Trojan Registry Key

[SleepyRebel]

Hi, I seem to have picked up a trojan, and Malwarebytes detects a registry value, but doesn't seem to be able to delete it, even on startup. I found it in regedit but couldn't seem to touch it, and I'm not sure what to do. At the suggestion of my brother, I've deleted a number of things it's dropped around the place, but It doesn't seem to go away:

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.09.06.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 8.0.7601.17514

Alex :: ALEX-LAPTOP [administrator]

9/6/2012 2:10:56 PM

mbam-log-2012-09-06 (14-10-56).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 205206

Time elapsed: 48 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|28258 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\msvxsrock.exe -> Delete on reboot.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Here is the log, Thanks for any help

[MrCharlie]

Welcome to the forum, please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs here.....DDS.txt and Attach.txt

<====><====><====><====><====><====><====><====>

Next.......

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

[SleepyRebel]

Thanks, Here they are, I shall go download RogueKiller right now.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_27

Run by Alex at 14:25:13 on 2012-09-06

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8169.6171 [GMT -7:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\WUDFHost.exe

G:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Hotkey\PowerBiosServer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Hotkey\Hotkey.exe

C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskmgr.exe

C:\Windows\SysWOW64\svchost.exe -k Akamai

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\explorer.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\notepad.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = <local>

mWinlogon: Userinit=userinit.exe,

uWindows: Load=C:\Users\Alex\C_1NlsLexi.exe

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler

uRun: [Akamai NetSession Interface] "C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

mExplorerRun: [28258] C:\PROGRA~3\LOCALS~1\Temp\msvxsrock.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

TCP: DhcpNameServer = 134.173.53.8 134.173.254.23

TCP: Interfaces\{0F4A2262-2D5F-48DB-8166-28056B183D77} : NameServer = 8.8.8.4,8.8.8.8

TCP: Interfaces\{0F4A2262-2D5F-48DB-8166-28056B183D77} : DhcpNameServer = 134.173.53.8 134.173.254.23

TCP: Interfaces\{75EE10ED-FD49-49AB-97F3-FAAF019E63BC} : DhcpNameServer = 198.224.188.236 198.224.189.236

TCP: Interfaces\{8DB3CD39-3C5D-429C-98F0-85B83220856C} : DhcpNameServer = 134.173.237.44 134.173.237.43

TCP: Interfaces\{8DB3CD39-3C5D-429C-98F0-85B83220856C}\34C6162756D6F6E647 : DhcpNameServer = 134.173.254.23 134.173.53.8

TCP: Interfaces\{8DB3CD39-3C5D-429C-98F0-85B83220856C}\4656661657C647 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{8DB3CD39-3C5D-429C-98F0-85B83220856C}\771627B6 : DhcpNameServer = 192.168.2.254

TCP: Interfaces\{8DB3CD39-3C5D-429C-98F0-85B83220856C}\84F6C69646169794E6E654870727563737 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{8DB3CD39-3C5D-429C-98F0-85B83220856C}\B6573757D696F577966696 : DhcpNameServer = 192.168.0.1 192.168.1.1

TCP: Interfaces\{EE1D76B1-6E31-4CF6-83F0-F1F53F15FFC6} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{EE1D76B1-6E31-4CF6-83F0-F1F53F15FFC6}\24C61636B62596467656 : DhcpNameServer = 208.67.222.222 208.67.220.220

TCP: Interfaces\{EE1D76B1-6E31-4CF6-83F0-F1F53F15FFC6}\36437657563747 : DhcpNameServer = 216.38.158.3 216.38.158.2

TCP: Interfaces\{EE1D76B1-6E31-4CF6-83F0-F1F53F15FFC6}\4656661657C647 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{EE1D76B1-6E31-4CF6-83F0-F1F53F15FFC6}\7565D4D275946494 : DhcpNameServer = 209.129.128.3 209.129.128.4

TCP: Interfaces\{EE1D76B1-6E31-4CF6-83F0-F1F53F15FFC6}\B6573757D696F577966696 : DhcpNameServer = 192.168.0.1 192.168.1.1

TCP: Interfaces\{F7745AAA-1B51-4A8F-B934-8DA02F115823} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{F7745AAA-1B51-4A8F-B934-8DA02F115823}\4656661657C647 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{F7745AAA-1B51-4A8F-B934-8DA02F115823}\B6573757D696F577966696 : DhcpNameServer = 8.8.8.8 192.168.0.1 192.168.1.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime

mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\hoql6q9c.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

FF - plugin: C:\Users\Alex\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Users\Alex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\hoql6q9c.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]

R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;G:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-9-5 44808]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-27 655944]

R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2010-11-18 32768]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]

R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe --> C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-5 253088]

S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-11-2 130976]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-7 114144]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]

S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 usj;usj;G:\AeriaGames\EdenEternal\EdenEternal\avital\ussjcs64.sys [2012-9-4 89560]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-9-1 13592]

S4 MotoConnect Service;MotoConnect Service;C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2012-7-9 91456]

S4 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-31 2656280]

.

=============== Created Last 30 ================

.

2012-09-06 20:13:49 7 ----a-w- C:\Windows\System32\PerfStringBackup.TMP

2012-09-06 05:06:57 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-09-06 04:22:33 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-09-06 04:22:33 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-09-06 04:22:33 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2012-09-06 04:22:26 41224 ----a-w- C:\Windows\avastSS.scr

2012-09-06 04:22:17 -------- d-----w- C:\ProgramData\AVAST Software

2012-09-06 01:07:51 -------- d-----w- C:\Program Files (x86)\Common Files\Akamai

2012-09-05 02:04:12 629760 ----a-w- C:\Windows\SysWow64\DivXDecH264.ax

2012-09-05 02:04:12 622592 ----a-w- C:\Windows\SysWow64\mmaacd.ax

2012-09-05 02:04:12 204800 ----a-w- C:\Windows\SysWow64\mp4demux.dll

2012-09-04 20:31:52 1409 ----a-w- C:\Windows\QTFont.for

2012-09-04 20:18:46 -------- d-----w- C:\Users\Alex\AppData\Local\SecondLife

2012-09-04 20:01:50 -------- d-----w- C:\Users\Alex\AppData\Local\Akamai

2012-09-04 20:01:45 -------- d-----w- C:\AeriaGames

2012-09-03 01:35:58 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll

2012-08-25 08:40:21 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare

2012-08-21 22:52:14 -------- d-----w- C:\Users\Alex\AppData\Local\DOSBox

2012-08-21 22:52:01 -------- d-----w- C:\Program Files (x86)\DOSBox-0.74

.

==================== Find3M ====================

.

2012-07-07 07:24:42 298016 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-07-07 07:24:42 298016 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2012-07-07 07:15:19 298016 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-07-07 05:59:00 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2012-07-04 05:26:38 3130440 ----a-w- C:\Windows\SysWow64\pbsvc_blr.exe

2012-07-03 20:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-06-29 05:11:09 833024 ----a-w- C:\Windows\SysWow64\user32.dll

2012-06-29 05:11:09 419840 ----a-w- C:\Windows\System32\systemcpl.dll

2012-06-29 05:11:09 14848 ----a-w- C:\Windows\System32\slwga.dll

2012-06-29 05:11:09 13824 ----a-w- C:\Windows\SysWow64\slwga.dll

2012-06-29 05:11:09 1008640 ----a-w- C:\Windows\System32\user32.dll

.

============= FINISH: 14:25:31.71 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 9/1/2011 10:59:15 AM

System Uptime: 9/6/2012 1:59:34 PM (1 hours ago)

.

Motherboard: CLEVO | | P170HMx

Processor: Intel® Core i7-2630QM CPU @ 2.00GHz | SOCKET 0 | 2001/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 119 GiB total, 23.865 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is FIXED (NTFS) - 465 GiB total, 326.318 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

7-Zip 9.20

Adobe AIR

Adobe Flash Player 10 ActiveX

Akamai NetSession Interface

avast! Free Antivirus

Battlefield Heroes (Alex)

Battlefield: Bad Company™ 2

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Combined Community Codec Pack 2011-07-30

Counter-Strike

Counter-Strike: Source

Coupon Companion

DAEMON Tools Lite

Day of Defeat

DC++ 0.782

Devil's Tuning Fork 1.21

DING!

Divine Wind version 5.1

Dropbox

Dual-Core Optimizer

Dystopia

Eden Eternal

ESN Sonar

eSupport UndeletePlus 3.0.3.514

Europa Universalis III

Evaer Video Recorder for Skype 1.2.6.22

Fable III

Foxit Reader 5.1

Free CD Ripper 3.1

FreeRIP 3.80

Futuremark SystemInfo

GameSpy Arcade

GoldenEye: Source - HalfLife 2 Mod

Google Chrome

Half-Life

Hi-Rez Studios Games

Hotkey 3.3017

Igor Pro

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java Auto Updater

Java 6 Update 27

JDownloader 0.9

JMicron Ethernet Adapter NDIS Driver

JMicron Flash Media Controller Driver

Kenshi 0.25.4

League of Legends

LEGO Digital Designer

Lords of Magic Special Edition

Mabinogi

Malwarebytes Anti-Malware version 1.62.0.1300

Map Generator

MechWarrior 3

MechWarrior Online

Microsoft .NET Framework 1.1

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0

Minitab 15 English

Mirror's Edge™

MotoConnect

Mozilla Firefox 15.0 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML4 Parser

Natural Selection 3.2

Neverwinter Nights 2

Nexon Game Manager

NVIDIA PhysX

oggcodecs 0.71.0946

On the Rain-Slick Precipice of Darkness, Episode One

ooVoo

OpenAL

OpenOffice.org 3.3

Pando Media Booster

Pirates, Vikings, & Knights II

PunkBuster Services

Puzzle Pirates

Python 2.7.2

QuickTime

Racket v5.1.3

Re-Volt patch 12.07

Realm of the Mad God

Realtek High Definition Audio Driver

REALTEK Wireless LAN Driver

Renesas Electronics USB 3.0 Host Controller Driver

RIFT

Rise of Nations Gold

SecondLifeViewer (remove only)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Shattered Galaxy

Ship

Sierra Utilities

Sins of a Solar Empire

Skype™ 5.10

SourceForts 1.9.4.1 Fixed

Spybot - Search & Destroy

Star Trek Online

Star Wars: The Old Republic

StarCraft II

Steam

Stronghold Kingdoms

Stubbs The Zombie

Super Crate Box

Supertintin 1.2.0.13

SWI-Prolog (remove only)

Team Fortress 2

The Neverhood

The Rosetta Stone

Tremulous 1.1.0

Unity Web Player

Unreal Tournament 3

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

VLC media player 1.1.11

Wakfu

War of the Roses Beta

WinAce Archiver

Winamp

WinZip 15.5

World of Tanks v.0.6.7

Xvid MPEG-4 Video Codec

.

==== Event Viewer Messages From Past Week ========

.

9/6/2012 1:59:44 PM, Error: Service Control Manager [7001] - The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

9/6/2012 1:50:52 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

9/6/2012 1:50:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

9/6/2012 1:50:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

9/6/2012 1:50:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

9/6/2012 1:50:30 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP cmdGuard cmdHlp CSC DfsC discache inspect NetBIOS NetBT nsiproxy rdbss spldr sptd tdx vwififlt Wanarpv6 WfpLwf

9/6/2012 1:50:30 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

9/6/2012 1:50:30 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

9/6/2012 1:50:30 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

9/6/2012 1:50:30 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

9/6/2012 1:50:30 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

9/6/2012 1:50:30 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

9/6/2012 1:50:30 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

9/6/2012 1:50:30 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

9/6/2012 1:50:30 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

9/6/2012 1:50:30 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

9/6/2012 1:50:26 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .

9/6/2012 1:12:22 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

9/6/2012 1:12:06 PM, Error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

9/5/2012 8:21:51 PM, Error: Service Control Manager [7001] - The Intel® Management and Security Application User Notification Service service depends on the Intel® Management and Security Application Local Management Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

9/5/2012 6:08:23 PM, Error: Service Control Manager [7030] - The Akamai NetSession Interface service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

9/5/2012 11:56:54 PM, Error: Service Control Manager [7001] - The MotoConnect Service service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.

9/5/2012 11:32:12 PM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/5/2012 11:12:09 PM, Error: Service Control Manager [7031] - The MotoConnect Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.

.

==== End Of File ===========================

[SleepyRebel]

And Here is the RogueKiller report, Though my firewall seemed to think it was malicious at first.

RogueKiller V8.0.2 [08/31/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Alex [Admin rights]

Mode : Scan -- Date : 09/06/2012 14:30:16

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤

[RUN][bLACKLIST DLL] HKLM\[...]\Run : THXCfg64 (C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64) -> FOUND

[RUN][ROGUE ST] HKLM\[...]\Policies\Explorer\\Run : 28258 (C:\PROGRA~3\LOCALS~1\Temp\msvxsrock.exe) -> FOUND

[RUN][ROGUE ST] HKLM\[...]\Wow6432Node\Policies\Explorer\\Run : 28258 (C:\PROGRA~3\LOCALS~1\Temp\msvxsrock.exe) -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: M4-CT128M4SSD2 +++++

--- User ---

[MBR] 08ee5022ae52eb1c2eba6a3f1476e6f6

[bSP] abfa16ced0a5d4f65dce882f7545d30a : Windows 7 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 122102 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD5000BEVT-11ZAT0 +++++

--- User ---

[MBR] f4a80303e68dc753c8a9b397ed4c26e6

[bSP] 374f7f4b637f8db5bf98d83a41a34622 : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 475937 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Thank you so much

[MrCharlie]

Run RogueKiller again and click Scan

When the scan completes > click on the Registry tab

Put a check next to all of these and uncheck the rest: (if found)

[RUN][bLACKLIST DLL] HKLM\[...]\Run : THXCfg64 (C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64) -> FOUND

[RUN][ROGUE ST] HKLM\[...]\Policies\Explorer\\Run : 28258 (C:\PROGRA~3\LOCALS~1\Temp\msvxsrock.exe) -> FOUND

[RUN][ROGUE ST] HKLM\[...]\Wow6432Node\Policies\Explorer\\Run : 28258 (C:\PROGRA~3\LOCALS~1\Temp\msvxsrock.exe) -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND

Now click Delete on the right hand column under Options

~~~~~~~~~~~~~~~~~~~~~

Next........

Please read the directions carefully so you don't end up deleting something that is good!!

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

[SleepyRebel]

There were three suspicious files, nothing to cure:

15:45:17.0144 3028 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

15:45:19.0147 3028 ============================================================

15:45:19.0147 3028 Current date / time: 2012/09/06 15:45:19.0147

15:45:19.0147 3028 SystemInfo:

15:45:19.0147 3028

15:45:19.0147 3028 OS Version: 6.1.7601 ServicePack: 1.0

15:45:19.0147 3028 Product type: Workstation

15:45:19.0147 3028 ComputerName: ALEX-LAPTOP

15:45:19.0148 3028 UserName: Alex

15:45:19.0148 3028 Windows directory: C:\Windows

15:45:19.0148 3028 System windows directory: C:\Windows

15:45:19.0148 3028 Running under WOW64

15:45:19.0148 3028 Processor architecture: Intel x64

15:45:19.0148 3028 Number of processors: 8

15:45:19.0148 3028 Page size: 0x1000

15:45:19.0148 3028 Boot type: Normal boot

15:45:19.0148 3028 ============================================================

15:45:19.0378 3028 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:45:19.0379 3028 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:45:19.0383 3028 ============================================================

15:45:19.0383 3028 \Device\Harddisk0\DR0:

15:45:19.0383 3028 MBR partitions:

15:45:19.0383 3028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xEE7B000

15:45:19.0383 3028 \Device\Harddisk1\DR1:

15:45:19.0383 3028 MBR partitions:

15:45:19.0383 3028 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A190800

15:45:19.0383 3028 ============================================================

15:45:19.0385 3028 C: <-> \Device\Harddisk0\DR0\Partition1

15:45:19.0738 3028 G: <-> \Device\Harddisk1\DR1\Partition1

15:45:19.0739 3028 ============================================================

15:45:19.0739 3028 Initialize success

15:45:19.0739 3028 ============================================================

15:45:51.0759 4996 ============================================================

15:45:51.0759 4996 Scan started

15:45:51.0759 4996 Mode: Manual; SigCheck; TDLFS;

15:45:51.0759 4996 ============================================================

15:45:51.0900 4996 ================ Scan system memory ========================

15:45:51.0900 4996 System memory - ok

15:45:51.0900 4996 ================ Scan services =============================

15:45:51.0938 4996 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

15:45:51.0988 4996 1394ohci - ok

15:45:51.0994 4996 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

15:45:52.0006 4996 ACPI - ok

15:45:52.0009 4996 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

15:45:52.0023 4996 AcpiPmi - ok

15:45:52.0048 4996 [ 459AC130C6AB892B1CD5D7544626EFC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

15:45:52.0059 4996 AdobeFlashPlayerUpdateSvc - ok

15:45:52.0065 4996 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

15:45:52.0080 4996 adp94xx - ok

15:45:52.0086 4996 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

15:45:52.0098 4996 adpahci - ok

15:45:52.0102 4996 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

15:45:52.0113 4996 adpu320 - ok

15:45:52.0117 4996 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

15:45:52.0148 4996 AeLookupSvc - ok

15:45:52.0155 4996 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

15:45:52.0171 4996 AFD - ok

15:45:52.0174 4996 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

15:45:52.0183 4996 agp440 - ok

15:45:52.0223 4996 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai C:/Program Files (x86)/Common Files/Akamai/netsession_win_5891ae0.dll

15:45:52.0287 4996 Akamai - ok

15:45:52.0291 4996 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

15:45:52.0304 4996 ALG - ok

15:45:52.0307 4996 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

15:45:52.0315 4996 aliide - ok

15:45:52.0319 4996 [ A359974EAAC83A435497C52F62A2E590 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

15:45:52.0335 4996 AMD External Events Utility - ok

15:45:52.0338 4996 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

15:45:52.0346 4996 amdide - ok

15:45:52.0349 4996 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

15:45:52.0361 4996 AmdK8 - ok

15:45:52.0430 4996 [ 60216B0E704584DE6D5A9F59E9C34C47 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

15:45:52.0524 4996 amdkmdag - ok

15:45:52.0531 4996 [ 6B4E9261B613B047A9A145F328889968 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

15:45:52.0546 4996 amdkmdap - ok

15:45:52.0549 4996 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

15:45:52.0561 4996 AmdPPM - ok

15:45:52.0564 4996 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

15:45:52.0573 4996 amdsata - ok

15:45:52.0578 4996 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

15:45:52.0588 4996 amdsbs - ok

15:45:52.0591 4996 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

15:45:52.0600 4996 amdxata - ok

15:45:52.0603 4996 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

15:45:52.0632 4996 AppID - ok

15:45:52.0635 4996 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

15:45:52.0665 4996 AppIDSvc - ok

15:45:52.0668 4996 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

15:45:52.0698 4996 Appinfo - ok

15:45:52.0702 4996 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

15:45:52.0716 4996 AppMgmt - ok

15:45:52.0719 4996 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

15:45:52.0729 4996 arc - ok

15:45:52.0732 4996 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

15:45:52.0741 4996 arcsas - ok

15:45:52.0753 4996 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

15:45:52.0762 4996 aspnet_state - ok

15:45:52.0764 4996 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

15:45:52.0782 4996 aswFsBlk - ok

15:45:52.0785 4996 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

15:45:52.0793 4996 aswMonFlt - ok

15:45:52.0796 4996 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

15:45:52.0804 4996 aswRdr - ok

15:45:52.0815 4996 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

15:45:52.0834 4996 aswSnx - ok

15:45:52.0840 4996 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys

15:45:52.0852 4996 aswSP - ok

15:45:52.0854 4996 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

15:45:52.0884 4996 AsyncMac - ok

15:45:52.0887 4996 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

15:45:52.0896 4996 atapi - ok

15:45:52.0927 4996 [ 481CC0E01A941BA4DD0D949C1D47B417 ] athr C:\Windows\system32\DRIVERS\athrx.sys

15:45:52.0969 4996 athr - ok

15:45:52.0974 4996 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

15:45:52.0982 4996 AtiHDAudioService - ok

15:45:52.0995 4996 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

15:45:53.0032 4996 AudioEndpointBuilder - ok

15:45:53.0040 4996 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

15:45:53.0073 4996 AudioSrv - ok

15:45:53.0432 4996 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus G:\Program Files\AVAST Software\Avast\AvastSvc.exe

15:45:53.0451 4996 avast! Antivirus - ok

15:45:53.0456 4996 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

15:45:53.0481 4996 AxInstSV - ok

15:45:53.0493 4996 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

15:45:53.0515 4996 b06bdrv - ok

15:45:53.0522 4996 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

15:45:53.0541 4996 b57nd60a - ok

15:45:53.0547 4996 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

15:45:53.0566 4996 BDESVC - ok

15:45:53.0569 4996 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

15:45:53.0607 4996 Beep - ok

15:45:53.0615 4996 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

15:45:53.0651 4996 BFE - ok

15:45:53.0660 4996 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

15:45:53.0701 4996 BITS - ok

15:45:53.0703 4996 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

15:45:53.0714 4996 blbdrive - ok

15:45:53.0717 4996 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

15:45:53.0728 4996 bowser - ok

15:45:53.0730 4996 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:45:53.0743 4996 BrFiltLo - ok

15:45:53.0746 4996 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:45:53.0758 4996 BrFiltUp - ok

15:45:53.0762 4996 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll

15:45:53.0793 4996 Browser - ok

15:45:53.0798 4996 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

15:45:53.0813 4996 Brserid - ok

15:45:53.0816 4996 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

15:45:53.0829 4996 BrSerWdm - ok

15:45:53.0832 4996 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

15:45:53.0844 4996 BrUsbMdm - ok

15:45:53.0847 4996 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

15:45:53.0858 4996 BrUsbSer - ok

15:45:53.0861 4996 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

15:45:53.0872 4996 BthEnum - ok

15:45:53.0874 4996 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

15:45:53.0888 4996 BTHMODEM - ok

15:45:53.0891 4996 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

15:45:53.0905 4996 BthPan - ok

15:45:53.0912 4996 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

15:45:53.0927 4996 BTHPORT - ok

15:45:53.0930 4996 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

15:45:53.0961 4996 bthserv - ok

15:45:53.0964 4996 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

15:45:53.0975 4996 BTHUSB - ok

15:45:53.0978 4996 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

15:45:54.0008 4996 cdfs - ok

15:45:54.0012 4996 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

15:45:54.0025 4996 cdrom - ok

15:45:54.0028 4996 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

15:45:54.0059 4996 CertPropSvc - ok

15:45:54.0062 4996 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

15:45:54.0079 4996 circlass - ok

15:45:54.0085 4996 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

15:45:54.0099 4996 CLFS - ok

15:45:54.0105 4996 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:45:54.0114 4996 clr_optimization_v2.0.50727_32 - ok

15:45:54.0119 4996 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:45:54.0128 4996 clr_optimization_v2.0.50727_64 - ok

15:45:54.0138 4996 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:45:54.0147 4996 clr_optimization_v4.0.30319_32 - ok

15:45:54.0150 4996 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

15:45:54.0159 4996 clr_optimization_v4.0.30319_64 - ok

15:45:54.0162 4996 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

15:45:54.0173 4996 CmBatt - ok

15:45:54.0197 4996 [ 539496FAA87062BADE23726A8B43D209 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

15:45:54.0237 4996 cmdAgent - ok

15:45:54.0242 4996 [ 0020E6598D80B92E4D8618554C4843AB ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys

15:45:54.0253 4996 cmdGuard - ok

15:45:54.0255 4996 [ 7A2AF19B01BF433C23AC1111610ACF84 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys

15:45:54.0263 4996 cmdHlp - ok

15:45:54.0265 4996 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

15:45:54.0273 4996 cmdide - ok

15:45:54.0280 4996 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys

15:45:54.0299 4996 CNG - ok

15:45:54.0302 4996 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

15:45:54.0311 4996 Compbatt - ok

15:45:54.0313 4996 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

15:45:54.0326 4996 CompositeBus - ok

15:45:54.0329 4996 COMSysApp - ok

15:45:54.0332 4996 cpuz135 - ok

15:45:54.0334 4996 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

15:45:54.0343 4996 crcdisk - ok

15:45:54.0348 4996 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll

15:45:54.0378 4996 CryptSvc - ok

15:45:54.0385 4996 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

15:45:54.0401 4996 CSC - ok

15:45:54.0409 4996 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

15:45:54.0427 4996 CscService - ok

15:45:54.0435 4996 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

15:45:54.0471 4996 DcomLaunch - ok

15:45:54.0477 4996 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

15:45:54.0510 4996 defragsvc - ok

15:45:54.0513 4996 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

15:45:54.0542 4996 DfsC - ok

15:45:54.0547 4996 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

15:45:54.0580 4996 Dhcp - ok

15:45:54.0583 4996 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

15:45:54.0612 4996 discache - ok

15:45:54.0615 4996 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

15:45:54.0624 4996 Disk - ok

15:45:54.0628 4996 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

15:45:54.0641 4996 Dnscache - ok

15:45:54.0646 4996 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

15:45:54.0678 4996 dot3svc - ok

15:45:54.0682 4996 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

15:45:54.0713 4996 DPS - ok

15:45:54.0715 4996 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

15:45:54.0728 4996 drmkaud - ok

15:45:54.0734 4996 [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys

15:45:54.0744 4996 dtsoftbus01 - ok

15:45:54.0754 4996 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

15:45:54.0774 4996 DXGKrnl - ok

15:45:54.0777 4996 EagleX64 - ok

15:45:54.0780 4996 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

15:45:54.0812 4996 EapHost - ok

15:45:54.0841 4996 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

15:45:54.0880 4996 ebdrv - ok

15:45:54.0883 4996 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

15:45:54.0895 4996 EFS - ok

15:45:54.0903 4996 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

15:45:54.0921 4996 ehRecvr - ok

15:45:54.0923 4996 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

15:45:54.0935 4996 ehSched - ok

15:45:54.0942 4996 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

15:45:54.0957 4996 elxstor - ok

15:45:54.0959 4996 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

15:45:54.0970 4996 ErrDev - ok

15:45:54.0978 4996 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

15:45:55.0013 4996 EventSystem - ok

15:45:55.0017 4996 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

15:45:55.0047 4996 exfat - ok

15:45:55.0051 4996 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

15:45:55.0082 4996 fastfat - ok

15:45:55.0090 4996 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

15:45:55.0109 4996 Fax - ok

15:45:55.0112 4996 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

15:45:55.0123 4996 fdc - ok

15:45:55.0125 4996 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

15:45:55.0155 4996 fdPHost - ok

15:45:55.0158 4996 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

15:45:55.0189 4996 FDResPub - ok

15:45:55.0191 4996 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

15:45:55.0201 4996 FileInfo - ok

15:45:55.0203 4996 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

15:45:55.0232 4996 Filetrace - ok

15:45:55.0235 4996 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

15:45:55.0246 4996 flpydisk - ok

15:45:55.0250 4996 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

15:45:55.0262 4996 FltMgr - ok

15:45:55.0274 4996 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

15:45:55.0297 4996 FontCache - ok

15:45:55.0300 4996 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:45:55.0308 4996 FontCache3.0.0.0 - ok

15:45:55.0311 4996 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

15:45:55.0320 4996 FsDepends - ok

15:45:55.0322 4996 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

15:45:55.0331 4996 Fs_Rec - ok

15:45:55.0335 4996 [ A33BCF3FAB19DB7D0B501036722F311B ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe

15:45:55.0343 4996 Futuremark SystemInfo Service - ok

15:45:55.0347 4996 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

15:45:55.0361 4996 fvevol - ok

15:45:55.0364 4996 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

15:45:55.0373 4996 gagp30kx - ok

15:45:55.0381 4996 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

15:45:55.0419 4996 gpsvc - ok

15:45:55.0422 4996 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

15:45:55.0433 4996 hcw85cir - ok

15:45:55.0438 4996 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

15:45:55.0454 4996 HdAudAddService - ok

15:45:55.0458 4996 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

15:45:55.0472 4996 HDAudBus - ok

15:45:55.0474 4996 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

15:45:55.0485 4996 HidBatt - ok

15:45:55.0488 4996 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

15:45:55.0502 4996 HidBth - ok

15:45:55.0505 4996 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

15:45:55.0519 4996 HidIr - ok

15:45:55.0521 4996 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

15:45:55.0552 4996 hidserv - ok

15:45:55.0555 4996 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

15:45:55.0565 4996 HidUsb - ok

15:45:55.0567 4996 HiPatchService - ok

15:45:55.0571 4996 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

15:45:55.0602 4996 hkmsvc - ok

15:45:55.0606 4996 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

15:45:55.0621 4996 HomeGroupListener - ok

15:45:55.0626 4996 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

15:45:55.0640 4996 HomeGroupProvider - ok

15:45:55.0643 4996 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

15:45:55.0652 4996 HpSAMD - ok

15:45:55.0660 4996 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

15:45:55.0695 4996 HTTP - ok

15:45:55.0697 4996 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

15:45:55.0706 4996 hwpolicy - ok

15:45:55.0709 4996 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

15:45:55.0720 4996 i8042prt - ok

15:45:55.0727 4996 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

15:45:55.0741 4996 iaStor - ok

15:45:55.0744 4996 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

15:45:55.0751 4996 IAStorDataMgrSvc - ok

15:45:55.0757 4996 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

15:45:55.0770 4996 iaStorV - ok

15:45:55.0775 4996 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

15:45:55.0780 4996 IDriverT ( UnsignedFile.Multi.Generic ) - warning

15:45:55.0780 4996 IDriverT - detected UnsignedFile.Multi.Generic (1)

15:45:55.0790 4996 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:45:55.0807 4996 idsvc - ok

15:45:55.0810 4996 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

15:45:55.0819 4996 iirsp - ok

15:45:55.0828 4996 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

15:45:55.0866 4996 IKEEXT - ok

15:45:55.0870 4996 [ FC863D6EC8FC977AC4BE6CA7DDC10DAE ] inspect C:\Windows\system32\DRIVERS\inspect.sys

15:45:55.0878 4996 inspect - ok

15:45:55.0906 4996 [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

15:45:55.0950 4996 IntcAzAudAddService - ok

15:45:55.0953 4996 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

15:45:55.0962 4996 intelide - ok

15:45:55.0965 4996 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

15:45:55.0976 4996 intelppm - ok

15:45:55.0979 4996 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

15:45:56.0011 4996 IPBusEnum - ok

15:45:56.0014 4996 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:45:56.0043 4996 IpFilterDriver - ok

15:45:56.0050 4996 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

15:45:56.0085 4996 iphlpsvc - ok

15:45:56.0088 4996 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

15:45:56.0100 4996 IPMIDRV - ok

15:45:56.0103 4996 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

15:45:56.0133 4996 IPNAT - ok

15:45:56.0136 4996 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

15:45:56.0150 4996 IRENUM - ok

15:45:56.0152 4996 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

15:45:56.0161 4996 isapnp - ok

15:45:56.0166 4996 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

15:45:56.0178 4996 iScsiPrt - ok

15:45:56.0181 4996 [ 8D990A44B4F2B68E2C56A3724EC3EB84 ] itecir C:\Windows\system32\DRIVERS\itecir.sys

15:45:56.0189 4996 itecir - ok

15:45:56.0193 4996 [ E5F9A5AC854529EFBE37E475149615C1 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys

15:45:56.0202 4996 JMCR - ok

15:45:56.0205 4996 [ 2D011BAFC08169555AB49920BE54B144 ] JME C:\Windows\system32\DRIVERS\JME.sys

15:45:56.0214 4996 JME - ok

15:45:56.0217 4996 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

15:45:56.0226 4996 kbdclass - ok

15:45:56.0228 4996 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

15:45:56.0239 4996 kbdhid - ok

15:45:56.0242 4996 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

15:45:56.0253 4996 KeyIso - ok

15:45:56.0257 4996 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

15:45:56.0266 4996 KSecDD - ok

15:45:56.0270 4996 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

15:45:56.0281 4996 KSecPkg - ok

15:45:56.0283 4996 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

15:45:56.0312 4996 ksthunk - ok

15:45:56.0318 4996 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

15:45:56.0353 4996 KtmRm - ok

15:45:56.0358 4996 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

15:45:56.0391 4996 LanmanServer - ok

15:45:56.0394 4996 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

15:45:56.0426 4996 LanmanWorkstation - ok

15:45:56.0430 4996 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

15:45:56.0460 4996 lltdio - ok

15:45:56.0465 4996 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

15:45:56.0499 4996 lltdsvc - ok

15:45:56.0502 4996 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

15:45:56.0532 4996 lmhosts - ok

15:45:56.0537 4996 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

15:45:56.0548 4996 LMS - ok

15:45:56.0553 4996 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

15:45:56.0563 4996 LSI_FC - ok

15:45:56.0566 4996 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

15:45:56.0575 4996 LSI_SAS - ok

15:45:56.0578 4996 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:45:56.0587 4996 LSI_SAS2 - ok

15:45:56.0590 4996 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:45:56.0600 4996 LSI_SCSI - ok

15:45:56.0603 4996 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

15:45:56.0633 4996 luafv - ok

15:45:56.0635 4996 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

15:45:56.0644 4996 MBAMProtector - ok

15:45:56.0651 4996 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

15:45:56.0666 4996 MBAMService - ok

15:45:56.0669 4996 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

15:45:56.0683 4996 Mcx2Svc - ok

15:45:56.0685 4996 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

15:45:56.0694 4996 megasas - ok

15:45:56.0699 4996 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

15:45:56.0710 4996 MegaSR - ok

15:45:56.0713 4996 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

15:45:56.0721 4996 MEIx64 - ok

15:45:56.0724 4996 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

15:45:56.0755 4996 MMCSS - ok

15:45:56.0758 4996 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

15:45:56.0787 4996 Modem - ok

15:45:56.0789 4996 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

15:45:56.0803 4996 monitor - ok

15:45:56.0806 4996 [ BE72F68C3E898C6C7DD61AFDF28769DD ] MotoConnect Service C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe

15:45:56.0814 4996 MotoConnect Service - ok

15:45:56.0817 4996 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

15:45:56.0826 4996 mouclass - ok

15:45:56.0829 4996 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

15:45:56.0840 4996 mouhid - ok

15:45:56.0843 4996 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

15:45:56.0852 4996 mountmgr - ok

15:45:56.0856 4996 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

15:45:56.0865 4996 MozillaMaintenance - ok

15:45:56.0869 4996 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

15:45:56.0879 4996 mpio - ok

15:45:56.0882 4996 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

15:45:56.0912 4996 mpsdrv - ok

15:45:56.0921 4996 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

15:45:56.0960 4996 MpsSvc - ok

15:45:56.0963 4996 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

15:45:56.0979 4996 MRxDAV - ok

15:45:56.0983 4996 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

15:45:56.0995 4996 mrxsmb - ok

15:45:57.0000 4996 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:45:57.0013 4996 mrxsmb10 - ok

15:45:57.0016 4996 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:45:57.0027 4996 mrxsmb20 - ok

15:45:57.0030 4996 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

15:45:57.0038 4996 msahci - ok

15:45:57.0042 4996 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

15:45:57.0052 4996 msdsm - ok

15:45:57.0055 4996 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

15:45:57.0070 4996 MSDTC - ok

15:45:57.0074 4996 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

15:45:57.0103 4996 Msfs - ok

15:45:57.0105 4996 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

15:45:57.0134 4996 mshidkmdf - ok

15:45:57.0136 4996 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

15:45:57.0145 4996 msisadrv - ok

15:45:57.0149 4996 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

15:45:57.0181 4996 MSiSCSI - ok

15:45:57.0183 4996 msiserver - ok

15:45:57.0186 4996 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

15:45:57.0215 4996 MSKSSRV - ok

15:45:57.0218 4996 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

15:45:57.0247 4996 MSPCLOCK - ok

15:45:57.0249 4996 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

15:45:57.0279 4996 MSPQM - ok

15:45:57.0284 4996 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

15:45:57.0297 4996 MsRPC - ok

15:45:57.0301 4996 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

15:45:57.0310 4996 mssmbios - ok

15:45:57.0312 4996 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

15:45:57.0341 4996 MSTEE - ok

15:45:57.0344 4996 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

15:45:57.0355 4996 MTConfig - ok

15:45:57.0360 4996 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

15:45:57.0369 4996 Mup - ok

15:45:57.0375 4996 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

15:45:57.0411 4996 napagent - ok

15:45:57.0417 4996 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

15:45:57.0433 4996 NativeWifiP - ok

15:45:57.0444 4996 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys

15:45:57.0463 4996 NDIS - ok

15:45:57.0466 4996 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

15:45:57.0496 4996 NdisCap - ok

15:45:57.0498 4996 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

15:45:57.0528 4996 NdisTapi - ok

15:45:57.0531 4996 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

15:45:57.0559 4996 Ndisuio - ok

15:45:57.0563 4996 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

15:45:57.0593 4996 NdisWan - ok

15:45:57.0596 4996 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

15:45:57.0625 4996 NDProxy - ok

15:45:57.0627 4996 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

15:45:57.0657 4996 NetBIOS - ok

15:45:57.0661 4996 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

15:45:57.0692 4996 NetBT - ok

15:45:57.0695 4996 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

15:45:57.0706 4996 Netlogon - ok

15:45:57.0712 4996 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

15:45:57.0747 4996 Netman - ok

15:45:57.0750 4996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:45:57.0759 4996 NetMsmqActivator - ok

15:45:57.0761 4996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:45:57.0770 4996 NetPipeActivator - ok

15:45:57.0776 4996 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

15:45:57.0813 4996 netprofm - ok

15:45:57.0816 4996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:45:57.0824 4996 NetTcpActivator - ok

15:45:57.0827 4996 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:45:57.0835 4996 NetTcpPortSharing - ok

15:45:57.0907 4996 [ B25FE0FA523579B6FA327311A579866E ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys

15:45:57.0991 4996 NETwNs64 - ok

15:45:57.0995 4996 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

15:45:58.0004 4996 nfrd960 - ok

15:45:58.0009 4996 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

15:45:58.0043 4996 NlaSvc - ok

15:45:58.0045 4996 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

15:45:58.0076 4996 Npfs - ok

15:45:58.0078 4996 npggsvc - ok

15:45:58.0081 4996 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

15:45:58.0111 4996 nsi - ok

15:45:58.0114 4996 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

15:45:58.0143 4996 nsiproxy - ok

15:45:58.0160 4996 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

15:45:58.0188 4996 Ntfs - ok

15:45:58.0191 4996 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

15:45:58.0220 4996 Null - ok

15:45:58.0223 4996 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys

15:45:58.0233 4996 nusb3hub - ok

15:45:58.0237 4996 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys

15:45:58.0247 4996 nusb3xhc - ok

15:45:58.0251 4996 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

15:45:58.0262 4996 nvraid - ok

15:45:58.0266 4996 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

15:45:58.0276 4996 nvstor - ok

15:45:58.0279 4996 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

15:45:58.0289 4996 nv_agp - ok

15:45:58.0292 4996 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

15:45:58.0304 4996 ohci1394 - ok

15:45:58.0309 4996 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

15:45:58.0325 4996 p2pimsvc - ok

15:45:58.0331 4996 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

15:45:58.0348 4996 p2psvc - ok

15:45:58.0351 4996 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

15:45:58.0363 4996 Parport - ok

15:45:58.0365 4996 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

15:45:58.0375 4996 partmgr - ok

15:45:58.0379 4996 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

15:45:58.0397 4996 PcaSvc - ok

15:45:58.0401 4996 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

15:45:58.0412 4996 pci - ok

15:45:58.0414 4996 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

15:45:58.0423 4996 pciide - ok

15:45:58.0427 4996 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

15:45:58.0438 4996 pcmcia - ok

15:45:58.0441 4996 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

15:45:58.0450 4996 pcw - ok

15:45:58.0457 4996 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

15:45:58.0493 4996 PEAUTH - ok

15:45:58.0506 4996 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

15:45:58.0533 4996 PeerDistSvc - ok

15:45:58.0557 4996 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

15:45:58.0570 4996 PerfHost - ok

15:45:58.0587 4996 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

15:45:58.0633 4996 pla - ok

15:45:58.0639 4996 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

15:45:58.0657 4996 PlugPlay - ok

15:45:58.0660 4996 PnkBstrA - ok

15:45:58.0663 4996 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

15:45:58.0676 4996 PNRPAutoReg - ok

15:45:58.0682 4996 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

15:45:58.0696 4996 PNRPsvc - ok

15:45:58.0703 4996 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

15:45:58.0738 4996 PolicyAgent - ok

15:45:58.0743 4996 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

15:45:58.0777 4996 Power - ok

15:45:58.0780 4996 [ 485C885ACFA91D2CA662308C092765EA ] PowerBiosServer C:\Program Files (x86)\Hotkey\PowerBiosServer.exe

15:45:58.0785 4996 PowerBiosServer ( UnsignedFile.Multi.Generic ) - warning

15:45:58.0785 4996 PowerBiosServer - detected UnsignedFile.Multi.Generic (1)

15:45:58.0789 4996 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

15:45:58.0818 4996 PptpMiniport - ok

15:45:58.0821 4996 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

15:45:58.0833 4996 Processor - ok

15:45:58.0838 4996 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll

15:45:58.0870 4996 ProfSvc - ok

15:45:58.0873 4996 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

15:45:58.0884 4996 ProtectedStorage - ok

15:45:58.0898 4996 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

15:45:58.0925 4996 ql2300 - ok

15:45:58.0929 4996 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

15:45:58.0939 4996 ql40xx - ok

15:45:58.0944 4996 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

15:45:58.0963 4996 QWAVE - ok

15:45:58.0965 4996 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

15:45:58.0980 4996 QWAVEdrv - ok

15:45:58.0982 4996 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

15:45:59.0012 4996 RasAcd - ok

15:45:59.0015 4996 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

15:45:59.0045 4996 RasAgileVpn - ok

15:45:59.0048 4996 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

15:45:59.0080 4996 RasAuto - ok

15:45:59.0084 4996 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

15:45:59.0113 4996 Rasl2tp - ok

15:45:59.0119 4996 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

15:45:59.0153 4996 RasMan - ok

15:45:59.0157 4996 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

15:45:59.0187 4996 RasPppoe - ok

15:45:59.0190 4996 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

15:45:59.0220 4996 RasSstp - ok

15:45:59.0226 4996 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

15:45:59.0257 4996 rdbss - ok

15:45:59.0260 4996 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

15:45:59.0273 4996 rdpbus - ok

15:45:59.0275 4996 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

15:45:59.0305 4996 RDPCDD - ok

15:45:59.0310 4996 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

15:45:59.0321 4996 RDPDR - ok

15:45:59.0324 4996 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

15:45:59.0354 4996 RDPENCDD - ok

15:45:59.0358 4996 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

15:45:59.0387 4996 RDPREFMP - ok

15:45:59.0391 4996 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

15:45:59.0404 4996 RDPWD - ok

15:45:59.0409 4996 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

15:45:59.0420 4996 rdyboost - ok

15:45:59.0424 4996 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

15:45:59.0457 4996 RemoteAccess - ok

15:45:59.0461 4996 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

15:45:59.0495 4996 RemoteRegistry - ok

15:45:59.0502 4996 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

15:45:59.0517 4996 RFCOMM - ok

15:45:59.0520 4996 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

15:45:59.0553 4996 RpcEptMapper - ok

15:45:59.0556 4996 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

15:45:59.0569 4996 RpcLocator - ok

15:45:59.0576 4996 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

15:45:59.0611 4996 RpcSs - ok

15:45:59.0614 4996 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

15:45:59.0644 4996 rspndr - ok

15:45:59.0654 4996 [ 8A6D542473CAD8B548DAE6013DC70299 ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys

15:45:59.0672 4996 RTL8192Ce - ok

15:45:59.0675 4996 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

15:45:59.0686 4996 s3cap - ok

15:45:59.0689 4996 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

15:45:59.0700 4996 SamSs - ok

15:45:59.0704 4996 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

15:45:59.0713 4996 sbp2port - ok

15:45:59.0719 4996 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

15:45:59.0753 4996 SCardSvr - ok

15:45:59.0756 4996 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

15:45:59.0784 4996 scfilter - ok

15:45:59.0796 4996 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

15:45:59.0839 4996 Schedule - ok

15:45:59.0842 4996 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

15:45:59.0871 4996 SCPolicySvc - ok

15:45:59.0875 4996 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

15:45:59.0889 4996 sdbus - ok

15:45:59.0893 4996 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

15:45:59.0907 4996 SDRSVC - ok

15:45:59.0910 4996 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

15:45:59.0939 4996 secdrv - ok

15:45:59.0942 4996 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

15:45:59.0974 4996 seclogon - ok

15:45:59.0977 4996 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

15:46:00.0009 4996 SENS - ok

15:46:00.0012 4996 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

15:46:00.0025 4996 SensrSvc - ok

15:46:00.0028 4996 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

15:46:00.0039 4996 Serenum - ok

15:46:00.0043 4996 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

15:46:00.0054 4996 Serial - ok

15:46:00.0057 4996 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

15:46:00.0068 4996 sermouse - ok

15:46:00.0075 4996 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

15:46:00.0107 4996 SessionEnv - ok

15:46:00.0109 4996 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

15:46:00.0120 4996 sffdisk - ok

15:46:00.0123 4996 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

15:46:00.0134 4996 sffp_mmc - ok

15:46:00.0136 4996 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

15:46:00.0150 4996 sffp_sd - ok

15:46:00.0152 4996 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

15:46:00.0163 4996 sfloppy - ok

15:46:00.0169 4996 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

15:46:00.0204 4996 SharedAccess - ok

15:46:00.0210 4996 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

15:46:00.0244 4996 ShellHWDetection - ok

15:46:00.0247 4996 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:46:00.0256 4996 SiSRaid2 - ok

15:46:00.0259 4996 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

15:46:00.0269 4996 SiSRaid4 - ok

15:46:00.0273 4996 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

15:46:00.0281 4996 SkypeUpdate - ok

15:46:00.0284 4996 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

15:46:00.0315 4996 Smb - ok

15:46:00.0320 4996 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

15:46:00.0335 4996 SNMPTRAP - ok

15:46:00.0338 4996 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

15:46:00.0347 4996 spldr - ok

15:46:00.0354 4996 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe

15:46:00.0389 4996 Spooler - ok

15:46:00.0420 4996 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

15:46:00.0488 4996 sppsvc - ok

15:46:00.0492 4996 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

15:46:00.0524 4996 sppuinotify - ok

15:46:00.0531 4996 [ A6CFF1AF7664627A296B6A0A96CF876E ] sptd C:\Windows\System32\Drivers\sptd.sys

15:46:00.0532 4996 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: A6CFF1AF7664627A296B6A0A96CF876E

15:46:00.0533 4996 sptd ( LockedFile.Multi.Generic ) - warning

15:46:00.0533 4996 sptd - detected LockedFile.Multi.Generic (1)

15:46:00.0539 4996 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

15:46:00.0554 4996 srv - ok

15:46:00.0560 4996 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

15:46:00.0574 4996 srv2 - ok

15:46:00.0579 4996 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

15:46:00.0591 4996 srvnet - ok

15:46:00.0595 4996 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

15:46:00.0629 4996 SSDPSRV - ok

15:46:00.0633 4996 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

15:46:00.0665 4996 SstpSvc - ok

15:46:00.0667 4996 Steam Client Service - ok

15:46:00.0671 4996 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

15:46:00.0680 4996 stexstor - ok

15:46:00.0687 4996 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

15:46:00.0711 4996 stisvc - ok

15:46:00.0714 4996 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

15:46:00.0723 4996 storflt - ok

15:46:00.0725 4996 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll

15:46:00.0739 4996 StorSvc - ok

15:46:00.0741 4996 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

15:46:00.0750 4996 storvsc - ok

15:46:00.0753 4996 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

15:46:00.0762 4996 swenum - ok

15:46:00.0769 4996 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

15:46:00.0806 4996 swprv - ok

15:46:00.0820 4996 [ F4DB1D9E6A42D491F0F8E21854301C0B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

15:46:00.0845 4996 SynTP - ok

15:46:00.0862 4996 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

15:46:00.0899 4996 SysMain - ok

15:46:00.0903 4996 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

15:46:00.0921 4996 TabletInputService - ok

15:46:00.0926 4996 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

15:46:00.0961 4996 TapiSrv - ok

15:46:00.0965 4996 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

15:46:00.0996 4996 TBS - ok

15:46:01.0014 4996 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

15:46:01.0045 4996 Tcpip - ok

15:46:01.0064 4996 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

15:46:01.0095 4996 TCPIP6 - ok

15:46:01.0100 4996 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

15:46:01.0129 4996 tcpipreg - ok

15:46:01.0133 4996 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

15:46:01.0143 4996 TDPIPE - ok

15:46:01.0146 4996 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

15:46:01.0157 4996 TDTCP - ok

15:46:01.0160 4996 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

15:46:01.0190 4996 tdx - ok

15:46:01.0192 4996 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

15:46:01.0202 4996 TermDD - ok

15:46:01.0210 4996 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

15:46:01.0249 4996 TermService - ok

15:46:01.0252 4996 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

15:46:01.0269 4996 Themes - ok

15:46:01.0272 4996 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

15:46:01.0303 4996 THREADORDER - ok

15:46:01.0306 4996 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

15:46:01.0339 4996 TrkWks - ok

15:46:01.0344 4996 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

15:46:01.0374 4996 TrustedInstaller - ok

15:46:01.0378 4996 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

15:46:01.0407 4996 tssecsrv - ok

15:46:01.0410 4996 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

15:46:01.0421 4996 TsUsbFlt - ok

15:46:01.0425 4996 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

15:46:01.0455 4996 tunnel - ok

15:46:01.0458 4996 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

15:46:01.0467 4996 uagp35 - ok

15:46:01.0472 4996 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

15:46:01.0504 4996 udfs - ok

15:46:01.0509 4996 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

15:46:01.0523 4996 UI0Detect - ok

15:46:01.0526 4996 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

15:46:01.0536 4996 uliagpkx - ok

15:46:01.0539 4996 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

15:46:01.0551 4996 umbus - ok

15:46:01.0553 4996 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

15:46:01.0564 4996 UmPass - ok

15:46:01.0569 4996 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

15:46:01.0584 4996 UmRdpService - ok

15:46:01.0588 4996 [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys

15:46:01.0595 4996 UnlockerDriver5 - ok

15:46:01.0620 4996 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

15:46:01.0659 4996 UNS - ok

15:46:01.0665 4996 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

15:46:01.0701 4996 upnphost - ok

15:46:01.0705 4996 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

15:46:01.0716 4996 usbccgp - ok

15:46:01.0719 4996 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

15:46:01.0733 4996 usbcir - ok

15:46:01.0736 4996 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

15:46:01.0747 4996 usbehci - ok

15:46:01.0753 4996 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

15:46:01.0766 4996 usbhub - ok

15:46:01.0769 4996 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

15:46:01.0780 4996 usbohci - ok

15:46:01.0783 4996 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

15:46:01.0796 4996 usbprint - ok

15:46:01.0799 4996 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:46:01.0811 4996 USBSTOR - ok

15:46:01.0814 4996 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

15:46:01.0825 4996 usbuhci - ok

15:46:01.0829 4996 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

15:46:01.0843 4996 usbvideo - ok

15:46:01.0918 4996 [ 659BA43F61FC37609288A5340A8D37D4 ] usj G:\AeriaGames\EdenEternal\EdenEternal\avital\ussjcs64.sys

15:46:01.0956 4996 usj - ok

15:46:01.0965 4996 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

15:46:02.0007 4996 UxSms - ok

15:46:02.0009 4996 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

15:46:02.0021 4996 VaultSvc - ok

15:46:02.0024 4996 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

15:46:02.0033 4996 vdrvroot - ok

15:46:02.0040 4996 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

15:46:02.0077 4996 vds - ok

15:46:02.0080 4996 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

15:46:02.0093 4996 vga - ok

15:46:02.0096 4996 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

15:46:02.0125 4996 VgaSave - ok

15:46:02.0130 4996 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

15:46:02.0141 4996 vhdmp - ok

15:46:02.0144 4996 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

15:46:02.0153 4996 viaide - ok

15:46:02.0158 4996 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

15:46:02.0169 4996 vmbus - ok

15:46:02.0171 4996 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

15:46:02.0182 4996 VMBusHID - ok

15:46:02.0185 4996 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

15:46:02.0194 4996 volmgr - ok

15:46:02.0200 4996 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

15:46:02.0213 4996 volmgrx - ok

15:46:02.0218 4996 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

15:46:02.0230 4996 volsnap - ok

15:46:02.0235 4996 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

15:46:02.0245 4996 vsmraid - ok

15:46:02.0261 4996 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

15:46:02.0309 4996 VSS - ok

15:46:02.0312 4996 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

15:46:02.0325 4996 vwifibus - ok

15:46:02.0328 4996 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

15:46:02.0343 4996 vwififlt - ok

15:46:02.0349 4996 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

15:46:02.0384 4996 W32Time - ok

15:46:02.0389 4996 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

15:46:02.0400 4996 WacomPen - ok

15:46:02.0404 4996 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

15:46:02.0433 4996 WANARP - ok

15:46:02.0436 4996 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

15:46:02.0466 4996 Wanarpv6 - ok

15:46:02.0480 4996 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

15:46:02.0508 4996 WatAdminSvc - ok

15:46:02.0524 4996 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

15:46:02.0555 4996 wbengine - ok

15:46:02.0560 4996 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

15:46:02.0578 4996 WbioSrvc - ok

15:46:02.0584 4996 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

15:46:02.0605 4996 wcncsvc - ok

15:46:02.0609 4996 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

15:46:02.0622 4996 WcsPlugInService - ok

15:46:02.0625 4996 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

15:46:02.0633 4996 Wd - ok

15:46:02.0642 4996 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

15:46:02.0658 4996 Wdf01000 - ok

15:46:02.0661 4996 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

15:46:02.0695 4996 WdiServiceHost - ok

15:46:02.0697 4996 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

15:46:02.0715 4996 WdiSystemHost - ok

15:46:02.0720 4996 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

15:46:02.0740 4996 WebClient - ok

15:46:02.0745 4996 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

15:46:02.0780 4996 Wecsvc - ok

15:46:02.0783 4996 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

15:46:02.0816 4996 wercplsupport - ok

15:46:02.0820 4996 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

15:46:02.0853 4996 WerSvc - ok

15:46:02.0856 4996 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

15:46:02.0885 4996 WfpLwf - ok

15:46:02.0888 4996 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

15:46:02.0897 4996 WIMMount - ok

15:46:02.0899 4996 WinDefend - ok

15:46:02.0905 4996 WinHttpAutoProxySvc - ok

15:46:02.0915 4996 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

15:46:02.0947 4996 Winmgmt - ok

15:46:02.0966 4996 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

15:46:03.0020 4996 WinRM - ok

15:46:03.0027 4996 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys

15:46:03.0041 4996 WinUsb - ok

15:46:03.0051 4996 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

15:46:03.0078 4996 Wlansvc - ok

15:46:03.0081 4996 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

15:46:03.0093 4996 WmiAcpi - ok

15:46:03.0099 4996 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

15:46:03.0113 4996 wmiApSrv - ok

15:46:03.0116 4996 WMPNetworkSvc - ok

15:46:03.0119 4996 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

15:46:03.0133 4996 WPCSvc - ok

15:46:03.0136 4996 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

15:46:03.0152 4996 WPDBusEnum - ok

15:46:03.0155 4996 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

15:46:03.0184 4996 ws2ifsl - ok

15:46:03.0188 4996 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

15:46:03.0206 4996 wscsvc - ok

15:46:03.0208 4996 WSearch - ok

15:46:03.0231 4996 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll

15:46:03.0298 4996 wuauserv - ok

15:46:03.0301 4996 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

15:46:03.0331 4996 WudfPf - ok

15:46:03.0336 4996 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

15:46:03.0365 4996 WUDFRd - ok

15:46:03.0369 4996 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

15:46:03.0401 4996 wudfsvc - ok

15:46:03.0405 4996 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

15:46:03.0425 4996 WwanSvc - ok

15:46:03.0457 4996 X6va005 - ok

15:46:03.0459 4996 X6va006 - ok

15:46:03.0469 4996 ================ Scan global ===============================

15:46:03.0472 4996 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

15:46:03.0477 4996 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

15:46:03.0485 4996 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

15:46:03.0490 4996 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

15:46:03.0498 4996 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

15:46:03.0502 4996 [Global] - ok

15:46:03.0502 4996 ================ Scan MBR ==================================

15:46:03.0503 4996 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

15:46:03.0619 4996 \Device\Harddisk0\DR0 - ok

15:46:03.0624 4996 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1

15:46:03.0719 4996 \Device\Harddisk1\DR1 - ok

15:46:03.0720 4996 ================ Scan VBR ==================================

15:46:03.0725 4996 [ 8C53B4488DB034D8E4552BBDA69DD4F3 ] \Device\Harddisk0\DR0\Partition1

15:46:03.0728 4996 \Device\Harddisk0\DR0\Partition1 - ok

15:46:03.0733 4996 [ 9510D2E51C7C772993CCF27A472876ED ] \Device\Harddisk1\DR1\Partition1

15:46:03.0736 4996 \Device\Harddisk1\DR1\Partition1 - ok

15:46:03.0737 4996 ============================================================

15:46:03.0737 4996 Scan finished

15:46:03.0737 4996 ============================================================

15:46:03.0757 3232 Detected object count: 3

15:46:03.0757 3232 Actual detected object count: 3

15:46:44.0153 3232 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

15:46:44.0153 3232 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:46:44.0154 3232 PowerBiosServer ( UnsignedFile.Multi.Generic ) - skipped by user

15:46:44.0154 3232 PowerBiosServer ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:46:44.0156 3232 sptd ( LockedFile.Multi.Generic ) - skipped by user

15:46:44.0156 3232 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

[MrCharlie]

Please create a new system restore point before running ComboFix!!!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[MrCharlie]

How are we doing??

Do you still need help or can I close this post??

MrC

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!