Jump to content

Cannot run Malwarebytes, Excel will not work, Explorer errors


Recommended Posts

Excel went first it will open but if i go to an old file it shuts itself down

Explorer says it has an error and shuts its self down and restarts have to use task manger to kill it

Malwarebytes loads to the screen that runs or updates...... doing either one gets this

Runtime error .-2147417848 (20010108)':

The object invoked has disconnected from Its client

chameleon generates the same runtime error its always the same one

Outlook just had me disable a addin to let it work

Avast loaded and found a virus in and old file on my backup drive and removed it but it cant get into password protected archives

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 1/22/2011 9:38:29 AM

System Uptime: 5/28/2013 11:28:19 AM (6 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | M4A78T-E

Processor: AMD Phenom™ II X6 1090T Processor | AM3 | 3210/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 431.387 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 932 GiB total, 907.196 GiB free.

F: is FIXED (NTFS) - 1863 GiB total, 1358.268 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}

Description: High Definition Audio Device

Device ID: HDAUDIO\FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043836C&REV_1000\4&29529F32&0&0001

Manufacturer: Microsoft

Name: High Definition Audio Device

PNP Device ID: HDAUDIO\FUNC_01&VEN_1106&DEV_0397&SUBSYS_1043836C&REV_1000\4&29529F32&0&0001

Service: HdAudAddService

.

Class GUID: {4d36e96e-e325-11ce-bfc1-08002be10318}

Description: Acer AL2223W

Device ID: DISPLAY\ACRAD84\5&1322FDA8&0&UID2097424

Manufacturer: Acer

Name: Acer AL2223W

PNP Device ID: DISPLAY\ACRAD84\5&1322FDA8&0&UID2097424

Service: monitor

.

Class GUID: {4d36e96e-e325-11ce-bfc1-08002be10318}

Description: Acer AL2223W

Device ID: DISPLAY\ACRAD84\5&1322FDA8&0&UID2097425

Manufacturer: Acer

Name: Acer AL2223W

PNP Device ID: DISPLAY\ACRAD84\5&1322FDA8&0&UID2097425

Service: monitor

.

==== System Restore Points ===================

.

RP329: 5/12/2013 6:52:23 AM - Windows Update

RP330: 5/15/2013 5:36:28 PM - Windows Update

RP331: 5/18/2013 8:16:12 PM - Windows Update

RP332: 5/19/2013 8:04:26 PM - Installed Dragon NaturallySpeaking 11.5 Upgrade.

RP333: 5/22/2013 4:58:49 PM - Windows Update

RP334: 5/25/2013 5:51:25 PM - Windows Update

RP335: 5/27/2013 7:23:55 PM - Restore Operation

RP336: 5/27/2013 8:56:01 PM - Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

RP337: 5/27/2013 8:58:19 PM - Installed OpenOffice.org 3.4.1

RP338: 5/27/2013 9:10:19 PM - avast! Free Antivirus Setup

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

112dB Redline Monitor v1.0.4

64 Bit HP CIO Components Installer

ABBYY FineReader 9.0 Sprint

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.02)

Adobe Shockwave Player 11.6

Apple Application Support

Apple Mobile Device Support

Apple Software Update

avast! Free Antivirus

Avid Studio

Avid Studio Bonus Content

Avid Studio Plugins

Belarc Advisor 8.1

Bonjour

BurnAware Free 4.1

CANON iMAGE GATEWAY Task for ZoomBrowser EX

Canon Internet Library for ZoomBrowser EX

Canon Utilities CameraWindow

Canon Utilities CameraWindow DC 8

Canon Utilities MyCamera

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

CD Click i-Studio

DraftSight

Dragon NaturallySpeaking 11

EPSON Artisan 830 Series Printer Uninstall

Epson CreativeZone

Epson Easy Photo Print 2

Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)

Epson Easy Photo Print Plug-in for Windows Live Photo Gallery

Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup

Epson Event Manager

Epson FAX Utility

Epson PC-FAX Driver

Epson Print CD

EPSON Scan

EpsonNet Print

EpsonNet Setup 3.3

EZdrummer

EZDrummer 64-bit

EZkeys Grand Piano 64

EZkeys Player 64-bit

EZXCocktail

FlipShare

FreeRIP v3.6

Futuremark SystemInfo

GEAR driver installer for x86 and x64

Google Chrome

Google Earth

Google Update Helper

ImageMixer 3 SE Ver.6 Transfer Utility

ImageMixer 3 SE Ver.6 Video Tools

iTunes

Java 7 Update 21

Java Auto Updater

Knoll Light Factory EZ Studio

Logitech Gaming Software 7.00

Lotus NotesSQL 3.01 driver

Lotus SmartSuite - English

Magic Bullet Looks Studio

MAGIX Xtreme Print Studio 5.0.0.7399 (US)

Malwarebytes Anti-Malware version 1.75.0.1300

MasterWriter 2.0

Melodyne Runtime 4.1 (x64)

Melodyne singletrack

Memeo Instant Backup

Microsoft .NET Framework 4 Client Profile

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MixMeister BPM Analyzer 1.0

Mozilla Firefox 21.0 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Native Instruments Abbey Road 60s Drums Vintage

Native Instruments Guitar Rig 3

Native Instruments Guitar Rig 4

Native Instruments Komplete Elements

Native Instruments Kontakt 4

Native Instruments Kontakt Elements Selection R2

Native Instruments Reaktor 5

Native Instruments Reaktor Elements Selection

Native Instruments Reaktor Spark R2

Native Instruments Service Center

NVIDIA 3D Vision Controller Driver 307.83

NVIDIA Control Panel 307.83

NVIDIA Display Control Panel

NVIDIA Graphics Driver 307.83

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.0604

NVIDIA Update 1.10.8

NVIDIA Update Components

On-Screen Takeoff

OpenOffice.org 3.4.1

PDF reDirect (remove only)

PDFill PDF Editor with FREE Writer and FREE Tools

Pinnacle Creative Pack Volume 1

Pinnacle Video Driver

PreSonus FaderPort

PreSonus Studio One 2 x64

PreSonus Studio One x64

PreSonus Universal Control 3.5.2.8028

PVSonyDll

QuickTime

Red Giant ToonIt Studio

Room EQ Wizard V5

SAMSUNG USB Driver for Mobile Phones

ScoreFitter Volume 1

ScoreFitter Volume 2

Seagate Dashboard

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Sony DVD Architect Studio 4.5

Sony Vegas Movie Studio 8.0

Speccy

SpeedFan (remove only)

SUPERAntiSpyware

Superior Drummer 64-bit

Superior Drummer Installer

SureThing Express Labeler

swMSM

Toontrack solo

Toontrack solo 64 bit

Trapcode 3DStroke Studio

Trapcode Particular Studio

Trapcode Shine Studio

TurboTax 2010

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wrapper

TurboTax 2011

TurboTax 2011 WinPerFedFormset

TurboTax 2011 WinPerReleaseEngine

TurboTax 2011 WinPerTaxSupport

TurboTax 2011 wrapper

TurboTax 2012

TurboTax 2012 WinPerFedFormset

TurboTax 2012 WinPerReleaseEngine

TurboTax 2012 WinPerTaxSupport

TurboTax 2012 wrapper

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Verizon V CAST Media Manager

Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)

VLC media player 2.0.5

.

==== Event Viewer Messages From Past Week ========

.

5/28/2013 11:37:35 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

5/28/2013 11:37:35 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.

5/28/2013 11:35:03 AM, Error: Microsoft-Windows-Eventlog [23] - The event logging service encountered an error (res=23) while initializing logging resources for channel Microsoft-Windows-Resource-Exhaustion-Detector/Operational.

5/28/2013 11:33:52 AM, Error: Service Control Manager [7000] - The PMEM service failed to start due to the following error: This driver has been blocked from loading

5/28/2013 11:33:52 AM, Error: Application Popup [1060] - \??\C:\Windows\SysWOW64\drivers\pmemnt.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

5/27/2013 9:34:45 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.21.2

Run by Mitch Tiffin at 17:36:00 on 2013-05-28

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16382.13389 [GMT -5:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Logitech Gaming Software\LCore.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\System32\spool\drivers\x64\3\E_IATIGXA.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe

C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe

C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDRSS.exe

C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDClock.exe

C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDCountdown.exe

C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x64\LCDPop3.exe

C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe

C:\Program Files (x86)\Memeo\AutoBackup\MemeoUpdater.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe

C:\Windows\system32\taskmgr.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\wuauclt.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files (x86)\MasterWriter 2.0\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [Artisan 830(Network)] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGXA.EXE /FU "C:\Windows\TEMP\E_S1CCC.tmp" /EF "HKCU"

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui

mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui

mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRunOnce: [1] C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe /r /p

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

StartupFolder: C:\Users\MITCHT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOTUSO~1.LNK - E:\lotus\organize\easyclip.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOTUSQ~1.LNK - E:\lotus\wordpro\ltsstart.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOTUSS~2.LNK - E:\lotus\smartctr\smartctr.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOTUSS~1.LNK - E:\lotus\smartctr\suitest.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://ec2-174-129-18-125.compute-1.amazonaws.com/intel-systeminfo-api/receivers/FMSI.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : NameServer = 68.94.156.1,68.94.157.1

TCP: Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : DHCPNameServer = 192.168.1.254

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [Launch LCore] "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-IE: {ED93D107-B43A-490e-AA5C-C5578BAAF479} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe

x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/webhp?hl=en

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll

FF - ExtSQL: 2019-09-25 22:40; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; C:\Users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-5-27 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-5-27 189936]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-5-27 1025808]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-5-27 378432]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-5-27 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-5-27 80816]

.

=============== Created Last 30 ================

.

2013-05-28 02:11:14 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-05-28 02:11:13 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-05-28 02:11:13 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-05-28 02:11:11 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-05-28 02:11:04 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-05-28 02:10:38 41664 ----a-w- C:\Windows\avastSS.scr

2013-05-28 02:10:26 -------- d-----w- C:\Program Files\AVAST Software

2013-05-28 02:09:47 -------- d-----w- C:\ProgramData\AVAST Software

2013-05-28 02:00:22 -------- d-----w- C:\Users\Mitch Tiffin\AppData\Roaming\OpenOffice.org

2013-05-28 01:58:33 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3

2013-05-28 00:43:42 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2274A8D2-BE45-4627-8E44-47B98E60CAB1}\mpengine.dll

2013-05-26 22:51:15 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-05-25 01:23:25 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll

.

==================== Find3M ====================

.

2013-05-19 23:40:03 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-19 23:40:03 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-04 19:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-04-04 10:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-14 21:30:57 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2013-03-14 21:30:57 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

.

============= FINISH: 17:36:41.76 ===============

Link to post
Share on other sites

Hello Mtiffin and welcome to MalwareBytes forums.

I will be helping you. Please follow my guidance and do not run tools or fixes nor do changes on your own.

Please confirm for me that you are the owner of this system.

If it is owned by someone else, or if it belongs to a company or an organization, please Stop and tell me that.

As a reminder, please just only Copy & Paste all log contents directly into main-body of reply box.

Use 1 reply per each log as needed. IF you hit some log that is way too huge, then you may attach.

Please do a backup of any documents/personal files that you cannot afford to lose.

Malware cleanups can sometimes be unpredictable. So do a backup to Offline media as a precaution.

I understand that MS Security Essentials is disabled, but, you also have Avast antivirus active, & both are set to auto-start.

Would you tell me How it is that 2 antivirus apps are installed? You should only have 1 installed.

Pick 1 to keep and 1 to remove.

Let me know what you have done. And restart the system fresh.

I'll follow up with starting diagnostics in the next round.

Link to post
Share on other sites

So Avast has been removed.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Press Windows-key +R key on your keyboard to get RUN option.
  • Type in
    explorer.exe

    and press Enter to start Windows Explorer.

  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

Step 4

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 5

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 6

RE-Enable your antivirus program. excl.png

Then copy/paste the following into your post (in order):

  • the contents of C:\AdwCleaner[R1].txt;
  • the contents of TDSSKILLER log;
  • the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

When all here is done, plus whenever we are in between tasks (ie when awaiting a new reply from me).... I will require that you insure that MS Security Essentials real-time protection is back ON.

Link to post
Share on other sites

step 3 rest to follow tonite

# AdwCleaner v2.301 - Logfile created 05/29/2013 at 06:46:07

# Updated 16/05/2013 by Xplode

# Operating system : Windows 7 Professional Service Pack 1 (64 bits)

# User : Mitch Tiffin - MITCHTIFFIN-PC

# Boot Mode : Normal

# Running from : C:\Users\Mitch Tiffin\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKCU\Software\YahooPartnerToolbar

Key Found : HKCU\Software\Zugo

Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Tarma Installer

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\prefs.js

Found : user_pref("extentions.y2layers.installId", "89A330B3-54B1-55C8-4471-577594FC7760");

Found : user_pref("extentions.y2layers.installId_backup", "89A330B3-54B1-55C8-4471-577594FC7760");

-\\ Google Chrome v27.0.1453.94

File : C:\Users\Mitch Tiffin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R2].txt - [2013 octets] - [29/05/2013 06:46:07]

########## EOF - C:\AdwCleaner[R2].txt - [2073 octets] ##########

Link to post
Share on other sites

Do do steps 4 & 5 and post those logs when you finish those.

Then when you get some free time, since this pc has got some adwares, do this:

  • Close any open documents/programs & all internet browsers you have running.
  • Please start AdwCleaner
  • Click on Delete button.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
  • Note: You can find the logfile at C:\AdwCleaner[s1]

Link to post
Share on other sites

ok so i need to pay better attention

i ran the adcleaner before steps 4 and 5

I have an issue with ERUNT it says "Unable to create file registry backup will continue but no restore info for ERDNT will be saved and registry recovery will have to be done manually "

tdss Killer found 3 issues then hung on monitor.sys it never completed

I attached files because they were to big to post

TDSSKiller.2.8.16.0_29.05.2013_20.28.29_log.txt

AdwCleanerR5.txt

Link to post
Share on other sites

# AdwCleaner v2.301 - Logfile created 05/29/2013 at 20:22:06

# Updated 16/05/2013 by Xplode

# Operating system : Windows 7 Professional Service Pack 1 (64 bits)

# User : Mitch Tiffin - MITCHTIFFIN-PC

# Boot Mode : Normal

# Running from : C:\Users\Mitch Tiffin\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.94

File : C:\Users\Mitch Tiffin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R2].txt - [2136 octets] - [29/05/2013 06:46:07]

AdwCleaner[R3].txt - [2563 octets] - [29/05/2013 19:33:13]

AdwCleaner[R5].txt - [962 octets] - [29/05/2013 20:22:06]

AdwCleaner[s1].txt - [2770 octets] - [29/05/2013 19:33:42]

########## EOF - C:\AdwCleaner[R5].txt - [1081 octets] ##########

Link to post
Share on other sites

20:28:29.0695 3684 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

20:28:30.0173 3684 ============================================================

20:28:30.0173 3684 Current date / time: 2013/05/29 20:28:30.0173

20:28:30.0173 3684 SystemInfo:

20:28:30.0173 3684

20:28:30.0173 3684 OS Version: 6.1.7601 ServicePack: 1.0

20:28:30.0173 3684 Product type: Workstation

20:28:30.0173 3684 ComputerName: MITCHTIFFIN-PC

20:28:30.0174 3684 UserName: Mitch Tiffin

20:28:30.0174 3684 Windows directory: C:\Windows

20:28:30.0174 3684 System windows directory: C:\Windows

20:28:30.0174 3684 Running under WOW64

20:28:30.0174 3684 Processor architecture: Intel x64

20:28:30.0174 3684 Number of processors: 6

20:28:30.0174 3684 Page size: 0x1000

20:28:30.0174 3684 Boot type: Normal boot

20:28:30.0174 3684 ============================================================

20:28:31.0534 3684 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:28:31.0534 3684 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:28:31.0538 3684 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

20:28:31.0539 3684 ============================================================

20:28:31.0539 3684 \Device\Harddisk0\DR0:

20:28:31.0539 3684 MBR partitions:

20:28:31.0539 3684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

20:28:31.0539 3684 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800

20:28:31.0540 3684 \Device\Harddisk1\DR1:

20:28:31.0540 3684 MBR partitions:

20:28:31.0540 3684 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74701AC1

20:28:31.0540 3684 \Device\Harddisk2\DR2:

20:28:31.0540 3684 MBR partitions:

20:28:31.0540 3684 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07481

20:28:31.0540 3684 ============================================================

20:28:31.0576 3684 C: <-> \Device\Harddisk0\DR0\Partition2

20:28:31.0577 3684 E: <-> \Device\Harddisk1\DR1\Partition1

20:28:31.0581 3684 F: <-> \Device\Harddisk2\DR2\Partition1

20:28:31.0581 3684 ============================================================

20:28:31.0581 3684 Initialize success

20:28:31.0581 3684 ============================================================

20:28:43.0568 1660 ============================================================

20:28:43.0568 1660 Scan started

20:28:43.0568 1660 Mode: Manual;

20:28:43.0569 1660 ============================================================

20:28:44.0632 1660 ================ Scan system memory ========================

20:28:44.0632 1660 System memory - ok

20:28:44.0632 1660 ================ Scan services =============================

20:28:44.0750 1660 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

20:28:44.0752 1660 !SASCORE - ok

20:28:44.0859 1660 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

20:28:44.0862 1660 1394ohci - ok

20:28:44.0968 1660 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

20:28:44.0976 1660 ABBYY.Licensing.FineReader.Sprint.9.0 - ok

20:28:45.0023 1660 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

20:28:45.0026 1660 ACPI - ok

20:28:45.0062 1660 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

20:28:45.0063 1660 AcpiPmi - ok

20:28:45.0109 1660 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:28:45.0111 1660 AdobeARMservice - ok

20:28:45.0155 1660 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

20:28:45.0160 1660 adp94xx - ok

20:28:45.0167 1660 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

20:28:45.0170 1660 adpahci - ok

20:28:45.0175 1660 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

20:28:45.0178 1660 adpu320 - ok

20:28:45.0198 1660 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

20:28:45.0199 1660 AeLookupSvc - ok

20:28:45.0250 1660 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

20:28:45.0255 1660 AFD - ok

20:28:45.0269 1660 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

20:28:45.0270 1660 agp440 - ok

20:28:45.0284 1660 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

20:28:45.0286 1660 ALG - ok

20:28:45.0295 1660 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

20:28:45.0296 1660 aliide - ok

20:28:45.0303 1660 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

20:28:45.0305 1660 amdide - ok

20:28:45.0308 1660 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

20:28:45.0309 1660 AmdK8 - ok

20:28:45.0326 1660 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

20:28:45.0327 1660 AmdPPM - ok

20:28:45.0364 1660 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

20:28:45.0366 1660 amdsata - ok

20:28:45.0393 1660 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

20:28:45.0395 1660 amdsbs - ok

20:28:45.0406 1660 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

20:28:45.0406 1660 amdxata - ok

20:28:45.0566 1660 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

20:28:45.0638 1660 AppID - ok

20:28:45.0747 1660 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

20:28:45.0827 1660 AppIDSvc - ok

20:28:45.0877 1660 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

20:28:45.0879 1660 Appinfo - ok

20:28:45.0956 1660 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:28:45.0958 1660 Apple Mobile Device - ok

20:28:45.0991 1660 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

20:28:45.0993 1660 AppMgmt - ok

20:28:45.0997 1660 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

20:28:45.0998 1660 arc - ok

20:28:46.0002 1660 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

20:28:46.0003 1660 arcsas - ok

20:28:46.0021 1660 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

20:28:46.0022 1660 AsyncMac - ok

20:28:46.0028 1660 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

20:28:46.0029 1660 atapi - ok

20:28:46.0070 1660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:28:46.0076 1660 AudioEndpointBuilder - ok

20:28:46.0085 1660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

20:28:46.0088 1660 AudioSrv - ok

20:28:46.0142 1660 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

20:28:46.0144 1660 AxInstSV - ok

20:28:46.0170 1660 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

20:28:46.0175 1660 b06bdrv - ok

20:28:46.0181 1660 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

20:28:46.0184 1660 b57nd60a - ok

20:28:46.0207 1660 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

20:28:46.0209 1660 BDESVC - ok

20:28:46.0217 1660 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

20:28:46.0218 1660 Beep - ok

20:28:46.0255 1660 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

20:28:46.0261 1660 BFE - ok

20:28:46.0281 1660 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

20:28:46.0290 1660 BITS - ok

20:28:46.0301 1660 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

20:28:46.0302 1660 blbdrive - ok

20:28:46.0371 1660 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

20:28:46.0375 1660 Bonjour Service - ok

20:28:46.0410 1660 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

20:28:46.0412 1660 bowser - ok

20:28:46.0429 1660 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

20:28:46.0430 1660 BrFiltLo - ok

20:28:46.0447 1660 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

20:28:46.0448 1660 BrFiltUp - ok

20:28:46.0490 1660 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

20:28:46.0492 1660 Browser - ok

20:28:46.0498 1660 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

20:28:46.0501 1660 Brserid - ok

20:28:46.0513 1660 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

20:28:46.0516 1660 BrSerWdm - ok

20:28:46.0526 1660 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

20:28:46.0527 1660 BrUsbMdm - ok

20:28:46.0541 1660 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

20:28:46.0543 1660 BrUsbSer - ok

20:28:46.0546 1660 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

20:28:46.0548 1660 BTHMODEM - ok

20:28:46.0561 1660 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

20:28:46.0563 1660 bthserv - ok

20:28:46.0578 1660 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

20:28:46.0580 1660 cdfs - ok

20:28:46.0620 1660 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

20:28:46.0622 1660 cdrom - ok

20:28:46.0665 1660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

20:28:46.0694 1660 CertPropSvc - ok

20:28:46.0700 1660 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

20:28:46.0701 1660 circlass - ok

20:28:46.0721 1660 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

20:28:46.0724 1660 CLFS - ok

20:28:46.0765 1660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:28:46.0766 1660 clr_optimization_v2.0.50727_32 - ok

20:28:46.0798 1660 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

20:28:46.0800 1660 clr_optimization_v2.0.50727_64 - ok

20:28:46.0892 1660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:28:46.0894 1660 clr_optimization_v4.0.30319_32 - ok

20:28:46.0909 1660 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

20:28:46.0911 1660 clr_optimization_v4.0.30319_64 - ok

20:28:46.0921 1660 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

20:28:46.0922 1660 CmBatt - ok

20:28:46.0934 1660 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

20:28:46.0935 1660 cmdide - ok

20:28:46.0972 1660 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys

20:28:46.0976 1660 CNG - ok

20:28:46.0990 1660 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

20:28:46.0991 1660 Compbatt - ok

20:28:47.0002 1660 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

20:28:47.0004 1660 CompositeBus - ok

20:28:47.0007 1660 COMSysApp - ok

20:28:47.0020 1660 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

20:28:47.0021 1660 crcdisk - ok

20:28:47.0054 1660 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

20:28:47.0057 1660 CryptSvc - ok

20:28:47.0094 1660 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

20:28:47.0099 1660 CSC - ok

20:28:47.0117 1660 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

20:28:47.0123 1660 CscService - ok

20:28:47.0169 1660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

20:28:47.0175 1660 DcomLaunch - ok

20:28:47.0196 1660 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

20:28:47.0200 1660 defragsvc - ok

20:28:47.0229 1660 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

20:28:47.0231 1660 DfsC - ok

20:28:47.0244 1660 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

20:28:47.0247 1660 Dhcp - ok

20:28:47.0261 1660 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

20:28:47.0262 1660 discache - ok

20:28:47.0280 1660 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

20:28:47.0281 1660 Disk - ok

20:28:47.0321 1660 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

20:28:47.0323 1660 Dnscache - ok

20:28:47.0373 1660 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

20:28:47.0376 1660 dot3svc - ok

20:28:47.0419 1660 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

20:28:47.0421 1660 Dot4 - ok

20:28:47.0452 1660 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

20:28:47.0453 1660 Dot4Print - ok

20:28:47.0504 1660 [ 488669CD1CD3BDCFDD9A5FDA72209069 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys

20:28:47.0505 1660 Dot4Scan - ok

20:28:47.0517 1660 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

20:28:47.0518 1660 dot4usb - ok

20:28:47.0533 1660 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

20:28:47.0535 1660 DPS - ok

20:28:47.0730 1660 [ 3B4273C47CFB4416A99F4B1DF80C9C16 ] DraftSight API Service C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe

20:28:47.0766 1660 DraftSight API Service - ok

20:28:48.0087 1660 [ BB45013A0E6EC0F39BE4EF663FF2E993 ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

20:28:48.0090 1660 DragonSvc - ok

20:28:48.0120 1660 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

20:28:48.0121 1660 drmkaud - ok

20:28:48.0172 1660 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

20:28:48.0176 1660 DXGKrnl - ok

20:28:48.0195 1660 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

20:28:48.0197 1660 EapHost - ok

20:28:48.0261 1660 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

20:28:48.0312 1660 ebdrv - ok

20:28:48.0338 1660 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

20:28:48.0339 1660 EFS - ok

20:28:48.0369 1660 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

20:28:48.0376 1660 ehRecvr - ok

20:28:48.0399 1660 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

20:28:48.0401 1660 ehSched - ok

20:28:48.0426 1660 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

20:28:48.0432 1660 elxstor - ok

20:28:48.0502 1660 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

20:28:48.0504 1660 EpsonBidirectionalService - ok

20:28:48.0537 1660 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

20:28:48.0538 1660 ErrDev - ok

20:28:48.0563 1660 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

20:28:48.0567 1660 EventSystem - ok

20:28:48.0573 1660 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

20:28:48.0575 1660 exfat - ok

20:28:48.0596 1660 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

20:28:48.0599 1660 fastfat - ok

20:28:48.0648 1660 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

20:28:48.0655 1660 Fax - ok

20:28:48.0673 1660 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

20:28:48.0674 1660 fdc - ok

20:28:48.0686 1660 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

20:28:48.0688 1660 fdPHost - ok

20:28:48.0696 1660 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

20:28:48.0698 1660 FDResPub - ok

20:28:48.0704 1660 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

20:28:48.0705 1660 FileInfo - ok

20:28:48.0711 1660 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

20:28:48.0713 1660 Filetrace - ok

20:28:48.0781 1660 [ B8602C90D3C427D8A86CE60437615CF5 ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

20:28:48.0786 1660 FlipShare Service - ok

20:28:48.0831 1660 [ AC5FB7094F31534594CAE48306972CBD ] FlipShareServer C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe

20:28:48.0848 1660 FlipShareServer - ok

20:28:48.0877 1660 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

20:28:48.0878 1660 flpydisk - ok

20:28:48.0898 1660 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

20:28:48.0901 1660 FltMgr - ok

20:28:48.0966 1660 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

20:28:48.0984 1660 FontCache - ok

20:28:49.0046 1660 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:28:49.0047 1660 FontCache3.0.0.0 - ok

20:28:49.0064 1660 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

20:28:49.0065 1660 FsDepends - ok

20:28:49.0099 1660 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

20:28:49.0099 1660 Fs_Rec - ok

20:28:49.0115 1660 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

20:28:49.0117 1660 fvevol - ok

20:28:49.0139 1660 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

20:28:49.0140 1660 gagp30kx - ok

20:28:49.0182 1660 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:28:49.0183 1660 GEARAspiWDM - ok

20:28:49.0238 1660 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

20:28:49.0246 1660 gpsvc - ok

20:28:49.0320 1660 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:28:49.0322 1660 gupdate - ok

20:28:49.0324 1660 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:28:49.0325 1660 gupdatem - ok

20:28:49.0343 1660 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

20:28:49.0344 1660 hcw85cir - ok

20:28:49.0394 1660 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:28:49.0398 1660 HdAudAddService - ok

20:28:49.0408 1660 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

20:28:49.0409 1660 HDAudBus - ok

20:28:49.0422 1660 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

20:28:49.0424 1660 HidBatt - ok

20:28:49.0428 1660 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

20:28:49.0430 1660 HidBth - ok

20:28:49.0444 1660 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

20:28:49.0446 1660 HidIr - ok

20:28:49.0474 1660 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

20:28:49.0475 1660 hidserv - ok

20:28:49.0495 1660 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

20:28:49.0496 1660 HidUsb - ok

20:28:49.0531 1660 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

20:28:49.0533 1660 hkmsvc - ok

20:28:49.0576 1660 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:28:49.0580 1660 HomeGroupListener - ok

20:28:49.0593 1660 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:28:49.0596 1660 HomeGroupProvider - ok

20:28:49.0612 1660 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

20:28:49.0613 1660 HpSAMD - ok

20:28:49.0637 1660 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

20:28:49.0644 1660 HTTP - ok

20:28:49.0655 1660 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

20:28:49.0656 1660 hwpolicy - ok

20:28:49.0683 1660 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

20:28:49.0686 1660 i8042prt - ok

20:28:49.0712 1660 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

20:28:49.0716 1660 iaStorV - ok

20:28:49.0769 1660 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

20:28:49.0777 1660 idsvc - ok

20:28:49.0793 1660 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

20:28:49.0794 1660 iirsp - ok

20:28:49.0814 1660 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

20:28:49.0823 1660 IKEEXT - ok

20:28:49.0839 1660 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

20:28:49.0840 1660 intelide - ok

20:28:49.0854 1660 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

20:28:49.0856 1660 intelppm - ok

20:28:50.0327 1660 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

20:28:50.0328 1660 IntuitUpdateService - ok

20:28:50.0409 1660 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

20:28:50.0411 1660 IntuitUpdateServiceV4 - ok

20:28:50.0431 1660 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

20:28:50.0433 1660 IPBusEnum - ok

20:28:50.0470 1660 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:28:50.0472 1660 IpFilterDriver - ok

20:28:50.0513 1660 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

20:28:50.0518 1660 iphlpsvc - ok

20:28:50.0536 1660 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

20:28:50.0538 1660 IPMIDRV - ok

20:28:50.0554 1660 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

20:28:50.0556 1660 IPNAT - ok

20:28:50.0597 1660 [ 44886233135241F3990724082EB104EE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

20:28:50.0603 1660 iPod Service - ok

20:28:50.0615 1660 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

20:28:50.0616 1660 IRENUM - ok

20:28:50.0628 1660 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

20:28:50.0629 1660 isapnp - ok

20:28:50.0645 1660 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

20:28:50.0649 1660 iScsiPrt - ok

20:28:50.0661 1660 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

20:28:50.0662 1660 kbdclass - ok

20:28:50.0669 1660 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

20:28:50.0670 1660 kbdhid - ok

20:28:50.0677 1660 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

20:28:50.0678 1660 KeyIso - ok

20:28:50.0718 1660 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

20:28:50.0719 1660 KSecDD - ok

20:28:50.0759 1660 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

20:28:50.0761 1660 KSecPkg - ok

20:28:50.0771 1660 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

20:28:50.0774 1660 ksthunk - ok

20:28:50.0795 1660 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

20:28:50.0799 1660 KtmRm - ok

20:28:50.0847 1660 [ B8E670D7EF61615FA03104552854FAC9 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys

20:28:50.0848 1660 L1E - ok

20:28:50.0860 1660 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

20:28:50.0864 1660 LanmanServer - ok

20:28:50.0897 1660 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:28:50.0900 1660 LanmanWorkstation - ok

20:28:50.0942 1660 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys

20:28:50.0943 1660 LGBusEnum - ok

20:28:50.0976 1660 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys

20:28:50.0977 1660 LGVirHid - ok

20:28:50.0992 1660 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

20:28:50.0993 1660 lltdio - ok

20:28:51.0019 1660 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

20:28:51.0023 1660 lltdsvc - ok

20:28:51.0048 1660 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

20:28:51.0049 1660 lmhosts - ok

20:28:51.0080 1660 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

20:28:51.0082 1660 LSI_FC - ok

20:28:51.0097 1660 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

20:28:51.0099 1660 LSI_SAS - ok

20:28:51.0113 1660 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

20:28:51.0115 1660 LSI_SAS2 - ok

20:28:51.0131 1660 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

20:28:51.0133 1660 LSI_SCSI - ok

20:28:51.0148 1660 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

20:28:51.0150 1660 luafv - ok

20:28:51.0211 1660 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys

20:28:51.0213 1660 MarvinBus - ok

20:28:51.0249 1660 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

20:28:51.0251 1660 Mcx2Svc - ok

20:28:51.0263 1660 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

20:28:51.0264 1660 megasas - ok

20:28:51.0274 1660 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

20:28:51.0277 1660 MegaSR - ok

20:28:51.0342 1660 [ B7C1BA9B0256B66411F09D705117AE66 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

20:28:51.0342 1660 MemeoBackgroundService - ok

20:28:51.0392 1660 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

20:28:51.0394 1660 Microsoft Office Groove Audit Service - ok

20:28:51.0416 1660 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

20:28:51.0418 1660 MMCSS - ok

20:28:51.0421 1660 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

20:28:51.0422 1660 Modem - ok

20:28:54.0673 1660 [ E0469D25EFC50F58B71E2D65B015DDB5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

20:29:17.0381 1660 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\monitor.sys. md5: E0469D25EFC50F58B71E2D65B015DDB5

20:29:17.0645 1660 monitor ( LockedFile.Multi.Generic ) - warning

20:29:17.0645 1660 monitor - detected LockedFile.Multi.Generic (1)

20:29:17.0756 1660 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

20:29:17.0757 1660 mouclass - ok

20:29:17.0769 1660 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

20:29:17.0770 1660 mouhid - ok

20:29:17.0804 1660 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

20:29:17.0806 1660 mountmgr - ok

20:29:17.0900 1660 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

20:29:17.0902 1660 MozillaMaintenance - ok

20:29:17.0969 1660 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

20:29:17.0972 1660 MpFilter - ok

20:29:17.0993 1660 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

20:29:17.0995 1660 mpio - ok

20:29:18.0012 1660 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

20:29:18.0014 1660 mpsdrv - ok

20:29:18.0052 1660 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

20:29:18.0060 1660 MpsSvc - ok

20:29:18.0099 1660 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

20:29:18.0101 1660 MRxDAV - ok

20:29:18.0140 1660 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

20:29:18.0142 1660 mrxsmb - ok

20:29:18.0179 1660 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:29:18.0183 1660 mrxsmb10 - ok

20:29:18.0196 1660 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:29:18.0198 1660 mrxsmb20 - ok

20:29:18.0235 1660 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

20:29:18.0237 1660 msahci - ok

20:29:18.0250 1660 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

20:29:18.0252 1660 msdsm - ok

20:29:18.0274 1660 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

20:29:18.0276 1660 MSDTC - ok

20:29:18.0295 1660 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

20:29:18.0296 1660 Msfs - ok

20:29:18.0301 1660 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

20:29:18.0302 1660 mshidkmdf - ok

20:29:18.0305 1660 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

20:29:18.0305 1660 msisadrv - ok

20:29:18.0324 1660 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

20:29:18.0326 1660 MSiSCSI - ok

20:29:18.0329 1660 msiserver - ok

20:29:18.0355 1660 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

20:29:18.0356 1660 MSKSSRV - ok

20:29:18.0423 1660 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe

20:29:18.0424 1660 MsMpSvc - ok

20:29:18.0440 1660 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

20:29:18.0441 1660 MSPCLOCK - ok

20:29:18.0452 1660 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

20:29:18.0453 1660 MSPQM - ok

20:29:18.0498 1660 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

20:29:18.0501 1660 MsRPC - ok

20:29:18.0509 1660 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

20:29:18.0509 1660 mssmbios - ok

20:29:18.0534 1660 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

20:29:18.0535 1660 MSTEE - ok

20:29:18.0546 1660 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

20:29:18.0547 1660 MTConfig - ok

20:29:18.0581 1660 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys

20:29:18.0582 1660 MTsensor - ok

20:29:18.0591 1660 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

20:29:18.0591 1660 Mup - ok

20:29:18.0630 1660 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

20:29:18.0635 1660 napagent - ok

20:29:18.0664 1660 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

20:29:18.0667 1660 NativeWifiP - ok

20:29:18.0710 1660 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

20:29:18.0719 1660 NDIS - ok

20:29:18.0736 1660 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

20:29:18.0737 1660 NdisCap - ok

20:29:18.0752 1660 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

20:29:18.0753 1660 NdisTapi - ok

20:29:18.0788 1660 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

20:29:18.0790 1660 Ndisuio - ok

20:29:18.0825 1660 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

20:29:18.0827 1660 NdisWan - ok

20:29:18.0857 1660 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

20:29:18.0859 1660 NDProxy - ok

20:29:18.0903 1660 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

20:29:18.0904 1660 Net Driver HPZ12 - ok

20:29:18.0912 1660 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

20:29:18.0913 1660 NetBIOS - ok

20:29:18.0927 1660 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

20:29:18.0930 1660 NetBT - ok

20:29:18.0946 1660 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

20:29:18.0947 1660 Netlogon - ok

20:29:18.0970 1660 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

20:29:18.0974 1660 Netman - ok

20:29:18.0990 1660 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

20:29:18.0995 1660 netprofm - ok

20:29:19.0014 1660 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:29:19.0016 1660 NetTcpPortSharing - ok

20:29:19.0029 1660 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

20:29:19.0030 1660 nfrd960 - ok

20:29:19.0098 1660 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

20:29:19.0100 1660 NisDrv - ok

20:29:19.0120 1660 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe

20:29:19.0124 1660 NisSrv - ok

20:29:19.0169 1660 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

20:29:19.0173 1660 NlaSvc - ok

20:29:19.0181 1660 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

20:29:19.0182 1660 Npfs - ok

20:29:19.0201 1660 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

20:29:19.0203 1660 nsi - ok

20:29:19.0209 1660 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

20:29:19.0210 1660 nsiproxy - ok

20:29:19.0268 1660 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

20:29:19.0293 1660 Ntfs - ok

20:29:19.0301 1660 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

20:29:19.0303 1660 Null - ok

20:29:19.0349 1660 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys

20:29:19.0353 1660 NVENETFD - ok

20:29:19.0555 1660 [ 8E6247F418B4C8AE9EEB0B532CABCC21 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

20:29:19.0612 1660 nvlddmkm - ok

20:29:19.0645 1660 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

20:29:19.0647 1660 nvraid - ok

20:29:19.0674 1660 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

20:29:19.0676 1660 nvstor - ok

20:29:19.0720 1660 [ 41B97DCE2B2D113B831EB197F02A7398 ] nvsvc C:\Windows\system32\nvvsvc.exe

20:29:19.0729 1660 nvsvc - ok

20:29:20.0127 1660 [ A3A25E0509F67473B960DAF214828BE3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

20:29:20.0144 1660 nvUpdatusService - ok

20:29:20.0193 1660 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

20:29:20.0195 1660 nv_agp - ok

20:29:20.0282 1660 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

20:29:20.0287 1660 odserv - ok

20:29:20.0301 1660 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

20:29:20.0302 1660 ohci1394 - ok

20:29:20.0343 1660 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:29:20.0345 1660 ose - ok

20:29:20.0369 1660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

20:29:20.0373 1660 p2pimsvc - ok

20:29:20.0396 1660 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

20:29:20.0401 1660 p2psvc - ok

20:29:20.0442 1660 [ CE5A72B6E416E7BE1C4669D46BBBB1B5 ] PaeFireStudio C:\Windows\system32\Drivers\PaeFireStudio.sys

20:29:20.0443 1660 PaeFireStudio - ok

20:29:20.0461 1660 [ 89881B3F35936160EE6015A958F369E2 ] PaeFireStudioAudio C:\Windows\system32\drivers\PaeFireStudioAudio.sys

20:29:20.0462 1660 PaeFireStudioAudio - ok

20:29:20.0493 1660 [ 386D31B2FCB8249A868F39366223FDCF ] PaeFireStudioMidi C:\Windows\system32\drivers\PaeFireStudioMidi.sys

20:29:20.0494 1660 PaeFireStudioMidi - ok

20:29:20.0518 1660 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

20:29:20.0520 1660 Parport - ok

20:29:20.0563 1660 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

20:29:20.0564 1660 partmgr - ok

20:29:20.0574 1660 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

20:29:20.0577 1660 PcaSvc - ok

20:29:20.0588 1660 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

20:29:20.0590 1660 pci - ok

20:29:20.0595 1660 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

20:29:20.0595 1660 pciide - ok

20:29:20.0613 1660 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

20:29:20.0616 1660 pcmcia - ok

20:29:20.0630 1660 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

20:29:20.0631 1660 pcw - ok

20:29:20.0651 1660 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

20:29:20.0657 1660 PEAUTH - ok

20:29:20.0695 1660 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

20:29:20.0721 1660 PeerDistSvc - ok

20:29:20.0767 1660 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

20:29:20.0768 1660 PerfHost - ok

20:29:20.0835 1660 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

20:29:20.0861 1660 pla - ok

20:29:20.0895 1660 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

20:29:20.0900 1660 PlugPlay - ok

20:29:20.0943 1660 [ 2B85237F904C5BDF7AD386F0EDE19BD3 ] PMEM C:\Windows\SysWOW64\drivers\pmemnt.sys

20:29:20.0943 1660 PMEM - ok

20:29:20.0977 1660 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

20:29:20.0979 1660 Pml Driver HPZ12 - ok

20:29:20.0991 1660 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

20:29:20.0992 1660 PNRPAutoReg - ok

20:29:20.0998 1660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

20:29:21.0000 1660 PNRPsvc - ok

20:29:21.0014 1660 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

20:29:21.0019 1660 PolicyAgent - ok

20:29:21.0038 1660 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

20:29:21.0041 1660 Power - ok

20:29:21.0057 1660 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

20:29:21.0059 1660 PptpMiniport - ok

20:29:21.0074 1660 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

20:29:21.0075 1660 Processor - ok

20:29:21.0107 1660 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

20:29:21.0110 1660 ProfSvc - ok

20:29:21.0118 1660 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

20:29:21.0119 1660 ProtectedStorage - ok

20:29:21.0169 1660 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

20:29:21.0171 1660 Psched - ok

20:29:21.0207 1660 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

20:29:21.0233 1660 ql2300 - ok

20:29:21.0253 1660 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

20:29:21.0255 1660 ql40xx - ok

20:29:21.0277 1660 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

20:29:21.0280 1660 QWAVE - ok

20:29:21.0294 1660 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

20:29:21.0295 1660 QWAVEdrv - ok

20:29:21.0306 1660 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

20:29:21.0307 1660 RasAcd - ok

20:29:21.0335 1660 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

20:29:21.0336 1660 RasAgileVpn - ok

20:29:21.0344 1660 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

20:29:21.0347 1660 RasAuto - ok

20:29:21.0358 1660 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

20:29:21.0360 1660 Rasl2tp - ok

20:29:21.0370 1660 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

20:29:21.0374 1660 RasMan - ok

20:29:21.0386 1660 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

20:29:21.0388 1660 RasPppoe - ok

20:29:21.0400 1660 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

20:29:21.0402 1660 RasSstp - ok

20:29:21.0411 1660 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

20:29:21.0414 1660 rdbss - ok

20:29:21.0426 1660 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

20:29:21.0427 1660 rdpbus - ok

20:29:21.0437 1660 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

20:29:21.0439 1660 RDPCDD - ok

20:29:21.0477 1660 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

20:29:21.0479 1660 RDPDR - ok

20:29:21.0500 1660 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

20:29:21.0501 1660 RDPENCDD - ok

20:29:21.0509 1660 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

20:29:21.0510 1660 RDPREFMP - ok

20:29:21.0564 1660 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

20:29:21.0566 1660 RdpVideoMiniport - ok

20:29:21.0609 1660 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

20:29:21.0612 1660 RDPWD - ok

20:29:21.0632 1660 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

20:29:21.0635 1660 rdyboost - ok

20:29:21.0658 1660 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

20:29:21.0661 1660 RemoteAccess - ok

20:29:21.0667 1660 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

20:29:21.0670 1660 RemoteRegistry - ok

20:29:21.0678 1660 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

20:29:21.0680 1660 RpcEptMapper - ok

20:29:21.0683 1660 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

20:29:21.0684 1660 RpcLocator - ok

20:29:21.0724 1660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

20:29:21.0727 1660 RpcSs - ok

20:29:21.0735 1660 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

20:29:21.0737 1660 rspndr - ok

20:29:21.0768 1660 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

20:29:21.0769 1660 s3cap - ok

20:29:21.0777 1660 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

20:29:21.0778 1660 SamSs - ok

20:29:21.0843 1660 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

20:29:21.0843 1660 SASDIFSV - ok

20:29:21.0873 1660 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

20:29:21.0873 1660 SASKUTIL - ok

20:29:21.0883 1660 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

20:29:21.0885 1660 sbp2port - ok

20:29:21.0909 1660 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

20:29:21.0912 1660 SCardSvr - ok

20:29:21.0949 1660 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

20:29:21.0990 1660 scfilter - ok

20:29:22.0284 1660 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

20:29:22.0302 1660 Schedule - ok

20:29:22.0323 1660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

20:29:22.0324 1660 SCPolicySvc - ok

20:29:22.0346 1660 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

20:29:22.0349 1660 SDRSVC - ok

20:29:22.0423 1660 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

20:29:22.0423 1660 SeagateDashboardService - ok

20:29:22.0468 1660 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

20:29:22.0469 1660 secdrv - ok

20:29:22.0504 1660 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

20:29:22.0506 1660 seclogon - ok

20:29:22.0519 1660 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

20:29:22.0521 1660 SENS - ok

20:29:22.0529 1660 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

20:29:22.0531 1660 SensrSvc - ok

20:29:22.0536 1660 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

20:29:22.0537 1660 Serenum - ok

20:29:22.0544 1660 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

20:29:22.0545 1660 Serial - ok

20:29:22.0573 1660 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

20:29:22.0575 1660 sermouse - ok

20:29:22.0612 1660 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

20:29:22.0614 1660 SessionEnv - ok

20:29:22.0630 1660 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

20:29:22.0631 1660 sffdisk - ok

20:29:22.0644 1660 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

20:29:22.0645 1660 sffp_mmc - ok

20:29:22.0659 1660 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

20:29:22.0660 1660 sffp_sd - ok

20:29:22.0675 1660 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

20:29:22.0676 1660 sfloppy - ok

20:29:22.0704 1660 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

20:29:22.0708 1660 SharedAccess - ok

20:29:22.0720 1660 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:29:22.0724 1660 ShellHWDetection - ok

20:29:22.0744 1660 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

20:29:22.0746 1660 SiSRaid2 - ok

20:29:22.0749 1660 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

20:29:22.0750 1660 SiSRaid4 - ok

20:29:22.0777 1660 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

20:29:22.0779 1660 Smb - ok

20:29:22.0796 1660 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

20:29:22.0798 1660 SNMPTRAP - ok

20:29:22.0840 1660 [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan C:\Windows\syswow64\speedfan.sys

20:29:22.0841 1660 speedfan - ok

20:29:22.0855 1660 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

20:29:22.0855 1660 spldr - ok

20:29:22.0908 1660 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

20:29:22.0915 1660 Spooler - ok

20:29:22.0964 1660 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

20:29:23.0008 1660 sppsvc - ok

20:29:23.0027 1660 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

20:29:23.0029 1660 sppuinotify - ok

20:29:23.0069 1660 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

20:29:23.0073 1660 srv - ok

20:29:23.0089 1660 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

20:29:23.0093 1660 srv2 - ok

20:29:23.0104 1660 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

20:29:23.0106 1660 srvnet - ok

20:29:23.0126 1660 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

20:29:23.0129 1660 SSDPSRV - ok

20:29:23.0137 1660 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

20:29:23.0139 1660 SstpSvc - ok

20:29:23.0143 1660 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

20:29:23.0144 1660 stexstor - ok

20:29:23.0167 1660 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

20:29:23.0174 1660 stisvc - ok

20:29:23.0224 1660 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

20:29:23.0225 1660 storflt - ok

20:29:23.0240 1660 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll

20:29:23.0242 1660 StorSvc - ok

20:29:23.0258 1660 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

20:29:23.0260 1660 storvsc - ok

20:29:23.0279 1660 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

20:29:23.0279 1660 swenum - ok

20:29:23.0298 1660 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

20:29:23.0304 1660 swprv - ok

20:29:23.0367 1660 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

20:29:23.0393 1660 SysMain - ok

20:29:23.0432 1660 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

20:29:23.0435 1660 TabletInputService - ok

20:29:23.0447 1660 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

20:29:23.0451 1660 TapiSrv - ok

20:29:23.0457 1660 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

20:29:23.0459 1660 TBS - ok

20:29:23.0531 1660 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

20:29:23.0557 1660 Tcpip - ok

20:29:23.0598 1660 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

20:29:23.0606 1660 TCPIP6 - ok

20:29:23.0637 1660 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

20:29:23.0638 1660 tcpipreg - ok

20:29:23.0651 1660 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

20:29:23.0653 1660 TDPIPE - ok

20:29:23.0682 1660 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

20:29:23.0683 1660 TDTCP - ok

20:29:23.0702 1660 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

20:29:23.0704 1660 tdx - ok

20:29:23.0713 1660 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

20:29:23.0714 1660 TermDD - ok

20:29:23.0732 1660 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

20:29:23.0739 1660 TermService - ok

20:29:23.0750 1660 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

20:29:23.0753 1660 Themes - ok

20:29:23.0773 1660 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

20:29:23.0774 1660 THREADORDER - ok

20:29:23.0784 1660 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

20:29:23.0787 1660 TrkWks - ok

20:29:23.0835 1660 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:29:23.0837 1660 TrustedInstaller - ok

20:29:23.0872 1660 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

20:29:23.0874 1660 tssecsrv - ok

20:29:23.0949 1660 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

20:29:23.0951 1660 TsUsbFlt - ok

20:29:24.0010 1660 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

20:29:24.0012 1660 tunnel - ok

20:29:24.0027 1660 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

20:29:24.0028 1660 uagp35 - ok

20:29:24.0073 1660 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

20:29:24.0077 1660 udfs - ok

20:29:24.0093 1660 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

20:29:24.0096 1660 UI0Detect - ok

20:29:24.0113 1660 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

20:29:24.0114 1660 uliagpkx - ok

20:29:24.0127 1660 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

20:29:24.0263 1660 umbus - ok

20:29:24.0318 1660 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

20:29:24.0470 1660 UmPass - ok

20:29:24.0575 1660 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

20:29:24.0579 1660 UmRdpService - ok

20:29:24.0596 1660 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

20:29:24.0601 1660 upnphost - ok

20:29:24.0651 1660 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

20:29:24.0653 1660 usbaudio - ok

20:29:24.0697 1660 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

20:29:24.0699 1660 usbccgp - ok

20:29:24.0721 1660 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

20:29:24.0723 1660 usbcir - ok

20:29:24.0751 1660 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

20:29:24.0752 1660 usbehci - ok

20:29:24.0762 1660 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

20:29:24.0765 1660 usbhub - ok

20:29:24.0783 1660 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

20:29:24.0784 1660 usbohci - ok

20:29:24.0801 1660 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

20:29:24.0802 1660 usbprint - ok

20:29:24.0817 1660 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:29:24.0819 1660 USBSTOR - ok

20:29:24.0843 1660 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

20:29:24.0845 1660 usbuhci - ok

20:29:24.0859 1660 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

20:29:24.0861 1660 UxSms - ok

20:29:24.0874 1660 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

20:29:24.0874 1660 VaultSvc - ok

20:29:24.0887 1660 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

20:29:24.0887 1660 vdrvroot - ok

20:29:24.0928 1660 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

20:29:24.0934 1660 vds - ok

20:29:24.0938 1660 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

20:29:24.0939 1660 vga - ok

20:29:24.0945 1660 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

20:29:24.0946 1660 VgaSave - ok

20:29:24.0964 1660 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

20:29:24.0967 1660 vhdmp - ok

20:29:24.0988 1660 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

20:29:24.0989 1660 viaide - ok

20:29:25.0005 1660 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

20:29:25.0007 1660 vmbus - ok

20:29:25.0026 1660 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

20:29:25.0027 1660 VMBusHID - ok

20:29:25.0042 1660 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

20:29:25.0043 1660 volmgr - ok

20:29:25.0079 1660 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

20:29:25.0083 1660 volmgrx - ok

20:29:25.0092 1660 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

20:29:25.0095 1660 volsnap - ok

20:29:25.0119 1660 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

20:29:25.0122 1660 vsmraid - ok

20:29:25.0173 1660 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

20:29:25.0199 1660 VSS - ok

20:29:25.0213 1660 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

20:29:25.0214 1660 vwifibus - ok

20:29:25.0244 1660 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

20:29:25.0249 1660 W32Time - ok

20:29:25.0254 1660 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

20:29:25.0255 1660 WacomPen - ok

20:29:25.0269 1660 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

20:29:25.0271 1660 WANARP - ok

20:29:25.0274 1660 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

20:29:25.0274 1660 Wanarpv6 - ok

20:29:25.0339 1660 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

20:29:25.0365 1660 WatAdminSvc - ok

20:29:25.0410 1660 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

20:29:25.0436 1660 wbengine - ok

20:29:25.0451 1660 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

20:29:25.0455 1660 WbioSrvc - ok

20:29:25.0496 1660 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

20:29:25.0501 1660 wcncsvc - ok

20:29:25.0508 1660 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:29:25.0511 1660 WcsPlugInService - ok

20:29:25.0522 1660 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

20:29:25.0525 1660 Wd - ok

20:29:25.0591 1660 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

20:29:25.0598 1660 Wdf01000 - ok

20:29:25.0612 1660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

20:29:25.0614 1660 WdiServiceHost - ok

20:29:25.0617 1660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

20:29:25.0619 1660 WdiSystemHost - ok

20:29:25.0657 1660 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

20:29:25.0661 1660 WebClient - ok

20:29:25.0670 1660 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

20:29:25.0673 1660 Wecsvc - ok

20:29:25.0677 1660 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

20:29:25.0679 1660 wercplsupport - ok

20:29:25.0691 1660 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

20:29:25.0693 1660 WerSvc - ok

20:29:25.0704 1660 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

20:29:25.0706 1660 WfpLwf - ok

20:29:25.0718 1660 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

20:29:25.0720 1660 WIMMount - ok

20:29:25.0737 1660 WinDefend - ok

20:29:25.0740 1660 WinHttpAutoProxySvc - ok

20:29:25.0780 1660 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

20:29:25.0782 1660 Winmgmt - ok

20:29:25.0818 1660 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

20:29:25.0853 1660 WinRM - ok

20:29:25.0904 1660 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

20:29:25.0914 1660 Wlansvc - ok

20:29:25.0935 1660 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

20:29:25.0935 1660 WmiAcpi - ok

20:29:25.0958 1660 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

20:29:25.0961 1660 wmiApSrv - ok

20:29:25.0966 1660 WMPNetworkSvc - ok

20:29:25.0974 1660 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

20:29:25.0977 1660 WPCSvc - ok

20:29:26.0012 1660 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

20:29:26.0015 1660 WPDBusEnum - ok

20:29:26.0024 1660 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

20:29:26.0025 1660 ws2ifsl - ok

20:29:26.0038 1660 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

20:29:26.0041 1660 wscsvc - ok

20:29:26.0043 1660 WSearch - ok

20:29:26.0113 1660 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

20:29:26.0147 1660 wuauserv - ok

20:29:26.0208 1660 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

20:29:26.0210 1660 WudfPf - ok

20:29:26.0226 1660 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

20:29:26.0228 1660 WUDFRd - ok

20:29:26.0272 1660 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

20:29:26.0274 1660 wudfsvc - ok

20:29:26.0280 1660 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

20:29:26.0284 1660 WwanSvc - ok

20:29:26.0296 1660 ================ Scan global ===============================

20:29:26.0308 1660 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

20:29:26.0344 1660 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

20:29:26.0351 1660 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

20:29:26.0362 1660 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

20:29:26.0374 1660 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

20:29:26.0378 1660 [Global] - ok

20:29:26.0379 1660 ================ Scan MBR ==================================

20:29:26.0383 1660 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

20:29:26.0824 1660 \Device\Harddisk0\DR0 - ok

20:29:26.0826 1660 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

20:29:26.0964 1660 \Device\Harddisk1\DR1 - ok

20:29:26.0983 1660 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2

20:29:26.0988 1660 \Device\Harddisk2\DR2 - ok

20:29:26.0989 1660 ================ Scan VBR ==================================

20:29:26.0991 1660 [ 4AFB4D2D08093B99B8BF3B3C4BC790F3 ] \Device\Harddisk0\DR0\Partition1

20:29:26.0992 1660 \Device\Harddisk0\DR0\Partition1 - ok

20:29:26.0997 1660 [ 880BAA32879CA8EEBE91C6418565632B ] \Device\Harddisk0\DR0\Partition2

20:29:26.0999 1660 \Device\Harddisk0\DR0\Partition2 - ok

20:29:27.0001 1660 [ 87AAF8403399E34821BA0FA9E5D51185 ] \Device\Harddisk1\DR1\Partition1

20:29:27.0002 1660 \Device\Harddisk1\DR1\Partition1 - ok

20:29:27.0004 1660 [ 1FE39BFF041DC09312E2E9DCCB55FD36 ] \Device\Harddisk2\DR2\Partition1

20:29:27.0007 1660 \Device\Harddisk2\DR2\Partition1 - ok

20:29:27.0007 1660 ============================================================

20:29:27.0007 1660 Scan finished

20:29:27.0007 1660 ============================================================

20:29:27.0014 4912 Detected object count: 1

20:29:27.0014 4912 Actual detected object count: 1

20:30:18.0110 4912 C:\Windows\system32\DRIVERS\monitor.sys - copied to quarantine

20:30:18.0110 4912 monitor ( LockedFile.Multi.Generic ) - User select action: Quarantine

20:30:59.0691 0184 ============================================================

20:30:59.0691 0184 Scan started

20:30:59.0691 0184 Mode: Manual;

20:30:59.0691 0184 ============================================================

20:31:00.0010 0184 ================ Scan system memory ========================

20:31:00.0010 0184 System memory - ok

20:31:00.0010 0184 ================ Scan services =============================

20:31:00.0072 0184 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

20:31:00.0073 0184 !SASCORE - ok

20:31:00.0173 0184 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

20:31:00.0174 0184 1394ohci - ok

20:31:00.0257 0184 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

20:31:00.0260 0184 ABBYY.Licensing.FineReader.Sprint.9.0 - ok

20:31:00.0295 0184 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

20:31:00.0297 0184 ACPI - ok

20:31:00.0333 0184 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

20:31:00.0334 0184 AcpiPmi - ok

20:31:00.0373 0184 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:31:00.0374 0184 AdobeARMservice - ok

20:31:00.0419 0184 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

20:31:00.0421 0184 adp94xx - ok

20:31:00.0427 0184 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

20:31:00.0429 0184 adpahci - ok

20:31:00.0434 0184 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

20:31:00.0435 0184 adpu320 - ok

20:31:00.0462 0184 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

20:31:00.0462 0184 AeLookupSvc - ok

20:31:00.0505 0184 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

20:31:00.0507 0184 AFD - ok

20:31:00.0524 0184 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

20:31:00.0525 0184 agp440 - ok

20:31:00.0540 0184 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

20:31:00.0540 0184 ALG - ok

20:31:00.0550 0184 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

20:31:00.0550 0184 aliide - ok

20:31:00.0559 0184 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

20:31:00.0559 0184 amdide - ok

20:31:00.0563 0184 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

20:31:00.0563 0184 AmdK8 - ok

20:31:00.0573 0184 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

20:31:00.0573 0184 AmdPPM - ok

20:31:00.0636 0184 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

20:31:00.0637 0184 amdsata - ok

20:31:00.0656 0184 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

20:31:00.0657 0184 amdsbs - ok

20:31:00.0669 0184 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

20:31:00.0670 0184 amdxata - ok

20:31:00.0705 0184 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

20:31:00.0706 0184 AppID - ok

20:31:00.0719 0184 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

20:31:00.0719 0184 AppIDSvc - ok

20:31:00.0750 0184 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

20:31:00.0751 0184 Appinfo - ok

20:31:00.0820 0184 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:31:00.0821 0184 Apple Mobile Device - ok

20:31:00.0846 0184 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

20:31:00.0847 0184 AppMgmt - ok

20:31:00.0851 0184 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

20:31:00.0852 0184 arc - ok

20:31:00.0855 0184 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

20:31:00.0856 0184 arcsas - ok

20:31:00.0868 0184 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

20:31:00.0869 0184 AsyncMac - ok

20:31:00.0876 0184 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

20:31:00.0876 0184 atapi - ok

20:31:00.0917 0184 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:31:00.0920 0184 AudioEndpointBuilder - ok

20:31:00.0929 0184 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

20:31:00.0932 0184 AudioSrv - ok

20:31:00.0964 0184 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

20:31:00.0965 0184 AxInstSV - ok

20:31:00.0984 0184 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

20:31:00.0986 0184 b06bdrv - ok

20:31:00.0993 0184 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

20:31:00.0994 0184 b57nd60a - ok

20:31:01.0013 0184 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

20:31:01.0013 0184 BDESVC - ok

20:31:01.0023 0184 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

20:31:01.0023 0184 Beep - ok

20:31:01.0294 0184 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

20:31:01.0297 0184 BFE - ok

20:31:01.0419 0184 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

20:31:01.0423 0184 BITS - ok

20:31:01.0440 0184 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

20:31:01.0440 0184 blbdrive - ok

20:31:01.0492 0184 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

20:31:01.0494 0184 Bonjour Service - ok

20:31:01.0540 0184 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

20:31:01.0541 0184 bowser - ok

20:31:01.0558 0184 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

20:31:01.0559 0184 BrFiltLo - ok

20:31:01.0576 0184 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

20:31:01.0576 0184 BrFiltUp - ok

20:31:01.0619 0184 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

20:31:01.0620 0184 Browser - ok

20:31:01.0626 0184 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

20:31:01.0628 0184 Brserid - ok

20:31:01.0643 0184 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

20:31:01.0643 0184 BrSerWdm - ok

20:31:01.0656 0184 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

20:31:01.0656 0184 BrUsbMdm - ok

20:31:01.0671 0184 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

20:31:01.0671 0184 BrUsbSer - ok

20:31:01.0675 0184 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

20:31:01.0675 0184 BTHMODEM - ok

20:31:01.0690 0184 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

20:31:01.0691 0184 bthserv - ok

20:31:01.0699 0184 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

20:31:01.0700 0184 cdfs - ok

20:31:01.0741 0184 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

20:31:01.0742 0184 cdrom - ok

20:31:01.0786 0184 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

20:31:01.0787 0184 CertPropSvc - ok

20:31:01.0797 0184 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

20:31:01.0797 0184 circlass - ok

20:31:01.0817 0184 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

20:31:01.0819 0184 CLFS - ok

20:31:01.0852 0184 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:31:01.0853 0184 clr_optimization_v2.0.50727_32 - ok

20:31:01.0886 0184 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

20:31:01.0887 0184 clr_optimization_v2.0.50727_64 - ok

20:31:01.0955 0184 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:31:01.0956 0184 clr_optimization_v4.0.30319_32 - ok

20:31:01.0972 0184 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

20:31:01.0973 0184 clr_optimization_v4.0.30319_64 - ok

20:31:01.0984 0184 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

20:31:01.0984 0184 CmBatt - ok

20:31:01.0997 0184 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

20:31:01.0997 0184 cmdide - ok

20:31:02.0035 0184 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys

20:31:02.0037 0184 CNG - ok

20:31:02.0053 0184 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

20:31:02.0053 0184 Compbatt - ok

20:31:02.0065 0184 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

20:31:02.0065 0184 CompositeBus - ok

20:31:02.0068 0184 COMSysApp - ok

20:31:02.0083 0184 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

20:31:02.0083 0184 crcdisk - ok

20:31:02.0117 0184 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

20:31:02.0118 0184 CryptSvc - ok

20:31:02.0157 0184 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

20:31:02.0160 0184 CSC - ok

20:31:02.0180 0184 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

20:31:02.0183 0184 CscService - ok

20:31:02.0224 0184 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

20:31:02.0227 0184 DcomLaunch - ok

20:31:02.0243 0184 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

20:31:02.0244 0184 defragsvc - ok

20:31:02.0276 0184 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

20:31:02.0276 0184 DfsC - ok

20:31:02.0290 0184 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

20:31:02.0292 0184 Dhcp - ok

20:31:02.0299 0184 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

20:31:02.0299 0184 discache - ok

20:31:02.0303 0184 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

20:31:02.0303 0184 Disk - ok

20:31:02.0342 0184 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

20:31:02.0343 0184 Dnscache - ok

20:31:02.0378 0184 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

20:31:02.0379 0184 dot3svc - ok

20:31:02.0416 0184 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

20:31:02.0416 0184 Dot4 - ok

20:31:02.0423 0184 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

20:31:02.0423 0184 Dot4Print - ok

20:31:02.0458 0184 [ 488669CD1CD3BDCFDD9A5FDA72209069 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys

20:31:02.0459 0184 Dot4Scan - ok

20:31:02.0488 0184 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

20:31:02.0489 0184 dot4usb - ok

20:31:02.0529 0184 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

20:31:02.0530 0184 DPS - ok

20:31:02.0602 0184 [ 3B4273C47CFB4416A99F4B1DF80C9C16 ] DraftSight API Service C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe

20:31:02.0602 0184 DraftSight API Service - ok

20:31:02.0650 0184 [ BB45013A0E6EC0F39BE4EF663FF2E993 ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

20:31:02.0651 0184 DragonSvc - ok

20:31:02.0684 0184 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

20:31:02.0684 0184 drmkaud - ok

20:31:02.0736 0184 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

20:31:02.0740 0184 DXGKrnl - ok

20:31:02.0751 0184 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

20:31:02.0752 0184 EapHost - ok

20:31:02.0816 0184 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

20:31:02.0830 0184 ebdrv - ok

20:31:02.0851 0184 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

20:31:02.0852 0184 EFS - ok

20:31:02.0883 0184 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

20:31:02.0886 0184 ehRecvr - ok

20:31:02.0913 0184 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

20:31:02.0913 0184 ehSched - ok

20:31:02.0932 0184 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

20:31:02.0934 0184 elxstor - ok

20:31:03.0007 0184 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

20:31:03.0008 0184 EpsonBidirectionalService - ok

20:31:03.0018 0184 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

20:31:03.0018 0184 ErrDev - ok

20:31:03.0043 0184 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

20:31:03.0045 0184 EventSystem - ok

20:31:03.0051 0184 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

20:31:03.0051 0184 exfat - ok

20:31:03.0068 0184 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

20:31:03.0069 0184 fastfat - ok

20:31:03.0104 0184 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

20:31:03.0107 0184 Fax - ok

20:31:03.0128 0184 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

20:31:03.0129 0184 fdc - ok

20:31:03.0141 0184 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

20:31:03.0142 0184 fdPHost - ok

20:31:03.0152 0184 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

20:31:03.0152 0184 FDResPub - ok

20:31:03.0176 0184 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

20:31:03.0177 0184 FileInfo - ok

20:31:03.0183 0184 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

20:31:03.0184 0184 Filetrace - ok

20:31:03.0228 0184 [ B8602C90D3C427D8A86CE60437615CF5 ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

20:31:03.0230 0184 FlipShare Service - ok

20:31:03.0626 0184 [ AC5FB7094F31534594CAE48306972CBD ] FlipShareServer C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe

20:31:03.0631 0184 FlipShareServer - ok

20:31:03.0648 0184 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

20:31:03.0649 0184 flpydisk - ok

20:31:03.0687 0184 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

20:31:03.0688 0184 FltMgr - ok

20:31:03.0738 0184 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

20:31:03.0743 0184 FontCache - ok

20:31:03.0801 0184 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:31:03.0801 0184 FontCache3.0.0.0 - ok

20:31:03.0819 0184 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

20:31:03.0819 0184 FsDepends - ok

20:31:03.0863 0184 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

20:31:03.0863 0184 Fs_Rec - ok

20:31:03.0903 0184 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

20:31:03.0904 0184 fvevol - ok

20:31:03.0919 0184 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

20:31:03.0919 0184 gagp30kx - ok

20:31:03.0954 0184 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:31:03.0954 0184 GEARAspiWDM - ok

20:31:04.0008 0184 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

20:31:04.0011 0184 gpsvc - ok

20:31:04.0066 0184 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:31:04.0067 0184 gupdate - ok

20:31:04.0071 0184 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:31:04.0071 0184 gupdatem - ok

20:31:04.0089 0184 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

20:31:04.0090 0184 hcw85cir - ok

20:31:04.0124 0184 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:31:04.0126 0184 HdAudAddService - ok

20:31:04.0138 0184 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

20:31:04.0139 0184 HDAudBus - ok

20:31:04.0152 0184 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

20:31:04.0153 0184 HidBatt - ok

20:31:04.0157 0184 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

20:31:04.0158 0184 HidBth - ok

20:31:04.0161 0184 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

20:31:04.0162 0184 HidIr - ok

20:31:04.0187 0184 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

20:31:04.0188 0184 hidserv - ok

20:31:04.0200 0184 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys

20:31:04.0201 0184 HidUsb - ok

20:31:04.0236 0184 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

20:31:04.0238 0184 hkmsvc - ok

20:31:04.0248 0184 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:31:04.0250 0184 HomeGroupListener - ok

20:31:04.0274 0184 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:31:04.0275 0184 HomeGroupProvider - ok

20:31:04.0292 0184 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

20:31:04.0292 0184 HpSAMD - ok

20:31:04.0317 0184 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

20:31:04.0320 0184 HTTP - ok

20:31:04.0327 0184 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

20:31:04.0327 0184 hwpolicy - ok

20:31:04.0347 0184 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

20:31:04.0347 0184 i8042prt - ok

20:31:04.0367 0184 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

20:31:04.0369 0184 iaStorV - ok

20:31:04.0424 0184 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

20:31:04.0428 0184 idsvc - ok

20:31:04.0432 0184 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

20:31:04.0432 0184 iirsp - ok

20:31:04.0461 0184 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

20:31:04.0465 0184 IKEEXT - ok

20:31:04.0477 0184 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

20:31:04.0477 0184 intelide - ok

20:31:04.0493 0184 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

20:31:04.0493 0184 intelppm - ok

20:31:04.0582 0184 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

20:31:04.0582 0184 IntuitUpdateService - ok

20:31:04.0648 0184 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

20:31:04.0648 0184 IntuitUpdateServiceV4 - ok

20:31:04.0670 0184 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

Link to post
Share on other sites

20:31:04.0671 0184 IPBusEnum - ok

20:31:04.0684 0184 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:31:04.0685 0184 IpFilterDriver - ok

20:31:04.0727 0184 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

20:31:04.0729 0184 iphlpsvc - ok

20:31:04.0750 0184 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

20:31:04.0751 0184 IPMIDRV - ok

20:31:04.0755 0184 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

20:31:04.0756 0184 IPNAT - ok

20:31:04.0827 0184 [ 44886233135241F3990724082EB104EE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

20:31:04.0830 0184 iPod Service - ok

20:31:04.0837 0184 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

20:31:04.0838 0184 IRENUM - ok

20:31:04.0850 0184 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

20:31:04.0850 0184 isapnp - ok

20:31:04.0884 0184 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

20:31:04.0886 0184 iScsiPrt - ok

20:31:04.0900 0184 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

20:31:04.0901 0184 kbdclass - ok

20:31:04.0908 0184 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

20:31:04.0908 0184 kbdhid - ok

20:31:04.0916 0184 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

20:31:04.0917 0184 KeyIso - ok

20:31:04.0957 0184 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

20:31:04.0958 0184 KSecDD - ok

20:31:04.0998 0184 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

20:31:04.0999 0184 KSecPkg - ok

20:31:05.0010 0184 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

20:31:05.0011 0184 ksthunk - ok

20:31:05.0033 0184 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

20:31:05.0036 0184 KtmRm - ok

20:31:05.0069 0184 [ B8E670D7EF61615FA03104552854FAC9 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys

20:31:05.0070 0184 L1E - ok

20:31:05.0108 0184 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

20:31:05.0110 0184 LanmanServer - ok

20:31:05.0144 0184 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:31:05.0146 0184 LanmanWorkstation - ok

20:31:05.0181 0184 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys

20:31:05.0181 0184 LGBusEnum - ok

20:31:05.0215 0184 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys

20:31:05.0216 0184 LGVirHid - ok

20:31:05.0230 0184 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

20:31:05.0231 0184 lltdio - ok

20:31:05.0250 0184 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

20:31:05.0252 0184 lltdsvc - ok

20:31:05.0270 0184 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

20:31:05.0271 0184 lmhosts - ok

20:31:05.0285 0184 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

20:31:05.0286 0184 LSI_FC - ok

20:31:05.0302 0184 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

20:31:05.0303 0184 LSI_SAS - ok

20:31:05.0319 0184 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

20:31:05.0319 0184 LSI_SAS2 - ok

20:31:05.0336 0184 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

20:31:05.0337 0184 LSI_SCSI - ok

20:31:05.0353 0184 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

20:31:05.0354 0184 luafv - ok

20:31:05.0392 0184 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys

20:31:05.0393 0184 MarvinBus - ok

20:31:05.0430 0184 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

20:31:05.0431 0184 Mcx2Svc - ok

20:31:05.0443 0184 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

20:31:05.0444 0184 megasas - ok

20:31:05.0449 0184 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

20:31:05.0450 0184 MegaSR - ok

20:31:05.0514 0184 [ B7C1BA9B0256B66411F09D705117AE66 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

20:31:05.0514 0184 MemeoBackgroundService - ok

20:31:05.0955 0184 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

20:31:05.0956 0184 Microsoft Office Groove Audit Service - ok

20:31:05.0971 0184 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

20:31:05.0972 0184 MMCSS - ok

20:31:05.0975 0184 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

20:31:05.0976 0184 Modem - ok

20:31:09.0046 0184 [ E0469D25EFC50F58B71E2D65B015DDB5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

20:31:31.0355 0184 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\monitor.sys. md5: E0469D25EFC50F58B71E2D65B015DDB5

20:31:31.0356 0184 monitor ( LockedFile.Multi.Generic ) - warning

20:31:31.0356 0184 monitor - detected LockedFile.Multi.Generic (1)

20:31:31.0605 0184 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

20:31:31.0605 0184 mouclass - ok

20:31:31.0656 0184 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

20:31:31.0656 0184 mouhid - ok

20:31:31.0769 0184 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

20:31:31.0770 0184 mountmgr - ok

20:31:31.0825 0184 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

20:31:31.0825 0184 MozillaMaintenance - ok

20:31:31.0858 0184 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

20:31:31.0859 0184 MpFilter - ok

20:31:31.0875 0184 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

20:31:31.0876 0184 mpio - ok

20:31:31.0894 0184 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

20:31:31.0895 0184 mpsdrv - ok

20:31:31.0934 0184 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

20:31:31.0938 0184 MpsSvc - ok

20:31:31.0972 0184 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

20:31:31.0973 0184 MRxDAV - ok

20:31:32.0014 0184 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

20:31:32.0015 0184 mrxsmb - ok

20:31:32.0053 0184 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:31:32.0054 0184 mrxsmb10 - ok

20:31:32.0061 0184 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:31:32.0062 0184 mrxsmb20 - ok

20:31:32.0101 0184 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

20:31:32.0101 0184 msahci - ok

20:31:32.0123 0184 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

20:31:32.0124 0184 msdsm - ok

20:31:32.0147 0184 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

20:31:32.0149 0184 MSDTC - ok

20:31:32.0161 0184 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

20:31:32.0161 0184 Msfs - ok

20:31:32.0166 0184 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

20:31:32.0166 0184 mshidkmdf - ok

20:31:32.0169 0184 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

20:31:32.0170 0184 msisadrv - ok

20:31:32.0189 0184 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

20:31:32.0190 0184 MSiSCSI - ok

20:31:32.0193 0184 msiserver - ok

20:31:32.0204 0184 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

20:31:32.0204 0184 MSKSSRV - ok

20:31:32.0272 0184 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe

20:31:32.0272 0184 MsMpSvc - ok

20:31:32.0289 0184 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

20:31:32.0289 0184 MSPCLOCK - ok

20:31:32.0309 0184 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

20:31:32.0309 0184 MSPQM - ok

20:31:32.0354 0184 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

20:31:32.0356 0184 MsRPC - ok

20:31:32.0366 0184 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

20:31:32.0366 0184 mssmbios - ok

20:31:32.0382 0184 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

20:31:32.0383 0184 MSTEE - ok

20:31:32.0394 0184 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

20:31:32.0395 0184 MTConfig - ok

20:31:32.0455 0184 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys

20:31:32.0455 0184 MTsensor - ok

20:31:32.0464 0184 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

20:31:32.0465 0184 Mup - ok

20:31:32.0479 0184 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

20:31:32.0482 0184 napagent - ok

20:31:32.0504 0184 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

20:31:32.0506 0184 NativeWifiP - ok

20:31:32.0551 0184 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

20:31:32.0554 0184 NDIS - ok

20:31:32.0568 0184 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

20:31:32.0568 0184 NdisCap - ok

20:31:32.0584 0184 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

20:31:32.0584 0184 NdisTapi - ok

20:31:32.0620 0184 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

20:31:32.0621 0184 Ndisuio - ok

20:31:32.0657 0184 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

20:31:32.0658 0184 NdisWan - ok

20:31:32.0689 0184 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

20:31:32.0690 0184 NDProxy - ok

20:31:32.0726 0184 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

20:31:32.0727 0184 Net Driver HPZ12 - ok

20:31:32.0736 0184 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

20:31:32.0736 0184 NetBIOS - ok

20:31:32.0776 0184 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

20:31:32.0777 0184 NetBT - ok

20:31:32.0786 0184 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

20:31:32.0787 0184 Netlogon - ok

20:31:32.0810 0184 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

20:31:32.0812 0184 Netman - ok

20:31:32.0830 0184 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

20:31:32.0833 0184 netprofm - ok

20:31:32.0854 0184 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:31:32.0855 0184 NetTcpPortSharing - ok

20:31:32.0859 0184 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

20:31:32.0859 0184 nfrd960 - ok

20:31:32.0896 0184 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

20:31:32.0897 0184 NisDrv - ok

20:31:32.0919 0184 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe

20:31:32.0920 0184 NisSrv - ok

20:31:32.0959 0184 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

20:31:32.0961 0184 NlaSvc - ok

20:31:32.0971 0184 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

20:31:32.0971 0184 Npfs - ok

20:31:32.0991 0184 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

20:31:32.0992 0184 nsi - ok

20:31:32.0999 0184 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

20:31:32.0999 0184 nsiproxy - ok

20:31:33.0058 0184 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

20:31:33.0065 0184 Ntfs - ok

20:31:33.0075 0184 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

20:31:33.0076 0184 Null - ok

20:31:33.0114 0184 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys

20:31:33.0116 0184 NVENETFD - ok

20:31:33.0313 0184 [ 8E6247F418B4C8AE9EEB0B532CABCC21 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

20:31:33.0369 0184 nvlddmkm - ok

20:31:33.0411 0184 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

20:31:33.0412 0184 nvraid - ok

20:31:33.0439 0184 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

20:31:33.0440 0184 nvstor - ok

20:31:33.0486 0184 [ 41B97DCE2B2D113B831EB197F02A7398 ] nvsvc C:\Windows\system32\nvvsvc.exe

20:31:33.0490 0184 nvsvc - ok

20:31:33.0576 0184 [ A3A25E0509F67473B960DAF214828BE3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

20:31:33.0581 0184 nvUpdatusService - ok

20:31:33.0617 0184 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

20:31:33.0618 0184 nv_agp - ok

20:31:37.0172 0184 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

20:31:37.0174 0184 odserv - ok

20:31:37.0212 0184 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

20:31:37.0213 0184 ohci1394 - ok

20:31:37.0230 0184 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:31:37.0230 0184 ose - ok

20:31:37.0255 0184 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

20:31:37.0258 0184 p2pimsvc - ok

20:31:37.0283 0184 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

20:31:37.0286 0184 p2psvc - ok

20:31:37.0328 0184 [ CE5A72B6E416E7BE1C4669D46BBBB1B5 ] PaeFireStudio C:\Windows\system32\Drivers\PaeFireStudio.sys

20:31:37.0330 0184 PaeFireStudio - ok

20:31:37.0340 0184 [ 89881B3F35936160EE6015A958F369E2 ] PaeFireStudioAudio C:\Windows\system32\drivers\PaeFireStudioAudio.sys

20:31:37.0340 0184 PaeFireStudioAudio - ok

20:31:37.0380 0184 [ 386D31B2FCB8249A868F39366223FDCF ] PaeFireStudioMidi C:\Windows\system32\drivers\PaeFireStudioMidi.sys

20:31:37.0380 0184 PaeFireStudioMidi - ok

20:31:37.0405 0184 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

20:31:37.0406 0184 Parport - ok

20:31:37.0433 0184 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

20:31:37.0434 0184 partmgr - ok

20:31:37.0445 0184 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

20:31:37.0446 0184 PcaSvc - ok

20:31:37.0458 0184 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

20:31:37.0459 0184 pci - ok

20:31:37.0465 0184 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

20:31:37.0465 0184 pciide - ok

20:31:37.0483 0184 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

20:31:37.0484 0184 pcmcia - ok

20:31:37.0500 0184 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

20:31:37.0501 0184 pcw - ok

20:31:37.0521 0184 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

20:31:37.0524 0184 PEAUTH - ok

20:31:37.0557 0184 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

20:31:37.0563 0184 PeerDistSvc - ok

20:31:37.0612 0184 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

20:31:37.0613 0184 PerfHost - ok

20:31:37.0672 0184 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

20:31:37.0678 0184 pla - ok

20:31:37.0715 0184 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

20:31:37.0718 0184 PlugPlay - ok

20:31:37.0755 0184 [ 2B85237F904C5BDF7AD386F0EDE19BD3 ] PMEM C:\Windows\SysWOW64\drivers\pmemnt.sys

20:31:37.0756 0184 PMEM - ok

20:31:37.0789 0184 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

20:31:37.0790 0184 Pml Driver HPZ12 - ok

20:31:37.0802 0184 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

20:31:37.0804 0184 PNRPAutoReg - ok

20:31:37.0809 0184 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

20:31:37.0811 0184 PNRPsvc - ok

20:31:37.0826 0184 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

20:31:37.0829 0184 PolicyAgent - ok

20:31:37.0850 0184 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

20:31:37.0852 0184 Power - ok

20:31:37.0886 0184 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

20:31:37.0887 0184 PptpMiniport - ok

20:31:37.0903 0184 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

20:31:37.0903 0184 Processor - ok

20:31:37.0935 0184 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

20:31:37.0937 0184 ProfSvc - ok

20:31:37.0947 0184 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

20:31:37.0948 0184 ProtectedStorage - ok

20:31:37.0998 0184 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

20:31:37.0998 0184 Psched - ok

20:31:38.0036 0184 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

20:31:38.0042 0184 ql2300 - ok

20:31:38.0056 0184 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

20:31:38.0057 0184 ql40xx - ok

20:31:38.0072 0184 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

20:31:38.0074 0184 QWAVE - ok

20:31:38.0080 0184 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

20:31:38.0081 0184 QWAVEdrv - ok

20:31:38.0093 0184 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

20:31:38.0093 0184 RasAcd - ok

20:31:38.0121 0184 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

20:31:38.0122 0184 RasAgileVpn - ok

20:31:38.0130 0184 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

20:31:38.0132 0184 RasAuto - ok

20:31:38.0177 0184 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

20:31:38.0178 0184 Rasl2tp - ok

20:31:38.0214 0184 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

20:31:38.0217 0184 RasMan - ok

20:31:38.0230 0184 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

20:31:38.0231 0184 RasPppoe - ok

20:31:38.0244 0184 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

20:31:38.0245 0184 RasSstp - ok

20:31:38.0250 0184 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

20:31:38.0252 0184 rdbss - ok

20:31:38.0262 0184 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

20:31:38.0262 0184 rdpbus - ok

20:31:38.0290 0184 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

20:31:38.0290 0184 RDPCDD - ok

20:31:38.0330 0184 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

20:31:38.0331 0184 RDPDR - ok

20:31:38.0344 0184 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

20:31:38.0345 0184 RDPENCDD - ok

20:31:38.0354 0184 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

20:31:38.0354 0184 RDPREFMP - ok

20:31:38.0400 0184 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

20:31:38.0401 0184 RdpVideoMiniport - ok

20:31:38.0429 0184 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

20:31:38.0430 0184 RDPWD - ok

20:31:38.0443 0184 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

20:31:38.0444 0184 rdyboost - ok

20:31:38.0461 0184 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

20:31:38.0462 0184 RemoteAccess - ok

20:31:38.0470 0184 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

20:31:38.0471 0184 RemoteRegistry - ok

20:31:38.0489 0184 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

20:31:38.0490 0184 RpcEptMapper - ok

20:31:38.0500 0184 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

20:31:38.0501 0184 RpcLocator - ok

20:31:38.0543 0184 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

20:31:38.0546 0184 RpcSs - ok

20:31:38.0554 0184 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

20:31:38.0555 0184 rspndr - ok

20:31:38.0587 0184 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

20:31:38.0588 0184 s3cap - ok

20:31:38.0596 0184 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

20:31:38.0597 0184 SamSs - ok

20:31:38.0645 0184 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

20:31:38.0646 0184 SASDIFSV - ok

20:31:38.0650 0184 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

20:31:38.0651 0184 SASKUTIL - ok

20:31:38.0669 0184 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

20:31:38.0670 0184 sbp2port - ok

20:31:38.0695 0184 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

20:31:38.0697 0184 SCardSvr - ok

20:31:38.0735 0184 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

20:31:38.0736 0184 scfilter - ok

20:31:38.0762 0184 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

20:31:38.0767 0184 Schedule - ok

20:31:38.0784 0184 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

20:31:38.0785 0184 SCPolicySvc - ok

20:31:38.0807 0184 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

20:31:38.0809 0184 SDRSVC - ok

20:31:38.0893 0184 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

20:31:38.0893 0184 SeagateDashboardService - ok

20:31:38.0912 0184 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

20:31:38.0913 0184 secdrv - ok

20:31:38.0949 0184 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

20:31:38.0950 0184 seclogon - ok

20:31:39.0047 0184 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

20:31:39.0048 0184 SENS - ok

20:31:42.0196 0184 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

20:31:42.0197 0184 SensrSvc - ok

20:31:42.0253 0184 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

20:31:42.0332 0184 Serenum - ok

20:31:45.0382 0184 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

20:31:45.0383 0184 Serial - ok

20:31:45.0645 0184 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

20:31:45.0645 0184 sermouse - ok

20:31:45.0692 0184 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

20:31:45.0693 0184 SessionEnv - ok

20:31:45.0710 0184 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

20:31:45.0711 0184 sffdisk - ok

20:31:45.0724 0184 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

20:31:45.0724 0184 sffp_mmc - ok

20:31:45.0739 0184 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

20:31:45.0739 0184 sffp_sd - ok

20:31:45.0755 0184 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

20:31:45.0755 0184 sfloppy - ok

20:31:45.0784 0184 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

20:31:45.0786 0184 SharedAccess - ok

20:31:45.0799 0184 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:31:45.0802 0184 ShellHWDetection - ok

20:31:45.0816 0184 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

20:31:45.0816 0184 SiSRaid2 - ok

20:31:45.0820 0184 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

20:31:45.0820 0184 SiSRaid4 - ok

20:31:45.0840 0184 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

20:31:45.0841 0184 Smb - ok

20:31:45.0859 0184 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

20:31:45.0860 0184 SNMPTRAP - ok

20:31:45.0903 0184 [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan C:\Windows\syswow64\speedfan.sys

20:31:45.0904 0184 speedfan - ok

20:31:45.0918 0184 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

20:31:45.0919 0184 spldr - ok

20:31:45.0972 0184 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

20:31:45.0975 0184 Spooler - ok

20:31:46.0053 0184 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

20:31:46.0068 0184 sppsvc - ok

20:31:46.0082 0184 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

20:31:46.0083 0184 sppuinotify - ok

20:31:46.0132 0184 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

20:31:46.0134 0184 srv - ok

20:31:46.0152 0184 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

20:31:46.0154 0184 srv2 - ok

20:31:46.0167 0184 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

20:31:46.0168 0184 srvnet - ok

20:31:46.0181 0184 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

20:31:46.0183 0184 SSDPSRV - ok

20:31:46.0192 0184 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

20:31:46.0193 0184 SstpSvc - ok

20:31:46.0197 0184 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

20:31:46.0198 0184 stexstor - ok

20:31:46.0214 0184 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

20:31:46.0217 0184 stisvc - ok

20:31:46.0254 0184 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

20:31:46.0254 0184 storflt - ok

20:31:46.0270 0184 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll

20:31:46.0271 0184 StorSvc - ok

20:31:46.0288 0184 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

20:31:46.0289 0184 storvsc - ok

20:31:46.0309 0184 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

20:31:46.0310 0184 swenum - ok

20:31:46.0328 0184 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

20:31:46.0331 0184 swprv - ok

20:31:46.0389 0184 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

20:31:46.0397 0184 SysMain - ok

20:31:46.0437 0184 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

20:31:46.0439 0184 TabletInputService - ok

20:31:46.0452 0184 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

20:31:46.0454 0184 TapiSrv - ok

20:31:46.0462 0184 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

20:31:46.0463 0184 TBS - ok

20:31:46.0520 0184 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

20:31:46.0528 0184 Tcpip - ok

20:31:46.0561 0184 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

20:31:46.0569 0184 TCPIP6 - ok

20:31:46.0600 0184 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

20:31:46.0600 0184 tcpipreg - ok

20:31:46.0631 0184 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

20:31:46.0632 0184 TDPIPE - ok

20:31:46.0662 0184 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

20:31:46.0662 0184 TDTCP - ok

20:31:46.0699 0184 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

20:31:46.0700 0184 tdx - ok

20:31:46.0710 0184 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

20:31:46.0711 0184 TermDD - ok

20:31:46.0728 0184 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

20:31:46.0732 0184 TermService - ok

20:31:46.0739 0184 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

20:31:46.0740 0184 Themes - ok

20:31:46.0761 0184 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

20:31:46.0762 0184 THREADORDER - ok

20:31:46.0772 0184 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

20:31:46.0774 0184 TrkWks - ok

20:31:46.0823 0184 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:31:46.0824 0184 TrustedInstaller - ok

20:31:46.0861 0184 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

20:31:46.0861 0184 tssecsrv - ok

20:31:46.0896 0184 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

20:31:46.0896 0184 TsUsbFlt - ok

20:31:46.0932 0184 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

20:31:46.0933 0184 tunnel - ok

20:31:46.0948 0184 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

20:31:46.0949 0184 uagp35 - ok

20:31:46.0994 0184 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

20:31:46.0996 0184 udfs - ok

20:31:47.0015 0184 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

20:31:47.0016 0184 UI0Detect - ok

20:31:47.0026 0184 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

20:31:47.0027 0184 uliagpkx - ok

20:31:47.0057 0184 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys

20:31:47.0057 0184 umbus - ok

20:31:47.0073 0184 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

20:31:47.0074 0184 UmPass - ok

20:31:47.0089 0184 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

20:31:47.0091 0184 UmRdpService - ok

20:31:47.0110 0184 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

20:31:47.0113 0184 upnphost - ok

20:31:47.0149 0184 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

20:31:47.0149 0184 usbaudio - ok

20:31:47.0186 0184 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

20:31:47.0187 0184 usbccgp - ok

20:31:47.0218 0184 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

20:31:47.0219 0184 usbcir - ok

20:31:47.0233 0184 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

20:31:47.0233 0184 usbehci - ok

20:31:47.0251 0184 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

20:31:47.0252 0184 usbhub - ok

20:31:47.0272 0184 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

20:31:47.0272 0184 usbohci - ok

20:31:47.0289 0184 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

20:31:47.0290 0184 usbprint - ok

20:31:47.0322 0184 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:31:47.0323 0184 USBSTOR - ok

20:31:47.0340 0184 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

20:31:47.0340 0184 usbuhci - ok

20:31:47.0356 0184 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

20:31:47.0358 0184 UxSms - ok

20:31:47.0371 0184 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

20:31:47.0372 0184 VaultSvc - ok

20:31:47.0384 0184 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

20:31:47.0385 0184 vdrvroot - ok

20:31:47.0425 0184 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

20:31:47.0428 0184 vds - ok

20:31:47.0432 0184 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

20:31:47.0432 0184 vga - ok

20:31:47.0442 0184 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

20:31:47.0443 0184 VgaSave - ok

20:31:47.0462 0184 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

20:31:47.0463 0184 vhdmp - ok

20:31:47.0493 0184 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

20:31:47.0494 0184 viaide - ok

20:31:47.0511 0184 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

20:31:47.0512 0184 vmbus - ok

20:31:47.0523 0184 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

20:31:47.0523 0184 VMBusHID - ok

20:31:47.0539 0184 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

20:31:47.0540 0184 volmgr - ok

20:31:47.0576 0184 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

20:31:47.0578 0184 volmgrx - ok

20:31:47.0589 0184 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

20:31:47.0590 0184 volsnap - ok

20:31:47.0608 0184 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

20:31:47.0609 0184 vsmraid - ok

20:31:47.0662 0184 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

20:31:47.0670 0184 VSS - ok

20:31:47.0768 0184 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

20:31:47.0769 0184 vwifibus - ok

20:31:48.0009 0184 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

20:31:48.0011 0184 W32Time - ok

20:31:48.0017 0184 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

20:31:48.0017 0184 WacomPen - ok

20:31:48.0033 0184 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

20:31:48.0034 0184 WANARP - ok

20:31:48.0037 0184 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

20:31:48.0037 0184 Wanarpv6 - ok

20:31:48.0094 0184 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

20:31:48.0099 0184 WatAdminSvc - ok

20:31:48.0149 0184 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

20:31:48.0156 0184 wbengine - ok

20:31:48.0173 0184 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

20:31:48.0175 0184 WbioSrvc - ok

20:31:48.0218 0184 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

20:31:48.0220 0184 wcncsvc - ok

20:31:48.0230 0184 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:31:48.0231 0184 WcsPlugInService - ok

20:31:48.0244 0184 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

20:31:48.0245 0184 Wd - ok

20:31:48.0296 0184 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

20:31:48.0300 0184 Wdf01000 - ok

20:31:48.0309 0184 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

20:31:48.0310 0184 WdiServiceHost - ok

20:31:48.0313 0184 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

20:31:48.0315 0184 WdiSystemHost - ok

20:31:48.0354 0184 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

20:31:48.0356 0184 WebClient - ok

20:31:48.0367 0184 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

20:31:48.0369 0184 Wecsvc - ok

20:31:48.0373 0184 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

20:31:48.0374 0184 wercplsupport - ok

20:31:48.0380 0184 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

20:31:48.0381 0184 WerSvc - ok

20:31:48.0393 0184 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

20:31:48.0393 0184 WfpLwf - ok

20:31:48.0407 0184 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

20:31:48.0407 0184 WIMMount - ok

20:31:48.0417 0184 WinDefend - ok

20:31:48.0420 0184 WinHttpAutoProxySvc - ok

20:31:48.0460 0184 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

20:31:48.0461 0184 Winmgmt - ok

20:31:48.0498 0184 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

20:31:48.0508 0184 WinRM - ok

20:31:48.0568 0184 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

20:31:48.0573 0184 Wlansvc - ok

20:31:48.0590 0184 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

20:31:48.0591 0184 WmiAcpi - ok

20:31:48.0621 0184 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

20:31:48.0623 0184 wmiApSrv - ok

20:31:48.0630 0184 WMPNetworkSvc - ok

20:31:48.0638 0184 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

20:31:48.0640 0184 WPCSvc - ok

20:31:48.0676 0184 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

20:31:48.0678 0184 WPDBusEnum - ok

20:31:48.0688 0184 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

20:31:48.0688 0184 ws2ifsl - ok

20:31:48.0701 0184 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

20:31:48.0703 0184 wscsvc - ok

20:31:48.0706 0184 WSearch - ok

20:31:48.0785 0184 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

20:31:48.0796 0184 wuauserv - ok

20:31:48.0838 0184 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

20:31:48.0839 0184 WudfPf - ok

20:31:48.0856 0184 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

20:31:48.0857 0184 WUDFRd - ok

20:31:48.0894 0184 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

20:31:48.0896 0184 wudfsvc - ok

20:31:48.0901 0184 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

20:31:48.0903 0184 WwanSvc - ok

20:31:48.0908 0184 ================ Scan global ===============================

20:31:48.0914 0184 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

20:31:48.0949 0184 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

20:31:48.0955 0184 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

20:31:48.0976 0184 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

20:31:48.0988 0184 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

20:31:48.0990 0184 [Global] - ok

20:31:48.0991 0184 ================ Scan MBR ==================================

20:31:48.0997 0184 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

20:31:49.0120 0184 \Device\Harddisk0\DR0 - ok

20:31:49.0123 0184 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

20:31:49.0213 0184 \Device\Harddisk1\DR1 - ok

20:31:49.0217 0184 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2

20:31:49.0222 0184 \Device\Harddisk2\DR2 - ok

20:31:49.0222 0184 ================ Scan VBR ==================================

20:31:49.0224 0184 [ 4AFB4D2D08093B99B8BF3B3C4BC790F3 ] \Device\Harddisk0\DR0\Partition1

20:31:49.0226 0184 \Device\Harddisk0\DR0\Partition1 - ok

20:31:49.0228 0184 [ 880BAA32879CA8EEBE91C6418565632B ] \Device\Harddisk0\DR0\Partition2

20:31:49.0229 0184 \Device\Harddisk0\DR0\Partition2 - ok

20:31:49.0231 0184 [ 87AAF8403399E34821BA0FA9E5D51185 ] \Device\Harddisk1\DR1\Partition1

20:31:49.0232 0184 \Device\Harddisk1\DR1\Partition1 - ok

20:31:49.0234 0184 [ 1FE39BFF041DC09312E2E9DCCB55FD36 ] \Device\Harddisk2\DR2\Partition1

20:31:49.0237 0184 \Device\Harddisk2\DR2\Partition1 - ok

20:31:49.0237 0184 ============================================================

20:31:49.0237 0184 Scan finished

20:31:49.0237 0184 ============================================================

20:31:49.0243 2144 Detected object count: 1

20:31:49.0243 2144 Actual detected object count: 1

20:32:00.0979 2144 monitor ( LockedFile.Multi.Generic ) - skipped by user

20:32:00.0979 2144 monitor ( LockedFile.Multi.Generic ) - User select action: Skip

20:34:03.0313 1136 Deinitialize success

Link to post
Share on other sites

ok. We'll put aside roguekiller.

and IF ERUNT hiccups and complains, you can decline and have it not do any more saves.

You will want to print out or copy these instructions to Notepad for offline reference!

These steps are for member Mtiffin only. If you are a casual viewer, do NOT try this on your system!

If you are not Mtiffin and have a similar problem, do NOT post here; start your own topic

Do not run or start any other programs while these utilities and tools are in use!

Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.

If you have a prior copy of Combofix, delete it now

Download Combofix from any of the links below, and SAVE it to your Desktop.

Link 1

Link 2

**Note: It is important that it is saved directly to your Desktop and not run straight away from download **

Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system

Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.

Right- click on Combo-Fix.exe on your Desktop cf-icon.jpg and select "Run as Administrator".

  • A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix.
    When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

A file will be created at => C:\Combofix.txt.

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh :excl:

Reply & Copy & Paste contents of the C:\Combofix.txt log

and tell me, How is the system now icon_question.gif

Re-enable your antivirus program.

Link to post
Share on other sites

ComboFix 13-05-30.02 - Mitch Tiffin 05/30/2013 6:17.1.6 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16382.14160 [GMT -5:00]

Running from: c:\users\Mitch Tiffin\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\ntuser.dat

c:\windows\security\Database\tmp.edb

.

Infected copy of c:\windows\SysWow64\user32.dll was found and disinfected

Restored copy from - c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

.

Infected copy of c:\windows\SysWow64\mshtml.dll was found and disinfected

Restored copy from - c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20580_none_927db829427d2ddb\mshtml.dll

.

.

((((((((((((((((((((((((( Files Created from 2013-04-28 to 2013-05-30 )))))))))))))))))))))))))))))))

.

.

2013-05-30 11:41 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6203A08A-5A7A-4D8B-97DF-C7F40CE6846F}\mpengine.dll

2013-05-30 11:24 . 2013-05-30 11:24 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-05-30 11:24 . 2013-05-30 11:24 -------- d-----w- c:\users\Music\AppData\Local\temp

2013-05-30 11:24 . 2013-05-30 11:24 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-30 01:29 . 2013-05-30 01:29 -------- d-----w- C:\TDSSKiller_Quarantine

2013-05-30 00:14 . 2013-05-30 00:14 -------- d-----w- C:\ERDNT

2013-05-29 01:57 . 2013-05-29 01:58 -------- d-----w- c:\program files (x86)\ERUNT

2013-05-29 01:57 . 2013-05-13 06:37 9460464 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-05-29 01:34 . 2013-05-29 01:34 -------- d-s---w- c:\windows\SysWow64\Microsoft

2013-05-28 02:11 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe

2013-05-28 02:10 . 2013-05-28 02:10 -------- d-----w- c:\program files\AVAST Software

2013-05-28 02:09 . 2013-05-28 02:10 -------- d-----w- c:\programdata\AVAST Software

2013-05-28 02:00 . 2013-05-28 02:00 -------- d-----w- c:\users\Mitch Tiffin\AppData\Roaming\OpenOffice.org

2013-05-28 01:58 . 2013-05-28 01:58 -------- d-----w- c:\program files (x86)\OpenOffice.org 3

2013-05-25 01:23 . 2013-05-25 01:23 262552 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-19 23:40 . 2012-04-05 14:38 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-05-19 23:40 . 2011-05-17 21:39 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-02 15:29 . 2011-01-22 16:02 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-04-04 19:50 . 2011-09-03 20:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-04-04 10:35 . 2013-04-18 04:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-18 00:33 . 2011-01-25 23:34 72013344 ----a-w- c:\windows\system32\MRT.exe

2013-03-14 21:30 . 2012-07-04 04:06 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2013-03-14 21:30 . 2011-02-03 05:29 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-03 847872]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]

"Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2011-01-24 136416]

"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2007-04-16 259624]

.

c:\users\Mitch Tiffin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Lotus Organizer EasyClip.lnk - e:\lotus\organize\easyclip.exe [N/A]

Lotus QuickStart.lnk - e:\lotus\wordpro\ltsstart.exe [N/A]

Lotus SmartCenter.lnk - e:\lotus\smartctr\smartctr.exe [N/A]

Lotus SuiteStart.lnk - e:\lotus\smartctr\suitest.exe [N/A]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2011-02-23 16008]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-25 1255736]

R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]

R4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]

R4 DraftSight API Service;DraftSight API Service;c:\program files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-07-07 78336]

R4 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-05-06 1085440]

R4 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]

S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [2010-07-23 296808]

S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-01-24 25824]

S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2011-02-23 22408]

S3 PaeFireStudio;PreSonus FireStudio;c:\windows\system32\Drivers\PaeFireStudio.sys [2010-10-14 214776]

S3 PaeFireStudioAudio;PreSonus FireStudio Audio;c:\windows\system32\drivers\PaeFireStudioAudio.sys [2010-10-14 39032]

S3 PaeFireStudioMidi;PreSonus FireStudio MIDI;c:\windows\system32\drivers\PaeFireStudioMidi.sys [2010-10-14 42616]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-05-28 02:12 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-28 02:11]

.

2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-28 02:11]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2010-11-16 104008]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

Trusted Zone: intuit.com\ttlc

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2}: NameServer = 68.94.156.1,68.94.157.1

FF - ProfilePath - c:\users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/webhp?hl=en

FF - ExtSQL: 2019-09-25 22:40; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-{501451DE-5808-4599-B544-8BD0915B6B24}_is1 - c:\program files (x86)\FreeRIP3\unins000.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

.

**************************************************************************

.

Completion time: 2013-05-30 07:00:04 - machine was rebooted

ComboFix-quarantined-files.txt 2013-05-30 12:00

.

Pre-Run: 462,618,972,160 bytes free

Post-Run: 464,090,906,624 bytes free

.

- - End Of File - - 6A4AFA75FCF5ADA8637111EDA8AC79F6

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.30.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Mitch Tiffin :: MITCHTIFFIN-PC [administrator]

5/30/2013 4:35:38 PM

mbam-log-2013-05-30 (16-35-38).txt

Scan type: Full scan (C:\|E:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 634576

Time elapsed: 1 hour(s), 52 minute(s), 20 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Excel is still having problems but not with all files

Roguekiller is still hanging on Monitor.sys while looking for faked files

This may be my fault i'm pretty sure adcleaner put hat in to quarantine when i made the wrong choice .....i should have picked skip .............how do i fix that

everything else appears to work but i haven't had time to open and work in everything

Whats next

Link to post
Share on other sites

I would expect that if Excel runs, then it is ok .....and the issue may be a "particular" worksheet that is an issue.

I do not image that adwcleaner is a factor. And as to Roguekiller, we should not try to run it anymore.

You -may- be thinking of the "monitor.sys" which I think you had Tdsskiller remove ?!!?

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    monitor.sys


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Link to post
Share on other sites

Update Excel is still having problems it just didn't show till i tried to use something from the function bars I can enter info but if i try to sort or set print areas it says something is wrong, closes excel, then tries to recover the file and then kills itself

Computer over all load time is several minutes from power to screen then, the internet connection takes another 3 to 4 Min to connect, programs are loading slow, with several "program not responding" freezes this is mostly in the Microsoft products

This system used to have instant opening for anything local but now its like it has to think about it

here is the log

SystemLook 30.07.11 by jpshortstuff

Log created at 13:37 on 01/06/2013 by Mitch Tiffin

Administrator - Elevation successful

WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "monitor.sys"

C:\Windows\System32\DriverStore\FileRepository\monitor.inf_amd64_neutral_ab477c4d805d044f\monitor.sys --a---- 30208 bytes [23:38 13/07/2009] [23:38 13/07/2009] B03D591DC7DA45ECE20B3B467E6AADAA

C:\Windows\winsxs\amd64_monitor.inf_31bf3856ad364e35_6.1.7600.16385_none_9ef8332099f534f8\monitor.sys --a---- 30208 bytes [23:38 13/07/2009] [23:38 13/07/2009] B03D591DC7DA45ECE20B3B467E6AADAA

-= EOF =-

Link to post
Share on other sites

These steps are for Mtiffin only. If you are a casual viewer, do NOT try this on your system!

If you are not Mtiffin and have a similar problem, do NOT post here; start your own topic

The fixes in this Topic are for this system only! Do not apply the fix-instructions from this topic to any other System!

You will want to print out or copy these instructions to Notepad for offline reference!

Do not run or start any other programs while these utilities and tools are in use!

Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

Have infinite patience during the run & scan by Combofix.

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change !

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system

1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

For help reference, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

2. Start NOTEPAD. Check and make sure "word wrap" is off.

From Notepad main menu bar, Select F (format) and make sure Word Wrap is NOT checked.

IF it -is- checkmarked, click that one time so that it is un-checked.

Open notepad and copy/paste the text in the quotebox below into it:


FCopy::
C:\Windows\System32\DriverStore\FileRepository\monitor.inf_amd64_neutral_ab477c4d805d044f\monitor.sys | C:\Windows\system32\DRIVERS\monitor.sys
quit::

Save this as CFScript.txt, in the same location as ComboFix.exe

3. Close any (all) open browsers.

4:

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

  • A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix.
    When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

A file will be created at => C:\Combofix.txt.

Notes:

[1] IF after Combofix reboot you get the message

Illegal operation attempted on registry key that has been marked for deletion

....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.

[2] Do not mouseclick combofix's window nor run any program while Combofix is running.

That may cause it to stall.

[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh :excl:

Reply & Copy & Paste contents of the C:\Combofix.txt log and tell me, How is the system now ?

Re-enable your antivirus program.

Link to post
Share on other sites

rkreport

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Mitch Tiffin [Admin rights]

Mode : Scan -- Date : 06/02/2013 16:19:58

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : NameServer (68.94.156.1,68.94.157.1) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2} : NameServer (68.94.156.1,68.94.157.1) -> FOUND

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Extern Hives: ¤¤¤

-> E:\windows\system32\config\SOFTWARE

-> E:\windows\system32\config\SYSTEM

-> E:\Documents and Settings\Default User\NTUSER.DAT

-> E:\Documents and Settings\LocalService\NTUSER.DAT

-> E:\Documents and Settings\m tiffin\NTUSER.DAT

-> E:\Documents and Settings\NetworkService\NTUSER.DAT

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST31000528AS ATA Device +++++

--- User ---

[MBR] f788b7543368b372fbce54d71f4866da

[bSP] 3bc7fae69c5613d12ec2d6546920ba80 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD1002FAEX-00Z3A0 ATA Device +++++

--- User ---

[MBR] 0ac91f515b3549d7e81ddc40f5f48404

[bSP] 31c0fe7176466ccf32fa109f73be949d : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953859 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive2: Seagate FA GoFlex Desk USB Device +++++

--- User ---

[MBR] 61b1e40b46ea59eb5c1e96fc38bfb77d

[bSP] 5cab7fac78b6fe5301595cea6da44b25 : Empty MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1]_S_06022013_02d1619.txt >>

RKreport[1]_S_06022013_02d1619.txt

Link to post
Share on other sites

ComboFix 13-06-02.02 - Mitch Tiffin 06/02/2013 15:11:10.2.6 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16382.13506 [GMT -5:00]

Running from: c:\users\Mitch Tiffin\Desktop\ComboFix.exe

Command switches used :: c:\users\Mitch Tiffin\Desktop\CFScript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

F:\Autorun.inf

F:\install.exe

F:\Setup.exe

.

.

--------------- FCopy ---------------

.

c:\windows\System32\DriverStore\FileRepository\monitor.inf_amd64_neutral_ab477c4d805d044f\monitor.sys --> c:\windows\system32\DRIVERS\monitor.sys

.

((((((((((((((((((((((((( Files Created from 2013-05-02 to 2013-06-02 )))))))))))))))))))))))))))))))

.

.

2013-06-02 20:16 . 2013-06-02 20:16 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-06-02 20:16 . 2013-06-02 20:16 -------- d-----w- c:\users\Music\AppData\Local\temp

2013-06-02 20:16 . 2013-06-02 20:16 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-06-02 07:29 . 2013-06-02 07:29 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B6B7D7CE-93A3-45ED-86D0-2DCFAED7C4E4}\offreg.dll

2013-06-02 07:27 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B6B7D7CE-93A3-45ED-86D0-2DCFAED7C4E4}\mpengine.dll

2013-05-31 19:53 . 2012-08-10 02:11 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2013-05-31 19:53 . 2013-05-31 19:51 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{27DD3258-9DFB-4BFB-9A75-0B2134F01AA5}\gapaengine.dll

2013-05-31 19:51 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-05-30 01:29 . 2013-05-30 01:29 -------- d-----w- C:\TDSSKiller_Quarantine

2013-05-30 00:14 . 2013-05-30 00:14 -------- d-----w- C:\ERDNT

2013-05-29 01:57 . 2013-05-29 01:58 -------- d-----w- c:\program files (x86)\ERUNT

2013-05-29 01:34 . 2013-05-29 01:34 -------- d-s---w- c:\windows\SysWow64\Microsoft

2013-05-28 02:11 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe

2013-05-28 02:10 . 2013-05-28 02:10 -------- d-----w- c:\program files\AVAST Software

2013-05-28 02:09 . 2013-05-28 02:10 -------- d-----w- c:\programdata\AVAST Software

2013-05-28 02:00 . 2013-05-28 02:00 -------- d-----w- c:\users\Mitch Tiffin\AppData\Roaming\OpenOffice.org

2013-05-28 01:58 . 2013-05-28 01:58 -------- d-----w- c:\program files (x86)\OpenOffice.org 3

2013-05-25 01:23 . 2013-05-25 01:23 262552 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-19 23:40 . 2012-04-05 14:38 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-05-19 23:40 . 2011-05-17 21:39 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-02 15:29 . 2011-01-22 16:02 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-04-04 19:50 . 2011-09-03 20:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-04-04 10:35 . 2013-04-18 04:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-18 00:33 . 2011-01-25 23:34 72013344 ----a-w- c:\windows\system32\MRT.exe

2013-03-14 21:30 . 2012-07-04 04:06 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2013-03-14 21:30 . 2011-02-03 05:29 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-03 847872]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]

"Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2011-01-24 136416]

"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2007-04-16 259624]

.

c:\users\Mitch Tiffin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

ERUNT AutoBackup.lnk - c:\program files (x86)\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Lotus Organizer EasyClip.lnk - e:\lotus\organize\easyclip.exe [N/A]

Lotus QuickStart.lnk - e:\lotus\wordpro\ltsstart.exe [N/A]

Lotus SmartCenter.lnk - e:\lotus\smartctr\smartctr.exe [N/A]

Lotus SuiteStart.lnk - e:\lotus\smartctr\suitest.exe [N/A]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-25 1255736]

R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]

R4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]

R4 DraftSight API Service;DraftSight API Service;c:\program files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-07-07 78336]

R4 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-05-06 1085440]

R4 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]

S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [2010-07-23 296808]

S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-01-24 25824]

S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2011-02-23 22408]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2011-02-23 16008]

S3 PaeFireStudio;PreSonus FireStudio;c:\windows\system32\Drivers\PaeFireStudio.sys [2010-10-14 214776]

S3 PaeFireStudioAudio;PreSonus FireStudio Audio;c:\windows\system32\drivers\PaeFireStudioAudio.sys [2010-10-14 39032]

S3 PaeFireStudioMidi;PreSonus FireStudio MIDI;c:\windows\system32\drivers\PaeFireStudioMidi.sys [2010-10-14 42616]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 84259219

*Deregistered* - 84259219

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-05-28 02:12 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-28 02:11]

.

2013-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-28 02:11]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2010-11-16 104008]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

Trusted Zone: intuit.com\ttlc

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{CD3FA0B9-0756-415F-A362-3FA1224F3BF2}: NameServer = 68.94.156.1,68.94.157.1

FF - ProfilePath - c:\users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/webhp?hl=en

FF - ExtSQL: 2019-09-25 22:40; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\users\Mitch Tiffin\AppData\Roaming\Mozilla\Firefox\Profiles\6kx2u9vk.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-{501451DE-5808-4599-B544-8BD0915B6B24}_is1 - c:\program files (x86)\FreeRIP3\unins000.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-06-02 15:17:47

ComboFix-quarantined-files.txt 2013-06-02 20:17

ComboFix2.txt 2013-05-30 12:00

.

Pre-Run: 464,259,055,616 bytes free

Post-Run: 466,655,969,280 bytes free

.

- - End Of File - - 0FEA289C02C29C33667D67146B717511

Link to post
Share on other sites

This one scared me. on reboot all it did was cycle through the screen colors, I let it go for 20 min then rebooted into safe mode, then rebooted normal and it opened

noticeable speed increase on outlook loading and opening emails the blue circle blinks instead of turning for 3 seconds

Excel is still toast program open but you cant do anything without an error and shutdown

rk runs now but I didn't let it do anything just report

Link to post
Share on other sites

new wrinkle a full shut down will reboot properly but a restart hangs with the screen going through the primary colors, full screen, no graphics

lots of activity on the drive but it appears to loop on the drive activity same as the color changes

Link to post
Share on other sites

I am not really understanding what you noted above.

Forget the "drive activity". Give the system 20 minutes to start in normal mode. Otherwise, say no more than 30 minutes for Safe mode. those are maximal time that I would wait for it.

Let's have you do this procedure next, so we can get a special diagnostic report.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Disconnect any external storage drives from the computer.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

OR If you have the Windows o.s. DVD, then To enter System Recovery Options, by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
    • System Restore
    • Windows Complete PC Restore
    • Windows Memory Diagnostic Tool
    • Command Prompt i_arrow-l.gif

[*]Select Command Prompt

Now, Plug the flashdrive with FRST tool into the PC.

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Link to post
Share on other sites

new problem the only choice it gives me is to repair windows 7 on the e:drive problem is windows 7 is on the c: drive

there is a backup copy of Windows 7 on the e drive but i renamed the folder to old windows it should not be seeing it?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.