Need Help:full cpu usage inspite of no programs running

scooby_pav · May 11, 2013

hello everyone..over the past 2 weeks,my pc has been behaving strangely..upon startup,my cpu usage is 100%(with no applications running) and no matter what i do,it dosent go down..i uninstalled all programs i had installed during that peroid..i ran rkill,then kaspersky root kit,then used malwaye bytes and then avg(in the same order) in the normal mode..didnt catch any infections..then i did the same in the safe mode..same result..what should be my next step?any help would be appreciated..thanks

Maurice Naggar · May 11, 2013

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

scooby_pav · May 11, 2013

Thank you for your quick reply..

this is my mbam log

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.04.07

Windows 7 x86 NTFS

Internet Explorer 8.0.7600.16385

SINGH :: SINGH-PC [administrator]

4/14/2013 1:39:06 AM

mbam-log-2013-04-14 (01-39-06).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 258491

Time elapsed: 6 minute(s), 28 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

scooby_pav · May 11, 2013

My dds log

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.21.2

Run by SINGH at 18:37:43 on 2013-05-11

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3007.1759 [GMT 5.5:30]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Windows\Pixart\Pac207\Monitor.exe

C:\Program Files\Bluetooth Suite\BtvStack.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Bluetooth Suite\AthBtTray.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Free Download Manager\fdm.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe

C:\Program Files\Bluetooth Suite\adminservice.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_monitor.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe

C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe

C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\lmgrd.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

C:\Program Files\AVG\AVG2012\avgidsagent.exe

C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansyslmd.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Hewlett-Packard\KBD\kbd.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Users\SINGH\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - c:\program files\avg\avg2012\avgdtiex.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll

BHO: FDMIECookiesBHO Class: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

uRun: [Free Download Manager] c:\program files\free download manager\fdm.exe -autorun

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

uRun: [Google Update] "c:\users\singh\appdata\local\google\update\GoogleUpdate.exe" /c

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [Monitor] c:\windows\pixart\pac207\Monitor.exe

mRun: [LaunchHPOSIAPP] c:\program files\hewlett-packard\hp mainstream keyboard\LaunchApp.exe

mRun: [KBD] c:\program files\hewlett-packard\kbd\KbdStub.EXE

mRun: [AtherosBtStack] "c:\program files\bluetooth suite\BtvStack.exe"

mRun: [AthBtTray] "c:\program files\bluetooth suite\AthBtTray.exe"

mRun: [iTSecMng] c:\program files\toshiba\bluetooth toshiba stack\ItSecMng.exe /START

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunServices: [Keyboard Manager] c:\program files\netropa\one-touch multimedia keyboard\MMKeybd.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:255

mPolicies-Explorer: NoDriveTypeAutoRun = dword:255

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Download all with Free Download Manager - c:\program files\free download manager\dlall.htm

IE: Download selected with Free Download Manager - c:\program files\free download manager\dlselected.htm

IE: Download video with Free Download Manager - c:\program files\free download manager\dlfvideo.htm

IE: Download with Free Download Manager - c:\program files\free download manager\dllink.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {3195CF7C-E9E2-49B2-8B61-14F285298E1C} - hxxps://ho.hclinsys.com/wa/AccessClientLoader.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: Interfaces\{0A26153E-3653-4953-8B92-9743F2850471} : NameServer = 4.2.2.2

TCP: Interfaces\{0A26153E-3653-4953-8B92-9743F2850471} : DHCPNameServer = 192.168.42.129

TCP: Interfaces\{29D78945-9EAF-4CFC-BC88-DC27E8CE03C8} : NameServer = 208.67.222.222 208.67.220.220

TCP: Interfaces\{4D8814F7-493F-427C-9957-B2B8926E5FA4} : NameServer = 208.67.222.222 208.67.220.220

TCP: Interfaces\{5BFA5A6A-87F4-4724-9A5C-7A49B336CE09} : NameServer = 208.67.222.222 218.248.240.179

TCP: Interfaces\{6237C7F2-99BE-4613-84FC-7EE41D412C64} : NameServer = 208.67.222.222 208.67.220.220

TCP: Interfaces\{733FC33C-A943-4ABE-8198-71243DDAEF5A} : NameServer = 208.67.222.222 218.248.240.179

TCP: Interfaces\{93827D3A-84FA-46F4-B66C-F1F0BC7B892D} : NameServer = 208.67.222.222 218.248.240.179

TCP: Interfaces\{9CEF6438-A325-4881-9637-83CD2B273E4D} : NameServer = 202.56.240.5 202.56.230.6

TCP: Interfaces\{BF72F5BC-43CB-4223-A094-AB5009613F76} : NameServer = 202.56.240.5 202.56.230.6

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll

SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\singh\appdata\roaming\mozilla\firefox\profiles\akpsz4o6.default\

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\users\singh\appdata\local\google\update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2011-7-27 20872]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-11-8 250080]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-12-16 242240]

R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2003-7-11 14912]

R2 ANSYS, Inc. License Manager;ANSYS, Inc. License Manager;c:\program files\ansys inc\shared files\licensing\win32\ansysli_server.exe [2011-8-18 3326976]

R2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2011-1-21 72864]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-11-2 5174392]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]

R2 BBDemon;Backbone Service;c:\program files\dassault systemes\b16\intel_a\code\bin\CATSysDemon.exe [2005-9-7 35840]

R2 msikbd;msikbd;c:\windows\system32\drivers\Msikbd.sys [2011-8-23 28768]

R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-3-21 3560288]

R2 waclient;Portwise Access Client Driver;c:\windows\system32\drivers\waclient.sys [2011-8-19 31984]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-12-10 142176]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]

R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-1-21 24736]

R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-9-1 198656]

R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-9-1 101120]

R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]

R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-14 266752]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2011-1-21 34976]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-1-21 258720]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-1-21 175776]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2011-1-21 49312]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-1-21 141088]

S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2010-4-7 25864]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]

S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2010-4-7 23048]

S3 PAC207;CIF USB Camera;c:\windows\system32\drivers\PFC027.SYS [2011-8-18 505984]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-8-18 1343400]

.

=============== File Associations ===============

.

FileExt: .scr: AutoCADScriptFile=c:\windows\system32\notepad.exe "%1"

.

=============== Created Last 30 ================

.

2013-05-11 00:29:44 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-05-11 00:29:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-05-04 07:28:01 -------- d-----w- C:\TC

2013-05-01 08:15:34 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-05-01 07:56:31 -------- d-----w- c:\program files\Yahoo!

2013-04-26 10:05:28 -------- d-----w- c:\program files\DOSBox-0.74

2013-04-25 20:14:30 -------- d-----w- c:\users\singh\appdata\local\NFS Underground 2

2013-04-25 02:39:06 -------- d-----w- c:\users\singh\appdata\local\DOSBox

2013-04-14 00:31:43 -------- d-----w- c:\programdata\NFS Underground

2013-04-13 20:08:45 -------- d-----w- c:\users\singh\appdata\roaming\Malwarebytes

2013-04-13 20:08:37 -------- d-----w- c:\programdata\Malwarebytes

2013-04-13 14:12:46 -------- d-----w- C:\Temp

.

==================== Find3M ====================

.

2013-05-01 08:15:25 866720 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-05-01 08:15:25 788896 ----a-w- c:\windows\system32\deployJava1.dll

.

============= FINISH: 18:43:32.34 ===============

Maurice Naggar · May 11, 2013

BTW, You need to click on Follow this Topic button at top right and select Immediate notification !!!

Maurice Naggar · May 11, 2013

Disable CD-ROM Emulation Software:

Please download the following tool DeFogger to your desktop.

◦Double click DeFogger to run the tool.

◦The application window will appear

◦Click the Disable button to disable your CD Emulation drivers.

◦Click Yes to continue

◦A 'Finished!' message will appear

◦Click OK

◦DeFogger will now ask to reboot the machine - click OK

◦IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

◦Do not re-enable these drivers until otherwise instructed.

Step 2

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 3

To show all files:

Press Windows-key +R key on your keyboard to get RUN option.
Type in
```
explorer.exe
```
and press Enter to start Windows Explorer.
From the menu options, Select Tools, then Folder Options.
Next click the View tab.
Locate and uncheck Hide file extensions for known file types.
Locate and uncheck Hide protected operating system files (Recommended).
Locate and click Show hidden files and folders and drives.
Click Apply > OK.

Step 4

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

Step 5

Please read carefully and follow these steps. Delete any prior copy of TDSSKILLER

Download TDSSKiller and save it to your Desktop.
Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 6

DELETE any prior copy of roguekiller.exe that you had from before (if any).

Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
>> from here <<
Quit all programs that you may have started.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on Scan button at upper right of screen.
Wait until the Status box shows "Scan Finished"
Click on Report and copy/paste the content of the Notepad into your next reply.
The log should be found in RKreport[1].txt on your Desktop
Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 7

RE-Enable your antivirus program.

Then copy/paste the following into your post (in order):

the contents of C:\AdwCleaner[R1].txt;
the contents of TDSSKILLER log;
the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

scooby_pav · May 12, 2013

I ran everything just as you told me...

The Adwcleaner Log

# AdwCleaner v2.300 - Logfile created 05/12/2013 at 10:37:02

# Updated 28/04/2013 by Xplode

# Operating system : Windows 7 Ultimate (32 bits)

# User : SINGH - SINGH-PC

# Boot Mode : Normal

# Running from : C:\Users\SINGH\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKLM\Software\AVG Secure Search

Key Found : HKLM\SOFTWARE\Software

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0 (en-US)

File : C:\Users\SINGH\AppData\Roaming\Mozilla\Firefox\Profiles\akpsz4o6.default\prefs.js

Found : user_pref("extensions.DivXWebPlayer@divx.com.install-event-fired", true);

-\\ Google Chrome v26.0.1410.64

File : C:\Users\SINGH\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.10.1615.0

File : C:\Users\SINGH\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1274 octets] - [12/05/2013 10:37:02]

########## EOF - C:\AdwCleaner[R1].txt - [1334 octets] ##########

_______________________________________________________________________________________________________

The TDSKILLER log

10:37:50.0506 0896 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

10:37:50.0569 0896 ============================================================

10:37:50.0569 0896 Current date / time: 2013/05/12 10:37:50.0569

10:37:50.0569 0896 SystemInfo:

10:37:50.0569 0896

10:37:50.0569 0896 OS Version: 6.1.7600 ServicePack: 0.0

10:37:50.0569 0896 Product type: Workstation

10:37:50.0569 0896 ComputerName: SINGH-PC

10:37:50.0569 0896 UserName: SINGH

10:37:50.0569 0896 Windows directory: C:\Windows

10:37:50.0569 0896 System windows directory: C:\Windows

10:37:50.0569 0896 Processor architecture: Intel x86

10:37:50.0569 0896 Number of processors: 2

10:37:50.0569 0896 Page size: 0x1000

10:37:50.0569 0896 Boot type: Normal boot

10:37:50.0569 0896 ============================================================

10:37:53.0038 0896 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

10:37:53.0069 0896 ============================================================

10:37:53.0069 0896 \Device\Harddisk0\DR0:

10:37:53.0069 0896 MBR partitions:

10:37:53.0069 0896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xB67C0D0

10:37:53.0069 0896 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xB67C800, BlocksNum 0x6379800

10:37:53.0100 0896 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x119F6800, BlocksNum 0x4E1F000

10:37:53.0100 0896 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x16815800, BlocksNum 0xC88800

10:37:53.0100 0896 ============================================================

10:37:53.0178 0896 C: <-> \Device\Harddisk0\DR0\Partition2

10:37:53.0366 0896 D: <-> \Device\Harddisk0\DR0\Partition1

10:37:53.0803 0896 E: <-> \Device\Harddisk0\DR0\Partition3

10:37:53.0944 0896 F: <-> \Device\Harddisk0\DR0\Partition4

10:37:53.0944 0896 ============================================================

10:37:53.0944 0896 Initialize success

10:37:53.0944 0896 ============================================================

10:38:02.0225 3568 ============================================================

10:38:02.0225 3568 Scan started

10:38:02.0225 3568 Mode: Manual;

10:38:02.0225 3568 ============================================================

10:38:03.0913 3568 ================ Scan system memory ========================

10:38:03.0913 3568 System memory - ok

10:38:03.0913 3568 ================ Scan services =============================

10:38:04.0428 3568 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys

10:38:04.0459 3568 1394ohci - ok

10:38:04.0475 3568 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys

10:38:04.0475 3568 ACPI - ok

10:38:04.0491 3568 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys

10:38:04.0491 3568 AcpiPmi - ok

10:38:04.0647 3568 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

10:38:04.0647 3568 AdobeARMservice - ok

10:38:04.0772 3568 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

10:38:04.0788 3568 adp94xx - ok

10:38:04.0803 3568 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

10:38:04.0819 3568 adpahci - ok

10:38:04.0834 3568 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

10:38:04.0850 3568 adpu320 - ok

10:38:04.0897 3568 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

10:38:04.0897 3568 AeLookupSvc - ok

10:38:04.0944 3568 [ DDC040FDB01EF1712A6B13E52AFB104C ] AFD C:\Windows\system32\drivers\afd.sys

10:38:04.0959 3568 AFD - ok

10:38:05.0022 3568 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys

10:38:05.0053 3568 agp440 - ok

10:38:05.0084 3568 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys

10:38:05.0084 3568 aic78xx - ok

10:38:05.0116 3568 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe

10:38:05.0116 3568 ALG - ok

10:38:05.0131 3568 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys

10:38:05.0131 3568 aliide - ok

10:38:05.0147 3568 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys

10:38:05.0147 3568 amdagp - ok

10:38:05.0163 3568 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys

10:38:05.0163 3568 amdide - ok

10:38:05.0194 3568 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

10:38:05.0194 3568 AmdK8 - ok

10:38:05.0209 3568 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

10:38:05.0225 3568 AmdPPM - ok

10:38:05.0241 3568 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys

10:38:05.0241 3568 amdsata - ok

10:38:05.0272 3568 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

10:38:05.0288 3568 amdsbs - ok

10:38:05.0303 3568 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys

10:38:05.0303 3568 amdxata - ok

10:38:05.0944 3568 [ 65A2D3FE71B7F27E3D76AAA9E43634EA ] ANSYS, Inc. License Manager C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe

10:38:05.0975 3568 ANSYS, Inc. License Manager - ok

10:38:06.0006 3568 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys

10:38:06.0022 3568 AppID - ok

10:38:06.0053 3568 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll

10:38:06.0053 3568 AppIDSvc - ok

10:38:06.0084 3568 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll

10:38:06.0084 3568 Appinfo - ok

10:38:06.0116 3568 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll

10:38:06.0131 3568 AppMgmt - ok

10:38:06.0163 3568 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys

10:38:06.0163 3568 arc - ok

10:38:06.0194 3568 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

10:38:06.0194 3568 arcsas - ok

10:38:06.0209 3568 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

10:38:06.0209 3568 AsyncMac - ok

10:38:06.0225 3568 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys

10:38:06.0225 3568 atapi - ok

10:38:06.0288 3568 [ 882EDBAFCC227852C9DCA23EA48D2E78 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys

10:38:06.0288 3568 AthBTPort - ok

10:38:06.0381 3568 [ E8AFE198280594A12765870954186936 ] AtherosSvc C:\Program Files\Bluetooth Suite\adminservice.exe

10:38:06.0381 3568 AtherosSvc - ok

10:38:06.0397 3568 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

10:38:06.0397 3568 AudioEndpointBuilder - ok

10:38:06.0459 3568 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll

10:38:06.0459 3568 Audiosrv - ok

10:38:07.0163 3568 [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent C:\Program Files\AVG\AVG2012\avgidsagent.exe

10:38:07.0194 3568 AVGIDSAgent - ok

10:38:07.0272 3568 [ EF67527CC2AD77D22AB1405C6470407E ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys

10:38:07.0272 3568 AVGIDSDriver - ok

10:38:07.0366 3568 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys

10:38:07.0366 3568 AVGIDSFilter - ok

10:38:07.0459 3568 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys

10:38:07.0459 3568 AVGIDSHX - ok

10:38:07.0475 3568 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys

10:38:07.0475 3568 AVGIDSShim - ok

10:38:07.0538 3568 [ 6671345A6E2669AF1966BAF68EC5620F ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys

10:38:07.0538 3568 Avgldx86 - ok

10:38:07.0584 3568 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys

10:38:07.0584 3568 Avgmfx86 - ok

10:38:07.0647 3568 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys

10:38:07.0647 3568 Avgrkx86 - ok

10:38:07.0694 3568 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe

10:38:07.0694 3568 avgwd - ok

10:38:07.0741 3568 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll

10:38:07.0756 3568 AxInstSV - ok

10:38:07.0803 3568 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys

10:38:07.0819 3568 b06bdrv - ok

10:38:07.0881 3568 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys

10:38:07.0881 3568 b57nd60x - ok

10:38:08.0038 3568 [ B68B7EB9C8652E51654396AED5078E49 ] BBDemon C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe

10:38:13.0913 3568 BBDemon - ok

10:38:14.0459 3568 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll

10:38:14.0475 3568 BDESVC - ok

10:38:14.0553 3568 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys

10:38:14.0553 3568 Beep - ok

10:38:14.0569 3568 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll

10:38:14.0600 3568 BFE - ok

10:38:14.0709 3568 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll

10:38:14.0725 3568 BITS - ok

10:38:14.0741 3568 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

10:38:14.0741 3568 blbdrive - ok

10:38:14.0788 3568 [ FCAFAEF6798D7B51FF029F99A9898961 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

10:38:14.0788 3568 bowser - ok

10:38:14.0803 3568 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

10:38:14.0803 3568 BrFiltLo - ok

10:38:14.0834 3568 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

10:38:14.0834 3568 BrFiltUp - ok

10:38:14.0881 3568 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\Windows\System32\browser.dll

10:38:14.0881 3568 Browser - ok

10:38:14.0944 3568 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys

10:38:14.0959 3568 Brserid - ok

10:38:14.0991 3568 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

10:38:14.0991 3568 BrSerWdm - ok

10:38:15.0006 3568 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

10:38:15.0006 3568 BrUsbMdm - ok

10:38:15.0038 3568 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

10:38:15.0038 3568 BrUsbSer - ok

10:38:15.0084 3568 BT - ok

10:38:15.0147 3568 [ D57BC943ED4EF85A51165F408E4C15A7 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys

10:38:15.0147 3568 BTATH_A2DP - ok

10:38:15.0209 3568 [ F60E0C722442EA91F0C253B7814D8192 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys

10:38:15.0209 3568 BTATH_BUS - ok

10:38:15.0241 3568 [ F31E369DB8258B28E3DCF66705AEA9E9 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys

10:38:15.0241 3568 BTATH_HCRP - ok

10:38:15.0288 3568 [ 6651798266FDE23159D961463A63A77D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys

10:38:15.0288 3568 BTATH_LWFLT - ok

10:38:15.0350 3568 [ 08EF5298DF80BC136523BCD2ED8B9C37 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys

10:38:15.0350 3568 BTATH_RCP - ok

10:38:15.0366 3568 btaudio - ok

10:38:15.0381 3568 BTCOM - ok

10:38:15.0397 3568 BTCOMBUS - ok

10:38:15.0413 3568 Btcsrusb - ok

10:38:15.0428 3568 BTDriver - ok

10:38:15.0475 3568 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys

10:38:15.0475 3568 BthEnum - ok

10:38:15.0522 3568 [ 4CA977B7F361AABA7E7B17F95413A87D ] BtHidBus C:\Windows\system32\Drivers\BtHidBus.sys

10:38:15.0522 3568 BtHidBus - ok

10:38:15.0569 3568 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

10:38:15.0569 3568 BTHMODEM - ok

10:38:15.0584 3568 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

10:38:15.0584 3568 BthPan - ok

10:38:15.0647 3568 [ 4A34888E13224678DD062466AFEC4240 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys

10:38:15.0663 3568 BTHPORT - ok

10:38:15.0709 3568 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll

10:38:15.0709 3568 bthserv - ok

10:38:15.0772 3568 [ FA04C63916FA221DBB91FCE153D07A55 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys

10:38:15.0788 3568 BTHUSB - ok

10:38:15.0803 3568 BTKRNL - ok

10:38:15.0834 3568 [ 7BB8AC22BC9E6A1E7707DAECADA95CD9 ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys

10:38:15.0834 3568 btnetBUs - ok

10:38:15.0866 3568 BTWUSB - ok

10:38:15.0897 3568 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

10:38:15.0897 3568 cdfs - ok

10:38:15.0913 3568 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

10:38:15.0913 3568 cdrom - ok

10:38:15.0928 3568 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll

10:38:15.0928 3568 CertPropSvc - ok

10:38:15.0944 3568 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys

10:38:15.0944 3568 circlass - ok

10:38:15.0991 3568 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys

10:38:16.0006 3568 CLFS - ok

10:38:16.0131 3568 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:38:16.0147 3568 clr_optimization_v2.0.50727_32 - ok

10:38:16.0163 3568 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

10:38:16.0163 3568 CmBatt - ok

10:38:16.0209 3568 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys

10:38:16.0209 3568 cmdide - ok

10:38:16.0241 3568 [ 1B675691ED940766149C93E8F4488D68 ] CNG C:\Windows\system32\Drivers\cng.sys

10:38:16.0241 3568 CNG - ok

10:38:16.0272 3568 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

10:38:16.0288 3568 Compbatt - ok

10:38:16.0303 3568 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

10:38:16.0303 3568 CompositeBus - ok

10:38:16.0319 3568 COMSysApp - ok

10:38:16.0350 3568 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

10:38:16.0350 3568 crcdisk - ok

10:38:16.0413 3568 [ 9C231178CE4FB385F4B54B0A9080B8A4 ] CryptSvc C:\Windows\system32\cryptsvc.dll

10:38:16.0413 3568 CryptSvc - ok

10:38:16.0491 3568 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys

10:38:16.0491 3568 CSC - ok

10:38:16.0569 3568 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll

10:38:16.0584 3568 CscService - ok

10:38:16.0663 3568 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll

10:38:16.0663 3568 DcomLaunch - ok

10:38:16.0741 3568 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll

10:38:16.0741 3568 defragsvc - ok

10:38:16.0772 3568 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB ] DfsC C:\Windows\system32\Drivers\dfsc.sys

10:38:16.0772 3568 DfsC - ok

10:38:16.0819 3568 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll

10:38:16.0819 3568 Dhcp - ok

10:38:16.0819 3568 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys

10:38:16.0834 3568 discache - ok

10:38:16.0866 3568 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys

10:38:16.0866 3568 Disk - ok

10:38:16.0913 3568 [ D0722E963D3C6145446874241401B209 ] Dnscache C:\Windows\System32\dnsrslvr.dll

10:38:16.0913 3568 Dnscache - ok

10:38:16.0928 3568 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll

10:38:16.0959 3568 dot3svc - ok

10:38:16.0975 3568 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll

10:38:16.0975 3568 DPS - ok

10:38:17.0006 3568 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

10:38:17.0022 3568 drmkaud - ok

10:38:17.0084 3568 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys

10:38:17.0084 3568 dtsoftbus01 - ok

10:38:17.0147 3568 [ 39806CFEDDCC55E686A49BCCD2972F23 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

10:38:17.0194 3568 DXGKrnl - ok

10:38:17.0241 3568 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll

10:38:17.0256 3568 EapHost - ok

10:38:17.0756 3568 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys

10:38:17.0834 3568 ebdrv - ok

10:38:17.0881 3568 [ F42309C4191C506B71DB5D1126D26318 ] EFS C:\Windows\System32\lsass.exe

10:38:17.0897 3568 EFS - ok

10:38:17.0975 3568 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

10:38:17.0991 3568 elxstor - ok

10:38:18.0022 3568 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys

10:38:18.0022 3568 ErrDev - ok

10:38:18.0084 3568 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll

10:38:18.0084 3568 EventSystem - ok

10:38:18.0131 3568 [ 7C18A6C99F4119D361A5CA028E788648 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys

10:38:18.0131 3568 ewusbnet - ok

10:38:18.0163 3568 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys

10:38:18.0163 3568 exfat - ok

10:38:18.0194 3568 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys

10:38:18.0194 3568 fastfat - ok

10:38:18.0272 3568 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe

10:38:18.0288 3568 Fax - ok

10:38:18.0288 3568 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys

10:38:18.0288 3568 fdc - ok

10:38:18.0319 3568 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll

10:38:18.0334 3568 fdPHost - ok

10:38:18.0350 3568 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll

10:38:18.0350 3568 FDResPub - ok

10:38:18.0366 3568 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

10:38:18.0366 3568 FileInfo - ok

10:38:18.0381 3568 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

10:38:18.0381 3568 Filetrace - ok

10:38:18.0694 3568 [ D60EF46DC0E757FE5EB579DB95B88954 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

10:38:18.0709 3568 FLEXnet Licensing Service - ok

10:38:18.0756 3568 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

10:38:18.0756 3568 flpydisk - ok

10:38:18.0803 3568 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

10:38:18.0803 3568 FltMgr - ok

10:38:18.0866 3568 [ 6EFF9216515DDF89FF81CBB964F4C279 ] FontCache C:\Windows\system32\FntCache.dll

10:38:18.0881 3568 FontCache - ok

10:38:18.0959 3568 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

10:38:18.0959 3568 FontCache3.0.0.0 - ok

10:38:19.0053 3568 [ C96C52D0D80666AF585516FFA97B7C00 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

10:38:19.0069 3568 ForceWare Intelligent Application Manager (IAM) - ok

10:38:19.0084 3568 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

10:38:19.0100 3568 FsDepends - ok

10:38:19.0100 3568 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

10:38:19.0100 3568 Fs_Rec - ok

10:38:19.0131 3568 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

10:38:19.0131 3568 fvevol - ok

10:38:19.0131 3568 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

10:38:19.0147 3568 gagp30kx - ok

10:38:19.0194 3568 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll

10:38:19.0194 3568 gpsvc - ok

10:38:19.0225 3568 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

10:38:19.0225 3568 hcw85cir - ok

10:38:19.0256 3568 [ 9436FBF3CA45A0FB726856B409734D7A ] hcwPP2 C:\Windows\system32\DRIVERS\hcwPP2.sys

10:38:19.0256 3568 hcwPP2 - ok

10:38:19.0303 3568 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

10:38:19.0319 3568 HdAudAddService - ok

10:38:19.0334 3568 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

10:38:19.0334 3568 HDAudBus - ok

10:38:19.0350 3568 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

10:38:19.0350 3568 HidBatt - ok

10:38:19.0366 3568 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

10:38:19.0366 3568 HidBth - ok

10:38:19.0413 3568 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

10:38:19.0413 3568 HidIr - ok

10:38:19.0444 3568 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll

10:38:19.0444 3568 hidserv - ok

10:38:19.0459 3568 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

10:38:19.0459 3568 HidUsb - ok

10:38:19.0506 3568 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll

10:38:19.0506 3568 hkmsvc - ok

10:38:19.0522 3568 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

10:38:19.0522 3568 HomeGroupListener - ok

10:38:19.0569 3568 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

10:38:19.0584 3568 HomeGroupProvider - ok

10:38:19.0600 3568 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys

10:38:19.0616 3568 HpSAMD - ok

10:38:19.0647 3568 [ 950CC1E6AE3A6CD23E0945CDE089B02C ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys

10:38:19.0647 3568 HTCAND32 - ok

10:38:19.0678 3568 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys

10:38:19.0678 3568 HTTP - ok

10:38:19.0741 3568 [ 988C0A49F09D75D3341CB419141793C1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys

10:38:19.0741 3568 hwdatacard - ok

10:38:19.0756 3568 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

10:38:19.0756 3568 hwpolicy - ok

10:38:19.0772 3568 [ A259D3619AA23D4562581067F85E2006 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys

10:38:19.0772 3568 hwusbdev - ok

10:38:19.0788 3568 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

10:38:19.0803 3568 i8042prt - ok

10:38:19.0834 3568 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys

10:38:19.0834 3568 iaStorV - ok

10:38:19.0913 3568 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

10:38:19.0944 3568 idsvc - ok

10:38:19.0975 3568 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

10:38:19.0975 3568 iirsp - ok

10:38:20.0038 3568 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll

10:38:20.0069 3568 IKEEXT - ok

10:38:20.0272 3568 [ 544FCAF4CF73C6EF6A83747CB9274177 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

10:38:20.0303 3568 IntcAzAudAddService - ok

10:38:20.0334 3568 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys

10:38:20.0350 3568 intelide - ok

10:38:20.0366 3568 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

10:38:20.0366 3568 intelppm - ok

10:38:20.0381 3568 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

10:38:20.0381 3568 IPBusEnum - ok

10:38:20.0397 3568 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:38:20.0397 3568 IpFilterDriver - ok

10:38:20.0459 3568 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

10:38:20.0475 3568 iphlpsvc - ok

10:38:20.0491 3568 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys

10:38:20.0491 3568 IPMIDRV - ok

10:38:20.0538 3568 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys

10:38:20.0538 3568 IPNAT - ok

10:38:20.0569 3568 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys

10:38:20.0569 3568 IRENUM - ok

10:38:20.0584 3568 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys

10:38:20.0584 3568 isapnp - ok

10:38:20.0647 3568 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

10:38:20.0647 3568 iScsiPrt - ok

10:38:20.0694 3568 [ 132EB047E3F94DC9EAB83C74E8C2E85A ] IvtBtBUs C:\Windows\system32\Drivers\IvtBtBus.sys

10:38:20.0709 3568 IvtBtBUs - ok

10:38:20.0741 3568 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

10:38:20.0741 3568 kbdclass - ok

10:38:20.0756 3568 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

10:38:20.0756 3568 kbdhid - ok

10:38:20.0772 3568 [ F42309C4191C506B71DB5D1126D26318 ] KeyIso C:\Windows\system32\lsass.exe

10:38:20.0772 3568 KeyIso - ok

10:38:20.0788 3568 [ E36A061EC11B373826905B21BE10948F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

10:38:20.0788 3568 KSecDD - ok

10:38:20.0819 3568 [ 26C046977E85B95036453D7B88BA1820 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

10:38:20.0819 3568 KSecPkg - ok

10:38:20.0881 3568 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll

10:38:20.0881 3568 KtmRm - ok

10:38:20.0928 3568 [ BCA92CB047A4326925ECEF759DBAA233 ] LanmanServer C:\Windows\system32\srvsvc.dll

10:38:20.0944 3568 LanmanServer - ok

10:38:20.0991 3568 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

10:38:20.0991 3568 LanmanWorkstation - ok

10:38:21.0022 3568 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

10:38:21.0022 3568 lltdio - ok

10:38:21.0069 3568 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll

10:38:21.0069 3568 lltdsvc - ok

10:38:21.0116 3568 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll

10:38:21.0116 3568 lmhosts - ok

10:38:21.0131 3568 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

10:38:21.0131 3568 LSI_FC - ok

10:38:21.0147 3568 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

10:38:21.0147 3568 LSI_SAS - ok

10:38:21.0163 3568 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

10:38:21.0178 3568 LSI_SAS2 - ok

10:38:21.0178 3568 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

10:38:21.0194 3568 LSI_SCSI - ok

10:38:21.0209 3568 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys

10:38:21.0209 3568 luafv - ok

10:38:21.0241 3568 [ A83CA48076A3C43C3B71175095838D69 ] LUMDriver C:\Windows\system32\drivers\LUMDriver.sys

10:38:21.0241 3568 LUMDriver - ok

10:38:21.0288 3568 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

10:38:21.0288 3568 megasas - ok

10:38:21.0303 3568 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

10:38:21.0319 3568 MegaSR - ok

10:38:21.0350 3568 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll

10:38:21.0350 3568 MMCSS - ok

10:38:21.0366 3568 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys

10:38:21.0366 3568 Modem - ok

10:38:21.0381 3568 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

10:38:21.0381 3568 monitor - ok

10:38:21.0397 3568 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

10:38:21.0397 3568 mouclass - ok

10:38:21.0413 3568 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

10:38:21.0413 3568 mouhid - ok

10:38:21.0428 3568 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

10:38:21.0428 3568 mountmgr - ok

10:38:21.0459 3568 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys

10:38:21.0459 3568 mpio - ok

10:38:21.0491 3568 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

10:38:21.0491 3568 mpsdrv - ok

10:38:21.0506 3568 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll

10:38:21.0522 3568 MpsSvc - ok

10:38:21.0522 3568 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

10:38:21.0538 3568 MRxDAV - ok

10:38:21.0553 3568 [ F4A054BE78AF7F410129C4B64B07DC9B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

10:38:21.0553 3568 mrxsmb - ok

10:38:21.0584 3568 [ DEFFA295BD1895C6ED8E3078412AC60B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:38:21.0584 3568 mrxsmb10 - ok

10:38:21.0616 3568 [ 24D76ABE5DCAD22F19D105F76FDF0CE1 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:38:21.0616 3568 mrxsmb20 - ok

10:38:21.0631 3568 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys

10:38:21.0647 3568 msahci - ok

10:38:21.0663 3568 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys

10:38:21.0663 3568 msdsm - ok

10:38:21.0694 3568 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe

10:38:21.0694 3568 MSDTC - ok

10:38:21.0741 3568 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys

10:38:21.0741 3568 Msfs - ok

10:38:21.0756 3568 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

10:38:21.0756 3568 mshidkmdf - ok

10:38:21.0819 3568 [ 79DE80D51258DCF0614718C2D1057038 ] msikbd C:\Windows\system32\drivers\msikbd.sys

10:38:21.0819 3568 msikbd - ok

10:38:21.0834 3568 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys

10:38:21.0834 3568 msisadrv - ok

10:38:21.0881 3568 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

10:38:21.0897 3568 MSiSCSI - ok

10:38:21.0913 3568 msiserver - ok

10:38:21.0944 3568 MSI_MSIBIOS_010507 - ok

10:38:21.0975 3568 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

10:38:21.0975 3568 MSKSSRV - ok

10:38:22.0038 3568 [ ADE6270C1003923E92A9BBBA272133A9 ] msloop C:\Windows\system32\DRIVERS\loop.sys

10:38:22.0038 3568 msloop - ok

10:38:22.0084 3568 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

10:38:22.0084 3568 MSPCLOCK - ok

10:38:22.0100 3568 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

10:38:22.0100 3568 MSPQM - ok

10:38:22.0116 3568 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

10:38:22.0116 3568 MsRPC - ok

10:38:22.0147 3568 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

10:38:22.0147 3568 mssmbios - ok

10:38:22.0163 3568 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

10:38:22.0163 3568 MSTEE - ok

10:38:22.0178 3568 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

10:38:22.0178 3568 MTConfig - ok

10:38:22.0209 3568 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys

10:38:22.0209 3568 Mup - ok

10:38:22.0272 3568 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll

10:38:22.0288 3568 napagent - ok

10:38:22.0350 3568 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

10:38:22.0366 3568 NativeWifiP - ok

10:38:22.0413 3568 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys

10:38:22.0413 3568 NDIS - ok

10:38:22.0428 3568 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

10:38:22.0428 3568 NdisCap - ok

10:38:22.0459 3568 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

10:38:22.0459 3568 NdisTapi - ok

10:38:22.0459 3568 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

10:38:22.0459 3568 Ndisuio - ok

10:38:22.0475 3568 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

10:38:22.0475 3568 NdisWan - ok

10:38:22.0506 3568 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

10:38:22.0506 3568 NDProxy - ok

10:38:22.0522 3568 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

10:38:22.0522 3568 NetBIOS - ok

10:38:22.0538 3568 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

10:38:22.0538 3568 NetBT - ok

10:38:22.0553 3568 [ F42309C4191C506B71DB5D1126D26318 ] Netlogon C:\Windows\system32\lsass.exe

10:38:22.0569 3568 Netlogon - ok

10:38:22.0631 3568 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll

10:38:22.0631 3568 Netman - ok

10:38:22.0663 3568 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll

10:38:22.0678 3568 netprofm - ok

10:38:22.0725 3568 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

10:38:22.0725 3568 NetTcpPortSharing - ok

10:38:22.0772 3568 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

10:38:22.0772 3568 nfrd960 - ok

10:38:22.0819 3568 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll

10:38:22.0819 3568 NlaSvc - ok

10:38:22.0850 3568 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys

10:38:22.0866 3568 Npfs - ok

10:38:22.0913 3568 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll

10:38:22.0913 3568 nsi - ok

10:38:22.0928 3568 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

10:38:22.0928 3568 nsiproxy - ok

10:38:22.0975 3568 [ B6C48D01147EC020DE7F1856734127F8 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

10:38:22.0975 3568 nSvcIp - ok

10:38:23.0038 3568 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

10:38:23.0053 3568 Ntfs - ok

10:38:23.0084 3568 NTIOLib_1_0_4 - ok

10:38:23.0116 3568 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys

10:38:23.0116 3568 Null - ok

10:38:23.0163 3568 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys

10:38:23.0178 3568 NVENETFD - ok

10:38:24.0053 3568 [ 4152708C0C24E30DAE7FA87D5AFE1D7B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

10:38:24.0131 3568 nvlddmkm - ok

10:38:24.0209 3568 [ 5BF9C11586F4764446407F509F1BECA8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys

10:38:24.0209 3568 NVNET - ok

10:38:24.0256 3568 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys

10:38:24.0256 3568 nvraid - ok

10:38:24.0288 3568 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys

10:38:24.0288 3568 nvsmu - ok

10:38:24.0303 3568 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys

10:38:24.0319 3568 nvstor - ok

10:38:24.0381 3568 [ 26DB28B32E8D2F57CB5065A4A053801A ] nvsvc C:\Windows\system32\nvvsvc.exe

10:38:24.0381 3568 nvsvc - ok

10:38:24.0491 3568 [ A19BBE1E3E3FEF50B94CA07DCC0FB776 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

10:38:24.0538 3568 nvUpdatusService - ok

10:38:24.0553 3568 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys

10:38:24.0553 3568 nv_agp - ok

10:38:24.0647 3568 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

10:38:24.0663 3568 odserv - ok

10:38:24.0694 3568 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

10:38:24.0694 3568 ohci1394 - ok

10:38:24.0725 3568 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

10:38:24.0741 3568 ose - ok

10:38:24.0788 3568 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

10:38:24.0803 3568 p2pimsvc - ok

10:38:24.0850 3568 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll

10:38:24.0866 3568 p2psvc - ok

10:38:24.0913 3568 [ 81F258F3C30EC7D8D3B3D19B32002F70 ] PAC207 C:\Windows\system32\DRIVERS\PFC027.SYS

10:38:24.0944 3568 PAC207 - ok

10:38:24.0959 3568 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys

10:38:24.0959 3568 Parport - ok

10:38:24.0975 3568 [ FF4218952B51DE44FE910953A3E686B9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

10:38:24.0975 3568 partmgr - ok

10:38:25.0022 3568 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys

10:38:25.0022 3568 Parvdm - ok

10:38:25.0053 3568 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll

10:38:25.0053 3568 PcaSvc - ok

10:38:25.0100 3568 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys

10:38:25.0100 3568 pci - ok

10:38:25.0116 3568 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys

10:38:25.0116 3568 pciide - ok

10:38:25.0131 3568 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

10:38:25.0147 3568 pcmcia - ok

10:38:25.0163 3568 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys

10:38:25.0163 3568 pcw - ok

10:38:25.0194 3568 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys

10:38:25.0194 3568 PEAUTH - ok

10:38:25.0272 3568 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

10:38:25.0303 3568 PeerDistSvc - ok

10:38:25.0381 3568 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll

10:38:25.0428 3568 pla - ok

10:38:25.0475 3568 [ 2CC2008F1296968FBA162ED9F9AFE328 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

10:38:25.0491 3568 PlugPlay - ok

10:38:25.0538 3568 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

10:38:25.0538 3568 PNRPAutoReg - ok

10:38:25.0553 3568 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

10:38:25.0553 3568 PNRPsvc - ok

10:38:25.0600 3568 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

10:38:25.0616 3568 PolicyAgent - ok

10:38:25.0647 3568 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll

10:38:25.0647 3568 Power - ok

10:38:25.0663 3568 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

10:38:25.0663 3568 PptpMiniport - ok

10:38:25.0678 3568 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys

10:38:25.0678 3568 Processor - ok

10:38:25.0741 3568 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll

10:38:25.0741 3568 ProfSvc - ok

10:38:25.0756 3568 [ F42309C4191C506B71DB5D1126D26318 ] ProtectedStorage C:\Windows\system32\lsass.exe

10:38:25.0756 3568 ProtectedStorage - ok

10:38:25.0819 3568 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys

10:38:25.0819 3568 Ps2 - ok

10:38:25.0850 3568 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys

10:38:25.0850 3568 Psched - ok

10:38:25.0928 3568 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

10:38:25.0975 3568 ql2300 - ok

10:38:25.0991 3568 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

10:38:26.0006 3568 ql40xx - ok

10:38:26.0022 3568 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll

10:38:26.0038 3568 QWAVE - ok

10:38:26.0069 3568 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

10:38:26.0069 3568 QWAVEdrv - ok

10:38:26.0131 3568 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll

10:38:26.0131 3568 RapiMgr - ok

10:38:26.0163 3568 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

10:38:26.0163 3568 RasAcd - ok

10:38:26.0209 3568 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

10:38:26.0209 3568 RasAgileVpn - ok

10:38:26.0272 3568 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll

10:38:26.0272 3568 RasAuto - ok

10:38:26.0303 3568 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

10:38:26.0303 3568 Rasl2tp - ok

10:38:26.0350 3568 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll

10:38:26.0366 3568 RasMan - ok

10:38:26.0397 3568 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

10:38:26.0397 3568 RasPppoe - ok

10:38:26.0413 3568 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

10:38:26.0413 3568 RasSstp - ok

10:38:26.0428 3568 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

10:38:26.0428 3568 rdbss - ok

10:38:26.0444 3568 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

10:38:26.0444 3568 rdpbus - ok

10:38:26.0475 3568 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

10:38:26.0475 3568 RDPCDD - ok

10:38:26.0522 3568 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

10:38:26.0522 3568 RDPDR - ok

10:38:26.0538 3568 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

10:38:26.0553 3568 RDPENCDD - ok

10:38:26.0584 3568 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

10:38:26.0584 3568 RDPREFMP - ok

10:38:26.0647 3568 [ 801371BA9782282892D00AADB08EE367 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

10:38:26.0663 3568 RDPWD - ok

10:38:26.0678 3568 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

10:38:26.0694 3568 rdyboost - ok

10:38:26.0741 3568 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll

10:38:26.0741 3568 RemoteAccess - ok

10:38:26.0788 3568 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll

10:38:26.0803 3568 RemoteRegistry - ok

10:38:26.0850 3568 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

10:38:26.0850 3568 RFCOMM - ok

10:38:26.0866 3568 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

10:38:26.0866 3568 RpcEptMapper - ok

10:38:26.0913 3568 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe

10:38:26.0928 3568 RpcLocator - ok

10:38:26.0944 3568 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll

10:38:26.0959 3568 RpcSs - ok

10:38:26.0975 3568 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

10:38:26.0975 3568 rspndr - ok

10:38:27.0022 3568 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys

10:38:27.0022 3568 s3cap - ok

10:38:27.0038 3568 [ F42309C4191C506B71DB5D1126D26318 ] SamSs C:\Windows\system32\lsass.exe

10:38:27.0038 3568 SamSs - ok

10:38:27.0053 3568 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys

10:38:27.0069 3568 sbp2port - ok

10:38:27.0116 3568 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll

10:38:27.0131 3568 SCardSvr - ok

10:38:27.0147 3568 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

10:38:27.0147 3568 scfilter - ok

10:38:27.0288 3568 [ 3E8B0C453E25613A1F59762A5C42AA75 ] Schedule C:\Windows\system32\schedsvc.dll

10:38:27.0288 3568 Schedule - ok

10:38:27.0334 3568 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll

10:38:27.0334 3568 SCPolicySvc - ok

10:38:27.0350 3568 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll

10:38:27.0366 3568 SDRSVC - ok

10:38:27.0413 3568 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

10:38:27.0413 3568 secdrv - ok

10:38:27.0428 3568 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll

10:38:27.0428 3568 seclogon - ok

10:38:27.0459 3568 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll

10:38:27.0459 3568 SENS - ok

10:38:27.0506 3568 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll

10:38:27.0522 3568 SensrSvc - ok

10:38:27.0538 3568 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

10:38:27.0538 3568 Serenum - ok

10:38:27.0553 3568 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys

10:38:27.0553 3568 Serial - ok

10:38:27.0569 3568 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

10:38:27.0569 3568 sermouse - ok

10:38:27.0616 3568 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll

10:38:27.0631 3568 SessionEnv - ok

10:38:27.0647 3568 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys

10:38:27.0647 3568 sffdisk - ok

10:38:27.0663 3568 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys

10:38:27.0678 3568 sffp_mmc - ok

10:38:27.0694 3568 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys

10:38:27.0694 3568 sffp_sd - ok

10:38:27.0709 3568 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

10:38:27.0725 3568 sfloppy - ok

10:38:27.0756 3568 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll

10:38:27.0788 3568 SharedAccess - ok

10:38:27.0881 3568 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

10:38:27.0881 3568 ShellHWDetection - ok

10:38:27.0913 3568 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys

10:38:27.0913 3568 sisagp - ok

10:38:27.0944 3568 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

10:38:27.0944 3568 SiSRaid2 - ok

10:38:27.0959 3568 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

10:38:27.0959 3568 SiSRaid4 - ok

10:38:27.0991 3568 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys

10:38:27.0991 3568 Smb - ok

10:38:28.0022 3568 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

10:38:28.0022 3568 SNMPTRAP - ok

10:38:28.0053 3568 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys

10:38:28.0053 3568 spldr - ok

10:38:28.0084 3568 [ 49B6DD6AB3715B7A67965F17194E98A9 ] Spooler C:\Windows\System32\spoolsv.exe

10:38:28.0084 3568 Spooler - ok

10:38:28.0459 3568 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe

10:38:28.0522 3568 sppsvc - ok

10:38:28.0569 3568 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll

10:38:28.0584 3568 sppuinotify - ok

10:38:28.0631 3568 [ 2BA4EBC7DFBA845A1EDBE1F75913BE33 ] srv C:\Windows\system32\DRIVERS\srv.sys

10:38:28.0631 3568 srv - ok

10:38:28.0663 3568 [ DCE7E10FEAABD4CAE95948B3DE5340BB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

10:38:28.0678 3568 srv2 - ok

10:38:28.0694 3568 [ B5665BAA2120B8A54E22E9CD07C05106 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

10:38:28.0694 3568 srvnet - ok

10:38:28.0756 3568 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

10:38:28.0756 3568 SSDPSRV - ok

10:38:28.0772 3568 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll

10:38:28.0788 3568 SstpSvc - ok

10:38:28.0803 3568 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

10:38:28.0803 3568 stexstor - ok

10:38:28.0866 3568 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll

10:38:28.0866 3568 StiSvc - ok

10:38:28.0913 3568 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys

10:38:28.0913 3568 storflt - ok

10:38:28.0928 3568 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys

10:38:28.0944 3568 storvsc - ok

10:38:28.0975 3568 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

10:38:28.0975 3568 swenum - ok

10:38:29.0053 3568 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll

10:38:29.0053 3568 swprv - ok

10:38:29.0131 3568 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll

10:38:29.0131 3568 SysMain - ok

10:38:29.0209 3568 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll

10:38:29.0225 3568 TabletInputService - ok

10:38:29.0272 3568 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll

10:38:29.0288 3568 TapiSrv - ok

10:38:29.0334 3568 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll

10:38:29.0334 3568 TBS - ok

10:38:29.0538 3568 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

10:38:29.0553 3568 Tcpip - ok

10:38:29.0678 3568 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

10:38:29.0678 3568 TCPIP6 - ok

10:38:29.0741 3568 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

10:38:29.0741 3568 tcpipreg - ok

10:38:29.0803 3568 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

10:38:29.0803 3568 TDPIPE - ok

10:38:29.0834 3568 [ 7551E91EA999EE9A8E9C331D5A9C31F3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

10:38:29.0834 3568 TDTCP - ok

10:38:29.0866 3568 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

10:38:29.0866 3568 tdx - ok

10:38:30.0381 3568 [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

10:38:30.0413 3568 TeamViewer8 - ok

10:38:30.0475 3568 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

10:38:30.0475 3568 TermDD - ok

10:38:30.0569 3568 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll

10:38:30.0616 3568 TermService - ok

10:38:30.0631 3568 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll

10:38:30.0631 3568 Themes - ok

10:38:30.0663 3568 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll

10:38:30.0663 3568 THREADORDER - ok

10:38:30.0772 3568 [ 3C47A2841BB479201CB356285BC2B18E ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

10:38:30.0772 3568 TOSHIBA Bluetooth Service - ok

10:38:30.0819 3568 [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys

10:38:30.0819 3568 tosporte - ok

10:38:30.0881 3568 [ 360F19E411F0B94BDCC59E670C979392 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys

10:38:30.0881 3568 tosrfbd - ok

10:38:30.0913 3568 [ 74392BAB3F0D4810DA8436EC79D6955D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys

10:38:30.0913 3568 tosrfbnp - ok

10:38:30.0991 3568 [ 1AD9EB1B5ABD0AEEE4084C8153476F1E ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys

10:38:30.0991 3568 Tosrfcom - ok

10:38:31.0006 3568 [ A72A3473180F378CC07D342803FFD580 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys

10:38:31.0006 3568 Tosrfhid - ok

10:38:31.0038 3568 [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys

10:38:31.0038 3568 tosrfnds - ok

10:38:31.0084 3568 [ A929F2310C11EE32E8B6C2E9162C5BAA ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys

10:38:31.0084 3568 TosRfSnd - ok

10:38:31.0178 3568 [ 1734A114593150A2D2C2876B99151B2C ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys

10:38:31.0178 3568 Tosrfusb - ok

10:38:31.0209 3568 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll

10:38:31.0209 3568 TrkWks - ok

10:38:31.0334 3568 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

10:38:31.0350 3568 TrustedInstaller - ok

10:38:31.0397 3568 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

10:38:31.0397 3568 tssecsrv - ok

10:38:31.0413 3568 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

10:38:31.0413 3568 tunnel - ok

10:38:31.0459 3568 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

10:38:31.0475 3568 uagp35 - ok

10:38:31.0506 3568 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys

10:38:31.0506 3568 udfs - ok

10:38:31.0584 3568 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

10:38:31.0600 3568 UI0Detect - ok

10:38:31.0616 3568 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys

10:38:31.0616 3568 uliagpkx - ok

10:38:31.0631 3568 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys

10:38:31.0631 3568 umbus - ok

10:38:31.0647 3568 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

10:38:31.0663 3568 UmPass - ok

10:38:31.0709 3568 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll

10:38:31.0709 3568 UmRdpService - ok

10:38:31.0772 3568 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll

10:38:31.0788 3568 upnphost - ok

10:38:31.0819 3568 usbbus - ok

10:38:31.0850 3568 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

10:38:31.0866 3568 usbccgp - ok

10:38:31.0897 3568 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys

10:38:31.0913 3568 usbcir - ok

10:38:31.0913 3568 UsbDiag - ok

10:38:31.0944 3568 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

10:38:31.0959 3568 usbehci - ok

10:38:32.0006 3568 [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

10:38:32.0006 3568 usbhub - ok

10:38:32.0038 3568 USBModem - ok

10:38:32.0069 3568 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

10:38:32.0069 3568 usbohci - ok

10:38:32.0100 3568 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

10:38:32.0100 3568 usbprint - ok

10:38:32.0131 3568 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

10:38:32.0131 3568 usbscan - ok

10:38:32.0147 3568 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:38:32.0147 3568 USBSTOR - ok

10:38:32.0178 3568 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

10:38:32.0178 3568 usbuhci - ok

10:38:32.0225 3568 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys

10:38:32.0225 3568 usb_rndisx - ok

10:38:32.0256 3568 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll

10:38:32.0256 3568 UxSms - ok

10:38:32.0272 3568 [ F42309C4191C506B71DB5D1126D26318 ] VaultSvc C:\Windows\system32\lsass.exe

10:38:32.0272 3568 VaultSvc - ok

10:38:32.0303 3568 VComm - ok

10:38:32.0319 3568 VcommMgr - ok

10:38:32.0350 3568 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys

10:38:32.0350 3568 vdrvroot - ok

10:38:32.0381 3568 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe

10:38:32.0397 3568 vds - ok

10:38:32.0444 3568 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

10:38:32.0459 3568 vga - ok

10:38:32.0475 3568 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys

10:38:32.0475 3568 VgaSave - ok

10:38:32.0506 3568 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys

10:38:32.0522 3568 vhdmp - ok

10:38:32.0538 3568 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys

10:38:32.0553 3568 viaagp - ok

10:38:32.0584 3568 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys

10:38:32.0584 3568 ViaC7 - ok

10:38:32.0600 3568 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys

10:38:32.0600 3568 viaide - ok

10:38:32.0663 3568 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys

10:38:32.0663 3568 vmbus - ok

10:38:32.0709 3568 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys

10:38:32.0725 3568 VMBusHID - ok

10:38:32.0756 3568 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys

10:38:32.0756 3568 volmgr - ok

10:38:32.0788 3568 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

10:38:32.0788 3568 volmgrx - ok

10:38:32.0819 3568 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys

10:38:32.0819 3568 volsnap - ok

10:38:32.0850 3568 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

10:38:32.0850 3568 vsmraid - ok

10:38:33.0053 3568 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe

10:38:33.0100 3568 VSS - ok

10:38:33.0178 3568 [ 682FCF7D2EB5158CD30408E976562408 ] VSTHWBS2 C:\Windows\system32\DRIVERS\VSTBS23.SYS

10:38:33.0194 3568 VSTHWBS2 - ok

10:38:33.0225 3568 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] VST_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS

10:38:33.0272 3568 VST_DPV - ok

10:38:33.0288 3568 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

10:38:33.0288 3568 vwifibus - ok

10:38:33.0350 3568 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll

10:38:33.0366 3568 W32Time - ok

10:38:33.0428 3568 [ 2D5C631ED40E562C04B3A83197794B59 ] waclient C:\Windows\system32\drivers\waclient.sys

10:38:33.0428 3568 waclient - ok

10:38:33.0491 3568 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

10:38:33.0491 3568 WacomPen - ok

10:38:33.0506 3568 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

10:38:33.0522 3568 WANARP - ok

10:38:33.0522 3568 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

10:38:33.0538 3568 Wanarpv6 - ok

10:38:33.0600 3568 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

10:38:33.0647 3568 WatAdminSvc - ok

10:38:33.0725 3568 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe

10:38:33.0756 3568 wbengine - ok

10:38:33.0788 3568 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

10:38:33.0788 3568 WbioSrvc - ok

10:38:33.0834 3568 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll

10:38:33.0850 3568 WcesComm - ok

10:38:33.0881 3568 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll

10:38:33.0897 3568 wcncsvc - ok

10:38:33.0913 3568 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

10:38:33.0928 3568 WcsPlugInService - ok

10:38:33.0928 3568 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys

10:38:33.0944 3568 Wd - ok

10:38:33.0975 3568 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

10:38:33.0975 3568 Wdf01000 - ok

10:38:34.0006 3568 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll

10:38:34.0022 3568 WdiServiceHost - ok

10:38:34.0038 3568 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll

10:38:34.0038 3568 WdiSystemHost - ok

10:38:34.0084 3568 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll

10:38:34.0100 3568 WebClient - ok

10:38:34.0131 3568 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll

10:38:34.0131 3568 Wecsvc - ok

10:38:34.0147 3568 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll

10:38:34.0147 3568 wercplsupport - ok

10:38:34.0194 3568 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll

10:38:34.0209 3568 WerSvc - ok

10:38:34.0225 3568 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

10:38:34.0225 3568 WfpLwf - ok

10:38:34.0272 3568 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys

10:38:34.0272 3568 WIMMount - ok

10:38:34.0303 3568 [ BC0C7EA89194C299F051C24119000E17 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS

10:38:34.0334 3568 winachsf - ok

10:38:34.0506 3568 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

10:38:34.0522 3568 WinDefend - ok

10:38:34.0553 3568 WinHttpAutoProxySvc - ok

10:38:34.0772 3568 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

10:38:34.0788 3568 Winmgmt - ok

10:38:34.0881 3568 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll

10:38:34.0944 3568 WinRM - ok

10:38:35.0022 3568 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

10:38:35.0022 3568 WinUsb - ok

10:38:35.0147 3568 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll

10:38:35.0163 3568 Wlansvc - ok

10:38:35.0194 3568 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

10:38:35.0209 3568 WmiAcpi - ok

10:38:35.0288 3568 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

10:38:35.0303 3568 wmiApSrv - ok

10:38:35.0413 3568 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

10:38:35.0459 3568 WMPNetworkSvc - ok

10:38:35.0475 3568 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll

10:38:35.0475 3568 WPCSvc - ok

10:38:35.0506 3568 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

10:38:35.0506 3568 WPDBusEnum - ok

10:38:35.0538 3568 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

10:38:35.0538 3568 ws2ifsl - ok

10:38:35.0569 3568 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll

10:38:35.0569 3568 wscsvc - ok

10:38:35.0584 3568 WSearch - ok

10:38:35.0834 3568 [ A33408CC036F9C08142B11BE5E93F0A1 ] wuauserv C:\Windows\system32\wuaueng.dll

10:38:35.0881 3568 wuauserv - ok

10:38:35.0897 3568 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

10:38:35.0897 3568 WudfPf - ok

10:38:35.0928 3568 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

10:38:35.0928 3568 WUDFRd - ok

10:38:35.0959 3568 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

10:38:35.0975 3568 wudfsvc - ok

10:38:36.0038 3568 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll

10:38:36.0038 3568 WwanSvc - ok

10:38:36.0256 3568 ================ Scan global ===============================

10:38:36.0288 3568 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll

10:38:36.0334 3568 [ 827E4F75901CA3F990B1487D3301841E ] C:\Windows\system32\winsrv.dll

10:38:36.0366 3568 [ 827E4F75901CA3F990B1487D3301841E ] C:\Windows\system32\winsrv.dll

10:38:36.0428 3568 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll

10:38:36.0506 3568 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe

10:38:36.0522 3568 [Global] - ok

10:38:36.0522 3568 ================ Scan MBR ==================================

10:38:36.0553 3568 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

10:38:39.0256 3568 \Device\Harddisk0\DR0 - ok

10:38:39.0256 3568 ================ Scan VBR ==================================

10:38:39.0288 3568 [ 5785810AA3C37F2A86E922D1372A7C2F ] \Device\Harddisk0\DR0\Partition1

10:38:39.0319 3568 \Device\Harddisk0\DR0\Partition1 - ok

10:38:39.0334 3568 [ AF9C4C33873142E15AB6A4E07286221E ] \Device\Harddisk0\DR0\Partition2

10:38:39.0350 3568 \Device\Harddisk0\DR0\Partition2 - ok

10:38:39.0381 3568 [ 7FC2EEF823CFE9205D0B53305CC9597F ] \Device\Harddisk0\DR0\Partition3

10:38:39.0413 3568 \Device\Harddisk0\DR0\Partition3 - ok

10:38:39.0444 3568 [ 1BE6D9AF41C3AB4ACB76CA2022461C49 ] \Device\Harddisk0\DR0\Partition4

10:38:39.0475 3568 \Device\Harddisk0\DR0\Partition4 - ok

10:38:39.0475 3568 ============================================================

10:38:39.0475 3568 Scan finished

10:38:39.0475 3568 ============================================================

10:38:39.0491 4092 Detected object count: 0

10:38:39.0491 4092 Actual detected object count: 0

10:38:56.0413 2692 Deinitialize success

scooby_pav · May 12, 2013

The Rougekiller Log

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7600 ) 32 bits version

Started in : Normal mode

User : SINGH [Admin rights]

Mode : Scan -- Date : 05/12/2013 10:41:13

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 12 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{5BFA5A6A-87F4-4724-9A5C-7A49B336CE09} : NameServer (208.67.222.222 218.248.240.179) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{733FC33C-A943-4ABE-8198-71243DDAEF5A} : NameServer (208.67.222.222 218.248.240.179) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{93827D3A-84FA-46F4-B66C-F1F0BC7B892D} : NameServer (208.67.222.222 218.248.240.179) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{9CEF6438-A325-4881-9637-83CD2B273E4D} : NameServer (202.56.240.5 202.56.230.6) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{BF72F5BC-43CB-4223-A094-AB5009613F76} : NameServer (202.56.240.5 202.56.230.6) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{5BFA5A6A-87F4-4724-9A5C-7A49B336CE09} : NameServer (208.67.222.222 218.248.240.179) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{733FC33C-A943-4ABE-8198-71243DDAEF5A} : NameServer (208.67.222.222 218.248.240.179) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{93827D3A-84FA-46F4-B66C-F1F0BC7B892D} : NameServer (208.67.222.222 218.248.240.179) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{9CEF6438-A325-4881-9637-83CD2B273E4D} : NameServer (202.56.240.5 202.56.230.6) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{BF72F5BC-43CB-4223-A094-AB5009613F76} : NameServer (202.56.240.5 202.56.230.6) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2000JS-60NCB1 ATA Device +++++

--- User ---

[MBR] 775f84121267289523fde6b8baeab7e1

[bSP] 275555be813a0a905d79d24cf031890a : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 93432 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 191350784 | Size: 50931 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 295657472 | Size: 39999 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 377575424 | Size: 6417 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_05122013_02d1041.txt >>

RKreport[1]_S_05122013_02d1041.txt

Maurice Naggar · May 12, 2013

Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Please disconnect any USB or external storage drives from the computer before you run this scan!
Right-Click RogueKiller and select Run as Administrator.
Wait until Prescan finishes.
Click on DNSFix. Click on Report and copy/paste the content of the notepad
The log will be found as RKreport
Copy & Paste the contents into next reply.

scooby_pav · May 13, 2013

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7600 ) 32 bits version

Started in : Normal mode

User : SINGH [Admin rights]

Mode : DNSFix -- Date : 05/13/2013 16:17:20

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{5BFA5A6A-87F4-4724-9A5C-7A49B336CE09} : NameServer (208.67.222.222 218.248.240.179) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{733FC33C-A943-4ABE-8198-71243DDAEF5A} : NameServer (208.67.222.222 218.248.240.179) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{93827D3A-84FA-46F4-B66C-F1F0BC7B892D} : NameServer (208.67.222.222 218.248.240.179) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{9CEF6438-A325-4881-9637-83CD2B273E4D} : NameServer (202.56.240.5 202.56.230.6) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{BF72F5BC-43CB-4223-A094-AB5009613F76} : NameServer (202.56.240.5 202.56.230.6) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{5BFA5A6A-87F4-4724-9A5C-7A49B336CE09} : NameServer (208.67.222.222 218.248.240.179) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{733FC33C-A943-4ABE-8198-71243DDAEF5A} : NameServer (208.67.222.222 218.248.240.179) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{93827D3A-84FA-46F4-B66C-F1F0BC7B892D} : NameServer (208.67.222.222 218.248.240.179) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{9CEF6438-A325-4881-9637-83CD2B273E4D} : NameServer (202.56.240.5 202.56.230.6) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{BF72F5BC-43CB-4223-A094-AB5009613F76} : NameServer (202.56.240.5 202.56.230.6) -> REPLACED ()

¤¤¤ Driver : [LOADED] ¤¤¤

Finished : << RKreport[2]_DN_05132013_02d1617.txt >>

RKreport[1]_S_05132013_02d1614.txt ; RKreport[2]_DN_05132013_02d1617.txt

Maurice Naggar · May 13, 2013

Continue forward with the following, doing as much as possible.

You will want to print out or copy these instructions to Notepad for offline reference!

These steps are for member Scooby only. If you are a casual viewer, do NOT try this on your system!

If you are not Scooby and have a similar problem, do NOT post here; start your own topic

Do not run or start any other programs while these utilities and tools are in use!

Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

Task 1

Close any open work documents, if any, saving your work.

Make sure to close any other programs that you started before.

Please download Junkware Removal Tool by Thisisu to your Desktop.

Please close your security software to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or 7 or 8, right-mouse click JRT.exe and select Run as administrator.
The tool will open and display information and disclaimer in a Command prompt window.
I'd suggest you close all internet browsers at this point.
Press a key on keyboard to start scanning your system.
Please be very patient as this will take several minutes to complete, depending on your system's specifications.
There are approximatly 12 phases or so in this tool. You will see each phase listed in the Command prompt window.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open. And the command prompt will have been closed.
Please post the contents of JRT.txt into a new reply.
Re-enable your security software.

Task 2

Close any open documents/programs & all internet browsers you have running.
Please start AdwCleaner
Click on Delete button.
Confirm each time with OK.
Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
Note: You can find the logfile at C:\AdwCleaner[s1]

Task 3

If you have a prior copy of Combofix, delete it now

Download Combofix from any of the links below, and SAVE it to your Desktop.

Link 1

Link 2

**Note: It is important that it is saved directly to your Desktop and not run straight away from download **

Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system

Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

Right- click on Combo-Fix.exe on your Desktop and select "Run as Administrator".

A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix.
When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

A file will be created at => C:\Combofix.txt.

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh :excl:

Reply & Copy & Paste contents of the C:\Combofix.txt log and tell me, How is the system now ?

Re-enable your antivirus program.

scooby_pav · May 14, 2013

I did everything as said and it went flawlessly..here are the logs

JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows 7 Ultimate x86

Ran by SINGH on Tue 05/14/2013 at 8:16:48.84

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\free download manager

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\SINGH\AppData\Roaming\mozilla\firefox\profiles\akpsz4o6.default\minidumps [265 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 05/14/2013 at 8:18:58.52

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

scooby_pav · May 14, 2013

ADW Cleaner

# AdwCleaner v2.300 - Logfile created 05/14/2013 at 08:19:52

# Updated 28/04/2013 by Xplode

# Operating system : Windows 7 Ultimate (32 bits)

# User : SINGH - SINGH-PC

# Boot Mode : Normal

# Running from : C:\Users\SINGH\Downloads\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\Software

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0 (en-US)

File : C:\Users\SINGH\AppData\Roaming\Mozilla\Firefox\Profiles\akpsz4o6.default\prefs.js

Deleted : user_pref("extensions.DivXWebPlayer@divx.com.install-event-fired", true);

-\\ Google Chrome v26.0.1410.64

File : C:\Users\SINGH\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.10.1615.0

File : C:\Users\SINGH\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1403 octets] - [12/05/2013 10:37:02]

AdwCleaner[s1].txt - [1344 octets] - [14/05/2013 08:19:52]

########## EOF - C:\AdwCleaner[s1].txt - [1404 octets] ##########

scooby_pav · May 14, 2013

COMBO FIX LOG

ComboFix 13-05-13.01 - SINGH 05/14/2013 8:28.1.2 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3007.1923 [GMT 5.5:30]

Running from: c:\users\SINGH\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\SETE5A9.tmp

.

Infected copy of c:\windows\system32\comres.dll was found and disinfected

Restored copy from - c:\combofix\HarddiskVolumeShadowCopy1_!Windows!System32!comres.dll

.

((((((((((((((((((((((((( Files Created from 2013-04-14 to 2013-05-14 )))))))))))))))))))))))))))))))

.

2013-05-14 03:21 . 2013-05-14 03:26 -------- d-----w- c:\users\SINGH\AppData\Local\temp

2013-05-14 03:21 . 2013-05-14 03:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-05-14 03:21 . 2013-05-14 03:21 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-14 02:46 . 2013-05-14 02:46 -------- d-----w- c:\windows\ERUNT

2013-05-14 02:46 . 2013-05-14 02:46 -------- d-----w- C:\JRT

2013-05-12 05:04 . 2013-05-12 05:04 -------- d-----w- c:\program files\ERUNT

2013-05-11 00:29 . 2013-05-11 00:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-05-11 00:29 . 2013-04-04 09:20 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-05-04 07:28 . 2013-05-14 02:25 -------- d-----w- C:\TC

2013-05-01 08:16 . 2013-05-01 08:16 -------- d-----w- c:\program files\Common Files\Java

2013-05-01 08:15 . 2013-05-01 08:15 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-05-01 08:15 . 2013-05-01 08:15 -------- d-----w- c:\program files\Java

2013-05-01 07:56 . 2013-05-11 00:02 -------- d-----w- c:\program files\Yahoo!

2013-04-26 10:05 . 2013-04-26 10:05 -------- d-----w- c:\program files\DOSBox-0.74

2013-04-25 20:14 . 2013-05-05 18:33 -------- d-----w- c:\users\SINGH\AppData\Local\NFS Underground 2

2013-04-25 02:39 . 2013-04-25 02:39 -------- d-----w- c:\users\SINGH\AppData\Local\DOSBox

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-01 08:15 . 2012-05-18 03:33 866720 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-05-01 08:15 . 2011-09-21 14:03 788896 ----a-w- c:\windows\system32\deployJava1.dll

2012-10-01 21:12 . 2012-10-01 21:12 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\SINGH\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\SINGH\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\SINGH\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-30 9914984]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"LaunchHPOSIAPP"="c:\program files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]

"KBD"="c:\program files\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]

"AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2011-01-21 490656]

"AthBtTray"="c:\program files\Bluetooth Suite\AthBtTray.exe" [2011-01-21 302240]

"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2010-2-25 2721120]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]

R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]

R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]

R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]

R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]

R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]

R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]

R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]

R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]

R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files\MSI\Live Update 5\msibios32_100507.sys [x]

R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [x]

R3 PAC207;CIF USB Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [x]

S2 ANSYS, Inc. License Manager;ANSYS, Inc. License Manager;c:\program files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe [x]

S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [x]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]

S2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe [x]

S2 msikbd;msikbd; [x]

S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]

S2 waclient;Portwise Access Client Driver;c:\windows\system32\drivers\waclient.sys [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]

S3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]

S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [x]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.

Contents of the 'Scheduled Tasks' folder

.

2013-05-14 c:\windows\Tasks\GlaryInitialize.job

- c:\program files\Glary Utilities\initialize.exe [2011-08-18 15:25]

.

2013-05-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1331459198-1390368401-315507966-1000Core.job

- c:\users\SINGH\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-27 04:35]

.

2013-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1331459198-1390368401-315507966-1000UA.job

- c:\users\SINGH\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-27 04:35]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm

IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm

IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm

IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

TCP: Interfaces\{0A26153E-3653-4953-8B92-9743F2850471}: NameServer = 4.2.2.2

TCP: Interfaces\{29D78945-9EAF-4CFC-BC88-DC27E8CE03C8}: NameServer = 208.67.222.222 208.67.220.220

TCP: Interfaces\{4D8814F7-493F-427C-9957-B2B8926E5FA4}: NameServer = 208.67.222.222 208.67.220.220

TCP: Interfaces\{6237C7F2-99BE-4613-84FC-7EE41D412C64}: NameServer = 208.67.222.222 208.67.220.220

DPF: {3195CF7C-E9E2-49B2-8B61-14F285298E1C} - hxxps://ho.hclinsys.com/wa/AccessClientLoader.cab

FF - ProfilePath - c:\users\SINGH\AppData\Roaming\Mozilla\Firefox\Profiles\akpsz4o6.default\

.

------- File Associations -------

.

.scr=AutoCADScriptFile

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)