Infection?

[hotch]

Hi, I have been experiencing slow downs when access the web. Hard drive light stays on solid for more than a minute and the machine freezes. I have run malwarebytes and am now seeing messages flashing up about blocking malicious web addresses. DDS file below.

Thanks,

Chris

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2

Run by chris at 17:00:05 on 2013-06-05

Microsoft Windows 8 Pro 6.2.9200.0.1252.61.2057.18.3580.1988 [GMT 10:00]

.

AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\system32\dashost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k SDRSVC

C:\WINDOWS\System32\dwm.exe

C:\WINDOWS\system32\taskhostex.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\Brownie\BrStsW64.exe

C:\Program Files (x86)\Brownie\Brnipmon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Winamp\winampa.exe

C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

C:\Users\chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe

C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [brStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

StartupFolder: C:\Users\chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\chris\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ZINIOA~1.LNK - C:\Program Files (x86)\Zinio Alert Messenger\Zinio Alert Messenger.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe

IE: LastPass - C:\Users\chris\AppData\LocalLow\LastPass\context.html?cmd=lastpass

IE: LastPass Fill Forms - C:\Users\chris\AppData\LocalLow\LastPass\context.html?cmd=fillforms

IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

TCP: NameServer = 61.9.134.49 61.9.133.193

TCP: Interfaces\{D1430AA8-AA8A-43E4-B906-5227C4B18FD7} : DHCPNameServer = 61.9.134.49 61.9.133.193

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\wk59uqc8.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.au/

FF - prefs.js: network.proxy.http - 42.121.19.228

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\WINDOWS\System32\Drivers\amd_sata.sys [2013-6-3 79528]

R0 amd_xata;amd_xata;C:\WINDOWS\System32\Drivers\amd_xata.sys [2013-6-3 26280]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-6 361984]

R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-4 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-4 701512]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\Drivers\AtihdW86.sys [2013-6-3 98472]

R3 LVRS64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\Drivers\lvrs64.sys [2009-10-7 327704]

R3 LVUVC64;@oem8.inf,%PID_09A1_DD%(UVC);Logitech QuickCam S5500(UVC);C:\WINDOWS\System32\Drivers\lvuvc64.sys [2009-10-7 6379288]

R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2013-6-4 25928]

R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\Drivers\Rt630x64.sys [2013-6-3 683664]

R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\Drivers\usbfilter.sys [2013-6-3 57000]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-26 117248]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;"c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" --> c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [?]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS --> c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [?]

.

=============== File Associations ===============

.

FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [userChoice]

.

=============== Created Last 30 ================

.

2013-06-04 21:54:49 222384 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10205.bin

2013-06-04 21:29:27 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DECD0607-B46C-40B9-934E-E7BDE452E65E}\mpengine.dll

2013-06-04 07:08:14 -------- d-----w- C:\Users\chris\AppData\Roaming\Malwarebytes

2013-06-04 07:07:57 -------- d-----w- C:\ProgramData\Malwarebytes

2013-06-04 07:07:55 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2013-06-04 07:07:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-06-03 21:25:11 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2013-06-03 08:32:40 -------- d-----w- C:\WINDOWS\LastGood.Tmp

2013-06-03 08:32:16 74344 ----a-w- C:\WINDOWS\System32\RtNicProp64.dll

2013-06-03 08:32:16 683664 ----a-w- C:\WINDOWS\System32\drivers\Rt630x64.sys

2013-06-03 08:31:20 57000 ----a-w- C:\WINDOWS\System32\drivers\usbfilter.sys

2013-06-03 08:26:24 98472 ----a-w- C:\WINDOWS\System32\drivers\AtihdW86.sys

2013-06-03 08:26:24 79528 ----a-w- C:\WINDOWS\System32\drivers\amd_sata.sys

2013-06-03 08:26:24 26280 ----a-w- C:\WINDOWS\System32\drivers\amd_xata.sys

2013-06-03 08:26:24 17064 ----a-w- C:\WINDOWS\System32\drivers\AtiPcie64.sys

2013-06-01 07:03:08 -------- d-----w- C:\WINDOWS\System32\RsFx

2013-06-01 07:01:10 -------- d-----w- C:\Program Files\Microsoft SQL Server

2013-06-01 06:59:02 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server

2013-06-01 06:58:52 -------- d-----w- C:\Program Files\Microsoft Synchronization Services

2013-06-01 06:58:52 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition

2013-06-01 06:58:44 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services

2013-06-01 06:58:44 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2013-06-01 06:57:24 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0

2013-06-01 06:56:44 -------- d-----w- C:\Program Files\Microsoft Help Viewer

2013-06-01 06:56:34 -------- d-----w- C:\WINDOWS\PCHEALTH

2013-06-01 01:33:24 -------- d-----w- C:\ProgramData\EPSON

2013-05-30 10:31:24 -------- d-----w- C:\Users\chris\AppData\Local\Google

2013-05-25 02:48:44 -------- d-----w- C:\Users\chris\AppData\Local\ArcSoft

2013-05-25 02:42:40 -------- d--h--w- C:\ProgramData\ArcSoft

2013-05-25 02:41:52 499712 ----a-r- C:\WINDOWS\SysWow64\msvcp71.dll

2013-05-25 02:41:52 348160 ----a-w- C:\WINDOWS\SysWow64\msvcr71.dll

2013-05-25 02:41:52 22784 ----a-w- C:\WINDOWS\SysWow64\drivers\afc.sys

2013-05-25 02:40:09 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll

2013-05-25 02:40:09 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll

2013-05-25 02:40:08 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll

2013-05-25 02:40:08 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll

2013-05-25 02:40:07 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe

2013-05-25 02:38:19 -------- d-----w- C:\Users\chris\AppData\Local\ABBYY

2013-05-25 02:38:01 -------- d-----w- C:\ProgramData\ABBYY

2013-05-25 02:38:01 -------- d-----w- C:\Program Files (x86)\Common Files\ABBYY

2013-05-25 02:38:01 -------- d-----w- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint

2013-05-25 02:35:06 696320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll

2013-05-25 02:35:06 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll

2013-05-25 02:35:06 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe

2013-05-25 02:35:06 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll

2013-05-25 02:35:06 163972 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll

2013-05-25 02:35:06 155648 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll

2013-05-25 02:35:05 282756 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll

2013-05-25 02:32:31 -------- d-----w- C:\Program Files (x86)\Epson Software

2013-05-25 02:29:55 93184 ----a-w- C:\WINDOWS\System32\esxw2_dd.dll

2013-05-25 02:29:55 65793 ----a-w- C:\WINDOWS\System32\esfwdd.bin

2013-05-25 02:29:55 281088 ----a-w- C:\WINDOWS\System32\esxuindd.dll

2013-05-25 02:29:55 262144 ----a-w- C:\WINDOWS\SysWow64\esintdd.dll

2013-05-25 02:29:55 13824 ----a-w- C:\WINDOWS\System32\esxcdev.dll

2013-05-25 02:29:55 132560 ----a-w- C:\WINDOWS\System32\esdevapp.exe

2013-05-25 02:29:54 -------- d-----w- C:\Program Files (x86)\epson

2013-05-19 07:06:11 -------- d-----w- C:\Program Files (x86)\FLYER eReader

2013-05-19 04:30:46 -------- d-----w- C:\Users\chris\AppData\Roaming\Trading Applications

2013-05-19 04:30:46 -------- d-----w- C:\Trading Applications

2013-05-19 04:30:23 -------- d-----w- C:\Trading Data

2013-05-19 04:18:08 -------- d-----w- C:\Program Files (x86)\AmiBroker

2013-05-19 01:05:00 -------- d-----w- C:\Program Files (x86)\DiskCheckup

2013-05-19 01:03:57 8552448 ----a-w- C:\WINDOWS\SysWow64\glcndFilter.dll

2013-05-19 01:02:45 3236864 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll

2013-05-19 01:01:56 3245568 ----a-w- C:\WINDOWS\System32\rdpcorets.dll

2013-05-19 01:00:59 94208 ----a-w- C:\WINDOWS\SysWow64\mssitlb.dll

2013-05-19 01:00:59 65024 ----a-w- C:\WINDOWS\System32\msscntrs.dll

2013-05-19 01:00:59 48640 ----a-w- C:\WINDOWS\SysWow64\msscntrs.dll

2013-05-19 01:00:59 35328 ----a-w- C:\WINDOWS\SysWow64\mssprxy.dll

2013-05-19 01:00:59 102400 ----a-w- C:\WINDOWS\System32\mssitlb.dll

2013-05-19 01:00:57 2048 ----a-w- C:\WINDOWS\SysWow64\tzres.dll

2013-05-19 01:00:57 2048 ----a-w- C:\WINDOWS\System32\tzres.dll

2013-05-17 01:21:48 76288 ----a-w- C:\WINDOWS\System32\newdev.exe

2013-05-17 01:21:48 301568 ----a-w- C:\WINDOWS\System32\newdev.dll

2013-05-17 01:21:48 275968 ----a-w- C:\WINDOWS\SysWow64\newdev.dll

2013-05-17 01:21:47 75264 ----a-w- C:\WINDOWS\System32\ndadmin.exe

2013-05-17 01:21:47 74240 ----a-w- C:\WINDOWS\SysWow64\newdev.exe

2013-05-17 01:21:47 73728 ----a-w- C:\WINDOWS\SysWow64\ndadmin.exe

2013-05-17 01:21:47 68608 ----a-w- C:\WINDOWS\System32\wwanprotdim.dll

2013-05-17 01:21:47 446976 ----a-w- C:\WINDOWS\System32\wwansvc.dll

2013-05-17 01:21:23 2367528 ----a-w- C:\WINDOWS\System32\WSService.dll

2013-05-17 01:21:14 3265256 ----a-w- C:\WINDOWS\System32\drivers\evbda.sys

2013-05-17 01:21:03 2397184 ----a-w- C:\WINDOWS\System32\WpcMon.exe

2013-05-17 01:21:01 3847168 ----a-w- C:\WINDOWS\System32\d2d1.dll

2013-05-17 01:19:59 75264 ----a-w- C:\WINDOWS\System32\rasdiag.dll

2013-05-15 21:14:56 70144 ----a-w- C:\WINDOWS\System32\appinfo.dll

2013-05-15 21:14:56 112872 ----a-w- C:\WINDOWS\System32\consent.exe

2013-05-15 21:14:52 6987528 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe

2013-05-15 21:14:51 2382336 ----a-w- C:\WINDOWS\SysWow64\esent.dll

2013-05-15 21:14:50 2851840 ----a-w- C:\WINDOWS\System32\esent.dll

2013-05-14 22:18:31 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-05-14 22:18:30 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-05-14 09:39:44 17888 ----a-w- C:\WINDOWS\System32\msvcr100_clr0400.dll

2013-05-14 09:39:43 17888 ----a-w- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll

2013-05-14 09:33:50 775216 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-05-14 09:32:45 94208 ----a-w- C:\WINDOWS\System32\synceng.dll

2013-05-14 09:32:45 72192 ----a-w- C:\WINDOWS\SysWow64\synceng.dll

2013-05-14 09:30:59 144384 ----a-w- C:\WINDOWS\System32\tssdisai.dll

2013-05-14 09:29:57 1690624 ----a-w- C:\WINDOWS\System32\GdiPlus.dll

2013-05-14 07:07:22 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin

2013-05-14 07:07:20 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin

2013-05-13 19:02:58 -------- d-----w- C:\Windows.old

2013-05-13 09:30:23 -------- d-----w- C:\Users\chris\AppData\Local\Packages

2013-05-13 09:30:23 -------- d-----w- C:\ProgramData\PRICache

2013-05-13 09:09:58 -------- d--h--w- C:\Users\chris\AppData

2013-05-13 09:09:58 -------- d-----w- C:\Users\chris\AppData\Local\Temp

2013-05-13 09:09:58 -------- d-----w- C:\Users\chris\AppData\Local\Microsoft

2013-05-13 09:07:34 0 ----a-w- C:\WINDOWS\ativpsrm.bin

2013-05-13 09:07:18 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM

2013-05-13 09:07:18 -------- d-----w- C:\Program Files\Realtek

2013-05-13 08:59:18 35400 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe

2013-05-13 08:59:18 1166440 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll

2013-05-13 08:59:17 35400 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe

2013-05-13 08:59:17 124040 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll

2013-05-13 08:59:17 102528 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll

2013-05-13 08:59:16 778856 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll

2013-05-13 08:36:34 -------- d-----w- C:\WINDOWS\Panther

2013-05-13 08:05:39 -------- d--h--r- C:\ESD

2013-05-07 07:12:34 -------- d-----w- C:\Users\chris\AppData\Roaming\Forex Smart Tools

2013-05-07 07:12:29 -------- d-----w- C:\Program Files (x86)\Forex Smart Tools

2013-05-07 07:12:18 -------- d-----w- C:\Users\chris\AppData\Local\Programs

.

==================== Find3M ====================

.

2013-06-03 09:17:27 14823424 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe

2013-05-07 20:07:50 78200 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

2013-05-07 20:07:50 693112 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe

2013-05-02 15:29:56 278800 ------w- C:\WINDOWS\System32\MpSigStub.exe

2013-04-16 02:34:44 1455368 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys

2013-04-13 05:56:35 444416 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll

2013-04-09 23:17:44 2242048 ----a-w- C:\WINDOWS\System32\wininet.dll

2013-04-09 23:17:36 915968 ----a-w- C:\WINDOWS\System32\uxtheme.dll

2013-04-09 23:16:58 3958784 ----a-w- C:\WINDOWS\System32\jscript9.dll

2013-04-09 22:30:26 1767424 ----a-w- C:\WINDOWS\SysWow64\wininet.dll

2013-04-09 22:29:44 2877440 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll

2013-04-09 05:33:02 489576 ----a-w- C:\WINDOWS\System32\AudioEng.dll

2013-04-09 05:33:02 446792 ----a-w- C:\WINDOWS\System32\AudioSes.dll

2013-04-09 05:33:02 253544 ----a-w- C:\WINDOWS\System32\audiodg.exe

2013-04-09 05:27:43 284424 ----a-w- C:\WINDOWS\System32\drivers\spaceport.sys

2013-04-09 05:20:02 86280 ----a-w- C:\WINDOWS\System32\kdnet.dll

2013-04-09 05:20:02 306952 ----a-w- C:\WINDOWS\System32\kd_02_10ec.dll

2013-04-09 05:18:05 77960 ----a-w- C:\WINDOWS\System32\kdvm.dll

2013-04-09 05:17:57 1829408 ----a-w- C:\WINDOWS\System32\ntdll.dll

2013-04-09 04:52:07 816128 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe

2013-04-09 04:52:07 373760 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe

2013-04-09 04:52:07 197120 ----a-w- C:\WINDOWS\System32\SearchFilterHost.exe

2013-04-09 04:52:07 126464 ----a-w- C:\WINDOWS\System32\Robocopy.exe

2013-04-09 04:52:06 804352 ----a-w- C:\WINDOWS\System32\RecoveryDrive.exe

2013-04-09 04:51:51 367616 ----a-w- C:\WINDOWS\System32\conhost.exe

2013-04-09 04:51:45 523264 ----a-w- C:\WINDOWS\System32\XpsGdiConverter.dll

2013-04-09 04:51:41 99840 ----a-w- C:\WINDOWS\System32\wscsvc.dll

2013-04-09 04:51:41 456704 ----a-w- C:\WINDOWS\System32\wpncore.dll

2013-04-09 04:51:20 13648384 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll

2013-04-09 04:51:17 595456 ----a-w- C:\WINDOWS\System32\Windows.Networking.dll

2013-04-09 04:51:17 391168 ----a-w- C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.dll

2013-04-09 04:51:05 10116096 ----a-w- C:\WINDOWS\System32\twinui.dll

2013-04-09 04:51:03 3552768 ----a-w- C:\WINDOWS\System32\tquery.dll

2013-04-09 04:50:53 414720 ----a-w- C:\WINDOWS\System32\GenuineCenter.dll

2013-04-09 04:50:39 422400 ----a-w- C:\WINDOWS\System32\schannel.dll

2013-04-09 04:50:39 1285632 ----a-w- C:\WINDOWS\System32\schedsvc.dll

2013-04-09 04:50:03 96256 ----a-w- C:\WINDOWS\System32\mssprxy.dll

2013-04-09 04:50:03 745984 ----a-w- C:\WINDOWS\System32\mssvp.dll

2013-04-09 04:50:03 2107904 ----a-w- C:\WINDOWS\System32\mssrch.dll

2013-04-09 04:50:02 435200 ----a-w- C:\WINDOWS\System32\mssph.dll

2013-04-09 04:50:02 13824 ----a-w- C:\WINDOWS\System32\msshooks.dll

2013-04-09 04:49:54 1444864 ----a-w- C:\WINDOWS\System32\MSAudDecMFT.dll

2013-04-09 04:49:45 468992 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll

2013-04-09 04:49:45 281088 ----a-w- C:\WINDOWS\System32\mfreadwrite.dll

2013-04-09 04:49:36 817152 ----a-w- C:\WINDOWS\System32\kerberos.dll

2013-04-09 04:49:33 210432 ----a-w- C:\WINDOWS\System32\iuilp.dll

2013-04-09 04:49:16 50176 ----a-w- C:\WINDOWS\System32\fmifs.dll

2013-04-09 04:49:16 231936 ----a-w- C:\WINDOWS\System32\fhengine.dll

2013-04-09 04:49:09 172544 ----a-w- C:\WINDOWS\System32\dwmredir.dll

2013-04-09 04:49:06 196096 ----a-w- C:\WINDOWS\System32\dmvdsitf.dll

2013-04-09 04:48:43 2303488 ----a-w- C:\WINDOWS\System32\authui.dll

2013-04-09 04:48:42 785408 ----a-w- C:\WINDOWS\System32\audiosrv.dll

2013-04-09 04:48:42 169472 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll

2013-04-09 04:48:34 419840 ----a-w- C:\WINDOWS\System32\intl.cpl

2013-04-09 02:35:13 4038144 ----a-w- C:\WINDOWS\System32\win32k.sys

2013-04-09 02:34:49 83968 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys

2013-04-09 02:34:42 27648 ----a-w- C:\WINDOWS\System32\drivers\hidusb.sys

2013-04-09 02:34:30 95744 ----a-w- C:\WINDOWS\System32\drivers\hidbth.sys

2013-04-09 02:33:41 60416 ----a-w- C:\WINDOWS\System32\drivers\ndproxy.sys

2013-04-09 02:33:05 623104 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys

2013-04-09 02:32:02 805376 ----a-w- C:\WINDOWS\System32\drivers\PEAuth.sys

2013-04-09 02:31:14 247808 ----a-w- C:\WINDOWS\System32\drivers\srvnet.sys

2013-04-09 02:31:01 83456 ----a-w- C:\WINDOWS\System32\drivers\wanarp.sys

2013-04-08 23:44:25 123880 ----a-w- C:\WINDOWS\SysWow64\wscapi.dll

2013-04-08 23:39:14 1408896 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll

2013-04-08 23:37:29 426024 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll

2013-04-08 23:37:29 324368 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll

2013-04-08 21:52:16 670208 ----a-w- C:\WINDOWS\SysWow64\SearchIndexer.exe

2013-04-08 21:52:16 302592 ----a-w- C:\WINDOWS\SysWow64\SearchProtocolHost.exe

2013-04-08 21:52:16 171008 ----a-w- C:\WINDOWS\SysWow64\SearchFilterHost.exe

2013-04-08 21:52:16 106496 ----a-w- C:\WINDOWS\SysWow64\Robocopy.exe

2013-04-08 21:52:06 364544 ----a-w- C:\WINDOWS\SysWow64\XpsGdiConverter.dll

2013-04-04 23:30:17 503080 ----a-w- C:\WINDOWS\System32\ci.dll

2013-04-03 19:35:05 95648 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll

2013-03-30 18:16:05 1403784 ----a-w- C:\WINDOWS\System32\winload.efi

2013-03-30 18:16:05 1267424 ----a-w- C:\WINDOWS\System32\winload.exe

2013-03-28 22:09:09 1093880 ----a-w- C:\WINDOWS\System32\winresume.exe

2013-03-28 22:09:04 1217328 ----a-w- C:\WINDOWS\System32\winresume.efi

2013-03-15 22:05:34 298456 ----a-w- C:\WINDOWS\System32\rsaenh.dll

2013-03-15 22:05:16 252928 ----a-w- C:\WINDOWS\SysWow64\rsaenh.dll

2013-03-15 00:17:18 861184 ----a-w- C:\WINDOWS\System32\drivers\http.sys

.

============= FINISH: 17:00:45.13 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8 Pro

Boot Device: \Device\HarddiskVolume1

Install Date: 13/05/2013 19:30:19

System Uptime: 04/06/2013 21:13:11 (20 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | GA-880GM-UD2H

Processor: AMD Phenom II X4 840 Processor | Socket M2 | 800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 488 GiB total, 404.168 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP4: 25/05/2013 12:32:07 - Installed Document Capture Pro

RP5: 28/05/2013 12:50:35 - Installed Connect Service

RP6: 29/05/2013 12:53:20 - Installed Connect Service

RP7: 03/06/2013 18:31:54 - Installed Realtek Ethernet Controller Driver

.

==== Installed Programs ======================

.

7-Zip 9.20 (x64 edition)

ABBYY FineReader 9.0 Sprint

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.03)

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Fuel

AMD VISION Engine Control Center

AmiBroker 5.60.3

ArcSoft MediaImpression 2

ArcSoft Scan-n-Stitch Deluxe

Brother HL-5340D

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

DiskCheckup v3.1

Document Capture Pro

Dropbox

Epson Copy Utility 3.5

Epson Event Manager

EPSON Scan

Epson User's Guide EPSON Perfection V370 Photo

eReader 1.0

Exact Audio Copy 1.0beta3

Forex Calculator 2.3.14

Forex Trade Log 2.2.3

FXCM Trading Station

Global Prime MT4

Go Trader MT4

Google Chrome

Google Update Helper

inSSIDer

Java 7 Update 21

Java Auto Updater

LastPass(uninstall only)

LibreOffice 4.0 Help Pack (English)

LibreOffice 4.0.1.2

Logitech Harmony Remote Software (x86)

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft Help Viewer 1.0

Microsoft Silverlight

Microsoft SQL Server 2008 (64-bit)

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 Native Client

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Compact 3.5 SP2 x64 ENU

Microsoft SQL Server System CLR Types

Microsoft SQL Server VSS Writer

Microsoft Visual C# 2010 Express - ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU

Mozilla Firefox 21.0 (x86 en-US)

Mozilla Maintenance Service

Mozilla Thunderbird 17.0.6 (x86 en-US)

Premium Data

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

SABnzbd 0.7.11

Service Pack 1 for SQL Server 2008 (KB968369) (64-bit)

Skype™ 6.3

Sql Server Customer Experience Improvement Program

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

VLC media player 2.0.5

Winamp

Winamp Detector Plug-in

Zinio Alert Messenger

Zinio Reader 4

.

==== Event Viewer Messages From Past Week ========

.

04/06/2013 21:13:51, Error: Service Control Manager [7000] - The SQL Server VSS Writer service failed to start due to the following error: The system cannot find the file specified.

04/06/2013 21:13:51, Error: Service Control Manager [7000] - The SQL Server (SQLEXPRESS) service failed to start due to the following error: The system cannot find the file specified.

03/06/2013 18:40:58, Error: volmgr [45] - The system could not sucessfully load the crash dump driver.

03/06/2013 18:32:41, Error: RTL8168 [5001] - Realtek PCIe GBE Family Controller : Could not allocate the resources necessary for operation.

03/06/2013 17:36:09, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.

03/06/2013 07:03:02, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

.

==== End Of File ===========================

[Psychotic]

Hi there,

my name is Marius and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

• First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  
• Perform everything in the correct order. Sometimes one step requires the previous one.
  
• If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  
• Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  
• Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  
• Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  
• My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

• Execute TDSSKiller.exe by doubleclicking on it.
  
• Press Start Scan
  
• If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  
• Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt
  

Please post the contents of that log in your next reply.

Scan with aswMBR

Please download aswMBR.exe to your desktop.

• Double-click the aswMBR.exe to run it
  
• When prompted with The application can use the Avast! Free Antivirus for scanning >> select No
  
• Now click on the Scan button to start scan
  
• On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply
  

Note: There will also be a file on your desktop named MBR.dat(or similir) do not delete this for now it is a actual backup of the MBR(master boot record).

[hotch]

Thanks Marius,

I have run the two programs. The aswMBR.exe would not run to completion, it started the scan then came up with a windows error message saying it could not complete. I could not download a log file for it.

Here is the other logfile.

20:50:50.0738 1356 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

20:50:51.0622 1356 ============================================================

20:50:51.0622 1356 Current date / time: 2013/06/05 20:50:51.0622

20:50:51.0622 1356 SystemInfo:

20:50:51.0622 1356

20:50:51.0622 1356 OS Version: 6.2.9200 ServicePack: 0.0

20:50:51.0622 1356 Product type: Workstation

20:50:51.0622 1356 ComputerName: OFFICE-PC

20:50:51.0622 1356 UserName: chris

20:50:51.0622 1356 Windows directory: C:\WINDOWS

20:50:51.0622 1356 System windows directory: C:\WINDOWS

20:50:51.0622 1356 Running under WOW64

20:50:51.0622 1356 Processor architecture: Intel x64

20:50:51.0622 1356 Number of processors: 4

20:50:51.0622 1356 Page size: 0x1000

20:50:51.0622 1356 Boot type: Normal boot

20:50:51.0622 1356 ============================================================

20:50:52.0384 1356 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1D9265, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040

20:50:52.0390 1356 ============================================================

20:50:52.0390 1356 \Device\Harddisk0\DR0:

20:50:52.0390 1356 MBR partitions:

20:50:52.0390 1356 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

20:50:52.0390 1356 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3D090000

20:50:52.0417 1356 ============================================================

20:50:52.0458 1356 C: <-> \Device\Harddisk0\DR0\Partition2

20:50:52.0458 1356 ============================================================

20:50:52.0458 1356 Initialize success

20:50:52.0458 1356 ============================================================

20:51:07.0116 1248 ============================================================

20:51:07.0116 1248 Scan started

20:51:07.0116 1248 Mode: Manual;

20:51:07.0116 1248 ============================================================

20:51:07.0516 1248 ================ Scan system memory ========================

20:51:07.0516 1248 System memory - ok

20:51:07.0518 1248 ================ Scan services =============================

20:51:07.0643 1248 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys

20:51:07.0649 1248 1394ohci - ok

20:51:07.0679 1248 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys

20:51:07.0681 1248 3ware - ok

20:51:07.0776 1248 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

20:51:07.0791 1248 ABBYY.Licensing.FineReader.Sprint.9.0 - ok

20:51:07.0842 1248 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

20:51:07.0845 1248 ACDaemon - ok

20:51:07.0885 1248 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys

20:51:07.0893 1248 ACPI - ok

20:51:07.0919 1248 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys

20:51:07.0922 1248 acpiex - ok

20:51:07.0938 1248 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys

20:51:07.0940 1248 acpipagr - ok

20:51:07.0978 1248 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys

20:51:07.0979 1248 AcpiPmi - ok

20:51:08.0000 1248 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys

20:51:08.0001 1248 acpitime - ok

20:51:08.0039 1248 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:51:08.0040 1248 AdobeARMservice - ok

20:51:08.0141 1248 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

20:51:08.0146 1248 AdobeFlashPlayerUpdateSvc - ok

20:51:08.0180 1248 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys

20:51:08.0186 1248 adp94xx - ok

20:51:08.0208 1248 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys

20:51:08.0213 1248 adpahci - ok

20:51:08.0244 1248 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys

20:51:08.0247 1248 adpu320 - ok

20:51:08.0283 1248 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll

20:51:08.0286 1248 AeLookupSvc - ok

20:51:08.0323 1248 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\WINDOWS\syswow64\drivers\Afc.sys

20:51:08.0326 1248 Afc - ok

20:51:08.0372 1248 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys

20:51:08.0382 1248 AFD - ok

20:51:08.0388 1248 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys

20:51:08.0390 1248 agp440 - ok

20:51:08.0432 1248 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe

20:51:08.0434 1248 ALG - ok

20:51:08.0462 1248 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll

20:51:08.0464 1248 AllUserInstallAgent - ok

20:51:08.0516 1248 AMD FUEL Service - ok

20:51:08.0549 1248 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys

20:51:08.0552 1248 AmdK8 - ok

20:51:08.0805 1248 [ 8DC532B5BF820E48194C6AFC8862FCBC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys

20:51:09.0021 1248 amdkmdag - ok

20:51:09.0045 1248 [ AA48FEABA50C2DED9C485DFDBA044E40 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys

20:51:09.0048 1248 amdkmdap - ok

20:51:09.0078 1248 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys

20:51:09.0079 1248 AmdPPM - ok

20:51:09.0094 1248 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys

20:51:09.0095 1248 amdsata - ok

20:51:09.0122 1248 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys

20:51:09.0125 1248 amdsbs - ok

20:51:09.0130 1248 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys

20:51:09.0131 1248 amdxata - ok

20:51:09.0160 1248 [ A2EFE3869B976296E097DEF368280F95 ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys

20:51:09.0160 1248 amd_sata - ok

20:51:09.0168 1248 [ 625396421C29FB305C6C6235D01130B8 ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys

20:51:09.0168 1248 amd_xata - ok

20:51:09.0182 1248 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

20:51:09.0183 1248 AODDriver4.1 - ok

20:51:09.0210 1248 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys

20:51:09.0211 1248 AppID - ok

20:51:09.0242 1248 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll

20:51:09.0243 1248 AppIDSvc - ok

20:51:09.0276 1248 [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo C:\WINDOWS\System32\appinfo.dll

20:51:09.0278 1248 Appinfo - ok

20:51:09.0306 1248 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

20:51:09.0311 1248 AppMgmt - ok

20:51:09.0344 1248 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys

20:51:09.0348 1248 arc - ok

20:51:09.0372 1248 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys

20:51:09.0374 1248 arcsas - ok

20:51:09.0389 1248 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

20:51:09.0390 1248 AsyncMac - ok

20:51:09.0411 1248 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys

20:51:09.0411 1248 atapi - ok

20:51:09.0430 1248 [ 506907D2E7F3A5B67DBD39C00A788B7C ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys

20:51:09.0431 1248 AtiHDAudioService - ok

20:51:09.0456 1248 [ 20CAC63FD59A6E0BE4406D3BED9B2DAF ] AtiPcie C:\WINDOWS\system32\drivers\AtiPcie64.sys

20:51:09.0457 1248 AtiPcie - ok

20:51:09.0493 1248 [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll

20:51:09.0498 1248 AudioEndpointBuilder - ok

20:51:09.0535 1248 [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll

20:51:09.0551 1248 Audiosrv - ok

20:51:09.0574 1248 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll

20:51:09.0578 1248 AxInstSV - ok

20:51:09.0616 1248 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys

20:51:09.0621 1248 b06bdrv - ok

20:51:09.0635 1248 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys

20:51:09.0636 1248 BasicDisplay - ok

20:51:09.0643 1248 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys

20:51:09.0645 1248 BasicRender - ok

20:51:09.0696 1248 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll

20:51:09.0718 1248 BDESVC - ok

20:51:09.0749 1248 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

20:51:09.0750 1248 Beep - ok

20:51:09.0790 1248 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\WINDOWS\System32\bfe.dll

20:51:09.0799 1248 BFE - ok

20:51:09.0838 1248 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll

20:51:09.0854 1248 BITS - ok

20:51:09.0861 1248 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys

20:51:09.0862 1248 bowser - ok

20:51:09.0881 1248 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll

20:51:09.0884 1248 BrokerInfrastructure - ok

20:51:09.0908 1248 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll

20:51:09.0910 1248 Browser - ok

20:51:09.0939 1248 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys

20:51:09.0940 1248 BthAvrcpTg - ok

20:51:09.0962 1248 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys

20:51:09.0964 1248 BthHFEnum - ok

20:51:09.0980 1248 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys

20:51:09.0981 1248 bthhfhid - ok

20:51:09.0999 1248 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys

20:51:10.0000 1248 BTHMODEM - ok

20:51:10.0035 1248 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll

20:51:10.0037 1248 bthserv - ok

20:51:10.0061 1248 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys

20:51:10.0064 1248 cdfs - ok

20:51:10.0099 1248 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys

20:51:10.0104 1248 cdrom - ok

20:51:10.0129 1248 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll

20:51:10.0134 1248 CertPropSvc - ok

20:51:10.0162 1248 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys

20:51:10.0163 1248 circlass - ok

20:51:10.0190 1248 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys

20:51:10.0194 1248 CLFS - ok

20:51:10.0223 1248 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys

20:51:10.0225 1248 CmBatt - ok

20:51:10.0265 1248 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys

20:51:10.0271 1248 CNG - ok

20:51:10.0293 1248 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys

20:51:10.0295 1248 CompositeBus - ok

20:51:10.0302 1248 COMSysApp - ok

20:51:10.0309 1248 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys

20:51:10.0310 1248 condrv - ok

20:51:10.0339 1248 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll

20:51:10.0340 1248 CryptSvc - ok

20:51:10.0374 1248 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC C:\WINDOWS\system32\drivers\csc.sys

20:51:10.0380 1248 CSC - ok

20:51:10.0425 1248 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll

20:51:10.0440 1248 CscService - ok

20:51:10.0487 1248 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys

20:51:10.0488 1248 dam - ok

20:51:10.0521 1248 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

20:51:10.0532 1248 DcomLaunch - ok

20:51:10.0552 1248 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll

20:51:10.0557 1248 defragsvc - ok

20:51:10.0578 1248 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll

20:51:10.0583 1248 DeviceAssociationService - ok

20:51:10.0599 1248 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll

20:51:10.0602 1248 DeviceInstall - ok

20:51:10.0623 1248 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys

20:51:10.0625 1248 Dfsc - ok

20:51:10.0648 1248 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll

20:51:10.0652 1248 Dhcp - ok

20:51:10.0675 1248 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys

20:51:10.0677 1248 discache - ok

20:51:10.0701 1248 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys

20:51:10.0703 1248 disk - ok

20:51:10.0720 1248 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys

20:51:10.0721 1248 dmvsc - ok

20:51:10.0741 1248 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

20:51:10.0744 1248 Dnscache - ok

20:51:10.0786 1248 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll

20:51:10.0790 1248 dot3svc - ok

20:51:10.0819 1248 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll

20:51:10.0822 1248 DPS - ok

20:51:10.0847 1248 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

20:51:10.0848 1248 drmkaud - ok

20:51:10.0876 1248 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll

20:51:10.0879 1248 DsmSvc - ok

20:51:10.0933 1248 [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys

20:51:10.0948 1248 DXGKrnl - ok

20:51:10.0977 1248 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll

20:51:10.0980 1248 Eaphost - ok

20:51:11.0059 1248 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys

20:51:11.0116 1248 ebdrv - ok

20:51:11.0159 1248 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\WINDOWS\System32\lsass.exe

20:51:11.0179 1248 EFS - ok

20:51:11.0214 1248 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys

20:51:11.0216 1248 EhStorClass - ok

20:51:11.0242 1248 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys

20:51:11.0245 1248 EhStorTcgDrv - ok

20:51:11.0269 1248 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys

20:51:11.0270 1248 ErrDev - ok

20:51:11.0335 1248 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll

20:51:11.0346 1248 EventSystem - ok

20:51:11.0379 1248 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys

20:51:11.0384 1248 exfat - ok

20:51:11.0411 1248 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys

20:51:11.0416 1248 fastfat - ok

20:51:11.0471 1248 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe

20:51:11.0487 1248 Fax - ok

20:51:11.0523 1248 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys

20:51:11.0524 1248 fdc - ok

20:51:11.0555 1248 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll

20:51:11.0557 1248 fdPHost - ok

20:51:11.0596 1248 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll

20:51:11.0600 1248 FDResPub - ok

20:51:11.0619 1248 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\WINDOWS\system32\fhsvc.dll

20:51:11.0624 1248 fhsvc - ok

20:51:11.0641 1248 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys

20:51:11.0644 1248 FileInfo - ok

20:51:11.0658 1248 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys

20:51:11.0659 1248 Filetrace - ok

20:51:11.0690 1248 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys

20:51:11.0691 1248 flpydisk - ok

20:51:11.0716 1248 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

20:51:11.0721 1248 FltMgr - ok

20:51:11.0786 1248 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll

20:51:11.0809 1248 FontCache - ok

20:51:11.0904 1248 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:51:11.0907 1248 FontCache3.0.0.0 - ok

20:51:11.0918 1248 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys

20:51:11.0921 1248 FsDepends - ok

20:51:11.0940 1248 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

20:51:11.0942 1248 Fs_Rec - ok

20:51:11.0973 1248 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys

20:51:11.0979 1248 fvevol - ok

20:51:12.0005 1248 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys

20:51:12.0006 1248 FxPPM - ok

20:51:12.0025 1248 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys

20:51:12.0027 1248 gagp30kx - ok

20:51:12.0053 1248 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys

20:51:12.0054 1248 gencounter - ok

20:51:12.0090 1248 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys

20:51:12.0092 1248 GPIOClx0101 - ok

20:51:12.0141 1248 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll

20:51:12.0156 1248 gpsvc - ok

20:51:12.0222 1248 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:51:12.0224 1248 gupdate - ok

20:51:12.0234 1248 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:51:12.0236 1248 gupdatem - ok

20:51:12.0259 1248 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys

20:51:12.0260 1248 HDAudBus - ok

20:51:12.0278 1248 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys

20:51:12.0279 1248 HidBatt - ok

20:51:12.0313 1248 [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys

20:51:12.0315 1248 HidBth - ok

20:51:12.0354 1248 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys

20:51:12.0356 1248 hidi2c - ok

20:51:12.0383 1248 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys

20:51:12.0386 1248 HidIr - ok

20:51:12.0409 1248 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll

20:51:12.0413 1248 hidserv - ok

20:51:12.0443 1248 [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys

20:51:12.0444 1248 HidUsb - ok

20:51:12.0481 1248 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll

20:51:12.0486 1248 hkmsvc - ok

20:51:12.0515 1248 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll

20:51:12.0523 1248 HomeGroupListener - ok

20:51:12.0550 1248 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll

20:51:12.0556 1248 HomeGroupProvider - ok

20:51:12.0581 1248 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys

20:51:12.0584 1248 HpSAMD - ok

20:51:12.0643 1248 [ F4A91D985EB9D1D2717D538F3424603C ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys

20:51:12.0659 1248 HTTP - ok

20:51:12.0685 1248 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys

20:51:12.0687 1248 hwpolicy - ok

20:51:12.0710 1248 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys

20:51:12.0711 1248 hyperkbd - ok

20:51:12.0728 1248 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys

20:51:12.0729 1248 HyperVideo - ok

20:51:12.0755 1248 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys

20:51:12.0757 1248 i8042prt - ok

20:51:12.0773 1248 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys

20:51:12.0778 1248 iaStorV - ok

20:51:12.0818 1248 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys

20:51:12.0819 1248 iirsp - ok

20:51:12.0861 1248 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\WINDOWS\System32\ikeext.dll

20:51:12.0874 1248 IKEEXT - ok

20:51:13.0001 1248 [ 7A93DBF7DD86A28C0B941F4D39B85A0E ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys

20:51:13.0098 1248 IntcAzAudAddService - ok

20:51:13.0133 1248 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys

20:51:13.0134 1248 intelide - ok

20:51:13.0159 1248 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys

20:51:13.0160 1248 intelppm - ok

20:51:13.0173 1248 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

20:51:13.0175 1248 IpFilterDriver - ok

20:51:13.0225 1248 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll

20:51:13.0242 1248 iphlpsvc - ok

20:51:13.0262 1248 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys

20:51:13.0264 1248 IPMIDRV - ok

20:51:13.0277 1248 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys

20:51:13.0279 1248 IPNAT - ok

20:51:13.0306 1248 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys

20:51:13.0307 1248 IRENUM - ok

20:51:13.0335 1248 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys

20:51:13.0336 1248 isapnp - ok

20:51:13.0377 1248 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys

20:51:13.0384 1248 iScsiPrt - ok

20:51:13.0423 1248 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys

20:51:13.0426 1248 kbdclass - ok

20:51:13.0446 1248 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys

20:51:13.0448 1248 kbdhid - ok

20:51:13.0462 1248 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys

20:51:13.0464 1248 kdnic - ok

20:51:13.0481 1248 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\WINDOWS\system32\lsass.exe

20:51:13.0483 1248 KeyIso - ok

20:51:13.0503 1248 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys

20:51:13.0505 1248 KSecDD - ok

20:51:13.0517 1248 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys

20:51:13.0522 1248 KSecPkg - ok

20:51:13.0533 1248 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys

20:51:13.0534 1248 ksthunk - ok

20:51:13.0560 1248 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll

20:51:13.0566 1248 KtmRm - ok

20:51:13.0593 1248 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll

20:51:13.0599 1248 LanmanServer - ok

20:51:13.0615 1248 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

20:51:13.0620 1248 LanmanWorkstation - ok

20:51:13.0629 1248 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys

20:51:13.0631 1248 lltdio - ok

20:51:13.0649 1248 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll

20:51:13.0654 1248 lltdsvc - ok

20:51:13.0683 1248 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll

20:51:13.0685 1248 lmhosts - ok

20:51:13.0716 1248 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys

20:51:13.0718 1248 LSI_SAS - ok

20:51:13.0748 1248 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys

20:51:13.0751 1248 LSI_SAS2 - ok

20:51:13.0779 1248 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys

20:51:13.0783 1248 LSI_SCSI - ok

20:51:13.0811 1248 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys

20:51:13.0814 1248 LSI_SSS - ok

20:51:13.0851 1248 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\WINDOWS\System32\lsm.dll

20:51:13.0862 1248 LSM - ok

20:51:13.0900 1248 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys

20:51:13.0904 1248 luafv - ok

20:51:13.0940 1248 [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64 C:\WINDOWS\system32\DRIVERS\lvrs64.sys

20:51:13.0948 1248 LVRS64 - ok

20:51:14.0095 1248 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\WINDOWS\system32\DRIVERS\lvuvc64.sys

20:51:14.0218 1248 LVUVC64 - ok

20:51:14.0259 1248 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys

20:51:14.0259 1248 MBAMProtector - ok

20:51:14.0323 1248 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

20:51:14.0332 1248 MBAMScheduler - ok

20:51:14.0361 1248 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

20:51:14.0375 1248 MBAMService - ok

20:51:14.0391 1248 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys

20:51:14.0393 1248 megasas - ok

20:51:14.0433 1248 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys

20:51:14.0438 1248 MegaSR - ok

20:51:14.0474 1248 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\WINDOWS\system32\mmcss.dll

20:51:14.0476 1248 MMCSS - ok

20:51:14.0502 1248 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys

20:51:14.0503 1248 Modem - ok

20:51:14.0529 1248 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\WINDOWS\System32\drivers\monitor.sys

20:51:14.0530 1248 monitor - ok

20:51:14.0546 1248 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys

20:51:14.0547 1248 mouclass - ok

20:51:14.0571 1248 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys

20:51:14.0572 1248 mouhid - ok

20:51:14.0604 1248 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys

20:51:14.0606 1248 mountmgr - ok

20:51:14.0645 1248 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

20:51:14.0648 1248 MozillaMaintenance - ok

20:51:14.0678 1248 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys

20:51:14.0679 1248 mpsdrv - ok

20:51:14.0715 1248 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll

20:51:14.0734 1248 MpsSvc - ok

20:51:14.0770 1248 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys

20:51:14.0772 1248 MRxDAV - ok

20:51:14.0804 1248 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

20:51:14.0808 1248 mrxsmb - ok

20:51:14.0829 1248 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys

20:51:14.0833 1248 mrxsmb10 - ok

20:51:14.0869 1248 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys

20:51:14.0872 1248 mrxsmb20 - ok

20:51:14.0889 1248 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys

20:51:14.0892 1248 MsBridge - ok

20:51:14.0924 1248 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe

20:51:14.0928 1248 MSDTC - ok

20:51:14.0940 1248 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

20:51:14.0941 1248 Msfs - ok

20:51:14.0962 1248 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys

20:51:14.0963 1248 msgpiowin32 - ok

20:51:14.0978 1248 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys

20:51:14.0979 1248 mshidkmdf - ok

20:51:14.0987 1248 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys

20:51:14.0988 1248 mshidumdf - ok

20:51:15.0001 1248 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys

20:51:15.0002 1248 msisadrv - ok

20:51:15.0019 1248 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll

20:51:15.0022 1248 MSiSCSI - ok

20:51:15.0026 1248 msiserver - ok

20:51:15.0041 1248 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

20:51:15.0042 1248 MSKSSRV - ok

20:51:15.0064 1248 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys

20:51:15.0066 1248 MsLldp - ok

20:51:15.0085 1248 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

20:51:15.0086 1248 MSPCLOCK - ok

20:51:15.0111 1248 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

20:51:15.0112 1248 MSPQM - ok

20:51:15.0123 1248 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys

20:51:15.0128 1248 MsRPC - ok

20:51:15.0138 1248 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys

20:51:15.0139 1248 mssmbios - ok

20:51:15.0211 1248 MSSQL$SQLEXPRESS - ok

20:51:15.0245 1248 MSSQLServerADHelper100 - ok

20:51:15.0267 1248 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys

20:51:15.0268 1248 MSTEE - ok

20:51:15.0297 1248 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys

20:51:15.0298 1248 MTConfig - ok

20:51:15.0320 1248 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys

20:51:15.0321 1248 Mup - ok

20:51:15.0343 1248 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys

20:51:15.0344 1248 mvumis - ok

20:51:15.0383 1248 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll

20:51:15.0390 1248 napagent - ok

20:51:15.0416 1248 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys

20:51:15.0421 1248 NativeWifiP - ok

20:51:15.0453 1248 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll

20:51:15.0457 1248 NcaSvc - ok

20:51:15.0482 1248 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll

20:51:15.0485 1248 NcdAutoSetup - ok

20:51:15.0526 1248 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\WINDOWS\system32\drivers\ndis.sys

20:51:15.0537 1248 NDIS - ok

20:51:15.0543 1248 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys

20:51:15.0545 1248 NdisCap - ok

20:51:15.0552 1248 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys

20:51:15.0554 1248 NdisImPlatform - ok

20:51:15.0581 1248 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

20:51:15.0583 1248 NdisTapi - ok

20:51:15.0608 1248 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

20:51:15.0611 1248 Ndisuio - ok

20:51:15.0641 1248 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

20:51:15.0645 1248 NdisWan - ok

20:51:15.0656 1248 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys

20:51:15.0660 1248 NDISWANLEGACY - ok

20:51:15.0676 1248 [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

20:51:15.0677 1248 NDProxy - ok

20:51:15.0694 1248 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys

20:51:15.0696 1248 Ndu - ok

20:51:15.0722 1248 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

20:51:15.0723 1248 NetBIOS - ok

20:51:15.0733 1248 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

20:51:15.0737 1248 NetBT - ok

20:51:15.0759 1248 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\WINDOWS\system32\lsass.exe

20:51:15.0760 1248 Netlogon - ok

20:51:15.0786 1248 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll

20:51:15.0791 1248 Netman - ok

20:51:15.0825 1248 [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll

20:51:15.0832 1248 netprofm - ok

20:51:15.0880 1248 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:51:15.0883 1248 NetTcpPortSharing - ok

20:51:15.0904 1248 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys

20:51:15.0905 1248 nfrd960 - ok

20:51:15.0934 1248 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll

20:51:15.0941 1248 NlaSvc - ok

20:51:15.0955 1248 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

20:51:15.0957 1248 Npfs - ok

20:51:15.0968 1248 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys

20:51:15.0971 1248 npsvctrig - ok

20:51:15.0985 1248 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll

20:51:15.0988 1248 nsi - ok

20:51:16.0001 1248 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys

20:51:16.0003 1248 nsiproxy - ok

20:51:16.0040 1248 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

20:51:16.0062 1248 Ntfs - ok

20:51:16.0082 1248 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys

20:51:16.0083 1248 Null - ok

20:51:16.0103 1248 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys

20:51:16.0105 1248 nvraid - ok

20:51:16.0124 1248 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys

20:51:16.0126 1248 nvstor - ok

20:51:16.0142 1248 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys

20:51:16.0144 1248 nv_agp - ok

20:51:16.0170 1248 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll

20:51:16.0174 1248 p2pimsvc - ok

20:51:16.0227 1248 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll

20:51:16.0240 1248 p2psvc - ok

20:51:16.0260 1248 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys

20:51:16.0262 1248 Parport - ok

20:51:16.0284 1248 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys

20:51:16.0286 1248 partmgr - ok

20:51:16.0313 1248 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll

20:51:16.0320 1248 PcaSvc - ok

20:51:16.0333 1248 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys

20:51:16.0336 1248 pci - ok

20:51:16.0346 1248 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys

20:51:16.0347 1248 pciide - ok

20:51:16.0382 1248 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys

20:51:16.0385 1248 pcmcia - ok

20:51:16.0405 1248 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys

20:51:16.0406 1248 pcw - ok

20:51:16.0438 1248 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\WINDOWS\system32\drivers\pdc.sys

20:51:16.0439 1248 pdc - ok

20:51:16.0470 1248 [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys

20:51:16.0478 1248 PEAUTH - ok

20:51:16.0530 1248 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll

20:51:16.0573 1248 PeerDistSvc - ok

20:51:16.0682 1248 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe

20:51:16.0684 1248 PerfHost - ok

20:51:16.0742 1248 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll

20:51:16.0755 1248 pla - ok

20:51:16.0787 1248 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll

20:51:16.0789 1248 PlugPlay - ok

20:51:16.0816 1248 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll

20:51:16.0817 1248 PNRPAutoReg - ok

20:51:16.0837 1248 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll

20:51:16.0840 1248 PNRPsvc - ok

20:51:16.0864 1248 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll

20:51:16.0869 1248 PolicyAgent - ok

20:51:16.0894 1248 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\WINDOWS\system32\umpo.dll

20:51:16.0896 1248 Power - ok

20:51:16.0919 1248 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

20:51:16.0920 1248 PptpMiniport - ok

20:51:17.0021 1248 [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll

20:51:17.0072 1248 PrintNotify - ok

20:51:17.0102 1248 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\WINDOWS\System32\drivers\processr.sys

20:51:17.0104 1248 Processor - ok

20:51:17.0125 1248 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll

20:51:17.0128 1248 ProfSvc - ok

20:51:17.0156 1248 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys

20:51:17.0157 1248 Psched - ok

20:51:17.0181 1248 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll

20:51:17.0184 1248 QWAVE - ok

20:51:17.0197 1248 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys

20:51:17.0198 1248 QWAVEdrv - ok

20:51:17.0220 1248 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

20:51:17.0221 1248 RasAcd - ok

20:51:17.0240 1248 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys

20:51:17.0242 1248 RasAgileVpn - ok

20:51:17.0264 1248 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll

20:51:17.0271 1248 RasAuto - ok

20:51:17.0296 1248 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

20:51:17.0298 1248 Rasl2tp - ok

20:51:17.0317 1248 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll

20:51:17.0323 1248 RasMan - ok

20:51:17.0337 1248 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

20:51:17.0339 1248 RasPppoe - ok

20:51:17.0346 1248 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys

20:51:17.0348 1248 RasSstp - ok

20:51:17.0364 1248 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

20:51:17.0369 1248 rdbss - ok

20:51:17.0392 1248 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys

20:51:17.0393 1248 rdpbus - ok

20:51:17.0412 1248 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys

20:51:17.0415 1248 RDPDR - ok

20:51:17.0443 1248 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

20:51:17.0444 1248 RdpVideoMiniport - ok

20:51:17.0461 1248 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

20:51:17.0464 1248 RDPWD - ok

20:51:17.0473 1248 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys

20:51:17.0475 1248 rdyboost - ok

20:51:17.0495 1248 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

20:51:17.0497 1248 RemoteAccess - ok

20:51:17.0522 1248 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

20:51:17.0525 1248 RemoteRegistry - ok

20:51:17.0540 1248 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll

20:51:17.0542 1248 RpcEptMapper - ok

20:51:17.0562 1248 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe

20:51:17.0563 1248 RpcLocator - ok

20:51:17.0575 1248 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll

20:51:17.0580 1248 RpcSs - ok

20:51:17.0585 1248 RsFx0103 - ok

20:51:17.0592 1248 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys

20:51:17.0594 1248 rspndr - ok

20:51:17.0629 1248 [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys

20:51:17.0635 1248 RTL8168 - ok

20:51:17.0648 1248 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys

20:51:17.0649 1248 s3cap - ok

20:51:17.0659 1248 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\WINDOWS\system32\lsass.exe

20:51:17.0661 1248 SamSs - ok

20:51:17.0684 1248 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys

20:51:17.0686 1248 sbp2port - ok

20:51:17.0713 1248 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll

20:51:17.0716 1248 SCardSvr - ok

20:51:17.0728 1248 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys

20:51:17.0729 1248 scfilter - ok

20:51:17.0776 1248 [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule C:\WINDOWS\system32\schedsvc.dll

20:51:17.0788 1248 Schedule - ok

20:51:17.0805 1248 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll

20:51:17.0806 1248 SCPolicySvc - ok

20:51:17.0846 1248 [ 047315E75392CEA447ACC86257824C16 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys

20:51:17.0869 1248 sdbus - ok

20:51:17.0918 1248 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll

20:51:17.0925 1248 SDRSVC - ok

20:51:17.0957 1248 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys

20:51:17.0958 1248 sdstor - ok

20:51:17.0985 1248 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys

20:51:17.0986 1248 secdrv - ok

20:51:18.0008 1248 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll

20:51:18.0011 1248 seclogon - ok

20:51:18.0029 1248 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll

20:51:18.0032 1248 SENS - ok

20:51:18.0041 1248 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll

20:51:18.0045 1248 SensrSvc - ok

20:51:18.0066 1248 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys

20:51:18.0068 1248 SerCx - ok

20:51:18.0094 1248 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys

20:51:18.0095 1248 Serenum - ok

20:51:18.0125 1248 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys

20:51:18.0127 1248 Serial - ok

20:51:18.0151 1248 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys

20:51:18.0153 1248 sermouse - ok

20:51:18.0218 1248 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll

20:51:18.0224 1248 SessionEnv - ok

20:51:18.0246 1248 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys

20:51:18.0247 1248 sfloppy - ok

20:51:18.0277 1248 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

20:51:18.0283 1248 SharedAccess - ok

20:51:18.0308 1248 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

20:51:18.0316 1248 ShellHWDetection - ok

20:51:18.0346 1248 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys

20:51:18.0348 1248 SiSRaid2 - ok

20:51:18.0366 1248 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys

20:51:18.0368 1248 SiSRaid4 - ok

20:51:18.0428 1248 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

20:51:18.0433 1248 SkypeUpdate - ok

20:51:18.0477 1248 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe

20:51:18.0480 1248 SNMPTRAP - ok

20:51:18.0510 1248 [ 872E937681910E2456A054331C7D5A18 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys

20:51:18.0513 1248 spaceport - ok

20:51:18.0532 1248 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys

20:51:18.0534 1248 SpbCx - ok

20:51:18.0563 1248 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe

20:51:18.0573 1248 Spooler - ok

20:51:18.0686 1248 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe

20:51:18.0774 1248 sppsvc - ok

20:51:18.0856 1248 SQLAgent$SQLEXPRESS - ok

20:51:18.0889 1248 SQLBrowser - ok

20:51:18.0908 1248 SQLWriter - ok

20:51:18.0941 1248 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys

20:51:18.0946 1248 srv - ok

20:51:18.0984 1248 [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys

20:51:18.0996 1248 srv2 - ok

20:51:19.0034 1248 [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys

20:51:19.0036 1248 srvnet - ok

20:51:19.0056 1248 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

20:51:19.0061 1248 SSDPSRV - ok

20:51:19.0079 1248 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll

20:51:19.0083 1248 SstpSvc - ok

20:51:19.0103 1248 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys

20:51:19.0104 1248 stexstor - ok

20:51:19.0138 1248 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll

20:51:19.0146 1248 stisvc - ok

20:51:19.0177 1248 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\WINDOWS\system32\drivers\storahci.sys

20:51:19.0179 1248 storahci - ok

20:51:19.0193 1248 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys

20:51:19.0195 1248 storflt - ok

20:51:19.0213 1248 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll

20:51:19.0217 1248 StorSvc - ok

20:51:19.0241 1248 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys

20:51:19.0242 1248 storvsc - ok

20:51:19.0259 1248 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys

20:51:19.0261 1248 storvsp - ok

20:51:19.0272 1248 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll

20:51:19.0274 1248 svsvc - ok

20:51:19.0282 1248 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys

20:51:19.0283 1248 swenum - ok

20:51:19.0316 1248 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll

20:51:19.0321 1248 swprv - ok

20:51:19.0355 1248 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\WINDOWS\system32\sysmain.dll

20:51:19.0370 1248 SysMain - ok

20:51:19.0400 1248 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

20:51:19.0404 1248 SystemEventsBroker - ok

20:51:19.0411 1248 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

20:51:19.0415 1248 TabletInputService - ok

20:51:19.0431 1248 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

20:51:19.0437 1248 TapiSrv - ok

20:51:19.0510 1248 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys

20:51:19.0567 1248 Tcpip - ok

20:51:19.0598 1248 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys

20:51:19.0608 1248 TCPIP6 - ok

20:51:19.0633 1248 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys

20:51:19.0634 1248 tcpipreg - ok

20:51:19.0651 1248 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys

20:51:19.0653 1248 tdx - ok

20:51:19.0679 1248 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys

20:51:19.0680 1248 terminpt - ok

20:51:19.0690 1248 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll

20:51:19.0695 1248 TermService - ok

20:51:19.0710 1248 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll

20:51:19.0712 1248 Themes - ok

20:51:19.0753 1248 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\WINDOWS\system32\mmcss.dll

20:51:19.0757 1248 THREADORDER - ok

20:51:19.0786 1248 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll

20:51:19.0793 1248 TimeBroker - ok

20:51:19.0835 1248 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\WINDOWS\system32\drivers\tpm.sys

20:51:19.0837 1248 TPM - ok

20:51:19.0857 1248 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll

20:51:19.0861 1248 TrkWks - ok

20:51:19.0901 1248 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe

20:51:19.0904 1248 TrustedInstaller - ok

20:51:19.0930 1248 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys

20:51:19.0932 1248 TsUsbFlt - ok

20:51:19.0962 1248 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys

20:51:19.0964 1248 TsUsbGD - ok

20:51:19.0984 1248 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys

20:51:19.0987 1248 tunnel - ok

20:51:20.0016 1248 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys

20:51:20.0017 1248 uagp35 - ok

20:51:20.0051 1248 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys

20:51:20.0053 1248 UASPStor - ok

20:51:20.0088 1248 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys

20:51:20.0091 1248 UCX01000 - ok

20:51:20.0107 1248 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys

20:51:20.0112 1248 udfs - ok

20:51:20.0143 1248 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe

20:51:20.0146 1248 UI0Detect - ok

20:51:20.0173 1248 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys

20:51:20.0175 1248 uliagpkx - ok

20:51:20.0195 1248 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys

20:51:20.0196 1248 umbus - ok

20:51:20.0210 1248 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys

20:51:20.0211 1248 UmPass - ok

20:51:20.0244 1248 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll

20:51:20.0248 1248 UmRdpService - ok

20:51:20.0283 1248 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll

20:51:20.0289 1248 upnphost - ok

20:51:20.0325 1248 [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys

20:51:20.0328 1248 usbaudio - ok

20:51:20.0357 1248 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys

20:51:20.0361 1248 usbccgp - ok

20:51:20.0382 1248 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys

20:51:20.0386 1248 usbcir - ok

20:51:20.0421 1248 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys

20:51:20.0423 1248 usbehci - ok

20:51:20.0469 1248 [ 4875DC63E548812C75D4FDEF84970C89 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys

20:51:20.0471 1248 usbfilter - ok

20:51:20.0520 1248 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys

20:51:20.0531 1248 usbhub - ok

20:51:20.0567 1248 [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys

20:51:20.0576 1248 USBHUB3 - ok

20:51:20.0618 1248 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys

20:51:20.0619 1248 usbohci - ok

20:51:20.0632 1248 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys

20:51:20.0633 1248 usbprint - ok

20:51:20.0665 1248 [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

20:51:20.0666 1248 usbscan - ok

20:51:20.0693 1248 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS

20:51:20.0695 1248 USBSTOR - ok

20:51:20.0711 1248 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys

20:51:20.0712 1248 usbuhci - ok

20:51:20.0737 1248 [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS

20:51:20.0742 1248 USBXHCI - ok

20:51:20.0759 1248 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\WINDOWS\system32\lsass.exe

20:51:20.0761 1248 VaultSvc - ok

20:51:20.0777 1248 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys

20:51:20.0778 1248 vdrvroot - ok

20:51:20.0816 1248 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\WINDOWS\System32\vds.exe

20:51:20.0826 1248 vds - ok

20:51:20.0836 1248 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys

20:51:20.0838 1248 VerifierExt - ok

20:51:20.0862 1248 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys

20:51:20.0868 1248 vhdmp - ok

20:51:20.0899 1248 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys

20:51:20.0901 1248 viaide - ok

20:51:20.0931 1248 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys

20:51:20.0934 1248 Vid - ok

20:51:20.0948 1248 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys

20:51:20.0951 1248 vmbus - ok

20:51:20.0977 1248 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys

20:51:20.0979 1248 VMBusHID - ok

20:51:20.0993 1248 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys

20:51:20.0995 1248 vmbusr - ok

20:51:21.0037 1248 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll

20:51:21.0042 1248 vmicheartbeat - ok

20:51:21.0050 1248 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll

20:51:21.0053 1248 vmickvpexchange - ok

20:51:21.0061 1248 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll

20:51:21.0064 1248 vmicrdv - ok

20:51:21.0071 1248 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll

20:51:21.0074 1248 vmicshutdown - ok

20:51:21.0080 1248 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll

20:51:21.0082 1248 vmictimesync - ok

20:51:21.0089 1248 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll

20:51:21.0091 1248 vmicvss - ok

20:51:21.0111 1248 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys

20:51:21.0113 1248 volmgr - ok

20:51:21.0135 1248 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys

20:51:21.0139 1248 volmgrx - ok

20:51:21.0155 1248 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys

20:51:21.0157 1248 volsnap - ok

20:51:21.0173 1248 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys

20:51:21.0175 1248 vpci - ok

20:51:21.0196 1248 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys

20:51:21.0198 1248 vpcivsp - ok

20:51:21.0225 1248 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys

20:51:21.0228 1248 vsmraid - ok

20:51:21.0327 1248 [ EA658570314042C914964FC72AB50E6B ] VSS C:\WINDOWS\system32\vssvc.exe

20:51:21.0361 1248 VSS - ok

20:51:21.0388 1248 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys

20:51:21.0392 1248 VSTXRAID - ok

20:51:21.0413 1248 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys

20:51:21.0414 1248 vwifibus - ok

20:51:21.0440 1248 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll

20:51:21.0444 1248 W32Time - ok

20:51:21.0464 1248 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys

20:51:21.0465 1248 WacomPen - ok

20:51:21.0495 1248 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

20:51:21.0497 1248 Wanarp - ok

20:51:21.0506 1248 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys

20:51:21.0508 1248 Wanarpv6 - ok

20:51:21.0572 1248 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe

20:51:21.0597 1248 wbengine - ok

20:51:21.0639 1248 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll

20:51:21.0645 1248 WbioSrvc - ok

20:51:21.0658 1248 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll

20:51:21.0663 1248 Wcmsvc - ok

20:51:21.0708 1248 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll

20:51:21.0722 1248 wcncsvc - ok

20:51:21.0743 1248 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll

20:51:21.0747 1248 WcsPlugInService - ok

20:51:21.0770 1248 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys

20:51:21.0771 1248 Wd - ok

20:51:21.0803 1248 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys

20:51:21.0804 1248 WdBoot - ok

20:51:21.0855 1248 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys

20:51:21.0871 1248 Wdf01000 - ok

20:51:21.0894 1248 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys

20:51:21.0898 1248 WdFilter - ok

20:51:21.0928 1248 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll

20:51:21.0932 1248 WdiServiceHost - ok

20:51:21.0937 1248 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll

20:51:21.0940 1248 WdiSystemHost - ok

20:51:21.0962 1248 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll

20:51:21.0967 1248 WebClient - ok

20:51:21.0975 1248 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll

20:51:21.0980 1248 Wecsvc - ok

20:51:22.0011 1248 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll

20:51:22.0014 1248 wercplsupport - ok

20:51:22.0051 1248 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\WINDOWS\System32\WerSvc.dll

20:51:22.0055 1248 WerSvc - ok

20:51:22.0098 1248 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys

20:51:22.0100 1248 WFPLWFS - ok

20:51:22.0117 1248 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll

20:51:22.0121 1248 WiaRpc - ok

20:51:22.0147 1248 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys

20:51:22.0149 1248 WIMMount - ok

20:51:22.0167 1248 WinDefend - ok

20:51:22.0213 1248 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll

20:51:22.0221 1248 WinHttpAutoProxySvc - ok

20:51:22.0264 1248 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

20:51:22.0266 1248 Winmgmt - ok

20:51:22.0315 1248 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll

20:51:22.0346 1248 WinRM - ok

20:51:22.0415 1248 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll

20:51:22.0448 1248 WlanSvc - ok

20:51:22.0507 1248 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll

20:51:22.0534 1248 wlidsvc - ok

20:51:22.0554 1248 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys

20:51:22.0555 1248 WmiAcpi - ok

20:51:22.0584 1248 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe

20:51:22.0586 1248 wmiApSrv - ok

20:51:22.0597 1248 WMPNetworkSvc - ok

20:51:22.0611 1248 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys

20:51:22.0612 1248 wpcfltr - ok

20:51:22.0626 1248 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll

20:51:22.0628 1248 WPCSvc - ok

20:51:22.0653 1248 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll

20:51:22.0656 1248 WPDBusEnum - ok

20:51:22.0668 1248 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys

20:51:22.0669 1248 WpdUpFltr - ok

20:51:22.0696 1248 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys

20:51:22.0697 1248 ws2ifsl - ok

20:51:22.0731 1248 [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc C:\WINDOWS\System32\wscsvc.dll

20:51:22.0738 1248 wscsvc - ok

20:51:22.0748 1248 WSearch - ok

20:51:22.0843 1248 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\WINDOWS\System32\WSService.dll

20:51:22.0888 1248 WSService - ok

20:51:22.0991 1248 [ 79F95469604B77296346DE7DB463EA2A ] wuauserv C:\WINDOWS\system32\wuaueng.dll

20:51:23.0046 1248 wuauserv - ok

20:51:23.0071 1248 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys

20:51:23.0072 1248 WudfPf - ok

20:51:23.0095 1248 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys

20:51:23.0097 1248 WUDFRd - ok

20:51:23.0120 1248 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll

20:51:23.0122 1248 wudfsvc - ok

20:51:23.0128 1248 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

20:51:23.0130 1248 WUDFWpdFs - ok

20:51:23.0166 1248 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll

20:51:23.0172 1248 WwanSvc - ok

20:51:23.0180 1248 ================ Scan global ===============================

20:51:23.0206 1248 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll

20:51:23.0224 1248 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll

20:51:23.0230 1248 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll

20:51:23.0267 1248 [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe

20:51:23.0270 1248 [Global] - ok

20:51:23.0271 1248 ================ Scan MBR ==================================

20:51:23.0284 1248 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

20:51:23.0593 1248 \Device\Harddisk0\DR0 - ok

20:51:23.0593 1248 ================ Scan VBR ==================================

20:51:23.0597 1248 [ 1CD908FC2820FEA2AED90585171D9545 ] \Device\Harddisk0\DR0\Partition1

20:51:23.0598 1248 \Device\Harddisk0\DR0\Partition1 - ok

20:51:23.0615 1248 [ 36BA3FFE8F6D8273DC745AD77C177839 ] \Device\Harddisk0\DR0\Partition2

20:51:23.0617 1248 \Device\Harddisk0\DR0\Partition2 - ok

20:51:23.0618 1248 ============================================================

20:51:23.0618 1248 Scan finished

20:51:23.0618 1248 ============================================================

20:51:23.0633 4036 Detected object count: 0

20:51:23.0633 4036 Actual detected object count: 0

20:53:34.0485 5080 Deinitialize success

[Psychotic]

Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
  
• At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select Perform full scan (mark all your hard drives), then click Scan.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Be sure that everything is checked, and click Remove Selected.
  
• When completed, a log will open in Notepad. Please save it to a convenient location.
  
• The log can also be found here:
  C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  
• Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  
• Post that log back here.
  

[hotch]

Hi Marius, here is the logfile from mbam.

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.06.05.03

Windows 8 x64 NTFS

Internet Explorer 10.0.9200.16580

chris :: OFFICE-PC [administrator]

Protection: Enabled

05/06/2013 21:18:51

mbam-log-2013-06-05 (21-18-51).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 548576

Time elapsed: 1 hour(s), 40 minute(s), 31 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[Psychotic]

Nothing to see...could be not malware related.

Let´s check:

Please go to here to run the online scannner from ESET.

• Turn off the real time scanner of any existing antivirus program while performing the online scan
• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Click Start
• Make sure that the option Remove found threats is unticked
  
• Click on Advanced Settings and ensure these options are ticked:
  • Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

[hotch]

Hi Marius,

Here is the logfile from eset.

C:\Users\chris\AppData\Roaming\uTorrent\uTorrent.exe.13638.tmp a variant of Win32/Bunndle application

C:\Users\chris\Downloads\cbsidlm-tr1_12-inSSIDer-ORG-10848357.exe Win32/DownloadAdmin.G application

C:\Users\chris\Downloads\winamp563_full_emusic-7plus_all.exe Win32/OpenCandy application

C:\Windows.old\$Recycle.Bin\S-1-5-21-1087459309-889567710-5319938-1000\$RN9PL05.exe a variant of Win32/Bunndle application

[Psychotic]

The found files aren´t malware, but contain security risks. Delete or leave them - your choice.

Scan with adwCleaner

Please download AdwCleaner to your desktop.

• Run adwcleaner.exe.
  
• Hit delete.
  
• When the run is finished, it will open up a text file.
  
• Please post its contents within your next reply.
  
• You´ll find the log file at C:\AdwCleaner[s1].txt also.
  

SecurityCheck

Please download SecurityCheck: LINK1 LINK2

• Save it to your desktop, start it and follow the instructions in the window.
  
• After the scan finished the (checkup.txt) will open. Copy its content to your thread.
  

[hotch]

Hi Marius,

Here are the two log files.

# AdwCleaner v2.301 - Logfile created 06/06/2013 at 20:09:59

# Updated 16/05/2013 by Xplode

# Operating system : Windows 8 Pro (64 bits)

# User : chris - OFFICE-PC

# Boot Mode : Normal

# Running from : C:\Users\chris\Desktop\AdwCleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Users\chris\AppData\Local\PackageAware

***** [Registry] *****

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\wk59uqc8.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.94

File : C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[s1].txt - [847 octets] - [06/06/2013 20:09:59]

########## EOF - C:\AdwCleaner[s1].txt - [906 octets] ##########

Results of screen317's Security Check version 0.99.64

x64 (UAC is enabled)

Internet Explorer 10

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Windows Defender

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.75.0.1300

Java 7 Update 21

Adobe Flash Player 11.7.700.202

Adobe Reader XI

Mozilla Firefox (21.0)

Mozilla Thunderbird (17.0.6)

Google Chrome 27.0.1453.94

````````Process Check: objlist.exe by Laurent````````

Windows Defender MSMpEng.exe

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

Windows Defender MsMpEng.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: %

````````````````````End of Log``````````````````````

[Psychotic]

Fine - your system is all clean now!

Uninstall our tools.

Please follow these steps in order:

1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
   
2. In the case we used Combofix. Rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
   
3. In any case please download delfix to your desktop.
   
   • Close all other programms and start delfix.
     
   • Please check all the boxes and run the tool.
     
   • delfix will now delete all found traces of our removal process
     

[*] If there is still something left please delete it manualy.

Reading Material

How to protect yourself

• System Updates
  Beeing up to date is very important. Please be sure to activate automatic updates in your control panel.
  Windows XP | Windows Vista |
  Windows 7 | windows 8
  
• Protection
  What you need is one (not more) good virus scanner with backgroud protection. Additionally I recommend a special malwarescanner that you run from time to time.
  Personally I am using the avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer you good protection for free use. But please remember: You get only the full protection if you use the payed versions of your security software.
  
• Up to date Software
  Stay up to date with all the programs you use. Some of those really have to have an eye on are: your browser(s) including add-ons and plug-ins, Java, Flash Player, your virus scanner, and basically every software you use often. These link may help you to check:
  
  • Secunia Online Software Inspector - Checks if your software has updates available.
    
  • Filehippo Update Checkere - This tool also scans your computer for outdated software.
    
  • Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins in your Firefox browser.
    

  [*] Backups

  There are chances for an emergency every day. So be prepared. Back up your data on a regular basis. If you burn it to DVDs from time to time, use a cloud-drive or a professional network backup system is your choice.

  [*] Brains

  It's no joke! You really need one of those things. It is very important not just to click anywhere it is colored or flashing while you surfing on the web. Do not click an OK button on any popping window without reading what it says. While installing software always choose the custom mode, read what those windows says and uncheck adware that will be installed along the software you want.

[hotch]

Thankyou Marius, much appreciated.

[Psychotic]

You´re welcome!

[Psychotic]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!