Not sure qgats going on

[asianmusicguy]

recently i got a warning form google about unusal traffic from my pc i have peer block installed to mointor connections and latly its been blocking odd things i dont even use p2p networks

and most recently i have been getting sever not foud errors when traveling to google not all the time but i have checked otther systems on the network and they can acess just fine

[Maurice Naggar]

Hello asiamusicguy,

I will caution you to not run tools, such as TDSSKILLER, on your own.

I also need for you to -not- attach logs. I need for you to Copy & Paste in line all your logs.

Please do so now, starting with DDS & MBAM log

and

tell me if you use IM programs.

[asianmusicguy]

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2

Run by Branden at 12:08:27 on 2013-02-03

Microsoft Windows 7 Professional 6.1.7601.1.1252.2.1033.18.16334.14354 [GMT -7:00]

.

AV: Kaspersky PURE 2.0 *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}

SP: Kaspersky PURE 2.0 *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky PURE 2.0 *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\HitmanPro\hmpsched.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe

C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe

C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

C:\Program Files\Microsoft LifeCam\MSCamS64.exe

C:\Program Files (x86)\Skype\Updater\Updater.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\wmi64.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Program Files\HitmanPro\HitmanPro.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe

C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe

C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe

C:\Program Files\Core Temp\Core Temp.exe

C:\Program Files\PeerBlock\peerblock.exe

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe

C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe

BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll

uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe

uRun: [Power2GoExpress] NA

uRun: [Google Update] "C:\Users\Branden\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe"

mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

mRun: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe

mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60

mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe

mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm

IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll

DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{E4C4F02E-E845-4536-B6EB-A83806C78A51} : DHCPNameServer = 192.168.0.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

IFEO: taskmgr.exe - "C:\PROGRAM FILES\PROCESSEXPLORER\PROCEXP.EXE"

x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll

x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P

x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"

x64-Run: [intelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"

x64-Run: [intelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"

x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll

x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: klogon - C:\Windows\System32\klogon.dll

x64-SSODL: WebCheck - <orphaned>

x64-IFEO: taskmgr.exe - "C:\PROGRAM FILES\PROCESSEXPLORER\PROCEXP.EXE"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\r960ig3v.default\

FF - plugin: C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll

FF - plugin: C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Users\Branden\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Users\Branden\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Branden\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Branden\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2012-12-07 19:32; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\r960ig3v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

.

============= SERVICES / DRIVERS ===============

.

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2012-9-7 85048]

R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2012-9-8 155272]

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-5-20 19264]

R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2012-9-8 1093256]

R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2012-9-8 228488]

R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2012-9-8 166024]

R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2012-9-7 66104]

R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2011-10-20 13616]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2011-3-10 29488]

R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-9-8 3696632]

R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-9-8 920736]

R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-9-8 951936]

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-9-8 149120]

R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [2011-12-24 202296]

R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]

R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-9-8 233328]

R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2012-9-8 108904]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-9-8 13632]

R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]

R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-8-18 7017888]

R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2012-9-8 367200]

R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]

R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]

R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-5-20 357184]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-5-20 789824]

R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544]

R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-13 36720]

R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2012-9-8 24176]

R3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2012-6-29 15176]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-12 19456]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-12 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-12 30208]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-8 1255736]

.

=============== Created Last 30 ================

.

2013-02-01 23:42:52 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-02-01 17:17:59 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EBD6B1CE-12F4-452D-8BB6-A538E5795714}\mpengine.dll

2013-01-11 20:31:52 -------- d-----w- C:\Users\Branden\.MakeMKV

2013-01-11 20:31:45 -------- d-----w- C:\Program Files (x86)\MakeMKV

2013-01-06 08:06:13 884152 ----a-w- C:\Windows\System32\nvvsvc.exe

2013-01-06 08:06:13 63928 ----a-w- C:\Windows\System32\nvshext.dll

2013-01-06 08:06:13 6382008 ----a-w- C:\Windows\System32\nvcpl.dll

2013-01-06 08:06:13 3455416 ----a-w- C:\Windows\System32\nvsvc64.dll

2013-01-06 08:06:13 2923201 ----a-w- C:\Windows\System32\nvcoproc.bin

2013-01-06 08:06:13 118712 ----a-w- C:\Windows\System32\nvmctray.dll

2013-01-06 08:06:04 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-01-06 08:05:50 31080 ----a-w- C:\Windows\System32\nvhdap64.dll

2013-01-06 08:05:50 189288 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys

2013-01-06 08:05:50 1472360 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll

2013-01-06 07:50:22 -------- d-----w- C:\Program Files (x86)\Combined Community Codec Pack

2013-01-05 20:20:45 -------- d-----w- C:\Program Files (x86)\DVD Shrink

.

==================== Find3M ====================

.

2013-02-01 23:42:50 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-02-01 23:42:50 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-01-17 08:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe

2013-01-09 00:27:34 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-09 00:27:34 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-12-29 09:54:24 550328 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-14 23:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-12-10 17:13:28 18760 ----a-w- C:\Windows\SysWow64\QQVistaHelper.dll

2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll

2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll

2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll

2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs

2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs

2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs

2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs

2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs

2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs

2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs

2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs

2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs

2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs

2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs

2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs

2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs

2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs

2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll

2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys

2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe

2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll

2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll

2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

.

============= FINISH: 12:08:37.57 ===============

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.02.03.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Branden :: BRANDEN-PC [administrator]

03/02/2013 12:16:12 PM

mbam-log-2013-02-03 (12-16-12).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 234086

Time elapsed: 25 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

I use Skype, trillian, abd QQ internatioml

[Maurice Naggar]

You should insure to turn OFF Skype, trillian, abd QQ internatioml while this case is open, until I give the all clear.

Download Dr.Web CureIt to the desktop.

The download is nearly 104.6 MB in size

• Turn OFF your antivirus program.
  How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  
• Turn off any other add-on security app {if you have them} like MBAM File System Protection.
  
• If this system is Windows 8/7 or VISTA, then Right-click on drweb-cureit.exe and select Run as Administrator.
  
• Otherwise, on Windows XP, doubleclick on drweb-cureit.exe file to start the tool.
  
• You will see a screen similar to this:
  
  Click the checkbox to participate, and then click on Continue button.
  
• Next
  
  Click on Select onjects for scanning
  
• Next
  
  Put a checkmark by clicking on the boxes as shown.
  Do not select Temporary files or System Restore points.
  Then click on Start scanning button
  
• The scan in progress will be shown like this
  
  
• IF something is detected, you will see a screen similar to this
  
  For each item "detected", click on the Action column down arrow, like this
  
  Your options will be Cure or Ignore
  IF you see an item that you are very sure is ok, then un-check the checkbox for that item.
  Typically, you will keep the Cute default.
  Then click on the Neutralize button.
  
• When the actions are completed, you will see this
  
  
• Click on the green Open Report line. It will pop-up the report in NOTEPAD.
  Save the report to your desktop. The report will be called Cureit.log
  
• While in NOTEPAD, do a CTRL+A to Copy all to clipboard.
  
• You should be able to get back to your forum topic, start a new reply,
  click 1 time in the box
  and do a CTRL+V (Paste}
  into reply.
  
• Close Dr.Web Cureit.
  
• Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  
• After reboot, post the contents of the log from Cureit.log you saved previously in your next reply.
  ONLY if the log is too large, then you may "attach" it.
  

Re-Enable your antivirus program when all done.

[asianmusicguy]

no threats

the program did come up wirh a "EPM" window though

[Maurice Naggar]

No threats detected by drWeb Cure-it is a good start.

What is a EPM window?

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

• Go to your Desktop
• Double-Click the Computer icon.
  
• From the menu options, Select Tools, then Folder Options.
  
• Next click the View tab.
  
• Locate and uncheck Hide file extensions for known file types.
  
• Locate and uncheck Hide protected operating system files (Recommended).
  
• Locate and click Show hidden files and folders and drives.
  
• Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

Step 4

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
  
• Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
  If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
• If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
  Skip and click on Continue
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  

Step 5

• Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
  >> from here <<
  
• Quit all programs that you may have started.
  
• Please disconnect any USB or external drives from the computer before you run this scan!
  
• For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
  For Windows XP, double-click to start.
  
• Wait until Prescan has finished ...
  
• Then Click on Scan button at upper right of screen.
  
• Wait until the Status box shows "Scan Finished"
  
• Click on Report and copy/paste the content of the Notepad into your next reply.
  
• The log should be found in RKreport[1].txt on your Desktop
  
• Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 6

RE-Enable your antivirus program.

Then copy/paste the following into your post (in order):

• the contents of C:\AdwCleaner[R1].txt;
  
• the contents of TDSSKILLER log;
  
• the contents of RKReport log;
  

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

[asianmusicguy]

# AdwCleaner v2.110 - Logfile created 02/03/2013 at 14:48:50

# Updated 03/02/2013 by Xplode

# Operating system : Windows 7 Professional Service Pack 1 (64 bits)

# User : Branden - BRANDEN-PC

# Boot Mode : Normal

# Running from : E:\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\Ask

Folder Found : C:\ProgramData\InstallMate

***** [Registry] *****

Key Found : HKCU\Software\APN PIP

Key Found : HKCU\Software\PIP

Key Found : HKCU\Software\TENCENT

Key Found : HKLM\Software\Freeze.com

Key Found : HKLM\Software\PIP

Key Found : HKLM\Software\TENCENT

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\r960ig3v.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Branden\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1081 octets] - [03/02/2013 14:48:50]

########## EOF - C:\AdwCleaner[R1].txt - [1141 octets] ##########

[asianmusicguy]

14:54:14.0618 6376 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

14:54:15.0072 6376 ============================================================

14:54:15.0072 6376 Current date / time: 2013/02/03 14:54:15.0072

14:54:15.0072 6376 SystemInfo:

14:54:15.0072 6376

14:54:15.0072 6376 OS Version: 6.1.7601 ServicePack: 1.0

14:54:15.0072 6376 Product type: Workstation

14:54:15.0072 6376 ComputerName: BRANDEN-PC

14:54:15.0072 6376 UserName: Branden

14:54:15.0072 6376 Windows directory: C:\Windows

14:54:15.0072 6376 System windows directory: C:\Windows

14:54:15.0072 6376 Running under WOW64

14:54:15.0072 6376 Processor architecture: Intel x64

14:54:15.0072 6376 Number of processors: 8

14:54:15.0072 6376 Page size: 0x1000

14:54:15.0072 6376 Boot type: Normal boot

14:54:15.0072 6376 ============================================================

14:54:15.0205 6376 Drive \Device\Harddisk2\DR2 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:54:15.0215 6376 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:54:15.0793 6376 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:54:15.0796 6376 ============================================================

14:54:15.0796 6376 \Device\Harddisk2\DR2:

14:54:15.0798 6376 MBR partitions:

14:54:15.0798 6376 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

14:54:15.0798 6376 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF0C38

14:54:15.0798 6376 \Device\Harddisk0\DR0:

14:54:15.0807 6376 MBR partitions:

14:54:15.0807 6376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800

14:54:15.0807 6376 \Device\Harddisk1\DR1:

14:54:15.0807 6376 MBR partitions:

14:54:15.0807 6376 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800

14:54:15.0807 6376 ============================================================

14:54:15.0808 6376 C: <-> \Device\Harddisk2\DR2\Partition2

14:54:15.0827 6376 E: <-> \Device\Harddisk0\DR0\Partition1

14:54:15.0842 6376 F: <-> \Device\Harddisk1\DR1\Partition1

14:54:15.0842 6376 ============================================================

14:54:15.0842 6376 Initialize success

14:54:15.0842 6376 ============================================================

14:54:17.0934 6096 ============================================================

14:54:17.0934 6096 Scan started

14:54:17.0934 6096 Mode: Manual;

14:54:17.0934 6096 ============================================================

14:54:18.0052 6096 ================ Scan system memory ========================

14:54:18.0052 6096 System memory - ok

14:54:18.0052 6096 ================ Scan services =============================

14:54:18.0083 6096 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

14:54:18.0084 6096 1394ohci - ok

14:54:18.0088 6096 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

14:54:18.0089 6096 ACPI - ok

14:54:18.0090 6096 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

14:54:18.0091 6096 AcpiPmi - ok

14:54:18.0103 6096 [ A475CCD9AC2FD156BBB993F5B5299609 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

14:54:18.0107 6096 AcrSch2Svc - ok

14:54:18.0130 6096 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

14:54:18.0131 6096 AdobeFlashPlayerUpdateSvc - ok

14:54:18.0137 6096 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

14:54:18.0138 6096 adp94xx - ok

14:54:18.0143 6096 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

14:54:18.0144 6096 adpahci - ok

14:54:18.0147 6096 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

14:54:18.0147 6096 adpu320 - ok

14:54:18.0150 6096 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

14:54:18.0150 6096 AeLookupSvc - ok

14:54:18.0155 6096 [ ABCF9C80EAACE03021BB7F450EB8993F ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys

14:54:18.0156 6096 afcdp - ok

14:54:18.0183 6096 [ 30346435058C56903C9F07BC7CABC9EA ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

14:54:18.0193 6096 afcdpsrv - ok

14:54:18.0199 6096 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

14:54:18.0201 6096 AFD - ok

14:54:18.0203 6096 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

14:54:18.0203 6096 agp440 - ok

14:54:18.0206 6096 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

14:54:18.0206 6096 ALG - ok

14:54:18.0208 6096 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

14:54:18.0208 6096 aliide - ok

14:54:18.0213 6096 ALSysIO - ok

14:54:18.0215 6096 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

14:54:18.0215 6096 amdide - ok

14:54:18.0217 6096 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

14:54:18.0217 6096 AmdK8 - ok

14:54:18.0219 6096 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

14:54:18.0219 6096 AmdPPM - ok

14:54:18.0222 6096 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

14:54:18.0222 6096 amdsata - ok

14:54:18.0225 6096 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

14:54:18.0225 6096 amdsbs - ok

14:54:18.0227 6096 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

14:54:18.0227 6096 amdxata - ok

14:54:18.0229 6096 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

14:54:18.0229 6096 AppID - ok

14:54:18.0231 6096 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

14:54:18.0231 6096 AppIDSvc - ok

14:54:18.0233 6096 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

14:54:18.0234 6096 Appinfo - ok

14:54:18.0239 6096 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

14:54:18.0239 6096 Apple Mobile Device - ok

14:54:18.0243 6096 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

14:54:18.0243 6096 AppMgmt - ok

14:54:18.0245 6096 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

14:54:18.0246 6096 arc - ok

14:54:18.0248 6096 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

14:54:18.0248 6096 arcsas - ok

14:54:18.0257 6096 [ 31E2470E61D5A390405BA41C279D8446 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe

14:54:18.0260 6096 asComSvc - ok

14:54:18.0270 6096 [ 0466B91EE5767A769E9F8EDB8EF94DDB ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe

14:54:18.0273 6096 asHmComSvc - ok

14:54:18.0275 6096 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO C:\Windows\syswow64\drivers\AsIO.sys

14:54:18.0275 6096 AsIO - ok

14:54:18.0278 6096 [ 22842362DF890F5492F85AA60916A697 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys

14:54:18.0278 6096 asmthub3 - ok

14:54:18.0283 6096 [ 08E2D77766CC05E75A0707207D9FC684 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys

14:54:18.0284 6096 asmtxhci - ok

14:54:18.0287 6096 [ AD8947D621FDCA48F1F39F4624B60AA1 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe

14:54:18.0288 6096 AsSysCtrlService - ok

14:54:18.0290 6096 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

14:54:18.0290 6096 AsyncMac - ok

14:54:18.0291 6096 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

14:54:18.0292 6096 atapi - ok

14:54:18.0311 6096 [ 881AF14AD2F1207672873B65ACA6C92F ] athr C:\Windows\system32\DRIVERS\athrx.sys

14:54:18.0319 6096 athr - ok

14:54:18.0326 6096 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

14:54:18.0328 6096 AudioEndpointBuilder - ok

14:54:18.0334 6096 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

14:54:18.0336 6096 AudioSrv - ok

14:54:18.0344 6096 [ 3D19081FEDE8E9EF5B4FBB5F88EE4544 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe

14:54:18.0345 6096 AVP - ok

14:54:18.0347 6096 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

14:54:18.0348 6096 AxInstSV - ok

14:54:18.0353 6096 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

14:54:18.0354 6096 b06bdrv - ok

14:54:18.0358 6096 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

14:54:18.0359 6096 b57nd60a - ok

14:54:18.0362 6096 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

14:54:18.0362 6096 BDESVC - ok

14:54:18.0364 6096 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

14:54:18.0364 6096 Beep - ok

14:54:18.0371 6096 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

14:54:18.0373 6096 BFE - ok

14:54:18.0381 6096 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

14:54:18.0384 6096 BITS - ok

14:54:18.0386 6096 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

14:54:18.0386 6096 blbdrive - ok

14:54:18.0393 6096 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

14:54:18.0394 6096 Bonjour Service - ok

14:54:18.0397 6096 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

14:54:18.0397 6096 bowser - ok

14:54:18.0399 6096 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

14:54:18.0399 6096 BrFiltLo - ok

14:54:18.0401 6096 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

14:54:18.0401 6096 BrFiltUp - ok

14:54:18.0404 6096 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

14:54:18.0405 6096 Browser - ok

14:54:18.0408 6096 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

14:54:18.0409 6096 Brserid - ok

14:54:18.0411 6096 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

14:54:18.0411 6096 BrSerWdm - ok

14:54:18.0412 6096 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

14:54:18.0413 6096 BrUsbMdm - ok

14:54:18.0414 6096 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

14:54:18.0414 6096 BrUsbSer - ok

14:54:18.0415 6096 BTATH_BUS - ok

14:54:18.0419 6096 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

14:54:18.0420 6096 BTHMODEM - ok

14:54:18.0423 6096 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

14:54:18.0423 6096 bthserv - ok

14:54:18.0425 6096 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

14:54:18.0426 6096 cdfs - ok

14:54:18.0428 6096 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

14:54:18.0429 6096 cdrom - ok

14:54:18.0431 6096 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

14:54:18.0432 6096 CertPropSvc - ok

14:54:18.0435 6096 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

14:54:18.0435 6096 circlass - ok

14:54:18.0439 6096 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

14:54:18.0440 6096 CLFS - ok

14:54:18.0447 6096 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:54:18.0448 6096 clr_optimization_v2.0.50727_32 - ok

14:54:18.0453 6096 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:54:18.0453 6096 clr_optimization_v2.0.50727_64 - ok

14:54:18.0461 6096 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:54:18.0462 6096 clr_optimization_v4.0.30319_32 - ok

14:54:18.0468 6096 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

14:54:18.0468 6096 clr_optimization_v4.0.30319_64 - ok

14:54:18.0470 6096 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

14:54:18.0470 6096 CmBatt - ok

14:54:18.0472 6096 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

14:54:18.0472 6096 cmdide - ok

14:54:18.0477 6096 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys

14:54:18.0479 6096 CNG - ok

14:54:18.0480 6096 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

14:54:18.0480 6096 Compbatt - ok

14:54:18.0482 6096 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

14:54:18.0482 6096 CompositeBus - ok

14:54:18.0484 6096 COMSysApp - ok

14:54:18.0486 6096 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

14:54:18.0486 6096 crcdisk - ok

14:54:18.0489 6096 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

14:54:18.0490 6096 CryptSvc - ok

14:54:18.0495 6096 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

14:54:18.0497 6096 CSC - ok

14:54:18.0500 6096 [ AB1201F8DE199E764DA9A32ABF71049C ] CSCrySec C:\Windows\system32\DRIVERS\CSCrySec.sys

14:54:18.0500 6096 CSCrySec - ok

14:54:18.0506 6096 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

14:54:18.0508 6096 CscService - ok

14:54:18.0515 6096 [ 6E5B42219F1FE4A3D087D9D501E343D5 ] CSObjectsSrv C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

14:54:18.0517 6096 CSObjectsSrv - ok

14:54:18.0519 6096 [ A6EED705BB510FA6B0F9F097165A3395 ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys

14:54:18.0519 6096 CSVirtualDiskDrv - ok

14:54:18.0525 6096 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

14:54:18.0527 6096 DcomLaunch - ok

14:54:18.0531 6096 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

14:54:18.0532 6096 defragsvc - ok

14:54:18.0535 6096 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

14:54:18.0535 6096 DfsC - ok

14:54:18.0539 6096 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

14:54:18.0540 6096 Dhcp - ok

14:54:18.0542 6096 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

14:54:18.0542 6096 discache - ok

14:54:18.0544 6096 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

14:54:18.0545 6096 Disk - ok

14:54:18.0547 6096 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys

14:54:18.0547 6096 dmvsc - ok

14:54:18.0550 6096 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

14:54:18.0551 6096 Dnscache - ok

14:54:18.0554 6096 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

14:54:18.0555 6096 dot3svc - ok

14:54:18.0558 6096 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

14:54:18.0559 6096 DPS - ok

14:54:18.0560 6096 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

14:54:18.0561 6096 drmkaud - ok

14:54:18.0564 6096 [ 426D951F2DE2D4DFCBE0D1A42BBBA72F ] DTSAudioSvc C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

14:54:18.0565 6096 DTSAudioSvc - ok

14:54:18.0573 6096 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

14:54:18.0576 6096 DXGKrnl - ok

14:54:18.0581 6096 [ E53D32044F4A03D64D6C91CF0A22A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys

14:54:18.0583 6096 e1cexpress - ok

14:54:18.0585 6096 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

14:54:18.0586 6096 EapHost - ok

14:54:18.0609 6096 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

14:54:18.0618 6096 ebdrv - ok

14:54:18.0620 6096 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

14:54:18.0621 6096 EFS - ok

14:54:18.0628 6096 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

14:54:18.0630 6096 ehRecvr - ok

14:54:18.0632 6096 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

14:54:18.0632 6096 ehSched - ok

14:54:18.0637 6096 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

14:54:18.0639 6096 elxstor - ok

14:54:18.0640 6096 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

14:54:18.0641 6096 ErrDev - ok

14:54:18.0646 6096 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

14:54:18.0648 6096 EventSystem - ok

14:54:18.0651 6096 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

14:54:18.0651 6096 exfat - ok

14:54:18.0654 6096 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

14:54:18.0655 6096 fastfat - ok

14:54:18.0661 6096 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

14:54:18.0663 6096 Fax - ok

14:54:18.0665 6096 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

14:54:18.0665 6096 fdc - ok

14:54:18.0667 6096 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

14:54:18.0667 6096 fdPHost - ok

14:54:18.0669 6096 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

14:54:18.0669 6096 FDResPub - ok

14:54:18.0671 6096 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

14:54:18.0671 6096 FileInfo - ok

14:54:18.0673 6096 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

14:54:18.0673 6096 Filetrace - ok

14:54:18.0675 6096 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

14:54:18.0675 6096 flpydisk - ok

14:54:18.0679 6096 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

14:54:18.0680 6096 FltMgr - ok

14:54:18.0683 6096 [ F0CC1A9106F9FB0F704F6ED95622B43E ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys

14:54:18.0683 6096 fltsrv - ok

14:54:18.0693 6096 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

14:54:18.0696 6096 FontCache - ok

14:54:18.0699 6096 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:54:18.0699 6096 FontCache3.0.0.0 - ok

14:54:18.0701 6096 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

14:54:18.0701 6096 FsDepends - ok

14:54:18.0703 6096 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

14:54:18.0703 6096 Fs_Rec - ok

14:54:18.0707 6096 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

14:54:18.0707 6096 fvevol - ok

14:54:18.0709 6096 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

14:54:18.0710 6096 gagp30kx - ok

14:54:18.0711 6096 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys

14:54:18.0711 6096 gdrv - ok

14:54:18.0714 6096 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:54:18.0715 6096 GEARAspiWDM - ok

14:54:18.0722 6096 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

14:54:18.0724 6096 gpsvc - ok

14:54:18.0728 6096 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

14:54:18.0729 6096 gupdate - ok

14:54:18.0731 6096 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

14:54:18.0732 6096 gupdatem - ok

14:54:18.0734 6096 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

14:54:18.0734 6096 hcw85cir - ok

14:54:18.0738 6096 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

14:54:18.0739 6096 HdAudAddService - ok

14:54:18.0742 6096 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

14:54:18.0742 6096 HDAudBus - ok

14:54:18.0744 6096 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

14:54:18.0744 6096 HidBatt - ok

14:54:18.0746 6096 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

14:54:18.0747 6096 HidBth - ok

14:54:18.0748 6096 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

14:54:18.0749 6096 HidIr - ok

14:54:18.0751 6096 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

14:54:18.0751 6096 hidserv - ok

14:54:18.0753 6096 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

14:54:18.0753 6096 HidUsb - ok

14:54:18.0757 6096 [ 9C66FEEFCA9D5DD712AB78D17BB16DA8 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe

14:54:18.0758 6096 HitmanProScheduler - ok

14:54:18.0760 6096 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

14:54:18.0761 6096 hkmsvc - ok

14:54:18.0764 6096 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

14:54:18.0765 6096 HomeGroupListener - ok

14:54:18.0768 6096 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

14:54:18.0769 6096 HomeGroupProvider - ok

14:54:18.0771 6096 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

14:54:18.0772 6096 HpSAMD - ok

14:54:18.0779 6096 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

14:54:18.0781 6096 HTTP - ok

14:54:18.0782 6096 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

14:54:18.0783 6096 hwpolicy - ok

14:54:18.0785 6096 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

14:54:18.0785 6096 i8042prt - ok

14:54:18.0791 6096 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

14:54:18.0793 6096 iaStor - ok

14:54:18.0796 6096 [ 1F35EFEC56CD1BF62435EAF97EABC3B3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

14:54:18.0797 6096 IAStorDataMgrSvc - ok

14:54:18.0801 6096 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

14:54:18.0803 6096 iaStorV - ok

14:54:18.0811 6096 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:54:18.0813 6096 idsvc - ok

14:54:18.0815 6096 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

14:54:18.0815 6096 iirsp - ok

14:54:18.0823 6096 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

14:54:18.0825 6096 IKEEXT - ok

14:54:18.0856 6096 [ 9CC645EB9697AA4F2D5A39835C80A0A2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

14:54:18.0867 6096 IntcAzAudAddService - ok

14:54:18.0869 6096 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

14:54:18.0870 6096 intelide - ok

14:54:18.0872 6096 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

14:54:18.0872 6096 intelppm - ok

14:54:18.0874 6096 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

14:54:18.0875 6096 IPBusEnum - ok

14:54:18.0877 6096 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:54:18.0877 6096 IpFilterDriver - ok

14:54:18.0883 6096 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

14:54:18.0885 6096 iphlpsvc - ok

14:54:18.0887 6096 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

14:54:18.0887 6096 IPMIDRV - ok

14:54:18.0889 6096 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

14:54:18.0890 6096 IPNAT - ok

14:54:18.0898 6096 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

14:54:18.0901 6096 iPod Service - ok

14:54:18.0903 6096 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

14:54:18.0903 6096 IRENUM - ok

14:54:18.0904 6096 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

14:54:18.0905 6096 isapnp - ok

14:54:18.0908 6096 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

14:54:18.0909 6096 iScsiPrt - ok

14:54:18.0911 6096 [ D596D915CF091DA1F8CE4BD38BB5D509 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys

14:54:18.0911 6096 iusb3hcs - ok

14:54:18.0915 6096 [ 023896E23B61543A15A230EED996D911 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys

14:54:18.0916 6096 iusb3hub - ok

14:54:18.0924 6096 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys

14:54:18.0926 6096 iusb3xhc - ok

14:54:18.0928 6096 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

14:54:18.0928 6096 kbdclass - ok

14:54:18.0930 6096 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

14:54:18.0931 6096 kbdhid - ok

14:54:18.0932 6096 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

14:54:18.0933 6096 KeyIso - ok

14:54:18.0938 6096 [ 73BF91EFBE1F788D0615A396A9211A4B ] KL1 C:\Windows\system32\DRIVERS\kl1.sys

14:54:18.0940 6096 KL1 - ok

14:54:18.0941 6096 [ DC3CF56209C6A19124FEDEF1CBFAF55B ] kl2 C:\Windows\system32\DRIVERS\kl2.sys

14:54:18.0942 6096 kl2 - ok

14:54:18.0948 6096 [ 43D02C0E6BDCD216A01ECAE213A64F67 ] KLIF C:\Windows\system32\DRIVERS\klif.sys

14:54:18.0950 6096 KLIF - ok

14:54:18.0951 6096 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys

14:54:18.0952 6096 KLIM6 - ok

14:54:18.0953 6096 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys

14:54:18.0953 6096 klmouflt - ok

14:54:18.0956 6096 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

14:54:18.0956 6096 KSecDD - ok

14:54:18.0959 6096 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

14:54:18.0960 6096 KSecPkg - ok

14:54:18.0961 6096 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

14:54:18.0962 6096 ksthunk - ok

14:54:18.0966 6096 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

14:54:18.0967 6096 KtmRm - ok

14:54:18.0971 6096 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

14:54:18.0972 6096 LanmanServer - ok

14:54:18.0975 6096 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

14:54:18.0976 6096 LanmanWorkstation - ok

14:54:18.0979 6096 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

14:54:18.0979 6096 lltdio - ok

14:54:18.0983 6096 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

14:54:18.0985 6096 lltdsvc - ok

14:54:18.0986 6096 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

14:54:18.0987 6096 lmhosts - ok

14:54:18.0990 6096 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

14:54:18.0990 6096 LSI_FC - ok

14:54:18.0992 6096 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

14:54:18.0993 6096 LSI_SAS - ok

14:54:18.0995 6096 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

14:54:18.0995 6096 LSI_SAS2 - ok

14:54:18.0997 6096 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

14:54:18.0998 6096 LSI_SCSI - ok

14:54:19.0000 6096 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

14:54:19.0000 6096 luafv - ok

14:54:19.0002 6096 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

14:54:19.0003 6096 Mcx2Svc - ok

14:54:19.0005 6096 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

14:54:19.0005 6096 megasas - ok

14:54:19.0009 6096 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

14:54:19.0010 6096 MegaSR - ok

14:54:19.0012 6096 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

14:54:19.0012 6096 MEIx64 - ok

14:54:19.0014 6096 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

14:54:19.0015 6096 MMCSS - ok

14:54:19.0016 6096 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

14:54:19.0017 6096 Modem - ok

14:54:19.0018 6096 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

14:54:19.0019 6096 monitor - ok

14:54:19.0021 6096 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

14:54:19.0021 6096 mouclass - ok

14:54:19.0023 6096 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

14:54:19.0023 6096 mouhid - ok

14:54:19.0025 6096 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

14:54:19.0026 6096 mountmgr - ok

14:54:19.0029 6096 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

14:54:19.0029 6096 MozillaMaintenance - ok

14:54:19.0032 6096 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

14:54:19.0033 6096 mpio - ok

14:54:19.0034 6096 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

14:54:19.0035 6096 mpsdrv - ok

14:54:19.0042 6096 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

14:54:19.0045 6096 MpsSvc - ok

14:54:19.0048 6096 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

14:54:19.0048 6096 MRxDAV - ok

14:54:19.0051 6096 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

14:54:19.0052 6096 mrxsmb - ok

14:54:19.0055 6096 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:54:19.0056 6096 mrxsmb10 - ok

14:54:19.0058 6096 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:54:19.0059 6096 mrxsmb20 - ok

14:54:19.0061 6096 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

14:54:19.0061 6096 msahci - ok

14:54:19.0065 6096 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe

14:54:19.0066 6096 MSCamSvc - ok

14:54:19.0068 6096 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

14:54:19.0069 6096 msdsm - ok

14:54:19.0071 6096 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

14:54:19.0072 6096 MSDTC - ok

14:54:19.0075 6096 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

14:54:19.0075 6096 Msfs - ok

14:54:19.0077 6096 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

14:54:19.0077 6096 mshidkmdf - ok

14:54:19.0079 6096 [ BB590070D606AE6F008341FC9A7B2AD7 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys

14:54:19.0079 6096 MSHUSBVideo - ok

14:54:19.0081 6096 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

14:54:19.0081 6096 msisadrv - ok

14:54:19.0084 6096 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

14:54:19.0085 6096 MSiSCSI - ok

14:54:19.0086 6096 msiserver - ok

14:54:19.0088 6096 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

14:54:19.0088 6096 MSKSSRV - ok

14:54:19.0090 6096 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

14:54:19.0090 6096 MSPCLOCK - ok

14:54:19.0091 6096 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

14:54:19.0092 6096 MSPQM - ok

14:54:19.0095 6096 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

14:54:19.0097 6096 MsRPC - ok

14:54:19.0099 6096 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

14:54:19.0099 6096 mssmbios - ok

14:54:19.0101 6096 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

14:54:19.0101 6096 MSTEE - ok

14:54:19.0102 6096 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

14:54:19.0103 6096 MTConfig - ok

14:54:19.0104 6096 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

14:54:19.0105 6096 Mup - ok

14:54:19.0110 6096 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

14:54:19.0112 6096 napagent - ok

14:54:19.0116 6096 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

14:54:19.0117 6096 NativeWifiP - ok

14:54:19.0126 6096 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

14:54:19.0128 6096 NDIS - ok

14:54:19.0130 6096 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

14:54:19.0131 6096 NdisCap - ok

14:54:19.0132 6096 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

14:54:19.0133 6096 NdisTapi - ok

14:54:19.0134 6096 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

14:54:19.0135 6096 Ndisuio - ok

14:54:19.0137 6096 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

14:54:19.0138 6096 NdisWan - ok

14:54:19.0140 6096 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

14:54:19.0140 6096 NDProxy - ok

14:54:19.0142 6096 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

14:54:19.0142 6096 NetBIOS - ok

14:54:19.0145 6096 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

14:54:19.0146 6096 NetBT - ok

14:54:19.0148 6096 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

14:54:19.0148 6096 Netlogon - ok

14:54:19.0153 6096 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

14:54:19.0155 6096 Netman - ok

14:54:19.0159 6096 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

14:54:19.0161 6096 netprofm - ok

14:54:19.0163 6096 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:54:19.0164 6096 NetTcpPortSharing - ok

14:54:19.0166 6096 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

14:54:19.0166 6096 nfrd960 - ok

14:54:19.0170 6096 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

14:54:19.0171 6096 NlaSvc - ok

14:54:19.0173 6096 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

14:54:19.0173 6096 Npfs - ok

14:54:19.0175 6096 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

14:54:19.0176 6096 nsi - ok

14:54:19.0177 6096 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

14:54:19.0178 6096 nsiproxy - ok

14:54:19.0192 6096 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

14:54:19.0197 6096 Ntfs - ok

14:54:19.0199 6096 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

14:54:19.0199 6096 Null - ok

14:54:19.0203 6096 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

14:54:19.0203 6096 NVHDA - ok

14:54:19.0288 6096 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

14:54:19.0317 6096 nvlddmkm - ok

14:54:19.0322 6096 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

14:54:19.0323 6096 nvraid - ok

14:54:19.0325 6096 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

14:54:19.0326 6096 nvstor - ok

14:54:19.0334 6096 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\Windows\system32\nvvsvc.exe

14:54:19.0337 6096 nvsvc - ok

14:54:19.0348 6096 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

14:54:19.0351 6096 nvUpdatusService - ok

14:54:19.0354 6096 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

14:54:19.0354 6096 nv_agp - ok

14:54:19.0356 6096 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

14:54:19.0356 6096 ohci1394 - ok

14:54:19.0360 6096 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

14:54:19.0362 6096 p2pimsvc - ok

14:54:19.0366 6096 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

14:54:19.0368 6096 p2psvc - ok

14:54:19.0370 6096 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

14:54:19.0371 6096 Parport - ok

14:54:19.0373 6096 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

14:54:19.0373 6096 partmgr - ok

14:54:19.0376 6096 [ 7C0582921913D00180EC2B8518BA135C ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys

14:54:19.0376 6096 pbfilter - ok

14:54:19.0379 6096 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

14:54:19.0380 6096 PcaSvc - ok

14:54:19.0383 6096 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

14:54:19.0383 6096 pci - ok

14:54:19.0385 6096 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

14:54:19.0385 6096 pciide - ok

14:54:19.0388 6096 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

14:54:19.0388 6096 pcmcia - ok

14:54:19.0390 6096 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

14:54:19.0390 6096 pcw - ok

14:54:19.0396 6096 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

14:54:19.0398 6096 PEAUTH - ok

14:54:19.0408 6096 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

14:54:19.0413 6096 PeerDistSvc - ok

14:54:19.0430 6096 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

14:54:19.0431 6096 PerfHost - ok

14:54:19.0444 6096 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

14:54:19.0448 6096 pla - ok

14:54:19.0454 6096 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

14:54:19.0456 6096 PlugPlay - ok

14:54:19.0457 6096 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

14:54:19.0458 6096 PNRPAutoReg - ok

14:54:19.0462 6096 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

14:54:19.0463 6096 PNRPsvc - ok

14:54:19.0468 6096 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

14:54:19.0470 6096 PolicyAgent - ok

14:54:19.0474 6096 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

14:54:19.0475 6096 Power - ok

14:54:19.0478 6096 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

14:54:19.0478 6096 PptpMiniport - ok

14:54:19.0480 6096 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

14:54:19.0481 6096 Processor - ok

14:54:19.0484 6096 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

14:54:19.0485 6096 ProfSvc - ok

14:54:19.0486 6096 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

14:54:19.0487 6096 ProtectedStorage - ok

14:54:19.0490 6096 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

14:54:19.0490 6096 Psched - ok

14:54:19.0502 6096 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

14:54:19.0506 6096 ql2300 - ok

14:54:19.0509 6096 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

14:54:19.0510 6096 ql40xx - ok

14:54:19.0513 6096 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

14:54:19.0514 6096 QWAVE - ok

14:54:19.0516 6096 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

14:54:19.0516 6096 QWAVEdrv - ok

14:54:19.0518 6096 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

14:54:19.0518 6096 RasAcd - ok

14:54:19.0521 6096 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

14:54:19.0521 6096 RasAgileVpn - ok

14:54:19.0523 6096 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

14:54:19.0524 6096 RasAuto - ok

14:54:19.0527 6096 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

14:54:19.0527 6096 Rasl2tp - ok

14:54:19.0531 6096 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

14:54:19.0533 6096 RasMan - ok

14:54:19.0535 6096 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

14:54:19.0535 6096 RasPppoe - ok

14:54:19.0537 6096 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

14:54:19.0537 6096 RasSstp - ok

14:54:19.0541 6096 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

14:54:19.0542 6096 rdbss - ok

14:54:19.0543 6096 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

14:54:19.0544 6096 rdpbus - ok

14:54:19.0546 6096 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

14:54:19.0546 6096 RDPCDD - ok

14:54:19.0549 6096 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

14:54:19.0550 6096 RDPDR - ok

14:54:19.0552 6096 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

14:54:19.0552 6096 RDPENCDD - ok

14:54:19.0554 6096 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

14:54:19.0554 6096 RDPREFMP - ok

14:54:19.0557 6096 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

14:54:19.0557 6096 RdpVideoMiniport - ok

14:54:19.0560 6096 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

14:54:19.0561 6096 RDPWD - ok

14:54:19.0564 6096 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

14:54:19.0565 6096 rdyboost - ok

14:54:19.0567 6096 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

14:54:19.0568 6096 RemoteAccess - ok

14:54:19.0571 6096 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

14:54:19.0572 6096 RemoteRegistry - ok

14:54:19.0574 6096 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

14:54:19.0575 6096 RpcEptMapper - ok

14:54:19.0576 6096 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

14:54:19.0577 6096 RpcLocator - ok

14:54:19.0582 6096 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

14:54:19.0584 6096 RpcSs - ok

14:54:19.0586 6096 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

14:54:19.0587 6096 rspndr - ok

14:54:19.0589 6096 [ 269C9E8B59434C700482C363952D2C38 ] RTCore64 C:\Program Files (x86)\EVGA Precision X\RTCore64.sys

14:54:19.0589 6096 RTCore64 - ok

14:54:19.0591 6096 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

14:54:19.0591 6096 s3cap - ok

14:54:19.0593 6096 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

14:54:19.0593 6096 SamSs - ok

14:54:19.0595 6096 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

14:54:19.0596 6096 sbp2port - ok

14:54:19.0599 6096 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

14:54:19.0600 6096 SCardSvr - ok

14:54:19.0602 6096 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

14:54:19.0602 6096 scfilter - ok

14:54:19.0610 6096 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

14:54:19.0614 6096 Schedule - ok

14:54:19.0617 6096 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

14:54:19.0617 6096 SCPolicySvc - ok

14:54:19.0620 6096 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

14:54:19.0621 6096 SDRSVC - ok

14:54:19.0623 6096 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

14:54:19.0624 6096 secdrv - ok

14:54:19.0625 6096 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

14:54:19.0626 6096 seclogon - ok

14:54:19.0628 6096 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

14:54:19.0629 6096 SENS - ok

14:54:19.0631 6096 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

14:54:19.0632 6096 SensrSvc - ok

14:54:19.0634 6096 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

14:54:19.0634 6096 Serenum - ok

14:54:19.0636 6096 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

14:54:19.0636 6096 Serial - ok

14:54:19.0638 6096 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

14:54:19.0638 6096 sermouse - ok

14:54:19.0643 6096 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

14:54:19.0644 6096 SessionEnv - ok

14:54:19.0645 6096 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

14:54:19.0645 6096 sffdisk - ok

14:54:19.0647 6096 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

14:54:19.0647 6096 sffp_mmc - ok

14:54:19.0649 6096 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

14:54:19.0649 6096 sffp_sd - ok

14:54:19.0651 6096 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

14:54:19.0651 6096 sfloppy - ok

14:54:19.0656 6096 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

14:54:19.0657 6096 SharedAccess - ok

14:54:19.0661 6096 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

14:54:19.0663 6096 ShellHWDetection - ok

14:54:19.0665 6096 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

14:54:19.0665 6096 SiSRaid2 - ok

14:54:19.0667 6096 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

14:54:19.0667 6096 SiSRaid4 - ok

14:54:19.0671 6096 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

14:54:19.0672 6096 SkypeUpdate - ok

14:54:19.0674 6096 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

14:54:19.0675 6096 Smb - ok

14:54:19.0680 6096 [ FDB6E127DF739D4911319F0C8D339CAF ] snapman C:\Windows\system32\DRIVERS\snapman.sys

14:54:19.0681 6096 snapman - ok

14:54:19.0683 6096 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

14:54:19.0684 6096 SNMPTRAP - ok

14:54:19.0686 6096 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

14:54:19.0686 6096 spldr - ok

14:54:19.0692 6096 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

14:54:19.0694 6096 Spooler - ok

14:54:19.0720 6096 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

14:54:19.0731 6096 sppsvc - ok

14:54:19.0733 6096 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

14:54:19.0734 6096 sppuinotify - ok

14:54:19.0739 6096 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

14:54:19.0741 6096 srv - ok

14:54:19.0745 6096 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

14:54:19.0746 6096 srv2 - ok

14:54:19.0749 6096 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

14:54:19.0750 6096 srvnet - ok

14:54:19.0753 6096 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

14:54:19.0754 6096 SSDPSRV - ok

14:54:19.0756 6096 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

14:54:19.0757 6096 SstpSvc - ok

14:54:19.0761 6096 Steam Client Service - ok

14:54:19.0766 6096 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

14:54:19.0767 6096 Stereo Service - ok

14:54:19.0769 6096 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

14:54:19.0770 6096 stexstor - ok

14:54:19.0776 6096 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

14:54:19.0779 6096 stisvc - ok

14:54:19.0781 6096 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

14:54:19.0781 6096 storflt - ok

14:54:19.0783 6096 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll

14:54:19.0784 6096 StorSvc - ok

14:54:19.0786 6096 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

14:54:19.0786 6096 storvsc - ok

14:54:19.0788 6096 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

14:54:19.0788 6096 swenum - ok

14:54:19.0793 6096 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

14:54:19.0795 6096 swprv - ok

14:54:19.0847 6096 [ 1D8C612D6589430AD8F981F615B7C528 ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

14:54:19.0866 6096 syncagentsrv - ok

14:54:19.0882 6096 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

14:54:19.0887 6096 SysMain - ok

14:54:19.0890 6096 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

14:54:19.0891 6096 TabletInputService - ok

14:54:19.0894 6096 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

14:54:19.0896 6096 TapiSrv - ok

14:54:19.0898 6096 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

14:54:19.0899 6096 TBS - ok

14:54:19.0915 6096 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

14:54:19.0920 6096 Tcpip - ok

14:54:19.0936 6096 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

14:54:19.0941 6096 TCPIP6 - ok

14:54:19.0944 6096 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

14:54:19.0944 6096 tcpipreg - ok

14:54:19.0947 6096 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

14:54:19.0947 6096 TDPIPE - ok

14:54:19.0959 6096 [ 843DAFC2CD4ED5D57FA40FD2000C6296 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys

14:54:19.0963 6096 tdrpman - ok

14:54:19.0965 6096 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

14:54:19.0965 6096 TDTCP - ok

14:54:19.0967 6096 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

14:54:19.0968 6096 tdx - ok

14:54:19.0970 6096 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

14:54:19.0971 6096 TermDD - ok

14:54:19.0977 6096 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

14:54:19.0979 6096 TermService - ok

14:54:19.0981 6096 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

14:54:19.0982 6096 Themes - ok

14:54:19.0984 6096 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

14:54:19.0985 6096 THREADORDER - ok

14:54:19.0993 6096 [ 31C9790525705B292F3B30F6676873CD ] tib_mounter C:\Windows\system32\DRIVERS\tib_mounter.sys

14:54:19.0996 6096 tib_mounter - ok

14:54:19.0999 6096 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

14:54:20.0000 6096 TrkWks - ok

14:54:20.0003 6096 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

14:54:20.0004 6096 TrustedInstaller - ok

14:54:20.0006 6096 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

14:54:20.0006 6096 tssecsrv - ok

14:54:20.0009 6096 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

14:54:20.0009 6096 TsUsbFlt - ok

14:54:20.0011 6096 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

14:54:20.0011 6096 TsUsbGD - ok

14:54:20.0013 6096 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

14:54:20.0014 6096 tunnel - ok

14:54:20.0016 6096 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

14:54:20.0016 6096 uagp35 - ok

14:54:20.0020 6096 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

14:54:20.0021 6096 udfs - ok

14:54:20.0024 6096 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

14:54:20.0025 6096 UI0Detect - ok

14:54:20.0027 6096 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

14:54:20.0027 6096 uliagpkx - ok

14:54:20.0029 6096 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

14:54:20.0030 6096 umbus - ok

14:54:20.0032 6096 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

14:54:20.0032 6096 UmPass - ok

14:54:20.0035 6096 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

14:54:20.0037 6096 UmRdpService - ok

14:54:20.0041 6096 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

14:54:20.0042 6096 upnphost - ok

14:54:20.0045 6096 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

14:54:20.0045 6096 USBAAPL64 - ok

14:54:20.0048 6096 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

14:54:20.0049 6096 usbaudio - ok

14:54:20.0050 6096 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

14:54:20.0051 6096 usbccgp - ok

14:54:20.0053 6096 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

14:54:20.0054 6096 usbcir - ok

14:54:20.0055 6096 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

14:54:20.0056 6096 usbehci - ok

14:54:20.0059 6096 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

14:54:20.0060 6096 usbhub - ok

14:54:20.0062 6096 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

14:54:20.0062 6096 usbohci - ok

14:54:20.0064 6096 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys

14:54:20.0064 6096 usbprint - ok

14:54:20.0066 6096 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:54:20.0066 6096 USBSTOR - ok

14:54:20.0068 6096 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

14:54:20.0068 6096 usbuhci - ok

14:54:20.0071 6096 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

14:54:20.0072 6096 usbvideo - ok

14:54:20.0073 6096 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

14:54:20.0074 6096 UxSms - ok

14:54:20.0076 6096 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

14:54:20.0076 6096 VaultSvc - ok

14:54:20.0078 6096 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

14:54:20.0079 6096 vdrvroot - ok

14:54:20.0083 6096 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

14:54:20.0086 6096 vds - ok

14:54:20.0087 6096 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

14:54:20.0088 6096 vga - ok

14:54:20.0089 6096 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

14:54:20.0089 6096 VgaSave - ok

14:54:20.0092 6096 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

14:54:20.0093 6096 vhdmp - ok

14:54:20.0094 6096 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

14:54:20.0095 6096 viaide - ok

14:54:20.0098 6096 [ 927CBC96C4635F235301411E530FB56E ] vididr C:\Windows\system32\DRIVERS\vididr.sys

14:54:20.0098 6096 vididr - ok

14:54:20.0101 6096 [ 88B4E5C396003BCF479CA4D9BE851D57 ] vidsflt C:\Windows\system32\DRIVERS\vidsflt.sys

14:54:20.0102 6096 vidsflt - ok

14:54:20.0105 6096 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

14:54:20.0105 6096 vmbus - ok

14:54:20.0107 6096 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

14:54:20.0107 6096 VMBusHID - ok

14:54:20.0109 6096 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

14:54:20.0110 6096 volmgr - ok

14:54:20.0114 6096 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

14:54:20.0115 6096 volmgrx - ok

14:54:20.0118 6096 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

14:54:20.0119 6096 volsnap - ok

14:54:20.0122 6096 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

14:54:20.0123 6096 vsmraid - ok

14:54:20.0135 6096 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

14:54:20.0140 6096 VSS - ok

14:54:20.0142 6096 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

14:54:20.0142 6096 vwifibus - ok

14:54:20.0144 6096 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

14:54:20.0145 6096 vwififlt - ok

14:54:20.0146 6096 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

14:54:20.0147 6096 vwifimp - ok

14:54:20.0151 6096 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

14:54:20.0153 6096 W32Time - ok

14:54:20.0155 6096 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

14:54:20.0155 6096 WacomPen - ok

14:54:20.0158 6096 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

14:54:20.0158 6096 WANARP - ok

14:54:20.0160 6096 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

14:54:20.0161 6096 Wanarpv6 - ok

14:54:20.0172 6096 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

14:54:20.0176 6096 WatAdminSvc - ok

14:54:20.0188 6096 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

14:54:20.0193 6096 wbengine - ok

14:54:20.0196 6096 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

14:54:20.0197 6096 WbioSrvc - ok

14:54:20.0201 6096 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

14:54:20.0203 6096 wcncsvc - ok

14:54:20.0211 6096 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

14:54:20.0212 6096 WcsPlugInService - ok

14:54:20.0214 6096 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

14:54:20.0214 6096 Wd - ok

14:54:20.0221 6096 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

14:54:20.0223 6096 Wdf01000 - ok

14:54:20.0225 6096 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

14:54:20.0226 6096 WdiServiceHost - ok

14:54:20.0228 6096 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

14:54:20.0229 6096 WdiSystemHost - ok

14:54:20.0232 6096 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

14:54:20.0234 6096 WebClient - ok

14:54:20.0237 6096 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

14:54:20.0239 6096 Wecsvc - ok

14:54:20.0241 6096 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

14:54:20.0242 6096 wercplsupport - ok

14:54:20.0245 6096 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

14:54:20.0246 6096 WerSvc - ok

14:54:20.0247 6096 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

14:54:20.0248 6096 WfpLwf - ok

14:54:20.0249 6096 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

14:54:20.0250 6096 WIMMount - ok

14:54:20.0251 6096 WinDefend - ok

14:54:20.0253 6096 WinHttpAutoProxySvc - ok

14:54:20.0259 6096 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

14:54:20.0260 6096 Winmgmt - ok

14:54:20.0275 6096 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

14:54:20.0281 6096 WinRM - ok

14:54:20.0286 6096 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

14:54:20.0287 6096 WinUsb - ok

14:54:20.0295 6096 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

14:54:20.0299 6096 Wlansvc - ok

14:54:20.0300 6096 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

14:54:20.0301 6096 WmiAcpi - ok

14:54:20.0304 6096 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

14:54:20.0305 6096 wmiApSrv - ok

14:54:20.0307 6096 WMPNetworkSvc - ok

14:54:20.0309 6096 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

14:54:20.0310 6096 WPCSvc - ok

14:54:20.0312 6096 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

14:54:20.0313 6096 WPDBusEnum - ok

14:54:20.0315 6096 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

14:54:20.0315 6096 ws2ifsl - ok

14:54:20.0317 6096 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

14:54:20.0318 6096 wscsvc - ok

14:54:20.0320 6096 WSearch - ok

14:54:20.0338 6096 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

14:54:20.0346 6096 wuauserv - ok

14:54:20.0348 6096 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

14:54:20.0349 6096 WudfPf - ok

14:54:20.0352 6096 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

14:54:20.0353 6096 WUDFRd - ok

14:54:20.0355 6096 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

14:54:20.0356 6096 wudfsvc - ok

14:54:20.0359 6096 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

14:54:20.0361 6096 WwanSvc - ok

14:54:20.0365 6096 ================ Scan global ===============================

14:54:20.0367 6096 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

14:54:20.0370 6096 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll

14:54:20.0373 6096 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll

14:54:20.0376 6096 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

14:54:20.0380 6096 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

14:54:20.0381 6096 [Global] - ok

14:54:20.0382 6096 ================ Scan MBR ==================================

14:54:20.0383 6096 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2

14:54:20.0472 6096 \Device\Harddisk2\DR2 - ok

14:54:20.0480 6096 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

14:54:20.0482 6096 \Device\Harddisk0\DR0 - ok

14:54:20.0493 6096 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1

14:54:20.0495 6096 \Device\Harddisk1\DR1 - ok

14:54:20.0495 6096 ================ Scan VBR ==================================

14:54:20.0496 6096 [ 4BAAE5C5BBFCED160A18828BD496EEF1 ] \Device\Harddisk2\DR2\Partition1

14:54:20.0497 6096 \Device\Harddisk2\DR2\Partition1 - ok

14:54:20.0498 6096 [ 10B8C82381AC83CEEB905D91BAD64522 ] \Device\Harddisk2\DR2\Partition2

14:54:20.0498 6096 \Device\Harddisk2\DR2\Partition2 - ok

14:54:20.0500 6096 [ EB2082F01AB413EBFC3D719C4C82E66D ] \Device\Harddisk0\DR0\Partition1

14:54:20.0501 6096 \Device\Harddisk0\DR0\Partition1 - ok

14:54:20.0505 6096 [ 15A4D03F602E11478DAC6B0CD6BEBD03 ] \Device\Harddisk1\DR1\Partition1

14:54:20.0506 6096 \Device\Harddisk1\DR1\Partition1 - ok

14:54:20.0506 6096 ============================================================

14:54:20.0506 6096 Scan finished

14:54:20.0506 6096 ============================================================

14:54:20.0510 5648 Detected object count: 0

14:54:20.0510 5648 Actual detected object count: 0

14:54:38.0568 5760 Deinitialize success

[asianmusicguy]

RogueKiller V8.4.4 [Feb 3 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Branden [Admin rights]

Mode : Scan -- Date : 02/03/2013 15:00:48

| ARK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤

[iFEO] HKLM\[...]\taskmgr.exe : Debugger ("C:\PROGRAM FILES\PROCESSEXPLORER\PROCEXP.EXE") -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3160310AS +++++

--- User ---

[MBR] a530584a4fc4511e8b68a55069d02741

[bSP] 52d6041400f7b751ccfb5d4d4dd66ec1 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 152625 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD10EACS-00D6B0 +++++

--- User ---

[MBR] 856b354283e327d2fb8813ef5d849594

[bSP] 617f43b7e936398ba580c07610a05089 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive2: OCZ-AGILITY3 ATA Device +++++

--- User ---

[MBR] 45aab7223b5708dfcf21ed032d06b7af

[bSP] 9b92ef6188b8a5ca6c5e8a6c47cab0cd : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 228833 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_02032013_02d1500.txt >>

RKreport[1]_S_02032013_02d1500.txt

[asianmusicguy]

before we proceed seems like things are coming back clean so i was just wondering how many more steps and your feelings so far?

[Maurice Naggar]

The TDSSKILLER was the only 1 to come up "clean". The others indicate presence of adware & other undesirables needing removal.

• Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  
• Please disconnect any USB or external drives from the computer before you run this scan!
  
• Right-Click RogueKiller and select Run as Administrator.
  
• Wait until Prescan finishes.
  
• On the RogueKiller console, click the Registry tab.
  Put a check next to all of these and uncheck the rest: (if found)
  [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
  
  
• Then click on Delete on the right hand column under Options.
  
• When done, logoff & Restart the system.
• The log will be found as RKreport
  Copy & Paste the contents into next reply.

Step 2

• Close any open documents/programs & all internet browsers you have running.
  
• Please start AdwCleaner
  
• Click on Delete button.
  
• Confirm each time with OK.
  
• Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
  
• Note: You can find the logfile at C:\AdwCleaner[s1]

Step 3

Please download Junkware Removal Tool to your Desktop.

• Please close your security software to avoid potential conflicts.
  
• Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click JRT.exe and select Run as administrator.
  
• The tool will open and start scanning your system.
  
• Please be patient as this can take a while to complete, depending on your system's specifications.
  
• On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  
• Please post the contents of JRT.txt into your reply. And tell me, How is the system now?
  
• Re-enable your security software.

[asianmusicguy]

RogueKiller V8.4.4 [Feb 3 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Branden [Admin rights]

Mode : Remove -- Date : 02/04/2013 11:24:36

| ARK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤

[bLACKLIST] S5wow_2005.exe -- C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 4 ¤¤¤

[iFEO] HKLM\[...]\taskmgr.exe : Debugger ("C:\PROGRAM FILES\PROCESSEXPLORER\PROCEXP.EXE") -> NOT SELECTED

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NOT SELECTED

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3160310AS +++++

--- User ---

[MBR] a530584a4fc4511e8b68a55069d02741

[bSP] 52d6041400f7b751ccfb5d4d4dd66ec1 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 152625 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD10EACS-00D6B0 +++++

--- User ---

[MBR] 856b354283e327d2fb8813ef5d849594

[bSP] 617f43b7e936398ba580c07610a05089 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive2: OCZ-AGILITY3 ATA Device +++++

--- User ---

[MBR] 45aab7223b5708dfcf21ed032d06b7af

[bSP] 9b92ef6188b8a5ca6c5e8a6c47cab0cd : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 228833 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_D_02042013_02d1124.txt >>

RKreport[1]_S_02042013_02d1122.txt ; RKreport[2]_D_02042013_02d1124.txt

[asianmusicguy]

# AdwCleaner v2.110 - Logfile created 02/04/2013 at 12:39:16

# Updated 03/02/2013 by Xplode

# Operating system : Windows 7 Professional Service Pack 1 (64 bits)

# User : Branden - BRANDEN-PC

# Boot Mode : Normal

# Running from : E:\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask

Folder Deleted : C:\ProgramData\InstallMate

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\PIP

Key Deleted : HKCU\Software\TENCENT

Key Deleted : HKLM\Software\Freeze.com

Key Deleted : HKLM\Software\PIP

Key Deleted : HKLM\Software\TENCENT

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\r960ig3v.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Branden\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R2].txt - [1210 octets] - [04/02/2013 12:38:33]

AdwCleaner[s1].txt - [1157 octets] - [04/02/2013 12:39:16]

########## EOF - C:\AdwCleaner[s1].txt - [1217 octets] ##########

[asianmusicguy]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.6.2 (02.02.2013:2)

OS: Windows 7 Professional x64

Ran by Branden on 04/02/2013 at 12:47:48.70

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Branden\AppData\Roaming\tencent"

Successfully deleted: [Folder] "C:\Program Files (x86)\tencent"

~~~ FireFox

Emptied folder: C:\Users\Branden\AppData\Roaming\mozilla\firefox\profiles\r960ig3v.default\minidumps [53 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 04/02/2013 at 12:51:28.40

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[asianmusicguy]

Key Deleted : HKLM\Software\TENCENT is my qq internatal messager it now no longer runs http://download.cnet.com/QQ-International/3000-2150_4-12688429.html

start up after rogue kill was slow but seems fine currently

[Maurice Naggar]

I would suggest highly you not use qq/ tencent for the duration of this case. I have no idea of the origin or how good or legitimate that application is.

You will want to print out or copy these instructions to Notepad for offline reference!

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Close all open browsers at this point.

Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.

Using Internet Explorer browser only, go to ESET Online Scanner website:

http://www.eset.com/onlinescan/

• Accept the Terms of Use and press Start button;
  
• Approve the install of the required ActiveX Control, then follow on-screen instructions;
  
• Enable (check) the Remove found threats option, and run the scan.
  
• After the scan completes, the Details tab in the Results window will display what was found and removed.
  
  • A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.
    

  Look at contents of this file using Notepad.

  The Frequently Asked Questions for ESET Online Scanner can be viewed here

  http://go.eset.com/u...ine-scanner/faq

  • It is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner.
    (And the prompt re-enabling when finished.)
    
  • If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.
    
  • Do not use the system while the scan is running. Once the full scan is underway, go take a long break
    

Re-enable the antivirus program.

Reply with copy of the Eset scan log, and tell me, How is the system now ?

[asianmusicguy]

SETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

# version=8

# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

# OnlineScanner.ocx=1.0.0.6889

# api_version=3.0.2

# EOSSerial=a36b9c1817a44947a34462f60cd280e9

# end=finished

# remove_checked=false

# archives_checked=false

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-02-05 01:34:28

# local_time=2013-02-04 06:34:28 (-0700, Mountain Standard Time)

# country="Canada"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=5893 16776573 100 94 0 111571518 0 0

# scanned=316554

# found=0

# cleaned=0

# scan_time=1318

[Maurice Naggar]

ESET scan result is perfect.

Have your original issues "gone away" ?

Download Security Check by screen317 from here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  

[asianmusicguy]

esults of screen317's Security Check version 0.99.57

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Disabled!

Kaspersky PURE 2.0

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.70.0.1100

Java 7 Update 13

Java version out of Date!

Adobe Flash Player 11.5.502.146

Mozilla Firefox (18.0.1)

Mozilla Thunderbird (17.0.2)

Google Chrome 24.0.1312.52

Google Chrome 24.0.1312.57

````````Process Check: objlist.exe by Laurent````````

Kaspersky Lab Kaspersky PURE 2.0 avp.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 22% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

seems pk now i can acess google just fine atm

[asianmusicguy]

should i run anympre scans?

just to note

my drive is a SSD and i ran a java update check that is the most recent update

[Maurice Naggar]

After this case is closed, take some serious un-interrupted time and do a disk Defrag --- as long as your system is not on a latest-new technology SSD drive. I'd recommend Defraggler by Piriform http://www.piriform.com/defraggler/download

If you do not need Java for the programs that you use, keep Java off your system .

How to disable Java in various browsers : http://blog.eset.com/2012/08/29/disabling-java-a-safer-way-to-browse

Also see No, Seriously, Just Disable Java in Your Browser Right Now

We can wrap this up now. You are good to go after the following.

If you have a problem with these steps, or something does not quite work here, do let me know.

The following few steps will remove tools we used. Advise me after you have completed the cleanups.

• Download OTC to your desktop and run it
  
• Click Yes to beginning the Cleanup process and remove these components, including this application.
  
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
  

ERUNT you should keep and use periodically to backup Windows registry.

Delete the following if still present:

DrWeb Cure-It

adwcleaner.exe

TDSSKILLER.exe

Roguekiller.exe

JRT.exe

Securitycheck.exe

You may use Control Panel >> Programs and Features and uninstall ESET Online scan.

Safer practices & malware prevention

• Have a hardware router between the incoming internet-modem and your computer.
  
• Use a Standard user account rather than an administrator-rights account when "surfing" the web.
  
• Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on.
  
• Check in at Windows Update and install any Important Updates offered.
  
• Make certain that Automatic Updates is enabled.
  How to configure and use Automatic Updates in Windows
  http://support.microsoft.com/kb/306525
  
• Check on other update issues as well, by getting, installing and using Secunia Personal Software Inspector (OSI) on a monthly basis.
  See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector
  
• Download, install, and keep updated Spyware Blaster (free): http://www.javacoolsoftware.com/spywareblaster.html (all Protections should be enabled at all times)
  Tutorial for Spywareblaster: Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware
  
• I'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm
  See the FAQ page http://mvps.org/winhelp2002/hostsfaq.htm
  That would help to keep your browser away from known spyware/malware sites.
  
• Make regular backups of your system to removable media: DVD, USB external hard drive, etc.
  Having a total image backup of your system stored on DVD/CD is highly important.
  Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if another disaster hits.
  Examples of image backup software: Acronis True Image, or the free (for personal use) Macrium Reflect http://www.macrium.com/reflectfree.asp
  or Paragon Backup & Recovery http://www.paragon-software.com/home/br-free/download.html
  
• Consider using Web of Trust WOT add-on for your browser(s)
  http://www.mywot.com/en/download
  http://www.mywot.com/en/faq/add-on
  
• Take extreme care if you share USB-flash/thumb drives from other people {even from friends, roommates, relatives}
  Don't plug in an unknown flash/thumb drive into your PC.
  IF you must do so, hold down the SHIFT-key when you insert the drive.
  Scan any file with your Antivirus prior to opening or using.
  On some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done:
  
  ESET Online Scanner
  BitDefender Quickscan
  Trend Micro Housecall
  F-Secure Online Scanner
  Microsoft Safety Scanner
  Panda ActiveScan
  
  
• See Six tips to help you stay safer online
  
• Never, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe !
  

We are finished here. Best regards.

[Maurice Naggar]

should i run anympre scans?

just to note

my drive is a SSD and i ran a java update check that is the most recent update

No more scans needed.

Given you have SSD drive, "scratch" the defrag notes. SSD drives do not need defragmentation.

[asianmusicguy]

I ddontt think that program workd

still have C:\JRT

and a few logs laying arould can i manually delete and what else should i look for?

[asianmusicguy]

alsomy internet connection stoped for a moment refreshed and came back may just be unrelated but peerblock which i useas another layer of protection i relize its commonly asscoied with torrents but can be a very helpful as i firewall aswell it came up with a bloxked ip of 38.113.165.83 im i beig parnoid or what

[Maurice Naggar]

I ddontt think that program workd

still have C:\JRT

and a few logs laying arould can i manually delete and what else should i look for?

Delete JRT folder & any other tool that was left.

alsomy internet connection stoped for a moment refreshed and came back may just be unrelated but peerblock which i useas another layer of protection i relize its commonly asscoied with torrents but can be a very helpful as i firewall aswell it came up with a bloxked ip of 38.113.165.83 im i beig parnoid or what

MBAMis not intended as a firewall. You need to have the Windows firewall on, if none other is on.

You should use a hardware router between your internet modem and the computer. That will provide a layer of protection.

As to the ip block, yes, I do believe you are being overly anxious for not good reason.

If that was a "incoming" item, than that is not abnormal.