Google search results send me to ad websites

[Allyorbase]

I, like many other users I've seen, have been infected with the google-result-changing trojan. I would follow the help given in other posts, but I'm afraid that they may be specific to their computer, and I would break mine as a result, so here are my logs:

Also, it seems, I cannot access MSE, whether that is related or not, I don't know, but I can't enable it.

Also, thank you so much for your time, I really appreciate the help!

DDS first.

----------------------------------------------------------------------------------------------------------------------------------------------------------------------

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1

Run by Op at 19:47:32 on 2012-09-13

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3561.1413 [GMT -5:00]

.

AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\Zentimo\ZentimoService.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe

C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Trend Micro\Titanium\TiMiniService.exe

C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe

C:\Program Files\Viscosity\ViscosityService.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\ASUS\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

C:\Program Files\Logitech Gaming Software\LCore.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Windows\system32\taskhost.exe

C:\Users\Op\AppData\Roaming\Spotify\spotify.exe

C:\Windows\system32\SearchIndexer.exe

C:\Users\Op\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Users\Op\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Razer\Razer TRON\RazerTRONSysTray.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Windows\system32\DllHost.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Op\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Windows\sysWOW64\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://asus.msn.com

uDefault_Page_URL = hxxp://asus.msn.com

mStart Page = hxxp://asus.msn.com

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

uRun: [Google Update] "C:\Users\Op\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

uRun: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window

uRun: [spotify] "C:\Users\Op\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

uRun: [spotify Web Helper] "C:\Users\Op\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

mRun: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe"

mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Razer TRON Driver] C:\Program Files (x86)\Razer\Razer TRON\RazerTRONSysTray.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

StartupFolder: C:\Users\Op\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Op\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMAZON~1.LNK - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{41FC6179-DC39-4CB7-A698-FFF2F9A9037B} : NameServer = 208.67.222.222,208.67.220.220

TCP: Interfaces\{41FC6179-DC39-4CB7-A698-FFF2F9A9037B} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{41FC6179-DC39-4CB7-A698-FFF2F9A9037B}\14243584 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{41FC6179-DC39-4CB7-A698-FFF2F9A9037B}\143545D2541474C45435 : DhcpNameServer = 208.67.222.222 208.67.220.220

TCP: Interfaces\{41FC6179-DC39-4CB7-A698-FFF2F9A9037B}\14454503934373 : NameServer = 208.67.222.222,208.67.220.220

TCP: Interfaces\{41FC6179-DC39-4CB7-A698-FFF2F9A9037B}\14454503934373 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{41FC6179-DC39-4CB7-A698-FFF2F9A9037B}\84F4D454D283538323 : NameServer = 208.67.222.222,208.67.220.220

TCP: Interfaces\{41FC6179-DC39-4CB7-A698-FFF2F9A9037B}\84F4D454D283538323 : DhcpNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{93E13088-36C2-4470-A6AD-801506C68F59} : DhcpNameServer = 74.128.19.102 74.128.17.114

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

BHO-X64: Trend Micro NSC BHO - No File

BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

BHO-X64: TmBpIeBHO - No File

BHO-X64: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

BHO-X64: Google Dictionary Compression sdch - No File

BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun-x64: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun-x64: [(Default)]

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

mRun-x64: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe"

mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Razer TRON Driver] C:\Program Files (x86)\Razer\Razer TRON\RazerTRONSysTray.exe

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Op\AppData\Roaming\Mozilla\Firefox\Profiles\ga0w6j45.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-21cdb2fff9fb4df2\NPRobloxProxy.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Op\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Users\Op\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Op\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]

R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\ElRawDsk.sys --> C:\Windows\system32\drivers\ElRawDsk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]

R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-27 361984]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2011-12-12 722616]

R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-7-6 375176]

R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-1-11 15928]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]

R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-2-9 531328]

R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-3-15 370504]

R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]

R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-26 241488]

R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]

R2 ViscosityService;Viscosity Service;C:\Program Files\Viscosity\ViscosityService.exe [2011-8-28 27176]

R2 ZentimoService;Zentimo Assistant;C:\Program Files (x86)\Zentimo\ZentimoService.exe [2011-12-12 555844]

R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\amdhub30.sys --> C:\Windows\system32\DRIVERS\amdhub30.sys [?]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\amdxhc.sys --> C:\Windows\system32\DRIVERS\amdxhc.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]

R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\system32\DRIVERS\vrtaucbl.sys --> C:\Windows\system32\DRIVERS\vrtaucbl.sys [?]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 RzSynapse;Razer Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-3 135664]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-2-3 267480]

S3 DigiartyVirtualCDBus;Digiarty Virtual Driver;C:\Windows\system32\drivers\DigiartyVirtualCDBus.sys --> C:\Windows\system32\drivers\DigiartyVirtualCDBus.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-3 135664]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

S3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\system32\DRIVERS\ladfGSCamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSCamd64.sys [?]

S3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\system32\DRIVERS\ladfGSRamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSRamd64.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-2 129976]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

S3 ser2at;ATEN USB to Serial port driver;C:\Windows\system32\DRIVERS\ser2at64.sys --> C:\Windows\system32\DRIVERS\ser2at64.sys [?]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

JSEFile=NOTEPAD.EXE %1

VBEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2012-09-13 06:19:23 -------- d-----w- C:\Users\Op\AppData\Local\Rags_Game_LLC

2012-09-13 06:18:14 -------- d-----w- C:\Users\Op\AppData\Local\IsolatedStorage

2012-09-13 03:22:38 -------- d-----w- C:\Users\Op\AppData\Roaming\Rags

2012-09-13 03:21:36 -------- d-----w- C:\Program Files (x86)\RagsGame

2012-09-13 03:21:17 -------- d-----w- C:\Program Files\Microsoft Synchronization Services

2012-09-13 03:21:17 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition

2012-09-13 03:21:00 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services

2012-09-12 01:50:56 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys

2012-09-12 01:50:55 574464 ----a-w- C:\Windows\System32\d3d10level9.dll

2012-09-12 01:50:55 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys

2012-09-12 01:50:54 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll

2012-09-12 01:50:50 376688 ----a-w- C:\Windows\System32\drivers\netio.sys

2012-09-12 01:50:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-09-12 01:50:49 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2012-09-10 03:55:53 -------- d-----w- C:\Users\Op\AppData\Roaming\Malwarebytes

2012-09-10 03:55:38 -------- d-----w- C:\ProgramData\Malwarebytes

2012-09-10 03:55:37 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-09-10 03:55:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-09-10 02:37:32 143360 --sha-r- C:\Windows\SysWow64\wiaacmgr2.dll

2012-09-09 15:24:34 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{38D732C8-78A4-49EE-8CF9-5135388867DF}\mpengine.dll

2012-09-07 23:54:03 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-08-24 05:33:48 -------- d-----w- C:\Program Files (x86)\Guild Wars 2

2012-08-17 21:37:06 -------- d-----w- C:\Users\Op\Salem

2012-08-15 20:45:32 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

2012-08-15 04:19:47 503808 ----a-w- C:\Windows\System32\srcore.dll

2012-08-15 04:19:46 43008 ----a-w- C:\Windows\SysWow64\srclient.dll

2012-08-15 04:19:41 751104 ----a-w- C:\Windows\System32\win32spl.dll

2012-08-15 04:19:40 559104 ----a-w- C:\Windows\System32\spoolsv.exe

2012-08-15 04:19:39 67072 ----a-w- C:\Windows\splwow64.exe

2012-08-15 04:19:39 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-08-15 04:19:37 136704 ----a-w- C:\Windows\System32\browser.dll

2012-08-15 04:19:36 59392 ----a-w- C:\Windows\System32\browcli.dll

2012-08-15 04:19:35 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-08-15 04:19:30 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-08-15 04:19:28 956928 ----a-w- C:\Windows\System32\localspl.dll

.

==================== Find3M ====================

.

2012-07-28 00:36:10 45056 ----a-w- C:\Windows\System32\acovcnt.exe

2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-25 20:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll

2012-06-23 05:44:52 66728 ----a-w- C:\Windows\System32\drivers\vrtaucbl.sys

.

============= FINISH: 19:48:18.51 ===============

Now to attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 8/15/2011 1:04:06 PM

System Uptime: 9/13/2012 5:21:56 PM (2 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K53TA

Processor: AMD A6-3400M APU with Radeon™ HD Graphics | P0 | 1400/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 200 GiB total, 38.148 GiB free.

D: is FIXED (NTFS) - 201 GiB total, 175.714 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP197: 8/25/2012 9:39:31 AM - Installed Mumble 1.2.4

RP198: 8/27/2012 4:38:07 PM - Windows Update

RP199: 8/30/2012 6:06:35 PM - Windows Update

RP200: 9/7/2012 6:52:48 PM - Windows Update

RP201: 9/8/2012 10:24:51 AM - Windows Update

.

==== Installed Programs ======================

.

??????? Windows Live Mesh ActiveX ??(????)

??????? Windows Live Mesh ActiveX ?

7-Zip 9.20

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader X (10.1.4)

Adobe Shockwave Player 11.6

Amazon MP3 Downloader 1.0.15

Amazon MP3 Uploader

Amazon Unbox Video

AMD VISION Engine Control Center

Apple Application Support

Apple Software Update

ASUS AI Recovery

ASUS FaceLogon

ASUS FancyStart

ASUS LifeFrame3

ASUS Live Update

ASUS Splendid Video Enhancement Technology

ASUS WebStorage

ASUS_Screensaver

AsusVibe2.0

Atheros Client Installation Program

ATK Package

BattleTag

BibleWorks 7

BIT.TRIP RUNNER

Blockland

Bulletstorm

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

Catalyst Control Center Profiles Mobile

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Complemento Messenger

Complément Messenger

Contrôle ActiveX Windows Live Mesh pour connexions à distance

Control ActiveX de Windows Live Mesh para conexiones remotas

Controlo ActiveX do Windows Live Mesh para Ligações Remotas

CyberLink LabelPrint

CyberLink Power2Go

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dropbox

Dual-Core Optimizer

Fraps (remove only)

Frozen Synapse

Galeria de Fotografias do Windows Live

Galerie de photos Windows Live

Galería fotográfica de Windows Live

Glasses Inventory

Glasses Reader

Google Chrome

Google Drive

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

Guild Wars 2

HP Officejet 6500 E710n-z Help

HP Update

I.R.I.S. OCR

iolo technologies' System Mechanic

Java Auto Updater

Java™ 7 Update 4

JavaFX 2.1.0

join.me

Junk Mail filter update

League of Legends

LogMeIn

Lone Survivor

Magicka

Malwarebytes Anti-Malware version 1.62.0.1300

Marketsplash Shortcuts

Mesh Runtime

Messenger ????

Messenger ?????

Messenger Companion

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0

Mozilla Firefox 12.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB973685)

Mumble 1.2.4

Norton Security Scan

Notepad++

NVIDIA PhysX

OpenAL

Pando Media Booster

PAYDAY: The Heist

QuickTime

Rags Suite

Razer TRON

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

Ricochet

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Skype™ 5.10

Sonic Focus

Splashtop Streamer

Spotify

Steam

swMSM

syncables desktop SE

Synergy

System Requirements Lab CYRI

Team Fortress Classic

Terraria

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Visual Studio 2008 x64 Redistributables

VLC media player 2.0.2

Winamp

Winamp Detector Plug-in

Windows Live

Windows Live ???

Windows Live ????

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinFlash

WinX Blu-ray Decrypter 3.0.0

WinX DVD Copy Pro 2.2.0

Wireless Console 3

Zentimo PRO 1.4

.

==== Event Viewer Messages From Past Week ========

.

9/9/2012 11:08:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wscsvc service.

9/9/2012 11:07:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

9/9/2012 11:03:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioSrv service.

9/7/2012 6:33:12 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer MARK-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{41FC6179-DC39-4CB7-A698-FFF2F9A9037B}. The master browser is stopping or an election is being forced.

9/12/2012 7:52:16 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.20. The computer with the IP address 192.168.1.9 did not allow the name to be claimed by this computer.

9/10/2012 4:35:19 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Amazon Unbox Video Service service to connect.

.

==== End Of File ===========================

[MrCharlie]

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

[Allyorbase]

Again, thank you so much for your time!

----------------------------------------------------------------------

RogueKiller V8.0.3 [09/13/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Op [Admin rights]

Mode : Scan -- Date : 09/14/2012 16:01:52

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND

[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST950032 5AS SATA Disk Device +++++

--- User ---

[MBR] 01fb491f7178758ef6712885ded017fd

[bSP] df06fce973fbf9dd0d330166e948636e : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 205084 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 472442880 | Size: 246255 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[MrCharlie]

AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

I see you have multiply AVs installed > you have to pick one and uninstall or disable the rest.

~~~~~~~~~~~~~~~~~~~~~~~~

Please download AdwCleaner from here and save it on your Desktop.

1. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
   
2. Now click on the Search tab.
   
3. Please post the contents of the log-file created in your next post.
   

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

MrC

[Allyorbase]

# AdwCleaner v2.001 - Logfile created 09/15/2012 at 15:14:28

# Updated 09/09/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Op - WRIGHT-PC

# Boot Mode : Normal

# Running from : C:\Users\Op\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\splashtop

Folder Found : C:\ProgramData\Partner

Folder Found : C:\ProgramData\splashtop

***** [Registry] *****

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default

File : C:\Users\Op\AppData\Roaming\Mozilla\Firefox\Profiles\ga0w6j45.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [unable to get version]

File : C:\Users\Op\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [963 octets] - [15/09/2012 15:14:28]

########## EOF - C:\AdwCleaner[R1].txt - [1022 octets] ##########

[MrCharlie]

Not much showing......

Please read the directions carefully so you don't end up deleting something that is good!!

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

[Maurice Naggar]

Thread re-opened per request by Allyorbase.

Do as per MrC's guidance.

[Allyorbase]

Thank you Maurice!

And here is the log:

18:58:03.0420 8256 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24

18:58:04.0002 8256 ============================================================

18:58:04.0002 8256 Current date / time: 2012/09/23 18:58:04.0002

18:58:04.0002 8256 SystemInfo:

18:58:04.0002 8256

18:58:04.0003 8256 OS Version: 6.1.7601 ServicePack: 1.0

18:58:04.0003 8256 Product type: Workstation

18:58:04.0003 8256 ComputerName: WRIGHT-PC

18:58:04.0003 8256 UserName: Op

18:58:04.0003 8256 Windows directory: C:\Windows

18:58:04.0003 8256 System windows directory: C:\Windows

18:58:04.0003 8256 Running under WOW64

18:58:04.0003 8256 Processor architecture: Intel x64

18:58:04.0003 8256 Number of processors: 4

18:58:04.0003 8256 Page size: 0x1000

18:58:04.0003 8256 Boot type: Normal boot

18:58:04.0003 8256 ============================================================

18:58:05.0780 8256 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

18:58:05.0853 8256 ============================================================

18:58:05.0853 8256 \Device\Harddisk0\DR0:

18:58:05.0853 8256 MBR partitions:

18:58:05.0853 8256 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x1908E000

18:58:05.0868 8256 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C28F000, BlocksNum 0x192D7000

18:58:05.0868 8256 ============================================================

18:58:05.0910 8256 C: <-> \Device\Harddisk0\DR0\Partition1

18:58:06.0001 8256 D: <-> \Device\Harddisk0\DR0\Partition2

18:58:06.0022 8256 ============================================================

18:58:06.0022 8256 Initialize success

18:58:06.0022 8256 ============================================================

18:58:19.0097 5240 ============================================================

18:58:19.0098 5240 Scan started

18:58:19.0098 5240 Mode: Manual; SigCheck; TDLFS;

18:58:19.0098 5240 ============================================================

18:58:23.0852 5240 ================ Scan system memory ========================

18:58:23.0852 5240 System memory - ok

18:58:23.0853 5240 ================ Scan services =============================

18:58:24.0077 5240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

18:58:24.0751 5240 1394ohci - ok

18:58:24.0841 5240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

18:58:24.0873 5240 ACPI - ok

18:58:24.0951 5240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

18:58:25.0305 5240 AcpiPmi - ok

18:58:25.0530 5240 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

18:58:25.0555 5240 AdobeARMservice - ok

18:58:25.0645 5240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

18:58:25.0676 5240 adp94xx - ok

18:58:25.0717 5240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

18:58:25.0743 5240 adpahci - ok

18:58:25.0807 5240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

18:58:25.0830 5240 adpu320 - ok

18:58:25.0942 5240 [ 7233688FC422EF657E082309E6180142 ] ADVService C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe

18:58:26.0039 5240 ADVService ( UnsignedFile.Multi.Generic ) - warning

18:58:26.0039 5240 ADVService - detected UnsignedFile.Multi.Generic (1)

18:58:26.0103 5240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

18:58:27.0194 5240 AeLookupSvc - ok

18:58:27.0257 5240 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe

18:58:27.0327 5240 AFBAgent - ok

18:58:27.0398 5240 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

18:58:27.0480 5240 AFD - ok

18:58:27.0521 5240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

18:58:27.0540 5240 agp440 - ok

18:58:27.0569 5240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

18:58:27.0647 5240 ALG - ok

18:58:27.0679 5240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

18:58:27.0697 5240 aliide - ok

18:58:27.0755 5240 [ D0A5CC6B7932E7804ABCE66DEB331E63 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

18:58:27.0836 5240 AMD External Events Utility - ok

18:58:27.0928 5240 AMD FUEL Service - ok

18:58:27.0970 5240 [ F1A84D67A03F7536EBDA9DB426EF0E00 ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys

18:58:27.0988 5240 amdhub30 - ok

18:58:28.0025 5240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

18:58:28.0043 5240 amdide - ok

18:58:28.0089 5240 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys

18:58:28.0105 5240 amdiox64 - ok

18:58:28.0161 5240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

18:58:28.0213 5240 AmdK8 - ok

18:58:28.0473 5240 [ 73B928832DDEF61B21F64E88AAC65E92 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

18:58:28.0878 5240 amdkmdag - ok

18:58:28.0940 5240 [ BD6E1FED09FC69482E61A486968E5DDF ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

18:58:28.0982 5240 amdkmdap - ok

18:58:29.0018 5240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

18:58:29.0083 5240 AmdPPM - ok

18:58:29.0122 5240 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

18:58:29.0141 5240 amdsata - ok

18:58:29.0168 5240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

18:58:29.0190 5240 amdsbs - ok

18:58:29.0235 5240 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

18:58:29.0252 5240 amdxata - ok

18:58:29.0274 5240 [ D8C25FF90E2E8FC7CBE26E2203EC4757 ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys

18:58:29.0293 5240 amdxhc - ok

18:58:29.0325 5240 [ BB4FE7889DB9CBBE61A308E99697F53C ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys

18:58:29.0340 5240 amd_sata - ok

18:58:29.0351 5240 [ 5631CBA53F1CBEA3F9E88348E6723391 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys

18:58:29.0367 5240 amd_xata - ok

18:58:29.0404 5240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

18:58:29.0595 5240 AppID - ok

18:58:29.0616 5240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

18:58:29.0705 5240 AppIDSvc - ok

18:58:29.0753 5240 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

18:58:29.0823 5240 Appinfo - ok

18:58:29.0856 5240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

18:58:29.0876 5240 arc - ok

18:58:29.0891 5240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

18:58:29.0911 5240 arcsas - ok

18:58:30.0003 5240 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

18:58:30.0036 5240 ASLDRService - ok

18:58:30.0080 5240 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

18:58:30.0171 5240 ASMMAP64 - ok

18:58:30.0263 5240 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

18:58:30.0308 5240 aspnet_state - ok

18:58:30.0342 5240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

18:58:30.0413 5240 AsyncMac - ok

18:58:30.0444 5240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

18:58:30.0461 5240 atapi - ok

18:58:30.0525 5240 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys

18:58:30.0694 5240 athr - ok

18:58:30.0752 5240 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

18:58:30.0776 5240 AtiHDAudioService - ok

18:58:30.0795 5240 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

18:58:30.0811 5240 ATKGFNEXSrv - ok

18:58:30.0853 5240 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

18:58:30.0868 5240 ATKWMIACPIIO - ok

18:58:30.0923 5240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

18:58:31.0016 5240 AudioEndpointBuilder - ok

18:58:31.0044 5240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

18:58:31.0105 5240 AudioSrv - ok

18:58:31.0174 5240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

18:58:31.0266 5240 AxInstSV - ok

18:58:31.0309 5240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

18:58:31.0363 5240 b06bdrv - ok

18:58:31.0410 5240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

18:58:31.0484 5240 b57nd60a - ok

18:58:31.0524 5240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

18:58:31.0597 5240 BDESVC - ok

18:58:31.0629 5240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

18:58:31.0706 5240 Beep - ok

18:58:31.0766 5240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

18:58:31.0881 5240 BFE - ok

18:58:31.0929 5240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

18:58:32.0034 5240 BITS - ok

18:58:32.0079 5240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

18:58:32.0132 5240 blbdrive - ok

18:58:32.0170 5240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

18:58:32.0229 5240 bowser - ok

18:58:32.0267 5240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

18:58:32.0360 5240 BrFiltLo - ok

18:58:32.0375 5240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

18:58:32.0423 5240 BrFiltUp - ok

18:58:32.0479 5240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

18:58:32.0531 5240 Browser - ok

18:58:32.0565 5240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

18:58:32.0639 5240 Brserid - ok

18:58:32.0661 5240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

18:58:32.0698 5240 BrSerWdm - ok

18:58:32.0719 5240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

18:58:32.0754 5240 BrUsbMdm - ok

18:58:32.0771 5240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

18:58:32.0803 5240 BrUsbSer - ok

18:58:32.0873 5240 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

18:58:32.0958 5240 BthEnum - ok

18:58:33.0001 5240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

18:58:33.0044 5240 BTHMODEM - ok

18:58:33.0099 5240 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

18:58:33.0158 5240 BthPan - ok

18:58:33.0225 5240 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

18:58:33.0281 5240 BTHPORT - ok

18:58:33.0308 5240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

18:58:33.0378 5240 bthserv - ok

18:58:33.0413 5240 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

18:58:33.0447 5240 BTHUSB - ok

18:58:33.0481 5240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

18:58:33.0546 5240 cdfs - ok

18:58:33.0601 5240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

18:58:33.0651 5240 cdrom - ok

18:58:33.0701 5240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

18:58:33.0777 5240 CertPropSvc - ok

18:58:33.0836 5240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

18:58:33.0883 5240 circlass - ok

18:58:33.0920 5240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

18:58:33.0947 5240 CLFS - ok

18:58:33.0997 5240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:58:34.0018 5240 clr_optimization_v2.0.50727_32 - ok

18:58:34.0051 5240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

18:58:34.0071 5240 clr_optimization_v2.0.50727_64 - ok

18:58:34.0134 5240 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:58:34.0247 5240 clr_optimization_v4.0.30319_32 - ok

18:58:34.0262 5240 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

18:58:34.0304 5240 clr_optimization_v4.0.30319_64 - ok

18:58:34.0340 5240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

18:58:34.0380 5240 CmBatt - ok

18:58:34.0417 5240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

18:58:34.0434 5240 cmdide - ok

18:58:34.0497 5240 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

18:58:34.0558 5240 CNG - ok

18:58:34.0589 5240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

18:58:34.0607 5240 Compbatt - ok

18:58:34.0628 5240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

18:58:34.0666 5240 CompositeBus - ok

18:58:34.0688 5240 COMSysApp - ok

18:58:34.0709 5240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

18:58:34.0727 5240 crcdisk - ok

18:58:34.0773 5240 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

18:58:34.0819 5240 CryptSvc - ok

18:58:34.0864 5240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

18:58:34.0952 5240 DcomLaunch - ok

18:58:34.0990 5240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

18:58:35.0067 5240 defragsvc - ok

18:58:35.0104 5240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

18:58:35.0167 5240 DfsC - ok

18:58:35.0212 5240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

18:58:35.0302 5240 Dhcp - ok

18:58:35.0356 5240 [ CD5FBA35225AB3674D31A04E63E534D9 ] DigiartyVirtualCDBus C:\Windows\system32\drivers\DigiartyVirtualCDBus.sys

18:58:35.0380 5240 DigiartyVirtualCDBus - ok

18:58:35.0416 5240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

18:58:35.0500 5240 discache - ok

18:58:35.0556 5240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

18:58:35.0575 5240 Disk - ok

18:58:35.0603 5240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

18:58:35.0663 5240 Dnscache - ok

18:58:35.0686 5240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

18:58:35.0762 5240 dot3svc - ok

18:58:35.0795 5240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

18:58:35.0879 5240 DPS - ok

18:58:35.0922 5240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

18:58:35.0959 5240 drmkaud - ok

18:58:36.0009 5240 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

18:58:36.0109 5240 DXGKrnl - ok

18:58:36.0158 5240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

18:58:36.0212 5240 EapHost - ok

18:58:36.0320 5240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

18:58:36.0466 5240 ebdrv - ok

18:58:36.0504 5240 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

18:58:36.0558 5240 EFS - ok

18:58:36.0628 5240 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

18:58:36.0713 5240 ehRecvr - ok

18:58:36.0741 5240 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

18:58:36.0801 5240 ehSched - ok

18:58:36.0846 5240 [ D38A883309E04B9FBFFE1ACA60EA3BBF ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys

18:58:36.0863 5240 ElRawDisk - ok

18:58:36.0918 5240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

18:58:36.0949 5240 elxstor - ok

18:58:36.0975 5240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

18:58:37.0012 5240 ErrDev - ok

18:58:37.0062 5240 [ 4C120D2B2EA269EAE7A5744794EB6DB1 ] ETD C:\Windows\system32\DRIVERS\ETD.sys

18:58:37.0082 5240 ETD - ok

18:58:37.0131 5240 [ 932C05033053ADA2404FD836C9AB2C70 ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys

18:58:37.0147 5240 EuMusDesignVirtualAudioCableWdm - ok

18:58:37.0206 5240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

18:58:37.0279 5240 EventSystem - ok

18:58:37.0299 5240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

18:58:37.0380 5240 exfat - ok

18:58:37.0431 5240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

18:58:37.0506 5240 fastfat - ok

18:58:37.0555 5240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

18:58:37.0640 5240 Fax - ok

18:58:37.0663 5240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

18:58:37.0702 5240 fdc - ok

18:58:37.0740 5240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

18:58:37.0804 5240 fdPHost - ok

18:58:37.0823 5240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

18:58:37.0875 5240 FDResPub - ok

18:58:37.0898 5240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

18:58:37.0917 5240 FileInfo - ok

18:58:37.0930 5240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

18:58:38.0008 5240 Filetrace - ok

18:58:38.0038 5240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

18:58:38.0073 5240 flpydisk - ok

18:58:38.0113 5240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

18:58:38.0137 5240 FltMgr - ok

18:58:38.0188 5240 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

18:58:38.0290 5240 FontCache - ok

18:58:38.0346 5240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

18:58:38.0380 5240 FontCache3.0.0.0 - ok

18:58:38.0416 5240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

18:58:38.0435 5240 FsDepends - ok

18:58:38.0459 5240 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

18:58:38.0477 5240 fssfltr - ok

18:58:38.0556 5240 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

18:58:38.0635 5240 fsssvc - ok

18:58:38.0673 5240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

18:58:38.0690 5240 Fs_Rec - ok

18:58:38.0730 5240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

18:58:38.0759 5240 fvevol - ok

18:58:38.0790 5240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

18:58:38.0809 5240 gagp30kx - ok

18:58:38.0853 5240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

18:58:38.0944 5240 gpsvc - ok

18:58:39.0004 5240 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:58:39.0020 5240 gupdate - ok

18:58:39.0051 5240 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:58:39.0066 5240 gupdatem - ok

18:58:39.0101 5240 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

18:58:39.0120 5240 gusvc - ok

18:58:39.0138 5240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

18:58:39.0210 5240 hcw85cir - ok

18:58:39.0261 5240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

18:58:39.0313 5240 HdAudAddService - ok

18:58:39.0339 5240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

18:58:39.0378 5240 HDAudBus - ok

18:58:39.0410 5240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

18:58:39.0442 5240 HidBatt - ok

18:58:39.0465 5240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

18:58:39.0503 5240 HidBth - ok

18:58:39.0531 5240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

18:58:39.0576 5240 HidIr - ok

18:58:39.0632 5240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

18:58:39.0703 5240 hidserv - ok

18:58:39.0756 5240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

18:58:39.0773 5240 HidUsb - ok

18:58:39.0804 5240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

18:58:39.0876 5240 hkmsvc - ok

18:58:39.0914 5240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

18:58:39.0988 5240 HomeGroupListener - ok

18:58:40.0024 5240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

18:58:40.0058 5240 HomeGroupProvider - ok

18:58:40.0133 5240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

18:58:40.0157 5240 HpSAMD - ok

18:58:40.0208 5240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

18:58:40.0322 5240 HTTP - ok

18:58:40.0343 5240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

18:58:40.0361 5240 hwpolicy - ok

18:58:40.0398 5240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

18:58:40.0417 5240 i8042prt - ok

18:58:40.0454 5240 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

18:58:40.0480 5240 iaStorV - ok

18:58:40.0554 5240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

18:58:40.0611 5240 idsvc - ok

18:58:40.0643 5240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

18:58:40.0661 5240 iirsp - ok

18:58:40.0703 5240 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

18:58:40.0802 5240 IKEEXT - ok

18:58:40.0919 5240 [ 9F573C952961F444F400489E81ECA381 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

18:58:41.0040 5240 IntcAzAudAddService - ok

18:58:41.0059 5240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

18:58:41.0077 5240 intelide - ok

18:58:41.0114 5240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

18:58:41.0155 5240 intelppm - ok

18:58:41.0200 5240 [ 718759B7A0D5ED80865448B8A673657B ] ioloSystemService C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

18:58:41.0246 5240 ioloSystemService - ok

18:58:41.0283 5240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

18:58:41.0364 5240 IPBusEnum - ok

18:58:41.0396 5240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:58:41.0462 5240 IpFilterDriver - ok

18:58:41.0508 5240 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

18:58:41.0602 5240 iphlpsvc - ok

18:58:41.0630 5240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

18:58:41.0662 5240 IPMIDRV - ok

18:58:41.0696 5240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

18:58:41.0748 5240 IPNAT - ok

18:58:41.0774 5240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

18:58:41.0852 5240 IRENUM - ok

18:58:41.0880 5240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

18:58:41.0898 5240 isapnp - ok

18:58:41.0931 5240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

18:58:41.0954 5240 iScsiPrt - ok

18:58:41.0996 5240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

18:58:42.0014 5240 kbdclass - ok

18:58:42.0033 5240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

18:58:42.0066 5240 kbdhid - ok

18:58:42.0126 5240 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys

18:58:42.0140 5240 kbfiltr - ok

18:58:42.0152 5240 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

18:58:42.0168 5240 KeyIso - ok

18:58:42.0200 5240 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

18:58:42.0219 5240 KSecDD - ok

18:58:42.0243 5240 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

18:58:42.0263 5240 KSecPkg - ok

18:58:42.0290 5240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

18:58:42.0341 5240 ksthunk - ok

18:58:42.0380 5240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

18:58:42.0464 5240 KtmRm - ok

18:58:42.0493 5240 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys

18:58:42.0533 5240 L1C - ok

18:58:42.0580 5240 [ CE4347E2D90DB2E5517B6F2BC720A862 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys

18:58:42.0605 5240 LADF_CaptureOnly - ok

18:58:42.0638 5240 [ 85A9D21D3AE2EA963E111CB150895877 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys

18:58:42.0662 5240 LADF_RenderOnly - ok

18:58:42.0708 5240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

18:58:42.0781 5240 LanmanServer - ok

18:58:42.0827 5240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

18:58:42.0880 5240 LanmanWorkstation - ok

18:58:42.0923 5240 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys

18:58:42.0938 5240 LGBusEnum - ok

18:58:42.0961 5240 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys

18:58:42.0991 5240 LGVirHid - ok

18:58:43.0035 5240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

18:58:43.0103 5240 lltdio - ok

18:58:43.0137 5240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

18:58:43.0205 5240 lltdsvc - ok

18:58:43.0224 5240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

18:58:43.0276 5240 lmhosts - ok

18:58:43.0365 5240 [ AD988709675D9E35A60B2616BEF108E9 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

18:58:43.0388 5240 LMIGuardianSvc - ok

18:58:43.0398 5240 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys

18:58:43.0413 5240 LMIInfo - ok

18:58:43.0467 5240 [ BD043199FC0BF5F2810F54C8B374590B ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

18:58:43.0494 5240 LMIMaint - ok

18:58:43.0527 5240 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys

18:58:43.0543 5240 lmimirr - ok

18:58:43.0570 5240 LMIRfsClientNP - ok

18:58:43.0602 5240 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys

18:58:43.0618 5240 LMIRfsDriver - ok

18:58:43.0654 5240 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

18:58:43.0678 5240 LogMeIn - ok

18:58:43.0740 5240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

18:58:43.0764 5240 LSI_FC - ok

18:58:43.0798 5240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

18:58:43.0817 5240 LSI_SAS - ok

18:58:43.0843 5240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

18:58:43.0861 5240 LSI_SAS2 - ok

18:58:43.0882 5240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

18:58:43.0902 5240 LSI_SCSI - ok

18:58:43.0958 5240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

18:58:44.0034 5240 luafv - ok

18:58:44.0068 5240 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

18:58:44.0089 5240 Mcx2Svc - ok

18:58:44.0108 5240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

18:58:44.0126 5240 megasas - ok

18:58:44.0164 5240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

18:58:44.0188 5240 MegaSR - ok

18:58:44.0208 5240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

18:58:44.0274 5240 MMCSS - ok

18:58:44.0302 5240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

18:58:44.0367 5240 Modem - ok

18:58:44.0405 5240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

18:58:44.0437 5240 monitor - ok

18:58:44.0465 5240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

18:58:44.0483 5240 mouclass - ok

18:58:44.0513 5240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

18:58:44.0530 5240 mouhid - ok

18:58:44.0571 5240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

18:58:44.0590 5240 mountmgr - ok

18:58:44.0652 5240 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

18:58:44.0671 5240 MozillaMaintenance - ok

18:58:44.0716 5240 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

18:58:44.0740 5240 MpFilter - ok

18:58:44.0771 5240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

18:58:44.0791 5240 mpio - ok

18:58:44.0810 5240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

18:58:44.0876 5240 mpsdrv - ok

18:58:44.0922 5240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

18:58:45.0021 5240 MpsSvc - ok

18:58:45.0060 5240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

18:58:45.0103 5240 MRxDAV - ok

18:58:45.0135 5240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

18:58:45.0188 5240 mrxsmb - ok

18:58:45.0214 5240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:58:45.0254 5240 mrxsmb10 - ok

18:58:45.0281 5240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:58:45.0318 5240 mrxsmb20 - ok

18:58:45.0347 5240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

18:58:45.0365 5240 msahci - ok

18:58:45.0394 5240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

18:58:45.0416 5240 msdsm - ok

18:58:45.0446 5240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

18:58:45.0479 5240 MSDTC - ok

18:58:45.0529 5240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

18:58:45.0603 5240 Msfs - ok

18:58:45.0627 5240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

18:58:45.0696 5240 mshidkmdf - ok

18:58:45.0736 5240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

18:58:45.0754 5240 msisadrv - ok

18:58:45.0794 5240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

18:58:45.0872 5240 MSiSCSI - ok

18:58:45.0879 5240 msiserver - ok

18:58:45.0922 5240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

18:58:45.0992 5240 MSKSSRV - ok

18:58:46.0052 5240 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe

18:58:46.0070 5240 MsMpSvc - ok

18:58:46.0097 5240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

18:58:46.0159 5240 MSPCLOCK - ok

18:58:46.0183 5240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

18:58:46.0266 5240 MSPQM - ok

18:58:46.0308 5240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

18:58:46.0333 5240 MsRPC - ok

18:58:46.0357 5240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

18:58:46.0375 5240 mssmbios - ok

18:58:46.0404 5240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

18:58:46.0472 5240 MSTEE - ok

18:58:46.0496 5240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

18:58:46.0534 5240 MTConfig - ok

18:58:46.0555 5240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

18:58:46.0575 5240 Mup - ok

18:58:46.0626 5240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

18:58:46.0697 5240 napagent - ok

18:58:46.0735 5240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

18:58:46.0785 5240 NativeWifiP - ok

18:58:46.0843 5240 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

18:58:46.0907 5240 NDIS - ok

18:58:46.0936 5240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

18:58:47.0000 5240 NdisCap - ok

18:58:47.0022 5240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

18:58:47.0086 5240 NdisTapi - ok

18:58:47.0129 5240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

18:58:47.0193 5240 Ndisuio - ok

18:58:47.0232 5240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

18:58:47.0300 5240 NdisWan - ok

18:58:47.0340 5240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

18:58:47.0414 5240 NDProxy - ok

18:58:47.0458 5240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

18:58:47.0534 5240 NetBIOS - ok

18:58:47.0568 5240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

18:58:47.0655 5240 NetBT - ok

18:58:47.0677 5240 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

18:58:47.0713 5240 Netlogon - ok

18:58:47.0748 5240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

18:58:47.0845 5240 Netman - ok

18:58:47.0887 5240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:58:47.0931 5240 NetMsmqActivator - ok

18:58:47.0937 5240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:58:47.0972 5240 NetPipeActivator - ok

18:58:48.0007 5240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

18:58:48.0079 5240 netprofm - ok

18:58:48.0086 5240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:58:48.0102 5240 NetTcpActivator - ok

18:58:48.0108 5240 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:58:48.0124 5240 NetTcpPortSharing - ok

18:58:48.0172 5240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

18:58:48.0190 5240 nfrd960 - ok

18:58:48.0260 5240 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

18:58:48.0277 5240 NisDrv - ok

18:58:48.0310 5240 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe

18:58:48.0336 5240 NisSrv - ok

18:58:48.0367 5240 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

18:58:48.0441 5240 NlaSvc - ok

18:58:48.0483 5240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

18:58:48.0535 5240 Npfs - ok

18:58:48.0554 5240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

18:58:48.0625 5240 nsi - ok

18:58:48.0645 5240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

18:58:48.0710 5240 nsiproxy - ok

18:58:48.0774 5240 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

18:58:48.0856 5240 Ntfs - ok

18:58:48.0896 5240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

18:58:48.0946 5240 Null - ok

18:58:48.0985 5240 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

18:58:49.0005 5240 nvraid - ok

18:58:49.0031 5240 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

18:58:49.0052 5240 nvstor - ok

18:58:49.0088 5240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

18:58:49.0109 5240 nv_agp - ok

18:58:49.0141 5240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

18:58:49.0181 5240 ohci1394 - ok

18:58:49.0231 5240 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:58:49.0249 5240 ose - ok

18:58:49.0408 5240 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

18:58:49.0634 5240 osppsvc - ok

18:58:49.0670 5240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

18:58:49.0730 5240 p2pimsvc - ok

18:58:49.0791 5240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

18:58:49.0837 5240 p2psvc - ok

18:58:49.0881 5240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

18:58:49.0930 5240 Parport - ok

18:58:49.0968 5240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

18:58:49.0987 5240 partmgr - ok

18:58:50.0013 5240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

18:58:50.0053 5240 PcaSvc - ok

18:58:50.0085 5240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

18:58:50.0107 5240 pci - ok

18:58:50.0135 5240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

18:58:50.0152 5240 pciide - ok

18:58:50.0173 5240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

18:58:50.0195 5240 pcmcia - ok

18:58:50.0203 5240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

18:58:50.0221 5240 pcw - ok

18:58:50.0265 5240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

18:58:50.0365 5240 PEAUTH - ok

18:58:50.0450 5240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

18:58:50.0487 5240 PerfHost - ok

18:58:50.0565 5240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

18:58:50.0676 5240 pla - ok

18:58:50.0735 5240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

18:58:50.0801 5240 PlugPlay - ok

18:58:50.0832 5240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

18:58:50.0871 5240 PNRPAutoReg - ok

18:58:50.0902 5240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

18:58:50.0923 5240 PNRPsvc - ok

18:58:50.0950 5240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

18:58:51.0109 5240 PolicyAgent - ok

18:58:51.0143 5240 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

18:58:51.0213 5240 Power - ok

18:58:51.0241 5240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

18:58:51.0310 5240 PptpMiniport - ok

18:58:51.0339 5240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

18:58:51.0391 5240 Processor - ok

18:58:51.0421 5240 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

18:58:51.0455 5240 ProfSvc - ok

18:58:51.0474 5240 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

18:58:51.0490 5240 ProtectedStorage - ok

18:58:51.0532 5240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

18:58:51.0603 5240 Psched - ok

18:58:51.0655 5240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

18:58:51.0736 5240 ql2300 - ok

18:58:51.0775 5240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

18:58:51.0795 5240 ql40xx - ok

18:58:51.0820 5240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

18:58:51.0850 5240 QWAVE - ok

18:58:51.0867 5240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

18:58:51.0909 5240 QWAVEdrv - ok

18:58:51.0940 5240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

18:58:52.0007 5240 RasAcd - ok

18:58:52.0065 5240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

18:58:52.0132 5240 RasAgileVpn - ok

18:58:52.0166 5240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

18:58:52.0234 5240 RasAuto - ok

18:58:52.0270 5240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

18:58:52.0340 5240 Rasl2tp - ok

18:58:52.0360 5240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

18:58:52.0435 5240 RasMan - ok

18:58:52.0472 5240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

18:58:52.0544 5240 RasPppoe - ok

18:58:52.0565 5240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

18:58:52.0638 5240 RasSstp - ok

18:58:52.0666 5240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

18:58:52.0722 5240 rdbss - ok

18:58:52.0758 5240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

18:58:52.0794 5240 rdpbus - ok

18:58:52.0820 5240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

18:58:52.0884 5240 RDPCDD - ok

18:58:52.0910 5240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

18:58:52.0980 5240 RDPENCDD - ok

18:58:53.0005 5240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

18:58:53.0067 5240 RDPREFMP - ok

18:58:53.0115 5240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

18:58:53.0183 5240 RDPWD - ok

18:58:53.0211 5240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

18:58:53.0235 5240 rdyboost - ok

18:58:53.0280 5240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

18:58:53.0348 5240 RemoteAccess - ok

18:58:53.0400 5240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

18:58:53.0475 5240 RemoteRegistry - ok

18:58:53.0519 5240 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

18:58:53.0559 5240 RFCOMM - ok

18:58:53.0584 5240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

18:58:53.0655 5240 RpcEptMapper - ok

18:58:53.0688 5240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

18:58:53.0725 5240 RpcLocator - ok

18:58:53.0763 5240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

18:58:53.0820 5240 RpcSs - ok

18:58:53.0836 5240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

18:58:53.0905 5240 rspndr - ok

18:58:53.0957 5240 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

18:58:53.0990 5240 RSUSBSTOR - ok

18:58:54.0051 5240 [ 16D4E350420BAA7E63E16E3FC033E1F5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

18:58:54.0078 5240 RTL8167 - ok

18:58:54.0125 5240 [ D12D7E04E08699F7E0631B656F2060FF ] RzSynapse C:\Windows\system32\DRIVERS\RzSynapse.sys

18:58:54.0182 5240 RzSynapse - ok

18:58:54.0192 5240 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

18:58:54.0209 5240 SamSs - ok

18:58:54.0230 5240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

18:58:54.0249 5240 sbp2port - ok

18:58:54.0275 5240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

18:58:54.0340 5240 SCardSvr - ok

18:58:54.0366 5240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

18:58:54.0415 5240 scfilter - ok

18:58:54.0463 5240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

18:58:54.0589 5240 Schedule - ok

18:58:54.0624 5240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

18:58:54.0672 5240 SCPolicySvc - ok

18:58:54.0706 5240 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

18:58:54.0729 5240 sdbus - ok

18:58:54.0757 5240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

18:58:54.0819 5240 SDRSVC - ok

18:58:54.0848 5240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

18:58:54.0915 5240 secdrv - ok

18:58:54.0946 5240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

18:58:55.0017 5240 seclogon - ok

18:58:55.0053 5240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

18:58:55.0132 5240 SENS - ok

18:58:55.0158 5240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

18:58:55.0214 5240 SensrSvc - ok

18:58:55.0262 5240 [ 9B9B2F0A0432D938C726CCB25D66CB1B ] ser2at C:\Windows\system32\DRIVERS\ser2at64.sys

18:58:55.0327 5240 ser2at - ok

18:58:55.0352 5240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

18:58:55.0383 5240 Serenum - ok

18:58:55.0428 5240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

18:58:55.0459 5240 Serial - ok

18:58:55.0489 5240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

18:58:55.0530 5240 sermouse - ok

18:58:55.0579 5240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

18:58:55.0651 5240 SessionEnv - ok

18:58:55.0685 5240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

18:58:55.0739 5240 sffdisk - ok

18:58:55.0761 5240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

18:58:55.0791 5240 sffp_mmc - ok

18:58:55.0807 5240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

18:58:55.0843 5240 sffp_sd - ok

18:58:55.0873 5240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

18:58:55.0907 5240 sfloppy - ok

18:58:55.0944 5240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

18:58:56.0017 5240 SharedAccess - ok

18:58:56.0073 5240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

18:58:56.0145 5240 ShellHWDetection - ok

18:58:56.0188 5240 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys

18:58:56.0218 5240 SiSGbeLH - ok

18:58:56.0247 5240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

18:58:56.0264 5240 SiSRaid2 - ok

18:58:56.0283 5240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

18:58:56.0304 5240 SiSRaid4 - ok

18:58:56.0391 5240 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

18:58:56.0410 5240 SkypeUpdate - ok

18:58:56.0438 5240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

18:58:56.0506 5240 Smb - ok

18:58:56.0561 5240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

18:58:56.0580 5240 SNMPTRAP - ok

18:58:56.0629 5240 [ CCF611A259882D8CF4DBABAE2341EE31 ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe

18:58:56.0657 5240 SplashtopRemoteService - ok

18:58:56.0684 5240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

18:58:56.0703 5240 spldr - ok

18:58:56.0749 5240 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

18:58:56.0805 5240 Spooler - ok

18:58:56.0905 5240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

18:58:57.0086 5240 sppsvc - ok

18:58:57.0114 5240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

18:58:57.0184 5240 sppuinotify - ok

18:58:57.0225 5240 [ 34F974F8B3C86DE03A30DCBE79091C97 ] sptd C:\Windows\system32\Drivers\sptd.sys

18:58:57.0226 5240 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34F974F8B3C86DE03A30DCBE79091C97

18:58:57.0227 5240 sptd ( LockedFile.Multi.Generic ) - warning

18:58:57.0227 5240 sptd - detected LockedFile.Multi.Generic (1)

18:58:57.0268 5240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

18:58:57.0332 5240 srv - ok

18:58:57.0359 5240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

18:58:57.0401 5240 srv2 - ok

18:58:57.0428 5240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

18:58:57.0463 5240 srvnet - ok

18:58:57.0510 5240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

18:58:57.0586 5240 SSDPSRV - ok

18:58:57.0609 5240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

18:58:57.0679 5240 SstpSvc - ok

18:58:57.0731 5240 [ 1CFA4A1F3C7BB4C8F299E00428EB8677 ] SSUService C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

18:58:57.0754 5240 SSUService - ok

18:58:57.0804 5240 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

18:58:57.0818 5240 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning

18:58:57.0818 5240 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)

18:58:57.0851 5240 Steam Client Service - ok

18:58:57.0877 5240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

18:58:57.0894 5240 stexstor - ok

18:58:57.0939 5240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

18:58:57.0989 5240 stisvc - ok

18:58:58.0018 5240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

18:58:58.0035 5240 swenum - ok

18:58:58.0066 5240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

18:58:58.0163 5240 swprv - ok

18:58:58.0232 5240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

18:58:58.0312 5240 SysMain - ok

18:58:58.0345 5240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

18:58:58.0372 5240 TabletInputService - ok

18:58:58.0392 5240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

18:58:58.0448 5240 TapiSrv - ok

18:58:58.0474 5240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

18:58:58.0548 5240 TBS - ok

18:58:58.0634 5240 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

18:58:58.0727 5240 Tcpip - ok

18:58:58.0795 5240 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

18:58:58.0853 5240 TCPIP6 - ok

18:58:58.0911 5240 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

18:58:58.0983 5240 tcpipreg - ok

18:58:59.0019 5240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

18:58:59.0086 5240 TDPIPE - ok

18:58:59.0123 5240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

18:58:59.0158 5240 TDTCP - ok

18:58:59.0195 5240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

18:58:59.0247 5240 tdx - ok

18:58:59.0268 5240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

18:58:59.0290 5240 TermDD - ok

18:58:59.0325 5240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

18:58:59.0420 5240 TermService - ok

18:58:59.0449 5240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

18:58:59.0474 5240 Themes - ok

18:58:59.0507 5240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

18:58:59.0558 5240 THREADORDER - ok

18:58:59.0580 5240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

18:58:59.0653 5240 TrkWks - ok

18:58:59.0714 5240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

18:58:59.0784 5240 TrustedInstaller - ok

18:58:59.0825 5240 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

18:58:59.0891 5240 tssecsrv - ok

18:58:59.0936 5240 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

18:58:59.0988 5240 TsUsbFlt - ok

18:59:00.0032 5240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

18:59:00.0098 5240 tunnel - ok

18:59:00.0126 5240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

18:59:00.0145 5240 uagp35 - ok

18:59:00.0183 5240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

18:59:00.0261 5240 udfs - ok

18:59:00.0290 5240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

18:59:00.0323 5240 UI0Detect - ok

18:59:00.0340 5240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

18:59:00.0358 5240 uliagpkx - ok

18:59:00.0394 5240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

18:59:00.0431 5240 umbus - ok

18:59:00.0481 5240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

18:59:00.0520 5240 UmPass - ok

18:59:00.0579 5240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

18:59:00.0654 5240 upnphost - ok

18:59:00.0705 5240 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

18:59:00.0747 5240 usbaudio - ok

18:59:00.0777 5240 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

18:59:00.0812 5240 usbccgp - ok

18:59:00.0839 5240 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

18:59:00.0881 5240 usbcir - ok

18:59:00.0920 5240 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

18:59:00.0954 5240 usbehci - ok

18:59:01.0009 5240 [ B7037444DC5138FC7D3D3968B4DE5C4B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

18:59:01.0026 5240 usbfilter - ok

18:59:01.0051 5240 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

18:59:01.0095 5240 usbhub - ok

18:59:01.0119 5240 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

18:59:01.0155 5240 usbohci - ok

18:59:01.0193 5240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

18:59:01.0234 5240 usbprint - ok

18:59:01.0283 5240 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

18:59:01.0317 5240 usbscan - ok

18:59:01.0336 5240 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:59:01.0386 5240 USBSTOR - ok

18:59:01.0402 5240 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

18:59:01.0432 5240 usbuhci - ok

18:59:01.0474 5240 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

18:59:01.0518 5240 usbvideo - ok

18:59:01.0551 5240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

18:59:01.0619 5240 UxSms - ok

18:59:01.0644 5240 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

18:59:01.0660 5240 VaultSvc - ok

18:59:01.0680 5240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

18:59:01.0698 5240 vdrvroot - ok

18:59:01.0740 5240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

18:59:01.0827 5240 vds - ok

18:59:01.0851 5240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

18:59:01.0872 5240 vga - ok

18:59:01.0892 5240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

18:59:01.0962 5240 VgaSave - ok

18:59:01.0995 5240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

18:59:02.0018 5240 vhdmp - ok

18:59:02.0052 5240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

18:59:02.0070 5240 viaide - ok

18:59:02.0116 5240 [ B4D7611B1975C2E6183CCAF8610A7203 ] ViscosityService C:\Program Files\Viscosity\ViscosityService.exe

18:59:02.0133 5240 ViscosityService - ok

18:59:02.0160 5240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

18:59:02.0180 5240 volmgr - ok

18:59:02.0216 5240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

18:59:02.0242 5240 volmgrx - ok

18:59:02.0272 5240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

18:59:02.0297 5240 volsnap - ok

18:59:02.0333 5240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

18:59:02.0355 5240 vsmraid - ok

18:59:02.0419 5240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

18:59:02.0535 5240 VSS - ok

18:59:02.0560 5240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

18:59:02.0597 5240 vwifibus - ok

18:59:02.0618 5240 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

18:59:02.0657 5240 vwififlt - ok

18:59:02.0693 5240 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

18:59:02.0717 5240 vwifimp - ok

18:59:02.0753 5240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

18:59:02.0814 5240 W32Time - ok

18:59:02.0845 5240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

18:59:02.0885 5240 WacomPen - ok

18:59:02.0920 5240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

18:59:02.0983 5240 WANARP - ok

18:59:02.0989 5240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

18:59:03.0038 5240 Wanarpv6 - ok

18:59:03.0102 5240 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

18:59:03.0169 5240 WatAdminSvc - ok

18:59:03.0230 5240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

18:59:03.0337 5240 wbengine - ok

18:59:03.0373 5240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

18:59:03.0402 5240 WbioSrvc - ok

18:59:03.0431 5240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

18:59:03.0475 5240 wcncsvc - ok

18:59:03.0500 5240 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

18:59:03.0560 5240 WcsPlugInService - ok

18:59:03.0581 5240 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

18:59:03.0600 5240 Wd - ok

18:59:03.0640 5240 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

18:59:03.0698 5240 WDC_SAM - ok

18:59:03.0724 5240 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

18:59:03.0770 5240 Wdf01000 - ok

18:59:03.0792 5240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

18:59:03.0895 5240 WdiServiceHost - ok

18:59:03.0900 5240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

18:59:03.0927 5240 WdiSystemHost - ok

18:59:03.0950 5240 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

18:59:03.0997 5240 WebClient - ok

18:59:04.0027 5240 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

18:59:04.0102 5240 Wecsvc - ok

18:59:04.0122 5240 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

18:59:04.0192 5240 wercplsupport - ok

18:59:04.0229 5240 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

18:59:04.0302 5240 WerSvc - ok

18:59:04.0330 5240 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

18:59:04.0382 5240 WfpLwf - ok

18:59:04.0426 5240 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

18:59:04.0449 5240 WimFltr - ok

18:59:04.0466 5240 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

18:59:04.0483 5240 WIMMount - ok

18:59:04.0508 5240 WinDefend - ok

18:59:04.0520 5240 WinHttpAutoProxySvc - ok

18:59:04.0566 5240 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

18:59:04.0640 5240 Winmgmt - ok

18:59:04.0704 5240 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

18:59:04.0836 5240 WinRM - ok

18:59:04.0908 5240 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

18:59:04.0989 5240 Wlansvc - ok

18:59:05.0060 5240 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

18:59:05.0078 5240 wlcrasvc - ok

18:59:05.0184 5240 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

18:59:05.0285 5240 wlidsvc - ok

18:59:05.0316 5240 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

18:59:05.0352 5240 WmiAcpi - ok

18:59:05.0398 5240 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

18:59:05.0431 5240 wmiApSrv - ok

18:59:05.0479 5240 WMPNetworkSvc - ok

18:59:05.0506 5240 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

18:59:05.0529 5240 WPCSvc - ok

18:59:05.0557 5240 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

18:59:05.0594 5240 WPDBusEnum - ok

18:59:05.0619 5240 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

18:59:05.0690 5240 ws2ifsl - ok

18:59:05.0722 5240 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

18:59:05.0766 5240 wscsvc - ok

18:59:05.0774 5240 WSearch - ok

18:59:05.0869 5240 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

18:59:05.0972 5240 wuauserv - ok

18:59:06.0014 5240 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

18:59:06.0086 5240 WudfPf - ok

18:59:06.0115 5240 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

18:59:06.0184 5240 WUDFRd - ok

18:59:06.0217 5240 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

18:59:06.0284 5240 wudfsvc - ok

18:59:06.0310 5240 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

18:59:06.0355 5240 WwanSvc - ok

18:59:06.0442 5240 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys

18:59:06.0502 5240 xusb21 - ok

18:59:06.0549 5240 [ 81036237EDA4A4F5B3ABDAE1F7C9AA60 ] ZentimoService C:\Program Files (x86)\Zentimo\ZentimoService.exe

18:59:06.0568 5240 ZentimoService ( UnsignedFile.Multi.Generic ) - warning

18:59:06.0569 5240 ZentimoService - detected UnsignedFile.Multi.Generic (1)

18:59:06.0609 5240 ================ Scan global ===============================

18:59:06.0640 5240 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

18:59:06.0674 5240 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

18:59:06.0691 5240 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

18:59:06.0716 5240 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

18:59:06.0742 5240 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

18:59:06.0749 5240 [Global] - ok

18:59:06.0750 5240 ================ Scan MBR ==================================

18:59:06.0761 5240 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

18:59:07.0181 5240 \Device\Harddisk0\DR0 - ok

18:59:07.0182 5240 ================ Scan VBR ==================================

18:59:07.0187 5240 [ 18C7B076AD34994B986F68808A0BD1C6 ] \Device\Harddisk0\DR0\Partition1

18:59:07.0189 5240 \Device\Harddisk0\DR0\Partition1 - ok

18:59:07.0216 5240 [ 5A972633001B46C13D2A65ABB7C82013 ] \Device\Harddisk0\DR0\Partition2

18:59:07.0219 5240 \Device\Harddisk0\DR0\Partition2 - ok

18:59:07.0219 5240 ============================================================

18:59:07.0219 5240 Scan finished

18:59:07.0219 5240 ============================================================

18:59:07.0238 7736 Detected object count: 4

18:59:07.0238 7736 Actual detected object count: 4

19:00:43.0360 7736 ADVService ( UnsignedFile.Multi.Generic ) - skipped by user

19:00:43.0360 7736 ADVService ( UnsignedFile.Multi.Generic ) - User select action: Skip

19:00:43.0363 7736 sptd ( LockedFile.Multi.Generic ) - skipped by user

19:00:43.0363 7736 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

19:00:43.0366 7736 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user

19:00:43.0366 7736 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip

19:00:43.0369 7736 ZentimoService ( UnsignedFile.Multi.Generic ) - skipped by user

19:00:43.0369 7736 ZentimoService ( UnsignedFile.Multi.Generic ) - User select action: Skip

[MrCharlie]

Also, it seems, I cannot access MSE, whether that is related or not, I don't know, but I can't enable it.

You'll have to reinstall it.

~~~~~~~~~~~~~~~~

Not much showing, lets run ComboFix:

Please back up the registry:

http://www.geekstogo...ry-using-erunt/

Please create a new system restore point also.

If after running ComboFix you can't connect to the internet, please navigate to

the C:\WINDOWS\ERDNT folder and run ERDNT.exe

If that doesn't work....use that system restore point and that will correct the problem.

............................

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[MrCharlie]

How are we doing??

Do you still need help or can I close this post??

MrC

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!