1136 C:\Windows\System32\audiodg.exe 1196 C:\Windows\System32\svchost.exe 1240 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 1252 C:\Windows\System32\nvvsvc.exe 1484 C:\Windows\System32\svchost.exe 1940 C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE 1948 C:\Windows\System32\wlanext.exe 1956 C:\Windows\System32\conhost.exe 2040 C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE 1468 C:\Windows\System32\spoolsv.exe 1740 C:\Windows\System32\svchost.exe 1432 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 1844 C:\Windows\System32\taskhost.exe 2056 C:\Windows\System32\taskeng.exe 2104 C:\Windows\System32\dwm.exe 2188 C:\Windows\explorer.exe 2568 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2576 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2584 C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE 2596 C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe 2608 C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe 2616 C:\Program Files\Logitech\SetPointP\SetPoint.exe 2648 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2696 C:\Program Files (x86)\RAMRush\RAMRush.exe 2796 C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe 2864 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 3016 C:\Users\Morrow\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe 2404 C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe 1692 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 1768 C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe 2536 C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe 2728 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe 2832 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe 2848 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 2764 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2744 C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe 3040 C:\Program Files (x86)\Java\jre6\bin\jusched.exe 1672 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe 2484 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 2312 C:\Users\Morrow\AppData\Local\DIRECTV Player\NDSPCShowServer.exe 2276 C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe 2720 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 2340 C:\Windows\System32\conhost.exe 3356 C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe 3388 C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe 3472 C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe 3564 C:\Windows\System32\svchost.exe 3608 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 4028 C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe 3436 C:\Windows\System32\svchost.exe 1456 C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe 3628 WmiPrvSE.exe 324 WmiPrvSE.exe 4576 C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe 4584 C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe 4596 C:\Windows\System32\conhost.exe 4620 C:\Windows\System32\conhost.exe 4792 C:\Windows\System32\SearchIndexer.exe 4904 C:\Windows\System32\UI0Detect.exe 4572 C:\Windows\System32\svchost.exe 4776 C:\Program Files\Windows Media Player\wmpnetwk.exe 4556 svchost.exe 2164 conhost.exe 5428 C:\Windows\System32\SearchProtocolHost.exe 5480 C:\Windows\System32\SearchFilterHost.exe 5708 C:\Windows\System32\svchost.exe 5932 <unknown> 5092 C:\Users\Morrow\Desktop\MBRCheck.exe 4532 C:\Windows\System32\conhost.exe\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`a1800000 (NTFS)PhysicalDrive0 Model Number: ST9160314AS, Rev: D005DEM1 Size Device Name MBR Status -------------------------------------------- 149 GB \\.\PhysicalDrive0 MBR Code Faked! SHA1: 006DAC41B85DE862D5301245E653DB2869A80603Found non-standard or infected MBR.Enter 'Y' and hit ENTER for more options, or 'N' to exit: Link to post Share on other sites More sharing options...
TheDarkKnight Posted August 29, 2012 ID:591152 Share Posted August 29, 2012 Hey morrowc. Please run the following tool. Please download MBRScan and save it to your Desktop.Doubleclick on MBRScan.exe and click the Report button. (Vista and Windows 7 Users, right click on MBRScan and then click on Run as administrator).Please don't use the computer while the scan is running. The computer may not respond until the scan is done. Please be patient and don't force a restart of the computer.When the scan is finished, a log file will appear.Save that log file to your Desktop and post its content in your next reply.After running MBRScan please do the following to get a dump:Please re-run MBRScan.Click Dump.Once you have selected your MBR code, please click Dump Selected MBR (if there are multiple codes please do this for each of them).In your reply please provide the contents of the MBRScan log and the Dump. Link to post Share on other sites More sharing options...
morrowc Posted August 30, 2012 Author ID:591482 Share Posted August 30, 2012 Hello,Here is the MBRScan report:MBRScan v1.1.1OS : Windows 7 Service Pack 1 (64 bit)PROCESSOR : Intel64 Family 6 Model 23 Stepping 10, GenuineIntelBOOT : Normal BootDATE : 2012/08/29 (ISO 8601) at 21:21:12________________________________________________________________________________DISK : Device\Harddisk0\DR0 __ST916031 4AS (D005)BUS_TYPE : (0x03) P-ATAUSE_PIO : NOMAX_TRANSFER : 128 KbALIGNMENT_MASK : word aligned________________________________________________________________________________Device\Harddisk0\DR0 149.1 Go [Fixed] ==> Possible TDL4 MBR CodeMBR_MD5 : D56692ABF9ED1D7656443C115AE4981BMBR_SHA1 : 5CC1C43A58E8B96791D3D55B3499BC9DB720F810Device\Harddisk0\Partition1 109.8 Mo 0xDE Dell Utility Device\Harddisk0\Partition2 18.42 Go 0x07 NTFS / HPFS __ BOOTABLE __Device\Harddisk0\Partition3 130.5 Go 0x07 NTFS / HPFS________________________________________________________________________________############################### Additional scan ################################DRIVER : C:\Windows\system32\hal.dll => Invisible on the diskADDRESS : 0x03012000SIZE : 292.0 KoDRIVER : C:\Windows\system32\kdcom.dll => Invisible on the diskADDRESS : 0x00BC6000SIZE : 12.0 KoDRIVER : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the diskADDRESS : 0x00C85000SIZE : 316.0 KoDRIVER : C:\Windows\system32\CLFS.SYS => Invisible on the diskADDRESS : 0x00CE8000SIZE : 376.0 KoDRIVER : C:\Windows\system32\CI.dll => Invisible on the diskADDRESS : 0x00EAB000SIZE : 768.0 KoDRIVER : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the diskADDRESS : 0x00E00000SIZE : 656.0 KoDRIVER : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the diskADDRESS : 0x00F6B000SIZE : 60.0 KoDRIVER : C:\Windows\system32\drivers\ACPI.sys => Invisible on the diskADDRESS : 0x00F7A000SIZE : 348.0 KoDRIVER : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the diskADDRESS : 0x00FD1000SIZE : 36.0 KoDRIVER : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the diskADDRESS : 0x00FDA000SIZE : 40.0 KoDRIVER : C:\Windows\system32\drivers\pci.sys => Invisible on the diskADDRESS : 0x00D46000SIZE : 204.0 KoDRIVER : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the diskADDRESS : 0x00FE4000SIZE : 52.0 KoDRIVER : C:\Windows\System32\drivers\partmgr.sys => Invisible on the diskADDRESS : 0x00D79000SIZE : 84.0 KoDRIVER : C:\Windows\system32\DRIVERS\compbatt.sys => Invisible on the diskADDRESS : 0x00FF1000SIZE : 36.0 KoDRIVER : C:\Windows\system32\DRIVERS\BATTC.SYS => Invisible on the diskADDRESS : 0x00D8E000SIZE : 48.0 KoDRIVER : C:\Windows\system32\drivers\volmgr.sys => Invisible on the diskADDRESS : 0x00D9A000SIZE : 84.0 KoDRIVER : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the diskADDRESS : 0x00C00000SIZE : 368.0 KoDRIVER : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the diskADDRESS : 0x00C5C000SIZE : 104.0 KoDRIVER : C:\Windows\system32\DRIVERS\iaStor.sys => Invisible on the diskADDRESS : 0x0104E000SIZE : 2.04 MoDRIVER : C:\Windows\system32\drivers\atapi.sys => Invisible on the diskADDRESS : 0x01258000SIZE : 36.0 KoDRIVER : C:\Windows\system32\drivers\ataport.SYS => Invisible on the diskADDRESS : 0x01261000SIZE : 168.0 KoDRIVER : C:\Windows\system32\drivers\msahci.sys => Invisible on the diskADDRESS : 0x0128B000SIZE : 44.0 KoDRIVER : C:\Windows\system32\drivers\PCIIDEX.SYS => Invisible on the diskADDRESS : 0x01296000SIZE : 64.0 KoDRIVER : C:\Windows\system32\drivers\amdxata.sys => Invisible on the diskADDRESS : 0x012A6000SIZE : 44.0 KoDRIVER : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the diskADDRESS : 0x012B1000SIZE : 304.0 KoDRIVER : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the diskADDRESS : 0x012FD000SIZE : 80.0 KoDRIVER : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the diskADDRESS : 0x0143E000SIZE : 1.64 MoDRIVER : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the diskADDRESS : 0x01311000SIZE : 376.0 KoDRIVER : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the diskADDRESS : 0x015E1000SIZE : 108.0 KoDRIVER : C:\Windows\System32\Drivers\cng.sys => Invisible on the diskADDRESS : 0x0136F000SIZE : 456.0 KoDRIVER : C:\Windows\System32\drivers\pcw.sys => Invisible on the diskADDRESS : 0x01400000SIZE : 68.0 KoDRIVER : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the diskADDRESS : 0x01411000SIZE : 40.0 KoDRIVER : C:\Windows\system32\drivers\ndis.sys => Invisible on the diskADDRESS : 0x01672000SIZE : 972.0 KoDRIVER : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the diskADDRESS : 0x01765000SIZE : 384.0 KoDRIVER : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the diskADDRESS : 0x017C5000SIZE : 172.0 KoDRIVER : C:\Windows\System32\drivers\tcpip.sys => Invisible on the diskADDRESS : 0x018A7000SIZE : 2.02 MoDRIVER : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the diskADDRESS : 0x01AAB000SIZE : 296.0 KoDRIVER : C:\Windows\system32\drivers\volsnap.sys => Invisible on the diskADDRESS : 0x01AF5000SIZE : 304.0 KoDRIVER : C:\Windows\system32\DRIVERS\stdflt.sys => Invisible on the diskADDRESS : 0x01B41000SIZE : 32.0 KoDRIVER : C:\Windows\System32\Drivers\spldr.sys => Invisible on the diskADDRESS : 0x01B49000SIZE : 32.0 KoDRIVER : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the diskADDRESS : 0x01B51000SIZE : 232.0 KoDRIVER : C:\Windows\System32\Drivers\mup.sys => Invisible on the diskADDRESS : 0x01B8B000SIZE : 72.0 KoDRIVER : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the diskADDRESS : 0x01BA6000SIZE : 36.0 KoDRIVER : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the diskADDRESS : 0x01BAF000SIZE : 232.0 KoDRIVER : C:\Windows\system32\DRIVERS\disk.sys => Invisible on the diskADDRESS : 0x01800000SIZE : 88.0 KoDRIVER : C:\Windows\system32\DRIVERS\CLASSPNP.SYS => Invisible on the diskADDRESS : 0x01816000SIZE : 192.0 KoDRIVER : C:\Windows\System32\Drivers\Null.SYS => Invisible on the diskADDRESS : 0x03F3D000SIZE : 36.0 KoDRIVER : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the diskADDRESS : 0x03F46000SIZE : 28.0 KoDRIVER : C:\Windows\System32\drivers\vga.sys => Invisible on the diskADDRESS : 0x03F4D000SIZE : 56.0 KoDRIVER : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the diskADDRESS : 0x03F5B000SIZE : 148.0 KoDRIVER : C:\Windows\System32\drivers\watchdog.sys => Invisible on the diskADDRESS : 0x03F80000SIZE : 64.0 KoDRIVER : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the diskADDRESS : 0x03F90000SIZE : 36.0 KoDRIVER : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the diskADDRESS : 0x03F99000SIZE : 36.0 KoDRIVER : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the diskADDRESS : 0x03FA2000SIZE : 36.0 KoDRIVER : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the diskADDRESS : 0x03FAB000SIZE : 44.0 KoDRIVER : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the diskADDRESS : 0x03FB6000SIZE : 68.0 KoDRIVER : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the diskADDRESS : 0x03FC7000SIZE : 136.0 KoDRIVER : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the diskADDRESS : 0x03FE9000SIZE : 52.0 KoDRIVER : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the diskADDRESS : 0x03C00000SIZE : 276.0 KoDRIVER : C:\Windows\system32\drivers\afd.sys => Invisible on the diskADDRESS : 0x03C45000SIZE : 548.0 KoDRIVER : C:\Windows\system32\drivers\ws2ifsl.sys => Invisible on the diskADDRESS : 0x03CCE000SIZE : 44.0 KoDRIVER : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the diskADDRESS : 0x03CD9000SIZE : 36.0 KoDRIVER : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the diskADDRESS : 0x03F13000SIZE : 152.0 KoDRIVER : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the diskADDRESS : 0x01854000SIZE : 88.0 KoDRIVER : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the diskADDRESS : 0x03CE2000SIZE : 60.0 KoDRIVER : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the diskADDRESS : 0x0186A000SIZE : 108.0 KoDRIVER : C:\Windows\system32\drivers\termdd.sys => Invisible on the diskADDRESS : 0x01885000SIZE : 80.0 KoDRIVER : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the diskADDRESS : 0x01600000SIZE : 324.0 KoDRIVER : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the diskADDRESS : 0x01899000SIZE : 48.0 KoDRIVER : C:\Windows\system32\drivers\mssmbios.sys => Invisible on the diskADDRESS : 0x01BF3000SIZE : 44.0 KoDRIVER : C:\Windows\System32\Drivers\ElbyCDIO.sys => Invisible on the diskADDRESS : 0x01651000SIZE : 44.0 KoDRIVER : C:\Windows\System32\drivers\discache.sys => Invisible on the diskADDRESS : 0x0165C000SIZE : 60.0 KoDRIVER : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the diskADDRESS : 0x0141B000SIZE : 120.0 KoDRIVER : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the diskADDRESS : 0x013E1000SIZE : 68.0 KoDRIVER : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the diskADDRESS : 0x01000000SIZE : 152.0 KoDRIVER : C:\Windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the diskADDRESS : 0x0F24C000SIZE : 12.46 MoDRIVER : C:\Windows\System32\Drivers\nvBridge.kmd => Invisible on the diskADDRESS : 0x0FEC3000SIZE : 20.0 KoDRIVER : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the diskADDRESS : 0x0FEC8000SIZE : 976.0 KoDRIVER : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the diskADDRESS : 0x0F200000SIZE : 280.0 KoDRIVER : C:\Windows\system32\drivers\HDAudBus.sys => Invisible on the diskADDRESS : 0x0FFBC000SIZE : 144.0 KoDRIVER : C:\Windows\system32\DRIVERS\usbuhci.sys => Invisible on the diskADDRESS : 0x0FFE0000SIZE : 52.0 KoDRIVER : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the diskADDRESS : 0x02E53000SIZE : 344.0 KoDRIVER : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the diskADDRESS : 0x02EA9000SIZE : 68.0 KoDRIVER : C:\Windows\system32\DRIVERS\L1C62x64.sys => Invisible on the diskADDRESS : 0x02EBA000SIZE : 84.0 KoDRIVER : C:\Windows\system32\DRIVERS\bcmwl664.sys => Invisible on the diskADDRESS : 0x042D8000SIZE : 2.93 MoDRIVER : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the diskADDRESS : 0x045C6000SIZE : 52.0 KoDRIVER : C:\Windows\system32\DRIVERS\SCSIPORT.SYS => Invisible on the diskADDRESS : 0x04227000SIZE : 188.0 KoDRIVER : C:\Windows\system32\DRIVERS\CmBatt.sys => Invisible on the diskADDRESS : 0x04256000SIZE : 20.0 KoDRIVER : C:\Windows\system32\drivers\i8042prt.sys => Invisible on the diskADDRESS : 0x0425B000SIZE : 120.0 KoDRIVER : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the diskADDRESS : 0x04279000SIZE : 60.0 KoDRIVER : C:\Windows\system32\DRIVERS\SynTP.sys => Invisible on the diskADDRESS : 0x04288000SIZE : 320.0 KoDRIVER : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the diskADDRESS : 0x045FD000SIZE : 8.0 KoDRIVER : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the diskADDRESS : 0x02ECF000SIZE : 60.0 KoDRIVER : C:\Windows\system32\DRIVERS\Acceler.sys => Invisible on the diskADDRESS : 0x02EDE000SIZE : 60.0 KoDRIVER : C:\Windows\system32\drivers\wmiacpi.sys => Invisible on the diskADDRESS : 0x02EED000SIZE : 36.0 KoDRIVER : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the diskADDRESS : 0x02EF6000SIZE : 88.0 KoDRIVER : C:\Windows\system32\drivers\CompositeBus.sys => Invisible on the diskADDRESS : 0x02F0C000SIZE : 64.0 KoDRIVER : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the diskADDRESS : 0x02F1C000SIZE : 88.0 KoDRIVER : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the diskADDRESS : 0x02F32000SIZE : 144.0 KoDRIVER : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the diskADDRESS : 0x02F56000SIZE : 48.0 KoDRIVER : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the diskADDRESS : 0x02F62000SIZE : 188.0 KoDRIVER : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the diskADDRESS : 0x02F91000SIZE : 108.0 KoDRIVER : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the diskADDRESS : 0x02FAC000SIZE : 132.0 KoDRIVER : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the diskADDRESS : 0x02FCD000SIZE : 104.0 KoDRIVER : C:\Windows\system32\DRIVERS\VClone.sys => Invisible on the diskADDRESS : 0x02FE7000SIZE : 60.0 KoDRIVER : C:\Windows\system32\drivers\swenum.sys => Invisible on the diskADDRESS : 0x02FF6000SIZE : 8.0 KoDRIVER : C:\Windows\system32\drivers\ks.sys => Invisible on the diskADDRESS : 0x02E00000SIZE : 268.0 KoDRIVER : C:\Windows\system32\drivers\umbus.sys => Invisible on the diskADDRESS : 0x0FFED000SIZE : 72.0 KoDRIVER : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the diskADDRESS : 0x046CC000SIZE : 360.0 KoDRIVER : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the diskADDRESS : 0x04726000SIZE : 84.0 KoDRIVER : C:\Windows\system32\drivers\portcls.sys => Invisible on the diskADDRESS : 0x04768000SIZE : 244.0 KoDRIVER : C:\Windows\system32\drivers\drmk.sys => Invisible on the diskADDRESS : 0x047A5000SIZE : 136.0 KoDRIVER : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the diskADDRESS : 0x047C7000SIZE : 24.0 KoDRIVER : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the diskADDRESS : 0x058EA000SIZE : 2.23 MoDRIVER : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the diskADDRESS : 0x05B24000SIZE : 168.0 KoDRIVER : C:\Windows\System32\win32k.sys => Invisible on the diskADDRESS : 0x000D0000SIZE : 3.08 MoDRIVER : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the diskADDRESS : 0x05B4E000SIZE : 48.0 KoDRIVER : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the diskADDRESS : 0x05B5A000SIZE : 56.0 KoDRIVER : C:\Windows\System32\Drivers\dump_iaStor.sys => Invisible on the diskADDRESS : 0x03CF1000SIZE : 2.04 MoDRIVER : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the diskADDRESS : 0x05B68000SIZE : 76.0 KoDRIVER : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the diskADDRESS : 0x05B7B000SIZE : 116.0 KoDRIVER : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the diskADDRESS : 0x05B98000SIZE : 184.0 KoDRIVER : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the diskADDRESS : 0x05BC6000SIZE : 56.0 KoDRIVER : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the diskADDRESS : 0x05BD4000SIZE : 100.0 KoDRIVER : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the diskADDRESS : 0x05BED000SIZE : 36.0 KoDRIVER : C:\Windows\system32\DRIVERS\kbdhid.sys => Invisible on the diskADDRESS : 0x05800000SIZE : 56.0 KoDRIVER : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the diskADDRESS : 0x0580E000SIZE : 52.0 KoDRIVER : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the diskADDRESS : 0x0581B000SIZE : 56.0 KoDRIVER : C:\Windows\System32\TSDDD.dll => Invisible on the diskADDRESS : 0x004B0000SIZE : 40.0 KoDRIVER : C:\Windows\System32\cdd.dll => Invisible on the diskADDRESS : 0x00740000SIZE : 156.0 KoDRIVER : C:\Windows\system32\drivers\luafv.sys => Invisible on the diskADDRESS : 0x05829000SIZE : 140.0 KoDRIVER : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the diskADDRESS : 0x0584C000SIZE : 132.0 KoDRIVER : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the diskADDRESS : 0x0586D000SIZE : 84.0 KoDRIVER : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the diskADDRESS : 0x05882000SIZE : 332.0 KoDRIVER : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the diskADDRESS : 0x058D5000SIZE : 76.0 KoDRIVER : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the diskADDRESS : 0x047CD000SIZE : 96.0 KoDRIVER : C:\Windows\system32\drivers\HTTP.sys => Invisible on the diskADDRESS : 0x04600000SIZE : 804.0 KoDRIVER : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the diskADDRESS : 0x01026000SIZE : 120.0 KoDRIVER : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the diskADDRESS : 0x03EFB000SIZE : 96.0 KoDRIVER : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the diskADDRESS : 0x05CE6000SIZE : 180.0 KoDRIVER : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the diskADDRESS : 0x05D13000SIZE : 312.0 KoDRIVER : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the diskADDRESS : 0x05D61000SIZE : 144.0 KoDRIVER : C:\Windows\system32\DRIVERS\atksgt.sys => Invisible on the diskADDRESS : 0x05D85000SIZE : 316.0 KoDRIVER : C:\Windows\system32\DRIVERS\lirsgt.sys => Invisible on the diskADDRESS : 0x05DD4000SIZE : 52.0 KoDRIVER : C:\Windows\system32\drivers\peauth.sys => Invisible on the diskADDRESS : 0x05C23000SIZE : 664.0 KoDRIVER : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the diskADDRESS : 0x05CC9000SIZE : 44.0 KoDRIVER : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the diskADDRESS : 0x0703D000SIZE : 196.0 KoDRIVER : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the diskADDRESS : 0x0706E000SIZE : 72.0 KoDRIVER : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the diskADDRESS : 0x070AD000SIZE : 420.0 KoDRIVER : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the diskADDRESS : 0x07116000SIZE : 608.0 KoDRIVER : C:\Windows\system32\drivers\BCM42RLY.sys => Invisible on the diskADDRESS : 0x071AE000SIZE : 36.0 KoDRIVER : C:\Windows\system32\drivers\mbam.sys => Invisible on the diskADDRESS : 0x071B7000SIZE : 40.0 KoDRIVER : C:\Windows\system32\drivers\ohci1394.sys => Invisible on the diskADDRESS : 0x071C1000SIZE : 72.0 KoDRIVER : C:\Windows\system32\drivers\1394BUS.SYS => Invisible on the diskADDRESS : 0x071D3000SIZE : 96.0 KoDRIVER : C:\Windows\system32\DRIVERS\johci.sys => Invisible on the diskADDRESS : 0x071EB000SIZE : 36.0 KoDRIVER : C:\Windows\system32\DRIVERS\jmcr.sys => Invisible on the diskADDRESS : 0x07000000SIZE : 156.0 KoDRIVER : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the diskADDRESS : 0x00DAF000SIZE : 216.0 KoDRIVER : C:\Windows\System32\smss.exe => Invisible on the diskADDRESS : 0x47F60000SIZE : 128.0 KoBCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdOSLoaderBoolean_WinPEMode (26000022)SystemStartOptions : NOEXECUTE=OPTIN_____________________________________________________________________________________FAKED \Device\Harddisk0\DR0 0x00000000 31 C0 8E D0 BC 00 7C 8E C0 8E D8 FC FB 60 B9 DC 1À.м.|.À.Øüû`¹ü0x00000010 00 BD 1A 7C D2 4E 00 45 E2 FA 88 B0 50 FA 83 17 .½.|ÒN.Eâú.°Pú..0x00000020 C4 80 01 0D 4C 08 C1 70 81 74 B6 E3 1F 0C F6 3E Ä...L.Áp.t¶ã..ö>0x00000030 87 00 66 89 03 CC A3 08 5F 96 84 F5 DB F8 CD 89 ..f..Ì£._..õûØÍ.0x00000040 EF 3E C7 CD 14 00 E8 39 00 CC B8 22 40 FF 36 B5 ï>ÇÍ..è9.̸"@.6µ0x00000050 1F E0 13 FF A3 2C 00 5F CA AF B8 70 A4 FA F3 52 .À..£,._ʯ¸p¤úóR0x00000060 68 E4 D7 2C 03 EA ED B0 BA 00 00 00 00 C0 C6 03 hÄ×,.ÊÍ°º....ÀÆ.0x00000070 85 AF 00 36 18 30 7D 00 B1 C0 51 EB 40 8D 06 8B .¯.6.0}.±ÀQë@...0x00000080 5F 20 E0 7C 18 36 7D E3 81 23 D7 29 F5 CC FF 1B _ À|.6}ã.#×)õÌ..0x00000090 81 AF 66 7C 18 3A 7D 33 FF C6 A0 EB 99 1F 06 90 .¯f|.:}3.Æ.ë....0x000000A0 5F CC 04 33 A4 0C 1D BE 99 70 E1 09 F5 00 B4 21 _Ì.3¤..¾.pÁ.õ.´!0x000000B0 AF A2 D7 54 58 28 7D E6 C4 2C 3C 33 C4 81 E8 56 ¯¢×TX(}ÆÄ,<3Ä.èV0x000000C0 FF 30 E3 29 F5 A6 44 3A 43 CC FF 70 18 FA 66 C1 .0ã)õ¦D:CÌ.p.úfÁ0x000000D0 87 41 D7 00 AF CB 89 E6 EE 02 00 F5 AC FA 56 AB .A×.¯ë.Æî..õ¬úV«0x000000E0 FC D4 F5 F2 16 93 74 04 E0 D8 02 4C A7 96 75 77 üÔõÒ..t.ÀØ.L§.uw0x000000F0 F0 0E 86 63 91 00 F9 02 01 72 2C 66 68 07 BB 00 Ð..c..ù..r,fh.».0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öÊ.|..Í0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.ë..¶.ë..µ.2Ä0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....Ь<.t.»..´.Í0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ëÒÔëý+ÉÄdë.$.ÀØ0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ãInvalid parti0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst0x000001B0 65 6D 00 00 00 63 7B 9A 00 00 00 10 00 00 00 01 em...c{.........0x000001C0 01 00 DE FE 3F 0D 3F 00 00 00 4F 6E 03 00 80 05 ..ÞÞ?.?...On....0x000001D0 38 0E 07 FE FF FF 00 70 03 00 00 50 4D 02 00 FE 8..Þ...p...PM..Þ0x000001E0 FF FF 07 FE FF FF 00 C0 50 02 00 D0 50 10 00 00 ...Þ...ÀP..ÐP...0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª__ORIGINAL \Device\Harddisk0\DR0 0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..ëû¹..0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å.0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.ÞF.f`.~..t0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ÔÍ.0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..ë.¸..».|.V.0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.fas.Þ0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².ë.0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2Ä.V.Í.]ë..>Þ}U0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°ñÆd0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßÆ`è|.°.Ædèu0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.».0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öÊ.|..Í0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.ë..¶.ë..µ.2Ä0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....Ь<.t.»..´.Í0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ëÒÔëý+ÉÄdë.$.ÀØ0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ãInvalid parti0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst0x000001B0 65 6D 00 00 00 63 7B 9A 00 00 00 10 00 00 00 01 em...c{.........0x000001C0 01 00 DE FE 3F 0D 3F 00 00 00 4F 6E 03 00 80 05 ..ÞÞ?.?...On....0x000001D0 38 0E 07 FE FF FF 00 70 03 00 00 50 4D 02 00 FE 8..Þ...p...PM..Þ0x000001E0 FF FF 07 FE FF FF 00 C0 50 02 00 D0 50 10 00 00 ...Þ...ÀP..ÐP...0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............UªI ran the program again and pressed "dump," then "dump selected MBR." I can't find an associated log file though - just a few files with .mbr extensions, like "Dump_Hdd0_DR0.mbr." Did you want to view those files? Link to post Share on other sites More sharing options...
morrowc Posted August 30, 2012 Author ID:591487 Share Posted August 30, 2012 I see that other people have attached files to their posts, but I don't see any options to attach files in my replies.... is there something I'm missing? (sorry for the stupid question) Link to post Share on other sites More sharing options...
morrowc Posted August 30, 2012 Author ID:591488 Share Posted August 30, 2012 Alright, figured out how to upload files, but it won't let me upload .mbr files.... Link to post Share on other sites More sharing options...
TheDarkKnight Posted August 30, 2012 ID:591529 Share Posted August 30, 2012 Hello morrowc. It seems MBRScan may have fixed the infection but to be sure:Please re-run MBRCheck and post the log in your reply.Then, please download to your Desktop:TDSSKiller.zip from here and extract it (right click on it => "Extract here").>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.Click on the Start Scan button and wait for the scan and disinfection process to be over.If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue If a suspicious file is detected, the default action will be Skip, click on Continue If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.==========Please include in your reply:MBRCheck log.TDSSKiller log. Link to post Share on other sites More sharing options...
morrowc Posted August 31, 2012 Author ID:591902 Share Posted August 31, 2012 I've attached the two logs. Thanks!MBRCheck_08.30.12_20.56.11.txtTDSSKillerLog.txt Link to post Share on other sites More sharing options...
TheDarkKnight Posted August 31, 2012 ID:591916 Share Posted August 31, 2012 Hey morrowc. Please post the content of the logs, as malware writers would like nothing more than to infect the computers of helpers, such as myself.Thanks! Link to post Share on other sites More sharing options...
morrowc Posted August 31, 2012 Author ID:591918 Share Posted August 31, 2012 Sorry! Here's the MBRCheck log:MBRCheck, version 1.2.3© 2010, ADCommand-line: Windows Version: Windows 7 Home Premium EditionWindows Information: Service Pack 1 (build 7601), 64-bitBase Board Manufacturer: AlienwareBIOS Manufacturer: AlienwareSystem Manufacturer: AlienwareSystem Product Name: M11xLogical Drives Mask: 0x0000000cKernel Drivers (total 207): 0x0305B000 \SystemRoot\system32\ntoskrnl.exe 0x03012000 \SystemRoot\system32\hal.dll 0x00BC6000 \SystemRoot\system32\kdcom.dll 0x00C85000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00CD4000 \SystemRoot\system32\PSHED.dll 0x00CE8000 \SystemRoot\system32\CLFS.SYS 0x00EAB000 \SystemRoot\system32\CI.dll 0x00E00000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F6B000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00F7A000 \SystemRoot\system32\drivers\ACPI.sys 0x00FD1000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00FDA000 \SystemRoot\system32\drivers\msisadrv.sys 0x00D46000 \SystemRoot\system32\drivers\pci.sys 0x00FE4000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00D79000 \SystemRoot\System32\drivers\partmgr.sys 0x00FF1000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x00D8E000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x00D9A000 \SystemRoot\system32\drivers\volmgr.sys 0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys 0x00C5C000 \SystemRoot\System32\drivers\mountmgr.sys 0x0104E000 \SystemRoot\system32\DRIVERS\iaStor.sys 0x01258000 \SystemRoot\system32\drivers\atapi.sys 0x01261000 \SystemRoot\system32\drivers\ataport.SYS 0x0128B000 \SystemRoot\system32\drivers\msahci.sys 0x01296000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x012A6000 \SystemRoot\system32\drivers\amdxata.sys 0x012B1000 \SystemRoot\system32\drivers\fltmgr.sys 0x012FD000 \SystemRoot\system32\drivers\fileinfo.sys 0x0143E000 \SystemRoot\System32\Drivers\Ntfs.sys 0x01311000 \SystemRoot\System32\Drivers\msrpc.sys 0x015E1000 \SystemRoot\System32\Drivers\ksecdd.sys 0x0136F000 \SystemRoot\System32\Drivers\cng.sys 0x01400000 \SystemRoot\System32\drivers\pcw.sys 0x01411000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01672000 \SystemRoot\system32\drivers\ndis.sys 0x01765000 \SystemRoot\system32\drivers\NETIO.SYS 0x017C5000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x018A7000 \SystemRoot\System32\drivers\tcpip.sys 0x01AAB000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01AF5000 \SystemRoot\system32\drivers\volsnap.sys 0x01B41000 \SystemRoot\system32\DRIVERS\stdflt.sys 0x01B49000 \SystemRoot\System32\Drivers\spldr.sys 0x01B51000 \SystemRoot\System32\drivers\rdyboost.sys 0x01B8B000 \SystemRoot\System32\Drivers\mup.sys 0x01BA6000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01BAF000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x01BE9000 \SystemRoot\system32\DRIVERS\EMSC.SYS 0x01800000 \SystemRoot\system32\DRIVERS\disk.sys 0x01816000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x03F3D000 \SystemRoot\System32\Drivers\Null.SYS 0x03F46000 \SystemRoot\System32\Drivers\Beep.SYS 0x03F4D000 \SystemRoot\System32\drivers\vga.sys 0x03F5B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x03F80000 \SystemRoot\System32\drivers\watchdog.sys 0x03F90000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x03F99000 \SystemRoot\system32\drivers\rdpencdd.sys 0x03FA2000 \SystemRoot\system32\drivers\rdprefmp.sys 0x03FAB000 \SystemRoot\System32\Drivers\Msfs.SYS 0x03FB6000 \SystemRoot\System32\Drivers\Npfs.SYS 0x03FC7000 \SystemRoot\system32\DRIVERS\tdx.sys 0x03FE9000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x03C00000 \SystemRoot\System32\DRIVERS\netbt.sys 0x03C45000 \SystemRoot\system32\drivers\afd.sys 0x03CCE000 \SystemRoot\system32\drivers\ws2ifsl.sys 0x03CD9000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x03F13000 \SystemRoot\system32\DRIVERS\pacer.sys 0x01854000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x03CE2000 \SystemRoot\system32\DRIVERS\netbios.sys 0x0186A000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x01885000 \SystemRoot\system32\drivers\termdd.sys 0x01600000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x01899000 \SystemRoot\system32\drivers\nsiproxy.sys 0x01BF3000 \SystemRoot\system32\drivers\mssmbios.sys 0x01651000 \SystemRoot\System32\Drivers\ElbyCDIO.sys 0x0165C000 \SystemRoot\System32\drivers\discache.sys 0x0141B000 \SystemRoot\System32\Drivers\dfsc.sys 0x013E1000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x01000000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x0F24C000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x0FEC3000 \SystemRoot\System32\Drivers\nvBridge.kmd 0x0FEC8000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x0F200000 \SystemRoot\System32\drivers\dxgmms1.sys 0x0FFBC000 \SystemRoot\system32\drivers\HDAudBus.sys 0x0FFE0000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x02E53000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x02EA9000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x02EBA000 \SystemRoot\system32\DRIVERS\L1C62x64.sys 0x042D8000 \SystemRoot\system32\DRIVERS\bcmwl664.sys 0x045C6000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x04227000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS 0x04256000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x0425B000 \SystemRoot\system32\drivers\i8042prt.sys 0x04279000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x04288000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x045FD000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x02ECF000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x02EDE000 \SystemRoot\system32\DRIVERS\Acceler.sys 0x02EED000 \SystemRoot\system32\drivers\wmiacpi.sys 0x02EF6000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x02F0C000 \SystemRoot\system32\drivers\CompositeBus.sys 0x02F1C000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x02F32000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x02F56000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x02F62000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x02F91000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x02FAC000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x02FCD000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x02FE7000 \SystemRoot\system32\DRIVERS\VClone.sys 0x02FF6000 \SystemRoot\system32\drivers\swenum.sys 0x02E00000 \SystemRoot\system32\drivers\ks.sys 0x0FFED000 \SystemRoot\system32\drivers\umbus.sys 0x046CC000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x04726000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x04768000 \SystemRoot\system32\drivers\portcls.sys 0x047A5000 \SystemRoot\system32\drivers\drmk.sys 0x047C7000 \SystemRoot\system32\drivers\ksthunk.sys 0x058EA000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x05B24000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x000D0000 \SystemRoot\System32\win32k.sys 0x05B4E000 \SystemRoot\System32\drivers\Dxapi.sys 0x05B5A000 \SystemRoot\System32\Drivers\crashdmp.sys 0x03CF1000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x05B68000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x05B7B000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x05B98000 \SystemRoot\System32\Drivers\usbvideo.sys 0x05BC6000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x05BD4000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x05BED000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x05800000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x0580E000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x0581B000 \SystemRoot\system32\DRIVERS\monitor.sys 0x004B0000 \SystemRoot\System32\TSDDD.dll 0x00740000 \SystemRoot\System32\cdd.dll 0x00870000 \SystemRoot\System32\ATMFD.DLL 0x05829000 \SystemRoot\system32\drivers\luafv.sys 0x0584C000 \SystemRoot\system32\drivers\WudfPf.sys 0x0586D000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x05882000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x058D5000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x047CD000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x04600000 \SystemRoot\system32\drivers\HTTP.sys 0x01026000 \SystemRoot\system32\DRIVERS\bowser.sys 0x03EFB000 \SystemRoot\System32\drivers\mpsdrv.sys 0x05CE6000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x05D13000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x05D61000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x05D85000 \SystemRoot\system32\DRIVERS\atksgt.sys 0x05DD4000 \SystemRoot\system32\DRIVERS\lirsgt.sys 0x05C00000 \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys 0x05C23000 \SystemRoot\system32\drivers\peauth.sys 0x05CC9000 \SystemRoot\System32\Drivers\secdrv.SYS 0x0703D000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x0706E000 \SystemRoot\System32\drivers\tcpipreg.sys 0x07080000 \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl 0x070AD000 \SystemRoot\System32\DRIVERS\srv2.sys 0x07116000 \SystemRoot\System32\DRIVERS\srv.sys 0x071AE000 \SystemRoot\system32\drivers\BCM42RLY.sys 0x071B7000 \??\C:\Windows\system32\drivers\mbam.sys 0x00DAF000 \SystemRoot\System32\Drivers\fastfat.SYS 0x071C1000 \SystemRoot\system32\drivers\ohci1394.sys 0x071D3000 \SystemRoot\system32\drivers\1394BUS.SYS 0x071EB000 \SystemRoot\system32\DRIVERS\johci.sys 0x07000000 \SystemRoot\system32\DRIVERS\jmcr.sys 0x07027000 \SystemRoot\system32\drivers\MSPQM.sys 0x09A2C000 \SystemRoot\system32\DRIVERS\facap.sys 0x09A65000 \SystemRoot\system32\DRIVERS\STREAM.SYS 0x09A76000 \SystemRoot\system32\drivers\MSPCLOCK.sys 0x77530000 \Windows\System32\ntdll.dll 0x47F60000 \Windows\System32\smss.exe 0xFF850000 \Windows\System32\apisetschema.dll 0xFF7D0000 \Windows\System32\autochk.exe 0x77700000 \Windows\System32\psapi.dll 0xFF730000 \Windows\System32\msctf.dll 0xFF710000 \Windows\System32\imagehlp.dll 0xFF670000 \Windows\System32\msvcrt.dll 0xFF590000 \Windows\System32\advapi32.dll 0xFF580000 \Windows\System32\nsi.dll 0xFF4E0000 \Windows\System32\clbcatq.dll 0xFF3B0000 \Windows\System32\wininet.dll 0xFF330000 \Windows\System32\shlwapi.dll 0xFF2C0000 \Windows\System32\gdi32.dll 0xFF240000 \Windows\System32\difxapi.dll 0xFEFE0000 \Windows\System32\iertutil.dll 0xFEE60000 \Windows\System32\urlmon.dll 0xFEE30000 \Windows\System32\imm32.dll 0x77430000 \Windows\System32\user32.dll 0x77310000 \Windows\System32\kernel32.dll 0xFEC20000 \Windows\System32\ole32.dll 0xFEC00000 \Windows\System32\sechost.dll 0xFDE70000 \Windows\System32\shell32.dll 0xFDC90000 \Windows\System32\setupapi.dll 0xFDC30000 \Windows\System32\Wldap32.dll 0xFDBE0000 \Windows\System32\ws2_32.dll 0x776F0000 \Windows\System32\normaliz.dll 0xFDB00000 \Windows\System32\oleaut32.dll 0xFDA30000 \Windows\System32\usp10.dll 0xFD900000 \Windows\System32\rpcrt4.dll 0xFD8F0000 \Windows\System32\lpk.dll 0xFD850000 \Windows\System32\comdlg32.dll 0xFD7E0000 \Windows\System32\KernelBase.dll 0xFD7A0000 \Windows\System32\cfgmgr32.dll 0xFD630000 \Windows\System32\crypt32.dll 0xFD5F0000 \Windows\System32\wintrust.dll 0xFD5D0000 \Windows\System32\devobj.dll 0xFD530000 \Windows\System32\comctl32.dll 0xFD520000 \Windows\System32\msasn1.dll 0x75370000 \Windows\SysWOW64\normaliz.dllProcesses (total 103): 0 System Idle Process 4 System 276 C:\Windows\System32\smss.exe 496 csrss.exe 560 csrss.exe 568 C:\Windows\System32\wininit.exe 636 C:\Windows\System32\winlogon.exe 696 C:\Windows\System32\services.exe 704 C:\Windows\System32\lsass.exe 712 C:\Windows\System32\lsm.exe 888 C:\Windows\System32\svchost.exe 960 C:\Windows\System32\nvvsvc.exe 996 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 292 C:\Windows\System32\svchost.exe 768 C:\Windows\System32\svchost.exe 604 C:\Windows\System32\svchost.exe 1028 C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe 1080 C:\Windows\System32\svchost.exe 1196 C:\Windows\System32\svchost.exe 1240 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 1252 C:\Windows\System32\nvvsvc.exe 1484 C:\Windows\System32\svchost.exe 1940 C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE 1948 C:\Windows\System32\wlanext.exe 1956 C:\Windows\System32\conhost.exe 2040 C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE 1468 C:\Windows\System32\spoolsv.exe 1740 C:\Windows\System32\svchost.exe 1432 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 1844 C:\Windows\System32\taskhost.exe 2104 C:\Windows\System32\dwm.exe 2188 C:\Windows\explorer.exe 2568 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2576 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2584 C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE 2596 C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe 2608 C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe 2616 C:\Program Files\Logitech\SetPointP\SetPoint.exe 2648 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2696 C:\Program Files (x86)\RAMRush\RAMRush.exe 2796 C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe 2864 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 3016 C:\Users\Morrow\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe 2404 C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe 1692 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 1768 C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe 2536 C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe 2728 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe 2832 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe 2848 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 2764 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2744 C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe 3040 C:\Program Files (x86)\Java\jre6\bin\jusched.exe 2484 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 2276 C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe 2720 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 3356 C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe 3388 C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe 3564 C:\Windows\System32\svchost.exe 3608 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 4028 C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe 3436 C:\Windows\System32\svchost.exe 1456 C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe 324 WmiPrvSE.exe 4576 C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe 4584 C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe 4596 C:\Windows\System32\conhost.exe 4620 C:\Windows\System32\conhost.exe 4792 C:\Windows\System32\SearchIndexer.exe 4776 C:\Program Files\Windows Media Player\wmpnetwk.exe 5708 C:\Windows\System32\svchost.exe 1324 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 5904 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 4004 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 6596 mbampt.exe 4480 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe 6388 mbampt.exe 1512 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe 7760 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 6036 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 1580 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 980 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 4900 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe 6356 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 6708 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 7420 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 5524 C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe 8184 C:\Users\Morrow\AppData\Local\DIRECTV Player\NDSPCShowServer.exe 3548 C:\Windows\System32\SearchProtocolHost.exe 6936 C:\Windows\System32\conhost.exe 5588 C:\Windows\System32\taskeng.exe 5788 C:\Windows\System32\SearchFilterHost.exe 3628 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe 4476 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbampt.exe 5380 C:\Windows\System32\audiodg.exe 7340 C:\Users\Morrow\Desktop\MBRCheck.exe 7684 C:\Windows\System32\conhost.exe 7496 <unknown> 3816 <unknown> 8124 <unknown> 5272 <unknown> 5044 <unknown> 3600 C:\Windows\System32\dllhost.exe\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`a1800000 (NTFS)PhysicalDrive0 Model Number: ST9160314AS, Rev: D005DEM1 Size Device Name MBR Status -------------------------------------------- 149 GB \\.\PhysicalDrive0 MBR Code Faked! SHA1: 006DAC41B85DE862D5301245E653DB2869A80603Found non-standard or infected MBR.Enter 'Y' and hit ENTER for more options, or 'N' to exit: And here's the TDSSKiller log::19.0317 8080 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:4821:03:19.0675 8080 ============================================================21:03:19.0675 8080 Current date / time: 2012/08/30 21:03:19.067521:03:19.0675 8080 SystemInfo:21:03:19.0675 8080 21:03:19.0675 8080 OS Version: 6.1.7601 ServicePack: 1.021:03:19.0675 8080 Product type: Workstation21:03:19.0675 8080 ComputerName: M11X21:03:19.0675 8080 UserName: Morrow21:03:19.0675 8080 Windows directory: C:\Windows21:03:19.0675 8080 System windows directory: C:\Windows21:03:19.0675 8080 Running under WOW6421:03:19.0675 8080 Processor architecture: Intel x6421:03:19.0675 8080 Number of processors: 221:03:19.0675 8080 Page size: 0x100021:03:19.0675 8080 Boot type: Normal boot21:03:19.0675 8080 ============================================================21:03:20.0346 8080 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004021:03:20.0362 8080 ============================================================21:03:20.0362 8080 \Device\Harddisk0\DR0:21:03:20.0362 8080 MBR partitions:21:03:20.0362 8080 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x37000, BlocksNum 0x24D500021:03:20.0362 8080 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x250C000, BlocksNum 0x1050D00021:03:20.0362 8080 ============================================================21:03:20.0393 8080 C: <-> \Device\Harddisk0\DR0\Partition221:03:20.0393 8080 ============================================================21:03:20.0393 8080 Initialize success21:03:20.0393 8080 ============================================================21:03:26.0820 7636 ============================================================21:03:26.0820 7636 Scan started21:03:26.0820 7636 Mode: Manual; 21:03:26.0820 7636 ============================================================21:03:28.0333 7636 ================ Scan system memory ========================21:03:28.0333 7636 System memory - ok21:03:28.0333 7636 ================ Scan services =============================21:03:28.0801 7636 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys21:03:28.0801 7636 1394ohci - ok21:03:28.0864 7636 [ D82BA16D731F1BEAD682E58E45454F29 ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys21:03:28.0864 7636 Acceler - ok21:03:28.0911 7636 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys21:03:28.0911 7636 ACPI - ok21:03:28.0957 7636 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys21:03:28.0957 7636 AcpiPmi - ok21:03:29.0160 7636 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe21:03:29.0160 7636 AdobeFlashPlayerUpdateSvc - ok21:03:29.0207 7636 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys21:03:29.0207 7636 adp94xx - ok21:03:29.0254 7636 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys21:03:29.0254 7636 adpahci - ok21:03:29.0269 7636 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys21:03:29.0285 7636 adpu320 - ok21:03:29.0316 7636 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll21:03:29.0316 7636 AeLookupSvc - ok21:03:29.0425 7636 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe21:03:29.0441 7636 AERTFilters - ok21:03:29.0503 7636 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys21:03:29.0519 7636 AFD - ok21:03:29.0566 7636 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys21:03:29.0566 7636 agp440 - ok21:03:29.0597 7636 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe21:03:29.0597 7636 ALG - ok21:03:29.0691 7636 [ A99E57669390F265D25288C8BA042D78 ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe21:03:29.0691 7636 AlienFusionService - ok21:03:29.0753 7636 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys21:03:29.0753 7636 aliide - ok21:03:29.0769 7636 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys21:03:29.0769 7636 amdide - ok21:03:29.0800 7636 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys21:03:29.0800 7636 AmdK8 - ok21:03:29.0815 7636 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys21:03:29.0815 7636 AmdPPM - ok21:03:29.0862 7636 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys21:03:29.0862 7636 amdsata - ok21:03:29.0878 7636 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys21:03:29.0878 7636 amdsbs - ok21:03:29.0909 7636 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys21:03:29.0909 7636 amdxata - ok21:03:29.0971 7636 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys21:03:29.0987 7636 AppID - ok21:03:30.0049 7636 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll21:03:30.0049 7636 AppIDSvc - ok21:03:30.0096 7636 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll21:03:30.0096 7636 Appinfo - ok21:03:30.0221 7636 [ 5AA788D5A2C6737BB9C45933985BC1B8 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe21:03:30.0221 7636 Apple Mobile Device - ok21:03:30.0252 7636 appliandMP - ok21:03:30.0315 7636 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys21:03:30.0330 7636 arc - ok21:03:30.0330 7636 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys21:03:30.0346 7636 arcsas - ok21:03:30.0424 7636 aspnet_state - ok21:03:30.0439 7636 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys21:03:30.0455 7636 AsyncMac - ok21:03:30.0486 7636 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys21:03:30.0502 7636 atapi - ok21:03:30.0549 7636 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys21:03:30.0564 7636 atksgt - ok21:03:30.0627 7636 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll21:03:30.0642 7636 AudioEndpointBuilder - ok21:03:30.0673 7636 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll21:03:30.0689 7636 AudioSrv - ok21:03:30.0767 7636 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll21:03:30.0767 7636 AxInstSV - ok21:03:30.0814 7636 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys21:03:30.0814 7636 b06bdrv - ok21:03:30.0861 7636 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys21:03:30.0876 7636 b57nd60a - ok21:03:30.0907 7636 [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys21:03:30.0907 7636 BCM42RLY - ok21:03:31.0001 7636 [ BAB887A2B2786310A966881F074F4A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys21:03:31.0095 7636 BCM43XX - ok21:03:31.0141 7636 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll21:03:31.0141 7636 BDESVC - ok21:03:31.0173 7636 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys21:03:31.0173 7636 Beep - ok21:03:31.0297 7636 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll21:03:31.0297 7636 BFE - ok21:03:31.0360 7636 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll21:03:31.0531 7636 BITS - ok21:03:31.0594 7636 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys21:03:31.0594 7636 blbdrive - ok21:03:31.0641 7636 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys21:03:31.0641 7636 bowser - ok21:03:31.0672 7636 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys21:03:31.0672 7636 BrFiltLo - ok21:03:31.0687 7636 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys21:03:31.0687 7636 BrFiltUp - ok21:03:31.0734 7636 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys21:03:31.0734 7636 BridgeMP - ok21:03:31.0781 7636 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll21:03:31.0781 7636 Browser - ok21:03:31.0812 7636 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys21:03:31.0812 7636 Brserid - ok21:03:31.0828 7636 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys21:03:31.0828 7636 BrSerWdm - ok21:03:31.0859 7636 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys21:03:31.0859 7636 BrUsbMdm - ok21:03:31.0875 7636 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys21:03:31.0875 7636 BrUsbSer - ok21:03:31.0906 7636 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys21:03:31.0906 7636 BTHMODEM - ok21:03:31.0937 7636 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll21:03:31.0937 7636 bthserv - ok21:03:31.0984 7636 [ 17BB17AF3420B1F82308082299710630 ] CamdAudio C:\Windows\system32\drivers\CamdAudio.sys21:03:31.0984 7636 CamdAudio - ok21:03:32.0015 7636 catchme - ok21:03:32.0046 7636 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys21:03:32.0046 7636 cdfs - ok21:03:32.0109 7636 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys21:03:32.0109 7636 cdrom - ok21:03:32.0155 7636 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll21:03:32.0155 7636 CertPropSvc - ok21:03:32.0187 7636 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys21:03:32.0187 7636 circlass - ok21:03:32.0218 7636 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys21:03:32.0233 7636 CLFS - ok21:03:32.0343 7636 [ DB26C2BA2AC0AB6BE1CFA59F61CE22DA ] CLHNServiceForPowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe21:03:32.0343 7636 CLHNServiceForPowerDVD - ok21:03:32.0374 7636 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe21:03:32.0389 7636 clr_optimization_v2.0.50727_32 - ok21:03:32.0452 7636 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe21:03:32.0452 7636 clr_optimization_v2.0.50727_64 - ok21:03:32.0561 7636 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe21:03:32.0748 7636 clr_optimization_v4.0.30319_32 - ok21:03:32.0842 7636 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe21:03:32.0935 7636 clr_optimization_v4.0.30319_64 - ok21:03:32.0998 7636 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys21:03:32.0998 7636 CmBatt - ok21:03:33.0013 7636 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys21:03:33.0013 7636 cmdide - ok21:03:33.0060 7636 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys21:03:33.0060 7636 CNG - ok21:03:33.0076 7636 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys21:03:33.0076 7636 Compbatt - ok21:03:33.0123 7636 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys21:03:33.0123 7636 CompositeBus - ok21:03:33.0138 7636 COMSysApp - ok21:03:33.0154 7636 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys21:03:33.0154 7636 crcdisk - ok21:03:33.0216 7636 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll21:03:33.0216 7636 CryptSvc - ok21:03:33.0279 7636 [ E27D60E5A51EEDF9A57F5B69A9A6457D ] CyberLink PowerDVD 11.0 Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe21:03:33.0279 7636 CyberLink PowerDVD 11.0 Monitor Service - ok21:03:33.0388 7636 [ 857943A77B06AC056771A3B12CD318DD ] CyberLink PowerDVD 11.0 Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe21:03:33.0404 7636 CyberLink PowerDVD 11.0 Service - ok21:03:33.0450 7636 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll21:03:33.0466 7636 DcomLaunch - ok21:03:33.0513 7636 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll21:03:33.0528 7636 defragsvc - ok21:03:33.0560 7636 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys21:03:33.0575 7636 DfsC - ok21:03:33.0638 7636 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll21:03:33.0653 7636 Dhcp - ok21:03:33.0684 7636 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys21:03:33.0684 7636 discache - ok21:03:33.0716 7636 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys21:03:33.0716 7636 Disk - ok21:03:33.0762 7636 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll21:03:33.0762 7636 Dnscache - ok21:03:33.0794 7636 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll21:03:33.0809 7636 dot3svc - ok21:03:33.0840 7636 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll21:03:33.0840 7636 DPS - ok21:03:33.0872 7636 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys21:03:33.0872 7636 drmkaud - ok21:03:33.0981 7636 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys21:03:34.0012 7636 DXGKrnl - ok21:03:34.0059 7636 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll21:03:34.0059 7636 EapHost - ok21:03:34.0355 7636 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys21:03:34.0464 7636 ebdrv - ok21:03:34.0511 7636 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe21:03:34.0511 7636 EFS - ok21:03:34.0605 7636 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe21:03:34.0620 7636 ehRecvr - ok21:03:34.0652 7636 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe21:03:34.0667 7636 ehSched - ok21:03:34.0698 7636 [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys21:03:34.0698 7636 ElbyCDIO - ok21:03:34.0761 7636 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys21:03:34.0761 7636 elxstor - ok21:03:34.0808 7636 [ E47D9D7E6E53892FC97282482F4AE307 ] EMSC C:\Windows\system32\DRIVERS\EMSC.SYS21:03:34.0808 7636 EMSC - ok21:03:34.0854 7636 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys21:03:34.0854 7636 ErrDev - ok21:03:34.0948 7636 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll21:03:34.0979 7636 EventSystem - ok21:03:34.0995 7636 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys21:03:34.0995 7636 exfat - ok21:03:35.0042 7636 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys21:03:35.0057 7636 FACAP - ok21:03:35.0182 7636 [ 53E30A6E86AA93C0FFC0BC0439E3E636 ] FAService C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe21:03:35.0260 7636 FAService - ok21:03:35.0291 7636 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys21:03:35.0291 7636 fastfat - ok21:03:35.0354 7636 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe21:03:35.0385 7636 Fax - ok21:03:35.0400 7636 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys21:03:35.0400 7636 fdc - ok21:03:35.0432 7636 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll21:03:35.0432 7636 fdPHost - ok21:03:35.0447 7636 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll21:03:35.0447 7636 FDResPub - ok21:03:35.0478 7636 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys21:03:35.0478 7636 FileInfo - ok21:03:35.0494 7636 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys21:03:35.0494 7636 Filetrace - ok21:03:35.0510 7636 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys21:03:35.0525 7636 flpydisk - ok21:03:35.0650 7636 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys21:03:35.0681 7636 FltMgr - ok21:03:35.0744 7636 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll21:03:35.0775 7636 FontCache - ok21:03:35.0822 7636 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe21:03:35.0822 7636 FontCache3.0.0.0 - ok21:03:35.0868 7636 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys21:03:35.0868 7636 FsDepends - ok21:03:35.0915 7636 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys21:03:35.0915 7636 Fs_Rec - ok21:03:36.0009 7636 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys21:03:36.0009 7636 fvevol - ok21:03:36.0087 7636 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys21:03:36.0087 7636 gagp30kx - ok21:03:36.0149 7636 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll21:03:36.0165 7636 gpsvc - ok21:03:36.0290 7636 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe21:03:36.0290 7636 gupdate - ok21:03:36.0321 7636 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe21:03:36.0321 7636 gupdatem - ok21:03:36.0352 7636 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe21:03:36.0352 7636 gusvc - ok21:03:36.0383 7636 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys21:03:36.0399 7636 hcw85cir - ok21:03:36.0430 7636 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys21:03:36.0430 7636 HDAudBus - ok21:03:36.0446 7636 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys21:03:36.0446 7636 HidBatt - ok21:03:36.0461 7636 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys21:03:36.0461 7636 HidBth - ok21:03:36.0477 7636 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys21:03:36.0477 7636 HidIr - ok21:03:36.0524 7636 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll21:03:36.0524 7636 hidserv - ok21:03:36.0539 7636 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys21:03:36.0555 7636 HidUsb - ok21:03:36.0586 7636 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll21:03:36.0586 7636 hkmsvc - ok21:03:36.0633 7636 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll21:03:36.0633 7636 HomeGroupListener - ok21:03:36.0680 7636 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll21:03:36.0680 7636 HomeGroupProvider - ok21:03:36.0726 7636 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys21:03:36.0726 7636 HpSAMD - ok21:03:36.0851 7636 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys21:03:36.0867 7636 HTTP - ok21:03:36.0898 7636 hwinterface - ok21:03:36.0945 7636 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys21:03:36.0945 7636 hwpolicy - ok21:03:36.0976 7636 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys21:03:36.0976 7636 i8042prt - ok21:03:37.0023 7636 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys21:03:37.0023 7636 iaStor - ok21:03:37.0085 7636 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe21:03:37.0085 7636 IAStorDataMgrSvc - ok21:03:37.0116 7636 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys21:03:37.0132 7636 iaStorV - ok21:03:37.0179 7636 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe21:03:37.0179 7636 IDriverT - ok21:03:37.0257 7636 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe21:03:37.0288 7636 idsvc - ok21:03:37.0460 7636 [ 70B0763C05C18B6FA18B18631A74ECDE ] IDVaultSvc C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe21:03:37.0460 7636 IDVaultSvc - ok21:03:37.0756 7636 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys21:03:38.0037 7636 igfx - ok21:03:38.0099 7636 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys21:03:38.0099 7636 iirsp - ok21:03:38.0162 7636 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll21:03:38.0208 7636 IKEEXT - ok21:03:38.0240 7636 [ 57AE484D280AEBD405F65166363E98DC ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe21:03:38.0240 7636 InstallFilterService - ok21:03:38.0380 7636 [ 0ADF714079AE174A39D69036143E4C50 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys21:03:38.0442 7636 IntcAzAudAddService - ok21:03:38.0489 7636 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys21:03:38.0489 7636 intelide - ok21:03:38.0520 7636 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys21:03:38.0536 7636 intelppm - ok21:03:38.0614 7636 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll21:03:38.0614 7636 IPBusEnum - ok21:03:38.0661 7636 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys21:03:38.0661 7636 IpFilterDriver - ok21:03:38.0770 7636 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll21:03:38.0786 7636 iphlpsvc - ok21:03:38.0817 7636 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys21:03:38.0832 7636 IPMIDRV - ok21:03:38.0848 7636 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys21:03:38.0848 7636 IPNAT - ok21:03:38.0879 7636 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys21:03:38.0879 7636 IRENUM - ok21:03:38.0895 7636 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys21:03:38.0895 7636 isapnp - ok21:03:38.0926 7636 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys21:03:38.0926 7636 iScsiPrt - ok21:03:38.0957 7636 [ 5BD76F820656AEAA2DCE66EED8DA84B9 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys21:03:38.0957 7636 JMCR - ok21:03:38.0988 7636 [ E662CB468A1CFF3A57E120A212FADD57 ] johci C:\Windows\system32\DRIVERS\johci.sys21:03:38.0988 7636 johci - ok21:03:39.0035 7636 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys21:03:39.0035 7636 kbdclass - ok21:03:39.0098 7636 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys21:03:39.0098 7636 kbdhid - ok21:03:39.0113 7636 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe21:03:39.0113 7636 KeyIso - ok21:03:39.0160 7636 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys21:03:39.0160 7636 KSecDD - ok21:03:39.0207 7636 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys21:03:39.0207 7636 KSecPkg - ok21:03:39.0254 7636 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys21:03:39.0254 7636 ksthunk - ok21:03:39.0300 7636 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll21:03:39.0300 7636 KtmRm - ok21:03:39.0332 7636 [ 9C46A5421DE9D116C47155317CABB522 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys21:03:39.0347 7636 L1C - ok21:03:39.0410 7636 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll21:03:39.0410 7636 LanmanServer - ok21:03:39.0456 7636 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll21:03:39.0456 7636 LanmanWorkstation - ok21:03:39.0706 7636 [ 4ADC135F525D38A498F83B089228CC2D ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe21:03:39.0706 7636 LBTServ - ok21:03:39.0737 7636 [ 00BA093A3F316D43A4C3E098A96AE912 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys21:03:39.0737 7636 LEqdUsb - ok21:03:39.0784 7636 [ 3067CFAD2BAA4A208130CD0AFB130BC9 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys21:03:39.0784 7636 LHidEqd - ok21:03:39.0800 7636 [ 24E09882BA51B9830AE029888A3AAF18 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys21:03:39.0815 7636 LHidFilt - ok21:03:39.0846 7636 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys21:03:39.0846 7636 lirsgt - ok21:03:39.0893 7636 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys21:03:39.0893 7636 lltdio - ok21:03:39.0924 7636 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll21:03:39.0924 7636 lltdsvc - ok21:03:39.0940 7636 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll21:03:39.0956 7636 lmhosts - ok21:03:39.0971 7636 [ 2F94325D8C10E2B715F3D753C2422AAC ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys21:03:39.0971 7636 LMouFilt - ok21:03:40.0002 7636 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys21:03:40.0002 7636 LSI_FC - ok21:03:40.0018 7636 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys21:03:40.0018 7636 LSI_SAS - ok21:03:40.0049 7636 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys21:03:40.0049 7636 LSI_SAS2 - ok21:03:40.0049 7636 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys21:03:40.0049 7636 LSI_SCSI - ok21:03:40.0080 7636 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys21:03:40.0080 7636 luafv - ok21:03:40.0143 7636 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys21:03:40.0158 7636 MBAMProtector - ok21:03:40.0268 7636 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe21:03:40.0330 7636 MBAMService - ok21:03:40.0377 7636 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll21:03:40.0377 7636 Mcx2Svc - ok21:03:40.0408 7636 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys21:03:40.0408 7636 megasas - ok21:03:40.0439 7636 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys21:03:40.0439 7636 MegaSR - ok21:03:40.0470 7636 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll21:03:40.0486 7636 MMCSS - ok21:03:40.0486 7636 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys21:03:40.0502 7636 Modem - ok21:03:40.0517 7636 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys21:03:40.0517 7636 monitor - ok21:03:40.0580 7636 [ 16F9F464DA6E02A020BCE626C56A1797 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys21:03:40.0580 7636 MotioninJoyXFilter - ok21:03:40.0595 7636 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys21:03:40.0611 7636 mouclass - ok21:03:40.0626 7636 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys21:03:40.0626 7636 mouhid - ok21:03:40.0658 7636 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys21:03:40.0673 7636 mountmgr - ok21:03:40.0704 7636 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys21:03:40.0720 7636 mpio - ok21:03:40.0736 7636 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys21:03:40.0736 7636 mpsdrv - ok21:03:40.0814 7636 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll21:03:40.0829 7636 MpsSvc - ok21:03:40.0876 7636 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys21:03:40.0892 7636 MRxDAV - ok21:03:40.0923 7636 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys21:03:40.0938 7636 mrxsmb - ok21:03:40.0970 7636 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys21:03:40.0970 7636 mrxsmb10 - ok21:03:41.0001 7636 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys21:03:41.0001 7636 mrxsmb20 - ok21:03:41.0048 7636 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys21:03:41.0048 7636 msahci - ok21:03:41.0063 7636 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys21:03:41.0079 7636 msdsm - ok21:03:41.0094 7636 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe21:03:41.0094 7636 MSDTC - ok21:03:41.0141 7636 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys21:03:41.0141 7636 Msfs - ok21:03:41.0157 7636 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys21:03:41.0157 7636 mshidkmdf - ok21:03:41.0172 7636 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys21:03:41.0172 7636 msisadrv - ok21:03:41.0188 7636 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll21:03:41.0204 7636 MSiSCSI - ok21:03:41.0204 7636 msiserver - ok21:03:41.0219 7636 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys21:03:41.0235 7636 MSKSSRV - ok21:03:41.0250 7636 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys21:03:41.0250 7636 MSPCLOCK - ok21:03:41.0266 7636 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys21:03:41.0266 7636 MSPQM - ok21:03:41.0297 7636 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys21:03:41.0313 7636 MsRPC - ok21:03:41.0344 7636 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys21:03:41.0344 7636 mssmbios - ok21:03:41.0360 7636 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys21:03:41.0360 7636 MSTEE - ok21:03:41.0360 7636 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys21:03:41.0360 7636 MTConfig - ok21:03:41.0391 7636 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys21:03:41.0391 7636 Mup - ok21:03:41.0438 7636 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll21:03:41.0453 7636 napagent - ok21:03:41.0484 7636 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys21:03:41.0484 7636 NativeWifiP - ok21:03:41.0516 7636 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys21:03:41.0562 7636 NDIS - ok21:03:41.0578 7636 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys21:03:41.0578 7636 NdisCap - ok21:03:41.0609 7636 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys21:03:41.0609 7636 NdisTapi - ok21:03:41.0656 7636 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys21:03:41.0656 7636 Ndisuio - ok21:03:41.0687 7636 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys21:03:41.0703 7636 NdisWan - ok21:03:41.0734 7636 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys21:03:41.0734 7636 NDProxy - ok21:03:41.0781 7636 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys21:03:41.0781 7636 NetBIOS - ok21:03:41.0828 7636 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys21:03:41.0843 7636 NetBT - ok21:03:41.0859 7636 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe21:03:41.0859 7636 Netlogon - ok21:03:41.0906 7636 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll21:03:41.0906 7636 Netman - ok21:03:41.0968 7636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe21:03:41.0999 7636 NetMsmqActivator - ok21:03:42.0030 7636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe21:03:42.0030 7636 NetPipeActivator - ok21:03:42.0077 7636 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll21:03:42.0077 7636 netprofm - ok21:03:42.0093 7636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe21:03:42.0093 7636 NetTcpActivator - ok21:03:42.0093 7636 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe21:03:42.0108 7636 NetTcpPortSharing - ok21:03:42.0155 7636 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys21:03:42.0155 7636 nfrd960 - ok21:03:42.0202 7636 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll21:03:42.0218 7636 NlaSvc - ok21:03:42.0218 7636 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys21:03:42.0218 7636 Npfs - ok21:03:42.0249 7636 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll21:03:42.0249 7636 nsi - ok21:03:42.0264 7636 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys21:03:42.0264 7636 nsiproxy - ok21:03:42.0545 7636 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys21:03:42.0592 7636 Ntfs - ok21:03:42.0654 7636 [ 7420B2E1F65642129B6E23BD42F752AA ] ntk_PowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys21:03:42.0654 7636 ntk_PowerDVD - ok21:03:42.0686 7636 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys21:03:42.0686 7636 Null - ok21:03:42.0732 7636 [ 10204955027011E08A9DC27737A48A54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys21:03:42.0732 7636 NVHDA - ok21:03:43.0091 7636 [ B15258B1F45F9571758AC6BB2F043B01 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys21:03:43.0403 7636 nvlddmkm - ok21:03:43.0481 7636 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys21:03:43.0481 7636 nvraid - ok21:03:43.0544 7636 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys21:03:43.0544 7636 nvstor - ok21:03:43.0622 7636 [ 2D7092FEC9BD2ACA199673BBA2BA9277 ] nvsvc C:\Windows\system32\nvvsvc.exe21:03:43.0700 7636 nvsvc - ok21:03:43.0840 7636 [ 7E22DE30E222BFDFCEC7E77032BAF3CD ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe21:03:43.0902 7636 nvUpdatusService - ok21:03:43.0965 7636 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys21:03:43.0965 7636 nv_agp - ok21:03:43.0996 7636 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys21:03:43.0996 7636 ohci1394 - ok21:03:44.0136 7636 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE21:03:44.0136 7636 ose - ok21:03:44.0168 7636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll21:03:44.0183 7636 p2pimsvc - ok21:03:44.0199 7636 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll21:03:44.0214 7636 p2psvc - ok21:03:44.0246 7636 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys21:03:44.0246 7636 Parport - ok21:03:44.0277 7636 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys21:03:44.0277 7636 partmgr - ok21:03:44.0292 7636 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll21:03:44.0308 7636 PcaSvc - ok21:03:44.0339 7636 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys21:03:44.0355 7636 pci - ok21:03:44.0370 7636 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys21:03:44.0370 7636 pciide - ok21:03:44.0386 7636 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys21:03:44.0386 7636 pcmcia - ok21:03:44.0402 7636 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys21:03:44.0417 7636 pcw - ok21:03:44.0433 7636 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys21:03:44.0448 7636 PEAUTH - ok21:03:44.0558 7636 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe21:03:44.0558 7636 PerfHost - ok21:03:44.0636 7636 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll21:03:44.0682 7636 pla - ok21:03:44.0745 7636 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll21:03:44.0760 7636 PlugPlay - ok21:03:44.0776 7636 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll21:03:44.0776 7636 PNRPAutoReg - ok21:03:44.0807 7636 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll21:03:44.0807 7636 PNRPsvc - ok21:03:44.0838 7636 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll21:03:44.0854 7636 PolicyAgent - ok21:03:44.0885 7636 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll21:03:44.0885 7636 Power - ok21:03:44.0948 7636 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys21:03:44.0948 7636 PptpMiniport - ok21:03:44.0963 7636 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys21:03:44.0963 7636 Processor - ok21:03:44.0979 7636 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll21:03:44.0994 7636 ProfSvc - ok21:03:45.0010 7636 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe21:03:45.0010 7636 ProtectedStorage - ok21:03:45.0057 7636 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys21:03:45.0057 7636 Psched - ok21:03:45.0119 7636 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys21:03:45.0228 7636 ql2300 - ok21:03:45.0260 7636 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys21:03:45.0260 7636 ql40xx - ok21:03:45.0306 7636 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll21:03:45.0306 7636 QWAVE - ok21:03:45.0322 7636 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys21:03:45.0322 7636 QWAVEdrv - ok21:03:45.0338 7636 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys21:03:45.0338 7636 RasAcd - ok21:03:45.0369 7636 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys21:03:45.0369 7636 RasAgileVpn - ok21:03:45.0384 7636 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll21:03:45.0384 7636 RasAuto - ok21:03:45.0431 7636 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys21:03:45.0431 7636 Rasl2tp - ok21:03:45.0478 7636 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll21:03:45.0478 7636 RasMan - ok21:03:45.0494 7636 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys21:03:45.0509 7636 RasPppoe - ok21:03:45.0525 7636 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys21:03:45.0525 7636 RasSstp - ok21:03:45.0572 7636 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys21:03:45.0572 7636 rdbss - ok21:03:45.0587 7636 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys21:03:45.0587 7636 rdpbus - ok21:03:45.0618 7636 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys21:03:45.0618 7636 RDPCDD - ok21:03:45.0634 7636 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys21:03:45.0634 7636 RDPENCDD - ok21:03:45.0665 7636 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys21:03:45.0665 7636 RDPREFMP - ok21:03:45.0712 7636 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys21:03:45.0712 7636 RDPWD - ok21:03:45.0759 7636 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys21:03:45.0759 7636 rdyboost - ok21:03:45.0790 7636 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll21:03:45.0790 7636 RemoteAccess - ok21:03:45.0821 7636 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll21:03:45.0821 7636 RemoteRegistry - ok21:03:45.0837 7636 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll21:03:45.0837 7636 RpcEptMapper - ok21:03:45.0868 7636 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe21:03:45.0868 7636 RpcLocator - ok21:03:45.0930 7636 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll21:03:45.0930 7636 RpcSs - ok21:03:45.0962 7636 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys21:03:45.0962 7636 rspndr - ok21:03:45.0977 7636 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe21:03:45.0977 7636 SamSs - ok21:03:46.0008 7636 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys21:03:46.0008 7636 sbp2port - ok21:03:46.0040 7636 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll21:03:46.0055 7636 SCardSvr - ok21:03:46.0086 7636 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys21:03:46.0086 7636 scfilter - ok21:03:46.0274 7636 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll21:03:46.0305 7636 Schedule - ok21:03:46.0352 7636 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll21:03:46.0352 7636 SCPolicySvc - ok21:03:46.0398 7636 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll21:03:46.0398 7636 SDRSVC - ok21:03:46.0430 7636 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys21:03:46.0430 7636 secdrv - ok21:03:46.0445 7636 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll21:03:46.0445 7636 seclogon - ok21:03:46.0476 7636 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll21:03:46.0492 7636 SENS - ok21:03:46.0508 7636 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll21:03:46.0508 7636 SensrSvc - ok21:03:46.0539 7636 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys21:03:46.0539 7636 Serenum - ok21:03:46.0554 7636 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys21:03:46.0554 7636 Serial - ok21:03:46.0601 7636 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys21:03:46.0601 7636 sermouse - ok21:03:46.0648 7636 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll21:03:46.0648 7636 SessionEnv - ok21:03:46.0679 7636 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys21:03:46.0679 7636 sffdisk - ok21:03:46.0695 7636 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys21:03:46.0695 7636 sffp_mmc - ok21:03:46.0710 7636 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys21:03:46.0710 7636 sffp_sd - ok21:03:46.0726 7636 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys21:03:46.0742 7636 sfloppy - ok21:03:46.0788 7636 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll21:03:46.0788 7636 SharedAccess - ok21:03:46.0820 7636 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll21:03:46.0835 7636 ShellHWDetection - ok21:03:46.0851 7636 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys21:03:46.0851 7636 SiSRaid2 - ok21:03:46.0866 7636 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys21:03:46.0866 7636 SiSRaid4 - ok21:03:46.0898 7636 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys21:03:46.0898 7636 Smb - ok21:03:47.0007 7636 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe21:03:47.0022 7636 SNMPTRAP - ok21:03:47.0022 7636 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys21:03:47.0038 7636 spldr - ok21:03:47.0069 7636 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe21:03:47.0085 7636 Spooler - ok21:03:47.0210 7636 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe21:03:47.0303 7636 sppsvc - ok21:03:47.0334 7636 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll21:03:47.0350 7636 sppuinotify - ok21:03:47.0397 7636 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys21:03:47.0397 7636 srv - ok21:03:47.0459 7636 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys21:03:47.0459 7636 srv2 - ok21:03:47.0475 7636 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys21:03:47.0490 7636 srvnet - ok21:03:47.0522 7636 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll21:03:47.0537 7636 SSDPSRV - ok21:03:47.0584 7636 SSHDRV65 - ok21:03:47.0600 7636 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll21:03:47.0615 7636 SstpSvc - ok21:03:47.0646 7636 [ 3D69F5F3BEB8AA28D7F46F5548B8D6D7 ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys21:03:47.0646 7636 stdflt - ok21:03:47.0662 7636 Steam Client Service - ok21:03:47.0756 7636 [ 9E1222C417291BC836210743624A8E5E ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe21:03:47.0771 7636 Stereo Service - ok21:03:47.0787 7636 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys21:03:47.0802 7636 stexstor - ok21:03:47.0849 7636 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll21:03:47.0849 7636 stisvc - ok21:03:47.0896 7636 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys21:03:47.0896 7636 swenum - ok21:03:47.0958 7636 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll21:03:47.0990 7636 swprv - ok21:03:48.0021 7636 [ BE2B928DE9AF2848289DB7A54C7E2398 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys21:03:48.0021 7636 SynTP - ok21:03:48.0099 7636 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll21:03:48.0177 7636 SysMain - ok21:03:48.0224 7636 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll21:03:48.0224 7636 TabletInputService - ok21:03:48.0270 7636 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll21:03:48.0270 7636 TapiSrv - ok21:03:48.0302 7636 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll21:03:48.0302 7636 TBS - ok21:03:48.0395 7636 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys21:03:48.0520 7636 Tcpip - ok21:03:48.0582 7636 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys21:03:48.0598 7636 TCPIP6 - ok21:03:48.0629 7636 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys21:03:48.0629 7636 tcpipreg - ok21:03:48.0660 7636 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys21:03:48.0660 7636 TDPIPE - ok21:03:48.0692 7636 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys21:03:48.0692 7636 TDTCP - ok21:03:48.0738 7636 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys21:03:48.0738 7636 tdx - ok21:03:48.0770 7636 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys21:03:48.0785 7636 TermDD - ok21:03:48.0910 7636 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll21:03:48.0941 7636 TermService - ok21:03:48.0972 7636 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll21:03:48.0972 7636 Themes - ok21:03:49.0019 7636 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll21:03:49.0019 7636 THREADORDER - ok21:03:49.0035 7636 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll21:03:49.0050 7636 TrkWks - ok21:03:49.0113 7636 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe21:03:49.0113 7636 TrustedInstaller - ok21:03:49.0160 7636 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys21:03:49.0175 7636 tssecsrv - ok21:03:49.0206 7636 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys21:03:49.0206 7636 TsUsbFlt - ok21:03:49.0269 7636 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys21:03:49.0269 7636 tunnel - ok21:03:49.0284 7636 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys21:03:49.0300 7636 uagp35 - ok21:03:49.0331 7636 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys21:03:49.0331 7636 udfs - ok21:03:49.0378 7636 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe21:03:49.0378 7636 UI0Detect - ok21:03:49.0409 7636 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys21:03:49.0409 7636 uliagpkx - ok21:03:49.0456 7636 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys21:03:49.0487 7636 umbus - ok21:03:49.0503 7636 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys21:03:49.0503 7636 UmPass - ok21:03:49.0534 7636 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll21:03:49.0534 7636 upnphost - ok21:03:49.0596 7636 [ F724B03C3DFAACF08D17D38BF3333583 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys21:03:49.0596 7636 USBAAPL64 - ok21:03:49.0612 7636 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys21:03:49.0628 7636 usbccgp - ok21:03:49.0721 7636 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys21:03:49.0721 7636 usbcir - ok21:03:49.0737 7636 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys21:03:49.0737 7636 usbehci - ok21:03:49.0784 7636 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys21:03:49.0784 7636 usbhub - ok21:03:49.0799 7636 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys21:03:49.0799 7636 usbohci - ok21:03:49.0846 7636 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys21:03:49.0846 7636 usbprint - ok21:03:49.0877 7636 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys21:03:49.0877 7636 usbscan - ok21:03:49.0893 7636 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS21:03:49.0893 7636 USBSTOR - ok21:03:49.0908 7636 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys21:03:49.0908 7636 usbuhci - ok21:03:49.0955 7636 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys21:03:49.0955 7636 usbvideo - ok21:03:50.0049 7636 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll21:03:50.0049 7636 UxSms - ok21:03:50.0064 7636 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe21:03:50.0064 7636 VaultSvc - ok21:03:50.0111 7636 [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys21:03:50.0127 7636 VClone - ok21:03:50.0142 7636 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys21:03:50.0158 7636 vdrvroot - ok21:03:50.0205 7636 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe21:03:50.0220 7636 vds - ok21:03:50.0252 7636 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys21:03:50.0252 7636 vga - ok21:03:50.0267 7636 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys21:03:50.0267 7636 VgaSave - ok21:03:50.0283 7636 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys21:03:50.0298 7636 vhdmp - ok21:03:50.0314 7636 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys21:03:50.0314 7636 viaide - ok21:03:50.0330 7636 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys21:03:50.0330 7636 volmgr - ok21:03:50.0376 7636 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys21:03:50.0376 7636 volmgrx - ok21:03:50.0408 7636 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys21:03:50.0408 7636 volsnap - ok21:03:50.0439 7636 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys21:03:50.0454 7636 vsmraid - ok21:03:50.0517 7636 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe21:03:50.0564 7636 VSS - ok21:03:50.0610 7636 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys21:03:50.0610 7636 vwifibus - ok21:03:50.0626 7636 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys21:03:50.0626 7636 vwififlt - ok21:03:50.0673 7636 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll21:03:50.0673 7636 W32Time - ok21:03:50.0704 7636 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys21:03:50.0704 7636 WacomPen - ok21:03:50.0751 7636 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys21:03:50.0766 7636 WANARP - ok21:03:50.0766 7636 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys21:03:50.0766 7636 Wanarpv6 - ok21:03:50.0844 7636 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe21:03:50.0876 7636 WatAdminSvc - ok21:03:50.0938 7636 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe21:03:51.0016 7636 wbengine - ok21:03:51.0047 7636 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll21:03:51.0063 7636 WbioSrvc - ok21:03:51.0094 7636 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll21:03:51.0110 7636 wcncsvc - ok21:03:51.0125 7636 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll21:03:51.0125 7636 WcsPlugInService - ok21:03:51.0156 7636 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys21:03:51.0156 7636 Wd - ok21:03:51.0188 7636 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys21:03:51.0203 7636 Wdf01000 - ok21:03:51.0219 7636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll21:03:51.0219 7636 WdiServiceHost - ok21:03:51.0219 7636 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll21:03:51.0219 7636 WdiSystemHost - ok21:03:51.0266 7636 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll21:03:51.0266 7636 WebClient - ok21:03:51.0312 7636 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll21:03:51.0312 7636 Wecsvc - ok21:03:51.0328 7636 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll21:03:51.0344 7636 wercplsupport - ok21:03:51.0375 7636 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll21:03:51.0375 7636 WerSvc - ok21:03:51.0422 7636 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys21:03:51.0422 7636 WfpLwf - ok21:03:51.0437 7636 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys21:03:51.0437 7636 WIMMount - ok21:03:51.0468 7636 WinDefend - ok21:03:51.0562 7636 [ 8258726D076C8FFF994F468712DDFBAB ] WindowBlinds C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe21:03:51.0562 7636 WindowBlinds - ok21:03:51.0578 7636 WinHttpAutoProxySvc - ok21:03:51.0640 7636 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll21:03:51.0640 7636 Winmgmt - ok21:03:51.0718 7636 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll21:03:51.0780 7636 WinRM - ok21:03:51.0827 7636 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys21:03:51.0827 7636 WinUsb - ok21:03:51.0890 7636 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll21:03:51.0921 7636 Wlansvc - ok21:03:51.0983 7636 [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE21:03:51.0983 7636 wltrysvc - ok21:03:51.0999 7636 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys21:03:51.0999 7636 WmiAcpi - ok21:03:52.0030 7636 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe21:03:52.0046 7636 wmiApSrv - ok21:03:52.0061 7636 WMPNetworkSvc - ok21:03:52.0092 7636 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll21:03:52.0108 7636 WPCSvc - ok21:03:52.0139 7636 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll21:03:52.0139 7636 WPDBusEnum - ok21:03:52.0170 7636 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys21:03:52.0170 7636 ws2ifsl - ok21:03:52.0186 7636 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll21:03:52.0186 7636 wscsvc - ok21:03:52.0202 7636 WSearch - ok21:03:52.0295 7636 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll21:03:52.0373 7636 wuauserv - ok21:03:52.0404 7636 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys21:03:52.0404 7636 WudfPf - ok21:03:52.0467 7636 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys21:03:52.0467 7636 WUDFRd - ok21:03:52.0514 7636 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll21:03:52.0514 7636 wudfsvc - ok21:03:52.0545 7636 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll21:03:52.0545 7636 WwanSvc - ok21:03:52.0607 7636 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys21:03:52.0607 7636 xusb21 - ok21:03:52.0732 7636 [ 1870A74EE2901CA09FFBFE79A5EE0E94 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl21:03:52.0732 7636 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok21:03:52.0748 7636 ================ Scan global ===============================21:03:52.0794 7636 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll21:03:52.0841 7636 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll21:03:52.0841 7636 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll21:03:52.0872 7636 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll21:03:52.0904 7636 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe21:03:52.0904 7636 [Global] - ok21:03:52.0904 7636 ================ Scan MBR ==================================21:03:52.0919 7636 [ C0DCF0AC171DB02DB8B0014C5D767CF1 ] \Device\Harddisk0\DR021:03:52.0919 7636 Suspicious mbr (Forged): \Device\Harddisk0\DR021:03:52.0982 7636 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected21:03:52.0982 7636 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)21:03:52.0982 7636 ================ Scan VBR ==================================21:03:52.0997 7636 [ 5806C202976ADC39B3C413B6547AA2C6 ] \Device\Harddisk0\DR0\Partition121:03:52.0997 7636 \Device\Harddisk0\DR0\Partition1 - ok21:03:53.0013 7636 [ 4D55015D9359D71A23786EB6C9A45EFF ] \Device\Harddisk0\DR0\Partition221:03:53.0013 7636 \Device\Harddisk0\DR0\Partition2 - ok21:03:53.0013 7636 ============================================================21:03:53.0013 7636 Scan finished21:03:53.0013 7636 ============================================================21:03:53.0028 7504 Detected object count: 121:03:53.0028 7504 Actual detected object count: 121:04:07.0536 7504 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - skipped by user21:04:07.0536 7504 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Skip Link to post Share on other sites More sharing options...
TheDarkKnight Posted August 31, 2012 ID:591919 Share Posted August 31, 2012 Hey morrowc. All good. Please re-run TDSSKiller.Click on the Start Scan button and wait for the scan and disinfection process to be over.If an infected file is detected, the default action will be Cure. Click on Continue If a suspicious file is detected, the default action will be Skip. Click on Continue If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.After running TDSSKiller, please re-run MBRCheck and post the new log in your reply.===========I would like to see the logs from TDSSKiller and MBRCheck in your reply please, along with a description of any current computer issues. Link to post Share on other sites More sharing options...
morrowc Posted August 31, 2012 Author ID:591923 Share Posted August 31, 2012 Hello,I think you did it! The only odd thing - maybe this is normal - but when I rebooted after running the TDSSKiller program I got a pop-up asking if I wanted to run a .exe file. It had a long random-looking file name and was made by "Kapersky Labs" or something like that. I hit cancel and windows booted no problems. Other that this, everything seems to be running great! Here's the TDSSKiller log:22:21:07.0665 4300 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:4822:21:07.0956 4300 ============================================================22:21:07.0956 4300 Current date / time: 2012/08/30 22:21:07.095622:21:07.0956 4300 SystemInfo:22:21:07.0956 4300 22:21:07.0956 4300 OS Version: 6.1.7601 ServicePack: 1.022:21:07.0956 4300 Product type: Workstation22:21:07.0956 4300 ComputerName: M11X22:21:07.0956 4300 UserName: Morrow22:21:07.0956 4300 Windows directory: C:\Windows22:21:07.0956 4300 System windows directory: C:\Windows22:21:07.0956 4300 Running under WOW6422:21:07.0956 4300 Processor architecture: Intel x6422:21:07.0956 4300 Number of processors: 222:21:07.0956 4300 Page size: 0x100022:21:07.0956 4300 Boot type: Normal boot22:21:07.0956 4300 ============================================================22:21:08.0572 4300 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004022:21:08.0579 4300 ============================================================22:21:08.0579 4300 \Device\Harddisk0\DR0:22:21:08.0579 4300 MBR partitions:22:21:08.0579 4300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x37000, BlocksNum 0x24D500022:21:08.0579 4300 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x250C000, BlocksNum 0x1050D00022:21:08.0579 4300 ============================================================22:21:08.0613 4300 C: <-> \Device\Harddisk0\DR0\Partition222:21:08.0613 4300 ============================================================22:21:08.0613 4300 Initialize success22:21:08.0613 4300 ============================================================22:21:10.0268 1100 ============================================================22:21:10.0268 1100 Scan started22:21:10.0268 1100 Mode: Manual; 22:21:10.0268 1100 ============================================================22:21:10.0740 1100 ================ Scan system memory ========================22:21:10.0740 1100 System memory - ok22:21:10.0741 1100 ================ Scan services =============================22:21:10.0978 1100 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys22:21:10.0980 1100 1394ohci - ok22:21:11.0029 1100 [ D82BA16D731F1BEAD682E58E45454F29 ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys22:21:11.0029 1100 Acceler - ok22:21:11.0141 1100 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys22:21:11.0144 1100 ACPI - ok22:21:11.0198 1100 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys22:21:11.0198 1100 AcpiPmi - ok22:21:11.0367 1100 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe22:21:11.0370 1100 AdobeFlashPlayerUpdateSvc - ok22:21:11.0431 1100 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys22:21:11.0435 1100 adp94xx - ok22:21:11.0462 1100 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys22:21:11.0465 1100 adpahci - ok22:21:11.0487 1100 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys22:21:11.0489 1100 adpu320 - ok22:21:11.0528 1100 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll22:21:11.0528 1100 AeLookupSvc - ok22:21:11.0591 1100 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe22:21:11.0592 1100 AERTFilters - ok22:21:11.0654 1100 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys22:21:11.0658 1100 AFD - ok22:21:11.0709 1100 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys22:21:11.0710 1100 agp440 - ok22:21:11.0746 1100 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe22:21:11.0747 1100 ALG - ok22:21:11.0845 1100 [ A99E57669390F265D25288C8BA042D78 ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe22:21:11.0846 1100 AlienFusionService - ok22:21:11.0879 1100 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys22:21:11.0880 1100 aliide - ok22:21:11.0900 1100 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys22:21:11.0901 1100 amdide - ok22:21:11.0956 1100 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys22:21:11.0957 1100 AmdK8 - ok22:21:11.0983 1100 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys22:21:11.0984 1100 AmdPPM - ok22:21:12.0029 1100 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys22:21:12.0031 1100 amdsata - ok22:21:12.0070 1100 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys22:21:12.0071 1100 amdsbs - ok22:21:12.0127 1100 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys22:21:12.0128 1100 amdxata - ok22:21:12.0200 1100 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys22:21:12.0200 1100 AppID - ok22:21:12.0234 1100 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll22:21:12.0235 1100 AppIDSvc - ok22:21:12.0294 1100 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll22:21:12.0295 1100 Appinfo - ok22:21:12.0429 1100 [ 5AA788D5A2C6737BB9C45933985BC1B8 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe22:21:12.0430 1100 Apple Mobile Device - ok22:21:12.0511 1100 appliandMP - ok22:21:12.0567 1100 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys22:21:12.0568 1100 arc - ok22:21:12.0577 1100 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys22:21:12.0578 1100 arcsas - ok22:21:12.0671 1100 aspnet_state - ok22:21:12.0694 1100 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys22:21:12.0695 1100 AsyncMac - ok22:21:12.0762 1100 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys22:21:12.0762 1100 atapi - ok22:21:12.0815 1100 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys22:21:12.0818 1100 atksgt - ok22:21:12.0896 1100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll22:21:12.0901 1100 AudioEndpointBuilder - ok22:21:12.0929 1100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll22:21:12.0934 1100 AudioSrv - ok22:21:13.0003 1100 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll22:21:13.0004 1100 AxInstSV - ok22:21:13.0071 1100 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys22:21:13.0075 1100 b06bdrv - ok22:21:13.0147 1100 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys22:21:13.0150 1100 b57nd60a - ok22:21:13.0181 1100 [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys22:21:13.0182 1100 BCM42RLY - ok22:21:13.0290 1100 [ BAB887A2B2786310A966881F074F4A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys22:21:13.0312 1100 BCM43XX - ok22:21:13.0370 1100 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll22:21:13.0371 1100 BDESVC - ok22:21:13.0413 1100 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys22:21:13.0413 1100 Beep - ok22:21:13.0484 1100 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll22:21:13.0490 1100 BFE - ok22:21:13.0548 1100 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll22:21:13.0555 1100 BITS - ok22:21:13.0593 1100 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys22:21:13.0594 1100 blbdrive - ok22:21:13.0648 1100 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys22:21:13.0649 1100 bowser - ok22:21:13.0667 1100 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys22:21:13.0667 1100 BrFiltLo - ok22:21:13.0676 1100 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys22:21:13.0676 1100 BrFiltUp - ok22:21:13.0731 1100 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys22:21:13.0732 1100 BridgeMP - ok22:21:13.0776 1100 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll22:21:13.0777 1100 Browser - ok22:21:13.0812 1100 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys22:21:13.0814 1100 Brserid - ok22:21:13.0834 1100 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys22:21:13.0835 1100 BrSerWdm - ok22:21:13.0843 1100 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys22:21:13.0844 1100 BrUsbMdm - ok22:21:13.0871 1100 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys22:21:13.0871 1100 BrUsbSer - ok22:21:13.0882 1100 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys22:21:13.0883 1100 BTHMODEM - ok22:21:13.0967 1100 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll22:21:13.0968 1100 bthserv - ok22:21:14.0061 1100 [ 17BB17AF3420B1F82308082299710630 ] CamdAudio C:\Windows\system32\drivers\CamdAudio.sys22:21:14.0061 1100 CamdAudio - ok22:21:14.0097 1100 catchme - ok22:21:14.0135 1100 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys22:21:14.0136 1100 cdfs - ok22:21:14.0198 1100 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys22:21:14.0199 1100 cdrom - ok22:21:14.0244 1100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll22:21:14.0245 1100 CertPropSvc - ok22:21:14.0277 1100 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys22:21:14.0278 1100 circlass - ok22:21:14.0338 1100 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys22:21:14.0341 1100 CLFS - ok22:21:14.0443 1100 [ DB26C2BA2AC0AB6BE1CFA59F61CE22DA ] CLHNServiceForPowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe22:21:14.0444 1100 CLHNServiceForPowerDVD - ok22:21:14.0483 1100 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe22:21:14.0484 1100 clr_optimization_v2.0.50727_32 - ok22:21:14.0544 1100 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe22:21:14.0545 1100 clr_optimization_v2.0.50727_64 - ok22:21:14.0653 1100 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe22:21:14.0655 1100 clr_optimization_v4.0.30319_32 - ok22:21:14.0696 1100 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe22:21:14.0698 1100 clr_optimization_v4.0.30319_64 - ok22:21:14.0743 1100 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys22:21:14.0744 1100 CmBatt - ok22:21:14.0753 1100 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys22:21:14.0753 1100 cmdide - ok22:21:14.0808 1100 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys22:21:14.0812 1100 CNG - ok22:21:14.0830 1100 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys22:21:14.0831 1100 Compbatt - ok22:21:14.0885 1100 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys22:21:14.0886 1100 CompositeBus - ok22:21:14.0896 1100 COMSysApp - ok22:21:14.0909 1100 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys22:21:14.0909 1100 crcdisk - ok22:21:14.0961 1100 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll22:21:14.0963 1100 CryptSvc - ok22:21:15.0044 1100 [ E27D60E5A51EEDF9A57F5B69A9A6457D ] CyberLink PowerDVD 11.0 Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe22:21:15.0045 1100 CyberLink PowerDVD 11.0 Monitor Service - ok22:21:15.0081 1100 [ 857943A77B06AC056771A3B12CD318DD ] CyberLink PowerDVD 11.0 Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe22:21:15.0084 1100 CyberLink PowerDVD 11.0 Service - ok22:21:15.0153 1100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll22:21:15.0158 1100 DcomLaunch - ok22:21:15.0191 1100 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll22:21:15.0194 1100 defragsvc - ok22:21:15.0228 1100 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys22:21:15.0229 1100 DfsC - ok22:21:15.0284 1100 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll22:21:15.0287 1100 Dhcp - ok22:21:15.0322 1100 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys22:21:15.0323 1100 discache - ok22:21:15.0362 1100 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys22:21:15.0363 1100 Disk - ok22:21:15.0409 1100 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll22:21:15.0411 1100 Dnscache - ok22:21:15.0531 1100 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll22:21:15.0533 1100 dot3svc - ok22:21:15.0570 1100 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll22:21:15.0572 1100 DPS - ok22:21:15.0615 1100 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys22:21:15.0615 1100 drmkaud - ok22:21:15.0670 1100 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys22:21:15.0677 1100 DXGKrnl - ok22:21:15.0725 1100 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll22:21:15.0726 1100 EapHost - ok22:21:15.0825 1100 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys22:21:15.0849 1100 ebdrv - ok22:21:15.0904 1100 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe22:21:15.0906 1100 EFS - ok22:21:16.0008 1100 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe22:21:16.0015 1100 ehRecvr - ok22:21:16.0045 1100 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe22:21:16.0047 1100 ehSched - ok22:21:16.0091 1100 [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys22:21:16.0092 1100 ElbyCDIO - ok22:21:16.0145 1100 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys22:21:16.0149 1100 elxstor - ok22:21:16.0178 1100 [ E47D9D7E6E53892FC97282482F4AE307 ] EMSC C:\Windows\system32\DRIVERS\EMSC.SYS22:21:16.0179 1100 EMSC - ok22:21:16.0218 1100 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys22:21:16.0219 1100 ErrDev - ok22:21:16.0354 1100 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll22:21:16.0357 1100 EventSystem - ok22:21:16.0398 1100 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys22:21:16.0399 1100 exfat - ok22:21:16.0448 1100 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys22:21:16.0450 1100 FACAP - ok22:21:16.0581 1100 [ 53E30A6E86AA93C0FFC0BC0439E3E636 ] FAService C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe22:21:16.0598 1100 FAService - ok22:21:16.0638 1100 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys22:21:16.0640 1100 fastfat - ok22:21:16.0690 1100 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe22:21:16.0696 1100 Fax - ok22:21:16.0716 1100 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys22:21:16.0716 1100 fdc - ok22:21:16.0742 1100 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll22:21:16.0743 1100 fdPHost - ok22:21:16.0763 1100 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll22:21:16.0765 1100 FDResPub - ok22:21:16.0794 1100 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys22:21:16.0794 1100 FileInfo - ok22:21:16.0864 1100 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys22:21:16.0865 1100 Filetrace - ok22:21:16.0882 1100 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys22:21:16.0883 1100 flpydisk - ok22:21:16.0940 1100 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys22:21:16.0942 1100 FltMgr - ok22:21:16.0997 1100 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll22:21:17.0006 1100 FontCache - ok22:21:17.0061 1100 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe22:21:17.0062 1100 FontCache3.0.0.0 - ok22:21:17.0099 1100 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys22:21:17.0099 1100 FsDepends - ok22:21:17.0145 1100 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys22:21:17.0146 1100 Fs_Rec - ok22:21:17.0202 1100 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys22:21:17.0204 1100 fvevol - ok22:21:17.0234 1100 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys22:21:17.0235 1100 gagp30kx - ok22:21:17.0389 1100 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll22:21:17.0396 1100 gpsvc - ok22:21:17.0509 1100 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe22:21:17.0511 1100 gupdate - ok22:21:17.0543 1100 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe22:21:17.0545 1100 gupdatem - ok22:21:17.0583 1100 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe22:21:17.0585 1100 gusvc - ok22:21:17.0614 1100 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys22:21:17.0614 1100 hcw85cir - ok22:21:17.0656 1100 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys22:21:17.0657 1100 HDAudBus - ok22:21:17.0663 1100 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys22:21:17.0664 1100 HidBatt - ok22:21:17.0675 1100 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys22:21:17.0677 1100 HidBth - ok22:21:17.0692 1100 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys22:21:17.0692 1100 HidIr - ok22:21:17.0718 1100 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll22:21:17.0719 1100 hidserv - ok22:21:17.0782 1100 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys22:21:17.0783 1100 HidUsb - ok22:21:17.0820 1100 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll22:21:17.0822 1100 hkmsvc - ok22:21:17.0941 1100 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll22:21:17.0944 1100 HomeGroupListener - ok22:21:17.0982 1100 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll22:21:17.0985 1100 HomeGroupProvider - ok22:21:18.0029 1100 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys22:21:18.0030 1100 HpSAMD - ok22:21:18.0089 1100 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys22:21:18.0095 1100 HTTP - ok22:21:18.0124 1100 hwinterface - ok22:21:18.0173 1100 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys22:21:18.0174 1100 hwpolicy - ok22:21:18.0224 1100 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys22:21:18.0225 1100 i8042prt - ok22:21:18.0268 1100 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys22:21:18.0272 1100 iaStor - ok22:21:18.0337 1100 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe22:21:18.0338 1100 IAStorDataMgrSvc - ok22:21:18.0374 1100 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys22:21:18.0378 1100 iaStorV - ok22:21:18.0450 1100 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe22:21:18.0451 1100 IDriverT - ok22:21:18.0521 1100 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe22:21:18.0528 1100 idsvc - ok22:21:18.0709 1100 [ 70B0763C05C18B6FA18B18631A74ECDE ] IDVaultSvc C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe22:21:18.0710 1100 IDVaultSvc - ok22:21:19.0088 1100 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys22:21:19.0167 1100 igfx - ok22:21:19.0217 1100 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys22:21:19.0218 1100 iirsp - ok22:21:19.0282 1100 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll22:21:19.0289 1100 IKEEXT - ok22:21:19.0335 1100 [ 57AE484D280AEBD405F65166363E98DC ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe22:21:19.0336 1100 InstallFilterService - ok22:21:19.0415 1100 [ 0ADF714079AE174A39D69036143E4C50 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys22:21:19.0433 1100 IntcAzAudAddService - ok22:21:19.0473 1100 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys22:21:19.0473 1100 intelide - ok22:21:19.0509 1100 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys22:21:19.0510 1100 intelppm - ok22:21:19.0538 1100 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll22:21:19.0540 1100 IPBusEnum - ok22:21:19.0571 1100 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys22:21:19.0572 1100 IpFilterDriver - ok22:21:19.0632 1100 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll22:21:19.0637 1100 iphlpsvc - ok22:21:19.0672 1100 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys22:21:19.0673 1100 IPMIDRV - ok22:21:19.0701 1100 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys22:21:19.0702 1100 IPNAT - ok22:21:19.0727 1100 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys22:21:19.0727 1100 IRENUM - ok22:21:19.0744 1100 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys22:21:19.0744 1100 isapnp - ok22:21:19.0790 1100 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys22:21:19.0792 1100 iScsiPrt - ok22:21:19.0821 1100 [ 5BD76F820656AEAA2DCE66EED8DA84B9 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys22:21:19.0822 1100 JMCR - ok22:21:19.0851 1100 [ E662CB468A1CFF3A57E120A212FADD57 ] johci C:\Windows\system32\DRIVERS\johci.sys22:21:19.0852 1100 johci - ok22:21:19.0877 1100 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys22:21:19.0878 1100 kbdclass - ok22:21:19.0938 1100 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys22:21:19.0939 1100 kbdhid - ok22:21:19.0976 1100 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe22:21:19.0978 1100 KeyIso - ok22:21:20.0019 1100 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys22:21:20.0020 1100 KSecDD - ok22:21:20.0067 1100 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys22:21:20.0068 1100 KSecPkg - ok22:21:20.0110 1100 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys22:21:20.0110 1100 ksthunk - ok22:21:20.0214 1100 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll22:21:20.0218 1100 KtmRm - ok22:21:20.0255 1100 [ 9C46A5421DE9D116C47155317CABB522 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys22:21:20.0256 1100 L1C - ok22:21:20.0312 1100 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll22:21:20.0316 1100 LanmanServer - ok22:21:20.0362 1100 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll22:21:20.0365 1100 LanmanWorkstation - ok22:21:20.0488 1100 [ 4ADC135F525D38A498F83B089228CC2D ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe22:21:20.0490 1100 LBTServ - ok22:21:20.0539 1100 [ 00BA093A3F316D43A4C3E098A96AE912 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys22:21:20.0540 1100 LEqdUsb - ok22:21:20.0587 1100 [ 3067CFAD2BAA4A208130CD0AFB130BC9 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys22:21:20.0588 1100 LHidEqd - ok22:21:20.0612 1100 [ 24E09882BA51B9830AE029888A3AAF18 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys22:21:20.0613 1100 LHidFilt - ok22:21:20.0656 1100 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys22:21:20.0656 1100 lirsgt - ok22:21:20.0692 1100 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys22:21:20.0693 1100 lltdio - ok22:21:20.0726 1100 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll22:21:20.0730 1100 lltdsvc - ok22:21:20.0740 1100 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll22:21:20.0741 1100 lmhosts - ok22:21:20.0759 1100 [ 2F94325D8C10E2B715F3D753C2422AAC ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys22:21:20.0760 1100 LMouFilt - ok22:21:20.0795 1100 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys22:21:20.0797 1100 LSI_FC - ok22:21:20.0816 1100 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys22:21:20.0818 1100 LSI_SAS - ok22:21:20.0836 1100 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys22:21:20.0837 1100 LSI_SAS2 - ok22:21:20.0849 1100 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys22:21:20.0850 1100 LSI_SCSI - ok22:21:20.0920 1100 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys22:21:20.0921 1100 luafv - ok22:21:21.0110 1100 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys22:21:21.0110 1100 MBAMProtector - ok22:21:21.0307 1100 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe22:21:21.0312 1100 MBAMService - ok22:21:21.0360 1100 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll22:21:21.0362 1100 Mcx2Svc - ok22:21:21.0387 1100 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys22:21:21.0388 1100 megasas - ok22:21:21.0415 1100 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys22:21:21.0417 1100 MegaSR - ok22:21:21.0470 1100 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll22:21:21.0472 1100 MMCSS - ok22:21:21.0481 1100 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys22:21:21.0481 1100 Modem - ok22:21:21.0505 1100 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys22:21:21.0506 1100 monitor - ok22:21:21.0579 1100 [ 16F9F464DA6E02A020BCE626C56A1797 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys22:21:21.0580 1100 MotioninJoyXFilter - ok22:21:21.0606 1100 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys22:21:21.0606 1100 mouclass - ok22:21:21.0635 1100 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys22:21:21.0636 1100 mouhid - ok22:21:21.0690 1100 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys22:21:21.0691 1100 mountmgr - ok22:21:21.0735 1100 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys22:21:21.0737 1100 mpio - ok22:21:21.0758 1100 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys22:21:21.0760 1100 mpsdrv - ok22:21:21.0816 1100 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll22:21:21.0823 1100 MpsSvc - ok22:21:21.0851 1100 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys22:21:21.0852 1100 MRxDAV - ok22:21:21.0887 1100 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys22:21:21.0889 1100 mrxsmb - ok22:21:21.0927 1100 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys22:21:21.0929 1100 mrxsmb10 - ok22:21:21.0962 1100 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys22:21:21.0964 1100 mrxsmb20 - ok22:21:22.0003 1100 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys22:21:22.0004 1100 msahci - ok22:21:22.0060 1100 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys22:21:22.0062 1100 msdsm - ok22:21:22.0089 1100 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe22:21:22.0091 1100 MSDTC - ok22:21:22.0136 1100 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys22:21:22.0137 1100 Msfs - ok22:21:22.0154 1100 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys22:21:22.0155 1100 mshidkmdf - ok22:21:22.0189 1100 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys22:21:22.0190 1100 msisadrv - ok22:21:22.0225 1100 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll22:21:22.0227 1100 MSiSCSI - ok22:21:22.0232 1100 msiserver - ok22:21:22.0296 1100 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys22:21:22.0297 1100 MSKSSRV - ok22:21:22.0315 1100 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys22:21:22.0315 1100 MSPCLOCK - ok22:21:22.0331 1100 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys22:21:22.0332 1100 MSPQM - ok22:21:22.0368 1100 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys22:21:22.0371 1100 MsRPC - ok22:21:22.0415 1100 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys22:21:22.0416 1100 mssmbios - ok22:21:22.0444 1100 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys22:21:22.0445 1100 MSTEE - ok22:21:22.0456 1100 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys22:21:22.0457 1100 MTConfig - ok22:21:22.0471 1100 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys22:21:22.0472 1100 Mup - ok22:21:22.0530 1100 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll22:21:22.0535 1100 napagent - ok22:21:22.0582 1100 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys22:21:22.0584 1100 NativeWifiP - ok22:21:22.0692 1100 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys22:21:22.0699 1100 NDIS - ok22:21:22.0728 1100 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys22:21:22.0729 1100 NdisCap - ok22:21:22.0749 1100 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys22:21:22.0750 1100 NdisTapi - ok22:21:22.0796 1100 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys22:21:22.0797 1100 Ndisuio - ok22:21:22.0841 1100 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys22:21:22.0843 1100 NdisWan - ok22:21:22.0886 1100 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys22:21:22.0887 1100 NDProxy - ok22:21:22.0932 1100 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys22:21:22.0933 1100 NetBIOS - ok22:21:22.0977 1100 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys22:21:22.0980 1100 NetBT - ok22:21:23.0013 1100 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe22:21:23.0015 1100 Netlogon - ok22:21:23.0127 1100 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll22:21:23.0131 1100 Netman - ok22:21:23.0190 1100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe22:21:23.0192 1100 NetMsmqActivator - ok22:21:23.0233 1100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe22:21:23.0234 1100 NetPipeActivator - ok22:21:23.0261 1100 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll22:21:23.0266 1100 netprofm - ok22:21:23.0311 1100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe22:21:23.0313 1100 NetTcpActivator - ok22:21:23.0320 1100 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe22:21:23.0322 1100 NetTcpPortSharing - ok22:21:23.0372 1100 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys22:21:23.0373 1100 nfrd960 - ok22:21:23.0416 1100 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll22:21:23.0419 1100 NlaSvc - ok22:21:23.0435 1100 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys22:21:23.0436 1100 Npfs - ok22:21:23.0458 1100 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll22:21:23.0460 1100 nsi - ok22:21:23.0474 1100 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys22:21:23.0475 1100 nsiproxy - ok22:21:23.0552 1100 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys22:21:23.0564 1100 Ntfs - ok22:21:23.0646 1100 [ 7420B2E1F65642129B6E23BD42F752AA ] ntk_PowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys22:21:23.0648 1100 ntk_PowerDVD - ok22:21:23.0681 1100 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys22:21:23.0681 1100 Null - ok22:21:23.0716 1100 [ 10204955027011E08A9DC27737A48A54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys22:21:23.0718 1100 NVHDA - ok22:21:24.0037 1100 [ B15258B1F45F9571758AC6BB2F043B01 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys22:21:24.0136 1100 nvlddmkm - ok22:21:24.0207 1100 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys22:21:24.0208 1100 nvraid - ok22:21:24.0224 1100 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys22:21:24.0225 1100 nvstor - ok22:21:24.0313 1100 [ 2D7092FEC9BD2ACA199673BBA2BA9277 ] nvsvc C:\Windows\system32\nvvsvc.exe22:21:24.0328 1100 nvsvc - ok22:21:24.0614 1100 [ 7E22DE30E222BFDFCEC7E77032BAF3CD ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe22:21:24.0630 1100 nvUpdatusService - ok22:21:24.0675 1100 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys22:21:24.0677 1100 nv_agp - ok22:21:24.0713 1100 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys22:21:24.0714 1100 ohci1394 - ok22:21:24.0811 1100 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE22:21:24.0812 1100 ose - ok22:21:24.0845 1100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll22:21:24.0849 1100 p2pimsvc - ok22:21:24.0877 1100 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll22:21:24.0881 1100 p2psvc - ok22:21:24.0916 1100 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys22:21:24.0917 1100 Parport - ok22:21:24.0952 1100 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys22:21:24.0953 1100 partmgr - ok22:21:24.0971 1100 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll22:21:24.0975 1100 PcaSvc - ok22:21:25.0016 1100 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys22:21:25.0018 1100 pci - ok22:21:25.0038 1100 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys22:21:25.0038 1100 pciide - ok22:21:25.0070 1100 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys22:21:25.0072 1100 pcmcia - ok22:21:25.0091 1100 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys22:21:25.0092 1100 pcw - ok22:21:25.0140 1100 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys22:21:25.0145 1100 PEAUTH - ok22:21:25.0251 1100 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe22:21:25.0253 1100 PerfHost - ok22:21:25.0336 1100 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll22:21:25.0347 1100 pla - ok22:21:25.0431 1100 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll22:21:25.0436 1100 PlugPlay - ok22:21:25.0464 1100 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll22:21:25.0466 1100 PNRPAutoReg - ok22:21:25.0482 1100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll22:21:25.0486 1100 PNRPsvc - ok22:21:25.0533 1100 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll22:21:25.0537 1100 PolicyAgent - ok22:21:25.0666 1100 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll22:21:25.0670 1100 Power - ok22:21:25.0718 1100 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys22:21:25.0720 1100 PptpMiniport - ok22:21:25.0727 1100 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys22:21:25.0728 1100 Processor - ok22:21:25.0743 1100 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll22:21:25.0746 1100 ProfSvc - ok22:21:25.0765 1100 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe22:21:25.0767 1100 ProtectedStorage - ok22:21:25.0813 1100 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys22:21:25.0814 1100 Psched - ok22:21:25.0874 1100 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys22:21:25.0885 1100 ql2300 - ok22:21:25.0899 1100 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys22:21:25.0901 1100 ql40xx - ok22:21:25.0940 1100 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll22:21:25.0943 1100 QWAVE - ok22:21:25.0955 1100 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys22:21:25.0956 1100 QWAVEdrv - ok22:21:25.0972 1100 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys22:21:25.0972 1100 RasAcd - ok22:21:26.0012 1100 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys22:21:26.0013 1100 RasAgileVpn - ok22:21:26.0027 1100 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll22:21:26.0030 1100 RasAuto - ok22:21:26.0068 1100 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys22:21:26.0070 1100 Rasl2tp - ok22:21:26.0118 1100 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll22:21:26.0123 1100 RasMan - ok22:21:26.0163 1100 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys22:21:26.0164 1100 RasPppoe - ok22:21:26.0174 1100 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys22:21:26.0175 1100 RasSstp - ok22:21:26.0218 1100 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys22:21:26.0220 1100 rdbss - ok22:21:26.0230 1100 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys22:21:26.0231 1100 rdpbus - ok22:21:26.0242 1100 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys22:21:26.0243 1100 RDPCDD - ok22:21:26.0268 1100 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys22:21:26.0269 1100 RDPENCDD - ok22:21:26.0290 1100 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys22:21:26.0290 1100 RDPREFMP - ok22:21:26.0334 1100 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys22:21:26.0336 1100 RDPWD - ok22:21:26.0386 1100 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys22:21:26.0388 1100 rdyboost - ok22:21:26.0413 1100 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll22:21:26.0415 1100 RemoteAccess - ok22:21:26.0503 1100 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll22:21:26.0506 1100 RemoteRegistry - ok22:21:26.0525 1100 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll22:21:26.0527 1100 RpcEptMapper - ok22:21:26.0546 1100 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe22:21:26.0547 1100 RpcLocator - ok22:21:26.0598 1100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll22:21:26.0604 1100 RpcSs - ok22:21:26.0641 1100 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys22:21:26.0642 1100 rspndr - ok22:21:26.0656 1100 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe22:21:26.0658 1100 SamSs - ok22:21:26.0704 1100 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys22:21:26.0705 1100 sbp2port - ok22:21:26.0738 1100 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll22:21:26.0741 1100 SCardSvr - ok22:21:26.0780 1100 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys22:21:26.0781 1100 scfilter - ok22:21:26.0845 1100 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll22:21:26.0854 1100 Schedule - ok22:21:26.0900 1100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll22:21:26.0901 1100 SCPolicySvc - ok22:21:26.0945 1100 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll22:21:26.0947 1100 SDRSVC - ok22:21:26.0988 1100 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys22:21:26.0988 1100 secdrv - ok22:21:27.0066 1100 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll22:21:27.0068 1100 seclogon - ok22:21:27.0100 1100 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll22:21:27.0103 1100 SENS - ok22:21:27.0121 1100 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll22:21:27.0124 1100 SensrSvc - ok22:21:27.0137 1100 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys22:21:27.0138 1100 Serenum - ok22:21:27.0176 1100 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys22:21:27.0177 1100 Serial - ok22:21:27.0214 1100 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys22:21:27.0214 1100 sermouse - ok22:21:27.0261 1100 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll22:21:27.0264 1100 SessionEnv - ok22:21:27.0302 1100 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys22:21:27.0303 1100 sffdisk - ok22:21:27.0319 1100 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys22:21:27.0320 1100 sffp_mmc - ok22:21:27.0331 1100 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys22:21:27.0332 1100 sffp_sd - ok22:21:27.0351 1100 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys22:21:27.0351 1100 sfloppy - ok22:21:27.0400 1100 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll22:21:27.0403 1100 SharedAccess - ok22:21:27.0508 1100 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll22:21:27.0512 1100 ShellHWDetection - ok22:21:27.0536 1100 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys22:21:27.0537 1100 SiSRaid2 - ok22:21:27.0549 1100 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys22:21:27.0550 1100 SiSRaid4 - ok22:21:27.0578 1100 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys22:21:27.0580 1100 Smb - ok22:21:27.0632 1100 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe22:21:27.0634 1100 SNMPTRAP - ok22:21:27.0647 1100 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys22:21:27.0648 1100 spldr - ok22:21:27.0686 1100 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe22:21:27.0692 1100 Spooler - ok22:21:27.0801 1100 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe22:21:27.0833 1100 sppsvc - ok22:21:27.0862 1100 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll22:21:27.0864 1100 sppuinotify - ok22:21:27.0912 1100 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys22:21:27.0915 1100 srv - ok22:21:28.0019 1100 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys22:21:28.0022 1100 srv2 - ok22:21:28.0045 1100 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys22:21:28.0046 1100 srvnet - ok22:21:28.0085 1100 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll22:21:28.0088 1100 SSDPSRV - ok22:21:28.0148 1100 SSHDRV65 - ok22:21:28.0180 1100 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll22:21:28.0183 1100 SstpSvc - ok22:21:28.0203 1100 [ 3D69F5F3BEB8AA28D7F46F5548B8D6D7 ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys22:21:28.0204 1100 stdflt - ok22:21:28.0224 1100 Steam Client Service - ok22:21:28.0324 1100 [ 9E1222C417291BC836210743624A8E5E ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe22:21:28.0327 1100 Stereo Service - ok22:21:28.0357 1100 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys22:21:28.0358 1100 stexstor - ok22:21:28.0409 1100 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll22:21:28.0415 1100 stisvc - ok22:21:28.0458 1100 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys22:21:28.0459 1100 swenum - ok22:21:28.0514 1100 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll22:21:28.0519 1100 swprv - ok22:21:28.0562 1100 [ BE2B928DE9AF2848289DB7A54C7E2398 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys22:21:28.0564 1100 SynTP - ok22:21:28.0647 1100 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll22:21:28.0661 1100 SysMain - ok22:21:28.0720 1100 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll22:21:28.0723 1100 TabletInputService - ok22:21:28.0745 1100 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll22:21:28.0749 1100 TapiSrv - ok22:21:28.0774 1100 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll22:21:28.0776 1100 TBS - ok22:21:28.0866 1100 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys22:21:28.0880 1100 Tcpip - ok22:21:28.0954 1100 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys22:21:28.0968 1100 TCPIP6 - ok22:21:29.0003 1100 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys22:21:29.0004 1100 tcpipreg - ok22:21:29.0045 1100 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys22:21:29.0045 1100 TDPIPE - ok22:21:29.0076 1100 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys22:21:29.0077 1100 TDTCP - ok22:21:29.0121 1100 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys22:21:29.0123 1100 tdx - ok22:21:29.0158 1100 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys22:21:29.0159 1100 TermDD - ok22:21:29.0271 1100 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll22:21:29.0277 1100 TermService - ok22:21:29.0319 1100 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll22:21:29.0321 1100 Themes - ok22:21:29.0350 1100 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll22:21:29.0352 1100 THREADORDER - ok22:21:29.0364 1100 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll22:21:29.0367 1100 TrkWks - ok22:21:29.0432 1100 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe22:21:29.0433 1100 TrustedInstaller - ok22:21:29.0476 1100 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys22:21:29.0477 1100 tssecsrv - ok22:21:29.0514 1100 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys22:21:29.0515 1100 TsUsbFlt - ok22:21:29.0573 1100 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys22:21:29.0574 1100 tunnel - ok22:21:29.0601 1100 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys22:21:29.0602 1100 uagp35 - ok22:21:29.0641 1100 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys22:21:29.0644 1100 udfs - ok22:21:29.0683 1100 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe22:21:29.0685 1100 UI0Detect - ok22:21:29.0714 1100 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys22:21:29.0715 1100 uliagpkx - ok22:21:29.0761 1100 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys22:21:29.0762 1100 umbus - ok22:21:29.0781 1100 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys22:21:29.0781 1100 UmPass - ok22:21:29.0810 1100 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll22:21:29.0814 1100 upnphost - ok22:21:29.0863 1100 [ F724B03C3DFAACF08D17D38BF3333583 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys22:21:29.0864 1100 USBAAPL64 - ok22:21:29.0906 1100 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys22:21:29.0907 1100 usbccgp - ok22:21:29.0950 1100 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys22:21:29.0952 1100 usbcir - ok22:21:29.0972 1100 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys22:21:29.0973 1100 usbehci - ok22:21:30.0010 1100 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys22:21:30.0013 1100 usbhub - ok22:21:30.0034 1100 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys22:21:30.0035 1100 usbohci - ok22:21:30.0072 1100 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys22:21:30.0073 1100 usbprint - ok22:21:30.0109 1100 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys22:21:30.0110 1100 usbscan - ok22:21:30.0127 1100 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS22:21:30.0128 1100 USBSTOR - ok22:21:30.0170 1100 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys22:21:30.0171 1100 usbuhci - ok22:21:30.0234 1100 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys22:21:30.0235 1100 usbvideo - ok22:21:30.0270 1100 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll22:21:30.0272 1100 UxSms - ok22:21:30.0288 1100 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe22:21:30.0289 1100 VaultSvc - ok22:21:30.0374 1100 [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys22:21:30.0375 1100 VClone - ok22:21:30.0471 1100 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys22:21:30.0472 1100 vdrvroot - ok22:21:30.0527 1100 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe22:21:30.0533 1100 vds - ok22:21:30.0559 1100 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys22:21:30.0560 1100 vga - ok22:21:30.0578 1100 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys22:21:30.0579 1100 VgaSave - ok22:21:30.0621 1100 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys22:21:30.0622 1100 vhdmp - ok22:21:30.0652 1100 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys22:21:30.0653 1100 viaide - ok22:21:30.0662 1100 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys22:21:30.0663 1100 volmgr - ok22:21:30.0708 1100 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys22:21:30.0711 1100 volmgrx - ok22:21:30.0757 1100 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys22:21:30.0760 1100 volsnap - ok22:21:30.0790 1100 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys22:21:30.0792 1100 vsmraid - ok22:21:30.0864 1100 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe22:21:30.0877 1100 VSS - ok22:21:30.0932 1100 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys22:21:30.0933 1100 vwifibus - ok22:21:30.0950 1100 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys22:21:30.0951 1100 vwififlt - ok22:21:31.0003 1100 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll22:21:31.0008 1100 W32Time - ok22:21:31.0031 1100 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys22:21:31.0031 1100 WacomPen - ok22:21:31.0089 1100 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys22:21:31.0090 1100 WANARP - ok22:21:31.0095 1100 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys22:21:31.0096 1100 Wanarpv6 - ok22:21:31.0271 1100 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe22:21:31.0280 1100 WatAdminSvc - ok22:21:31.0353 1100 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe22:21:31.0366 1100 wbengine - ok22:21:31.0417 1100 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll22:21:31.0420 1100 WbioSrvc - ok22:21:31.0465 1100 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll22:21:31.0470 1100 wcncsvc - ok22:21:31.0483 1100 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll22:21:31.0485 1100 WcsPlugInService - ok22:21:31.0515 1100 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys22:21:31.0516 1100 Wd - ok22:21:31.0598 1100 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys22:21:31.0603 1100 Wdf01000 - ok22:21:31.0622 1100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll22:21:31.0626 1100 WdiServiceHost - ok22:21:31.0632 1100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll22:21:31.0636 1100 WdiSystemHost - ok22:21:31.0697 1100 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll22:21:31.0700 1100 WebClient - ok22:21:31.0720 1100 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll22:21:31.0724 1100 Wecsvc - ok22:21:31.0742 1100 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll22:21:31.0745 1100 wercplsupport - ok22:21:31.0779 1100 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll22:21:31.0782 1100 WerSvc - ok22:21:31.0827 1100 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys22:21:31.0827 1100 WfpLwf - ok22:21:31.0840 1100 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys22:21:31.0840 1100 WIMMount - ok22:21:31.0873 1100 WinDefend - ok22:21:31.0966 1100 [ 8258726D076C8FFF994F468712DDFBAB ] WindowBlinds C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe22:21:31.0968 1100 WindowBlinds - ok22:21:31.0978 1100 WinHttpAutoProxySvc - ok22:21:32.0055 1100 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll22:21:32.0057 1100 Winmgmt - ok22:21:32.0138 1100 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll22:21:32.0154 1100 WinRM - ok22:21:32.0205 1100 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys22:21:32.0206 1100 WinUsb - ok22:21:32.0283 1100 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll22:21:32.0291 1100 Wlansvc - ok22:21:32.0335 1100 [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE22:21:32.0335 1100 wltrysvc - ok22:21:32.0398 1100 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys22:21:32.0399 1100 WmiAcpi - ok22:21:32.0434 1100 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe22:21:32.0436 1100 wmiApSrv - ok22:21:32.0451 1100 WMPNetworkSvc - ok22:21:32.0479 1100 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll22:21:32.0481 1100 WPCSvc - ok22:21:32.0517 1100 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll22:21:32.0520 1100 WPDBusEnum - ok22:21:32.0546 1100 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys22:21:32.0546 1100 ws2ifsl - ok22:21:32.0565 1100 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll22:21:32.0568 1100 wscsvc - ok22:21:32.0573 1100 WSearch - ok22:21:32.0677 1100 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll22:21:32.0696 1100 wuauserv - ok22:21:32.0736 1100 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys22:21:32.0738 1100 WudfPf - ok22:21:32.0846 1100 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys22:21:32.0848 1100 WUDFRd - ok22:21:32.0894 1100 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll22:21:32.0897 1100 wudfsvc - ok22:21:32.0925 1100 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll22:21:32.0929 1100 WwanSvc - ok22:21:32.0989 1100 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys22:21:32.0990 1100 xusb21 - ok22:21:33.0122 1100 [ 1870A74EE2901CA09FFBFE79A5EE0E94 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl22:21:33.0123 1100 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok22:21:33.0132 1100 ================ Scan global ===============================22:21:33.0159 1100 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll22:21:33.0202 1100 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll22:21:33.0212 1100 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll22:21:33.0231 1100 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll22:21:33.0254 1100 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe22:21:33.0258 1100 [Global] - ok22:21:33.0258 1100 ================ Scan MBR ==================================22:21:33.0279 1100 [ C0DCF0AC171DB02DB8B0014C5D767CF1 ] \Device\Harddisk0\DR022:21:33.0279 1100 Suspicious mbr (Forged): \Device\Harddisk0\DR022:21:33.0346 1100 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected22:21:33.0346 1100 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)22:21:33.0347 1100 ================ Scan VBR ==================================22:21:33.0354 1100 [ 5806C202976ADC39B3C413B6547AA2C6 ] \Device\Harddisk0\DR0\Partition122:21:33.0357 1100 \Device\Harddisk0\DR0\Partition1 - ok22:21:33.0403 1100 [ 4D55015D9359D71A23786EB6C9A45EFF ] \Device\Harddisk0\DR0\Partition222:21:33.0408 1100 \Device\Harddisk0\DR0\Partition2 - ok22:21:33.0409 1100 ============================================================22:21:33.0409 1100 Scan finished22:21:33.0409 1100 ============================================================22:21:33.0424 7460 Detected object count: 122:21:33.0424 7460 Actual detected object count: 122:21:40.0959 7460 \Device\Harddisk0\DR0\# - copied to quarantine22:21:40.0961 7460 \Device\Harddisk0\DR0 - copied to quarantine22:21:41.0039 7460 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine22:21:41.0041 7460 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine22:21:41.0044 7460 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine22:21:41.0049 7460 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine22:21:41.0053 7460 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine22:21:41.0085 7460 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine22:21:41.0105 7460 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine22:21:41.0134 7460 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine22:21:41.0138 7460 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine22:21:41.0139 7460 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine22:21:41.0146 7460 \Device\Harddisk0\DR0\TDLFS\xh.dll - copied to quarantine22:21:41.0177 7460 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot22:21:41.0181 7460 \Device\Harddisk0\DR0 - ok22:21:41.0225 7460 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure 22:22:06.0490 5556 Deinitialize successHere's the MBRScan log (after the reboot):MBRCheck, version 1.2.3© 2010, ADCommand-line: Windows Version: Windows 7 Home Premium EditionWindows Information: Service Pack 1 (build 7601), 64-bitBase Board Manufacturer: AlienwareBIOS Manufacturer: AlienwareSystem Manufacturer: AlienwareSystem Product Name: M11xLogical Drives Mask: 0x0000000cKernel Drivers (total 201): 0x03003000 \SystemRoot\system32\ntoskrnl.exe 0x035EC000 \SystemRoot\system32\hal.dll 0x00BA9000 \SystemRoot\system32\kdcom.dll 0x00CBC000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00D0B000 \SystemRoot\system32\PSHED.dll 0x00D1F000 \SystemRoot\system32\CLFS.SYS 0x00E6A000 \SystemRoot\system32\CI.dll 0x00F2A000 \SystemRoot\system32\drivers\01626356.sys 0x00C00000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F61000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00F70000 \SystemRoot\system32\drivers\ACPI.sys 0x00FC7000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00FD0000 \SystemRoot\system32\drivers\msisadrv.sys 0x00E00000 \SystemRoot\system32\drivers\pci.sys 0x00E33000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00E40000 \SystemRoot\System32\drivers\partmgr.sys 0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x00FDA000 \SystemRoot\system32\drivers\volmgr.sys 0x00D7D000 \SystemRoot\System32\drivers\volmgrx.sys 0x00DD9000 \SystemRoot\System32\drivers\mountmgr.sys 0x010D9000 \SystemRoot\system32\DRIVERS\iaStor.sys 0x012E3000 \SystemRoot\system32\drivers\atapi.sys 0x012EC000 \SystemRoot\system32\drivers\ataport.SYS 0x01316000 \SystemRoot\system32\drivers\msahci.sys 0x01321000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x01331000 \SystemRoot\system32\drivers\amdxata.sys 0x0133C000 \SystemRoot\system32\drivers\fltmgr.sys 0x01388000 \SystemRoot\system32\drivers\fileinfo.sys 0x01408000 \SystemRoot\System32\Drivers\Ntfs.sys 0x0139C000 \SystemRoot\System32\Drivers\msrpc.sys 0x015AB000 \SystemRoot\System32\Drivers\ksecdd.sys 0x01000000 \SystemRoot\System32\Drivers\cng.sys 0x015C6000 \SystemRoot\System32\drivers\pcw.sys 0x015D7000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01699000 \SystemRoot\system32\drivers\ndis.sys 0x0178C000 \SystemRoot\system32\drivers\NETIO.SYS 0x01600000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x01895000 \SystemRoot\System32\drivers\tcpip.sys 0x01A99000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01AE3000 \SystemRoot\system32\drivers\volsnap.sys 0x01B2F000 \SystemRoot\system32\DRIVERS\stdflt.sys 0x01B37000 \SystemRoot\System32\Drivers\spldr.sys 0x01B3F000 \SystemRoot\System32\drivers\rdyboost.sys 0x01B79000 \SystemRoot\System32\Drivers\mup.sys 0x01B94000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01B9D000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x01BD7000 \SystemRoot\system32\DRIVERS\EMSC.SYS 0x01BE1000 \SystemRoot\system32\DRIVERS\disk.sys 0x01800000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x03EF3000 \SystemRoot\System32\Drivers\Null.SYS 0x03EFC000 \SystemRoot\System32\Drivers\Beep.SYS 0x03F03000 \SystemRoot\System32\drivers\vga.sys 0x03F11000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x03F36000 \SystemRoot\System32\drivers\watchdog.sys 0x03F46000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x03F4F000 \SystemRoot\system32\drivers\rdpencdd.sys 0x03F58000 \SystemRoot\system32\drivers\rdprefmp.sys 0x03F61000 \SystemRoot\System32\Drivers\Msfs.SYS 0x03F6C000 \SystemRoot\System32\Drivers\Npfs.SYS 0x03F7D000 \SystemRoot\system32\DRIVERS\tdx.sys 0x03F9F000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x03FAC000 \SystemRoot\System32\DRIVERS\netbt.sys 0x03C00000 \SystemRoot\system32\drivers\afd.sys 0x03C89000 \SystemRoot\system32\drivers\ws2ifsl.sys 0x03C94000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x03EC9000 \SystemRoot\system32\DRIVERS\pacer.sys 0x0183E000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x03FF1000 \SystemRoot\system32\DRIVERS\netbios.sys 0x01854000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x0186F000 \SystemRoot\system32\drivers\termdd.sys 0x0162B000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x03C9D000 \SystemRoot\system32\drivers\nsiproxy.sys 0x01883000 \SystemRoot\system32\drivers\mssmbios.sys 0x0167C000 \SystemRoot\System32\Drivers\ElbyCDIO.sys 0x01687000 \SystemRoot\System32\drivers\discache.sys 0x015E1000 \SystemRoot\System32\Drivers\dfsc.sys 0x017EC000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x01072000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x0F2E2000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x0FF59000 \SystemRoot\System32\Drivers\nvBridge.kmd 0x02E72000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x02F66000 \SystemRoot\System32\drivers\dxgmms1.sys 0x02FAC000 \SystemRoot\system32\drivers\HDAudBus.sys 0x02FD0000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x02E00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x02E56000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x02FDD000 \SystemRoot\system32\DRIVERS\L1C62x64.sys 0x0423D000 \SystemRoot\system32\DRIVERS\bcmwl664.sys 0x0452B000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x04589000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS 0x045B8000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x045BD000 \SystemRoot\system32\drivers\i8042prt.sys 0x045DB000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x0FF5E000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x045EA000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x045EC000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x04200000 \SystemRoot\system32\DRIVERS\Acceler.sys 0x0420F000 \SystemRoot\system32\drivers\wmiacpi.sys 0x04218000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x0FFAE000 \SystemRoot\system32\drivers\CompositeBus.sys 0x0FFBE000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x0FFD4000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x0422E000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x0F200000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x0F22F000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x0F24A000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x0F26B000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x0F285000 \SystemRoot\system32\DRIVERS\VClone.sys 0x0423A000 \SystemRoot\system32\drivers\swenum.sys 0x0F294000 \SystemRoot\system32\drivers\ks.sys 0x01098000 \SystemRoot\system32\drivers\umbus.sys 0x046B1000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x0470B000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x04720000 \SystemRoot\system32\drivers\nvhda64v.sys 0x0474D000 \SystemRoot\system32\drivers\portcls.sys 0x0478A000 \SystemRoot\system32\drivers\drmk.sys 0x047AC000 \SystemRoot\system32\drivers\ksthunk.sys 0x0580F000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x05A49000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x05A73000 \SystemRoot\System32\Drivers\crashdmp.sys 0x03CA9000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x05A81000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x00050000 \SystemRoot\System32\win32k.sys 0x05A94000 \SystemRoot\System32\drivers\Dxapi.sys 0x05AA0000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x05ABD000 \SystemRoot\System32\Drivers\usbvideo.sys 0x05AEB000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x05AF9000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x05B12000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x05B1B000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x05B29000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x05B36000 \SystemRoot\system32\DRIVERS\monitor.sys 0x00560000 \SystemRoot\System32\TSDDD.dll 0x00650000 \SystemRoot\System32\cdd.dll 0x00990000 \SystemRoot\System32\ATMFD.DLL 0x05B44000 \SystemRoot\system32\drivers\luafv.sys 0x05B67000 \SystemRoot\system32\drivers\WudfPf.sys 0x05B88000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x05B9D000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x047B2000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x047C5000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x0546D000 \SystemRoot\system32\drivers\HTTP.sys 0x05538000 \SystemRoot\system32\DRIVERS\bowser.sys 0x05556000 \SystemRoot\System32\drivers\mpsdrv.sys 0x0556E000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x0559B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x05400000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x04600000 \SystemRoot\system32\DRIVERS\atksgt.sys 0x0545D000 \SystemRoot\system32\DRIVERS\lirsgt.sys 0x0464F000 \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys 0x0849B000 \SystemRoot\system32\drivers\peauth.sys 0x08541000 \SystemRoot\System32\Drivers\secdrv.SYS 0x0854C000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x0857D000 \SystemRoot\System32\drivers\tcpipreg.sys 0x0858F000 \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl 0x08400000 \SystemRoot\System32\DRIVERS\srv2.sys 0x08854000 \SystemRoot\System32\DRIVERS\srv.sys 0x088EC000 \SystemRoot\system32\drivers\BCM42RLY.sys 0x088F5000 \??\C:\Windows\system32\drivers\mbam.sys 0x088FF000 \SystemRoot\system32\drivers\spsys.sys 0x775C0000 \Windows\System32\ntdll.dll 0x47940000 \Windows\System32\smss.exe 0xFF8E0000 \Windows\System32\apisetschema.dll 0xFF270000 \Windows\System32\autochk.exe 0xFF7F0000 \Windows\System32\advapi32.dll 0xFF750000 \Windows\System32\msvcrt.dll 0x774A0000 \Windows\System32\kernel32.dll 0xFF740000 \Windows\System32\nsi.dll 0xFF5C0000 \Windows\System32\urlmon.dll 0xFF5A0000 \Windows\System32\imagehlp.dll 0xFF490000 \Windows\System32\msctf.dll 0xFF3F0000 \Windows\System32\clbcatq.dll 0xFF390000 \Windows\System32\Wldap32.dll 0x77790000 \Windows\System32\psapi.dll 0xFF2B0000 \Windows\System32\oleaut32.dll 0xFF180000 \Windows\System32\wininet.dll 0xFEF70000 \Windows\System32\ole32.dll 0xFEEF0000 \Windows\System32\shlwapi.dll 0xFEE20000 \Windows\System32\usp10.dll 0xFEDA0000 \Windows\System32\difxapi.dll 0xFED30000 \Windows\System32\gdi32.dll 0xFEAD0000 \Windows\System32\iertutil.dll 0xFE9A0000 \Windows\System32\rpcrt4.dll 0x773A0000 \Windows\System32\user32.dll 0xFE900000 \Windows\System32\comdlg32.dll 0xFDB70000 \Windows\System32\shell32.dll 0xFDB40000 \Windows\System32\imm32.dll 0xFDB30000 \Windows\System32\lpk.dll 0xFDB10000 \Windows\System32\sechost.dll 0xFD930000 \Windows\System32\setupapi.dll 0x77780000 \Windows\System32\normaliz.dll 0xFD8E0000 \Windows\System32\ws2_32.dll 0xFD870000 \Windows\System32\KernelBase.dll 0xFD830000 \Windows\System32\wintrust.dll 0xFD6C0000 \Windows\System32\crypt32.dll 0xFD620000 \Windows\System32\comctl32.dll 0xFD600000 \Windows\System32\devobj.dll 0xFD5C0000 \Windows\System32\cfgmgr32.dll 0xFD5B0000 \Windows\System32\msasn1.dll 0x77770000 \Windows\SysWOW64\normaliz.dllProcesses (total 87): 0 System Idle Process 4 System 276 C:\Windows\System32\smss.exe 496 csrss.exe 560 csrss.exe 568 C:\Windows\System32\wininit.exe 620 C:\Windows\System32\services.exe 628 C:\Windows\System32\lsass.exe 636 C:\Windows\System32\lsm.exe 664 C:\Windows\System32\winlogon.exe 792 C:\Windows\System32\svchost.exe 852 C:\Windows\System32\nvvsvc.exe 876 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 924 C:\Windows\System32\svchost.exe 1020 C:\Windows\System32\svchost.exe 312 C:\Windows\System32\svchost.exe 516 C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe 808 C:\Windows\System32\svchost.exe 1060 C:\Windows\System32\audiodg.exe 1112 C:\Windows\System32\svchost.exe 1200 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 1212 C:\Windows\System32\nvvsvc.exe 1300 C:\Windows\System32\svchost.exe 1552 C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE 1560 C:\Windows\System32\wlanext.exe 1568 C:\Windows\System32\conhost.exe 1700 C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE 1776 C:\Windows\System32\spoolsv.exe 2008 C:\Windows\System32\svchost.exe 1480 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 1408 C:\Windows\System32\dwm.exe 1640 C:\Windows\System32\taskhost.exe 1916 C:\Windows\System32\taskeng.exe 2112 C:\Windows\explorer.exe 2456 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 2492 C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe 2532 C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe 2552 C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe 2620 C:\Windows\System32\svchost.exe 2664 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 2832 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 2916 C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe 3028 C:\Windows\System32\svchost.exe 2188 C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe 1012 WmiPrvSE.exe 2864 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3016 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 1940 C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE 1340 C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe 1128 C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe 1160 C:\Program Files\Logitech\SetPointP\SetPoint.exe 2376 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 1624 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2656 C:\Program Files (x86)\RAMRush\RAMRush.exe 3096 C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe 3208 C:\Windows\System32\UI0Detect.exe 3260 C:\Users\Morrow\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe 3276 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe 3648 C:\Windows\System32\SearchIndexer.exe 3664 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 3716 C:\Users\Morrow\AppData\Local\DIRECTV Player\NDSPCShowServer.exe 3740 C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe 3844 C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe 3864 C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe 3872 C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe 3884 C:\Windows\System32\conhost.exe 3920 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe 4076 WmiPrvSE.exe 700 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 3928 C:\Program Files (x86)\Java\jre6\bin\jusched.exe 4108 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe 4124 C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe 4376 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 4648 C:\Program Files\Windows Media Player\wmpnetwk.exe 3304 C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe 3496 C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe 4212 C:\Windows\System32\conhost.exe 4404 C:\Windows\System32\conhost.exe 4988 C:\Windows\System32\SearchProtocolHost.exe 4224 C:\Windows\System32\SearchFilterHost.exe 1416 C:\Windows\System32\svchost.exe 5564 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 4064 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 3388 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 5428 C:\Windows\System32\sppsvc.exe 1360 C:\Users\Morrow\Desktop\MBRCheck.exe 3976 C:\Windows\System32\conhost.exe\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`a1800000 (NTFS)PhysicalDrive0 Model Number: ST9160314AS, Rev: D005DEM1 Size Device Name MBR Status -------------------------------------------- 149 GB \\.\PhysicalDrive0 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79Done! Link to post Share on other sites More sharing options...
TheDarkKnight Posted August 31, 2012 ID:591924 Share Posted August 31, 2012 Hey morrowc. I think you did it! The only odd thing - maybe this is normal - but when I rebooted after running the TDSSKiller program I got a pop-up asking if I wanted to run a .exe file. It had a long random-looking file name and was made by "Kapersky Labs" or something like that. I hit cancel and windows booted no problems. Other that this, everything seems to be running great!Not sure about the exe file. Glad to hear things have improved.Just to be sure, please re-run TDSSKiller and post its new log in your reply. Link to post Share on other sites More sharing options...
morrowc Posted August 31, 2012 Author ID:591927 Share Posted August 31, 2012 Heres the TDSSKiller log:22:48:05.0056 4120 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:4822:48:05.0374 4120 ============================================================22:48:05.0374 4120 Current date / time: 2012/08/30 22:48:05.037422:48:05.0374 4120 SystemInfo:22:48:05.0374 4120 22:48:05.0374 4120 OS Version: 6.1.7601 ServicePack: 1.022:48:05.0374 4120 Product type: Workstation22:48:05.0374 4120 ComputerName: M11X22:48:05.0374 4120 UserName: Morrow22:48:05.0374 4120 Windows directory: C:\Windows22:48:05.0374 4120 System windows directory: C:\Windows22:48:05.0374 4120 Running under WOW6422:48:05.0374 4120 Processor architecture: Intel x6422:48:05.0374 4120 Number of processors: 222:48:05.0374 4120 Page size: 0x100022:48:05.0374 4120 Boot type: Normal boot22:48:05.0374 4120 ============================================================22:48:05.0592 4120 BG loaded22:48:06.0049 4120 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004022:48:06.0057 4120 ============================================================22:48:06.0057 4120 \Device\Harddisk0\DR0:22:48:06.0057 4120 MBR partitions:22:48:06.0057 4120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x37000, BlocksNum 0x24D500022:48:06.0057 4120 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x250C000, BlocksNum 0x1050D00022:48:06.0057 4120 ============================================================22:48:06.0102 4120 C: <-> \Device\Harddisk0\DR0\Partition222:48:06.0102 4120 ============================================================22:48:06.0102 4120 Initialize success22:48:06.0102 4120 ============================================================22:48:10.0283 5212 ============================================================22:48:10.0283 5212 Scan started22:48:10.0283 5212 Mode: Manual; 22:48:10.0283 5212 ============================================================22:48:10.0483 5212 ================ Scan system memory ========================22:48:10.0483 5212 System memory - ok22:48:10.0483 5212 ================ Scan services =============================22:48:10.0699 5212 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys22:48:10.0704 5212 1394ohci - ok22:48:10.0750 5212 [ D82BA16D731F1BEAD682E58E45454F29 ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys22:48:10.0751 5212 Acceler - ok22:48:10.0774 5212 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys22:48:10.0780 5212 ACPI - ok22:48:10.0820 5212 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys22:48:10.0822 5212 AcpiPmi - ok22:48:10.0978 5212 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe22:48:10.0980 5212 AdobeFlashPlayerUpdateSvc - ok22:48:11.0030 5212 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys22:48:11.0039 5212 adp94xx - ok22:48:11.0072 5212 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys22:48:11.0079 5212 adpahci - ok22:48:11.0099 5212 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys22:48:11.0104 5212 adpu320 - ok22:48:11.0139 5212 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll22:48:11.0140 5212 AeLookupSvc - ok22:48:11.0202 5212 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe22:48:11.0203 5212 AERTFilters - ok22:48:11.0265 5212 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys22:48:11.0269 5212 AFD - ok22:48:11.0320 5212 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys22:48:11.0323 5212 agp440 - ok22:48:11.0346 5212 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe22:48:11.0347 5212 ALG - ok22:48:11.0434 5212 [ A99E57669390F265D25288C8BA042D78 ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe22:48:11.0435 5212 AlienFusionService - ok22:48:11.0468 5212 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys22:48:11.0470 5212 aliide - ok22:48:11.0489 5212 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys22:48:11.0491 5212 amdide - ok22:48:11.0534 5212 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys22:48:11.0537 5212 AmdK8 - ok22:48:11.0550 5212 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys22:48:11.0553 5212 AmdPPM - ok22:48:11.0596 5212 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys22:48:11.0600 5212 amdsata - ok22:48:11.0615 5212 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys22:48:11.0620 5212 amdsbs - ok22:48:11.0639 5212 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys22:48:11.0641 5212 amdxata - ok22:48:11.0701 5212 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys22:48:11.0704 5212 AppID - ok22:48:11.0735 5212 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll22:48:11.0736 5212 AppIDSvc - ok22:48:11.0774 5212 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll22:48:11.0775 5212 Appinfo - ok22:48:11.0908 5212 [ 5AA788D5A2C6737BB9C45933985BC1B8 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe22:48:11.0910 5212 Apple Mobile Device - ok22:48:11.0932 5212 appliandMP - ok22:48:11.0980 5212 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys22:48:11.0983 5212 arc - ok22:48:11.0995 5212 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys22:48:11.0998 5212 arcsas - ok22:48:12.0108 5212 aspnet_state - ok22:48:12.0140 5212 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys22:48:12.0142 5212 AsyncMac - ok22:48:12.0186 5212 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys22:48:12.0188 5212 atapi - ok22:48:12.0239 5212 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys22:48:12.0241 5212 atksgt - ok22:48:12.0308 5212 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll22:48:12.0313 5212 AudioEndpointBuilder - ok22:48:12.0341 5212 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll22:48:12.0346 5212 AudioSrv - ok22:48:12.0427 5212 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll22:48:12.0428 5212 AxInstSV - ok22:48:12.0473 5212 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys22:48:12.0481 5212 b06bdrv - ok22:48:12.0526 5212 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys22:48:12.0532 5212 b57nd60a - ok22:48:12.0561 5212 [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys22:48:12.0562 5212 BCM42RLY - ok22:48:12.0658 5212 [ BAB887A2B2786310A966881F074F4A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys22:48:12.0679 5212 BCM43XX - ok22:48:12.0750 5212 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll22:48:12.0751 5212 BDESVC - ok22:48:12.0782 5212 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys22:48:12.0782 5212 Beep - ok22:48:12.0853 5212 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll22:48:12.0859 5212 BFE - ok22:48:12.0917 5212 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll22:48:12.0924 5212 BITS - ok22:48:12.0962 5212 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys22:48:12.0963 5212 blbdrive - ok22:48:13.0017 5212 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys22:48:13.0018 5212 bowser - ok22:48:13.0047 5212 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys22:48:13.0049 5212 BrFiltLo - ok22:48:13.0056 5212 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys22:48:13.0058 5212 BrFiltUp - ok22:48:13.0111 5212 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys22:48:13.0116 5212 BridgeMP - ok22:48:13.0156 5212 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll22:48:13.0157 5212 Browser - ok22:48:13.0179 5212 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys22:48:13.0185 5212 Brserid - ok22:48:13.0203 5212 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys22:48:13.0206 5212 BrSerWdm - ok22:48:13.0234 5212 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys22:48:13.0236 5212 BrUsbMdm - ok22:48:13.0251 5212 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys22:48:13.0253 5212 BrUsbSer - ok22:48:13.0273 5212 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys22:48:13.0276 5212 BTHMODEM - ok22:48:13.0308 5212 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll22:48:13.0309 5212 bthserv - ok22:48:13.0363 5212 [ 17BB17AF3420B1F82308082299710630 ] CamdAudio C:\Windows\system32\drivers\CamdAudio.sys22:48:13.0366 5212 CamdAudio - ok22:48:13.0400 5212 catchme - ok22:48:13.0438 5212 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys22:48:13.0440 5212 cdfs - ok22:48:13.0501 5212 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys22:48:13.0502 5212 cdrom - ok22:48:13.0547 5212 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll22:48:13.0548 5212 CertPropSvc - ok22:48:13.0580 5212 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys22:48:13.0582 5212 circlass - ok22:48:13.0619 5212 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys22:48:13.0622 5212 CLFS - ok22:48:13.0724 5212 [ DB26C2BA2AC0AB6BE1CFA59F61CE22DA ] CLHNServiceForPowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe22:48:13.0725 5212 CLHNServiceForPowerDVD - ok22:48:13.0764 5212 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe22:48:13.0765 5212 clr_optimization_v2.0.50727_32 - ok22:48:13.0825 5212 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe22:48:13.0826 5212 clr_optimization_v2.0.50727_64 - ok22:48:13.0934 5212 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe22:48:14.0080 5212 clr_optimization_v4.0.30319_32 - ok22:48:14.0164 5212 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe22:48:14.0258 5212 clr_optimization_v4.0.30319_64 - ok22:48:14.0310 5212 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys22:48:14.0311 5212 CmBatt - ok22:48:14.0320 5212 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys22:48:14.0322 5212 cmdide - ok22:48:14.0375 5212 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys22:48:14.0384 5212 CNG - ok22:48:14.0397 5212 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys22:48:14.0399 5212 Compbatt - ok22:48:14.0441 5212 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys22:48:14.0442 5212 CompositeBus - ok22:48:14.0452 5212 COMSysApp - ok22:48:14.0465 5212 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys22:48:14.0468 5212 crcdisk - ok22:48:14.0517 5212 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll22:48:14.0519 5212 CryptSvc - ok22:48:14.0590 5212 [ E27D60E5A51EEDF9A57F5B69A9A6457D ] CyberLink PowerDVD 11.0 Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe22:48:14.0591 5212 CyberLink PowerDVD 11.0 Monitor Service - ok22:48:14.0627 5212 [ 857943A77B06AC056771A3B12CD318DD ] CyberLink PowerDVD 11.0 Service C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe22:48:14.0629 5212 CyberLink PowerDVD 11.0 Service - ok22:48:14.0688 5212 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll22:48:14.0693 5212 DcomLaunch - ok22:48:14.0726 5212 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll22:48:14.0729 5212 defragsvc - ok22:48:14.0763 5212 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys22:48:14.0764 5212 DfsC - ok22:48:14.0809 5212 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll22:48:14.0811 5212 Dhcp - ok22:48:14.0835 5212 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys22:48:14.0836 5212 discache - ok22:48:14.0875 5212 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys22:48:14.0878 5212 Disk - ok22:48:14.0922 5212 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll22:48:14.0924 5212 Dnscache - ok22:48:14.0988 5212 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll22:48:14.0991 5212 dot3svc - ok22:48:15.0028 5212 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll22:48:15.0030 5212 DPS - ok22:48:15.0062 5212 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys22:48:15.0064 5212 drmkaud - ok22:48:15.0118 5212 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys22:48:15.0125 5212 DXGKrnl - ok22:48:15.0172 5212 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll22:48:15.0174 5212 EapHost - ok22:48:15.0271 5212 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys22:48:15.0494 5212 ebdrv - ok22:48:15.0538 5212 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe22:48:15.0540 5212 EFS - ok22:48:15.0631 5212 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe22:48:15.0636 5212 ehRecvr - ok22:48:15.0668 5212 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe22:48:15.0669 5212 ehSched - ok22:48:15.0714 5212 [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys22:48:15.0715 5212 ElbyCDIO - ok22:48:15.0768 5212 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys22:48:15.0778 5212 elxstor - ok22:48:15.0812 5212 [ E47D9D7E6E53892FC97282482F4AE307 ] EMSC C:\Windows\system32\DRIVERS\EMSC.SYS22:48:15.0815 5212 EMSC - ok22:48:15.0853 5212 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys22:48:15.0854 5212 ErrDev - ok22:48:15.0898 5212 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll22:48:15.0902 5212 EventSystem - ok22:48:15.0932 5212 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys22:48:15.0937 5212 exfat - ok22:48:15.0983 5212 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys22:48:15.0984 5212 FACAP - ok22:48:16.0115 5212 [ 53E30A6E86AA93C0FFC0BC0439E3E636 ] FAService C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe22:48:16.0133 5212 FAService - ok22:48:16.0173 5212 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys22:48:16.0178 5212 fastfat - ok22:48:16.0236 5212 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe22:48:16.0242 5212 Fax - ok22:48:16.0262 5212 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys22:48:16.0265 5212 fdc - ok22:48:16.0288 5212 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll22:48:16.0289 5212 fdPHost - ok22:48:16.0310 5212 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll22:48:16.0311 5212 FDResPub - ok22:48:16.0329 5212 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys22:48:16.0330 5212 FileInfo - ok22:48:16.0344 5212 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys22:48:16.0345 5212 Filetrace - ok22:48:16.0362 5212 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys22:48:16.0364 5212 flpydisk - ok22:48:16.0440 5212 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys22:48:16.0443 5212 FltMgr - ok22:48:16.0499 5212 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll22:48:16.0507 5212 FontCache - ok22:48:16.0564 5212 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe22:48:16.0564 5212 FontCache3.0.0.0 - ok22:48:16.0601 5212 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys22:48:16.0602 5212 FsDepends - ok22:48:16.0648 5212 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys22:48:16.0650 5212 Fs_Rec - ok22:48:16.0704 5212 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys22:48:16.0706 5212 fvevol - ok22:48:16.0735 5212 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys22:48:16.0738 5212 gagp30kx - ok22:48:16.0791 5212 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll22:48:16.0797 5212 gpsvc - ok22:48:16.0912 5212 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe22:48:16.0913 5212 gupdate - ok22:48:16.0947 5212 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe22:48:16.0948 5212 gupdatem - ok22:48:16.0974 5212 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe22:48:16.0976 5212 gusvc - ok22:48:17.0017 5212 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys22:48:17.0019 5212 hcw85cir - ok22:48:17.0059 5212 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys22:48:17.0060 5212 HDAudBus - ok22:48:17.0066 5212 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys22:48:17.0068 5212 HidBatt - ok22:48:17.0089 5212 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys22:48:17.0092 5212 HidBth - ok22:48:17.0106 5212 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys22:48:17.0108 5212 HidIr - ok22:48:17.0143 5212 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll22:48:17.0144 5212 hidserv - ok22:48:17.0174 5212 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys22:48:17.0174 5212 HidUsb - ok22:48:17.0212 5212 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll22:48:17.0214 5212 hkmsvc - ok22:48:17.0256 5212 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll22:48:17.0259 5212 HomeGroupListener - ok22:48:17.0296 5212 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll22:48:17.0299 5212 HomeGroupProvider - ok22:48:17.0334 5212 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys22:48:17.0336 5212 HpSAMD - ok22:48:17.0382 5212 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys22:48:17.0387 5212 HTTP - ok22:48:17.0417 5212 hwinterface - ok22:48:17.0455 5212 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys22:48:17.0455 5212 hwpolicy - ok22:48:17.0506 5212 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys22:48:17.0507 5212 i8042prt - ok22:48:17.0550 5212 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys22:48:17.0554 5212 iaStor - ok22:48:17.0619 5212 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe22:48:17.0620 5212 IAStorDataMgrSvc - ok22:48:17.0656 5212 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys22:48:17.0664 5212 iaStorV - ok22:48:17.0721 5212 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe22:48:17.0722 5212 IDriverT - ok22:48:17.0792 5212 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe22:48:17.0799 5212 idsvc - ok22:48:17.0980 5212 [ 70B0763C05C18B6FA18B18631A74ECDE ] IDVaultSvc C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe22:48:17.0981 5212 IDVaultSvc - ok22:48:18.0257 5212 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys22:48:18.0506 5212 igfx - ok22:48:18.0554 5212 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys22:48:18.0557 5212 iirsp - ok22:48:18.0619 5212 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll22:48:18.0626 5212 IKEEXT - ok22:48:18.0672 5212 [ 57AE484D280AEBD405F65166363E98DC ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe22:48:18.0673 5212 InstallFilterService - ok22:48:18.0752 5212 [ 0ADF714079AE174A39D69036143E4C50 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys22:48:18.0769 5212 IntcAzAudAddService - ok22:48:18.0809 5212 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys22:48:18.0812 5212 intelide - ok22:48:18.0846 5212 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys22:48:18.0847 5212 intelppm - ok22:48:18.0908 5212 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll22:48:18.0910 5212 IPBusEnum - ok22:48:18.0941 5212 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys22:48:18.0944 5212 IpFilterDriver - ok22:48:19.0002 5212 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll22:48:19.0007 5212 iphlpsvc - ok22:48:19.0042 5212 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys22:48:19.0044 5212 IPMIDRV - ok22:48:19.0071 5212 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys22:48:19.0074 5212 IPNAT - ok22:48:19.0096 5212 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys22:48:19.0097 5212 IRENUM - ok22:48:19.0113 5212 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys22:48:19.0116 5212 isapnp - ok22:48:19.0160 5212 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys22:48:19.0165 5212 iScsiPrt - ok22:48:19.0191 5212 [ 5BD76F820656AEAA2DCE66EED8DA84B9 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys22:48:19.0192 5212 JMCR - ok22:48:19.0221 5212 [ E662CB468A1CFF3A57E120A212FADD57 ] johci C:\Windows\system32\DRIVERS\johci.sys22:48:19.0223 5212 johci - ok22:48:19.0247 5212 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys22:48:19.0248 5212 kbdclass - ok22:48:19.0275 5212 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys22:48:19.0276 5212 kbdhid - ok22:48:19.0291 5212 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe22:48:19.0292 5212 KeyIso - ok22:48:19.0334 5212 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys22:48:19.0337 5212 KSecDD - ok22:48:19.0381 5212 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys22:48:19.0386 5212 KSecPkg - ok22:48:19.0425 5212 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys22:48:19.0425 5212 ksthunk - ok22:48:19.0462 5212 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll22:48:19.0470 5212 KtmRm - ok22:48:19.0504 5212 [ 9C46A5421DE9D116C47155317CABB522 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys22:48:19.0505 5212 L1C - ok22:48:19.0573 5212 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll22:48:19.0576 5212 LanmanServer - ok22:48:19.0622 5212 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll22:48:19.0625 5212 LanmanWorkstation - ok22:48:19.0758 5212 [ 4ADC135F525D38A498F83B089228CC2D ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe22:48:19.0761 5212 LBTServ - ok22:48:19.0788 5212 [ 00BA093A3F316D43A4C3E098A96AE912 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys22:48:19.0792 5212 LEqdUsb - ok22:48:19.0814 5212 [ 3067CFAD2BAA4A208130CD0AFB130BC9 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys22:48:19.0816 5212 LHidEqd - ok22:48:19.0839 5212 [ 24E09882BA51B9830AE029888A3AAF18 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys22:48:19.0841 5212 LHidFilt - ok22:48:19.0883 5212 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys22:48:19.0884 5212 lirsgt - ok22:48:19.0919 5212 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys22:48:19.0920 5212 lltdio - ok22:48:19.0953 5212 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll22:48:19.0960 5212 lltdsvc - ok22:48:19.0978 5212 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll22:48:19.0979 5212 lmhosts - ok22:48:19.0997 5212 [ 2F94325D8C10E2B715F3D753C2422AAC ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys22:48:20.0000 5212 LMouFilt - ok22:48:20.0033 5212 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys22:48:20.0038 5212 LSI_FC - ok22:48:20.0054 5212 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys22:48:20.0057 5212 LSI_SAS - ok22:48:20.0074 5212 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys22:48:20.0078 5212 LSI_SAS2 - ok22:48:20.0084 5212 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys22:48:20.0086 5212 LSI_SCSI - ok22:48:20.0115 5212 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys22:48:20.0117 5212 luafv - ok22:48:20.0183 5212 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys22:48:20.0183 5212 MBAMProtector - ok22:48:20.0270 5212 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe22:48:20.0274 5212 MBAMService - ok22:48:20.0323 5212 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll22:48:20.0326 5212 Mcx2Svc - ok22:48:20.0350 5212 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys22:48:20.0353 5212 megasas - ok22:48:20.0376 5212 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys22:48:20.0382 5212 MegaSR - ok22:48:20.0400 5212 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll22:48:20.0402 5212 MMCSS - ok22:48:20.0416 5212 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys22:48:20.0419 5212 Modem - ok22:48:20.0446 5212 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys22:48:20.0447 5212 monitor - ok22:48:20.0508 5212 [ 16F9F464DA6E02A020BCE626C56A1797 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys22:48:20.0511 5212 MotioninJoyXFilter - ok22:48:20.0536 5212 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys22:48:20.0537 5212 mouclass - ok22:48:20.0565 5212 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys22:48:20.0566 5212 mouhid - ok22:48:20.0620 5212 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys22:48:20.0621 5212 mountmgr - ok22:48:20.0665 5212 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys22:48:20.0669 5212 mpio - ok22:48:20.0688 5212 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys22:48:20.0689 5212 mpsdrv - ok22:48:20.0746 5212 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll22:48:20.0753 5212 MpsSvc - ok22:48:20.0803 5212 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys22:48:20.0807 5212 MRxDAV - ok22:48:20.0850 5212 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys22:48:20.0851 5212 mrxsmb - ok22:48:20.0889 5212 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys22:48:20.0892 5212 mrxsmb10 - ok22:48:20.0925 5212 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys22:48:20.0927 5212 mrxsmb20 - ok22:48:20.0966 5212 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys22:48:20.0968 5212 msahci - ok22:48:21.0012 5212 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys22:48:21.0016 5212 msdsm - ok22:48:21.0040 5212 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe22:48:21.0045 5212 MSDTC - ok22:48:21.0088 5212 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys22:48:21.0089 5212 Msfs - ok22:48:21.0106 5212 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys22:48:21.0107 5212 mshidkmdf - ok22:48:21.0119 5212 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys22:48:21.0121 5212 msisadrv - ok22:48:21.0139 5212 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll22:48:21.0144 5212 MSiSCSI - ok22:48:21.0150 5212 msiserver - ok22:48:21.0182 5212 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys22:48:21.0185 5212 MSKSSRV - ok22:48:21.0200 5212 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys22:48:21.0201 5212 MSPCLOCK - ok22:48:21.0217 5212 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys22:48:21.0218 5212 MSPQM - ok22:48:21.0254 5212 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys22:48:21.0261 5212 MsRPC - ok22:48:21.0301 5212 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys22:48:21.0302 5212 mssmbios - ok22:48:21.0308 5212 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys22:48:21.0311 5212 MSTEE - ok22:48:21.0316 5212 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys22:48:21.0318 5212 MTConfig - ok22:48:21.0335 5212 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys22:48:21.0335 5212 Mup - ok22:48:21.0383 5212 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll22:48:21.0388 5212 napagent - ok22:48:21.0424 5212 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys22:48:21.0426 5212 NativeWifiP - ok22:48:21.0467 5212 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys22:48:21.0474 5212 NDIS - ok22:48:21.0493 5212 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys22:48:21.0495 5212 NdisCap - ok22:48:21.0514 5212 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys22:48:21.0515 5212 NdisTapi - ok22:48:21.0561 5212 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys22:48:21.0562 5212 Ndisuio - ok22:48:21.0606 5212 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys22:48:21.0607 5212 NdisWan - ok22:48:21.0639 5212 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys22:48:21.0640 5212 NDProxy - ok22:48:21.0686 5212 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys22:48:21.0687 5212 NetBIOS - ok22:48:21.0731 5212 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys22:48:21.0733 5212 NetBT - ok22:48:21.0756 5212 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe22:48:21.0757 5212 Netlogon - ok22:48:21.0803 5212 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll22:48:21.0807 5212 Netman - ok22:48:21.0856 5212 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe22:48:21.0868 5212 NetMsmqActivator - ok22:48:21.0908 5212 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe22:48:21.0910 5212 NetPipeActivator - ok22:48:21.0938 5212 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll22:48:21.0943 5212 netprofm - ok22:48:21.0959 5212 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe22:48:21.0960 5212 NetTcpActivator - ok22:48:21.0966 5212 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe22:48:21.0968 5212 NetTcpPortSharing - ok22:48:22.0005 5212 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys22:48:22.0007 5212 nfrd960 - ok22:48:22.0060 5212 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll22:48:22.0063 5212 NlaSvc - ok22:48:22.0079 5212 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys22:48:22.0079 5212 Npfs - ok22:48:22.0102 5212 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll22:48:22.0104 5212 nsi - ok22:48:22.0118 5212 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys22:48:22.0119 5212 nsiproxy - ok22:48:22.0196 5212 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys22:48:22.0252 5212 Ntfs - ok22:48:22.0312 5212 [ 7420B2E1F65642129B6E23BD42F752AA ] ntk_PowerDVD C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys22:48:22.0313 5212 ntk_PowerDVD - ok22:48:22.0346 5212 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys22:48:22.0347 5212 Null - ok22:48:22.0382 5212 [ 10204955027011E08A9DC27737A48A54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys22:48:22.0384 5212 NVHDA - ok22:48:22.0702 5212 [ B15258B1F45F9571758AC6BB2F043B01 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys22:48:22.0793 5212 nvlddmkm - ok22:48:22.0839 5212 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys22:48:22.0843 5212 nvraid - ok22:48:22.0856 5212 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys22:48:22.0860 5212 nvstor - ok22:48:22.0946 5212 [ 2D7092FEC9BD2ACA199673BBA2BA9277 ] nvsvc C:\Windows\system32\nvvsvc.exe22:48:22.0959 5212 nvsvc - ok22:48:23.0125 5212 [ 7E22DE30E222BFDFCEC7E77032BAF3CD ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe22:48:23.0141 5212 nvUpdatusService - ok22:48:23.0220 5212 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys22:48:23.0223 5212 nv_agp - ok22:48:23.0235 5212 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys22:48:23.0236 5212 ohci1394 - ok22:48:23.0334 5212 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE22:48:23.0335 5212 ose - ok22:48:23.0367 5212 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll22:48:23.0371 5212 p2pimsvc - ok22:48:23.0399 5212 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll22:48:23.0403 5212 p2psvc - ok22:48:23.0438 5212 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys22:48:23.0441 5212 Parport - ok22:48:23.0474 5212 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys22:48:23.0475 5212 partmgr - ok22:48:23.0494 5212 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll22:48:23.0497 5212 PcaSvc - ok22:48:23.0539 5212 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys22:48:23.0543 5212 pci - ok22:48:23.0560 5212 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys22:48:23.0563 5212 pciide - ok22:48:23.0581 5212 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys22:48:23.0586 5212 pcmcia - ok22:48:23.0603 5212 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys22:48:23.0605 5212 pcw - ok22:48:23.0641 5212 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys22:48:23.0645 5212 PEAUTH - ok22:48:23.0752 5212 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe22:48:23.0753 5212 PerfHost - ok22:48:23.0837 5212 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll22:48:23.0848 5212 pla - ok22:48:23.0910 5212 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll22:48:23.0915 5212 PlugPlay - ok22:48:23.0942 5212 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll22:48:23.0944 5212 PNRPAutoReg - ok22:48:23.0972 5212 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll22:48:23.0976 5212 PNRPsvc - ok22:48:24.0023 5212 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll22:48:24.0032 5212 PolicyAgent - ok22:48:24.0067 5212 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll22:48:24.0071 5212 Power - ok22:48:24.0119 5212 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys22:48:24.0120 5212 PptpMiniport - ok22:48:24.0126 5212 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys22:48:24.0129 5212 Processor - ok22:48:24.0144 5212 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll22:48:24.0147 5212 ProfSvc - ok22:48:24.0166 5212 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe22:48:24.0167 5212 ProtectedStorage - ok22:48:24.0213 5212 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys22:48:24.0215 5212 Psched - ok22:48:24.0275 5212 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys22:48:24.0322 5212 ql2300 - ok22:48:24.0344 5212 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys22:48:24.0348 5212 ql40xx - ok22:48:24.0384 5212 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll22:48:24.0387 5212 QWAVE - ok22:48:24.0400 5212 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys22:48:24.0401 5212 QWAVEdrv - ok22:48:24.0416 5212 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys22:48:24.0418 5212 RasAcd - ok22:48:24.0456 5212 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys22:48:24.0457 5212 RasAgileVpn - ok22:48:24.0472 5212 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll22:48:24.0474 5212 RasAuto - ok22:48:24.0513 5212 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys22:48:24.0514 5212 Rasl2tp - ok22:48:24.0561 5212 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll22:48:24.0565 5212 RasMan - ok22:48:24.0586 5212 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys22:48:24.0587 5212 RasPppoe - ok22:48:24.0597 5212 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys22:48:24.0598 5212 RasSstp - ok22:48:24.0640 5212 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys22:48:24.0643 5212 rdbss - ok22:48:24.0653 5212 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys22:48:24.0655 5212 rdpbus - ok22:48:24.0665 5212 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys22:48:24.0665 5212 RDPCDD - ok22:48:24.0702 5212 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys22:48:24.0702 5212 RDPENCDD - ok22:48:24.0712 5212 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys22:48:24.0713 5212 RDPREFMP - ok22:48:24.0757 5212 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys22:48:24.0762 5212 RDPWD - ok22:48:24.0798 5212 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys22:48:24.0803 5212 rdyboost - ok22:48:24.0825 5212 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll22:48:24.0827 5212 RemoteAccess - ok22:48:24.0849 5212 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll22:48:24.0852 5212 RemoteRegistry - ok22:48:24.0870 5212 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll22:48:24.0873 5212 RpcEptMapper - ok22:48:24.0891 5212 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe22:48:24.0893 5212 RpcLocator - ok22:48:24.0944 5212 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll22:48:24.0949 5212 RpcSs - ok22:48:24.0976 5212 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys22:48:24.0977 5212 rspndr - ok22:48:24.0991 5212 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe22:48:24.0993 5212 SamSs - ok22:48:25.0038 5212 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys22:48:25.0042 5212 sbp2port - ok22:48:25.0072 5212 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll22:48:25.0075 5212 SCardSvr - ok22:48:25.0115 5212 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys22:48:25.0115 5212 scfilter - ok22:48:25.0179 5212 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll22:48:25.0189 5212 Schedule - ok22:48:25.0234 5212 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll22:48:25.0235 5212 SCPolicySvc - ok22:48:25.0279 5212 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll22:48:25.0282 5212 SDRSVC - ok22:48:25.0322 5212 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys22:48:25.0323 5212 secdrv - ok22:48:25.0368 5212 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll22:48:25.0370 5212 seclogon - ok22:48:25.0391 5212 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll22:48:25.0393 5212 SENS - ok22:48:25.0412 5212 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll22:48:25.0414 5212 SensrSvc - ok22:48:25.0428 5212 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys22:48:25.0430 5212 Serenum - ok22:48:25.0456 5212 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys22:48:25.0459 5212 Serial - ok22:48:25.0515 5212 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys22:48:25.0518 5212 sermouse - ok22:48:25.0563 5212 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll22:48:25.0565 5212 SessionEnv - ok22:48:25.0603 5212 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys22:48:25.0605 5212 sffdisk - ok22:48:25.0621 5212 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys22:48:25.0623 5212 sffp_mmc - ok22:48:25.0633 5212 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys22:48:25.0635 5212 sffp_sd - ok22:48:25.0663 5212 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys22:48:25.0667 5212 sfloppy - ok22:48:25.0712 5212 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll22:48:25.0716 5212 SharedAccess - ok22:48:25.0754 5212 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll22:48:25.0758 5212 ShellHWDetection - ok22:48:25.0783 5212 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys22:48:25.0786 5212 SiSRaid2 - ok22:48:25.0795 5212 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys22:48:25.0798 5212 SiSRaid4 - ok22:48:25.0825 5212 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys22:48:25.0828 5212 Smb - ok22:48:25.0890 5212 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe22:48:25.0892 5212 SNMPTRAP - ok22:48:25.0905 5212 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys22:48:25.0907 5212 spldr - ok22:48:25.0955 5212 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe22:48:25.0960 5212 Spooler - ok22:48:26.0071 5212 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe22:48:26.0100 5212 sppsvc - ok22:48:26.0131 5212 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll22:48:26.0133 5212 sppuinotify - ok22:48:26.0180 5212 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys22:48:26.0184 5212 srv - ok22:48:26.0231 5212 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys22:48:26.0235 5212 srv2 - ok22:48:26.0258 5212 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys22:48:26.0259 5212 srvnet - ok22:48:26.0295 5212 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll22:48:26.0298 5212 SSDPSRV - ok22:48:26.0351 5212 SSHDRV65 - ok22:48:26.0383 5212 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll22:48:26.0385 5212 SstpSvc - ok22:48:26.0406 5212 [ 3D69F5F3BEB8AA28D7F46F5548B8D6D7 ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys22:48:26.0408 5212 stdflt - ok22:48:26.0427 5212 Steam Client Service - ok22:48:26.0527 5212 [ 9E1222C417291BC836210743624A8E5E ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe22:48:26.0530 5212 Stereo Service - ok22:48:26.0560 5212 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys22:48:26.0562 5212 stexstor - ok22:48:26.0612 5212 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll22:48:26.0618 5212 stisvc - ok22:48:26.0661 5212 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys22:48:26.0661 5212 swenum - ok22:48:26.0705 5212 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll22:48:26.0711 5212 swprv - ok22:48:26.0765 5212 [ BE2B928DE9AF2848289DB7A54C7E2398 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys22:48:26.0767 5212 SynTP - ok22:48:26.0849 5212 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll22:48:26.0863 5212 SysMain - ok22:48:26.0912 5212 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll22:48:26.0914 5212 TabletInputService - ok22:48:26.0958 5212 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll22:48:26.0962 5212 TapiSrv - ok22:48:26.0987 5212 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll22:48:26.0990 5212 TBS - ok22:48:27.0069 5212 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys22:48:27.0136 5212 Tcpip - ok22:48:27.0201 5212 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys22:48:27.0214 5212 TCPIP6 - ok22:48:27.0261 5212 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys22:48:27.0262 5212 tcpipreg - ok22:48:27.0291 5212 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys22:48:27.0293 5212 TDPIPE - ok22:48:27.0323 5212 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys22:48:27.0325 5212 TDTCP - ok22:48:27.0368 5212 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys22:48:27.0369 5212 tdx - ok22:48:27.0404 5212 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys22:48:27.0405 5212 TermDD - ok22:48:27.0459 5212 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll22:48:27.0466 5212 TermService - ok22:48:27.0499 5212 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll22:48:27.0502 5212 Themes - ok22:48:27.0519 5212 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll22:48:27.0521 5212 THREADORDER - ok22:48:27.0555 5212 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll22:48:27.0558 5212 TrkWks - ok22:48:27.0623 5212 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe22:48:27.0624 5212 TrustedInstaller - ok22:48:27.0668 5212 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys22:48:27.0669 5212 tssecsrv - ok22:48:27.0706 5212 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys22:48:27.0708 5212 TsUsbFlt - ok22:48:27.0764 5212 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys22:48:27.0766 5212 tunnel - ok22:48:27.0793 5212 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys22:48:27.0796 5212 uagp35 - ok22:48:27.0832 5212 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys22:48:27.0839 5212 udfs - ok22:48:27.0874 5212 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe22:48:27.0876 5212 UI0Detect - ok22:48:27.0906 5212 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys22:48:27.0908 5212 uliagpkx - ok22:48:27.0941 5212 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys22:48:27.0942 5212 umbus - ok22:48:27.0961 5212 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys22:48:27.0963 5212 UmPass - ok22:48:28.0002 5212 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll22:48:28.0006 5212 upnphost - ok22:48:28.0054 5212 [ F724B03C3DFAACF08D17D38BF3333583 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys22:48:28.0057 5212 USBAAPL64 - ok22:48:28.0075 5212 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys22:48:28.0077 5212 usbccgp - ok22:48:28.0120 5212 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys22:48:28.0123 5212 usbcir - ok22:48:28.0142 5212 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys22:48:28.0143 5212 usbehci - ok22:48:28.0180 5212 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys22:48:28.0182 5212 usbhub - ok22:48:28.0193 5212 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys22:48:28.0196 5212 usbohci - ok22:48:28.0231 5212 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys22:48:28.0233 5212 usbprint - ok22:48:28.0278 5212 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys22:48:28.0281 5212 usbscan - ok22:48:28.0297 5212 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS22:48:28.0299 5212 USBSTOR - ok22:48:28.0317 5212 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys22:48:28.0318 5212 usbuhci - ok22:48:28.0359 5212 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys22:48:28.0361 5212 usbvideo - ok22:48:28.0395 5212 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll22:48:28.0397 5212 UxSms - ok22:48:28.0413 5212 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe22:48:28.0415 5212 VaultSvc - ok22:48:28.0466 5212 [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys22:48:28.0467 5212 VClone - ok22:48:28.0475 5212 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys22:48:28.0477 5212 vdrvroot - ok22:48:28.0519 5212 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe22:48:28.0524 5212 vds - ok22:48:28.0564 5212 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys22:48:28.0566 5212 vga - ok22:48:28.0593 5212 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys22:48:28.0594 5212 VgaSave - ok22:48:28.0614 5212 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys22:48:28.0619 5212 vhdmp - ok22:48:28.0635 5212 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys22:48:28.0637 5212 viaide - ok22:48:28.0655 5212 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys22:48:28.0658 5212 volmgr - ok22:48:28.0701 5212 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys22:48:28.0704 5212 volmgrx - ok22:48:28.0728 5212 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys22:48:28.0734 5212 volsnap - ok22:48:28.0772 5212 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys22:48:28.0777 5212 vsmraid - ok22:48:28.0846 5212 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe22:48:28.0859 5212 VSS - ok22:48:28.0893 5212 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys22:48:28.0893 5212 vwifibus - ok22:48:28.0911 5212 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys22:48:28.0912 5212 vwififlt - ok22:48:28.0953 5212 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll22:48:28.0957 5212 W32Time - ok22:48:28.0980 5212 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys22:48:28.0982 5212 WacomPen - ok22:48:29.0027 5212 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys22:48:29.0028 5212 WANARP - ok22:48:29.0034 5212 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys22:48:29.0035 5212 Wanarpv6 - ok22:48:29.0100 5212 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe22:48:29.0133 5212 WatAdminSvc - ok22:48:29.0203 5212 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe22:48:29.0218 5212 wbengine - ok22:48:29.0267 5212 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll22:48:29.0271 5212 WbioSrvc - ok22:48:29.0315 5212 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll22:48:29.0320 5212 wcncsvc - ok22:48:29.0333 5212 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll22:48:29.0335 5212 WcsPlugInService - ok22:48:29.0366 5212 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys22:48:29.0368 5212 Wd - ok22:48:29.0393 5212 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys22:48:29.0403 5212 Wdf01000 - ok22:48:29.0418 5212 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll22:48:29.0420 5212 WdiServiceHost - ok22:48:29.0426 5212 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll22:48:29.0429 5212 WdiSystemHost - ok22:48:29.0459 5212 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll22:48:29.0463 5212 WebClient - ok22:48:29.0482 5212 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll22:48:29.0486 5212 Wecsvc - ok22:48:29.0505 5212 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll22:48:29.0507 5212 wercplsupport - ok22:48:29.0529 5212 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll22:48:29.0532 5212 WerSvc - ok22:48:29.0567 5212 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys22:48:29.0568 5212 WfpLwf - ok22:48:29.0580 5212 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys22:48:29.0582 5212 WIMMount - ok22:48:29.0613 5212 WinDefend - ok22:48:29.0706 5212 [ 8258726D076C8FFF994F468712DDFBAB ] WindowBlinds C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe22:48:29.0709 5212 WindowBlinds - ok22:48:29.0719 5212 WinHttpAutoProxySvc - ok22:48:29.0795 5212 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll22:48:29.0797 5212 Winmgmt - ok22:48:29.0878 5212 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll22:48:29.0894 5212 WinRM - ok22:48:29.0946 5212 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys22:48:29.0948 5212 WinUsb - ok22:48:30.0002 5212 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll22:48:30.0010 5212 Wlansvc - ok22:48:30.0064 5212 [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE22:48:30.0065 5212 wltrysvc - ok22:48:30.0083 5212 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys22:48:30.0084 5212 WmiAcpi - ok22:48:30.0119 5212 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe22:48:30.0121 5212 wmiApSrv - ok22:48:30.0136 5212 WMPNetworkSvc - ok22:48:30.0164 5212 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll22:48:30.0167 5212 WPCSvc - ok22:48:30.0203 5212 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll22:48:30.0206 5212 WPDBusEnum - ok22:48:30.0231 5212 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys22:48:30.0232 5212 ws2ifsl - ok22:48:30.0251 5212 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll22:48:30.0254 5212 wscsvc - ok22:48:30.0258 5212 WSearch - ok22:48:30.0362 5212 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll22:48:30.0381 5212 wuauserv - ok22:48:30.0422 5212 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys22:48:30.0423 5212 WudfPf - ok22:48:30.0487 5212 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys22:48:30.0492 5212 WUDFRd - ok22:48:30.0535 5212 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll22:48:30.0538 5212 wudfsvc - ok22:48:30.0567 5212 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll22:48:30.0571 5212 WwanSvc - ok22:48:30.0619 5212 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys22:48:30.0621 5212 xusb21 - ok22:48:30.0752 5212 [ 1870A74EE2901CA09FFBFE79A5EE0E94 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl22:48:30.0754 5212 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok22:48:30.0762 5212 ================ Scan global ===============================22:48:30.0789 5212 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll22:48:30.0832 5212 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll22:48:30.0842 5212 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll22:48:30.0861 5212 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll22:48:30.0884 5212 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe22:48:30.0888 5212 [Global] - ok22:48:30.0889 5212 ================ Scan MBR ==================================22:48:30.0909 5212 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR022:48:31.0348 5212 \Device\Harddisk0\DR0 - ok22:48:31.0349 5212 ================ Scan VBR ==================================22:48:31.0353 5212 [ 5806C202976ADC39B3C413B6547AA2C6 ] \Device\Harddisk0\DR0\Partition122:48:31.0356 5212 \Device\Harddisk0\DR0\Partition1 - ok22:48:31.0386 5212 [ 4D55015D9359D71A23786EB6C9A45EFF ] \Device\Harddisk0\DR0\Partition222:48:31.0389 5212 \Device\Harddisk0\DR0\Partition2 - ok22:48:31.0389 5212 ============================================================22:48:31.0389 5212 Scan finished22:48:31.0389 5212 ============================================================22:48:31.0403 5064 Detected object count: 022:48:31.0403 5064 Actual detected object count: 0 Link to post Share on other sites More sharing options...
TheDarkKnight Posted August 31, 2012 ID:591942 Share Posted August 31, 2012 Hey morrowc. Please run a free online scan with the ESET Online Scanner.Note: You can use Internet Explorer or Mozilla Firefox for this scan.Tick the box next to YES, I accept the Terms of Use.Click Start.When asked, allow the ActiveX control to install.Click Start.Make sure that the option Remove found threats is unchecked and the option Scan unwanted applications is checked.Click Scan.Wait for the scan to finish.Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt.Copy and paste that log as a reply to this topic. Link to post Share on other sites More sharing options...
morrowc Posted September 1, 2012 Author ID:592341 Share Posted September 1, 2012 <p>Hello,</p><p> </p><p>Here's the log from ESET (25 threats found)</p><p> </p><p> </p><div>ESETSmartInstaller@High as downloader log:</div><div>all ok</div><div># version=7</div><div># OnlineScannerApp.exe=1.0.0.1</div><div># OnlineScanner.ocx=1.0.0.6583</div><div># api_version=3.0.2</div><div># EOSSerial=a8e24247996d8a49bcb91a3f9e338f2e</div><div># end=finished</div><div># remove_checked=false</div><div># archives_checked=false</div><div># unwanted_checked=true</div><div># unsafe_checked=false</div><div># antistealth_checked=true</div><div># utc_time=2012-09-01 03:30:57</div><div># local_time=2012-08-31 10:30:57 (-0600, Central Daylight Time)</div><div># country="United States"</div><div># lang=1033</div><div># osver=6.1.7601 NT Service Pack 1</div><div># compatibility_mode=5893 16776574 100 94 4088688 98008936 0 0</div><div># compatibility_mode=8192 67108863 100 0 0 0 0 0</div><div># scanned=236397</div><div># found=25</div><div># cleaned=0</div><div># scan_time=4771</div><div>C:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$R2DCFR8.mbr<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AXY trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$RF8ELEX.mbr<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AXY trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$RH0B3QC.mbr<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AXY trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$RM24J0G.mbr<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AXY trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$RMLF1GO.mbr<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AXY trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$RRK35VD.mbr<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AXY trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L1T1V55O\fpi[9].htm<span class="Apple-tab-span" style="white-space:pre"> </span>HTML/ScrInject.B.Gen virus (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0003.dta<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AWO trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0004.dta<span class="Apple-tab-span" style="white-space:pre"> </span>Win64/Olmarik.X trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0005.dta<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AWO trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0006.dta<span class="Apple-tab-span" style="white-space:pre"> </span>Win64/Olmarik.AC trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0007.dta<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AWO trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0008.dta<span class="Apple-tab-span" style="white-space:pre"> </span>Win64/Olmarik.Z trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0010.dta<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AYG trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Users\Morrow\Downloads\blu-ray-creator-express.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Toolbar.Zugo application (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Users\Morrow\Downloads\Dump_DR0.mbr<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AXY trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Users\Morrow\Downloads\Dump_Hdd0_DR0.mbr<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Olmarik.AXY trojan (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1987OBKX\fpi[1].htm<span class="Apple-tab-span" style="white-space:pre"> </span>HTML/ScrInject.B.Gen virus (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8068ULBY\station-approvalspot_com[1].txt<span class="Apple-tab-span" style="white-space:pre"> </span>HTML/ScrInject.B.Gen virus (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUVC5FIY\favorites[1].txt<span class="Apple-tab-span" style="white-space:pre"> </span>HTML/ScrInject.B.Gen virus (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUVC5FIY\fpi[1].htm<span class="Apple-tab-span" style="white-space:pre"> </span>HTML/ScrInject.B.Gen virus (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1987OBKX\fpi[1].htm<span class="Apple-tab-span" style="white-space:pre"> </span>HTML/ScrInject.B.Gen virus (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8068ULBY\station-approvalspot_com[1].txt<span class="Apple-tab-span" style="white-space:pre"> </span>HTML/ScrInject.B.Gen virus (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUVC5FIY\favorites[1].txt<span class="Apple-tab-span" style="white-space:pre"> </span>HTML/ScrInject.B.Gen virus (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div>C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUVC5FIY\fpi[1].htm<span class="Apple-tab-span" style="white-space:pre"> </span>HTML/ScrInject.B.Gen virus (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div><div> </div> Link to post Share on other sites More sharing options...
morrowc Posted September 1, 2012 Author ID:592342 Share Posted September 1, 2012 Hello,Here's the ESETS log:ESETSmartInstaller@High as downloader log:all ok# version=7# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.6583# api_version=3.0.2# EOSSerial=a8e24247996d8a49bcb91a3f9e338f2e# end=finished# remove_checked=false# archives_checked=false# unwanted_checked=true# unsafe_checked=false# antistealth_checked=true# utc_time=2012-09-01 03:30:57# local_time=2012-08-31 10:30:57 (-0600, Central Daylight Time)# country="United States"# lang=1033# osver=6.1.7601 NT Service Pack 1# compatibility_mode=5893 16776574 100 94 4088688 98008936 0 0# compatibility_mode=8192 67108863 100 0 0 0 0 0# scanned=236397# found=25# cleaned=0# scan_time=4771C:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$R2DCFR8.mbr Win32/Olmarik.AXY trojan (unable to clean) 00000000000000000000000000000000 IC:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$RF8ELEX.mbr Win32/Olmarik.AXY trojan (unable to clean) 00000000000000000000000000000000 IC:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$RH0B3QC.mbr Win32/Olmarik.AXY trojan (unable to clean) 00000000000000000000000000000000 IC:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$RM24J0G.mbr Win32/Olmarik.AXY trojan (unable to clean) 00000000000000000000000000000000 IC:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$RMLF1GO.mbr Win32/Olmarik.AXY trojan (unable to clean) 00000000000000000000000000000000 IC:\$RECYCLE.BIN\S-1-5-21-2923027591-736980571-597195185-1001\$RRK35VD.mbr Win32/Olmarik.AXY trojan (unable to clean) 00000000000000000000000000000000 IC:\System Volume Information\SystemRestore\FRStaging\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L1T1V55O\fpi[9].htm HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 IC:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan (unable to clean) 00000000000000000000000000000000 IC:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan (unable to clean) 00000000000000000000000000000000 IC:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0005.dta Win32/Olmarik.AWO trojan (unable to clean) 00000000000000000000000000000000 IC:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan (unable to clean) 00000000000000000000000000000000 IC:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AWO trojan (unable to clean) 00000000000000000000000000000000 IC:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan (unable to clean) 00000000000000000000000000000000 IC:\TDSSKiller_Quarantine\30.08.2012_22.21.07\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AYG trojan (unable to clean) 00000000000000000000000000000000 IC:\Users\Morrow\Downloads\blu-ray-creator-express.exe Win32/Toolbar.Zugo application (unable to clean) 00000000000000000000000000000000 IC:\Users\Morrow\Downloads\Dump_DR0.mbr Win32/Olmarik.AXY trojan (unable to clean) 00000000000000000000000000000000 IC:\Users\Morrow\Downloads\Dump_Hdd0_DR0.mbr Win32/Olmarik.AXY trojan (unable to clean) 00000000000000000000000000000000 IC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1987OBKX\fpi[1].htm HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 IC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8068ULBY\station-approvalspot_com[1].txt HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 IC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUVC5FIY\favorites[1].txt HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 IC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUVC5FIY\fpi[1].htm HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 IC:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1987OBKX\fpi[1].htm HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 IC:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8068ULBY\station-approvalspot_com[1].txt HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 IC:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUVC5FIY\favorites[1].txt HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 IC:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUVC5FIY\fpi[1].htm HTML/ScrInject.B.Gen virus (unable to clean) 00000000000000000000000000000000 I Link to post Share on other sites More sharing options...
Recommended Posts