I'm infected - What do I do now? URL:mal / ZERO Access trojan

thedeadguy · September 12, 2012

Ok, I ran DDS and here are the results:

DDS:

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.7.2

Run by Robert at 12:22:40 on 2012-09-12

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3949.1394 [GMT -4:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\SysWOW64\svchost.exe -k Akamai

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe

C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe

C:\Program Files (x86)\Expat Shield\bin\hsswd.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe

D:\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe

C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe

C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

C:\ProgramData\TVersity\Media Server\MediaServer.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

D:\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

D:\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

D:\Steam\Steam.exe

C:\Program Files (x86)\Adobe\Elements Organizer 8.0\ElementsOrganizerSyncAgent.exe

C:\Program Files (x86)\Logitech\Vid HD\Vid.exe

C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Zecter\ZumoCast\ZumoCast.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe

C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

C:\Program Files (x86)\Winamp\winampa.exe

C:\Program Files (x86)\Google\Google Talk\googletalk.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Users\Robert\AppData\Roaming\wbtooltb\wbbtool1_0dn.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Windows\AsScrPro.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\Program Files (x86)\Zecter\ZumoCast\bin\gst-thumbnailer.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\StikyNot.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Users\Robert\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Windows\sysWOW64\wbem\wmiprvse.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bing.com/?pc=Z013&form=ZGAPHP

uInternet Settings,ProxyOverride = <local>;192.168.*.*

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: Expat Shield Class: {3706ee7c-3cad-445d-8a43-03ebc3b75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Webblog: {c3947f4e-8894-4c04-98e0-df182c706ddf} - C:\Program Files (x86)\wbtooltb\wbtoolDx.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Webblog: {c3947f4e-8894-4c04-98e0-df182c706ddf} - C:\Program Files (x86)\wbtooltb\wbtoolDx.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [steam] "D:\Steam\steam.exe" -silent

uRun: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements Organizer 8.0\ElementsOrganizerSyncAgent.exe

uRun: [MultiScreen] C:\Program Files (x86)\MultiScreen\MultiScreen.exe

uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet

uRun: [Facebook Update] "C:\Users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [Akamai NetSession Interface] "C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe"

uRun: [ZumoCast] C:\Program Files (x86)\Zecter\ZumoCast\ZumoLauncher.lnk

uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe

uRun: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe

mRun: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"

mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun: [Network Error Advisor] "C:\Program Files (x86)\wbtooltb\ExeRunner.exe" wbtooltb wbbtool1_0dn

mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer = 10.206.24.1

TCP: Interfaces\{99FD0E7E-D371-4D5F-A30C-8094F0F7D545} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{99FD0E7E-D371-4D5F-A30C-8094F0F7D545}\14454533939313 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{99FD0E7E-D371-4D5F-A30C-8094F0F7D545}\2375942554830393 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{99FD0E7E-D371-4D5F-A30C-8094F0F7D545}\7496E6F67237020596A7A71602620224275677 : DhcpNameServer = 192.168.1.1 216.199.46.11 216.199.0.132

TCP: Interfaces\{99FD0E7E-D371-4D5F-A30C-8094F0F7D545}\B456E696C677F6274786 : DhcpNameServer = 68.87.74.162 68.87.68.162

TCP: Interfaces\{99FD0E7E-D371-4D5F-A30C-8094F0F7D545}\C616B65667965677 : DhcpNameServer = 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO-X64: Increase performance and video formats for your HTML5 <video> - No File

BHO-X64: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Webblog: {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files (x86)\wbtooltb\wbtoolDx.dll

BHO-X64: Webblog - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB-X64: Webblog: {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files (x86)\wbtooltb\wbtoolDx.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun-x64: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"

mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun-x64: [Network Error Advisor] "C:\Program Files (x86)\wbtooltb\ExeRunner.exe" wbtooltb wbbtool1_0dn

mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

mRun-x64: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\1pt560j7.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z013&form=ZGAADF&q=

FF - prefs.js: network.proxy.type - 4

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npBFPlugin.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Robert\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Robert\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Robert\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll

FF - plugin: C:\Users\Robert\AppData\Roaming\Mozilla\plugins\np-mswmp.dll

FF - plugin: C:\Users\Robert\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Robert\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false

.

============= SERVICES / DRIVERS ===============

.

R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?]

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]

R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]

R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-9-7 44808]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2011-9-19 87368]

R2 ExpatShieldService;Expat Shield Service;C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [2012-1-6 331608]

R2 ExpatSrv;Expat Shield Routing Service;C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [2012-1-4 363336]

R2 ExpatWd;Expat Shield Monitoring Service;C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat --> C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [?]

R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2010-5-7 197976]

R2 MBAMScheduler;MBAMScheduler;D:\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-10 399432]

R2 MBAMService;MBAMService;D:\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-10 676936]

R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [2010-3-10 86016]

R2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-3-10 86016]

R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-8-10 227184]

R2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe [2010-2-2 44312]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000]

R2 TabletServiceWacom;TabletServiceWacom;C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [2011-8-13 5716848]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-2-2 2314240]

R2 WMDrive;WMDrive;C:\Windows\SysWOW64\drivers\WMDrive.sys [2010-7-20 63968]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]

R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-17 136176]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-14 250568]

S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\system32\DRIVERS\motfilt.sys --> C:\Windows\system32\DRIVERS\motfilt.sys [?]

S3 DrmRAudio;DrmRAudio;C:\Windows\system32\drivers\DrmRAudio.sys --> C:\Windows\system32\drivers\DrmRAudio.sys [?]

S3 ExpatTrayService;Expat Shield Tray Service;C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.exe [2012-1-6 77520]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-4-20 1436424]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-7-28 1511872]

S3 GSService;GSService;"C:\Windows\SysWOW64\GSService.exe" --> C:\Windows\SysWOW64\GSService.exe [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-17 136176]

S3 hitmanpro35;Hitman Pro 3.5 Support Driver;\??\C:\Windows\system32\drivers\hitmanpro36.sys --> C:\Windows\system32\drivers\hitmanpro36.sys [?]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]

S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\system32\DRIVERS\motccgp.sys --> C:\Windows\system32\DRIVERS\motccgp.sys [?]

S3 motccgpfl;MotCcgpFlService;C:\Windows\system32\DRIVERS\motccgpfl.sys --> C:\Windows\system32\DRIVERS\motccgpfl.sys [?]

S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\system32\DRIVERS\Motousbnet.sys --> C:\Windows\system32\DRIVERS\Motousbnet.sys [?]

S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\system32\DRIVERS\motusbdevice.sys --> C:\Windows\system32\DRIVERS\motusbdevice.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-28 114144]

S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 20992]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 SndTAudio;SndTAudio;C:\Windows\system32\drivers\SndTAudio.sys --> C:\Windows\system32\drivers\SndTAudio.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-09-12 06:22:29 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BC42310F-2980-4AF8-BAF6-881D2B5FC8DE}\mpengine.dll

2012-09-11 22:32:52 -------- d-----w- C:\Windows\en

2012-09-11 22:30:22 57280 ----a-w- C:\Windows\System32\drivers\fssfltr.sys

2012-09-11 22:26:27 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\79ddf9fd1cd906c04\DSETUP.dll

2012-09-11 22:26:27 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\79ddf9fd1cd906c04\DXSETUP.exe

2012-09-11 22:26:27 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\79ddf9fd1cd906c04\dsetup32.dll

2012-09-11 22:26:23 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\77e94e991cd906c03\DSETUP.dll

2012-09-11 22:26:23 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\77e94e991cd906c03\DXSETUP.exe

2012-09-11 22:26:23 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\77e94e991cd906c03\dsetup32.dll

2012-09-11 22:26:19 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\75a87de61cd906c01\DXSETUP.exe

2012-09-11 22:26:18 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\75a87de61cd906c01\DSETUP.dll

2012-09-11 22:26:18 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\75a87de61cd906c01\dsetup32.dll

2012-09-11 04:00:22 -------- d-sh--w- C:\$RECYCLE.BIN

2012-09-11 03:43:27 98816 ----a-w- C:\Windows\sed.exe

2012-09-11 03:43:27 518144 ----a-w- C:\Windows\SWREG.exe

2012-09-11 03:43:27 256000 ----a-w- C:\Windows\PEV.exe

2012-09-11 03:43:27 208896 ----a-w- C:\Windows\MBR.exe

2012-09-11 03:43:20 -------- d-----w- C:\Commy.exe

2012-09-11 02:46:05 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-09-11 02:45:53 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-09 04:31:03 -------- d-----w- C:\Users\Robert\AppData\Local\{0A6A9336-9574-499B-AA63-BADA1ED7F71C}

2012-09-08 13:07:02 270304 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe

2012-09-08 13:07:02 19424 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll

2012-09-08 13:07:02 15632352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll

2012-09-08 13:07:01 883896 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

2012-09-08 13:07:01 155104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll

2012-09-08 13:07:01 145376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll

2012-09-08 13:07:00 91104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\smime3.dll

2012-09-08 13:07:00 129176 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll

2012-09-08 13:07:00 12800 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

2012-09-08 13:07:00 11776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll

2012-09-01 06:02:13 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared

2012-08-31 16:46:17 -------- d-----w- C:\Users\Robert\AppData\Local\Macromedia

2012-08-29 04:27:53 -------- d-----w- C:\Program Files (x86)\BitTorrent

2012-08-29 04:26:41 -------- d-----w- C:\Users\Robert\AppData\Roaming\BitTorrent

2012-08-24 06:44:44 -------- d-----w- C:\Users\Robert\AppData\Local\{656CB37D-E16C-4C09-A4A5-813BB5DE5D5A}

2012-08-19 18:32:14 -------- d-----w- C:\ProgramData\Kaspersky Lab

2012-08-19 18:16:05 -------- d-----w- C:\TDSSKiller_Quarantine

2012-08-18 16:28:58 -------- d-----w- C:\Users\Robert\AppData\Local\{00C2BA9E-C408-4FEC-82F6-0C7E14F2F75B}

2012-08-17 16:21:33 -------- d-----w- C:\Users\Robert\AppData\Local\{D6A39D84-946C-4FC8-8E1D-3A5218EF6112}

2012-08-17 04:20:27 -------- d-----w- C:\Users\Robert\AppData\Local\{9900D9E4-DF77-4987-8B2A-0488B3EFBCBE}

2012-08-16 15:59:53 -------- d-----w- C:\Users\Robert\AppData\Local\{F3FC33BD-8D11-4C11-BE72-914A18EC2A54}

2012-08-16 03:59:26 -------- d-----w- C:\Users\Robert\AppData\Local\{423ADE28-5B3C-40E6-846B-9F52F97D55F3}

2012-08-16 03:59:13 -------- d-----w- C:\Users\Robert\AppData\Local\{A298D61C-47B3-4994-A600-8DC258B397B5}

2012-08-15 15:58:33 -------- d-----w- C:\Users\Robert\AppData\Local\{9F8CAFDF-7C13-4F4D-A427-E5E18C2D493C}

2012-08-15 15:58:15 -------- d-----w- C:\Users\Robert\AppData\Local\{5026ADE2-9BC9-40F8-9D51-D196DFEF9885}

2012-08-15 03:54:51 -------- d-----w- C:\Users\Robert\AppData\Local\{71209273-9791-4AE7-985D-F5EBF6CE3C3B}

2012-08-15 03:54:38 -------- d-----w- C:\Users\Robert\AppData\Local\{4F74C9F0-4AFA-4C26-8274-9EE51AA18D36}

2012-08-14 16:19:15 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-08-14 15:54:08 -------- d-----w- C:\Users\Robert\AppData\Local\{AC79C3AA-62FF-4698-BAC1-48F4B41BBB40}

2012-08-14 15:53:55 -------- d-----w- C:\Users\Robert\AppData\Local\{216CB150-40DD-45BD-94DF-5ABB684B1E4D}

2012-08-14 03:53:40 -------- d-----w- C:\Users\Robert\AppData\Local\{DEEFA5AD-C919-4023-AAE1-39138DF78675}

2012-08-14 03:53:28 -------- d-----w- C:\Users\Robert\AppData\Local\{B8BB7D2B-C44A-4990-ADD7-10A00814CB8D}

.

==================== Find3M ====================

.

2012-09-11 02:45:44 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-09-01 06:01:32 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2012-09-01 06:01:32 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2012-09-01 05:34:28 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-01 05:34:28 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-08-21 09:13:13 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-08-21 09:13:12 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-08-21 09:13:12 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2012-08-21 09:12:33 41224 ----a-w- C:\Windows\avastSS.scr

2012-08-13 15:02:17 45056 ----a-w- C:\Windows\System32\acovcnt.exe

2012-07-28 07:09:02 57792 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2012-07-28 06:54:00 321472 ----a-w- C:\Windows\WLXPGSS.SCR

2012-07-26 23:08:06 862664 ----a-w- C:\Windows\SysWow64\msvcr110.dll

2012-07-26 23:08:06 534480 ----a-w- C:\Windows\SysWow64\msvcp110.dll

2012-07-26 23:08:06 251864 ----a-w- C:\Windows\SysWow64\vccorlib110.dll

2012-07-26 23:08:06 153536 ----a-w- C:\Windows\SysWow64\atl110.dll

2012-07-26 23:08:06 115656 ----a-w- C:\Windows\SysWow64\vcomp110.dll

2012-07-26 19:22:10 828872 ----a-w- C:\Windows\System32\msvcr110.dll

2012-07-26 19:22:10 661448 ----a-w- C:\Windows\System32\msvcp110.dll

2012-07-26 19:22:10 354264 ----a-w- C:\Windows\System32\vccorlib110.dll

2012-07-26 19:22:10 177096 ----a-w- C:\Windows\System32\atl110.dll

2012-07-26 19:22:10 124360 ----a-w- C:\Windows\System32\vcomp110.dll

2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-07-17 19:14:44 253184 ----a-w- C:\Windows\System32\LIVESSP.DLL

2012-07-17 18:49:00 209648 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL

2012-07-12 03:27:24 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2012-07-12 03:27:23 175616 ----a-w- C:\Windows\System32\msclmd.dll

2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll

2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll

2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-06-27 07:06:53 1188864 ----a-w- C:\Windows\System32\wininet.dll

2012-06-27 05:53:07 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-27 04:53:10 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-27 04:10:55 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-25 20:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll

2012-06-19 10:42:35 30496 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys

2012-06-16 05:16:04 609792 ----a-w- C:\Windows\System32\vbscript.dll

2012-06-16 04:26:57 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll

2009-04-08 18:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll

2008-08-12 05:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll

.

============= FINISH: 12:24:00.14 ===============

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 5/13/2010 2:26:45 PM

System Uptime: 9/11/2012 6:54:46 PM (18 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K52Jr

Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | Socket 989 | 2266/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 116 GiB total, 19.501 GiB free.

D: is FIXED (NTFS) - 335 GiB total, 112.228 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP497: 9/12/2012 2:21:48 AM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

ÊÍÏÍË áÜ Microsoft Office Excel 2007 Help (KB963678)

ÊÍÏÍË áÜ Microsoft Office Powerpoint 2007 Help (KB963669)

ÊÍÏÍË áÜ Microsoft Office Word 2007 Help (KB963665)

2007 Microsoft Office system

AC3Filter 1.62b

Acrobat.com

Activation Assistant for the 2007 Microsoft Office suites

Actualização do Microsoft Office Excel 2007 Help (KB963678)

Actualização do Microsoft Office Powerpoint 2007 Help (KB963669)

Actualização do Microsoft Office Word 2007 Help (KB963665)

Adobe AIR

Adobe Download Manager

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop Elements 8.0

Adobe Photoshop.com Inspiration Browser

Adobe Reader X (10.1.4)

AIM 7

Akamai NetSession Interface

Akamai NetSession Interface Service

And Yet It Moves

Apple Application Support

Apple Software Update

ArchVision Content Manager

ASUS AI Recovery

ASUS AP Bank

ASUS CopyProtect

ASUS Data Security Manager

ASUS FancyStart

ASUS LifeFrame3

ASUS Live Update

ASUS MultiFrame

ASUS SmartLogon

ASUS Splendid Video Enhancement Technology

ASUS Virtual Camera

ATK Package

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

Audacity 1.3.13 (Unicode)

AudibleManager

Autodesk 3ds Max 2011 32-bit

Autodesk Backburner 2008.1

Autodesk FBX Plug-in 2011.1 - 3ds Max 2011

Autodesk Material Library 2011

Autodesk Material Library 2011 Base Image library

Autodesk Material Library 2011 Medium Image library

Autodesk Network License Manager

avast! Free Antivirus

AviSynth 2.5

BitTorrent

Boingo Wi-Fi

Braid

CameraHelperMsi

Canon MP Navigator EX 3.0

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CDisplay 1.8

Celtx (2.9.1)

Coby Media Manager

Cogs

Color Efex Pro 3.0 Wacom Edition 6

Composite 2011

ControlDeck

Corel Painter Sketch Pad

Corel SketchPad - ICA

Craft Director Studio

D3DX10

Diablo III

DivX Setup

Download Updater (AOL LLC)

Dual-Core Optimizer

eBook Reader

eMusic Download Manager

erLT

Expat Shield 2.24

Facebook Plug-In

Facebook Video Calling 1.2.0.159

ffdshow [rev 2583] [2009-01-05]

Free File Viewer 2010

Free FLAC to MP3 Converter 1.0

Game Park Console

Google Chrome

Google Earth

Google Talk (remove only)

Google Talk Plugin

Google Update Helper

Graboid Video 2.05

Guild Wars 2

Haali Media Splitter

Hammerfight

HOARD

IconHandler 32 bit

Intel® Management Engine Components

IPM

Java 7 Update 7

Java Auto Updater

Java 6 Update 26

JMicron Ethernet Adapter NDIS Driver

JMicron Flash Media Controller Driver

Junk Mail filter update

K_Series_ScreenSaver_EN

KODAK Share Button App

Livestream Procaster

Logitech Vid HD

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Video Mask Maker

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Machinarium

Malwarebytes Anti-Malware version 1.65.0.1400

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Arabic) 2007

Microsoft Office Access MUI (Chinese (Simplified)) 2007

Microsoft Office Access MUI (Chinese (Traditional)) 2007

Microsoft Office Access MUI (English) 2007

Microsoft Office Access MUI (French) 2007

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Access MUI (Portuguese (Portugal)) 2007

Microsoft Office Access MUI (Spanish) 2007

Microsoft Office Access MUI (Thai) 2007

Microsoft Office Access MUI (Turkish) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Click-to-Run 2010

Microsoft Office Excel 2007 Help ©ºÑºÍÑ¾à´· (KB963678)

Microsoft Office Excel 2007 Help ¸ÜÐÂ (KB963678)

Microsoft Office Excel 2007 Help Actualización (KB963678)

Microsoft Office Excel 2007 Help GÜncelleþtirmesi (KB963678)

Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678)

Microsoft Office Excel MUI (Arabic) 2007

Microsoft Office Excel MUI (Chinese (Simplified)) 2007

Microsoft Office Excel MUI (Chinese (Traditional)) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Excel MUI (French) 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Excel MUI (Portuguese (Portugal)) 2007

Microsoft Office Excel MUI (Spanish) 2007

Microsoft Office Excel MUI (Thai) 2007

Microsoft Office Excel MUI (Turkish) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2010 - English

Microsoft Office IME (Chinese (Simplified)) 2007

Microsoft Office IME (Chinese (Traditional)) 2007

Microsoft Office Live Add-in 1.3

Microsoft Office Outlook 2007 Help ¸ÜÐÂ (KB963677)

Microsoft Office Outlook 2007 Help Actualización (KB963677)

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (Arabic) 2007

Microsoft Office Outlook MUI (Chinese (Simplified)) 2007

Microsoft Office Outlook MUI (Chinese (Traditional)) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office Outlook MUI (French) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007

Microsoft Office Outlook MUI (Spanish) 2007

Microsoft Office Outlook MUI (Thai) 2007

Microsoft Office Outlook MUI (Turkish) 2007

Microsoft Office Powerpoint 2007 Help ©ºÑºÍÑ¾à´· (KB963669)

Microsoft Office Powerpoint 2007 Help ¸ÜÐÂ (KB963669)

Microsoft Office Powerpoint 2007 Help Actualización (KB963669)

Microsoft Office Powerpoint 2007 Help GÜncelleþtirmesi (KB963669)

Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669)

Microsoft Office PowerPoint 2007 §ó·sµ{¦¡ (KB963669)

Microsoft Office PowerPoint MUI (Arabic) 2007

Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007

Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint MUI (French) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007

Microsoft Office PowerPoint MUI (Spanish) 2007

Microsoft Office PowerPoint MUI (Thai) 2007

Microsoft Office PowerPoint MUI (Turkish) 2007

Microsoft Office Professional Hybrid 2007

Microsoft Office Proof (Arabic) 2007

Microsoft Office Proof (Basque) 2007

Microsoft Office Proof (Catalan) 2007

Microsoft Office Proof (Chinese (Simplified)) 2007

Microsoft Office Proof (Chinese (Traditional)) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Galician) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Portuguese (Portugal)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proof (Thai) 2007

Microsoft Office Proof (Turkish) 2007

Microsoft Office Proofing (Arabic) 2007

Microsoft Office Proofing (Chinese (Simplified)) 2007

Microsoft Office Proofing (Chinese (Traditional)) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing (French) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing (Portuguese (Portugal)) 2007

Microsoft Office Proofing (Spanish) 2007

Microsoft Office Proofing (Thai) 2007

Microsoft Office Proofing (Turkish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Arabic) 2007

Microsoft Office Publisher MUI (Chinese (Simplified)) 2007

Microsoft Office Publisher MUI (Chinese (Traditional)) 2007

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Publisher MUI (French) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007

Microsoft Office Publisher MUI (Spanish) 2007

Microsoft Office Publisher MUI (Thai) 2007

Microsoft Office Publisher MUI (Turkish) 2007

Microsoft Office Shared MUI (Arabic) 2007

Microsoft Office Shared MUI (Chinese (Simplified)) 2007

Microsoft Office Shared MUI (Chinese (Traditional)) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (French) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Portugal)) 2007

Microsoft Office Shared MUI (Spanish) 2007

Microsoft Office Shared MUI (Thai) 2007

Microsoft Office Shared MUI (Turkish) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word 2007 Help ©ºÑºÍÑ¾à´· (KB963665)

Microsoft Office Word 2007 Help ¸ÜÐÂ (KB963665)

Microsoft Office Word 2007 Help Actualización (KB963665)

Microsoft Office Word 2007 Help GÜncelleþtirmesi (KB963665)

Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665)

Microsoft Office Word 2007 §ó·sµ{¦¡ (KB963665)

Microsoft Office Word MUI (Arabic) 2007

Microsoft Office Word MUI (Chinese (Simplified)) 2007

Microsoft Office Word MUI (Chinese (Traditional)) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Office Word MUI (French) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Portugal)) 2007

Microsoft Office Word MUI (Spanish) 2007

Microsoft Office Word MUI (Thai) 2007

Microsoft Office Word MUI (Turkish) 2007

Microsoft Search Enhancement Pack

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft XML Parser

Microsoft XNA Framework Redistributable 3.1

Mise à jour Microsoft Office Excel 2007 Help (KB963678)

Mise à jour Microsoft Office Outlook 2007 Help (KB963677)

Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)

Mise à jour Microsoft Office Word 2007 Help (KB963665)

Monster Resume Easy Submit

MotoHelper 2.0.53 Driver 5.2.0

MotoHelper MergeModules

MOTOROLA MEDIA LINK

Movie Maker

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

Mplayer 0.6.9

MSVCRT

MSVCRT_amd64

MSVCRT110

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB973685)

MultiScreen

NVIDIA PhysX

One-click FLAC to MP3 Converter

OpenAL

Opera 11.00

Osmos

Painter Sketch Pad

Photo Common

Photo Gallery

PixelActive CityScape 1.8.3.34904 Autodesk Promo

Portal

Portal 2

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

Registration

Revenge of the Titans

Samsung_MonSetup

Search Toolbar

SecondLifeViewer (remove only)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Skype Click to Call

Skype™ 5.10

Space Pirates and Zombies

Spiral Knights

Spotify

Star Wars: The Old Republic

Steam

Steel Storm: Burning Retribution

System Requirements Lab

System Requirements Lab CYRI

Team Fortress 2

Team Fortress 2 Beta

The Neverhood

tunnel Screen Saver

TVersity Codec Pack 1.7

TVersity Media Server 1.9.6

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VC80CRTRedist - 8.0.50727.6195

Vessel Demo

Visual Studio Tools for the Office system 3.0 Runtime

Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)

VLC media player 1.0.1

VVVVVV

web beanfun!

Webblog

WebTablet IE Plugin

WebTablet Netscape Plugin

Winamp

Winamp Detector Plug-in

Windows Frotz

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live OneCare safety scanner

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinFlash

WinPcap 4.1.2

Wireless Console 3

Xfire (remove only)

Xiph.Org Open Codecs 0.85.17777

Xvid Video Codec

Yahoo! Messenger

Yahoo! Software Update

ZumoCast

.

==== Event Viewer Messages From Past Week ========

.

9/11/2012 6:55:03 PM, Error: volmgr [46] - Crash dump initialization failed!

9/11/2012 12:01:31 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.

9/11/2012 12:00:36 AM, Error: Service Control Manager [7000] - The Oberon Media Game Console service service failed to start due to the following error: A device attached to the system is not functioning.

9/10/2012 3:15:45 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wlidsvc service.

9/10/2012 11:57:32 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

9/10/2012 11:56:04 PM, Error: Application Popup [1060] - \??\C:\Commy.exe\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

9/10/2012 11:46:02 PM, Error: Service Control Manager [7034] - The mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit service terminated unexpectedly. It has done this 1 time(s).

9/10/2012 11:46:02 PM, Error: Service Control Manager [7034] - The mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit service terminated unexpectedly. It has done this 1 time(s).

9/10/2012 11:43:28 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891

9/10/2012 11:43:28 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891

9/10/2012 11:43:12 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Remote Desktop Configuration service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/10/2012 11:41:12 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

9/10/2012 11:41:00 PM, Error: Service Control Manager [7034] - The TVersityMediaServer service terminated unexpectedly. It has done this 1 time(s).

9/10/2012 11:40:59 PM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).

9/10/2012 11:40:59 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

9/10/2012 10:59:44 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

9/10/2012 10:56:56 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Oberon Media Game Console service service to connect.

9/10/2012 10:56:56 PM, Error: Service Control Manager [7000] - The Oberon Media Game Console service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

What now?

Maurice Naggar · September 14, 2012

Hello the deadguy.

Your logs showed some peer-to-peer filesharing apps: BitTorrent

Uninstall it and any other 'torrent and confirm that before we proceed.

Filesharing/downloading from unknown sources is one of the leading causes of transmission of malware.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

do this:

1. Open Internet Explorer.

2. Click "Tools," and then click "Internet Options."

3. Click "Connections," and then click "LAN Settings."

4. Make sure the check boxes for "Automatically detect settings" and "Use automatic configuration script" are not selected.

5. Make sure Proxy servers block is not selected (not checkmarked).

6. Apply changes & OK

Using IE (only!) to http://support.microsoft.com/kb/923737

[ignore any DOES NOT APPLY warning as well as the APPLIES TO section],

run the Fix It and then reboot.

Tip: For optimal results, enable the Delete personal settings option.

Next, describe for me in some detail what the issue is with this system, and why you suspect malware ?

Have you scanned your system with your antivirus ? what results ?

Have you scanned your system with MBAM? what results ? Copy & Paste contents of last scan log from MBAM

thedeadguy · September 14, 2012

Maurice Naggar,

With respect, I thank you for your response, but I would much prefer assistance from the user known as Maniac.

Because he it the only person on these help boards that doesn't preach the whole P2P/Torrenting is bad and should be avoided at all costs.

I use a client that scans all incoming files AND I don't use it for Hacked or Cracked programs. I use it to get episodes of Doctor Who and other

tv shows that I can't get where I am.

And also to answer: Why do I assume it's Malware? It's stated in my post: URL:mal

That's what Avast keeps saying it is that's redirecting me to bad sites.

And yes I've run Malwarebytes and Avast and a bunch of other scans, and noting is fixing the issue.

So can I please get help from Maniac?

TheDeadGuy

Maurice Naggar · September 14, 2012

Given you are super-careful, I'll acceed to your keeping the 'torrent. retracted

If you will proceed with the other steps I outlined, we can likely make some headway.

Do them and then run a new DDS and post those.

Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
>> from here <<
Quit all programs that you may have started.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on Scan button at upper right of screen.
Wait until the Status box shows "Scan Finished"
Click on Report and copy/paste the content of the Notepad into your next reply.
The log should be found in RKreport[1].txt on your Desktop
Do NOT press any Fix button.
Exit/Close RogueKiller

Edited September 14, 2012 by Maurice Naggar

Maurice Naggar · September 14, 2012

I regret the lapse in my judgment in even considering your insistence on keeping Bittorrent. Bad lapse.

Forum policy on peer-to-peer-programs:

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

http://forums.malwar...showtopic=97700

Should you change your mind, and remove it, send me a PM.

As it is, I must close this thread.

Maurice Naggar · September 15, 2012

Re-opened conditioned upon your guarantee that all peer-to-peer have been removed.

That you will also follow my guidance.

That you will not run tools without checking first with me.

If there are questions at somepoint, stop and ask first.

thedeadguy · September 15, 2012

ok...what's next? I just did the internet explorer reset. But I never use that browser (i really dont like it) I use Firefox.

But when I'm using Firefox to search links and stuff, Avast will alert me that I'm on a dangerous page, then I have to back up and click a second time and it's the correct page.

And it says its a URL:mal bug. How do I fix this?

Maurice Naggar · September 15, 2012

The fix will not necessarily be a one or even 2-pass thing. It will likely take sevarl passes back and forth.

Do have patiemce.

To Reset Firefox to its default state:

Start Firefox

in the address bar, type in

about:support

Click on the Reset Firefox button at top right of screen.

Also see http://support.mozilla.org/en-US/kb/reset-preferences-fix-problems?s=reset+search+options&r=2&as=s

Step 2

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 3

To show all files:

Go to your Desktop
Double-Click the Computer icon.
From the menu options, Select Tools, then Folder Options.
Next click the View tab.
Locate and uncheck Hide file extensions for known file types.
Locate and uncheck Hide protected operating system files (Recommended).
Locate and click Show hidden files and folders and drives.
Click Apply > OK.

Step 4

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Delete any prior aswMBR.exe you may have.

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Do not click any FIX button. We just need an initial report.

Step 5

Please read carefully and follow these steps.

Delete any prior TDSSKILLER.exe you may have.

Download TDSSKiller and save it to your Desktop.
Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 6

Delete any prior RogueKiller.exe you may have.

Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
>> from here <<
Quit all programs that you may have started.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on Scan button at upper right of screen.
Wait until the Status box shows "Scan Finished"
Click on Report and copy/paste the content of the Notepad into your next reply.
The log should be found in RKreport[1].txt on your Desktop
Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 7

RE-Enable your antivirus program.

Then copy/paste the following into your post (in order):

the contents of aswMBR report;
the contents of TDSSKILLER log;
the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

thedeadguy · September 15, 2012

Before I do this...a VERY important question: I have a TON of bookmarks, passwords, and subcriptions to webpages save in Firefox...will those get erased? I need all of them.

thedeadguy · September 15, 2012

Just did Step 4. There was no FIX option. Here's the log:

Run date: 2012-09-14 22:19:33

-----------------------------

22:19:33.012 OS Version: Windows x64 6.1.7601 Service Pack 1

22:19:33.012 Number of processors: 4 586 0x2502

22:19:33.014 ComputerName: ROBERTIADT-PC UserName: Robert

22:19:34.753 Initialize success

22:19:38.437 AVAST engine defs: 12091400

22:22:26.470 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

22:22:26.473 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 3

22:22:26.489 Disk 0 MBR read successfully

22:22:26.492 Disk 0 MBR scan

22:22:26.496 Disk 0 Windows VISTA default MBR code

22:22:26.509 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14997 MB offset 2048

22:22:26.527 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119232 MB offset 30716280

22:22:26.531 Disk 0 Partition - 00 0F Extended LBA 342706 MB offset 274904280

22:22:26.557 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 342706 MB offset 274904343

22:22:26.594 Disk 0 scanning C:\Windows\system32\drivers

22:22:41.906 Service scanning

22:23:10.067 Modules scanning

22:23:10.083 Scan finished successfully

22:24:01.560 Disk 0 MBR has been saved successfully to "C:\Users\Robert\Desktop\MBR.dat"

22:24:01.568 The log file has been saved successfully to "C:\Users\Robert\Desktop\aswMBR.txt"

continuing to Step 5

thedeadguy · September 15, 2012

22:32:38.0691 10640 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

22:32:38.0998 10640 ============================================================

22:32:38.0998 10640 Current date / time: 2012/09/14 22:32:38.0998

22:32:38.0998 10640 SystemInfo:

22:32:38.0998 10640

22:32:38.0998 10640 OS Version: 6.1.7601 ServicePack: 1.0

22:32:38.0998 10640 Product type: Workstation

22:32:38.0998 10640 ComputerName: ROBERTIADT-PC

22:32:38.0999 10640 UserName: Robert

22:32:38.0999 10640 Windows directory: C:\Windows

22:32:38.0999 10640 System windows directory: C:\Windows

22:32:38.0999 10640 Running under WOW64

22:32:38.0999 10640 Processor architecture: Intel x64

22:32:38.0999 10640 Number of processors: 4

22:32:38.0999 10640 Page size: 0x1000

22:32:38.0999 10640 Boot type: Normal boot

22:32:38.0999 10640 ============================================================

22:32:39.0543 10640 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

22:32:39.0551 10640 ============================================================

22:32:39.0551 10640 \Device\Harddisk0\DR0:

22:32:39.0551 10640 MBR partitions:

22:32:39.0551 10640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0xE8E0360

22:32:39.0568 10640 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1062B517, BlocksNum 0x29D5972A

22:32:39.0568 10640 ============================================================

22:32:39.0603 10640 C: <-> \Device\Harddisk0\DR0\Partition1

22:32:39.0630 10640 D: <-> \Device\Harddisk0\DR0\Partition2

22:32:39.0630 10640 ============================================================

22:32:39.0631 10640 Initialize success

22:32:39.0631 10640 ============================================================

22:32:53.0737 8196 ============================================================

22:32:53.0737 8196 Scan started

22:32:53.0737 8196 Mode: Manual;

22:32:53.0737 8196 ============================================================

22:32:54.0349 8196 ================ Scan system memory ========================

22:32:54.0349 8196 System memory - ok

22:32:54.0350 8196 ================ Scan services =============================

22:32:54.0577 8196 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

22:32:54.0581 8196 1394ohci - ok

22:32:54.0644 8196 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

22:32:54.0650 8196 ACPI - ok

22:32:54.0690 8196 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

22:32:54.0691 8196 AcpiPmi - ok

22:32:54.0793 8196 [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

22:32:55.0024 8196 AdobeActiveFileMonitor8.0 - ok

22:32:55.0128 8196 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

22:32:55.0132 8196 AdobeARMservice - ok

22:32:55.0281 8196 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

22:32:55.0285 8196 AdobeFlashPlayerUpdateSvc - ok

22:32:55.0344 8196 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

22:32:55.0351 8196 adp94xx - ok

22:32:55.0379 8196 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

22:32:55.0384 8196 adpahci - ok

22:32:55.0410 8196 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

22:32:55.0414 8196 adpu320 - ok

22:32:55.0484 8196 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

22:32:55.0494 8196 ADSMService - ok

22:32:55.0516 8196 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

22:32:55.0519 8196 AeLookupSvc - ok

22:32:55.0570 8196 [ 2D00D3DADC1D3326BA788EB071F2726E ] AFBAgent C:\Windows\system32\FBAgent.exe

22:32:55.0578 8196 AFBAgent - ok

22:32:55.0633 8196 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

22:32:55.0641 8196 AFD - ok

22:32:55.0683 8196 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

22:32:55.0684 8196 agp440 - ok

22:32:55.0912 8196 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll

22:32:56.0083 8196 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76

22:32:56.0089 8196 Akamai ( HiddenFile.Multi.Generic ) - warning

22:32:56.0089 8196 Akamai - detected HiddenFile.Multi.Generic (1)

22:32:56.0137 8196 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

22:32:56.0140 8196 ALG - ok

22:32:56.0188 8196 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

22:32:56.0189 8196 aliide - ok

22:32:56.0223 8196 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

22:32:56.0228 8196 AMD External Events Utility - ok

22:32:56.0245 8196 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

22:32:56.0248 8196 amdide - ok

22:32:56.0283 8196 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

22:32:56.0284 8196 AmdK8 - ok

22:32:56.0549 8196 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

22:32:56.0841 8196 amdkmdag - ok

22:32:56.0878 8196 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

22:32:56.0883 8196 amdkmdap - ok

22:32:56.0908 8196 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

22:32:56.0911 8196 AmdPPM - ok

22:32:56.0948 8196 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

22:32:56.0951 8196 amdsata - ok

22:32:56.0978 8196 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

22:32:56.0981 8196 amdsbs - ok

22:32:56.0996 8196 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

22:32:56.0998 8196 amdxata - ok

22:32:57.0059 8196 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

22:32:57.0061 8196 AppID - ok

22:32:57.0096 8196 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

22:32:57.0098 8196 AppIDSvc - ok

22:32:57.0136 8196 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

22:32:57.0139 8196 Appinfo - ok

22:32:57.0209 8196 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

22:32:57.0263 8196 Apple Mobile Device - ok

22:32:57.0326 8196 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

22:32:57.0327 8196 arc - ok

22:32:57.0340 8196 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

22:32:57.0341 8196 arcsas - ok

22:32:57.0373 8196 [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys

22:32:57.0375 8196 AsDsm - ok

22:32:57.0443 8196 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

22:32:57.0446 8196 ASLDRService - ok

22:32:57.0458 8196 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

22:32:57.0461 8196 ASMMAP64 - ok

22:32:57.0491 8196 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

22:32:57.0493 8196 aswFsBlk - ok

22:32:57.0568 8196 [ 316271CC32FDFFFCDB30677684906D5E ] aswKbd C:\Windows\system32\drivers\aswKbd.sys

22:32:57.0570 8196 aswKbd - ok

22:32:57.0634 8196 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

22:32:57.0636 8196 aswMonFlt - ok

22:32:57.0672 8196 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

22:32:57.0676 8196 aswRdr - ok

22:32:57.0752 8196 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

22:32:57.0775 8196 aswSnx - ok

22:32:57.0792 8196 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys

22:32:57.0798 8196 aswSP - ok

22:32:57.0809 8196 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

22:32:57.0810 8196 aswTdi - ok

22:32:57.0845 8196 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

22:32:57.0847 8196 AsyncMac - ok

22:32:57.0897 8196 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

22:32:57.0898 8196 atapi - ok

22:32:57.0970 8196 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys

22:32:58.0090 8196 athr - ok

22:32:58.0162 8196 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

22:32:58.0165 8196 AtiHDAudioService - ok

22:32:58.0198 8196 [ D481083348138B4933ACFE95812DB71C ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

22:32:58.0202 8196 AtiHdmiService - ok

22:32:58.0442 8196 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

22:32:58.0502 8196 atikmdag - ok

22:32:58.0541 8196 [ 63F1212FFE13E62CA1E8D8EE19ABD9A7 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

22:32:58.0545 8196 ATKGFNEXSrv - ok

22:32:58.0601 8196 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

22:32:58.0624 8196 AudioEndpointBuilder - ok

22:32:58.0650 8196 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

22:32:58.0654 8196 AudioSrv - ok

22:32:58.0733 8196 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

22:32:58.0734 8196 avast! Antivirus - ok

22:32:58.0801 8196 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

22:32:58.0804 8196 AxInstSV - ok

22:32:58.0860 8196 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

22:32:58.0867 8196 b06bdrv - ok

22:32:58.0904 8196 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

22:32:58.0909 8196 b57nd60a - ok

22:32:58.0965 8196 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

22:32:58.0968 8196 BDESVC - ok

22:32:58.0981 8196 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

22:32:58.0983 8196 Beep - ok

22:32:59.0054 8196 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

22:32:59.0076 8196 BFE - ok

22:32:59.0104 8196 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

22:32:59.0137 8196 BITS - ok

22:32:59.0166 8196 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

22:32:59.0167 8196 blbdrive - ok

22:32:59.0221 8196 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

22:32:59.0228 8196 Bonjour Service - ok

22:32:59.0268 8196 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

22:32:59.0269 8196 bowser - ok

22:32:59.0304 8196 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

22:32:59.0306 8196 BrFiltLo - ok

22:32:59.0325 8196 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

22:32:59.0325 8196 BrFiltUp - ok

22:32:59.0382 8196 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

22:32:59.0384 8196 BridgeMP - ok

22:32:59.0455 8196 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

22:32:59.0459 8196 Browser - ok

22:32:59.0479 8196 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

22:32:59.0483 8196 Brserid - ok

22:32:59.0510 8196 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

22:32:59.0511 8196 BrSerWdm - ok

22:32:59.0533 8196 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

22:32:59.0534 8196 BrUsbMdm - ok

22:32:59.0561 8196 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

22:32:59.0562 8196 BrUsbSer - ok

22:32:59.0623 8196 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys

22:32:59.0625 8196 BTCFilterService - ok

22:32:59.0637 8196 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

22:32:59.0638 8196 BTHMODEM - ok

22:32:59.0668 8196 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

22:32:59.0671 8196 bthserv - ok

22:32:59.0705 8196 catchme - ok

22:32:59.0753 8196 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

22:32:59.0754 8196 cdfs - ok

22:32:59.0812 8196 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

22:32:59.0815 8196 cdrom - ok

22:32:59.0863 8196 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

22:32:59.0866 8196 CertPropSvc - ok

22:32:59.0890 8196 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

22:32:59.0893 8196 circlass - ok

22:32:59.0935 8196 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

22:32:59.0942 8196 CLFS - ok

22:33:00.0013 8196 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:33:00.0016 8196 clr_optimization_v2.0.50727_32 - ok

22:33:00.0077 8196 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

22:33:00.0080 8196 clr_optimization_v2.0.50727_64 - ok

22:33:00.0151 8196 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:33:00.0155 8196 clr_optimization_v4.0.30319_32 - ok

22:33:00.0212 8196 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

22:33:00.0232 8196 clr_optimization_v4.0.30319_64 - ok

22:33:00.0277 8196 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

22:33:00.0279 8196 CmBatt - ok

22:33:00.0292 8196 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

22:33:00.0293 8196 cmdide - ok

22:33:00.0336 8196 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

22:33:00.0343 8196 CNG - ok

22:33:00.0382 8196 [ F7CA3ACCF5AA0E2182546C5BE42B2E96 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys

22:33:00.0405 8196 CnxtHdAudService - ok

22:33:00.0429 8196 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

22:33:00.0431 8196 Compbatt - ok

22:33:00.0461 8196 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

22:33:00.0462 8196 CompositeBus - ok

22:33:00.0472 8196 COMSysApp - ok

22:33:00.0493 8196 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

22:33:00.0496 8196 crcdisk - ok

22:33:00.0532 8196 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

22:33:00.0538 8196 CryptSvc - ok

22:33:00.0654 8196 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

22:33:00.0676 8196 cvhsvc - ok

22:33:00.0717 8196 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys

22:33:00.0719 8196 dc3d - ok

22:33:00.0767 8196 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

22:33:00.0789 8196 DcomLaunch - ok

22:33:00.0822 8196 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

22:33:00.0829 8196 defragsvc - ok

22:33:00.0924 8196 [ 74C1305F6F784A725B0A40D693FF4A09 ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

22:33:01.0023 8196 DeviceMonitorService - ok

22:33:01.0075 8196 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

22:33:01.0078 8196 DfsC - ok

22:33:01.0124 8196 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

22:33:01.0131 8196 Dhcp - ok

22:33:01.0168 8196 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

22:33:01.0169 8196 discache - ok

22:33:01.0221 8196 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

22:33:01.0222 8196 Disk - ok

22:33:01.0252 8196 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

22:33:01.0257 8196 Dnscache - ok

22:33:01.0311 8196 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

22:33:01.0317 8196 dot3svc - ok

22:33:01.0345 8196 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

22:33:01.0351 8196 DPS - ok

22:33:01.0390 8196 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

22:33:01.0392 8196 drmkaud - ok

22:33:01.0424 8196 [ EE68FFE62FBCC3673D70EC6B04B44379 ] DrmRAudio C:\Windows\system32\drivers\DrmRAudio.sys

22:33:01.0427 8196 DrmRAudio - ok

22:33:01.0494 8196 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

22:33:01.0521 8196 DXGKrnl - ok

22:33:01.0558 8196 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

22:33:01.0562 8196 EapHost - ok

22:33:01.0662 8196 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

22:33:01.0740 8196 ebdrv - ok

22:33:01.0769 8196 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

22:33:01.0774 8196 EFS - ok

22:33:01.0877 8196 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

22:33:01.0903 8196 ehRecvr - ok

22:33:01.0940 8196 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

22:33:01.0949 8196 ehSched - ok

22:33:02.0012 8196 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

22:33:02.0020 8196 elxstor - ok

22:33:02.0049 8196 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

22:33:02.0051 8196 ErrDev - ok

22:33:02.0081 8196 [ 3C38648375B7F3988691F53A7AAE10A9 ] ETD C:\Windows\system32\DRIVERS\ETD.sys

22:33:02.0082 8196 ETD - ok

22:33:02.0127 8196 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

22:33:02.0136 8196 EventSystem - ok

22:33:02.0161 8196 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

22:33:02.0165 8196 exfat - ok

22:33:02.0252 8196 [ 507942B5BFDBB8EFD0E03BDE9F72BC86 ] ExpatShieldService C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe

22:33:02.0258 8196 ExpatShieldService - ok

22:33:02.0340 8196 [ 2CFEA9C337B699ACA38487E8A7438F35 ] ExpatSrv C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe

22:33:02.0346 8196 ExpatSrv - ok

22:33:02.0386 8196 [ 1034F1285E474FCBB850AFD2DC712837 ] ExpatTrayService C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE

22:33:02.0389 8196 ExpatTrayService - ok

22:33:02.0417 8196 ExpatWd - ok

22:33:02.0444 8196 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

22:33:02.0448 8196 fastfat - ok

22:33:02.0508 8196 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

22:33:02.0531 8196 Fax - ok

22:33:02.0560 8196 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

22:33:02.0561 8196 fdc - ok

22:33:02.0593 8196 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

22:33:02.0596 8196 fdPHost - ok

22:33:02.0609 8196 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

22:33:02.0613 8196 FDResPub - ok

22:33:02.0641 8196 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

22:33:02.0643 8196 FileInfo - ok

22:33:02.0655 8196 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

22:33:02.0658 8196 Filetrace - ok

22:33:02.0706 8196 [ D60EF46DC0E757FE5EB579DB95B88954 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

22:33:02.0741 8196 FLEXnet Licensing Service - ok

22:33:02.0833 8196 [ A4297244D4F817278A6AE45B1899CA9C ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

22:33:02.0865 8196 FLEXnet Licensing Service 64 - ok

22:33:02.0899 8196 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

22:33:02.0900 8196 flpydisk - ok

22:33:02.0939 8196 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

22:33:02.0945 8196 FltMgr - ok

22:33:02.0986 8196 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

22:33:03.0017 8196 FontCache - ok

22:33:03.0072 8196 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

22:33:03.0075 8196 FontCache3.0.0.0 - ok

22:33:03.0108 8196 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

22:33:03.0109 8196 FsDepends - ok

22:33:03.0142 8196 [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

22:33:03.0144 8196 fssfltr - ok

22:33:03.0249 8196 [ 4E2E6FEDFE4A3445DBD0C623A242362D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

22:33:03.0282 8196 fsssvc - ok

22:33:03.0329 8196 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

22:33:03.0330 8196 Fs_Rec - ok

22:33:03.0382 8196 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

22:33:03.0385 8196 fvevol - ok

22:33:03.0424 8196 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

22:33:03.0427 8196 gagp30kx - ok

22:33:03.0454 8196 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

22:33:03.0455 8196 GEARAspiWDM - ok

22:33:03.0521 8196 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

22:33:03.0546 8196 gpsvc - ok

22:33:03.0620 8196 GSService - ok

22:33:03.0704 8196 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

22:33:03.0718 8196 gupdate - ok

22:33:03.0759 8196 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

22:33:03.0763 8196 gupdatem - ok

22:33:03.0786 8196 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

22:33:03.0789 8196 hcw85cir - ok

22:33:03.0849 8196 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

22:33:03.0855 8196 HdAudAddService - ok

22:33:03.0876 8196 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

22:33:03.0879 8196 HDAudBus - ok

22:33:03.0903 8196 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

22:33:03.0905 8196 HECIx64 - ok

22:33:03.0925 8196 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

22:33:03.0929 8196 HidBatt - ok

22:33:03.0951 8196 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

22:33:03.0952 8196 HidBth - ok

22:33:03.0970 8196 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

22:33:03.0972 8196 HidIr - ok

22:33:03.0992 8196 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

22:33:03.0996 8196 hidserv - ok

22:33:04.0025 8196 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

22:33:04.0027 8196 HidUsb - ok

22:33:04.0080 8196 [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro35 C:\Windows\system32\drivers\hitmanpro36.sys

22:33:04.0083 8196 hitmanpro35 - ok

22:33:04.0128 8196 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

22:33:04.0133 8196 hkmsvc - ok

22:33:04.0176 8196 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

22:33:04.0184 8196 HomeGroupListener - ok

22:33:04.0217 8196 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

22:33:04.0226 8196 HomeGroupProvider - ok

22:33:04.0265 8196 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

22:33:04.0266 8196 HpSAMD - ok

22:33:04.0320 8196 [ 80B0C0D39178E80905E30FA92C0F6D43 ] HssDrv C:\Windows\system32\DRIVERS\HssDrv.sys

22:33:04.0323 8196 HssDrv - ok

22:33:04.0382 8196 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

22:33:04.0404 8196 HTTP - ok

22:33:04.0440 8196 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

22:33:04.0442 8196 hwpolicy - ok

22:33:04.0501 8196 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

22:33:04.0504 8196 i8042prt - ok

22:33:04.0533 8196 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

22:33:04.0536 8196 iaStor - ok

22:33:04.0596 8196 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

22:33:04.0602 8196 iaStorV - ok

22:33:04.0678 8196 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

22:33:04.0700 8196 idsvc - ok

22:33:04.0733 8196 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

22:33:04.0736 8196 iirsp - ok

22:33:04.0790 8196 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

22:33:04.0817 8196 IKEEXT - ok

22:33:04.0864 8196 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

22:33:04.0866 8196 intelide - ok

22:33:04.0891 8196 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

22:33:04.0892 8196 intelppm - ok

22:33:04.0939 8196 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

22:33:04.0945 8196 IPBusEnum - ok

22:33:04.0985 8196 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

22:33:04.0986 8196 IpFilterDriver - ok

22:33:05.0071 8196 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

22:33:05.0083 8196 iphlpsvc - ok

22:33:05.0123 8196 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

22:33:05.0124 8196 IPMIDRV - ok

22:33:05.0175 8196 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

22:33:05.0178 8196 IPNAT - ok

22:33:05.0228 8196 [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

22:33:05.0254 8196 iPod Service - ok

22:33:05.0282 8196 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

22:33:05.0284 8196 IRENUM - ok

22:33:05.0325 8196 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

22:33:05.0326 8196 isapnp - ok

22:33:05.0347 8196 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

22:33:05.0352 8196 iScsiPrt - ok

22:33:05.0393 8196 [ DB917B998CBC15A153C00DD6EFC34C13 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys

22:33:05.0396 8196 JMCR - ok

22:33:05.0438 8196 [ AB42AEF22595A46941BFF76C210C942B ] JME C:\Windows\system32\DRIVERS\JME.sys

22:33:05.0441 8196 JME - ok

22:33:05.0485 8196 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

22:33:05.0487 8196 kbdclass - ok

22:33:05.0529 8196 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

22:33:05.0530 8196 kbdhid - ok

22:33:05.0560 8196 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys

22:33:05.0561 8196 kbfiltr - ok

22:33:05.0577 8196 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

22:33:05.0580 8196 KeyIso - ok

22:33:05.0620 8196 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

22:33:05.0622 8196 KSecDD - ok

22:33:05.0659 8196 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

22:33:05.0662 8196 KSecPkg - ok

22:33:05.0696 8196 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

22:33:05.0697 8196 ksthunk - ok

22:33:05.0738 8196 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

22:33:05.0748 8196 KtmRm - ok

22:33:05.0796 8196 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

22:33:05.0806 8196 LanmanServer - ok

22:33:05.0838 8196 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

22:33:05.0847 8196 LanmanWorkstation - ok

22:33:05.0887 8196 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

22:33:05.0889 8196 lltdio - ok

22:33:05.0933 8196 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

22:33:05.0942 8196 lltdsvc - ok

22:33:05.0961 8196 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

22:33:05.0966 8196 lmhosts - ok

22:33:06.0068 8196 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

22:33:06.0073 8196 LMS - ok

22:33:06.0105 8196 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

22:33:06.0108 8196 LSI_FC - ok

22:33:06.0140 8196 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

22:33:06.0141 8196 LSI_SAS - ok

22:33:06.0155 8196 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

22:33:06.0156 8196 LSI_SAS2 - ok

22:33:06.0178 8196 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

22:33:06.0179 8196 LSI_SCSI - ok

22:33:06.0213 8196 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

22:33:06.0216 8196 luafv - ok

22:33:06.0240 8196 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys

22:33:06.0241 8196 lullaby - ok

22:33:06.0293 8196 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys

22:33:06.0296 8196 LVPr2M64 - ok

22:33:06.0315 8196 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys

22:33:06.0316 8196 LVPr2Mon - ok

22:33:06.0356 8196 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

22:33:06.0360 8196 LVPrcS64 - ok

22:33:06.0419 8196 [ A43A6CBEA073990A784603EF065A281B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys

22:33:06.0425 8196 LVRS64 - ok

22:33:06.0587 8196 [ 4350876AB0D0C77D0B40A1C85935C96B ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys

22:33:06.0743 8196 LVUVC64 - ok

22:33:06.0825 8196 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

22:33:06.0828 8196 MBAMProtector - ok

22:33:06.0900 8196 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler D:\Malwarebytes' Anti-Malware\mbamscheduler.exe

22:33:06.0922 8196 MBAMScheduler - ok

22:33:06.0964 8196 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService D:\Malwarebytes' Anti-Malware\mbamservice.exe

22:33:06.0987 8196 MBAMService - ok

22:33:07.0025 8196 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

22:33:07.0031 8196 Mcx2Svc - ok

22:33:07.0057 8196 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

22:33:07.0059 8196 megasas - ok

22:33:07.0080 8196 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

22:33:07.0086 8196 MegaSR - ok

22:33:07.0193 8196 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2011_32 C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe

22:33:07.0195 8196 mi-raysat_3dsmax2011_32 - ok

22:33:07.0320 8196 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2011_64 C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe

22:33:07.0323 8196 mi-raysat_3dsmax2011_64 - ok

22:33:07.0347 8196 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

22:33:07.0353 8196 MMCSS - ok

22:33:07.0376 8196 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

22:33:07.0380 8196 Modem - ok

22:33:07.0416 8196 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

22:33:07.0417 8196 monitor - ok

22:33:07.0453 8196 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys

22:33:07.0455 8196 motccgp - ok

22:33:07.0480 8196 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys

22:33:07.0483 8196 motccgpfl - ok

22:33:07.0497 8196 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys

22:33:07.0499 8196 motmodem - ok

22:33:07.0604 8196 [ 98A10AC4257A3BA48C9611338544EE49 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

22:33:07.0609 8196 MotoHelper - ok

22:33:07.0629 8196 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys

22:33:07.0630 8196 MotoSwitchService - ok

22:33:07.0654 8196 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys

22:33:07.0656 8196 Motousbnet - ok

22:33:07.0697 8196 [ 4244E427CDA5F6485E74461B5B48A7B6 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys

22:33:07.0698 8196 motusbdevice - ok

22:33:07.0727 8196 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

22:33:07.0728 8196 mouclass - ok

22:33:07.0759 8196 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

22:33:07.0761 8196 mouhid - ok

22:33:07.0800 8196 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

22:33:07.0803 8196 mountmgr - ok

22:33:07.0859 8196 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

22:33:07.0862 8196 MozillaMaintenance - ok

22:33:07.0904 8196 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

22:33:07.0908 8196 mpio - ok

22:33:07.0940 8196 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

22:33:07.0942 8196 mpsdrv - ok

22:33:08.0010 8196 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

22:33:08.0044 8196 MpsSvc - ok

22:33:08.0088 8196 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

22:33:08.0092 8196 MRxDAV - ok

22:33:08.0121 8196 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

22:33:08.0124 8196 mrxsmb - ok

22:33:08.0186 8196 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

22:33:08.0200 8196 mrxsmb10 - ok

22:33:08.0216 8196 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

22:33:08.0218 8196 mrxsmb20 - ok

22:33:08.0249 8196 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

22:33:08.0252 8196 msahci - ok

22:33:08.0295 8196 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

22:33:08.0299 8196 msdsm - ok

22:33:08.0338 8196 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

22:33:08.0345 8196 MSDTC - ok

22:33:08.0377 8196 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

22:33:08.0380 8196 Msfs - ok

22:33:08.0393 8196 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

22:33:08.0396 8196 mshidkmdf - ok

22:33:08.0419 8196 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

22:33:08.0422 8196 msisadrv - ok

22:33:08.0446 8196 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

22:33:08.0453 8196 MSiSCSI - ok

22:33:08.0457 8196 msiserver - ok

22:33:08.0496 8196 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

22:33:08.0498 8196 MSKSSRV - ok

22:33:08.0518 8196 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

22:33:08.0519 8196 MSPCLOCK - ok

22:33:08.0530 8196 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

22:33:08.0532 8196 MSPQM - ok

22:33:08.0584 8196 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

22:33:08.0603 8196 MsRPC - ok

22:33:08.0648 8196 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

22:33:08.0651 8196 mssmbios - ok

22:33:08.0668 8196 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

22:33:08.0669 8196 MSTEE - ok

22:33:08.0685 8196 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

22:33:08.0688 8196 MTConfig - ok

22:33:08.0719 8196 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys

22:33:08.0728 8196 MTsensor - ok

22:33:08.0748 8196 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

22:33:08.0751 8196 Mup - ok

22:33:08.0817 8196 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

22:33:08.0828 8196 napagent - ok

22:33:08.0870 8196 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

22:33:08.0877 8196 NativeWifiP - ok

22:33:08.0959 8196 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

22:33:08.0982 8196 NDIS - ok

22:33:09.0020 8196 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

22:33:09.0022 8196 NdisCap - ok

22:33:09.0057 8196 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

22:33:09.0059 8196 NdisTapi - ok

22:33:09.0092 8196 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

22:33:09.0095 8196 Ndisuio - ok

22:33:09.0133 8196 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

22:33:09.0137 8196 NdisWan - ok

22:33:09.0188 8196 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

22:33:09.0191 8196 NDProxy - ok

22:33:09.0219 8196 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

22:33:09.0220 8196 NetBIOS - ok

22:33:09.0256 8196 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

22:33:09.0260 8196 NetBT - ok

22:33:09.0275 8196 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

22:33:09.0279 8196 Netlogon - ok

22:33:09.0324 8196 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

22:33:09.0334 8196 Netman - ok

22:33:09.0356 8196 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

22:33:09.0366 8196 netprofm - ok

22:33:09.0392 8196 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

22:33:09.0395 8196 NetTcpPortSharing - ok

22:33:09.0444 8196 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

22:33:09.0445 8196 nfrd960 - ok

22:33:09.0485 8196 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

22:33:09.0495 8196 NlaSvc - ok

22:33:09.0584 8196 [ 431ADA51E9D032F533548688CE5A2A24 ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll

22:33:09.0587 8196 nosGetPlusHelper - ok

22:33:09.0602 8196 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

22:33:09.0604 8196 Npfs - ok

22:33:09.0630 8196 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

22:33:09.0635 8196 nsi - ok

22:33:09.0663 8196 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

22:33:09.0665 8196 nsiproxy - ok

22:33:09.0719 8196 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

22:33:09.0751 8196 Ntfs - ok

22:33:09.0794 8196 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys

22:33:09.0796 8196 NuidFltr - ok

22:33:09.0818 8196 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

22:33:09.0820 8196 Null - ok

22:33:09.0848 8196 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

22:33:09.0852 8196 nvraid - ok

22:33:09.0891 8196 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

22:33:09.0895 8196 nvstor - ok

22:33:09.0916 8196 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

22:33:09.0920 8196 nv_agp - ok

22:33:09.0994 8196 [ 649791F5B905E6A8ECCED15AD8EFD436 ] OberonGameConsoleService C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe

22:33:10.0033 8196 OberonGameConsoleService - ok

22:33:10.0117 8196 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

22:33:10.0206 8196 odserv - ok

22:33:10.0240 8196 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

22:33:10.0243 8196 ohci1394 - ok

22:33:10.0304 8196 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

22:33:10.0309 8196 ose - ok

22:33:10.0450 8196 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

22:33:10.0560 8196 osppsvc - ok

22:33:10.0603 8196 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

22:33:10.0613 8196 p2pimsvc - ok

22:33:10.0652 8196 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

22:33:10.0674 8196 p2psvc - ok

22:33:10.0704 8196 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

22:33:10.0707 8196 Parport - ok

22:33:10.0738 8196 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

22:33:10.0740 8196 partmgr - ok

22:33:10.0763 8196 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

22:33:10.0771 8196 PcaSvc - ok

22:33:10.0810 8196 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

22:33:10.0814 8196 pci - ok

22:33:10.0828 8196 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

22:33:10.0830 8196 pciide - ok

22:33:10.0862 8196 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

22:33:10.0867 8196 pcmcia - ok

22:33:10.0882 8196 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

22:33:10.0885 8196 pcw - ok

22:33:10.0906 8196 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

22:33:10.0915 8196 PEAUTH - ok

22:33:11.0005 8196 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

22:33:11.0010 8196 PerfHost - ok

22:33:11.0079 8196 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

22:33:11.0113 8196 pla - ok

22:33:11.0146 8196 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

22:33:11.0168 8196 PlugPlay - ok

22:33:11.0190 8196 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

22:33:11.0196 8196 PNRPAutoReg - ok

22:33:11.0220 8196 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

22:33:11.0226 8196 PNRPsvc - ok

22:33:11.0262 8196 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys

22:33:11.0265 8196 Point64 - ok

22:33:11.0306 8196 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

22:33:11.0317 8196 PolicyAgent - ok

22:33:11.0366 8196 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

22:33:11.0376 8196 Power - ok

22:33:11.0428 8196 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

22:33:11.0431 8196 PptpMiniport - ok

22:33:11.0464 8196 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

22:33:11.0466 8196 Processor - ok

22:33:11.0504 8196 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

22:33:11.0512 8196 ProfSvc - ok

22:33:11.0531 8196 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

22:33:11.0535 8196 ProtectedStorage - ok

22:33:11.0587 8196 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

22:33:11.0591 8196 Psched - ok

22:33:11.0628 8196 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

22:33:11.0633 8196 PSI_SVC_2 - ok

22:33:11.0655 8196 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

22:33:11.0658 8196 PxHlpa64 - ok

22:33:11.0723 8196 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

22:33:11.0756 8196 ql2300 - ok

22:33:11.0777 8196 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

22:33:11.0781 8196 ql40xx - ok

22:33:11.0821 8196 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

22:33:11.0830 8196 QWAVE - ok

22:33:11.0859 8196 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

22:33:11.0860 8196 QWAVEdrv - ok

22:33:11.0874 8196 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

22:33:11.0877 8196 RasAcd - ok

22:33:11.0913 8196 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

22:33:11.0915 8196 RasAgileVpn - ok

22:33:11.0937 8196 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

22:33:11.0944 8196 RasAuto - ok

22:33:11.0983 8196 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

22:33:11.0986 8196 Rasl2tp - ok

22:33:12.0022 8196 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

22:33:12.0033 8196 RasMan - ok

22:33:12.0051 8196 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

22:33:12.0053 8196 RasPppoe - ok

22:33:12.0081 8196 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

22:33:12.0084 8196 RasSstp - ok

22:33:12.0130 8196 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

22:33:12.0136 8196 rdbss - ok

22:33:12.0164 8196 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

22:33:12.0169 8196 rdpbus - ok

22:33:12.0201 8196 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

22:33:12.0205 8196 RDPCDD - ok

22:33:12.0216 8196 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

22:33:12.0218 8196 RDPENCDD - ok

22:33:12.0232 8196 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

22:33:12.0234 8196 RDPREFMP - ok

22:33:12.0276 8196 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

22:33:12.0281 8196 RDPWD - ok

22:33:12.0338 8196 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

22:33:12.0343 8196 rdyboost - ok

22:33:12.0381 8196 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

22:33:12.0387 8196 RemoteAccess - ok

22:33:12.0407 8196 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

22:33:12.0416 8196 RemoteRegistry - ok

22:33:12.0429 8196 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

22:33:12.0437 8196 RpcEptMapper - ok

22:33:12.0445 8196 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

22:33:12.0452 8196 RpcLocator - ok

22:33:12.0488 8196 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

22:33:12.0497 8196 RpcSs - ok

22:33:12.0545 8196 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

22:33:12.0547 8196 rspndr - ok

22:33:12.0566 8196 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

22:33:12.0569 8196 SamSs - ok

22:33:12.0603 8196 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

22:33:12.0605 8196 sbp2port - ok

22:33:12.0638 8196 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

22:33:12.0647 8196 SCardSvr - ok

22:33:12.0690 8196 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

22:33:12.0691 8196 scfilter - ok

22:33:12.0742 8196 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

22:33:12.0776 8196 Schedule - ok

22:33:12.0806 8196 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

22:33:12.0808 8196 SCPolicySvc - ok

22:33:12.0850 8196 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

22:33:12.0853 8196 sdbus - ok

22:33:12.0879 8196 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

22:33:12.0888 8196 SDRSVC - ok

22:33:12.0943 8196 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

22:33:12.0949 8196 SeaPort - ok

22:33:12.0985 8196 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

22:33:12.0986 8196 secdrv - ok

22:33:13.0026 8196 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

22:33:13.0059 8196 seclogon - ok

22:33:13.0092 8196 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

22:33:13.0098 8196 SENS - ok

22:33:13.0113 8196 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

22:33:13.0120 8196 SensrSvc - ok

22:33:13.0144 8196 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

22:33:13.0147 8196 Serenum - ok

22:33:13.0178 8196 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

22:33:13.0181 8196 Serial - ok

22:33:13.0251 8196 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

22:33:13.0253 8196 sermouse - ok

22:33:13.0305 8196 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

22:33:13.0314 8196 SessionEnv - ok

22:33:13.0350 8196 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

22:33:13.0351 8196 sffdisk - ok

22:33:13.0375 8196 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

22:33:13.0377 8196 sffp_mmc - ok

22:33:13.0393 8196 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

22:33:13.0394 8196 sffp_sd - ok

22:33:13.0420 8196 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

22:33:13.0426 8196 sfloppy - ok

22:33:13.0479 8196 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

22:33:13.0502 8196 Sftfs - ok

22:33:13.0712 8196 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

22:33:13.0764 8196 sftlist - ok

22:33:13.0821 8196 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

22:33:13.0827 8196 Sftplay - ok

22:33:13.0844 8196 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

22:33:13.0847 8196 Sftredir - ok

22:33:13.0870 8196 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

22:33:13.0872 8196 Sftvol - ok

22:33:13.0927 8196 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

22:33:13.0931 8196 sftvsa - ok

22:33:14.0007 8196 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

22:33:14.0015 8196 SharedAccess - ok

22:33:14.0051 8196 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

22:33:14.0063 8196 ShellHWDetection - ok

22:33:14.0091 8196 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys

22:33:14.0094 8196 SiSGbeLH - ok

22:33:14.0140 8196 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

22:33:14.0143 8196 SiSRaid2 - ok

22:33:14.0223 8196 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

22:33:14.0224 8196 SiSRaid4 - ok

22:33:14.0681 8196 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

22:33:14.0765 8196 Skype C2C Service - ok

22:33:14.0853 8196 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

22:33:14.0861 8196 SkypeUpdate - ok

22:33:14.0914 8196 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

22:33:14.0917 8196 Smb - ok

22:33:14.0976 8196 [ A4BD4F7898ED8EDFB5A01CD2323F415C ] SndTAudio C:\Windows\system32\drivers\SndTAudio.sys

22:33:14.0979 8196 SndTAudio - ok

22:33:15.0006 8196 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

22:33:15.0014 8196 SNMPTRAP - ok

22:33:15.0110 8196 [ A415C67B40DFB903ACCC1D40FBEE3269 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys

22:33:15.0143 8196 SNP2UVC - ok

22:33:15.0170 8196 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

22:33:15.0171 8196 spldr - ok

22:33:15.0263 8196 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

22:33:15.0293 8196 Spooler - ok

22:33:15.0582 8196 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

22:33:15.0698 8196 sppsvc - ok

22:33:15.0720 8196 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

22:33:15.0727 8196 sppuinotify - ok

22:33:15.0768 8196 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

22:33:15.0775 8196 srv - ok

22:33:15.0796 8196 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

22:33:15.0802 8196 srv2 - ok

22:33:15.0814 8196 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

22:33:15.0819 8196 srvnet - ok

22:33:15.0853 8196 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

22:33:15.0863 8196 SSDPSRV - ok

22:33:15.0872 8196 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

22:33:15.0882 8196 SstpSvc - ok

22:33:15.0948 8196 Steam Client Service - ok

22:33:15.0980 8196 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

22:33:15.0983 8196 stexstor - ok

22:33:16.0044 8196 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

22:33:16.0059 8196 stisvc - ok

22:33:16.0099 8196 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

22:33:16.0102 8196 swenum - ok

22:33:16.0153 8196 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

22:33:16.0176 8196 swprv - ok

22:33:16.0376 8196 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

22:33:16.0418 8196 SysMain - ok

22:33:16.0454 8196 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

22:33:16.0466 8196 TabletInputService - ok

22:33:17.0042 8196 [ 191394B308BD7FEDB4EBB4F7F04C1339 ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

22:33:17.0168 8196 TabletServiceWacom - ok

22:33:17.0230 8196 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys

22:33:17.0233 8196 taphss - ok

22:33:17.0271 8196 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

22:33:17.0283 8196 TapiSrv - ok

22:33:17.0326 8196 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

22:33:17.0335 8196 TBS - ok

22:33:17.0401 8196 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

22:33:17.0445 8196 Tcpip - ok

22:33:17.0510 8196 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

22:33:17.0521 8196 TCPIP6 - ok

22:33:17.0578 8196 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

22:33:17.0580 8196 tcpipreg - ok

22:33:17.0618 8196 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

22:33:17.0619 8196 TDPIPE - ok

22:33:17.0649 8196 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

22:33:17.0650 8196 TDTCP - ok

22:33:17.0687 8196 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

22:33:17.0691 8196 tdx - ok

22:33:17.0727 8196 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

22:33:17.0730 8196 TermDD - ok

22:33:17.0753 8196 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

22:33:17.0780 8196 TermService - ok

22:33:17.0810 8196 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

22:33:17.0817 8196 Themes - ok

22:33:17.0846 8196 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

22:33:17.0852 8196 THREADORDER - ok

22:33:17.0879 8196 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

22:33:17.0887 8196 TrkWks - ok

22:33:17.0933 8196 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

22:33:17.0992 8196 TrustedInstaller - ok

22:33:18.0029 8196 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

22:33:18.0032 8196 tssecsrv - ok

22:33:18.0079 8196 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

22:33:18.0082 8196 TsUsbFlt - ok

22:33:18.0142 8196 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

22:33:18.0146 8196 tunnel - ok

22:33:18.0218 8196 [ 12C9C0B2B6E9C7B2AE80EB7D2DEF2366 ] TVersityMediaServer C:\ProgramData\TVersity\Media Server\MediaServer.exe

22:33:18.0274 8196 TVersityMediaServer - ok

22:33:18.0296 8196 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

22:33:18.0298 8196 uagp35 - ok

22:33:18.0340 8196 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

22:33:18.0345 8196 udfs - ok

22:33:18.0378 8196 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

22:33:18.0385 8196 UI0Detect - ok

22:33:18.0407 8196 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

22:33:18.0410 8196 uliagpkx - ok

22:33:18.0454 8196 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

22:33:18.0456 8196 umbus - ok

22:33:18.0480 8196 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

22:33:18.0481 8196 UmPass - ok

22:33:18.0577 8196 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

22:33:18.0645 8196 UNS - ok

22:33:18.0680 8196 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

22:33:18.0691 8196 upnphost - ok

22:33:18.0726 8196 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

22:33:18.0729 8196 USBAAPL64 - ok

22:33:18.0787 8196 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

22:33:18.0788 8196 usbaudio - ok

22:33:18.0825 8196 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

22:33:18.0826 8196 usbccgp - ok

22:33:18.0844 8196 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

22:33:18.0847 8196 usbcir - ok

22:33:18.0865 8196 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

22:33:18.0866 8196 usbehci - ok

22:33:18.0898 8196 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

22:33:18.0904 8196 usbhub - ok

22:33:18.0919 8196 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

22:33:18.0922 8196 usbohci - ok

22:33:18.0961 8196 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

22:33:18.0962 8196 usbprint - ok

22:33:19.0001 8196 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

22:33:19.0003 8196 usbscan - ok

22:33:19.0016 8196 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

22:33:19.0019 8196 USBSTOR - ok

22:33:19.0039 8196 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

22:33:19.0042 8196 usbuhci - ok

22:33:19.0074 8196 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

22:33:19.0079 8196 usbvideo - ok

22:33:19.0108 8196 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

22:33:19.0116 8196 UxSms - ok

22:33:19.0125 8196 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

22:33:19.0130 8196 VaultSvc - ok

22:33:19.0169 8196 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

22:33:19.0172 8196 vdrvroot - ok

22:33:19.0230 8196 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

22:33:19.0253 8196 vds - ok

22:33:19.0290 8196 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

22:33:19.0292 8196 vga - ok

22:33:19.0304 8196 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

22:33:19.0307 8196 VgaSave - ok

22:33:19.0345 8196 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

22:33:19.0350 8196 vhdmp - ok

22:33:19.0368 8196 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

22:33:19.0370 8196 viaide - ok

22:33:19.0394 8196 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

22:33:19.0397 8196 volmgr - ok

22:33:19.0438 8196 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

22:33:19.0444 8196 volmgrx - ok

22:33:19.0471 8196 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

22:33:19.0477 8196 volsnap - ok

22:33:19.0525 8196 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

22:33:19.0529 8196 vsmraid - ok

22:33:19.0590 8196 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

22:33:19.0635 8196 VSS - ok

22:33:19.0652 8196 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

22:33:19.0655 8196 vwifibus - ok

22:33:19.0664 8196 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

22:33:19.0667 8196 vwififlt - ok

22:33:19.0695 8196 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

22:33:19.0697 8196 vwifimp - ok

22:33:19.0732 8196 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

22:33:19.0754 8196 W32Time - ok

22:33:19.0824 8196 [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys

22:33:19.0826 8196 wacmoumonitor - ok

22:33:19.0856 8196 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys

22:33:19.0858 8196 wacommousefilter - ok

22:33:19.0875 8196 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

22:33:19.0878 8196 WacomPen - ok

22:33:19.0922 8196 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys

22:33:19.0925 8196 wacomvhid - ok

22:33:19.0988 8196 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

22:33:19.0989 8196 WANARP - ok

22:33:19.0994 8196 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

22:33:19.0996 8196 Wanarpv6 - ok

22:33:20.0052 8196 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

22:33:20.0085 8196 WatAdminSvc - ok

22:33:20.0152 8196 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

22:33:20.0197 8196 wbengine - ok

22:33:20.0230 8196 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

22:33:20.0240 8196 WbioSrvc - ok

22:33:20.0285 8196 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

22:33:20.0297 8196 wcncsvc - ok

22:33:20.0308 8196 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

22:33:20.0317 8196 WcsPlugInService - ok

22:33:20.0347 8196 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

22:33:20.0348 8196 Wd - ok

22:33:20.0385 8196 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

22:33:20.0394 8196 Wdf01000 - ok

22:33:20.0408 8196 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

22:33:20.0417 8196 WdiServiceHost - ok

22:33:20.0421 8196 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

22:33:20.0428 8196 WdiSystemHost - ok

22:33:20.0463 8196 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

22:33:20.0474 8196 WebClient - ok

22:33:20.0493 8196 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

22:33:20.0504 8196 Wecsvc - ok

22:33:20.0521 8196 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

22:33:20.0529 8196 wercplsupport - ok

22:33:20.0544 8196 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

22:33:20.0552 8196 WerSvc - ok

22:33:20.0583 8196 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

22:33:20.0584 8196 WfpLwf - ok

22:33:20.0625 8196 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

22:33:20.0629 8196 WimFltr - ok

22:33:20.0675 8196 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

22:33:20.0677 8196 WIMMount - ok

22:33:20.0716 8196 WinDefend - ok

22:33:20.0721 8196 WinHttpAutoProxySvc - ok

22:33:20.0786 8196 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

22:33:20.0810 8196 Winmgmt - ok

22:33:20.0880 8196 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

22:33:20.0948 8196 WinRM - ok

22:33:21.0035 8196 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

22:33:21.0038 8196 WinUsb - ok

22:33:21.0079 8196 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

22:33:21.0112 8196 Wlansvc - ok

22:33:21.0247 8196 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

22:33:21.0321 8196 wlidsvc - ok

22:33:21.0462 8196 [ 0BDAEAB53129FEFF4E77EA19E65C275E ] WMDrive C:\Windows\SysWOW64\drivers\WMDrive.sys

22:33:21.0464 8196 WMDrive - ok

22:33:21.0498 8196 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

22:33:21.0501 8196 WmiAcpi - ok

22:33:21.0534 8196 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

22:33:21.0539 8196 wmiApSrv - ok

22:33:21.0579 8196 WMPNetworkSvc - ok

22:33:21.0602 8196 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

22:33:21.0612 8196 WPCSvc - ok

22:33:21.0657 8196 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

22:33:21.0667 8196 WPDBusEnum - ok

22:33:21.0696 8196 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

22:33:21.0698 8196 ws2ifsl - ok

22:33:21.0728 8196 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

22:33:21.0736 8196 wscsvc - ok

22:33:21.0741 8196 WSearch - ok

22:33:21.0828 8196 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

22:33:21.0895 8196 wuauserv - ok

22:33:21.0934 8196 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

22:33:21.0937 8196 WudfPf - ok

22:33:21.0977 8196 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

22:33:21.0982 8196 WUDFRd - ok

22:33:22.0022 8196 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

22:33:22.0030 8196 wudfsvc - ok

22:33:22.0068 8196 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

22:33:22.0079 8196 WwanSvc - ok

22:33:22.0126 8196 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys

22:33:22.0128 8196 xusb21 - ok

22:33:22.0212 8196 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

22:33:22.0221 8196 YahooAUService - ok

22:33:22.0255 8196 ================ Scan global ===============================

22:33:22.0271 8196 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

22:33:22.0314 8196 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

22:33:22.0331 8196 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

22:33:22.0365 8196 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

22:33:22.0408 8196 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

22:33:22.0418 8196 [Global] - ok

22:33:22.0419 8196 ================ Scan MBR ==================================

22:33:22.0447 8196 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

22:33:22.0821 8196 \Device\Harddisk0\DR0 - ok

22:33:22.0822 8196 ================ Scan VBR ==================================

22:33:22.0827 8196 [ EE68AAA57F6547DC2FEA34008593169C ] \Device\Harddisk0\DR0\Partition1

22:33:22.0831 8196 \Device\Harddisk0\DR0\Partition1 - ok

22:33:22.0869 8196 [ 053C29112F0B99D19EF357ED981B37AE ] \Device\Harddisk0\DR0\Partition2

22:33:22.0872 8196 \Device\Harddisk0\DR0\Partition2 - ok

22:33:22.0872 8196 ============================================================

22:33:22.0872 8196 Scan finished

22:33:22.0872 8196 ============================================================

22:33:22.0888 8032 Detected object count: 1

22:33:22.0888 8032 Actual detected object count: 1

22:33:51.0627 8032 Akamai ( HiddenFile.Multi.Generic ) - skipped by user

22:33:51.0627 8032 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

22:37:54.0905 8992 ============================================================

Part A (was too long to put in one reply)

thedeadguy · September 15, 2012

Part B

22:37:54.0905 8992 Scan started

22:37:54.0905 8992 Mode: Manual;

22:37:54.0905 8992 ============================================================

22:37:55.0179 8992 ================ Scan system memory ========================

22:37:55.0179 8992 System memory - ok

22:37:55.0179 8992 ================ Scan services =============================

22:37:55.0365 8992 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

22:37:55.0367 8992 1394ohci - ok

22:37:55.0411 8992 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

22:37:55.0413 8992 ACPI - ok

22:37:55.0435 8992 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

22:37:55.0435 8992 AcpiPmi - ok

22:37:55.0526 8992 [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

22:37:55.0529 8992 AdobeActiveFileMonitor8.0 - ok

22:37:55.0608 8992 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

22:37:55.0609 8992 AdobeARMservice - ok

22:37:55.0716 8992 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

22:37:55.0718 8992 AdobeFlashPlayerUpdateSvc - ok

22:37:55.0758 8992 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

22:37:55.0761 8992 adp94xx - ok

22:37:55.0781 8992 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

22:37:55.0784 8992 adpahci - ok

22:37:55.0802 8992 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

22:37:55.0804 8992 adpu320 - ok

22:37:55.0865 8992 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

22:37:55.0867 8992 ADSMService - ok

22:37:55.0897 8992 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

22:37:55.0899 8992 AeLookupSvc - ok

22:37:55.0931 8992 [ 2D00D3DADC1D3326BA788EB071F2726E ] AFBAgent C:\Windows\system32\FBAgent.exe

22:37:55.0935 8992 AFBAgent - ok

22:37:55.0970 8992 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

22:37:55.0973 8992 AFD - ok

22:37:56.0009 8992 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

22:37:56.0010 8992 agp440 - ok

22:37:56.0150 8992 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll

22:37:56.0151 8992 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76

22:37:56.0157 8992 Akamai ( HiddenFile.Multi.Generic ) - warning

22:37:56.0158 8992 Akamai - detected HiddenFile.Multi.Generic (1)

22:37:56.0188 8992 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

22:37:56.0189 8992 ALG - ok

22:37:56.0217 8992 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

22:37:56.0218 8992 aliide - ok

22:37:56.0251 8992 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

22:37:56.0253 8992 AMD External Events Utility - ok

22:37:56.0274 8992 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

22:37:56.0275 8992 amdide - ok

22:37:56.0312 8992 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

22:37:56.0313 8992 AmdK8 - ok

22:37:56.0555 8992 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

22:37:56.0614 8992 amdkmdag - ok

22:37:56.0653 8992 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

22:37:56.0656 8992 amdkmdap - ok

22:37:56.0673 8992 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

22:37:56.0674 8992 AmdPPM - ok

22:37:56.0713 8992 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

22:37:56.0714 8992 amdsata - ok

22:37:56.0743 8992 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

22:37:56.0744 8992 amdsbs - ok

22:37:56.0760 8992 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

22:37:56.0761 8992 amdxata - ok

22:37:56.0802 8992 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

22:37:56.0803 8992 AppID - ok

22:37:56.0839 8992 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

22:37:56.0840 8992 AppIDSvc - ok

22:37:56.0878 8992 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

22:37:56.0880 8992 Appinfo - ok

22:37:56.0930 8992 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

22:37:56.0932 8992 Apple Mobile Device - ok

22:37:56.0958 8992 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

22:37:56.0959 8992 arc - ok

22:37:56.0973 8992 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

22:37:56.0974 8992 arcsas - ok

22:37:56.0995 8992 [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys

22:37:56.0996 8992 AsDsm - ok

22:37:57.0043 8992 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

22:37:57.0044 8992 ASLDRService - ok

22:37:57.0058 8992 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

22:37:57.0058 8992 ASMMAP64 - ok

22:37:57.0080 8992 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

22:37:57.0081 8992 aswFsBlk - ok

22:37:57.0101 8992 [ 316271CC32FDFFFCDB30677684906D5E ] aswKbd C:\Windows\system32\drivers\aswKbd.sys

22:37:57.0102 8992 aswKbd - ok

22:37:57.0112 8992 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

22:37:57.0114 8992 aswMonFlt - ok

22:37:57.0151 8992 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

22:37:57.0152 8992 aswRdr - ok

22:37:57.0198 8992 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

22:37:57.0204 8992 aswSnx - ok

22:37:57.0226 8992 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys

22:37:57.0229 8992 aswSP - ok

22:37:57.0243 8992 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

22:37:57.0244 8992 aswTdi - ok

22:37:57.0258 8992 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

22:37:57.0258 8992 AsyncMac - ok

22:37:57.0298 8992 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

22:37:57.0299 8992 atapi - ok

22:37:57.0371 8992 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys

22:37:57.0387 8992 athr - ok

22:37:57.0432 8992 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

22:37:57.0433 8992 AtiHDAudioService - ok

22:37:57.0457 8992 [ D481083348138B4933ACFE95812DB71C ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

22:37:57.0458 8992 AtiHdmiService - ok

22:37:57.0690 8992 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

22:37:57.0750 8992 atikmdag - ok

22:37:57.0777 8992 [ 63F1212FFE13E62CA1E8D8EE19ABD9A7 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

22:37:57.0779 8992 ATKGFNEXSrv - ok

22:37:57.0827 8992 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

22:37:57.0831 8992 AudioEndpointBuilder - ok

22:37:57.0860 8992 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

22:37:57.0864 8992 AudioSrv - ok

22:37:57.0948 8992 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

22:37:57.0949 8992 avast! Antivirus - ok

22:37:57.0993 8992 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

22:37:57.0995 8992 AxInstSV - ok

22:37:58.0041 8992 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

22:37:58.0044 8992 b06bdrv - ok

22:37:58.0085 8992 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

22:37:58.0087 8992 b57nd60a - ok

22:37:58.0124 8992 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

22:37:58.0126 8992 BDESVC - ok

22:37:58.0140 8992 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

22:37:58.0141 8992 Beep - ok

22:37:58.0191 8992 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

22:37:58.0196 8992 BFE - ok

22:37:58.0231 8992 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

22:37:58.0240 8992 BITS - ok

22:37:58.0259 8992 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

22:37:58.0260 8992 blbdrive - ok

22:37:58.0314 8992 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

22:37:58.0317 8992 Bonjour Service - ok

22:37:58.0351 8992 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

22:37:58.0352 8992 bowser - ok

22:37:58.0376 8992 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

22:37:58.0377 8992 BrFiltLo - ok

22:37:58.0396 8992 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

22:37:58.0397 8992 BrFiltUp - ok

22:37:58.0410 8992 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

22:37:58.0411 8992 BridgeMP - ok

22:37:58.0449 8992 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

22:37:58.0450 8992 Browser - ok

22:37:58.0473 8992 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

22:37:58.0475 8992 Brserid - ok

22:37:58.0504 8992 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

22:37:58.0505 8992 BrSerWdm - ok

22:37:58.0527 8992 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

22:37:58.0528 8992 BrUsbMdm - ok

22:37:58.0544 8992 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

22:37:58.0545 8992 BrUsbSer - ok

22:37:58.0584 8992 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys

22:37:58.0585 8992 BTCFilterService - ok

22:37:58.0609 8992 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

22:37:58.0610 8992 BTHMODEM - ok

22:37:58.0640 8992 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

22:37:58.0642 8992 bthserv - ok

22:37:58.0655 8992 catchme - ok

22:37:58.0681 8992 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

22:37:58.0682 8992 cdfs - ok

22:37:58.0718 8992 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

22:37:58.0720 8992 cdrom - ok

22:37:58.0758 8992 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

22:37:58.0761 8992 CertPropSvc - ok

22:37:58.0786 8992 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

22:37:58.0787 8992 circlass - ok

22:37:58.0829 8992 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

22:37:58.0836 8992 CLFS - ok

22:37:58.0908 8992 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:37:58.0911 8992 clr_optimization_v2.0.50727_32 - ok

22:37:58.0972 8992 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

22:37:58.0976 8992 clr_optimization_v2.0.50727_64 - ok

22:37:59.0024 8992 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:37:59.0026 8992 clr_optimization_v4.0.30319_32 - ok

22:37:59.0074 8992 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

22:37:59.0078 8992 clr_optimization_v4.0.30319_64 - ok

22:37:59.0107 8992 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

22:37:59.0109 8992 CmBatt - ok

22:37:59.0121 8992 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

22:37:59.0123 8992 cmdide - ok

22:37:59.0165 8992 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

22:37:59.0173 8992 CNG - ok

22:37:59.0200 8992 [ F7CA3ACCF5AA0E2182546C5BE42B2E96 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys

22:37:59.0223 8992 CnxtHdAudService - ok

22:37:59.0236 8992 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

22:37:59.0238 8992 Compbatt - ok

22:37:59.0269 8992 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

22:37:59.0271 8992 CompositeBus - ok

22:37:59.0276 8992 COMSysApp - ok

22:37:59.0301 8992 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

22:37:59.0303 8992 crcdisk - ok

22:37:59.0340 8992 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

22:37:59.0345 8992 CryptSvc - ok

22:37:59.0451 8992 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

22:37:59.0456 8992 cvhsvc - ok

22:37:59.0480 8992 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys

22:37:59.0482 8992 dc3d - ok

22:37:59.0530 8992 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

22:37:59.0538 8992 DcomLaunch - ok

22:37:59.0564 8992 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

22:37:59.0571 8992 defragsvc - ok

22:37:59.0643 8992 [ 74C1305F6F784A725B0A40D693FF4A09 ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

22:37:59.0647 8992 DeviceMonitorService - ok

22:37:59.0684 8992 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

22:37:59.0687 8992 DfsC - ok

22:37:59.0722 8992 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

22:37:59.0729 8992 Dhcp - ok

22:37:59.0755 8992 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

22:37:59.0758 8992 discache - ok

22:37:59.0786 8992 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

22:37:59.0789 8992 Disk - ok

22:37:59.0817 8992 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

22:37:59.0822 8992 Dnscache - ok

22:37:59.0854 8992 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

22:37:59.0859 8992 dot3svc - ok

22:37:59.0888 8992 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

22:37:59.0894 8992 DPS - ok

22:37:59.0911 8992 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

22:37:59.0914 8992 drmkaud - ok

22:37:59.0946 8992 [ EE68FFE62FBCC3673D70EC6B04B44379 ] DrmRAudio C:\Windows\system32\drivers\DrmRAudio.sys

22:37:59.0948 8992 DrmRAudio - ok

22:38:00.0004 8992 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

22:38:00.0031 8992 DXGKrnl - ok

22:38:00.0057 8992 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

22:38:00.0061 8992 EapHost - ok

22:38:00.0149 8992 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

22:38:00.0228 8992 ebdrv - ok

22:38:00.0268 8992 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

22:38:00.0273 8992 EFS - ok

22:38:00.0343 8992 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

22:38:00.0366 8992 ehRecvr - ok

22:38:00.0384 8992 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

22:38:00.0387 8992 ehSched - ok

22:38:00.0434 8992 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

22:38:00.0442 8992 elxstor - ok

22:38:00.0482 8992 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

22:38:00.0484 8992 ErrDev - ok

22:38:00.0503 8992 [ 3C38648375B7F3988691F53A7AAE10A9 ] ETD C:\Windows\system32\DRIVERS\ETD.sys

22:38:00.0506 8992 ETD - ok

22:38:00.0539 8992 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

22:38:00.0547 8992 EventSystem - ok

22:38:00.0572 8992 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

22:38:00.0577 8992 exfat - ok

22:38:00.0619 8992 [ 507942B5BFDBB8EFD0E03BDE9F72BC86 ] ExpatShieldService C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe

22:38:00.0625 8992 ExpatShieldService - ok

22:38:00.0674 8992 [ 2CFEA9C337B699ACA38487E8A7438F35 ] ExpatSrv C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe

22:38:00.0681 8992 ExpatSrv - ok

22:38:00.0709 8992 [ 1034F1285E474FCBB850AFD2DC712837 ] ExpatTrayService C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE

22:38:00.0712 8992 ExpatTrayService - ok

22:38:00.0716 8992 ExpatWd - ok

22:38:00.0756 8992 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

22:38:00.0761 8992 fastfat - ok

22:38:00.0809 8992 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

22:38:00.0815 8992 Fax - ok

22:38:00.0839 8992 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

22:38:00.0841 8992 fdc - ok

22:38:00.0861 8992 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

22:38:00.0864 8992 fdPHost - ok

22:38:00.0887 8992 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

22:38:00.0899 8992 FDResPub - ok

22:38:00.0920 8992 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

22:38:00.0923 8992 FileInfo - ok

22:38:00.0934 8992 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

22:38:00.0937 8992 Filetrace - ok

22:38:00.0985 8992 [ D60EF46DC0E757FE5EB579DB95B88954 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

22:38:01.0018 8992 FLEXnet Licensing Service - ok

22:38:01.0101 8992 [ A4297244D4F817278A6AE45B1899CA9C ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

22:38:01.0133 8992 FLEXnet Licensing Service 64 - ok

22:38:01.0167 8992 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

22:38:01.0169 8992 flpydisk - ok

22:38:01.0207 8992 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

22:38:01.0213 8992 FltMgr - ok

22:38:01.0265 8992 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

22:38:01.0299 8992 FontCache - ok

22:38:01.0351 8992 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

22:38:01.0353 8992 FontCache3.0.0.0 - ok

22:38:01.0387 8992 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

22:38:01.0389 8992 FsDepends - ok

22:38:01.0410 8992 [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

22:38:01.0411 8992 fssfltr - ok

22:38:01.0517 8992 [ 4E2E6FEDFE4A3445DBD0C623A242362D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

22:38:01.0525 8992 fsssvc - ok

22:38:01.0575 8992 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

22:38:01.0577 8992 Fs_Rec - ok

22:38:01.0617 8992 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

22:38:01.0622 8992 fvevol - ok

22:38:01.0648 8992 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

22:38:01.0651 8992 gagp30kx - ok

22:38:01.0678 8992 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

22:38:01.0681 8992 GEARAspiWDM - ok

22:38:01.0734 8992 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

22:38:01.0759 8992 gpsvc - ok

22:38:01.0823 8992 GSService - ok

22:38:01.0883 8992 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

22:38:01.0891 8992 gupdate - ok

22:38:01.0901 8992 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

22:38:01.0902 8992 gupdatem - ok

22:38:01.0933 8992 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

22:38:01.0936 8992 hcw85cir - ok

22:38:01.0974 8992 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

22:38:01.0980 8992 HdAudAddService - ok

22:38:02.0001 8992 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

22:38:02.0004 8992 HDAudBus - ok

22:38:02.0017 8992 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

22:38:02.0019 8992 HECIx64 - ok

22:38:02.0039 8992 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

22:38:02.0042 8992 HidBatt - ok

22:38:02.0054 8992 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

22:38:02.0057 8992 HidBth - ok

22:38:02.0073 8992 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

22:38:02.0075 8992 HidIr - ok

22:38:02.0095 8992 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

22:38:02.0099 8992 hidserv - ok

22:38:02.0117 8992 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

22:38:02.0120 8992 HidUsb - ok

22:38:02.0150 8992 [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro35 C:\Windows\system32\drivers\hitmanpro36.sys

22:38:02.0153 8992 hitmanpro35 - ok

22:38:02.0187 8992 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

22:38:02.0193 8992 hkmsvc - ok

22:38:02.0235 8992 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

22:38:02.0242 8992 HomeGroupListener - ok

22:38:02.0276 8992 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

22:38:02.0284 8992 HomeGroupProvider - ok

22:38:02.0324 8992 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

22:38:02.0327 8992 HpSAMD - ok

22:38:02.0368 8992 [ 80B0C0D39178E80905E30FA92C0F6D43 ] HssDrv C:\Windows\system32\DRIVERS\HssDrv.sys

22:38:02.0371 8992 HssDrv - ok

22:38:02.0418 8992 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

22:38:02.0441 8992 HTTP - ok

22:38:02.0477 8992 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

22:38:02.0479 8992 hwpolicy - ok

22:38:02.0516 8992 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

22:38:02.0519 8992 i8042prt - ok

22:38:02.0559 8992 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

22:38:02.0566 8992 iaStor - ok

22:38:02.0610 8992 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

22:38:02.0617 8992 iaStorV - ok

22:38:02.0660 8992 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

22:38:02.0682 8992 idsvc - ok

22:38:02.0704 8992 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

22:38:02.0707 8992 iirsp - ok

22:38:02.0761 8992 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

22:38:02.0787 8992 IKEEXT - ok

22:38:02.0835 8992 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

22:38:02.0838 8992 intelide - ok

22:38:02.0862 8992 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

22:38:02.0865 8992 intelppm - ok

22:38:02.0899 8992 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

22:38:02.0904 8992 IPBusEnum - ok

22:38:02.0934 8992 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

22:38:02.0937 8992 IpFilterDriver - ok

22:38:02.0976 8992 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

22:38:02.0987 8992 iphlpsvc - ok

22:38:03.0006 8992 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

22:38:03.0009 8992 IPMIDRV - ok

22:38:03.0047 8992 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

22:38:03.0050 8992 IPNAT - ok

22:38:03.0100 8992 [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

22:38:03.0137 8992 iPod Service - ok

22:38:03.0154 8992 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

22:38:03.0157 8992 IRENUM - ok

22:38:03.0175 8992 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

22:38:03.0178 8992 isapnp - ok

22:38:03.0207 8992 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

22:38:03.0213 8992 iScsiPrt - ok

22:38:03.0242 8992 [ DB917B998CBC15A153C00DD6EFC34C13 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys

22:38:03.0246 8992 JMCR - ok

22:38:03.0266 8992 [ AB42AEF22595A46941BFF76C210C942B ] JME C:\Windows\system32\DRIVERS\JME.sys

22:38:03.0269 8992 JME - ok

22:38:03.0280 8992 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

22:38:03.0282 8992 kbdclass - ok

22:38:03.0301 8992 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

22:38:03.0304 8992 kbdhid - ok

22:38:03.0333 8992 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys

22:38:03.0335 8992 kbfiltr - ok

22:38:03.0349 8992 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

22:38:03.0353 8992 KeyIso - ok

22:38:03.0393 8992 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

22:38:03.0396 8992 KSecDD - ok

22:38:03.0431 8992 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

22:38:03.0436 8992 KSecPkg - ok

22:38:03.0469 8992 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

22:38:03.0472 8992 ksthunk - ok

22:38:03.0511 8992 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

22:38:03.0521 8992 KtmRm - ok

22:38:03.0557 8992 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

22:38:03.0567 8992 LanmanServer - ok

22:38:03.0600 8992 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

22:38:03.0609 8992 LanmanWorkstation - ok

22:38:03.0637 8992 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

22:38:03.0640 8992 lltdio - ok

22:38:03.0670 8992 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

22:38:03.0678 8992 lltdsvc - ok

22:38:03.0701 8992 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

22:38:03.0706 8992 lmhosts - ok

22:38:03.0764 8992 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

22:38:03.0768 8992 LMS - ok

22:38:03.0789 8992 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

22:38:03.0793 8992 LSI_FC - ok

22:38:03.0847 8992 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

22:38:03.0853 8992 LSI_SAS - ok

22:38:03.0884 8992 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

22:38:03.0887 8992 LSI_SAS2 - ok

22:38:03.0907 8992 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

22:38:03.0911 8992 LSI_SCSI - ok

22:38:03.0932 8992 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

22:38:03.0935 8992 luafv - ok

22:38:03.0959 8992 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys

22:38:03.0961 8992 lullaby - ok

22:38:03.0990 8992 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys

22:38:03.0992 8992 LVPr2M64 - ok

22:38:03.0996 8992 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys

22:38:03.0997 8992 LVPr2Mon - ok

22:38:04.0030 8992 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

22:38:04.0032 8992 LVPrcS64 - ok

22:38:04.0060 8992 [ A43A6CBEA073990A784603EF065A281B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys

22:38:04.0067 8992 LVRS64 - ok

22:38:04.0195 8992 [ 4350876AB0D0C77D0B40A1C85935C96B ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys

22:38:04.0341 8992 LVUVC64 - ok

22:38:04.0378 8992 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

22:38:04.0380 8992 MBAMProtector - ok

22:38:04.0442 8992 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler D:\Malwarebytes' Anti-Malware\mbamscheduler.exe

22:38:04.0449 8992 MBAMScheduler - ok

22:38:04.0473 8992 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService D:\Malwarebytes' Anti-Malware\mbamservice.exe

22:38:04.0496 8992 MBAMService - ok

22:38:04.0533 8992 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

22:38:04.0539 8992 Mcx2Svc - ok

22:38:04.0566 8992 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

22:38:04.0568 8992 megasas - ok

22:38:04.0588 8992 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

22:38:04.0594 8992 MegaSR - ok

22:38:04.0713 8992 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2011_32 C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe

22:38:04.0715 8992 mi-raysat_3dsmax2011_32 - ok

22:38:04.0807 8992 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2011_64 C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe

22:38:04.0809 8992 mi-raysat_3dsmax2011_64 - ok

22:38:04.0834 8992 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

22:38:04.0840 8992 MMCSS - ok

22:38:04.0863 8992 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

22:38:04.0866 8992 Modem - ok

22:38:04.0903 8992 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

22:38:04.0906 8992 monitor - ok

22:38:04.0940 8992 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys

22:38:04.0942 8992 motccgp - ok

22:38:04.0956 8992 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys

22:38:04.0958 8992 motccgpfl - ok

22:38:04.0972 8992 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys

22:38:04.0974 8992 motmodem - ok

22:38:05.0024 8992 [ 98A10AC4257A3BA48C9611338544EE49 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

22:38:05.0029 8992 MotoHelper - ok

22:38:05.0049 8992 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys

22:38:05.0052 8992 MotoSwitchService - ok

22:38:05.0073 8992 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys

22:38:05.0076 8992 Motousbnet - ok

22:38:05.0107 8992 [ 4244E427CDA5F6485E74461B5B48A7B6 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys

22:38:05.0109 8992 motusbdevice - ok

22:38:05.0126 8992 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

22:38:05.0128 8992 mouclass - ok

22:38:05.0147 8992 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

22:38:05.0149 8992 mouhid - ok

22:38:05.0187 8992 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

22:38:05.0190 8992 mountmgr - ok

22:38:05.0225 8992 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

22:38:05.0228 8992 MozillaMaintenance - ok

22:38:05.0258 8992 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

22:38:05.0263 8992 mpio - ok

22:38:05.0294 8992 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

22:38:05.0297 8992 mpsdrv - ok

22:38:05.0354 8992 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

22:38:05.0380 8992 MpsSvc - ok

22:38:05.0420 8992 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

22:38:05.0424 8992 MRxDAV - ok

22:38:05.0453 8992 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

22:38:05.0457 8992 mrxsmb - ok

22:38:05.0505 8992 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

22:38:05.0511 8992 mrxsmb10 - ok

22:38:05.0538 8992 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

22:38:05.0541 8992 mrxsmb20 - ok

22:38:05.0571 8992 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

22:38:05.0573 8992 msahci - ok

22:38:05.0616 8992 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

22:38:05.0621 8992 msdsm - ok

22:38:05.0648 8992 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

22:38:05.0655 8992 MSDTC - ok

22:38:05.0688 8992 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

22:38:05.0690 8992 Msfs - ok

22:38:05.0704 8992 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

22:38:05.0706 8992 mshidkmdf - ok

22:38:05.0719 8992 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

22:38:05.0721 8992 msisadrv - ok

22:38:05.0745 8992 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

22:38:05.0752 8992 MSiSCSI - ok

22:38:05.0756 8992 msiserver - ok

22:38:05.0773 8992 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

22:38:05.0775 8992 MSKSSRV - ok

22:38:05.0796 8992 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

22:38:05.0798 8992 MSPCLOCK - ok

22:38:05.0818 8992 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

22:38:05.0821 8992 MSPQM - ok

22:38:05.0861 8992 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

22:38:05.0868 8992 MsRPC - ok

22:38:05.0904 8992 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

22:38:05.0906 8992 mssmbios - ok

22:38:05.0935 8992 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

22:38:05.0937 8992 MSTEE - ok

22:38:05.0952 8992 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

22:38:05.0955 8992 MTConfig - ok

22:38:05.0985 8992 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys

22:38:05.0988 8992 MTsensor - ok

22:38:06.0004 8992 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

22:38:06.0006 8992 Mup - ok

22:38:06.0061 8992 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

22:38:06.0072 8992 napagent - ok

22:38:06.0093 8992 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

22:38:06.0099 8992 NativeWifiP - ok

22:38:06.0149 8992 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

22:38:06.0155 8992 NDIS - ok

22:38:06.0176 8992 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

22:38:06.0179 8992 NdisCap - ok

22:38:06.0191 8992 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

22:38:06.0194 8992 NdisTapi - ok

22:38:06.0237 8992 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

22:38:06.0240 8992 Ndisuio - ok

22:38:06.0268 8992 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

22:38:06.0272 8992 NdisWan - ok

22:38:06.0311 8992 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

22:38:06.0314 8992 NDProxy - ok

22:38:06.0332 8992 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

22:38:06.0334 8992 NetBIOS - ok

22:38:06.0368 8992 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

22:38:06.0373 8992 NetBT - ok

22:38:06.0388 8992 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

22:38:06.0392 8992 Netlogon - ok

22:38:06.0425 8992 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

22:38:06.0435 8992 Netman - ok

22:38:06.0457 8992 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

22:38:06.0479 8992 netprofm - ok

22:38:06.0505 8992 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

22:38:06.0508 8992 NetTcpPortSharing - ok

22:38:06.0545 8992 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

22:38:06.0547 8992 nfrd960 - ok

22:38:06.0576 8992 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

22:38:06.0586 8992 NlaSvc - ok

22:38:06.0631 8992 [ 431ADA51E9D032F533548688CE5A2A24 ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll

22:38:06.0633 8992 nosGetPlusHelper - ok

22:38:06.0648 8992 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

22:38:06.0651 8992 Npfs - ok

22:38:06.0677 8992 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

22:38:06.0682 8992 nsi - ok

22:38:06.0709 8992 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

22:38:06.0712 8992 nsiproxy - ok

22:38:06.0765 8992 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

22:38:06.0799 8992 Ntfs - ok

22:38:06.0829 8992 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys

22:38:06.0832 8992 NuidFltr - ok

22:38:06.0853 8992 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

22:38:06.0856 8992 Null - ok

22:38:06.0872 8992 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

22:38:06.0877 8992 nvraid - ok

22:38:06.0915 8992 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

22:38:06.0919 8992 nvstor - ok

22:38:06.0941 8992 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

22:38:06.0945 8992 nv_agp - ok

22:38:07.0018 8992 [ 649791F5B905E6A8ECCED15AD8EFD436 ] OberonGameConsoleService C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe

22:38:07.0021 8992 OberonGameConsoleService - ok

22:38:07.0109 8992 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

22:38:07.0117 8992 odserv - ok

22:38:07.0154 8992 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

22:38:07.0157 8992 ohci1394 - ok

22:38:07.0207 8992 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

22:38:07.0212 8992 ose - ok

22:38:07.0342 8992 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

22:38:07.0464 8992 osppsvc - ok

22:38:07.0507 8992 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

22:38:07.0517 8992 p2pimsvc - ok

22:38:07.0540 8992 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

22:38:07.0567 8992 p2psvc - ok

22:38:07.0597 8992 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

22:38:07.0601 8992 Parport - ok

22:38:07.0631 8992 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

22:38:07.0634 8992 partmgr - ok

22:38:07.0655 8992 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

22:38:07.0663 8992 PcaSvc - ok

22:38:07.0703 8992 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

22:38:07.0708 8992 pci - ok

22:38:07.0720 8992 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

22:38:07.0723 8992 pciide - ok

22:38:07.0743 8992 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

22:38:07.0748 8992 pcmcia - ok

22:38:07.0774 8992 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

22:38:07.0777 8992 pcw - ok

22:38:07.0798 8992 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

22:38:07.0821 8992 PEAUTH - ok

22:38:07.0908 8992 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

22:38:07.0914 8992 PerfHost - ok

22:38:07.0983 8992 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

22:38:08.0016 8992 pla - ok

22:38:08.0049 8992 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

22:38:08.0076 8992 PlugPlay - ok

22:38:08.0093 8992 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

22:38:08.0100 8992 PNRPAutoReg - ok

22:38:08.0123 8992 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

22:38:08.0130 8992 PNRPsvc - ok

22:38:08.0155 8992 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys

22:38:08.0158 8992 Point64 - ok

22:38:08.0198 8992 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

22:38:08.0209 8992 PolicyAgent - ok

22:38:08.0248 8992 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

22:38:08.0257 8992 Power - ok

22:38:08.0298 8992 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

22:38:08.0302 8992 PptpMiniport - ok

22:38:08.0335 8992 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

22:38:08.0338 8992 Processor - ok

22:38:08.0385 8992 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

22:38:08.0394 8992 ProfSvc - ok

22:38:08.0413 8992 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

22:38:08.0416 8992 ProtectedStorage - ok

22:38:08.0458 8992 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

22:38:08.0462 8992 Psched - ok

22:38:08.0499 8992 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

22:38:08.0503 8992 PSI_SVC_2 - ok

22:38:08.0536 8992 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

22:38:08.0539 8992 PxHlpa64 - ok

22:38:08.0593 8992 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

22:38:08.0626 8992 ql2300 - ok

22:38:08.0647 8992 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

22:38:08.0651 8992 ql40xx - ok

22:38:08.0691 8992 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

22:38:08.0700 8992 QWAVE - ok

22:38:08.0718 8992 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

22:38:08.0721 8992 QWAVEdrv - ok

22:38:08.0745 8992 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

22:38:08.0747 8992 RasAcd - ok

22:38:08.0794 8992 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

22:38:08.0797 8992 RasAgileVpn - ok

22:38:08.0829 8992 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

22:38:08.0836 8992 RasAuto - ok

22:38:08.0875 8992 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

22:38:08.0879 8992 Rasl2tp - ok

22:38:08.0914 8992 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

22:38:08.0925 8992 RasMan - ok

22:38:08.0943 8992 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

22:38:08.0948 8992 RasPppoe - ok

22:38:08.0974 8992 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

22:38:08.0977 8992 RasSstp - ok

22:38:09.0001 8992 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

22:38:09.0007 8992 rdbss - ok

22:38:09.0023 8992 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

22:38:09.0026 8992 rdpbus - ok

22:38:09.0039 8992 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

22:38:09.0041 8992 RDPCDD - ok

22:38:09.0053 8992 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

22:38:09.0056 8992 RDPENCDD - ok

22:38:09.0069 8992 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

22:38:09.0071 8992 RDPREFMP - ok

22:38:09.0113 8992 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

22:38:09.0118 8992 RDPWD - ok

22:38:09.0164 8992 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

22:38:09.0170 8992 rdyboost - ok

22:38:09.0196 8992 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

22:38:09.0202 8992 RemoteAccess - ok

22:38:09.0222 8992 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

22:38:09.0229 8992 RemoteRegistry - ok

22:38:09.0244 8992 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

22:38:09.0251 8992 RpcEptMapper - ok

22:38:09.0261 8992 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

22:38:09.0265 8992 RpcLocator - ok

22:38:09.0303 8992 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

22:38:09.0311 8992 RpcSs - ok

22:38:09.0339 8992 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

22:38:09.0341 8992 rspndr - ok

22:38:09.0359 8992 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

22:38:09.0363 8992 SamSs - ok

22:38:09.0396 8992 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

22:38:09.0400 8992 sbp2port - ok

22:38:09.0442 8992 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

22:38:09.0451 8992 SCardSvr - ok

22:38:09.0494 8992 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

22:38:09.0497 8992 scfilter - ok

22:38:09.0547 8992 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

22:38:09.0558 8992 Schedule - ok

22:38:09.0599 8992 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

22:38:09.0601 8992 SCPolicySvc - ok

22:38:09.0633 8992 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

22:38:09.0636 8992 sdbus - ok

22:38:09.0661 8992 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

22:38:09.0670 8992 SDRSVC - ok

22:38:09.0725 8992 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

22:38:09.0730 8992 SeaPort - ok

22:38:09.0768 8992 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

22:38:09.0770 8992 secdrv - ok

22:38:09.0809 8992 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

22:38:09.0815 8992 seclogon - ok

22:38:09.0841 8992 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

22:38:09.0848 8992 SENS - ok

22:38:09.0862 8992 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

22:38:09.0869 8992 SensrSvc - ok

22:38:09.0894 8992 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

22:38:09.0896 8992 Serenum - ok

22:38:09.0916 8992 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

22:38:09.0919 8992 Serial - ok

22:38:09.0967 8992 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

22:38:09.0970 8992 sermouse - ok

22:38:10.0010 8992 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

22:38:10.0017 8992 SessionEnv - ok

22:38:10.0044 8992 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

22:38:10.0046 8992 sffdisk - ok

22:38:10.0069 8992 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

22:38:10.0072 8992 sffp_mmc - ok

22:38:10.0087 8992 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

22:38:10.0090 8992 sffp_sd - ok

22:38:10.0114 8992 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

22:38:10.0117 8992 sfloppy - ok

22:38:10.0151 8992 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

22:38:10.0174 8992 Sftfs - ok

22:38:10.0252 8992 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

22:38:10.0260 8992 sftlist - ok

22:38:10.0281 8992 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

22:38:10.0287 8992 Sftplay - ok

22:38:10.0307 8992 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

22:38:10.0310 8992 Sftredir - ok

22:38:10.0333 8992 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

22:38:10.0336 8992 Sftvol - ok

22:38:10.0356 8992 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

22:38:10.0361 8992 sftvsa - ok

22:38:10.0391 8992 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

22:38:10.0400 8992 SharedAccess - ok

22:38:10.0438 8992 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

22:38:10.0445 8992 ShellHWDetection - ok

22:38:10.0467 8992 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys

22:38:10.0470 8992 SiSGbeLH - ok

22:38:10.0504 8992 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

22:38:10.0506 8992 SiSRaid2 - ok

22:38:10.0532 8992 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

22:38:10.0536 8992 SiSRaid4 - ok

22:38:10.0666 8992 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

22:38:10.0744 8992 Skype C2C Service - ok

22:38:10.0799 8992 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

22:38:10.0800 8992 SkypeUpdate - ok

22:38:10.0838 8992 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

22:38:10.0841 8992 Smb - ok

22:38:10.0878 8992 [ A4BD4F7898ED8EDFB5A01CD2323F415C ] SndTAudio C:\Windows\system32\drivers\SndTAudio.sys

22:38:10.0881 8992 SndTAudio - ok

22:38:10.0908 8992 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

22:38:10.0915 8992 SNMPTRAP - ok

22:38:10.0957 8992 [ A415C67B40DFB903ACCC1D40FBEE3269 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys

22:38:11.0001 8992 SNP2UVC - ok

22:38:11.0017 8992 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

22:38:11.0020 8992 spldr - ok

22:38:11.0065 8992 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

22:38:11.0088 8992 Spooler - ok

22:38:11.0197 8992 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

22:38:11.0310 8992 sppsvc - ok

22:38:11.0336 8992 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

22:38:11.0343 8992 sppuinotify - ok

22:38:11.0384 8992 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

22:38:11.0392 8992 srv - ok

22:38:11.0411 8992 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

22:38:11.0419 8992 srv2 - ok

22:38:11.0441 8992 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

22:38:11.0446 8992 srvnet - ok

22:38:11.0469 8992 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

22:38:11.0477 8992 SSDPSRV - ok

22:38:11.0499 8992 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

22:38:11.0508 8992 SstpSvc - ok

22:38:11.0531 8992 Steam Client Service - ok

22:38:11.0563 8992 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

22:38:11.0565 8992 stexstor - ok

22:38:11.0605 8992 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

22:38:11.0627 8992 stisvc - ok

22:38:11.0660 8992 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

22:38:11.0663 8992 swenum - ok

22:38:11.0703 8992 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

22:38:11.0725 8992 swprv - ok

22:38:11.0791 8992 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

22:38:11.0836 8992 SysMain - ok

22:38:11.0872 8992 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

22:38:11.0880 8992 TabletInputService - ok

22:38:12.0097 8992 [ 191394B308BD7FEDB4EBB4F7F04C1339 ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

22:38:12.0221 8992 TabletServiceWacom - ok

22:38:12.0263 8992 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys

22:38:12.0265 8992 taphss - ok

22:38:12.0282 8992 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

22:38:12.0289 8992 TapiSrv - ok

22:38:12.0325 8992 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

22:38:12.0334 8992 TBS - ok

22:38:12.0400 8992 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

22:38:12.0444 8992 Tcpip - ok

22:38:12.0488 8992 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

22:38:12.0499 8992 TCPIP6 - ok

22:38:12.0533 8992 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

22:38:12.0535 8992 tcpipreg - ok

22:38:12.0574 8992 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

22:38:12.0577 8992 TDPIPE - ok

22:38:12.0605 8992 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

22:38:12.0607 8992 TDTCP - ok

22:38:12.0642 8992 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

22:38:12.0646 8992 tdx - ok

22:38:12.0683 8992 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

22:38:12.0686 8992 TermDD - ok

22:38:12.0709 8992 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

22:38:12.0718 8992 TermService - ok

22:38:12.0754 8992 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

22:38:12.0762 8992 Themes - ok

22:38:12.0791 8992 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

22:38:12.0795 8992 THREADORDER - ok

22:38:12.0834 8992 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

22:38:12.0844 8992 TrkWks - ok

22:38:12.0910 8992 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

22:38:12.0912 8992 TrustedInstaller - ok

22:38:12.0952 8992 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

22:38:12.0954 8992 tssecsrv - ok

22:38:12.0990 8992 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

22:38:12.0994 8992 TsUsbFlt - ok

22:38:13.0032 8992 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

22:38:13.0035 8992 tunnel - ok

22:38:13.0107 8992 [ 12C9C0B2B6E9C7B2AE80EB7D2DEF2366 ] TVersityMediaServer C:\ProgramData\TVersity\Media Server\MediaServer.exe

22:38:13.0141 8992 TVersityMediaServer - ok

22:38:13.0164 8992 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

22:38:13.0167 8992 uagp35 - ok

22:38:13.0207 8992 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

22:38:13.0214 8992 udfs - ok

22:38:13.0245 8992 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

22:38:13.0253 8992 UI0Detect - ok

22:38:13.0274 8992 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

22:38:13.0278 8992 uliagpkx - ok

22:38:13.0321 8992 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

22:38:13.0324 8992 umbus - ok

22:38:13.0337 8992 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

22:38:13.0339 8992 UmPass - ok

22:38:13.0433 8992 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

22:38:13.0499 8992 UNS - ok

22:38:13.0536 8992 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

22:38:13.0548 8992 upnphost - ok

22:38:13.0583 8992 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

22:38:13.0586 8992 USBAAPL64 - ok

22:38:13.0632 8992 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

22:38:13.0635 8992 usbaudio - ok

22:38:13.0658 8992 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

22:38:13.0661 8992 usbccgp - ok

22:38:13.0678 8992 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

22:38:13.0682 8992 usbcir - ok

22:38:13.0699 8992 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

22:38:13.0702 8992 usbehci - ok

22:38:13.0721 8992 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

22:38:13.0728 8992 usbhub - ok

22:38:13.0743 8992 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

22:38:13.0745 8992 usbohci - ok

22:38:13.0773 8992 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

22:38:13.0776 8992 usbprint - ok

22:38:13.0813 8992 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

22:38:13.0816 8992 usbscan - ok

22:38:13.0829 8992 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

22:38:13.0832 8992 USBSTOR - ok

22:38:13.0851 8992 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

22:38:13.0855 8992 usbuhci - ok

22:38:13.0876 8992 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

22:38:13.0881 8992 usbvideo - ok

22:38:13.0910 8992 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

22:38:13.0917 8992 UxSms - ok

22:38:13.0926 8992 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

22:38:13.0930 8992 VaultSvc - ok

22:38:13.0949 8992 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

22:38:13.0952 8992 vdrvroot - ok

22:38:13.0999 8992 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

22:38:14.0021 8992 vds - ok

22:38:14.0048 8992 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

22:38:14.0050 8992 vga - ok

22:38:14.0072 8992 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

22:38:14.0075 8992 VgaSave - ok

22:38:14.0113 8992 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

22:38:14.0118 8992 vhdmp - ok

22:38:14.0136 8992 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

22:38:14.0140 8992 viaide - ok

22:38:14.0163 8992 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

22:38:14.0166 8992 volmgr - ok

22:38:14.0206 8992 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

22:38:14.0213 8992 volmgrx - ok

22:38:14.0240 8992 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

22:38:14.0246 8992 volsnap - ok

22:38:14.0282 8992 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

22:38:14.0286 8992 vsmraid - ok

22:38:14.0347 8992 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

22:38:14.0392 8992 VSS - ok

22:38:14.0410 8992 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

22:38:14.0412 8992 vwifibus - ok

22:38:14.0422 8992 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

22:38:14.0425 8992 vwififlt - ok

22:38:14.0441 8992 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

22:38:14.0444 8992 vwifimp - ok

22:38:14.0489 8992 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

22:38:14.0501 8992 W32Time - ok

22:38:14.0537 8992 [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys

22:38:14.0540 8992 wacmoumonitor - ok

22:38:14.0569 8992 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys

22:38:14.0571 8992 wacommousefilter - ok

22:38:14.0589 8992 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

22:38:14.0592 8992 WacomPen - ok

22:38:14.0613 8992 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys

22:38:14.0615 8992 wacomvhid - ok

22:38:14.0657 8992 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

22:38:14.0660 8992 WANARP - ok

22:38:14.0664 8992 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

22:38:14.0666 8992 Wanarpv6 - ok

22:38:14.0721 8992 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

22:38:14.0755 8992 WatAdminSvc - ok

22:38:14.0821 8992 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

22:38:14.0868 8992 wbengine - ok

22:38:14.0899 8992 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

22:38:14.0909 8992 WbioSrvc - ok

22:38:14.0954 8992 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

22:38:14.0966 8992 wcncsvc - ok

22:38:14.0989 8992 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

22:38:14.0997 8992 WcsPlugInService - ok

22:38:15.0028 8992 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

22:38:15.0030 8992 Wd - ok

22:38:15.0054 8992 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

22:38:15.0077 8992 Wdf01000 - ok

22:38:15.0100 8992 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

22:38:15.0108 8992 WdiServiceHost - ok

22:38:15.0113 8992 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

22:38:15.0120 8992 WdiSystemHost - ok

22:38:15.0177 8992 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

22:38:15.0187 8992 WebClient - ok

22:38:15.0207 8992 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

22:38:15.0217 8992 Wecsvc - ok

22:38:15.0235 8992 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

22:38:15.0243 8992 wercplsupport - ok

22:38:15.0257 8992 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

22:38:15.0265 8992 WerSvc - ok

22:38:15.0274 8992 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

22:38:15.0277 8992 WfpLwf - ok

22:38:15.0317 8992 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

22:38:15.0321 8992 WimFltr - ok

22:38:15.0355 8992 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

22:38:15.0358 8992 WIMMount - ok

22:38:15.0396 8992 WinDefend - ok

22:38:15.0402 8992 WinHttpAutoProxySvc - ok

22:38:15.0466 8992 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

22:38:15.0471 8992 Winmgmt - ok

22:38:15.0539 8992 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

22:38:15.0606 8992 WinRM - ok

22:38:15.0650 8992 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

22:38:15.0652 8992 WinUsb - ok

22:38:15.0693 8992 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

22:38:15.0727 8992 Wlansvc - ok

22:38:15.0851 8992 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

22:38:15.0928 8992 wlidsvc - ok

22:38:16.0043 8992 [ 0BDAEAB53129FEFF4E77EA19E65C275E ] WMDrive C:\Windows\SysWOW64\drivers\WMDrive.sys

22:38:16.0044 8992 WMDrive - ok

22:38:16.0080 8992 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

22:38:16.0082 8992 WmiAcpi - ok

22:38:16.0127 8992 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

22:38:16.0132 8992 wmiApSrv - ok

22:38:16.0149 8992 WMPNetworkSvc - ok

22:38:16.0261 8992 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

22:38:16.0268 8992 WPCSvc - ok

22:38:16.0315 8992 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

22:38:16.0324 8992 WPDBusEnum - ok

22:38:16.0355 8992 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

22:38:16.0357 8992 ws2ifsl - ok

22:38:16.0386 8992 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

22:38:16.0396 8992 wscsvc - ok

22:38:16.0400 8992 WSearch - ok

22:38:16.0488 8992 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

22:38:16.0573 8992 wuauserv - ok

22:38:16.0614 8992 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

22:38:16.0617 8992 WudfPf - ok

22:38:16.0636 8992 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

22:38:16.0640 8992 WUDFRd - ok

22:38:16.0680 8992 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

22:38:16.0689 8992 wudfsvc - ok

22:38:16.0727 8992 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

22:38:16.0738 8992 WwanSvc - ok

22:38:16.0773 8992 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys

22:38:16.0776 8992 xusb21 - ok

22:38:16.0838 8992 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

22:38:16.0846 8992 YahooAUService - ok

22:38:16.0861 8992 ================ Scan global ===============================

22:38:16.0885 8992 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

22:38:16.0918 8992 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

22:38:16.0939 8992 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

22:38:16.0979 8992 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

22:38:17.0022 8992 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

22:38:17.0029 8992 [Global] - ok

22:38:17.0030 8992 ================ Scan MBR ==================================

22:38:17.0051 8992 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

22:38:17.0389 8992 \Device\Harddisk0\DR0 - ok

22:38:17.0389 8992 ================ Scan VBR ==================================

22:38:17.0394 8992 [ EE68AAA57F6547DC2FEA34008593169C ] \Device\Harddisk0\DR0\Partition1

22:38:17.0397 8992 \Device\Harddisk0\DR0\Partition1 - ok

22:38:17.0439 8992 [ 053C29112F0B99D19EF357ED981B37AE ] \Device\Harddisk0\DR0\Partition2

22:38:17.0442 8992 \Device\Harddisk0\DR0\Partition2 - ok

22:38:17.0443 8992 ============================================================

22:38:17.0443 8992 Scan finished

22:38:17.0443 8992 ============================================================

22:38:17.0455 12024 Detected object count: 1

22:38:17.0455 12024 Actual detected object count: 1

22:38:24.0760 12024 Akamai ( HiddenFile.Multi.Generic ) - skipped by user

22:38:24.0760 12024 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

thedeadguy · September 15, 2012

RogueKiller V8.0.3 [09/13/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Robert [Admin rights]

Mode : Scan -- Date : 09/14/2012 23:22:05

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] MediaServer.exe -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -> KILLED [TermProc]

[sUSP PATH] wbbtool1_0dn.exe -- C:\Users\Robert\AppData\Roaming\wbtooltb\wbbtool1_0dn.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 11 ¤¤¤

[TASK][sUSP PATH] {6930B737-9B4B-4AD0-B6AD-8CDBE40998C8} : C:\Users\Robert\Desktop\Old laptop Files\Neverhood\setup95.exe -> FOUND

[TASK][sUSP PATH] {AD38D187-9D8A-4E77-B596-C373ABE0B7BB} : C:\Users\Robert\Desktop\10ROGUE.EXE -> FOUND

[TASK][sUSP PATH] {C2A2EBDB-A84D-4D14-8578-3A3BE4F29721} : C:\Users\Robert\Desktop\10ROGUE.EXE -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

[ZeroAccess][FOLDER] U : C:\Windows\Installer\{8d9d689d-9db0-9c99-d221-1be1550a771a}\U --> FOUND

[ZeroAccess][FOLDER] L : C:\Windows\Installer\{8d9d689d-9db0-9c99-d221-1be1550a771a}\L --> FOUND

[ZeroAccess][FILE] @ : C:\Users\Robert\AppData\Local\{8d9d689d-9db0-9c99-d221-1be1550a771a}\@ --> FOUND

[ZeroAccess][FOLDER] U : C:\Users\Robert\AppData\Local\{8d9d689d-9db0-9c99-d221-1be1550a771a}\U --> FOUND

[ZeroAccess][FOLDER] L : C:\Users\Robert\AppData\Local\{8d9d689d-9db0-9c99-d221-1be1550a771a}\L --> FOUND

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++

--- User ---

[MBR] 0cd6ad52f5165f1aee84dad147ddf121

[bSP] 430eaf6ed8558d670d2c84579f07828f : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14997 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30716280 | Size: 119232 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 274904280 | Size: 342706 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

thedeadguy · September 15, 2012

OK, there are the reports....what's next Doc?

Maurice Naggar · September 15, 2012

On the Firefox reset: per Mozilla

When using the reset feature, your bookmarks, browsing history, passwords, cookies and web form auto-fill information will be saved. However, your extensions and themes will be removed; open tabs, windows and tab groups will not be saved; and your preferences will be reset.

Resetting will not affect bookmarks, passwords, and subcriptions to webpages.

You have a more serious issue:

Backdoor trojan warning:ZeroAccess / Sirefef
This system has some serious backdoor trojans. ZeroAccess / Sirefef
This is a point where you need to decide about whether to make a clean start.
According to the information provided in logs, one or more of the identified infections is a backdoor trojan. This allows hackers to remotely control your computer, steal critical system information, and download and execute files.
You are strongly advised to do the following immediately.
1. Contact your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and ask them to put a watch on your accounts or change all your account numbers.
2. From a clean computer, change ALL your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups.
3. Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.These trojans leave a backdoor open on the system that can allow a hacker total and complete access to your computer. (Remote access trojan) Hackers can operate your computer just as if they were sitting in front of it. Hackers can watch everything you are doing on the computer, play tricks, do screenshots, log passwords, start and stop programs.
* Take any other steps you think appropriate for an attempted identity theft.
You should also understand that once a system has been compromised by a Trojan backdoor, it can never really be trusted again unless you completely reformat the hard drives and reinstall Windows fresh.
While we usually can successfully remove malware like this, we cannot guarantee that it is totally gone, and that your system is completely safe to use for future financial information and/or transactions.
Here is some additional information: What Is A Backdoor Trojan? http://www.geekstogo...backdoor-trojan
Danger: Remote Access Trojans http://www.microsoft...o/virusrat.mspx
Consumers – Identity Theft http://www.ftc.gov/b...mers/index.html
When should I re-format? How should I reinstall? http://www.dslreports.com/faq/10063
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? http://www.dslreports.com/faq/10451
Rootkits: The Obscure Hacker Attack http://www.microsoft...tip/st1005.mspx
Help: I Got Hacked. Now What Do I Do? http://www.microsoft...gmt/sm0504.mspx
Help: I Got Hacked. Now What Do I Do? Part II http://www.microsoft...gmt/sm0704.mspx
Microsoft Says Recovery from Malware Becoming Impossible http://www.eweek.com...,1945808,00.asp

Let me know what you decide.

IF you decide to hunt for and remove malwares, start with the following:

Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Please disconnect any USB or external drives from the computer before you run this scan!
Right-Click RogueKiller and select Run as Administrator.
Wait until Prescan finishes.
On the RogueKiller console, click the Registry tab.
Then press the Delete button.
Next, click the DNS tab, and then click on the DNS Fix button
When done, logoff & Restart the system.
The log will be found as RKreport
Copy & Paste the contents into next reply.

P.S. Do NOT do any websurfing, game-play, banking, shopping, browsing, or any online transactions of any sort.

Only go to this forum and the websites I guide you to. That's for the entire duration of the case.

Edited September 15, 2012 by Maurice Naggar

thedeadguy · September 15, 2012

Ok..I have this Trojan. But I also have the URL:mal that redirects me to unsafe sites, right? I need to get rid of them both. After which I may seek out to backup what I need to and reset and reinstall everything. I have years of research and data on this laptop. So I can only try to clean out my system as best I can and hope my luck holds out.

So do I follow the RogueKiller instructions first?

Maurice Naggar · September 15, 2012

Yes, yes, follow the instructions. One has not forgotten your original report. <sigh...>

thedeadguy · September 15, 2012

Not sure if I messed up...it printed 4 reports. Here they are:

RogueKiller V8.0.3 [09/13/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Robert [Admin rights]

Mode : Scan -- Date : 09/15/2012 11:19:05

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 11 ¤¤¤

[TASK][sUSP PATH] {6930B737-9B4B-4AD0-B6AD-8CDBE40998C8} : C:\Users\Robert\Desktop\Old laptop Files\Neverhood\setup95.exe -> FOUND

[TASK][sUSP PATH] {AD38D187-9D8A-4E77-B596-C373ABE0B7BB} : C:\Users\Robert\Desktop\10ROGUE.EXE -> FOUND

[TASK][sUSP PATH] {C2A2EBDB-A84D-4D14-8578-3A3BE4F29721} : C:\Users\Robert\Desktop\10ROGUE.EXE -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

[ZeroAccess][FOLDER] U : C:\Windows\Installer\{8d9d689d-9db0-9c99-d221-1be1550a771a}\U --> FOUND

[ZeroAccess][FOLDER] L : C:\Windows\Installer\{8d9d689d-9db0-9c99-d221-1be1550a771a}\L --> FOUND

[ZeroAccess][FILE] @ : C:\Users\Robert\AppData\Local\{8d9d689d-9db0-9c99-d221-1be1550a771a}\@ --> FOUND

[ZeroAccess][FOLDER] U : C:\Users\Robert\AppData\Local\{8d9d689d-9db0-9c99-d221-1be1550a771a}\U --> FOUND

[ZeroAccess][FOLDER] L : C:\Users\Robert\AppData\Local\{8d9d689d-9db0-9c99-d221-1be1550a771a}\L --> FOUND

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++

--- User ---

[MBR] 0cd6ad52f5165f1aee84dad147ddf121

[bSP] 430eaf6ed8558d670d2c84579f07828f : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14997 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30716280 | Size: 119232 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 274904280 | Size: 342706 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

thedeadguy · September 15, 2012

RogueKiller V8.0.3 [09/13/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Robert [Admin rights]

Mode : Remove -- Date : 09/15/2012 11:19:53

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤

[TASK][sUSP PATH] {6930B737-9B4B-4AD0-B6AD-8CDBE40998C8} : C:\Users\Robert\Desktop\Old laptop Files\Neverhood\setup95.exe -> DELETED

[TASK][sUSP PATH] {AD38D187-9D8A-4E77-B596-C373ABE0B7BB} : C:\Users\Robert\Desktop\10ROGUE.EXE -> DELETED

[TASK][sUSP PATH] {C2A2EBDB-A84D-4D14-8578-3A3BE4F29721} : C:\Users\Robert\Desktop\10ROGUE.EXE -> DELETED

[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> NOT REMOVED, USE DNSFIX

[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> NOT REMOVED, USE DNSFIX

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)

[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

[ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{8d9d689d-9db0-9c99-d221-1be1550a771a}\U --> REMOVED

[ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{8d9d689d-9db0-9c99-d221-1be1550a771a}\L --> REMOVED

[ZeroAccess][FILE] @ : C:\Users\Robert\AppData\Local\{8d9d689d-9db0-9c99-d221-1be1550a771a}\@ --> REMOVED

[ZeroAccess][FOLDER] ROOT : C:\Users\Robert\AppData\Local\{8d9d689d-9db0-9c99-d221-1be1550a771a}\U --> REMOVED

[ZeroAccess][FOLDER] ROOT : C:\Users\Robert\AppData\Local\{8d9d689d-9db0-9c99-d221-1be1550a771a}\L --> REMOVED

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++

--- User ---

[MBR] 0cd6ad52f5165f1aee84dad147ddf121

[bSP] 430eaf6ed8558d670d2c84579f07828f : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14997 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30716280 | Size: 119232 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 274904280 | Size: 342706 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[3].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

thedeadguy · September 15, 2012

RogueKiller V8.0.3 [09/13/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Robert [Admin rights]

Mode : DNSFix -- Date : 09/15/2012 11:20:23

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> NOT SELECTED

[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> NOT SELECTED

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

Finished : << RKreport[4].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

thedeadguy · September 15, 2012

RogueKiller V8.0.3 [09/13/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Robert [Admin rights]

Mode : DNSFix -- Date : 09/15/2012 11:21:00

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> NOT SELECTED

[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> NOT SELECTED

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

Finished : << RKreport[5].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt

thedeadguy · September 15, 2012

And thank you for all the help, but I need to fix this as soon as possible. My work is mostly on weekends, which I need access

to my laptop for, and I cannot afford to lose money right now. I am in crunch time. If I can run all the scans today/tonight. I will be

at work 7-11 tonight, so if there's a long scan to do, I can set it running while I'm out.

Maurice Naggar · September 15, 2012

Can you try just 1 more time with Roguekiller

Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Please disconnect any USB or external drives from the computer before you run this scan!
Right-Click RogueKiller and select Run as Administrator.
Wait until Prescan finishes.
Select these 2 lines
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> NOT SELECTED
[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> NOT SELECTED
Next, click the DNS tab, and then click on the DNS Fix button
When done, logoff & Restart the system.
The log will be found as RKreport
Copy & Paste the contents into next reply.

@Echo on

pushd\windows\system32\drivers\etc

attrib -h -s -r hosts

echo 127.0.0.1 localhost>HOSTS

attrib +r +h +s hosts

popd

ipconfig /release

ipconfig /renew

ipconfig /flushdns

netsh winsock reset all

netsh int ip reset resetlog.log

shutdown -r -t 1

del %0

Save as flush.bat to your desktop.

Double-click flush.bat file to run it. Your computer will reboot.

Edited September 15, 2012 by Maurice Naggar

thedeadguy · September 15, 2012

RogueKiller V8.0.3 [09/13/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Robert [Admin rights]

Mode : Scan -- Date : 09/15/2012 12:00:44

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] MediaServer.exe -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -> KILLED [TermProc]

[sUSP PATH] wbbtool1_0dn.exe -- C:\Users\Robert\AppData\Roaming\wbtooltb\wbbtool1_0dn.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++

--- User ---

[MBR] 0cd6ad52f5165f1aee84dad147ddf121

[bSP] 430eaf6ed8558d670d2c84579f07828f : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14997 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30716280 | Size: 119232 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 274904280 | Size: 342706 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[6].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;

RKreport[6].txt

thedeadguy · September 15, 2012

RogueKiller V8.0.3 [09/13/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Robert [Admin rights]

Mode : DNSFix -- Date : 09/15/2012 12:01:39

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] MediaServer.exe -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -> KILLED [TermProc]

[sUSP PATH] wbbtool1_0dn.exe -- C:\Users\Robert\AppData\Roaming\wbtooltb\wbbtool1_0dn.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{42A56D0B-2E9C-40B7-BB1D-A1F27A788F8E} : NameServer (10.206.24.1) -> REPLACED ()

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[7].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;

RKreport[6].txt ; RKreport[7].txt

I'm infected - What do I do now? URL:mal / ZERO Access trojan

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information