Jump to content

Comcast still complaining about Bots after cleaning with PRO


Recommended Posts

I have several machines on a home network. I cleaned all 3 with Malwarebytes Pro and though infected at first, they seem to be clean. I have attached the DDS and ATTACH files from to worst of the 3 PCs. Can you tell if this PC has BOTS? DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2

Run by Desk2 at 22:03:41 on 2013-06-04

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3071.912 [GMT -5:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Windows\SysWOW64\svchost.exe -k Akamai

C:\Program Files\Broadcom\BPowMon\BPowMon.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe

C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\SOS\SOSNF\sosnffsv.exe

C:\Program Files\SOS\SOSNF\sosnflsv.exe

C:\Program Files\SOS\SOSNF\sosnfusv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Users\Temp BOB\AppData\Local\Akamai\netsession_win.exe

C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe

C:\Users\Temp BOB\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe

C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe

C:\Program Files (x86)\Browny02\BrYNSvc.exe

C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe

C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe

C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Java\jre7\bin\javaw.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\syswow64\svchost.exe -k netsvcs

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3201318

uURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>

mURLSearchHooks: FLV Runner Toolbar: {3bbd3c14-4c16-4989-8366-95bc9179779d} - C:\Program Files (x86)\FLV_Runner\prxtbFLV_.dll

BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - <orphaned>

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -

BHO: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll

BHO: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll

BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - <orphaned>

BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

BHO: FLV Runner Toolbar: {3bbd3c14-4c16-4989-8366-95bc9179779d} - C:\Program Files (x86)\FLV_Runner\prxtbFLV_.dll

BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll

BHO: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: FLV Runner Toolbar: {3BBD3C14-4C16-4989-8366-95BC9179779D} - C:\Program Files (x86)\FLV_Runner\prxtbFLV_.dll

TB: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll

TB: FLV Runner Toolbar: {3bbd3c14-4c16-4989-8366-95bc9179779d} - C:\Program Files (x86)\FLV_Runner\prxtbFLV_.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [Google Update] "C:\Users\Desk2\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Akamai NetSession Interface] "C:\Users\Temp BOB\AppData\Local\Akamai\netsession_win.exe"

uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

mRun: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"

mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"

mRun: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"

mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe

mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe

mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun

mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN

mRun: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE

mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui

mRun: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent

mRun: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-00109-0002-0009-ABCDEFFEDCBC} - <orphaned>

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} - hxxps://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{68EA8743-BC29-48B7-B6E7-778D90C2C4CD} : DHCPNameServer = 192.168.2.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

x64-BHO: Privacy Safeguard BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} -

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe -k -rq

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-12-2 55280]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R1 sosnf64;sosnf64;C:\Windows\System32\drivers\sosnf64.sys [2010-12-25 57184]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-12-2 92160]

R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]

R2 BPowMon;Broadcom Power monitoring service;C:\Program Files\Broadcom\BPowMon\BPowMon.exe [2009-8-17 117568]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-2 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-16 701512]

R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-5-4 25824]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 130008]

R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-3-4 245760]

R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-12-2 320040]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-10-16 25928]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-27 59392]

.

=============== Created Last 30 ================

.

2013-06-03 21:22:29 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E79C49C8-5421-43AF-85B9-4FA4BCD26C63}\mpengine.dll

2013-06-02 21:45:19 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-06-02 04:18:53 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-05-28 23:53:48 -------- d-----w- C:\Firefox

2013-05-28 23:43:21 -------- d-----w- C:\ProgramData\Ask

2013-05-26 15:47:53 -------- d-----w- C:\Users\Desk2\AppData\Roaming\Dell

2013-05-24 12:50:28 -------- d-----w- C:\Program Files (x86)\Origin Games

2013-05-24 12:48:45 -------- d-----w- C:\ProgramData\Origin

2013-05-24 12:48:45 -------- d-----w- C:\ProgramData\Electronic Arts

2013-05-21 21:27:12 -------- d-----r- C:\Program Files (x86)\Skype

2013-05-21 21:23:35 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DFA6A356-7A65-4A48-9A04-ED051ABDCAB8}\gapaengine.dll

2013-05-19 19:12:47 -------- d-----w- C:\Program Files (x86)\DontStarve

2013-05-19 17:56:37 -------- d-----w- C:\Program Files (x86)\Steam

2013-05-14 23:48:17 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-11 04:34:13 5632 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\9C2.tmp

2013-05-11 04:34:13 5632 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\9A2.tmp

2013-05-08 00:21:54 -------- d-----w- C:\Users\Desk2\AppData\Roaming\RealNetworks

.

==================== Find3M ====================

.

2013-06-02 21:44:45 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-06-02 21:44:45 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-05-15 16:18:23 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-15 16:18:23 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll

2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-04-04 19:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

.

============= FINISH: 0:58:24.18 ===============.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 12/18/2010 10:47:29 PM

System Uptime: 6/3/2013 10:01:58 PM (26 hours ago)

.

Motherboard: Dell Inc. | | 07N90W

Processor: Pentium® Dual-Core CPU E5400 @ 2.70GHz | CPU 1 | 2693/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 456 GiB total, 232.052 GiB free.

D: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP366: 5/28/2013 6:41:12 PM - Installed Java 7 Update 21

RP367: 5/31/2013 8:20:36 AM - Windows Update

RP368: 6/2/2013 4:39:03 PM - Removed Java 7 Update 21

RP369: 6/2/2013 4:44:17 PM - Installed Java 7 Update 21

RP370: 6/3/2013 4:21:24 PM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe Reader X (10.1.7)

Adobe Shockwave Player 11.6

Akamai NetSession Interface

Anti-phishing Domain Advisor

Babylon toolbar on IE

Broadcom Gigabit NetLink Controller

Broadcom Management Programs

Brother MFL-Pro Suite MFC-J825DW

Clone Wars

D3DX10

Dell Backup and Recovery Manager

Dell Edoc Viewer

Dell Support Center

Don't Starve

FLV Runner Toolbar

GameStop App

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Java 7 Update 21

Java Auto Updater

Junk Mail filter update

League of Legends

LEGO Digital Designer

LEGO Universe

Malwarebytes Anti-Malware version 1.75.0.1300

Memeo AutoSync

Memeo Instant Backup

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XNA Framework Redistributable 4.0

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

MySims™

Norton PC Checkup

Norton Security Scan

Nuance PaperPort 12

Nuance PDF Viewer Plus

NVIDIA 3D Vision Controller Driver 295.73

NVIDIA 3D Vision Driver 295.73

NVIDIA Control Panel 295.73

NVIDIA Drivers

NVIDIA Graphics Driver 295.73

NVIDIA HD Audio Driver 1.3.12.0

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.0209

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 1.7.11

NVIDIA Update Components

OGPlanet Game Launcher

Origin

Pando Media Booster

PaperPort Image Printer 64-bit

Prison Architect

Privacy SafeGuard version 1.0

RealDownloader

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealNetworks - Microsoft Visual C++ 2010 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Roblox for Desk2

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE 10.3

Roxio Creator Tools

Roxio Express Labeler 3

Roxio Update Manager

Rumble Fighter

Scansoft PDF Professional

Screen Grab Pro

Seagate Dashboard

Searchqu Toolbar

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

SimCity 4 Deluxe

SketchUp 8

Skype Click to Call

Skype™ 6.3

Spam Free Search Bar

Steam

SUPERAntiSpyware

swMSM

Timez Attack Launcher

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows XP Mode

WinRAR 4.11 (64-bit)

Wizard101

World of Tanks v.0.6.7

World of Warcraft

Yontoo 1.10.02

.

==== Event Viewer Messages From Past Week ========

.

6/3/2013 9:56:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800030a222b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 060313-22854-01.

6/3/2013 10:03:56 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

6/3/2013 10:03:55 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

6/3/2013 10:02:29 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000096, 0xfffff80003103dda, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 060313-28111-01.

6/2/2013 4:10:18 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000306022b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 060213-23696-01.

6/2/2013 4:00:03 PM, Error: Service Control Manager [7022] - The Internet Connection Sharing (ICS) service hung on starting.

6/2/2013 3:57:38 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff800030afd35). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 060213-22011-01.

6/2/2013 2:28:19 PM, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service service has reported an invalid current state 32.

5/31/2013 6:07:04 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000004c04800, 0x0000000000000002, 0x0000000000000001, 0xfffff8000306ffe0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 053113-25428-01.

5/30/2013 6:19:42 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user BOB\Guest SID (S-1-5-21-1239007821-1110583340-4102201496-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

5/30/2013 6:17:41 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

5/30/2013 6:17:41 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.

5/30/2013 6:17:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}

5/30/2013 5:48:12 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.1062.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

5/30/2013 5:43:27 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.1062.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

5/29/2013 6:04:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.151.1062.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9506.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

.

==== End Of File ===========================

Link to post
Share on other sites
  • Replies 51
  • Created
  • Last Reply

Top Posters In This Topic

Hi there,

my name is Marius and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Please post up the MBAM logfiles where the detections are logged.

Link to post
Share on other sites

Thanks - I think this is the one where we found issues

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.28.07

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16576

Temp BOB :: BOB [administrator]

Protection: Enabled

5/28/2013 6:50:19 PM

mbam-log-2013-05-28 (18-50-19).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 355960

Time elapsed: 21 minute(s), 33 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 8

HKCR\CLSID\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} (PUP.PrivacySafeGuard) -> No action taken.

HKCR\TypeLib\{145310E3-18FA-41A9-BEE4-F830B08C6014} (PUP.PrivacySafeGuard) -> No action taken.

HKCR\Interface\{76348131-7ADF-4FE7-9047-529719D86186} (PUP.PrivacySafeGuard) -> No action taken.

HKCR\PrivacySafeGuard.BHO.1 (PUP.PrivacySafeGuard) -> No action taken.

HKCR\PrivacySafeGuard.BHO (PUP.PrivacySafeGuard) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} (PUP.PrivacySafeGuard) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} (PUP.PrivacySafeGuard) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} (PUP.PrivacySafeGuard) -> No action taken.

Registry Values Detected: 1

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent.RNS) -> Data: explorer.exe,C:\Users\Temp BOB\AppData\Roaming\skype.dat -> Quarantined and deleted successfully.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 7

C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll (PUP.PrivacySafeGuard) -> No action taken.

C:\Users\Temp BOB\AppData\Local\temp\is1098755234\Vgrabber.exe (PUP.BundleInstaller.VG) -> No action taken.

C:\Windows\System32\config\systemprofile\skype.exe (Trojan.Inject.RRE) -> Quarantined and deleted successfully.

C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Windows\System32\config\systemprofile\winlogon.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Windows\System32\config\systemprofile\conhost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

Link to post
Share on other sites

I get a lot of this in the protection log as well

2013/06/04 00:00:10 -0500 BOB Temp BOB IP-BLOCK 95.211.194.79 (Type: outgoing, Port: 53664, Process: svchost.exe)

2013/06/04 00:00:10 -0500 BOB Temp BOB IP-BLOCK 95.211.194.79 (Type: outgoing, Port: 53672, Process: svchost.exe)

2013/06/04 00:00:10 -0500 BOB Temp BOB IP-BLOCK 95.211.194.79 (Type: outgoing, Port: 53673, Process: svchost.exe)

2013/06/04 00:00:35 -0500 BOB Temp BOB IP-BLOCK 95.211.194.79 (Type: outgoing, Port: 53683, Process: svchost.exe)

2013/06/04 00:00:35 -0500 BOB Temp BOB IP-BLOCK 95.211.194.79 (Type: outgoing, Port: 53684, Process: svchost.exe)

2013/06/04 00:00:51 -0500 BOB Temp BOB IP-BLOCK 95.211.194.79 (Type: outgoing, Port: 53690, Process: svchost.exe)

2013/06/04 00:00:51 -0500 BOB Temp BOB IP-BLOCK 95.211.194.79 (Type: outgoing, Port: 53691, Process: svchost.exe)

2013/06/04 00:00:59 -0500 BOB Temp BOB IP-BLOCK 95.211.194.79 (Type: outgoing, Port: 53696, Process: svchost.exe)

2013/06/04 00:00:59 -0500 BOB Temp BOB IP-BLOCK 95.211.194.79 (Type: outgoing, Port: 53697, Process: svchost.exe)

Link to post
Share on other sites

Scan with aswMBR

Please download aswMBR.exe to your desktop.

  • Double-click the aswMBR.exe to run it
  • When prompted with The application can use the Avast! Free Antivirus for scanning >> select No
  • Now click on the Scan button to start scan
  • On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply

Note: There will also be a file on your desktop named MBR.dat(or similir) do not delete this for now it is a actual backup of the MBR(master boot record).

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

Link to post
Share on other sites

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2013-06-06 18:56:10

-----------------------------

18:56:10.454 OS Version: Windows x64 6.1.7601 Service Pack 1

18:56:10.454 Number of processors: 2 586 0x170A

18:56:10.454 ComputerName: BOB UserName:

18:56:11.537 Initialze error C000010E - driver not loaded

18:56:11.727 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.

18:56:15.574 Service scanning

18:56:30.423 Modules scanning

18:56:30.427 Disk 0 trace - called modules:

18:56:30.429

18:56:30.431 Scan finished successfully

18:56:46.990 The log file has been saved successfully to "C:\aswMBR.txt"

Link to post
Share on other sites

18:47:53.0549 1516 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:47:54.0008 1516 ============================================================

18:47:54.0008 1516 Current date / time: 2013/06/06 18:47:54.0008

18:47:54.0008 1516 SystemInfo:

18:47:54.0008 1516

18:47:54.0008 1516 OS Version: 6.1.7601 ServicePack: 1.0

18:47:54.0008 1516 Product type: Workstation

18:47:54.0008 1516 ComputerName: BOB

18:47:54.0009 1516 UserName: Desk2

18:47:54.0009 1516 Windows directory: C:\Windows

18:47:54.0009 1516 System windows directory: C:\Windows

18:47:54.0009 1516 Running under WOW64

18:47:54.0009 1516 Processor architecture: Intel x64

18:47:54.0009 1516 Number of processors: 2

18:47:54.0009 1516 Page size: 0x1000

18:47:54.0009 1516 Boot type: Normal boot

18:47:54.0009 1516 ============================================================

18:47:55.0806 1516 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

18:47:55.0810 1516 ============================================================

18:47:55.0810 1516 \Device\Harddisk0\DR0:

18:47:55.0810 1516 MBR partitions:

18:47:55.0810 1516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1391000

18:47:55.0810 1516 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13A5000, BlocksNum 0x38FE0800

18:47:55.0810 1516 ============================================================

18:47:55.0840 1516 C: <-> \Device\Harddisk0\DR0\Partition2

18:47:55.0841 1516 ============================================================

18:47:55.0841 1516 Initialize success

18:47:55.0841 1516 ============================================================

18:48:05.0373 2928 ============================================================

18:48:05.0373 2928 Scan started

18:48:05.0373 2928 Mode: Manual;

18:48:05.0373 2928 ============================================================

18:48:05.0645 2928 ================ Scan system memory ========================

18:48:05.0645 2928 System memory - ok

18:48:05.0645 2928 ================ Scan services =============================

18:48:05.0745 2928 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

18:48:05.0747 2928 !SASCORE - ok

18:48:05.0859 2928 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

18:48:05.0861 2928 1394ohci - ok

18:48:05.0887 2928 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

18:48:05.0890 2928 ACPI - ok

18:48:05.0906 2928 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

18:48:05.0906 2928 AcpiPmi - ok

18:48:06.0019 2928 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

18:48:06.0021 2928 AdobeARMservice - ok

18:48:06.0107 2928 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

18:48:06.0110 2928 AdobeFlashPlayerUpdateSvc - ok

18:48:06.0146 2928 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

18:48:06.0150 2928 adp94xx - ok

18:48:06.0178 2928 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

18:48:06.0181 2928 adpahci - ok

18:48:06.0196 2928 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

18:48:06.0197 2928 adpu320 - ok

18:48:06.0226 2928 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

18:48:06.0227 2928 AeLookupSvc - ok

18:48:06.0252 2928 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

18:48:06.0255 2928 AERTFilters - ok

18:48:06.0305 2928 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

18:48:06.0309 2928 AFD - ok

18:48:06.0342 2928 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

18:48:06.0343 2928 agp440 - ok

18:48:06.0494 2928 [ C7074BD8D4B8F564859ED373433030AE ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll

18:48:06.0494 2928 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE

18:48:06.0504 2928 Akamai ( HiddenFile.Multi.Generic ) - warning

18:48:06.0504 2928 Akamai - detected HiddenFile.Multi.Generic (1)

18:48:06.0528 2928 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

18:48:06.0530 2928 ALG - ok

18:48:06.0552 2928 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

18:48:06.0553 2928 aliide - ok

18:48:06.0558 2928 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

18:48:06.0559 2928 amdide - ok

18:48:06.0580 2928 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

18:48:06.0581 2928 AmdK8 - ok

18:48:06.0596 2928 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

18:48:06.0597 2928 AmdPPM - ok

18:48:06.0633 2928 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

18:48:06.0634 2928 amdsata - ok

18:48:06.0652 2928 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

18:48:06.0654 2928 amdsbs - ok

18:48:06.0670 2928 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

18:48:06.0671 2928 amdxata - ok

18:48:06.0720 2928 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

18:48:06.0721 2928 AppID - ok

18:48:06.0744 2928 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

18:48:06.0745 2928 AppIDSvc - ok

18:48:06.0781 2928 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll

18:48:06.0782 2928 Appinfo - ok

18:48:06.0807 2928 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

18:48:06.0810 2928 AppMgmt - ok

18:48:06.0827 2928 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

18:48:06.0828 2928 arc - ok

18:48:06.0839 2928 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

18:48:06.0840 2928 arcsas - ok

18:48:06.0927 2928 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

18:48:06.0929 2928 aspnet_state - ok

18:48:06.0949 2928 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

18:48:06.0950 2928 AsyncMac - ok

18:48:07.0096 2928 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

18:48:07.0097 2928 atapi - ok

18:48:07.0300 2928 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

18:48:07.0318 2928 AudioEndpointBuilder - ok

18:48:07.0328 2928 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

18:48:07.0332 2928 AudioSrv - ok

18:48:07.0382 2928 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

18:48:07.0384 2928 AxInstSV - ok

18:48:07.0419 2928 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

18:48:07.0424 2928 b06bdrv - ok

18:48:07.0454 2928 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

18:48:07.0456 2928 b57nd60a - ok

18:48:07.0486 2928 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

18:48:07.0488 2928 BDESVC - ok

18:48:07.0495 2928 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

18:48:07.0496 2928 Beep - ok

18:48:07.0547 2928 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

18:48:07.0554 2928 BFE - ok

18:48:07.0573 2928 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

18:48:07.0636 2928 BITS - ok

18:48:07.0661 2928 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

18:48:07.0661 2928 blbdrive - ok

18:48:07.0698 2928 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

18:48:07.0698 2928 bowser - ok

18:48:07.0748 2928 [ 1AD28A8A753E4BD8FDB4F5F857ACE561 ] BPowMon C:\Program Files\Broadcom\BPowMon\BPowMon.exe

18:48:07.0750 2928 BPowMon - ok

18:48:07.0759 2928 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

18:48:07.0760 2928 BrFiltLo - ok

18:48:07.0775 2928 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

18:48:07.0775 2928 BrFiltUp - ok

18:48:07.0811 2928 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

18:48:07.0813 2928 Browser - ok

18:48:07.0830 2928 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

18:48:07.0833 2928 Brserid - ok

18:48:07.0847 2928 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

18:48:07.0848 2928 BrSerWdm - ok

18:48:07.0859 2928 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

18:48:07.0860 2928 BrUsbMdm - ok

18:48:07.0874 2928 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

18:48:07.0875 2928 BrUsbSer - ok

18:48:07.0928 2928 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe

18:48:07.0931 2928 BrYNSvc - ok

18:48:07.0942 2928 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

18:48:07.0943 2928 BTHMODEM - ok

18:48:07.0972 2928 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

18:48:07.0973 2928 bthserv - ok

18:48:07.0986 2928 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

18:48:07.0986 2928 cdfs - ok

18:48:08.0028 2928 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

18:48:08.0030 2928 cdrom - ok

18:48:08.0069 2928 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

18:48:08.0070 2928 CertPropSvc - ok

18:48:08.0095 2928 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

18:48:08.0095 2928 circlass - ok

18:48:08.0117 2928 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

18:48:08.0122 2928 CLFS - ok

18:48:08.0169 2928 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:48:08.0172 2928 clr_optimization_v2.0.50727_32 - ok

18:48:08.0206 2928 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

18:48:08.0208 2928 clr_optimization_v2.0.50727_64 - ok

18:48:08.0260 2928 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:48:08.0263 2928 clr_optimization_v4.0.30319_32 - ok

18:48:08.0268 2928 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

18:48:08.0271 2928 clr_optimization_v4.0.30319_64 - ok

18:48:08.0329 2928 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

18:48:08.0329 2928 CmBatt - ok

18:48:08.0366 2928 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

18:48:08.0367 2928 cmdide - ok

18:48:08.0452 2928 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

18:48:08.0465 2928 CNG - ok

18:48:08.0484 2928 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

18:48:08.0485 2928 Compbatt - ok

18:48:08.0525 2928 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

18:48:08.0525 2928 CompositeBus - ok

18:48:08.0539 2928 COMSysApp - ok

18:48:08.0598 2928 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

18:48:08.0598 2928 crcdisk - ok

18:48:08.0654 2928 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

18:48:08.0657 2928 CryptSvc - ok

18:48:08.0694 2928 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

18:48:08.0700 2928 CSC - ok

18:48:08.0717 2928 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

18:48:08.0724 2928 CscService - ok

18:48:08.0746 2928 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

18:48:08.0752 2928 DcomLaunch - ok

18:48:08.0775 2928 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

18:48:08.0778 2928 defragsvc - ok

18:48:08.0811 2928 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

18:48:08.0811 2928 DfsC - ok

18:48:08.0830 2928 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

18:48:08.0834 2928 Dhcp - ok

18:48:08.0851 2928 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

18:48:08.0852 2928 discache - ok

18:48:08.0876 2928 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

18:48:08.0877 2928 Disk - ok

18:48:08.0926 2928 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

18:48:08.0929 2928 Dnscache - ok

18:48:08.0967 2928 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

18:48:08.0970 2928 dot3svc - ok

18:48:09.0008 2928 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

18:48:09.0010 2928 DPS - ok

18:48:09.0037 2928 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

18:48:09.0037 2928 drmkaud - ok

18:48:09.0092 2928 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

18:48:09.0101 2928 DXGKrnl - ok

18:48:09.0130 2928 EagleX64 - ok

18:48:09.0206 2928 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

18:48:09.0248 2928 EapHost - ok

18:48:09.0391 2928 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

18:48:09.0442 2928 ebdrv - ok

18:48:09.0483 2928 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

18:48:09.0485 2928 EFS - ok

18:48:09.0517 2928 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

18:48:09.0525 2928 ehRecvr - ok

18:48:09.0545 2928 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

18:48:09.0547 2928 ehSched - ok

18:48:09.0580 2928 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

18:48:09.0585 2928 elxstor - ok

18:48:09.0617 2928 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

18:48:09.0618 2928 ErrDev - ok

18:48:09.0652 2928 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

18:48:09.0656 2928 EventSystem - ok

18:48:09.0669 2928 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

18:48:09.0671 2928 exfat - ok

18:48:09.0689 2928 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

18:48:09.0691 2928 fastfat - ok

18:48:09.0738 2928 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

18:48:09.0746 2928 Fax - ok

18:48:09.0761 2928 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

18:48:09.0761 2928 fdc - ok

18:48:09.0773 2928 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

18:48:09.0774 2928 fdPHost - ok

18:48:09.0788 2928 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

18:48:09.0789 2928 FDResPub - ok

18:48:09.0804 2928 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

18:48:09.0805 2928 FileInfo - ok

18:48:09.0818 2928 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

18:48:09.0818 2928 Filetrace - ok

18:48:09.0827 2928 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

18:48:09.0828 2928 flpydisk - ok

18:48:09.0850 2928 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

18:48:09.0853 2928 FltMgr - ok

18:48:09.0905 2928 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

18:48:09.0923 2928 FontCache - ok

18:48:09.0979 2928 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

18:48:09.0980 2928 FontCache3.0.0.0 - ok

18:48:09.0999 2928 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

18:48:10.0001 2928 FsDepends - ok

18:48:10.0047 2928 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

18:48:10.0048 2928 Fs_Rec - ok

18:48:10.0086 2928 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

18:48:10.0088 2928 fvevol - ok

18:48:10.0118 2928 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

18:48:10.0118 2928 gagp30kx - ok

18:48:10.0159 2928 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

18:48:10.0167 2928 gpsvc - ok

18:48:10.0267 2928 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:48:10.0269 2928 gupdate - ok

18:48:10.0281 2928 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:48:10.0282 2928 gupdatem - ok

18:48:10.0327 2928 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

18:48:10.0330 2928 gusvc - ok

18:48:10.0352 2928 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

18:48:10.0352 2928 hcw85cir - ok

18:48:10.0397 2928 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

18:48:10.0398 2928 HDAudBus - ok

18:48:10.0403 2928 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

18:48:10.0404 2928 HidBatt - ok

18:48:10.0419 2928 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

18:48:10.0420 2928 HidBth - ok

18:48:10.0435 2928 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

18:48:10.0436 2928 HidIr - ok

18:48:10.0463 2928 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

18:48:10.0465 2928 hidserv - ok

18:48:10.0486 2928 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

18:48:10.0487 2928 HidUsb - ok

18:48:10.0522 2928 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

18:48:10.0524 2928 hkmsvc - ok

18:48:10.0556 2928 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

18:48:10.0560 2928 HomeGroupListener - ok

18:48:10.0592 2928 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

18:48:10.0595 2928 HomeGroupProvider - ok

18:48:10.0612 2928 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

18:48:10.0612 2928 HpSAMD - ok

18:48:10.0665 2928 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

18:48:10.0672 2928 HTTP - ok

18:48:10.0704 2928 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

18:48:10.0704 2928 hwpolicy - ok

18:48:10.0741 2928 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

18:48:10.0742 2928 i8042prt - ok

18:48:10.0798 2928 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

18:48:10.0802 2928 iaStorV - ok

18:48:10.0873 2928 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

18:48:10.0875 2928 IDriverT - ok

18:48:10.0936 2928 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

18:48:10.0945 2928 idsvc - ok

18:48:10.0968 2928 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

18:48:10.0969 2928 iirsp - ok

18:48:11.0021 2928 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

18:48:11.0030 2928 IKEEXT - ok

18:48:11.0078 2928 [ 5BA1779E2C84FDE2A5E201FFF9C42C9C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

18:48:11.0113 2928 IntcAzAudAddService - ok

18:48:11.0123 2928 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

18:48:11.0124 2928 intelide - ok

18:48:11.0143 2928 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

18:48:11.0144 2928 intelppm - ok

18:48:11.0179 2928 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

18:48:11.0181 2928 IPBusEnum - ok

18:48:11.0214 2928 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:48:11.0215 2928 IpFilterDriver - ok

18:48:11.0558 2928 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

18:48:11.0576 2928 iphlpsvc - ok

18:48:11.0614 2928 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

18:48:11.0616 2928 IPMIDRV - ok

18:48:11.0629 2928 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

18:48:11.0630 2928 IPNAT - ok

18:48:11.0654 2928 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

18:48:11.0654 2928 IRENUM - ok

18:48:11.0666 2928 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

18:48:11.0667 2928 isapnp - ok

18:48:11.0681 2928 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

18:48:11.0683 2928 iScsiPrt - ok

18:48:11.0716 2928 [ D85F3F18E44F7447B5F1BA5C85BAEB7C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys

18:48:11.0719 2928 k57nd60a - ok

18:48:11.0738 2928 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

18:48:11.0738 2928 kbdclass - ok

18:48:11.0759 2928 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

18:48:11.0760 2928 kbdhid - ok

18:48:11.0773 2928 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

18:48:11.0774 2928 KeyIso - ok

18:48:11.0812 2928 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

18:48:11.0813 2928 KSecDD - ok

18:48:11.0853 2928 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

18:48:11.0854 2928 KSecPkg - ok

18:48:11.0874 2928 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

18:48:11.0875 2928 ksthunk - ok

18:48:11.0903 2928 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

18:48:11.0908 2928 KtmRm - ok

18:48:11.0959 2928 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

18:48:11.0963 2928 LanmanServer - ok

18:48:12.0002 2928 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

18:48:12.0005 2928 LanmanWorkstation - ok

18:48:12.0032 2928 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

18:48:12.0033 2928 lltdio - ok

18:48:12.0047 2928 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

18:48:12.0051 2928 lltdsvc - ok

18:48:12.0059 2928 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

18:48:12.0061 2928 lmhosts - ok

18:48:12.0088 2928 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

18:48:12.0089 2928 LSI_FC - ok

18:48:12.0107 2928 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

18:48:12.0108 2928 LSI_SAS - ok

18:48:12.0121 2928 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

18:48:12.0122 2928 LSI_SAS2 - ok

18:48:12.0137 2928 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

18:48:12.0138 2928 LSI_SCSI - ok

18:48:12.0168 2928 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

18:48:12.0169 2928 luafv - ok

18:48:12.0211 2928 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

18:48:12.0211 2928 MBAMProtector - ok

18:48:12.0294 2928 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

18:48:12.0299 2928 MBAMScheduler - ok

18:48:12.0322 2928 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

18:48:12.0329 2928 MBAMService - ok

18:48:12.0360 2928 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

18:48:12.0363 2928 Mcx2Svc - ok

18:48:12.0375 2928 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

18:48:12.0376 2928 megasas - ok

18:48:12.0395 2928 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

18:48:12.0397 2928 MegaSR - ok

18:48:12.0469 2928 [ 671A03CA9CD0259CCBB7B78A9CE234EC ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

18:48:12.0471 2928 MemeoBackgroundService - ok

18:48:12.0548 2928 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

18:48:12.0564 2928 Microsoft Office Groove Audit Service - ok

18:48:12.0592 2928 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

18:48:12.0595 2928 MMCSS - ok

18:48:12.0621 2928 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

18:48:12.0622 2928 Modem - ok

18:48:12.0671 2928 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

18:48:12.0671 2928 monitor - ok

18:48:12.0701 2928 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

18:48:12.0702 2928 mouclass - ok

18:48:12.0717 2928 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

18:48:12.0717 2928 mouhid - ok

18:48:12.0760 2928 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

18:48:12.0761 2928 mountmgr - ok

18:48:12.0828 2928 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

18:48:12.0829 2928 MpFilter - ok

18:48:12.0840 2928 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

18:48:12.0842 2928 mpio - ok

18:48:12.0857 2928 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

18:48:12.0858 2928 mpsdrv - ok

18:48:12.0910 2928 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

18:48:12.0919 2928 MpsSvc - ok

18:48:12.0953 2928 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

18:48:12.0954 2928 MRxDAV - ok

18:48:12.0990 2928 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

18:48:12.0992 2928 mrxsmb - ok

18:48:13.0027 2928 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:48:13.0030 2928 mrxsmb10 - ok

18:48:13.0045 2928 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:48:13.0046 2928 mrxsmb20 - ok

18:48:13.0088 2928 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

18:48:13.0088 2928 msahci - ok

18:48:13.0107 2928 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

18:48:13.0109 2928 msdsm - ok

18:48:13.0125 2928 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

18:48:13.0128 2928 MSDTC - ok

18:48:13.0168 2928 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

18:48:13.0169 2928 Msfs - ok

18:48:13.0182 2928 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

18:48:13.0182 2928 mshidkmdf - ok

18:48:13.0193 2928 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

18:48:13.0193 2928 msisadrv - ok

18:48:13.0211 2928 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

18:48:13.0214 2928 MSiSCSI - ok

18:48:13.0218 2928 msiserver - ok

18:48:13.0240 2928 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

18:48:13.0240 2928 MSKSSRV - ok

18:48:13.0306 2928 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

18:48:13.0307 2928 MsMpSvc - ok

18:48:13.0322 2928 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

18:48:13.0322 2928 MSPCLOCK - ok

18:48:13.0333 2928 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

18:48:13.0335 2928 MSPQM - ok

18:48:13.0370 2928 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

18:48:13.0373 2928 MsRPC - ok

18:48:13.0410 2928 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

18:48:13.0410 2928 mssmbios - ok

18:48:13.0425 2928 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

18:48:13.0426 2928 MSTEE - ok

18:48:13.0439 2928 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

18:48:13.0440 2928 MTConfig - ok

18:48:13.0458 2928 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

18:48:13.0459 2928 Mup - ok

18:48:13.0805 2928 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

18:48:13.0822 2928 napagent - ok

18:48:13.0891 2928 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

18:48:13.0903 2928 NativeWifiP - ok

18:48:13.0950 2928 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

18:48:13.0960 2928 NDIS - ok

18:48:13.0969 2928 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

18:48:13.0970 2928 NdisCap - ok

18:48:13.0984 2928 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

18:48:13.0984 2928 NdisTapi - ok

18:48:14.0017 2928 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

18:48:14.0018 2928 Ndisuio - ok

18:48:14.0056 2928 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

18:48:14.0057 2928 NdisWan - ok

18:48:14.0093 2928 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

18:48:14.0093 2928 NDProxy - ok

18:48:14.0099 2928 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

18:48:14.0100 2928 NetBIOS - ok

18:48:14.0139 2928 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

18:48:14.0141 2928 NetBT - ok

18:48:14.0153 2928 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

18:48:14.0154 2928 Netlogon - ok

18:48:14.0201 2928 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

18:48:14.0205 2928 Netman - ok

18:48:14.0237 2928 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:48:14.0239 2928 NetMsmqActivator - ok

18:48:14.0244 2928 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:48:14.0245 2928 NetPipeActivator - ok

18:48:14.0290 2928 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

18:48:14.0295 2928 netprofm - ok

18:48:14.0303 2928 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:48:14.0305 2928 NetTcpActivator - ok

18:48:14.0310 2928 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:48:14.0311 2928 NetTcpPortSharing - ok

18:48:14.0340 2928 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

18:48:14.0342 2928 nfrd960 - ok

18:48:14.0392 2928 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

18:48:14.0393 2928 NisDrv - ok

18:48:14.0437 2928 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

18:48:14.0441 2928 NisSrv - ok

18:48:14.0473 2928 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

18:48:14.0477 2928 NlaSvc - ok

18:48:14.0521 2928 Norton PC Checkup Application Launcher - ok

18:48:14.0542 2928 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

18:48:14.0542 2928 Npfs - ok

18:48:14.0557 2928 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

18:48:14.0559 2928 nsi - ok

18:48:14.0572 2928 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

18:48:14.0573 2928 nsiproxy - ok

18:48:14.0631 2928 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

18:48:14.0658 2928 Ntfs - ok

18:48:14.0668 2928 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

18:48:14.0669 2928 Null - ok

18:48:14.0712 2928 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

18:48:14.0713 2928 NVHDA - ok

18:48:14.0927 2928 [ 7683232B8C31B2414999F7FCA283DF8D ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

18:48:15.0078 2928 nvlddmkm - ok

18:48:15.0110 2928 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

18:48:15.0111 2928 nvraid - ok

18:48:15.0150 2928 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

18:48:15.0152 2928 nvstor - ok

18:48:15.0192 2928 [ AA58BF453223C8C8D0E82A7FCD03AE85 ] nvsvc C:\Windows\system32\nvvsvc.exe

18:48:15.0197 2928 nvsvc - ok

18:48:15.0346 2928 [ CD0BFAA6872CFE38C908D313AE17C350 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

18:48:15.0394 2928 nvUpdatusService - ok

18:48:15.0436 2928 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

18:48:15.0437 2928 nv_agp - ok

18:48:15.0523 2928 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

18:48:15.0528 2928 odserv - ok

18:48:15.0546 2928 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

18:48:15.0547 2928 ohci1394 - ok

18:48:15.0601 2928 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:48:15.0603 2928 ose - ok

18:48:15.0633 2928 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

18:48:15.0638 2928 p2pimsvc - ok

18:48:15.0661 2928 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

18:48:15.0666 2928 p2psvc - ok

18:48:15.0693 2928 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

18:48:15.0694 2928 Parport - ok

18:48:15.0737 2928 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

18:48:15.0737 2928 partmgr - ok

18:48:15.0751 2928 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

18:48:15.0754 2928 PcaSvc - ok

18:48:15.0957 2928 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe

18:48:15.0959 2928 PCCUJobMgr - ok

18:48:15.0994 2928 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

18:48:15.0995 2928 pci - ok

18:48:16.0005 2928 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

18:48:16.0005 2928 pciide - ok

18:48:16.0023 2928 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

18:48:16.0025 2928 pcmcia - ok

18:48:16.0041 2928 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

18:48:16.0042 2928 pcw - ok

18:48:16.0116 2928 [ C1C3BAF078BE5A14384A4BA2D730817D ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

18:48:16.0121 2928 PDFProFiltSrvPP - ok

18:48:16.0141 2928 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

18:48:16.0147 2928 PEAUTH - ok

18:48:16.0187 2928 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

18:48:16.0213 2928 PeerDistSvc - ok

18:48:16.0302 2928 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

18:48:16.0304 2928 PerfHost - ok

18:48:16.0376 2928 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

18:48:16.0402 2928 pla - ok

18:48:16.0444 2928 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

18:48:16.0449 2928 PlugPlay - ok

18:48:16.0466 2928 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

18:48:16.0468 2928 PNRPAutoReg - ok

18:48:16.0482 2928 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

18:48:16.0485 2928 PNRPsvc - ok

18:48:16.0502 2928 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

18:48:16.0509 2928 PolicyAgent - ok

18:48:16.0532 2928 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

18:48:16.0535 2928 Power - ok

18:48:16.0557 2928 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

18:48:16.0558 2928 PptpMiniport - ok

18:48:16.0573 2928 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

18:48:16.0574 2928 Processor - ok

18:48:16.0621 2928 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

18:48:16.0625 2928 ProfSvc - ok

18:48:16.0634 2928 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

18:48:16.0635 2928 ProtectedStorage - ok

18:48:16.0679 2928 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

18:48:16.0680 2928 Psched - ok

18:48:16.0707 2928 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

18:48:16.0708 2928 PxHlpa64 - ok

18:48:16.0768 2928 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

18:48:16.0794 2928 ql2300 - ok

18:48:16.0811 2928 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

18:48:16.0812 2928 ql40xx - ok

18:48:16.0840 2928 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

18:48:16.0844 2928 QWAVE - ok

18:48:16.0858 2928 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

18:48:16.0859 2928 QWAVEdrv - ok

18:48:16.0873 2928 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

18:48:16.0874 2928 RasAcd - ok

18:48:16.0891 2928 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

18:48:16.0891 2928 RasAgileVpn - ok

18:48:16.0903 2928 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

18:48:16.0906 2928 RasAuto - ok

18:48:16.0946 2928 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

18:48:16.0947 2928 Rasl2tp - ok

18:48:16.0963 2928 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

18:48:16.0968 2928 RasMan - ok

18:48:16.0981 2928 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

18:48:16.0982 2928 RasPppoe - ok

18:48:16.0988 2928 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

18:48:16.0989 2928 RasSstp - ok

18:48:17.0001 2928 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

18:48:17.0004 2928 rdbss - ok

18:48:17.0017 2928 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

18:48:17.0018 2928 rdpbus - ok

18:48:17.0029 2928 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

18:48:17.0030 2928 RDPCDD - ok

18:48:17.0064 2928 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

18:48:17.0066 2928 RDPDR - ok

18:48:17.0079 2928 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

18:48:17.0079 2928 RDPENCDD - ok

18:48:17.0094 2928 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

18:48:17.0094 2928 RDPREFMP - ok

18:48:17.0132 2928 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

18:48:17.0134 2928 RDPWD - ok

18:48:17.0184 2928 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

18:48:17.0186 2928 rdyboost - ok

18:48:17.0247 2928 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

18:48:17.0248 2928 RealNetworks Downloader Resolver Service - ok

18:48:17.0268 2928 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

18:48:17.0271 2928 RemoteAccess - ok

18:48:17.0293 2928 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

18:48:17.0296 2928 RemoteRegistry - ok

18:48:17.0313 2928 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

18:48:17.0315 2928 RpcEptMapper - ok

18:48:17.0328 2928 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

18:48:17.0329 2928 RpcLocator - ok

18:48:17.0370 2928 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

18:48:17.0373 2928 RpcSs - ok

18:48:17.0397 2928 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

18:48:17.0398 2928 rspndr - ok

18:48:17.0433 2928 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

18:48:17.0434 2928 s3cap - ok

18:48:17.0450 2928 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

18:48:17.0451 2928 SamSs - ok

18:48:17.0506 2928 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

18:48:17.0507 2928 SASDIFSV - ok

18:48:17.0523 2928 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

18:48:17.0524 2928 SASKUTIL - ok

18:48:17.0543 2928 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

18:48:17.0544 2928 sbp2port - ok

18:48:17.0570 2928 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

18:48:17.0574 2928 SCardSvr - ok

18:48:17.0605 2928 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

18:48:17.0607 2928 scfilter - ok

18:48:17.0660 2928 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

18:48:17.0678 2928 Schedule - ok

18:48:17.0717 2928 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

18:48:17.0718 2928 SCPolicySvc - ok

18:48:17.0767 2928 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

18:48:17.0770 2928 SDRSVC - ok

18:48:17.0820 2928 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

18:48:17.0821 2928 SeagateDashboardService - ok

18:48:17.0966 2928 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

18:48:18.0002 2928 SeaPort - ok

18:48:18.0120 2928 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

18:48:18.0120 2928 secdrv - ok

18:48:18.0143 2928 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

18:48:18.0145 2928 seclogon - ok

18:48:18.0175 2928 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

18:48:18.0177 2928 SENS - ok

18:48:18.0190 2928 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

18:48:18.0192 2928 SensrSvc - ok

18:48:18.0201 2928 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

18:48:18.0202 2928 Serenum - ok

18:48:18.0223 2928 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

18:48:18.0224 2928 Serial - ok

18:48:18.0259 2928 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

18:48:18.0259 2928 sermouse - ok

18:48:18.0308 2928 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

18:48:18.0310 2928 SessionEnv - ok

18:48:18.0345 2928 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

18:48:18.0346 2928 sffdisk - ok

18:48:18.0355 2928 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

18:48:18.0355 2928 sffp_mmc - ok

18:48:18.0360 2928 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

18:48:18.0361 2928 sffp_sd - ok

18:48:18.0376 2928 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

18:48:18.0377 2928 sfloppy - ok

18:48:18.0406 2928 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

18:48:18.0410 2928 SharedAccess - ok

18:48:18.0425 2928 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

18:48:18.0430 2928 ShellHWDetection - ok

18:48:18.0449 2928 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

18:48:18.0449 2928 SiSRaid2 - ok

18:48:18.0459 2928 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

18:48:18.0459 2928 SiSRaid4 - ok

18:48:18.0573 2928 [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

18:48:18.0625 2928 Skype C2C Service - ok

18:48:18.0680 2928 [ CA355B308AA537C6B9D67CD3A5485AF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

18:48:18.0682 2928 SkypeUpdate - ok

18:48:18.0715 2928 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

18:48:18.0716 2928 Smb - ok

18:48:18.0744 2928 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

18:48:18.0746 2928 SNMPTRAP - ok

18:48:18.0766 2928 [ 8B13C1CD69009AD94678CD5400373B38 ] sosnf64 C:\Windows\system32\drivers\sosnf64.sys

18:48:18.0767 2928 sosnf64 - ok

18:48:18.0793 2928 SOSNFFSV - ok

18:48:18.0796 2928 SOSNFLSV - ok

18:48:18.0811 2928 sosnfusv - ok

18:48:18.0823 2928 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

18:48:18.0824 2928 spldr - ok

18:48:18.0857 2928 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

18:48:18.0864 2928 Spooler - ok

18:48:19.0062 2928 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

18:48:19.0128 2928 sppsvc - ok

18:48:19.0150 2928 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

18:48:19.0153 2928 sppuinotify - ok

18:48:19.0190 2928 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

18:48:19.0194 2928 srv - ok

18:48:19.0213 2928 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

18:48:19.0217 2928 srv2 - ok

18:48:19.0233 2928 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

18:48:19.0235 2928 srvnet - ok

18:48:19.0250 2928 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

18:48:19.0253 2928 SSDPSRV - ok

18:48:19.0270 2928 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

18:48:19.0273 2928 SstpSvc - ok

18:48:19.0306 2928 Steam Client Service - ok

18:48:19.0391 2928 [ 8544A200C40447E465F06E58687428BB ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

18:48:19.0394 2928 Stereo Service - ok

18:48:19.0409 2928 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

18:48:19.0410 2928 stexstor - ok

18:48:19.0451 2928 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

18:48:19.0452 2928 StillCam - ok

18:48:19.0500 2928 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

18:48:19.0507 2928 stisvc - ok

18:48:19.0529 2928 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

18:48:19.0572 2928 stllssvr - ok

18:48:19.0620 2928 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

18:48:19.0620 2928 storflt - ok

18:48:19.0636 2928 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll

18:48:19.0638 2928 StorSvc - ok

18:48:19.0652 2928 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

18:48:19.0653 2928 storvsc - ok

18:48:19.0671 2928 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

18:48:19.0671 2928 swenum - ok

18:48:19.0701 2928 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

18:48:19.0707 2928 swprv - ok

18:48:19.0767 2928 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

18:48:19.0793 2928 SysMain - ok

18:48:19.0826 2928 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

18:48:19.0828 2928 TabletInputService - ok

18:48:19.0843 2928 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

18:48:19.0848 2928 TapiSrv - ok

18:48:19.0860 2928 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

18:48:19.0862 2928 TBS - ok

18:48:19.0926 2928 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

18:48:19.0960 2928 Tcpip - ok

18:48:20.0000 2928 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

18:48:20.0010 2928 TCPIP6 - ok

18:48:20.0091 2928 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

18:48:20.0092 2928 tcpipreg - ok

18:48:20.0221 2928 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

18:48:20.0268 2928 TDPIPE - ok

18:48:20.0307 2928 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

18:48:20.0309 2928 TDTCP - ok

18:48:20.0351 2928 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

18:48:20.0352 2928 tdx - ok

18:48:20.0384 2928 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

18:48:20.0384 2928 TermDD - ok

18:48:20.0431 2928 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

18:48:20.0440 2928 TermService - ok

18:48:20.0460 2928 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

18:48:20.0462 2928 Themes - ok

18:48:20.0483 2928 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

18:48:20.0484 2928 THREADORDER - ok

18:48:20.0503 2928 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

18:48:20.0506 2928 TrkWks - ok

18:48:20.0560 2928 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

18:48:20.0562 2928 TrustedInstaller - ok

18:48:20.0601 2928 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

18:48:20.0602 2928 tssecsrv - ok

18:48:20.0639 2928 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

18:48:20.0639 2928 TsUsbFlt - ok

18:48:20.0691 2928 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

18:48:20.0692 2928 tunnel - ok

18:48:20.0707 2928 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

18:48:20.0707 2928 uagp35 - ok

18:48:20.0746 2928 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

18:48:20.0749 2928 udfs - ok

18:48:20.0780 2928 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

18:48:20.0782 2928 UI0Detect - ok

18:48:20.0827 2928 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

18:48:20.0828 2928 uliagpkx - ok

18:48:20.0839 2928 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

18:48:20.0839 2928 umbus - ok

18:48:20.0848 2928 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

18:48:20.0848 2928 UmPass - ok

18:48:20.0885 2928 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

18:48:20.0888 2928 UmRdpService - ok

18:48:20.0903 2928 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

18:48:20.0909 2928 upnphost - ok

18:48:20.0934 2928 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys

18:48:20.0935 2928 usbccgp - ok

18:48:20.0961 2928 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

18:48:20.0962 2928 usbcir - ok

18:48:20.0977 2928 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

18:48:20.0978 2928 usbehci - ok

18:48:21.0001 2928 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

18:48:21.0004 2928 usbhub - ok

18:48:21.0026 2928 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

18:48:21.0027 2928 usbohci - ok

18:48:21.0040 2928 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

18:48:21.0040 2928 usbprint - ok

18:48:21.0076 2928 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:48:21.0076 2928 USBSTOR - ok

18:48:21.0085 2928 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

18:48:21.0085 2928 usbuhci - ok

18:48:21.0112 2928 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

18:48:21.0114 2928 UxSms - ok

18:48:21.0120 2928 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

18:48:21.0122 2928 VaultSvc - ok

18:48:21.0160 2928 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

18:48:21.0160 2928 vdrvroot - ok

18:48:21.0200 2928 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

18:48:21.0207 2928 vds - ok

18:48:21.0223 2928 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

18:48:21.0224 2928 vga - ok

18:48:21.0232 2928 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

18:48:21.0233 2928 VgaSave - ok

18:48:21.0246 2928 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

18:48:21.0248 2928 vhdmp - ok

18:48:21.0258 2928 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

18:48:21.0259 2928 viaide - ok

18:48:21.0277 2928 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

18:48:21.0279 2928 vmbus - ok

18:48:21.0293 2928 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

18:48:21.0293 2928 VMBusHID - ok

18:48:21.0309 2928 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

18:48:21.0309 2928 volmgr - ok

18:48:21.0353 2928 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

18:48:21.0356 2928 volmgrx - ok

18:48:21.0371 2928 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

18:48:21.0374 2928 volsnap - ok

18:48:21.0397 2928 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys

18:48:21.0398 2928 vpcbus - ok

18:48:21.0432 2928 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys

18:48:21.0432 2928 vpcnfltr - ok

18:48:21.0440 2928 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys

18:48:21.0441 2928 vpcusb - ok

18:48:21.0490 2928 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys

18:48:21.0493 2928 vpcvmm - ok

18:48:21.0519 2928 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

18:48:21.0521 2928 vsmraid - ok

18:48:21.0576 2928 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

18:48:21.0602 2928 VSS - ok

18:48:21.0611 2928 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

18:48:21.0611 2928 vwifibus - ok

18:48:21.0638 2928 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

18:48:21.0643 2928 W32Time - ok

18:48:21.0660 2928 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

18:48:21.0661 2928 WacomPen - ok

18:48:21.0703 2928 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

18:48:21.0704 2928 WANARP - ok

18:48:21.0709 2928 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

18:48:21.0710 2928 Wanarpv6 - ok

18:48:21.0761 2928 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

18:48:21.0787 2928 WatAdminSvc - ok

18:48:21.0852 2928 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

18:48:21.0887 2928 wbengine - ok

18:48:21.0910 2928 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

18:48:21.0914 2928 WbioSrvc - ok

18:48:21.0960 2928 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

18:48:21.0965 2928 wcncsvc - ok

18:48:21.0974 2928 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

18:48:21.0977 2928 WcsPlugInService - ok

18:48:22.0001 2928 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

18:48:22.0002 2928 Wd - ok

18:48:22.0029 2928 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

18:48:22.0036 2928 Wdf01000 - ok

18:48:22.0049 2928 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

18:48:22.0052 2928 WdiServiceHost - ok

18:48:22.0056 2928 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

18:48:22.0058 2928 WdiSystemHost - ok

18:48:22.0097 2928 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

18:48:22.0101 2928 WebClient - ok

18:48:22.0111 2928 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

18:48:22.0115 2928 Wecsvc - ok

18:48:22.0128 2928 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

18:48:22.0131 2928 wercplsupport - ok

18:48:22.0144 2928 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

18:48:22.0195 2928 WerSvc - ok

18:48:22.0256 2928 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

18:48:22.0257 2928 WfpLwf - ok

18:48:22.0271 2928 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

18:48:22.0272 2928 WIMMount - ok

18:48:22.0379 2928 WinDefend - ok

18:48:22.0445 2928 WinHttpAutoProxySvc - ok

18:48:22.0490 2928 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

18:48:22.0494 2928 Winmgmt - ok

18:48:22.0551 2928 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

18:48:22.0586 2928 WinRM - ok

18:48:22.0625 2928 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

18:48:22.0635 2928 Wlansvc - ok

18:48:22.0728 2928 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

18:48:22.0730 2928 wlcrasvc - ok

18:48:22.0833 2928 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

18:48:22.0876 2928 wlidsvc - ok

18:48:22.0910 2928 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

18:48:22.0911 2928 WmiAcpi - ok

18:48:22.0941 2928 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

18:48:22.0960 2928 wmiApSrv - ok

18:48:23.0020 2928 WMPNetworkSvc - ok

18:48:23.0057 2928 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

18:48:23.0059 2928 WPCSvc - ok

18:48:23.0093 2928 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

18:48:23.0096 2928 WPDBusEnum - ok

18:48:23.0117 2928 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

18:48:23.0118 2928 ws2ifsl - ok

18:48:23.0133 2928 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

18:48:23.0136 2928 wscsvc - ok

18:48:23.0179 2928 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

18:48:23.0179 2928 WSDPrintDevice - ok

18:48:23.0213 2928 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys

18:48:23.0213 2928 WSDScan - ok

18:48:23.0218 2928 WSearch - ok

18:48:23.0282 2928 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

18:48:23.0317 2928 wuauserv - ok

18:48:23.0359 2928 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

18:48:23.0360 2928 WudfPf - ok

18:48:23.0414 2928 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

18:48:23.0416 2928 WUDFRd - ok

18:48:23.0433 2928 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

18:48:23.0436 2928 wudfsvc - ok

18:48:23.0476 2928 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll

18:48:23.0480 2928 WwanSvc - ok

18:48:23.0495 2928 ================ Scan global ===============================

18:48:23.0514 2928 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

18:48:23.0550 2928 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

18:48:23.0558 2928 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

18:48:23.0578 2928 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

18:48:23.0591 2928 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

18:48:23.0595 2928 [Global] - ok

18:48:23.0596 2928 ================ Scan MBR ==================================

18:48:23.0609 2928 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0

18:48:23.0610 2928 Suspicious mbr (Forged): \Device\Harddisk0\DR0

18:48:23.0660 2928 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

18:48:23.0661 2928 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

18:48:23.0661 2928 ================ Scan VBR ==================================

18:48:23.0668 2928 [ D8164AB61919E664836E4ADA667D4531 ] \Device\Harddisk0\DR0\Partition1

18:48:23.0670 2928 \Device\Harddisk0\DR0\Partition1 - ok

18:48:23.0681 2928 [ D4EA36D621DA6185760C985B9EB3FD34 ] \Device\Harddisk0\DR0\Partition2

18:48:23.0683 2928 \Device\Harddisk0\DR0\Partition2 - ok

18:48:23.0683 2928 ============================================================

18:48:23.0683 2928 Scan finished

18:48:23.0683 2928 ============================================================

18:48:23.0693 3692 Detected object count: 2

18:48:23.0693 3692 Actual detected object count: 2

18:48:39.0203 3692 Akamai ( HiddenFile.Multi.Generic ) - skipped by user

18:48:39.0203 3692 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

18:48:39.0205 3692 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user

18:48:39.0205 3692 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip

18:48:46.0736 1744 Deinitialize success

Link to post
Share on other sites

ouch...

Please read and follow these instructions carefully.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • When the scan is finished, select cure for the following entry.
    Rootkit.Boot.Pihar.c


  • Hit continue.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

Link to post
Share on other sites

There where 2 reports generated: 18:23:25.0292 8760 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:23:25.0659 8760 ============================================================

18:23:25.0659 8760 Current date / time: 2013/06/07 18:23:25.0659

18:23:25.0659 8760 SystemInfo:

18:23:25.0659 8760

18:23:25.0659 8760 OS Version: 6.1.7601 ServicePack: 1.0

18:23:25.0659 8760 Product type: Workstation

18:23:25.0659 8760 ComputerName: BOB

18:23:25.0659 8760 UserName: Desk2

18:23:25.0659 8760 Windows directory: C:\Windows

18:23:25.0659 8760 System windows directory: C:\Windows

18:23:25.0659 8760 Running under WOW64

18:23:25.0659 8760 Processor architecture: Intel x64

18:23:25.0659 8760 Number of processors: 2

18:23:25.0659 8760 Page size: 0x1000

18:23:25.0659 8760 Boot type: Normal boot

18:23:25.0659 8760 ============================================================

18:23:27.0108 8760 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

18:23:27.0129 8760 ============================================================

18:23:27.0129 8760 \Device\Harddisk0\DR0:

18:23:27.0129 8760 MBR partitions:

18:23:27.0129 8760 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1391000

18:23:27.0129 8760 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13A5000, BlocksNum 0x38FE0800

18:23:27.0129 8760 ============================================================

18:23:27.0182 8760 C: <-> \Device\Harddisk0\DR0\Partition2

18:23:27.0182 8760 ============================================================

18:23:27.0182 8760 Initialize success

18:23:27.0182 8760 ============================================================

18:23:38.0488 8008 ============================================================

18:23:38.0488 8008 Scan started

18:23:38.0488 8008 Mode: Manual;

18:23:38.0488 8008 ============================================================

18:23:39.0191 8008 ================ Scan system memory ========================

18:23:39.0191 8008 System memory - ok

18:23:39.0191 8008 ================ Scan services =============================

18:23:39.0286 8008 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

18:23:39.0289 8008 !SASCORE - ok

18:23:39.0401 8008 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

18:23:39.0403 8008 1394ohci - ok

18:23:39.0428 8008 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

18:23:39.0432 8008 ACPI - ok

18:23:39.0447 8008 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

18:23:39.0449 8008 AcpiPmi - ok

18:23:39.0561 8008 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

18:23:39.0570 8008 AdobeARMservice - ok

18:23:39.0665 8008 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

18:23:39.0668 8008 AdobeFlashPlayerUpdateSvc - ok

18:23:39.0704 8008 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

18:23:39.0723 8008 adp94xx - ok

18:23:39.0752 8008 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

18:23:39.0757 8008 adpahci - ok

18:23:39.0770 8008 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

18:23:39.0773 8008 adpu320 - ok

18:23:39.0792 8008 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

18:23:39.0794 8008 AeLookupSvc - ok

18:23:39.0818 8008 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

18:23:39.0820 8008 AERTFilters - ok

18:23:39.0871 8008 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

18:23:39.0877 8008 AFD - ok

18:23:39.0909 8008 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

18:23:39.0910 8008 agp440 - ok

18:23:40.0194 8008 [ C7074BD8D4B8F564859ED373433030AE ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll

18:23:40.0194 8008 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE

18:23:40.0204 8008 Akamai ( HiddenFile.Multi.Generic ) - warning

18:23:40.0204 8008 Akamai - detected HiddenFile.Multi.Generic (1)

18:23:40.0228 8008 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

18:23:40.0230 8008 ALG - ok

18:23:40.0252 8008 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

18:23:40.0253 8008 aliide - ok

18:23:40.0259 8008 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

18:23:40.0260 8008 amdide - ok

18:23:40.0280 8008 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

18:23:40.0281 8008 AmdK8 - ok

18:23:40.0296 8008 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

18:23:40.0298 8008 AmdPPM - ok

18:23:40.0341 8008 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

18:23:40.0344 8008 amdsata - ok

18:23:40.0360 8008 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

18:23:40.0363 8008 amdsbs - ok

18:23:40.0378 8008 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

18:23:40.0379 8008 amdxata - ok

18:23:40.0428 8008 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

18:23:40.0430 8008 AppID - ok

18:23:40.0443 8008 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

18:23:40.0445 8008 AppIDSvc - ok

18:23:40.0480 8008 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll

18:23:40.0482 8008 Appinfo - ok

18:23:40.0507 8008 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

18:23:40.0510 8008 AppMgmt - ok

18:23:40.0527 8008 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

18:23:40.0529 8008 arc - ok

18:23:40.0538 8008 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

18:23:40.0541 8008 arcsas - ok

18:23:40.0644 8008 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

18:23:40.0645 8008 aspnet_state - ok

18:23:40.0665 8008 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

18:23:40.0667 8008 AsyncMac - ok

18:23:40.0704 8008 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

18:23:40.0705 8008 atapi - ok

18:23:40.0758 8008 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

18:23:40.0765 8008 AudioEndpointBuilder - ok

18:23:40.0775 8008 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

18:23:40.0779 8008 AudioSrv - ok

18:23:40.0840 8008 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

18:23:40.0843 8008 AxInstSV - ok

18:23:40.0869 8008 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

18:23:40.0874 8008 b06bdrv - ok

18:23:40.0904 8008 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

18:23:40.0907 8008 b57nd60a - ok

18:23:40.0936 8008 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

18:23:40.0938 8008 BDESVC - ok

18:23:40.0945 8008 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

18:23:40.0946 8008 Beep - ok

18:23:40.0997 8008 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

18:23:41.0004 8008 BFE - ok

18:23:41.0023 8008 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

18:23:41.0047 8008 BITS - ok

18:23:41.0085 8008 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

18:23:41.0087 8008 blbdrive - ok

18:23:41.0123 8008 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

18:23:41.0124 8008 bowser - ok

18:23:41.0173 8008 [ 1AD28A8A753E4BD8FDB4F5F857ACE561 ] BPowMon C:\Program Files\Broadcom\BPowMon\BPowMon.exe

18:23:41.0175 8008 BPowMon - ok

18:23:41.0184 8008 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

18:23:41.0185 8008 BrFiltLo - ok

18:23:41.0199 8008 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

18:23:41.0201 8008 BrFiltUp - ok

18:23:41.0236 8008 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

18:23:41.0238 8008 Browser - ok

18:23:41.0282 8008 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

18:23:41.0286 8008 Brserid - ok

18:23:41.0305 8008 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

18:23:41.0307 8008 BrSerWdm - ok

18:23:41.0318 8008 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

18:23:41.0319 8008 BrUsbMdm - ok

18:23:41.0333 8008 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

18:23:41.0334 8008 BrUsbSer - ok

18:23:41.0386 8008 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe

18:23:41.0389 8008 BrYNSvc - ok

18:23:41.0401 8008 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

18:23:41.0402 8008 BTHMODEM - ok

18:23:41.0430 8008 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

18:23:41.0432 8008 bthserv - ok

18:23:41.0444 8008 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

18:23:41.0446 8008 cdfs - ok

18:23:41.0487 8008 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

18:23:41.0489 8008 cdrom - ok

18:23:41.0535 8008 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

18:23:41.0537 8008 CertPropSvc - ok

18:23:41.0562 8008 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

18:23:41.0563 8008 circlass - ok

18:23:41.0601 8008 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

18:23:41.0604 8008 CLFS - ok

18:23:41.0653 8008 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:23:41.0655 8008 clr_optimization_v2.0.50727_32 - ok

18:23:41.0689 8008 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

18:23:41.0691 8008 clr_optimization_v2.0.50727_64 - ok

18:23:41.0743 8008 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:23:41.0745 8008 clr_optimization_v4.0.30319_32 - ok

18:23:41.0751 8008 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

18:23:41.0753 8008 clr_optimization_v4.0.30319_64 - ok

18:23:41.0803 8008 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

18:23:41.0804 8008 CmBatt - ok

18:23:41.0840 8008 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

18:23:41.0841 8008 cmdide - ok

18:23:41.0883 8008 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

18:23:41.0888 8008 CNG - ok

18:23:41.0900 8008 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

18:23:41.0901 8008 Compbatt - ok

18:23:41.0916 8008 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

18:23:41.0917 8008 CompositeBus - ok

18:23:41.0930 8008 COMSysApp - ok

18:23:41.0947 8008 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

18:23:41.0948 8008 crcdisk - ok

18:23:41.0986 8008 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

18:23:41.0989 8008 CryptSvc - ok

18:23:42.0027 8008 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

18:23:42.0033 8008 CSC - ok

18:23:42.0349 8008 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

18:23:42.0356 8008 CscService - ok

18:23:42.0378 8008 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

18:23:42.0384 8008 DcomLaunch - ok

18:23:42.0407 8008 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

18:23:42.0410 8008 defragsvc - ok

18:23:42.0443 8008 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

18:23:42.0444 8008 DfsC - ok

18:23:42.0461 8008 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

18:23:42.0465 8008 Dhcp - ok

18:23:42.0483 8008 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

18:23:42.0485 8008 discache - ok

18:23:42.0508 8008 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

18:23:42.0510 8008 Disk - ok

18:23:42.0558 8008 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

18:23:42.0561 8008 Dnscache - ok

18:23:42.0608 8008 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

18:23:42.0611 8008 dot3svc - ok

18:23:42.0623 8008 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

18:23:42.0625 8008 DPS - ok

18:23:42.0652 8008 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

18:23:42.0653 8008 drmkaud - ok

18:23:42.0707 8008 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

18:23:42.0718 8008 DXGKrnl - ok

18:23:42.0745 8008 EagleX64 - ok

18:23:42.0763 8008 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

18:23:42.0765 8008 EapHost - ok

18:23:42.0832 8008 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

18:23:42.0883 8008 ebdrv - ok

18:23:42.0924 8008 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

18:23:42.0926 8008 EFS - ok

18:23:42.0958 8008 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

18:23:42.0965 8008 ehRecvr - ok

18:23:42.0986 8008 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

18:23:42.0988 8008 ehSched - ok

18:23:43.0021 8008 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

18:23:43.0027 8008 elxstor - ok

18:23:43.0066 8008 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

18:23:43.0067 8008 ErrDev - ok

18:23:43.0101 8008 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

18:23:43.0106 8008 EventSystem - ok

18:23:43.0118 8008 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

18:23:43.0121 8008 exfat - ok

18:23:43.0138 8008 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

18:23:43.0140 8008 fastfat - ok

18:23:43.0188 8008 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

18:23:43.0196 8008 Fax - ok

18:23:43.0211 8008 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

18:23:43.0212 8008 fdc - ok

18:23:43.0223 8008 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

18:23:43.0224 8008 fdPHost - ok

18:23:43.0230 8008 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

18:23:43.0232 8008 FDResPub - ok

18:23:43.0246 8008 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

18:23:43.0247 8008 FileInfo - ok

18:23:43.0260 8008 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

18:23:43.0261 8008 Filetrace - ok

18:23:43.0277 8008 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

18:23:43.0278 8008 flpydisk - ok

18:23:43.0300 8008 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

18:23:43.0303 8008 FltMgr - ok

18:23:43.0355 8008 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

18:23:43.0373 8008 FontCache - ok

18:23:43.0429 8008 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

18:23:43.0430 8008 FontCache3.0.0.0 - ok

18:23:43.0449 8008 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

18:23:43.0451 8008 FsDepends - ok

18:23:43.0481 8008 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

18:23:43.0482 8008 Fs_Rec - ok

18:23:43.0519 8008 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

18:23:43.0522 8008 fvevol - ok

18:23:43.0551 8008 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

18:23:43.0552 8008 gagp30kx - ok

18:23:43.0601 8008 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

18:23:43.0615 8008 gpsvc - ok

18:23:43.0708 8008 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:23:43.0710 8008 gupdate - ok

18:23:43.0722 8008 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:23:43.0724 8008 gupdatem - ok

18:23:43.0769 8008 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

18:23:43.0772 8008 gusvc - ok

18:23:43.0793 8008 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

18:23:43.0795 8008 hcw85cir - ok

18:23:43.0838 8008 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

18:23:43.0840 8008 HDAudBus - ok

18:23:43.0846 8008 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

18:23:43.0847 8008 HidBatt - ok

18:23:43.0861 8008 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

18:23:43.0863 8008 HidBth - ok

18:23:43.0877 8008 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

18:23:43.0878 8008 HidIr - ok

18:23:43.0897 8008 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

18:23:43.0898 8008 hidserv - ok

18:23:43.0920 8008 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

18:23:43.0922 8008 HidUsb - ok

18:23:43.0955 8008 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

18:23:43.0957 8008 hkmsvc - ok

18:23:43.0990 8008 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

18:23:43.0993 8008 HomeGroupListener - ok

18:23:44.0025 8008 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

18:23:44.0028 8008 HomeGroupProvider - ok

18:23:44.0045 8008 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

18:23:44.0047 8008 HpSAMD - ok

18:23:44.0090 8008 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

18:23:44.0098 8008 HTTP - ok

18:23:44.0128 8008 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

18:23:44.0129 8008 hwpolicy - ok

18:23:44.0175 8008 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

18:23:44.0177 8008 i8042prt - ok

18:23:44.0231 8008 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

18:23:44.0236 8008 iaStorV - ok

18:23:44.0572 8008 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

18:23:44.0574 8008 IDriverT - ok

18:23:44.0652 8008 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

18:23:44.0661 8008 idsvc - ok

18:23:44.0684 8008 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

18:23:44.0686 8008 iirsp - ok

18:23:44.0737 8008 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

18:23:44.0746 8008 IKEEXT - ok

18:23:44.0795 8008 [ 5BA1779E2C84FDE2A5E201FFF9C42C9C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

18:23:44.0837 8008 IntcAzAudAddService - ok

18:23:44.0848 8008 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

18:23:44.0848 8008 intelide - ok

18:23:44.0868 8008 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

18:23:44.0870 8008 intelppm - ok

18:23:44.0904 8008 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

18:23:44.0906 8008 IPBusEnum - ok

18:23:44.0939 8008 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:23:44.0941 8008 IpFilterDriver - ok

18:23:44.0983 8008 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

18:23:44.0988 8008 iphlpsvc - ok

18:23:45.0023 8008 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

18:23:45.0024 8008 IPMIDRV - ok

18:23:45.0045 8008 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

18:23:45.0047 8008 IPNAT - ok

18:23:45.0071 8008 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

18:23:45.0072 8008 IRENUM - ok

18:23:45.0083 8008 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

18:23:45.0084 8008 isapnp - ok

18:23:45.0122 8008 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

18:23:45.0126 8008 iScsiPrt - ok

18:23:45.0166 8008 [ D85F3F18E44F7447B5F1BA5C85BAEB7C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys

18:23:45.0169 8008 k57nd60a - ok

18:23:45.0188 8008 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

18:23:45.0189 8008 kbdclass - ok

18:23:45.0209 8008 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

18:23:45.0211 8008 kbdhid - ok

18:23:45.0223 8008 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

18:23:45.0224 8008 KeyIso - ok

18:23:45.0262 8008 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

18:23:45.0263 8008 KSecDD - ok

18:23:45.0303 8008 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

18:23:45.0305 8008 KSecPkg - ok

18:23:45.0324 8008 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

18:23:45.0325 8008 ksthunk - ok

18:23:45.0353 8008 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

18:23:45.0358 8008 KtmRm - ok

18:23:45.0409 8008 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

18:23:45.0413 8008 LanmanServer - ok

18:23:45.0452 8008 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

18:23:45.0455 8008 LanmanWorkstation - ok

18:23:45.0482 8008 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

18:23:45.0483 8008 lltdio - ok

18:23:45.0505 8008 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

18:23:45.0510 8008 lltdsvc - ok

18:23:45.0526 8008 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

18:23:45.0527 8008 lmhosts - ok

18:23:45.0555 8008 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

18:23:45.0557 8008 LSI_FC - ok

18:23:45.0574 8008 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

18:23:45.0576 8008 LSI_SAS - ok

18:23:45.0588 8008 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

18:23:45.0590 8008 LSI_SAS2 - ok

18:23:45.0604 8008 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

18:23:45.0606 8008 LSI_SCSI - ok

18:23:45.0635 8008 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

18:23:45.0639 8008 luafv - ok

18:23:45.0685 8008 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

18:23:45.0686 8008 MBAMProtector - ok

18:23:45.0769 8008 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

18:23:45.0774 8008 MBAMScheduler - ok

18:23:45.0796 8008 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

18:23:45.0804 8008 MBAMService - ok

18:23:45.0835 8008 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

18:23:45.0838 8008 Mcx2Svc - ok

18:23:45.0858 8008 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

18:23:45.0860 8008 megasas - ok

18:23:45.0878 8008 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

18:23:45.0881 8008 MegaSR - ok

18:23:45.0952 8008 [ 671A03CA9CD0259CCBB7B78A9CE234EC ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

18:23:45.0954 8008 MemeoBackgroundService - ok

18:23:46.0032 8008 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

18:23:46.0033 8008 Microsoft Office Groove Audit Service - ok

18:23:46.0058 8008 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

18:23:46.0061 8008 MMCSS - ok

18:23:46.0079 8008 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

18:23:46.0081 8008 Modem - ok

18:23:46.0129 8008 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

18:23:46.0131 8008 monitor - ok

18:23:46.0160 8008 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

18:23:46.0161 8008 mouclass - ok

18:23:46.0175 8008 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

18:23:46.0177 8008 mouhid - ok

18:23:46.0227 8008 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

18:23:46.0229 8008 mountmgr - ok

18:23:46.0294 8008 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

18:23:46.0297 8008 MpFilter - ok

18:23:46.0307 8008 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

18:23:46.0309 8008 mpio - ok

18:23:46.0324 8008 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

18:23:46.0326 8008 mpsdrv - ok

18:23:46.0667 8008 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

18:23:46.0687 8008 MpsSvc - ok

18:23:46.0719 8008 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

18:23:46.0721 8008 MRxDAV - ok

18:23:46.0756 8008 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

18:23:46.0758 8008 mrxsmb - ok

18:23:46.0793 8008 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:23:46.0796 8008 mrxsmb10 - ok

18:23:46.0811 8008 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:23:46.0813 8008 mrxsmb20 - ok

18:23:46.0853 8008 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

18:23:46.0855 8008 msahci - ok

18:23:46.0873 8008 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

18:23:46.0875 8008 msdsm - ok

18:23:46.0891 8008 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

18:23:46.0894 8008 MSDTC - ok

18:23:46.0934 8008 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

18:23:46.0935 8008 Msfs - ok

18:23:46.0948 8008 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

18:23:46.0949 8008 mshidkmdf - ok

18:23:46.0959 8008 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

18:23:46.0959 8008 msisadrv - ok

18:23:46.0985 8008 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

18:23:46.0988 8008 MSiSCSI - ok

18:23:46.0993 8008 msiserver - ok

18:23:47.0014 8008 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

18:23:47.0016 8008 MSKSSRV - ok

18:23:47.0080 8008 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

18:23:47.0081 8008 MsMpSvc - ok

18:23:47.0096 8008 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

18:23:47.0097 8008 MSPCLOCK - ok

18:23:47.0108 8008 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

18:23:47.0109 8008 MSPQM - ok

18:23:47.0145 8008 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

18:23:47.0148 8008 MsRPC - ok

18:23:47.0184 8008 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

18:23:47.0199 8008 mssmbios - ok

18:23:47.0216 8008 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

18:23:47.0218 8008 MSTEE - ok

18:23:47.0239 8008 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

18:23:47.0240 8008 MTConfig - ok

18:23:47.0257 8008 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

18:23:47.0258 8008 Mup - ok

18:23:47.0297 8008 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

18:23:47.0303 8008 napagent - ok

18:23:47.0330 8008 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

18:23:47.0334 8008 NativeWifiP - ok

18:23:47.0384 8008 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

18:23:47.0393 8008 NDIS - ok

18:23:47.0403 8008 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

18:23:47.0404 8008 NdisCap - ok

18:23:47.0417 8008 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

18:23:47.0419 8008 NdisTapi - ok

18:23:47.0450 8008 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

18:23:47.0452 8008 Ndisuio - ok

18:23:47.0489 8008 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

18:23:47.0492 8008 NdisWan - ok

18:23:47.0526 8008 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

18:23:47.0528 8008 NDProxy - ok

18:23:47.0539 8008 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

18:23:47.0540 8008 NetBIOS - ok

18:23:47.0580 8008 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

18:23:47.0584 8008 NetBT - ok

18:23:47.0595 8008 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

18:23:47.0596 8008 Netlogon - ok

18:23:47.0626 8008 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

18:23:47.0630 8008 Netman - ok

18:23:47.0662 8008 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:23:47.0671 8008 NetMsmqActivator - ok

18:23:47.0676 8008 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:23:47.0677 8008 NetPipeActivator - ok

18:23:47.0698 8008 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

18:23:47.0704 8008 netprofm - ok

18:23:47.0712 8008 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:23:47.0713 8008 NetTcpActivator - ok

18:23:47.0718 8008 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:23:47.0720 8008 NetTcpPortSharing - ok

18:23:47.0748 8008 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

18:23:47.0750 8008 nfrd960 - ok

18:23:47.0800 8008 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

18:23:47.0803 8008 NisDrv - ok

18:23:47.0878 8008 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

18:23:47.0882 8008 NisSrv - ok

18:23:47.0962 8008 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

18:23:47.0994 8008 NlaSvc - ok

18:23:48.0046 8008 Norton PC Checkup Application Launcher - ok

18:23:48.0058 8008 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

18:23:48.0059 8008 Npfs - ok

18:23:48.0082 8008 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

18:23:48.0084 8008 nsi - ok

18:23:48.0097 8008 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

18:23:48.0099 8008 nsiproxy - ok

18:23:48.0165 8008 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

18:23:48.0191 8008 Ntfs - ok

18:23:48.0201 8008 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

18:23:48.0203 8008 Null - ok

18:23:48.0244 8008 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

18:23:48.0247 8008 NVHDA - ok

18:23:48.0458 8008 [ 7683232B8C31B2414999F7FCA283DF8D ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

18:23:48.0614 8008 nvlddmkm - ok

18:23:48.0686 8008 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

18:23:48.0711 8008 nvraid - ok

18:23:48.0800 8008 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

18:23:48.0802 8008 nvstor - ok

18:23:48.0841 8008 [ AA58BF453223C8C8D0E82A7FCD03AE85 ] nvsvc C:\Windows\system32\nvvsvc.exe

18:23:48.0846 8008 nvsvc - ok

18:23:48.0980 8008 [ CD0BFAA6872CFE38C908D313AE17C350 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

18:23:49.0014 8008 nvUpdatusService - ok

18:23:49.0052 8008 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

18:23:49.0054 8008 nv_agp - ok

18:23:49.0140 8008 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

18:23:49.0144 8008 odserv - ok

18:23:49.0162 8008 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

18:23:49.0164 8008 ohci1394 - ok

18:23:49.0217 8008 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:23:49.0220 8008 ose - ok

18:23:49.0250 8008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

18:23:49.0254 8008 p2pimsvc - ok

18:23:49.0278 8008 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

18:23:49.0283 8008 p2psvc - ok

18:23:49.0309 8008 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

18:23:49.0311 8008 Parport - ok

18:23:49.0345 8008 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

18:23:49.0346 8008 partmgr - ok

18:23:49.0359 8008 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

18:23:49.0362 8008 PcaSvc - ok

18:23:49.0432 8008 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe

18:23:49.0434 8008 PCCUJobMgr - ok

18:23:49.0469 8008 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

18:23:49.0471 8008 pci - ok

18:23:49.0480 8008 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

18:23:49.0480 8008 pciide - ok

18:23:49.0498 8008 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

18:23:49.0501 8008 pcmcia - ok

18:23:49.0516 8008 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

18:23:49.0517 8008 pcw - ok

18:23:49.0583 8008 [ C1C3BAF078BE5A14384A4BA2D730817D ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

18:23:49.0584 8008 PDFProFiltSrvPP - ok

18:23:49.0599 8008 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

18:23:49.0606 8008 PEAUTH - ok

18:23:49.0646 8008 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

18:23:49.0671 8008 PeerDistSvc - ok

18:23:49.0743 8008 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

18:23:49.0746 8008 PerfHost - ok

18:23:49.0817 8008 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

18:23:49.0844 8008 pla - ok

18:23:49.0886 8008 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

18:23:49.0891 8008 PlugPlay - ok

18:23:49.0902 8008 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

18:23:49.0903 8008 PNRPAutoReg - ok

18:23:49.0924 8008 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

18:23:49.0927 8008 PNRPsvc - ok

18:23:49.0944 8008 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

18:23:49.0949 8008 PolicyAgent - ok

18:23:49.0965 8008 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

18:23:49.0968 8008 Power - ok

18:23:49.0990 8008 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

18:23:49.0992 8008 PptpMiniport - ok

18:23:50.0006 8008 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

18:23:50.0008 8008 Processor - ok

18:23:50.0055 8008 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

18:23:50.0058 8008 ProfSvc - ok

18:23:50.0067 8008 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

18:23:50.0068 8008 ProtectedStorage - ok

18:23:50.0104 8008 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

18:23:50.0105 8008 Psched - ok

18:23:50.0132 8008 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

18:23:50.0134 8008 PxHlpa64 - ok

18:23:50.0176 8008 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

18:23:50.0211 8008 ql2300 - ok

18:23:50.0228 8008 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

18:23:50.0231 8008 ql40xx - ok

18:23:50.0257 8008 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

18:23:50.0260 8008 QWAVE - ok

18:23:50.0275 8008 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

18:23:50.0277 8008 QWAVEdrv - ok

18:23:50.0290 8008 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

18:23:50.0305 8008 RasAcd - ok

18:23:50.0332 8008 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

18:23:50.0334 8008 RasAgileVpn - ok

18:23:50.0344 8008 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

18:23:50.0347 8008 RasAuto - ok

18:23:50.0387 8008 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

18:23:50.0390 8008 Rasl2tp - ok

18:23:50.0405 8008 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

18:23:50.0409 8008 RasMan - ok

18:23:50.0423 8008 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

18:23:50.0425 8008 RasPppoe - ok

18:23:50.0435 8008 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

18:23:50.0437 8008 RasSstp - ok

18:23:50.0451 8008 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

18:23:50.0454 8008 rdbss - ok

18:23:50.0467 8008 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

18:23:50.0468 8008 rdpbus - ok

18:23:50.0479 8008 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

18:23:50.0481 8008 RDPCDD - ok

18:23:50.0514 8008 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

18:23:50.0517 8008 RDPDR - ok

18:23:50.0537 8008 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

18:23:50.0538 8008 RDPENCDD - ok

18:23:50.0552 8008 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

18:23:50.0553 8008 RDPREFMP - ok

18:23:50.0590 8008 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

18:23:50.0593 8008 RDPWD - ok

18:23:50.0626 8008 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

18:23:50.0629 8008 rdyboost - ok

18:23:50.0963 8008 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

18:23:50.0964 8008 RealNetworks Downloader Resolver Service - ok

18:23:50.0984 8008 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

18:23:50.0987 8008 RemoteAccess - ok

18:23:51.0009 8008 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

18:23:51.0012 8008 RemoteRegistry - ok

18:23:51.0029 8008 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

18:23:51.0032 8008 RpcEptMapper - ok

18:23:51.0044 8008 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

18:23:51.0046 8008 RpcLocator - ok

18:23:51.0086 8008 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

18:23:51.0090 8008 RpcSs - ok

18:23:51.0122 8008 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

18:23:51.0124 8008 rspndr - ok

18:23:51.0158 8008 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

18:23:51.0159 8008 s3cap - ok

18:23:51.0174 8008 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

18:23:51.0175 8008 SamSs - ok

18:23:51.0231 8008 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

18:23:51.0232 8008 SASDIFSV - ok

18:23:51.0248 8008 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

18:23:51.0249 8008 SASKUTIL - ok

18:23:51.0292 8008 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

18:23:51.0294 8008 sbp2port - ok

18:23:51.0320 8008 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

18:23:51.0324 8008 SCardSvr - ok

18:23:51.0355 8008 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

18:23:51.0357 8008 scfilter - ok

18:23:51.0409 8008 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

18:23:51.0427 8008 Schedule - ok

18:23:51.0459 8008 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

18:23:51.0459 8008 SCPolicySvc - ok

18:23:51.0496 8008 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

18:23:51.0499 8008 SDRSVC - ok

18:23:51.0545 8008 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

18:23:51.0546 8008 SeagateDashboardService - ok

18:23:51.0615 8008 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

18:23:51.0618 8008 SeaPort - ok

18:23:51.0635 8008 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

18:23:51.0636 8008 secdrv - ok

18:23:51.0660 8008 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

18:23:51.0662 8008 seclogon - ok

18:23:51.0691 8008 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

18:23:51.0694 8008 SENS - ok

18:23:51.0706 8008 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

18:23:51.0709 8008 SensrSvc - ok

18:23:51.0717 8008 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

18:23:51.0719 8008 Serenum - ok

18:23:51.0740 8008 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

18:23:51.0742 8008 Serial - ok

18:23:51.0784 8008 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

18:23:51.0790 8008 sermouse - ok

18:23:51.0833 8008 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

18:23:51.0835 8008 SessionEnv - ok

18:23:51.0853 8008 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

18:23:51.0855 8008 sffdisk - ok

18:23:51.0871 8008 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

18:23:51.0873 8008 sffp_mmc - ok

18:23:51.0877 8008 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

18:23:51.0879 8008 sffp_sd - ok

18:23:51.0893 8008 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

18:23:51.0894 8008 sfloppy - ok

18:23:51.0922 8008 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

18:23:51.0927 8008 SharedAccess - ok

18:23:51.0941 8008 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

18:23:51.0946 8008 ShellHWDetection - ok

18:23:51.0965 8008 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

18:23:51.0967 8008 SiSRaid2 - ok

18:23:51.0975 8008 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

18:23:51.0977 8008 SiSRaid4 - ok

18:23:52.0090 8008 [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

18:23:52.0141 8008 Skype C2C Service - ok

18:23:52.0196 8008 [ CA355B308AA537C6B9D67CD3A5485AF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

18:23:52.0198 8008 SkypeUpdate - ok

18:23:52.0232 8008 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

18:23:52.0234 8008 Smb - ok

18:23:52.0269 8008 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

18:23:52.0271 8008 SNMPTRAP - ok

18:23:52.0291 8008 [ 8B13C1CD69009AD94678CD5400373B38 ] sosnf64 C:\Windows\system32\drivers\sosnf64.sys

18:23:52.0307 8008 sosnf64 - ok

18:23:52.0326 8008 SOSNFFSV - ok

18:23:52.0329 8008 SOSNFLSV - ok

18:23:52.0344 8008 sosnfusv - ok

18:23:52.0357 8008 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

18:23:52.0357 8008 spldr - ok

18:23:52.0391 8008 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

18:23:52.0397 8008 Spooler - ok

18:23:52.0476 8008 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

18:23:52.0529 8008 sppsvc - ok

18:23:52.0550 8008 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

18:23:52.0553 8008 sppuinotify - ok

18:23:52.0600 8008 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

18:23:52.0604 8008 srv - ok

18:23:52.0621 8008 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

18:23:52.0626 8008 srv2 - ok

18:23:52.0641 8008 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

18:23:52.0643 8008 srvnet - ok

18:23:52.0658 8008 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

18:23:52.0661 8008 SSDPSRV - ok

18:23:52.0670 8008 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

18:23:52.0673 8008 SstpSvc - ok

18:23:52.0706 8008 Steam Client Service - ok

18:23:52.0808 8008 [ 8544A200C40447E465F06E58687428BB ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

18:23:52.0812 8008 Stereo Service - ok

18:23:52.0834 8008 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

18:23:52.0915 8008 stexstor - ok

18:23:53.0084 8008 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

18:23:53.0086 8008 StillCam - ok

18:23:53.0150 8008 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

18:23:53.0157 8008 stisvc - ok

18:23:53.0178 8008 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

18:23:53.0216 8008 stllssvr - ok

18:23:53.0269 8008 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

18:23:53.0271 8008 storflt - ok

18:23:53.0294 8008 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll

18:23:53.0296 8008 StorSvc - ok

18:23:53.0310 8008 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

18:23:53.0311 8008 storvsc - ok

18:23:53.0320 8008 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

18:23:53.0322 8008 swenum - ok

18:23:53.0350 8008 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

18:23:53.0357 8008 swprv - ok

18:23:53.0417 8008 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

18:23:53.0451 8008 SysMain - ok

18:23:53.0484 8008 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

18:23:53.0486 8008 TabletInputService - ok

18:23:53.0502 8008 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

18:23:53.0507 8008 TapiSrv - ok

18:23:53.0518 8008 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

18:23:53.0520 8008 TBS - ok

18:23:53.0584 8008 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

18:23:53.0618 8008 Tcpip - ok

18:23:53.0667 8008 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

18:23:53.0677 8008 TCPIP6 - ok

18:23:53.0716 8008 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

18:23:53.0717 8008 tcpipreg - ok

18:23:53.0746 8008 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

18:23:53.0747 8008 TDPIPE - ok

18:23:53.0782 8008 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

18:23:53.0784 8008 TDTCP - ok

18:23:53.0843 8008 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

18:23:53.0845 8008 tdx - ok

18:23:53.0875 8008 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

18:23:53.0877 8008 TermDD - ok

18:23:53.0898 8008 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

18:23:53.0906 8008 TermService - ok

18:23:53.0926 8008 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

18:23:53.0929 8008 Themes - ok

18:23:53.0950 8008 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

18:23:53.0951 8008 THREADORDER - ok

18:23:53.0970 8008 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

18:23:53.0972 8008 TrkWks - ok

18:23:54.0026 8008 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

18:23:54.0029 8008 TrustedInstaller - ok

18:23:54.0068 8008 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

18:23:54.0069 8008 tssecsrv - ok

18:23:54.0105 8008 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

18:23:54.0107 8008 TsUsbFlt - ok

18:23:54.0157 8008 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

18:23:54.0160 8008 tunnel - ok

18:23:54.0173 8008 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

18:23:54.0175 8008 uagp35 - ok

18:23:54.0230 8008 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

18:23:54.0293 8008 udfs - ok

18:23:54.0330 8008 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

18:23:54.0345 8008 UI0Detect - ok

18:23:54.0394 8008 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

18:23:54.0396 8008 uliagpkx - ok

18:23:54.0430 8008 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

18:23:54.0431 8008 umbus - ok

18:23:54.0447 8008 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

18:23:54.0449 8008 UmPass - ok

18:23:54.0485 8008 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

18:23:54.0488 8008 UmRdpService - ok

18:23:54.0503 8008 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

18:23:54.0508 8008 upnphost - ok

18:23:54.0542 8008 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys

18:23:54.0544 8008 usbccgp - ok

18:23:54.0586 8008 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

18:23:54.0588 8008 usbcir - ok

18:23:54.0602 8008 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

18:23:54.0603 8008 usbehci - ok

18:23:54.0617 8008 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

18:23:54.0621 8008 usbhub - ok

18:23:54.0634 8008 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

18:23:54.0636 8008 usbohci - ok

18:23:54.0656 8008 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

18:23:54.0658 8008 usbprint - ok

18:23:54.0700 8008 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:23:54.0702 8008 USBSTOR - ok

18:23:54.0709 8008 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

18:23:54.0711 8008 usbuhci - ok

18:23:54.0737 8008 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

18:23:54.0739 8008 UxSms - ok

18:23:54.0754 8008 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

18:23:54.0755 8008 VaultSvc - ok

18:23:54.0793 8008 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

18:23:54.0794 8008 vdrvroot - ok

18:23:54.0840 8008 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

18:23:54.0847 8008 vds - ok

18:23:54.0852 8008 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

18:23:54.0854 8008 vga - ok

18:23:54.0866 8008 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

18:23:54.0867 8008 VgaSave - ok

18:23:54.0879 8008 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

18:23:54.0882 8008 vhdmp - ok

18:23:54.0891 8008 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

18:23:54.0893 8008 viaide - ok

18:23:54.0911 8008 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

18:23:54.0913 8008 vmbus - ok

18:23:54.0926 8008 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

18:23:54.0927 8008 VMBusHID - ok

18:23:54.0942 8008 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

18:23:54.0943 8008 volmgr - ok

18:23:55.0144 8008 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

18:23:55.0186 8008 volmgrx - ok

18:23:55.0220 8008 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

18:23:55.0224 8008 volsnap - ok

18:23:55.0246 8008 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys

18:23:55.0249 8008 vpcbus - ok

18:23:55.0281 8008 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys

18:23:55.0283 8008 vpcnfltr - ok

18:23:55.0298 8008 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys

18:23:55.0300 8008 vpcusb - ok

18:23:55.0348 8008 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys

18:23:55.0352 8008 vpcvmm - ok

18:23:55.0377 8008 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

18:23:55.0380 8008 vsmraid - ok

18:23:55.0434 8008 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

18:23:55.0460 8008 VSS - ok

18:23:55.0477 8008 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

18:23:55.0478 8008 vwifibus - ok

18:23:55.0505 8008 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

18:23:55.0510 8008 W32Time - ok

18:23:55.0526 8008 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

18:23:55.0528 8008 WacomPen - ok

18:23:55.0569 8008 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

18:23:55.0571 8008 WANARP - ok

18:23:55.0575 8008 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

18:23:55.0576 8008 Wanarpv6 - ok

18:23:55.0627 8008 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

18:23:55.0653 8008 WatAdminSvc - ok

18:23:55.0702 8008 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

18:23:55.0728 8008 wbengine - ok

18:23:55.0751 8008 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

18:23:55.0755 8008 WbioSrvc - ok

18:23:55.0801 8008 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

18:23:55.0807 8008 wcncsvc - ok

18:23:55.0815 8008 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

18:23:55.0818 8008 WcsPlugInService - ok

18:23:55.0843 8008 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

18:23:55.0853 8008 Wd - ok

18:23:55.0879 8008 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

18:23:55.0887 8008 Wdf01000 - ok

18:23:55.0898 8008 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

18:23:55.0901 8008 WdiServiceHost - ok

18:23:55.0905 8008 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

18:23:55.0907 8008 WdiSystemHost - ok

18:23:55.0946 8008 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

18:23:55.0950 8008 WebClient - ok

18:23:55.0960 8008 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

18:23:55.0964 8008 Wecsvc - ok

18:23:55.0978 8008 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

18:23:55.0980 8008 wercplsupport - ok

18:23:55.0993 8008 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

18:23:55.0996 8008 WerSvc - ok

18:23:56.0014 8008 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

18:23:56.0016 8008 WfpLwf - ok

18:23:56.0029 8008 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

18:23:56.0031 8008 WIMMount - ok

18:23:56.0037 8008 WinDefend - ok

18:23:56.0053 8008 WinHttpAutoProxySvc - ok

18:23:56.0099 8008 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

18:23:56.0101 8008 Winmgmt - ok

18:23:56.0168 8008 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

18:23:56.0203 8008 WinRM - ok

18:23:56.0250 8008 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

18:23:56.0260 8008 Wlansvc - ok

18:23:56.0344 8008 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

18:23:56.0346 8008 wlcrasvc - ok

18:23:56.0458 8008 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

18:23:56.0492 8008 wlidsvc - ok

18:23:56.0526 8008 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

18:23:56.0528 8008 WmiAcpi - ok

18:23:56.0558 8008 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

18:23:56.0561 8008 wmiApSrv - ok

18:23:56.0578 8008 WMPNetworkSvc - ok

18:23:56.0598 8008 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

18:23:56.0601 8008 WPCSvc - ok

18:23:56.0634 8008 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

18:23:56.0637 8008 WPDBusEnum - ok

18:23:56.0659 8008 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

18:23:56.0660 8008 ws2ifsl - ok

18:23:56.0674 8008 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

18:23:56.0677 8008 wscsvc - ok

18:23:56.0720 8008 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

18:23:56.0722 8008 WSDPrintDevice - ok

18:23:56.0746 8008 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys

18:23:56.0747 8008 WSDScan - ok

18:23:56.0752 8008 WSearch - ok

18:23:56.0816 8008 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

18:23:56.0850 8008 wuauserv - ok

18:23:56.0884 8008 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

18:23:56.0886 8008 WudfPf - ok

18:23:56.0914 8008 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

18:23:56.0917 8008 WUDFRd - ok

18:23:56.0950 8008 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

18:23:56.0953 8008 wudfsvc - ok

18:23:56.0993 8008 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll

18:23:56.0997 8008 WwanSvc - ok

18:23:57.0011 8008 ================ Scan global ===============================

18:23:57.0031 8008 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

18:23:57.0119 8008 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

18:23:57.0154 8008 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

18:23:57.0186 8008 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

18:23:57.0282 8008 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

18:23:57.0287 8008 [Global] - ok

18:23:57.0287 8008 ================ Scan MBR ==================================

18:23:57.0290 8008 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0

18:23:57.0291 8008 Suspicious mbr (Forged): \Device\Harddisk0\DR0

18:23:57.0343 8008 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

18:23:57.0343 8008 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

18:23:57.0344 8008 ================ Scan VBR ==================================

18:23:57.0351 8008 [ D8164AB61919E664836E4ADA667D4531 ] \Device\Harddisk0\DR0\Partition1

18:23:57.0353 8008 \Device\Harddisk0\DR0\Partition1 - ok

18:23:57.0364 8008 [ D4EA36D621DA6185760C985B9EB3FD34 ] \Device\Harddisk0\DR0\Partition2

18:23:57.0365 8008 \Device\Harddisk0\DR0\Partition2 - ok

18:23:57.0366 8008 ============================================================

18:23:57.0366 8008 Scan finished

18:23:57.0366 8008 ============================================================

18:23:57.0378 7584 Detected object count: 2

18:23:57.0378 7584 Actual detected object count: 2

18:24:06.0933 7584 Akamai ( HiddenFile.Multi.Generic ) - skipped by user

18:24:06.0933 7584 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

18:24:07.0669 7584 \Device\Harddisk0\DR0\# - copied to quarantine

18:24:07.0674 7584 \Device\Harddisk0\DR0 - copied to quarantine

18:24:07.0739 7584 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

18:24:08.0048 7584 \Device\Harddisk0\DR0\TDLFS\cmd32.dll - copied to quarantine

18:24:08.0089 7584 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

18:24:08.0130 7584 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

18:24:09.0410 7584 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

18:24:09.0660 7584 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

18:24:09.0670 7584 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

18:24:09.0676 7584 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

18:24:09.0798 7584 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

18:24:09.0833 7584 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

18:24:09.0861 7584 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

18:24:09.0866 7584 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

18:24:09.0871 7584 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

18:24:09.0922 7584 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

18:24:09.0925 7584 \Device\Harddisk0\DR0 - ok

18:24:09.0953 7584 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

18:24:32.0589 3084 Deinitialize success

Link to post
Share on other sites

and then after re-booting 18:29:19.0969 3476 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:29:21.0347 3476 ============================================================

18:29:21.0347 3476 Current date / time: 2013/06/07 18:29:21.0347

18:29:21.0347 3476 SystemInfo:

18:29:21.0347 3476

18:29:21.0347 3476 OS Version: 6.1.7601 ServicePack: 1.0

18:29:21.0347 3476 Product type: Workstation

18:29:21.0347 3476 ComputerName: BOB

18:29:21.0347 3476 UserName: Desk2

18:29:21.0347 3476 Windows directory: C:\Windows

18:29:21.0347 3476 System windows directory: C:\Windows

18:29:21.0347 3476 Running under WOW64

18:29:21.0347 3476 Processor architecture: Intel x64

18:29:21.0347 3476 Number of processors: 2

18:29:21.0347 3476 Page size: 0x1000

18:29:21.0347 3476 Boot type: Normal boot

18:29:21.0347 3476 ============================================================

18:29:26.0941 3476 BG loaded

18:29:27.0702 3476 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

18:29:27.0716 3476 ============================================================

18:29:27.0716 3476 \Device\Harddisk0\DR0:

18:29:27.0718 3476 MBR partitions:

18:29:27.0719 3476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1391000

18:29:27.0719 3476 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13A5000, BlocksNum 0x38FE0800

18:29:27.0719 3476 ============================================================

18:29:27.0798 3476 C: <-> \Device\Harddisk0\DR0\Partition2

18:29:27.0798 3476 ============================================================

18:29:27.0798 3476 Initialize success

18:29:27.0798 3476 ============================================================

Link to post
Share on other sites

no, not at all. The last log seems to be incomplete, please post up the whole content of the file.

If you are sure that this is all of the content, run another scan and post the log.

The rootkit we have to deal with may have hidden other malware, so stay with me and get your machine fixed complete. :)

Link to post
Share on other sites

I ran another scan: 20:17:46.0426 5424 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

20:17:46.0806 5424 ============================================================

20:17:46.0806 5424 Current date / time: 2013/06/07 20:17:46.0806

20:17:46.0806 5424 SystemInfo:

20:17:46.0806 5424

20:17:46.0806 5424 OS Version: 6.1.7601 ServicePack: 1.0

20:17:46.0806 5424 Product type: Workstation

20:17:46.0806 5424 ComputerName: BOB

20:17:46.0806 5424 UserName: Desk2

20:17:46.0806 5424 Windows directory: C:\Windows

20:17:46.0806 5424 System windows directory: C:\Windows

20:17:46.0806 5424 Running under WOW64

20:17:46.0806 5424 Processor architecture: Intel x64

20:17:46.0806 5424 Number of processors: 2

20:17:46.0806 5424 Page size: 0x1000

20:17:46.0806 5424 Boot type: Normal boot

20:17:46.0806 5424 ============================================================

20:17:49.0271 5424 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:17:49.0276 5424 ============================================================

20:17:49.0276 5424 \Device\Harddisk0\DR0:

20:17:49.0292 5424 MBR partitions:

20:17:49.0292 5424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1391000

20:17:49.0292 5424 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13A5000, BlocksNum 0x38FE0800

20:17:49.0292 5424 ============================================================

20:17:49.0336 5424 C: <-> \Device\Harddisk0\DR0\Partition2

20:17:49.0336 5424 ============================================================

20:17:49.0336 5424 Initialize success

20:17:49.0336 5424 ============================================================

20:17:52.0758 1376 ============================================================

20:17:52.0758 1376 Scan started

20:17:52.0758 1376 Mode: Manual;

20:17:52.0758 1376 ============================================================

20:17:54.0786 1376 ================ Scan system memory ========================

20:17:54.0786 1376 System memory - ok

20:17:54.0787 1376 ================ Scan services =============================

20:17:55.0698 1376 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

20:17:55.0700 1376 !SASCORE - ok

20:17:55.0953 1376 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

20:17:55.0987 1376 1394ohci - ok

20:17:56.0046 1376 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

20:17:56.0056 1376 ACPI - ok

20:17:56.0117 1376 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

20:17:56.0128 1376 AcpiPmi - ok

20:17:56.0371 1376 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:17:56.0387 1376 AdobeARMservice - ok

20:17:56.0859 1376 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

20:17:56.0861 1376 AdobeFlashPlayerUpdateSvc - ok

20:17:56.0898 1376 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

20:17:56.0903 1376 adp94xx - ok

20:17:56.0929 1376 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

20:17:56.0933 1376 adpahci - ok

20:17:56.0956 1376 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

20:17:56.0971 1376 adpu320 - ok

20:17:57.0019 1376 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

20:17:57.0023 1376 AeLookupSvc - ok

20:17:57.0062 1376 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

20:17:57.0064 1376 AERTFilters - ok

20:17:57.0115 1376 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

20:17:57.0129 1376 AFD - ok

20:17:57.0160 1376 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

20:17:57.0163 1376 agp440 - ok

20:17:57.0313 1376 [ C7074BD8D4B8F564859ED373433030AE ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll

20:17:57.0313 1376 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE

20:17:57.0323 1376 Akamai ( HiddenFile.Multi.Generic ) - warning

20:17:57.0323 1376 Akamai - detected HiddenFile.Multi.Generic (1)

20:17:57.0347 1376 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

20:17:57.0349 1376 ALG - ok

20:17:57.0396 1376 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

20:17:57.0397 1376 aliide - ok

20:17:57.0402 1376 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

20:17:57.0404 1376 amdide - ok

20:17:57.0432 1376 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

20:17:57.0434 1376 AmdK8 - ok

20:17:57.0448 1376 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

20:17:57.0450 1376 AmdPPM - ok

20:17:57.0493 1376 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

20:17:57.0499 1376 amdsata - ok

20:17:57.0863 1376 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

20:17:57.0952 1376 amdsbs - ok

20:17:57.0988 1376 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

20:17:57.0989 1376 amdxata - ok

20:17:58.0038 1376 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

20:17:58.0039 1376 AppID - ok

20:17:58.0062 1376 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

20:17:58.0063 1376 AppIDSvc - ok

20:17:58.0107 1376 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll

20:17:58.0109 1376 Appinfo - ok

20:17:58.0133 1376 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

20:17:58.0136 1376 AppMgmt - ok

20:17:58.0161 1376 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

20:17:58.0168 1376 arc - ok

20:17:58.0198 1376 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

20:17:58.0213 1376 arcsas - ok

20:17:58.0578 1376 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

20:17:58.0648 1376 aspnet_state - ok

20:17:58.0683 1376 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

20:17:58.0695 1376 AsyncMac - ok

20:17:58.0747 1376 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

20:17:58.0748 1376 atapi - ok

20:17:58.0953 1376 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:17:58.0985 1376 AudioEndpointBuilder - ok

20:17:59.0034 1376 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

20:17:59.0037 1376 AudioSrv - ok

20:17:59.0116 1376 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

20:17:59.0130 1376 AxInstSV - ok

20:17:59.0203 1376 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

20:17:59.0221 1376 b06bdrv - ok

20:17:59.0295 1376 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

20:17:59.0299 1376 b57nd60a - ok

20:17:59.0370 1376 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

20:17:59.0386 1376 BDESVC - ok

20:17:59.0437 1376 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

20:17:59.0471 1376 Beep - ok

20:17:59.0571 1376 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

20:17:59.0589 1376 BFE - ok

20:17:59.0615 1376 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

20:17:59.0625 1376 BITS - ok

20:17:59.0644 1376 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

20:17:59.0648 1376 blbdrive - ok

20:17:59.0690 1376 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

20:17:59.0692 1376 bowser - ok

20:17:59.0740 1376 [ 1AD28A8A753E4BD8FDB4F5F857ACE561 ] BPowMon C:\Program Files\Broadcom\BPowMon\BPowMon.exe

20:17:59.0742 1376 BPowMon - ok

20:17:59.0751 1376 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

20:17:59.0752 1376 BrFiltLo - ok

20:17:59.0766 1376 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

20:17:59.0768 1376 BrFiltUp - ok

20:17:59.0805 1376 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

20:17:59.0807 1376 Browser - ok

20:17:59.0822 1376 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

20:17:59.0826 1376 Brserid - ok

20:17:59.0848 1376 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

20:17:59.0849 1376 BrSerWdm - ok

20:17:59.0860 1376 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

20:17:59.0861 1376 BrUsbMdm - ok

20:17:59.0875 1376 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

20:17:59.0876 1376 BrUsbSer - ok

20:18:00.0220 1376 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe

20:18:00.0266 1376 BrYNSvc - ok

20:18:00.0309 1376 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

20:18:00.0311 1376 BTHMODEM - ok

20:18:00.0338 1376 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

20:18:00.0352 1376 bthserv - ok

20:18:00.0386 1376 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

20:18:00.0396 1376 cdfs - ok

20:18:00.0487 1376 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

20:18:00.0489 1376 cdrom - ok

20:18:00.0535 1376 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

20:18:00.0546 1376 CertPropSvc - ok

20:18:00.0578 1376 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

20:18:00.0579 1376 circlass - ok

20:18:00.0609 1376 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

20:18:00.0618 1376 CLFS - ok

20:18:00.0711 1376 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:18:00.0724 1376 clr_optimization_v2.0.50727_32 - ok

20:18:00.0797 1376 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

20:18:00.0807 1376 clr_optimization_v2.0.50727_64 - ok

20:18:00.0884 1376 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:18:00.0950 1376 clr_optimization_v4.0.30319_32 - ok

20:18:00.0971 1376 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

20:18:00.0999 1376 clr_optimization_v4.0.30319_64 - ok

20:18:01.0036 1376 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

20:18:01.0037 1376 CmBatt - ok

20:18:01.0081 1376 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

20:18:01.0088 1376 cmdide - ok

20:18:01.0125 1376 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

20:18:01.0137 1376 CNG - ok

20:18:01.0149 1376 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

20:18:01.0155 1376 Compbatt - ok

20:18:01.0207 1376 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

20:18:01.0217 1376 CompositeBus - ok

20:18:01.0230 1376 COMSysApp - ok

20:18:01.0247 1376 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

20:18:01.0252 1376 crcdisk - ok

20:18:01.0319 1376 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

20:18:01.0332 1376 CryptSvc - ok

20:18:01.0393 1376 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

20:18:01.0402 1376 CSC - ok

20:18:01.0449 1376 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

20:18:01.0461 1376 CscService - ok

20:18:01.0536 1376 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

20:18:01.0555 1376 DcomLaunch - ok

20:18:01.0607 1376 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

20:18:01.0611 1376 defragsvc - ok

20:18:01.0659 1376 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

20:18:01.0677 1376 DfsC - ok

20:18:01.0751 1376 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

20:18:01.0760 1376 Dhcp - ok

20:18:01.0783 1376 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

20:18:01.0790 1376 discache - ok

20:18:01.0841 1376 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

20:18:01.0851 1376 Disk - ok

20:18:01.0900 1376 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

20:18:01.0904 1376 Dnscache - ok

20:18:01.0982 1376 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

20:18:01.0990 1376 dot3svc - ok

20:18:02.0048 1376 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

20:18:02.0062 1376 DPS - ok

20:18:02.0101 1376 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

20:18:02.0104 1376 drmkaud - ok

20:18:02.0185 1376 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

20:18:02.0195 1376 DXGKrnl - ok

20:18:02.0511 1376 EagleX64 - ok

20:18:02.0529 1376 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

20:18:02.0531 1376 EapHost - ok

20:18:02.0739 1376 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

20:18:02.0789 1376 ebdrv - ok

20:18:02.0813 1376 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

20:18:02.0816 1376 EFS - ok

20:18:02.0923 1376 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

20:18:02.0937 1376 ehRecvr - ok

20:18:02.0968 1376 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

20:18:02.0970 1376 ehSched - ok

20:18:03.0055 1376 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

20:18:03.0070 1376 elxstor - ok

20:18:03.0107 1376 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

20:18:03.0160 1376 ErrDev - ok

20:18:03.0206 1376 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

20:18:03.0219 1376 EventSystem - ok

20:18:03.0243 1376 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

20:18:03.0247 1376 exfat - ok

20:18:03.0304 1376 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

20:18:03.0307 1376 fastfat - ok

20:18:03.0428 1376 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

20:18:03.0439 1376 Fax - ok

20:18:03.0458 1376 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

20:18:03.0475 1376 fdc - ok

20:18:03.0537 1376 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

20:18:03.0547 1376 fdPHost - ok

20:18:03.0585 1376 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

20:18:03.0590 1376 FDResPub - ok

20:18:03.0651 1376 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

20:18:03.0665 1376 FileInfo - ok

20:18:03.0690 1376 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

20:18:03.0692 1376 Filetrace - ok

20:18:03.0708 1376 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

20:18:03.0709 1376 flpydisk - ok

20:18:03.0756 1376 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

20:18:03.0760 1376 FltMgr - ok

20:18:03.0811 1376 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

20:18:03.0830 1376 FontCache - ok

20:18:03.0893 1376 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:18:03.0939 1376 FontCache3.0.0.0 - ok

20:18:03.0988 1376 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

20:18:04.0000 1376 FsDepends - ok

20:18:04.0053 1376 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

20:18:04.0063 1376 Fs_Rec - ok

20:18:04.0142 1376 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

20:18:04.0156 1376 fvevol - ok

20:18:04.0181 1376 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

20:18:04.0196 1376 gagp30kx - ok

20:18:04.0306 1376 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

20:18:04.0332 1376 gpsvc - ok

20:18:04.0794 1376 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:18:04.0797 1376 gupdate - ok

20:18:04.0819 1376 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:18:04.0820 1376 gupdatem - ok

20:18:04.0890 1376 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

20:18:04.0895 1376 gusvc - ok

20:18:04.0915 1376 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

20:18:04.0916 1376 hcw85cir - ok

20:18:04.0960 1376 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

20:18:04.0963 1376 HDAudBus - ok

20:18:04.0968 1376 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

20:18:04.0970 1376 HidBatt - ok

20:18:04.0983 1376 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

20:18:04.0985 1376 HidBth - ok

20:18:04.0999 1376 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

20:18:05.0000 1376 HidIr - ok

20:18:05.0018 1376 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

20:18:05.0020 1376 hidserv - ok

20:18:05.0041 1376 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

20:18:05.0044 1376 HidUsb - ok

20:18:05.0085 1376 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

20:18:05.0106 1376 hkmsvc - ok

20:18:05.0144 1376 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:18:05.0153 1376 HomeGroupListener - ok

20:18:05.0203 1376 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:18:05.0207 1376 HomeGroupProvider - ok

20:18:05.0225 1376 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

20:18:05.0228 1376 HpSAMD - ok

20:18:05.0312 1376 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

20:18:05.0322 1376 HTTP - ok

20:18:05.0333 1376 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

20:18:05.0347 1376 hwpolicy - ok

20:18:05.0396 1376 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

20:18:05.0399 1376 i8042prt - ok

20:18:05.0453 1376 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

20:18:05.0471 1376 iaStorV - ok

20:18:05.0569 1376 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

20:18:05.0571 1376 IDriverT - ok

20:18:05.0645 1376 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

20:18:05.0654 1376 idsvc - ok

20:18:05.0681 1376 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

20:18:05.0683 1376 iirsp - ok

20:18:05.0734 1376 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

20:18:05.0743 1376 IKEEXT - ok

20:18:05.0800 1376 [ 5BA1779E2C84FDE2A5E201FFF9C42C9C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

20:18:05.0838 1376 IntcAzAudAddService - ok

20:18:05.0853 1376 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

20:18:05.0854 1376 intelide - ok

20:18:05.0873 1376 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

20:18:05.0875 1376 intelppm - ok

20:18:05.0909 1376 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

20:18:05.0911 1376 IPBusEnum - ok

20:18:05.0944 1376 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:18:05.0946 1376 IpFilterDriver - ok

20:18:05.0988 1376 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

20:18:06.0006 1376 iphlpsvc - ok

20:18:06.0053 1376 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

20:18:06.0132 1376 IPMIDRV - ok

20:18:06.0150 1376 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

20:18:06.0154 1376 IPNAT - ok

20:18:06.0175 1376 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

20:18:06.0177 1376 IRENUM - ok

20:18:06.0196 1376 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

20:18:06.0203 1376 isapnp - ok

20:18:06.0296 1376 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

20:18:06.0300 1376 iScsiPrt - ok

20:18:06.0330 1376 [ D85F3F18E44F7447B5F1BA5C85BAEB7C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys

20:18:06.0335 1376 k57nd60a - ok

20:18:06.0352 1376 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

20:18:06.0354 1376 kbdclass - ok

20:18:06.0399 1376 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

20:18:06.0400 1376 kbdhid - ok

20:18:06.0412 1376 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

20:18:06.0413 1376 KeyIso - ok

20:18:06.0451 1376 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

20:18:06.0453 1376 KSecDD - ok

20:18:06.0492 1376 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

20:18:06.0495 1376 KSecPkg - ok

20:18:06.0513 1376 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

20:18:06.0515 1376 ksthunk - ok

20:18:06.0542 1376 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

20:18:06.0548 1376 KtmRm - ok

20:18:06.0598 1376 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

20:18:06.0602 1376 LanmanServer - ok

20:18:06.0649 1376 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:18:06.0652 1376 LanmanWorkstation - ok

20:18:06.0679 1376 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

20:18:06.0681 1376 lltdio - ok

20:18:06.0703 1376 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

20:18:06.0709 1376 lltdsvc - ok

20:18:06.0723 1376 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

20:18:06.0725 1376 lmhosts - ok

20:18:06.0885 1376 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

20:18:06.0921 1376 LSI_FC - ok

20:18:06.0996 1376 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

20:18:06.0999 1376 LSI_SAS - ok

20:18:07.0018 1376 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

20:18:07.0020 1376 LSI_SAS2 - ok

20:18:07.0035 1376 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

20:18:07.0037 1376 LSI_SCSI - ok

20:18:07.0057 1376 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

20:18:07.0059 1376 luafv - ok

20:18:07.0099 1376 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

20:18:07.0101 1376 MBAMProtector - ok

20:18:07.0184 1376 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

20:18:07.0188 1376 MBAMScheduler - ok

20:18:07.0210 1376 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

20:18:07.0218 1376 MBAMService - ok

20:18:07.0257 1376 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

20:18:07.0261 1376 Mcx2Svc - ok

20:18:07.0281 1376 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

20:18:07.0283 1376 megasas - ok

20:18:07.0308 1376 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

20:18:07.0312 1376 MegaSR - ok

20:18:07.0383 1376 [ 671A03CA9CD0259CCBB7B78A9CE234EC ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe

20:18:07.0385 1376 MemeoBackgroundService - ok

20:18:07.0479 1376 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

20:18:07.0487 1376 Microsoft Office Groove Audit Service - ok

20:18:07.0572 1376 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

20:18:07.0575 1376 MMCSS - ok

20:18:07.0593 1376 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

20:18:07.0594 1376 Modem - ok

20:18:07.0643 1376 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

20:18:07.0645 1376 monitor - ok

20:18:07.0673 1376 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys

20:18:07.0675 1376 mouclass - ok

20:18:07.0689 1376 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

20:18:07.0691 1376 mouhid - ok

20:18:07.0733 1376 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

20:18:07.0734 1376 mountmgr - ok

20:18:07.0800 1376 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

20:18:07.0802 1376 MpFilter - ok

20:18:07.0821 1376 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

20:18:07.0826 1376 mpio - ok

20:18:07.0837 1376 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

20:18:07.0840 1376 mpsdrv - ok

20:18:07.0891 1376 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

20:18:07.0900 1376 MpsSvc - ok

20:18:07.0933 1376 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

20:18:07.0935 1376 MRxDAV - ok

20:18:07.0971 1376 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

20:18:07.0973 1376 mrxsmb - ok

20:18:08.0041 1376 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:18:08.0066 1376 mrxsmb10 - ok

20:18:08.0083 1376 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:18:08.0086 1376 mrxsmb20 - ok

20:18:08.0126 1376 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

20:18:08.0128 1376 msahci - ok

20:18:08.0146 1376 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

20:18:08.0148 1376 msdsm - ok

20:18:08.0164 1376 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

20:18:08.0192 1376 MSDTC - ok

20:18:08.0232 1376 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

20:18:08.0233 1376 Msfs - ok

20:18:08.0254 1376 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

20:18:08.0255 1376 mshidkmdf - ok

20:18:08.0265 1376 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

20:18:08.0266 1376 msisadrv - ok

20:18:08.0283 1376 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

20:18:08.0287 1376 MSiSCSI - ok

20:18:08.0292 1376 msiserver - ok

20:18:08.0312 1376 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

20:18:08.0313 1376 MSKSSRV - ok

20:18:08.0386 1376 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

20:18:08.0386 1376 MsMpSvc - ok

20:18:08.0402 1376 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

20:18:08.0404 1376 MSPCLOCK - ok

20:18:08.0414 1376 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

20:18:08.0415 1376 MSPQM - ok

20:18:08.0451 1376 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

20:18:08.0455 1376 MsRPC - ok

20:18:08.0490 1376 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

20:18:08.0492 1376 mssmbios - ok

20:18:08.0506 1376 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

20:18:08.0507 1376 MSTEE - ok

20:18:08.0520 1376 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

20:18:08.0521 1376 MTConfig - ok

20:18:08.0538 1376 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

20:18:08.0540 1376 Mup - ok

20:18:08.0578 1376 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

20:18:08.0584 1376 napagent - ok

20:18:08.0611 1376 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

20:18:08.0615 1376 NativeWifiP - ok

20:18:08.0673 1376 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

20:18:08.0682 1376 NDIS - ok

20:18:08.0700 1376 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

20:18:08.0703 1376 NdisCap - ok

20:18:08.0714 1376 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

20:18:08.0716 1376 NdisTapi - ok

20:18:08.0748 1376 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

20:18:08.0750 1376 Ndisuio - ok

20:18:08.0787 1376 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

20:18:08.0789 1376 NdisWan - ok

20:18:08.0823 1376 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

20:18:08.0825 1376 NDProxy - ok

20:18:08.0837 1376 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

20:18:08.0839 1376 NetBIOS - ok

20:18:08.0878 1376 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

20:18:08.0882 1376 NetBT - ok

20:18:08.0892 1376 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

20:18:08.0893 1376 Netlogon - ok

20:18:08.0923 1376 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

20:18:08.0928 1376 Netman - ok

20:18:08.0968 1376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:18:09.0580 1376 NetMsmqActivator - ok

20:18:09.0600 1376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:18:09.0602 1376 NetPipeActivator - ok

20:18:09.0645 1376 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

20:18:09.0651 1376 netprofm - ok

20:18:09.0656 1376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:18:09.0657 1376 NetTcpActivator - ok

20:18:09.0668 1376 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:18:09.0669 1376 NetTcpPortSharing - ok

20:18:09.0703 1376 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

20:18:09.0705 1376 nfrd960 - ok

20:18:09.0814 1376 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

20:18:09.0838 1376 NisDrv - ok

20:18:09.0900 1376 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

20:18:09.0917 1376 NisSrv - ok

20:18:09.0941 1376 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

20:18:09.0946 1376 NlaSvc - ok

20:18:09.0992 1376 Norton PC Checkup Application Launcher - ok

20:18:10.0013 1376 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

20:18:10.0015 1376 Npfs - ok

20:18:10.0028 1376 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

20:18:10.0030 1376 nsi - ok

20:18:10.0044 1376 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

20:18:10.0045 1376 nsiproxy - ok

20:18:10.0112 1376 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

20:18:10.0141 1376 Ntfs - ok

20:18:10.0182 1376 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

20:18:10.0183 1376 Null - ok

20:18:10.0224 1376 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

20:18:10.0227 1376 NVHDA - ok

20:18:10.0433 1376 [ 7683232B8C31B2414999F7FCA283DF8D ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

20:18:10.0599 1376 nvlddmkm - ok

20:18:10.0640 1376 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

20:18:10.0643 1376 nvraid - ok

20:18:10.0688 1376 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

20:18:10.0690 1376 nvstor - ok

20:18:10.0738 1376 [ AA58BF453223C8C8D0E82A7FCD03AE85 ] nvsvc C:\Windows\system32\nvvsvc.exe

20:18:10.0743 1376 nvsvc - ok

20:18:10.0935 1376 [ CD0BFAA6872CFE38C908D313AE17C350 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

20:18:10.0947 1376 nvUpdatusService - ok

20:18:10.0990 1376 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

20:18:10.0993 1376 nv_agp - ok

20:18:11.0078 1376 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

20:18:11.0084 1376 odserv - ok

20:18:11.0101 1376 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

20:18:11.0102 1376 ohci1394 - ok

20:18:11.0156 1376 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:18:11.0159 1376 ose - ok

20:18:11.0196 1376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

20:18:11.0201 1376 p2pimsvc - ok

20:18:11.0225 1376 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

20:18:11.0231 1376 p2psvc - ok

20:18:11.0256 1376 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

20:18:11.0258 1376 Parport - ok

20:18:11.0291 1376 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

20:18:11.0295 1376 partmgr - ok

20:18:11.0306 1376 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

20:18:11.0325 1376 PcaSvc - ok

20:18:11.0421 1376 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe

20:18:11.0423 1376 PCCUJobMgr - ok

20:18:11.0457 1376 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

20:18:11.0460 1376 pci - ok

20:18:11.0651 1376 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

20:18:11.0736 1376 pciide - ok

20:18:11.0836 1376 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

20:18:11.0846 1376 pcmcia - ok

20:18:11.0863 1376 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

20:18:11.0865 1376 pcw - ok

20:18:11.0937 1376 [ C1C3BAF078BE5A14384A4BA2D730817D ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

20:18:11.0941 1376 PDFProFiltSrvPP - ok

20:18:11.0962 1376 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

20:18:11.0969 1376 PEAUTH - ok

20:18:12.0009 1376 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

20:18:12.0034 1376 PeerDistSvc - ok

20:18:12.0090 1376 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

20:18:12.0091 1376 PerfHost - ok

20:18:12.0340 1376 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

20:18:12.0381 1376 pla - ok

20:18:12.0500 1376 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

20:18:12.0517 1376 PlugPlay - ok

20:18:12.0570 1376 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

20:18:12.0578 1376 PNRPAutoReg - ok

20:18:12.0652 1376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

20:18:12.0655 1376 PNRPsvc - ok

20:18:12.0799 1376 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

20:18:12.0819 1376 PolicyAgent - ok

20:18:12.0891 1376 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

20:18:12.0916 1376 Power - ok

20:18:13.0019 1376 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

20:18:13.0037 1376 PptpMiniport - ok

20:18:13.0093 1376 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

20:18:13.0114 1376 Processor - ok

20:18:13.0192 1376 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

20:18:13.0200 1376 ProfSvc - ok

20:18:13.0212 1376 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

20:18:13.0215 1376 ProtectedStorage - ok

20:18:13.0302 1376 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

20:18:13.0305 1376 Psched - ok

20:18:13.0353 1376 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

20:18:13.0371 1376 PxHlpa64 - ok

20:18:13.0589 1376 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

20:18:13.0614 1376 ql2300 - ok

20:18:13.0648 1376 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

20:18:13.0677 1376 ql40xx - ok

20:18:13.0760 1376 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

20:18:14.0022 1376 QWAVE - ok

20:18:14.0211 1376 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

20:18:14.0283 1376 QWAVEdrv - ok

20:18:14.0326 1376 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

20:18:14.0343 1376 RasAcd - ok

20:18:14.0510 1376 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

20:18:14.0537 1376 RasAgileVpn - ok

20:18:14.0613 1376 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

20:18:14.0649 1376 RasAuto - ok

20:18:14.0790 1376 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

20:18:14.0817 1376 Rasl2tp - ok

20:18:14.0924 1376 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

20:18:14.0974 1376 RasMan - ok

20:18:15.0100 1376 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

20:18:15.0125 1376 RasPppoe - ok

20:18:15.0154 1376 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

20:18:15.0175 1376 RasSstp - ok

20:18:15.0246 1376 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

20:18:15.0257 1376 rdbss - ok

20:18:15.0269 1376 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

20:18:15.0278 1376 rdpbus - ok

20:18:15.0289 1376 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

20:18:15.0329 1376 RDPCDD - ok

20:18:15.0466 1376 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

20:18:15.0483 1376 RDPDR - ok

20:18:15.0513 1376 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

20:18:15.0531 1376 RDPENCDD - ok

20:18:15.0562 1376 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

20:18:15.0599 1376 RDPREFMP - ok

20:18:15.0717 1376 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

20:18:15.0733 1376 RDPWD - ok

20:18:15.0819 1376 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

20:18:15.0828 1376 rdyboost - ok

20:18:15.0956 1376 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

20:18:15.0958 1376 RealNetworks Downloader Resolver Service - ok

20:18:15.0994 1376 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

20:18:16.0019 1376 RemoteAccess - ok

20:18:16.0073 1376 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

20:18:16.0079 1376 RemoteRegistry - ok

20:18:16.0097 1376 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

20:18:16.0100 1376 RpcEptMapper - ok

20:18:16.0120 1376 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

20:18:16.0122 1376 RpcLocator - ok

20:18:16.0397 1376 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

20:18:16.0401 1376 RpcSs - ok

20:18:16.0573 1376 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

20:18:16.0581 1376 rspndr - ok

20:18:16.0651 1376 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

20:18:16.0663 1376 s3cap - ok

20:18:16.0692 1376 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

20:18:16.0705 1376 SamSs - ok

20:18:16.0765 1376 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

20:18:16.0767 1376 SASDIFSV - ok

20:18:16.0782 1376 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

20:18:16.0784 1376 SASKUTIL - ok

20:18:16.0827 1376 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

20:18:16.0829 1376 sbp2port - ok

20:18:16.0854 1376 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

20:18:16.0858 1376 SCardSvr - ok

20:18:16.0889 1376 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

20:18:16.0891 1376 scfilter - ok

20:18:16.0960 1376 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

20:18:16.0979 1376 Schedule - ok

20:18:17.0010 1376 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

20:18:17.0010 1376 SCPolicySvc - ok

20:18:17.0081 1376 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

20:18:17.0086 1376 SDRSVC - ok

20:18:17.0137 1376 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

20:18:17.0145 1376 SeagateDashboardService - ok

20:18:17.0251 1376 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

20:18:17.0375 1376 SeaPort - ok

20:18:17.0402 1376 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

20:18:17.0403 1376 secdrv - ok

20:18:17.0419 1376 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

20:18:17.0421 1376 seclogon - ok

20:18:17.0451 1376 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

20:18:17.0453 1376 SENS - ok

20:18:17.0465 1376 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

20:18:17.0468 1376 SensrSvc - ok

20:18:17.0477 1376 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

20:18:17.0478 1376 Serenum - ok

20:18:17.0499 1376 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

20:18:17.0501 1376 Serial - ok

20:18:17.0543 1376 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

20:18:17.0559 1376 sermouse - ok

20:18:17.0592 1376 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

20:18:17.0611 1376 SessionEnv - ok

20:18:17.0629 1376 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

20:18:17.0636 1376 sffdisk - ok

20:18:17.0647 1376 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

20:18:17.0648 1376 sffp_mmc - ok

20:18:17.0654 1376 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

20:18:17.0656 1376 sffp_sd - ok

20:18:17.0677 1376 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

20:18:17.0678 1376 sfloppy - ok

20:18:17.0706 1376 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

20:18:17.0711 1376 SharedAccess - ok

20:18:17.0750 1376 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:18:17.0755 1376 ShellHWDetection - ok

20:18:17.0766 1376 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

20:18:17.0768 1376 SiSRaid2 - ok

20:18:17.0776 1376 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

20:18:17.0778 1376 SiSRaid4 - ok

20:18:18.0121 1376 [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

20:18:18.0165 1376 Skype C2C Service - ok

20:18:18.0239 1376 [ CA355B308AA537C6B9D67CD3A5485AF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

20:18:18.0241 1376 SkypeUpdate - ok

20:18:18.0266 1376 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

20:18:18.0267 1376 Smb - ok

20:18:18.0319 1376 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

20:18:18.0321 1376 SNMPTRAP - ok

20:18:18.0342 1376 [ 8B13C1CD69009AD94678CD5400373B38 ] sosnf64 C:\Windows\system32\drivers\sosnf64.sys

20:18:18.0357 1376 sosnf64 - ok

20:18:18.0377 1376 SOSNFFSV - ok

20:18:18.0380 1376 SOSNFLSV - ok

20:18:18.0395 1376 sosnfusv - ok

20:18:18.0407 1376 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

20:18:18.0409 1376 spldr - ok

20:18:18.0601 1376 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

20:18:18.0683 1376 Spooler - ok

20:18:18.0859 1376 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

20:18:18.0928 1376 sppsvc - ok

20:18:18.0975 1376 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

20:18:18.0986 1376 sppuinotify - ok

20:18:19.0023 1376 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

20:18:19.0029 1376 srv - ok

20:18:19.0046 1376 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

20:18:19.0051 1376 srv2 - ok

20:18:19.0066 1376 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

20:18:19.0069 1376 srvnet - ok

20:18:19.0083 1376 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

20:18:19.0086 1376 SSDPSRV - ok

20:18:19.0095 1376 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

20:18:19.0098 1376 SstpSvc - ok

20:18:19.0131 1376 Steam Client Service - ok

20:18:19.0239 1376 [ 8544A200C40447E465F06E58687428BB ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

20:18:19.0244 1376 Stereo Service - ok

20:18:19.0259 1376 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

20:18:19.0261 1376 stexstor - ok

20:18:19.0310 1376 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

20:18:19.0316 1376 StillCam - ok

20:18:19.0367 1376 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

20:18:19.0374 1376 stisvc - ok

20:18:19.0404 1376 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

20:18:19.0449 1376 stllssvr - ok

20:18:19.0503 1376 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

20:18:19.0504 1376 storflt - ok

20:18:19.0528 1376 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll

20:18:19.0530 1376 StorSvc - ok

20:18:19.0543 1376 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

20:18:19.0545 1376 storvsc - ok

20:18:19.0554 1376 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

20:18:19.0555 1376 swenum - ok

20:18:19.0584 1376 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

20:18:19.0590 1376 swprv - ok

20:18:19.0700 1376 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

20:18:19.0733 1376 SysMain - ok

20:18:19.0767 1376 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

20:18:19.0771 1376 TabletInputService - ok

20:18:19.0785 1376 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

20:18:19.0790 1376 TapiSrv - ok

20:18:19.0801 1376 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

20:18:19.0804 1376 TBS - ok

20:18:19.0927 1376 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

20:18:19.0960 1376 Tcpip - ok

20:18:20.0017 1376 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

20:18:20.0026 1376 TCPIP6 - ok

20:18:20.0066 1376 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

20:18:20.0068 1376 tcpipreg - ok

20:18:20.0096 1376 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

20:18:20.0098 1376 TDPIPE - ok

20:18:20.0132 1376 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

20:18:20.0134 1376 TDTCP - ok

20:18:20.0176 1376 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

20:18:20.0191 1376 tdx - ok

20:18:20.0217 1376 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

20:18:20.0219 1376 TermDD - ok

20:18:20.0281 1376 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

20:18:20.0299 1376 TermService - ok

20:18:20.0318 1376 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

20:18:20.0321 1376 Themes - ok

20:18:20.0342 1376 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

20:18:20.0344 1376 THREADORDER - ok

20:18:20.0361 1376 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

20:18:20.0364 1376 TrkWks - ok

20:18:20.0418 1376 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:18:20.0419 1376 TrustedInstaller - ok

20:18:20.0460 1376 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

20:18:20.0486 1376 tssecsrv - ok

20:18:20.0539 1376 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

20:18:20.0540 1376 TsUsbFlt - ok

20:18:20.0591 1376 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

20:18:20.0593 1376 tunnel - ok

20:18:20.0607 1376 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

20:18:20.0608 1376 uagp35 - ok

20:18:20.0654 1376 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

20:18:20.0658 1376 udfs - ok

20:18:20.0688 1376 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

20:18:20.0838 1376 UI0Detect - ok

20:18:20.0952 1376 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

20:18:21.0020 1376 uliagpkx - ok

20:18:21.0030 1376 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

20:18:21.0031 1376 umbus - ok

20:18:21.0047 1376 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

20:18:21.0049 1376 UmPass - ok

20:18:21.0084 1376 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

20:18:21.0088 1376 UmRdpService - ok

20:18:21.0103 1376 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

20:18:21.0109 1376 upnphost - ok

20:18:21.0133 1376 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys

20:18:21.0135 1376 usbccgp - ok

20:18:21.0169 1376 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

20:18:21.0183 1376 usbcir - ok

20:18:21.0202 1376 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

20:18:21.0209 1376 usbehci - ok

20:18:21.0242 1376 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

20:18:21.0248 1376 usbhub - ok

20:18:21.0259 1376 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

20:18:21.0264 1376 usbohci - ok

20:18:21.0281 1376 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

20:18:21.0283 1376 usbprint - ok

20:18:21.0325 1376 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:18:21.0330 1376 USBSTOR - ok

20:18:21.0342 1376 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

20:18:21.0344 1376 usbuhci - ok

20:18:21.0370 1376 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

20:18:21.0373 1376 UxSms - ok

20:18:21.0387 1376 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

20:18:21.0388 1376 VaultSvc - ok

20:18:21.0426 1376 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

20:18:21.0427 1376 vdrvroot - ok

20:18:21.0466 1376 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

20:18:21.0472 1376 vds - ok

20:18:21.0477 1376 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

20:18:21.0479 1376 vga - ok

20:18:21.0490 1376 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

20:18:21.0492 1376 VgaSave - ok

20:18:21.0504 1376 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

20:18:21.0507 1376 vhdmp - ok

20:18:21.0516 1376 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

20:18:21.0518 1376 viaide - ok

20:18:21.0535 1376 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

20:18:21.0538 1376 vmbus - ok

20:18:21.0551 1376 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

20:18:21.0552 1376 VMBusHID - ok

20:18:21.0566 1376 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

20:18:21.0568 1376 volmgr - ok

20:18:21.0633 1376 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

20:18:21.0637 1376 volmgrx - ok

20:18:21.0654 1376 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

20:18:21.0657 1376 volsnap - ok

20:18:21.0679 1376 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys

20:18:21.0682 1376 vpcbus - ok

20:18:21.0715 1376 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys

20:18:21.0716 1376 vpcnfltr - ok

20:18:21.0732 1376 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys

20:18:21.0733 1376 vpcusb - ok

20:18:21.0773 1376 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys

20:18:21.0777 1376 vpcvmm - ok

20:18:21.0802 1376 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

20:18:21.0804 1376 vsmraid - ok

20:18:21.0858 1376 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

20:18:21.0893 1376 VSS - ok

20:18:21.0910 1376 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

20:18:21.0912 1376 vwifibus - ok

20:18:21.0938 1376 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

20:18:21.0943 1376 W32Time - ok

20:18:21.0960 1376 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

20:18:21.0961 1376 WacomPen - ok

20:18:22.0003 1376 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

20:18:22.0005 1376 WANARP - ok

20:18:22.0009 1376 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

20:18:22.0010 1376 Wanarpv6 - ok

20:18:22.0079 1376 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

20:18:22.0092 1376 WatAdminSvc - ok

20:18:22.0135 1376 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

20:18:22.0151 1376 wbengine - ok

20:18:22.0176 1376 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

20:18:22.0180 1376 WbioSrvc - ok

20:18:22.0227 1376 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

20:18:22.0232 1376 wcncsvc - ok

20:18:22.0240 1376 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:18:22.0243 1376 WcsPlugInService - ok

20:18:22.0268 1376 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

20:18:22.0269 1376 Wd - ok

20:18:22.0295 1376 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

20:18:22.0304 1376 Wdf01000 - ok

20:18:22.0315 1376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

20:18:22.0318 1376 WdiServiceHost - ok

20:18:22.0322 1376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

20:18:22.0324 1376 WdiSystemHost - ok

20:18:22.0363 1376 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

20:18:22.0368 1376 WebClient - ok

20:18:22.0385 1376 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

20:18:22.0389 1376 Wecsvc - ok

20:18:22.0403 1376 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

20:18:22.0406 1376 wercplsupport - ok

20:18:22.0418 1376 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

20:18:22.0421 1376 WerSvc - ok

20:18:22.0439 1376 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

20:18:22.0441 1376 WfpLwf - ok

20:18:22.0454 1376 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

20:18:22.0456 1376 WIMMount - ok

20:18:22.0463 1376 WinDefend - ok

20:18:22.0478 1376 WinHttpAutoProxySvc - ok

20:18:22.0551 1376 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

20:18:22.0566 1376 Winmgmt - ok

20:18:22.0618 1376 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

20:18:22.0651 1376 WinRM - ok

20:18:22.0708 1376 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

20:18:22.0718 1376 Wlansvc - ok

20:18:22.0811 1376 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

20:18:22.0813 1376 wlcrasvc - ok

20:18:23.0217 1376 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

20:18:23.0229 1376 wlidsvc - ok

20:18:23.0284 1376 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

20:18:23.0290 1376 WmiAcpi - ok

20:18:23.0324 1376 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

20:18:23.0327 1376 wmiApSrv - ok

20:18:23.0344 1376 WMPNetworkSvc - ok

20:18:23.0365 1376 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

20:18:23.0367 1376 WPCSvc - ok

20:18:23.0400 1376 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

20:18:23.0404 1376 WPDBusEnum - ok

20:18:23.0425 1376 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

20:18:23.0427 1376 ws2ifsl - ok

20:18:23.0441 1376 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

20:18:23.0444 1376 wscsvc - ok

20:18:23.0486 1376 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

20:18:23.0504 1376 WSDPrintDevice - ok

20:18:23.0537 1376 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys

20:18:23.0539 1376 WSDScan - ok

20:18:23.0543 1376 WSearch - ok

20:18:23.0615 1376 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

20:18:23.0683 1376 wuauserv - ok

20:18:23.0725 1376 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

20:18:23.0750 1376 WudfPf - ok

20:18:23.0839 1376 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

20:18:23.0859 1376 WUDFRd - ok

20:18:23.0884 1376 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

20:18:23.0887 1376 wudfsvc - ok

20:18:23.0927 1376 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll

20:18:23.0939 1376 WwanSvc - ok

20:18:23.0953 1376 ================ Scan global ===============================

20:18:23.0981 1376 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

20:18:24.0025 1376 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

20:18:24.0033 1376 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

20:18:24.0054 1376 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

20:18:24.0066 1376 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

20:18:24.0070 1376 [Global] - ok

20:18:24.0071 1376 ================ Scan MBR ==================================

20:18:24.0085 1376 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0

20:18:24.0359 1376 \Device\Harddisk0\DR0 - ok

20:18:24.0360 1376 ================ Scan VBR ==================================

20:18:24.0400 1376 [ D8164AB61919E664836E4ADA667D4531 ] \Device\Harddisk0\DR0\Partition1

20:18:24.0402 1376 \Device\Harddisk0\DR0\Partition1 - ok

20:18:24.0423 1376 [ D4EA36D621DA6185760C985B9EB3FD34 ] \Device\Harddisk0\DR0\Partition2

20:18:24.0464 1376 \Device\Harddisk0\DR0\Partition2 - ok

20:18:24.0464 1376 ============================================================

20:18:24.0464 1376 Scan finished

20:18:24.0464 1376 ============================================================

20:18:24.0475 2972 Detected object count: 1

20:18:24.0476 2972 Actual detected object count: 1

20:18:26.0970 2972 Akamai ( HiddenFile.Multi.Generic ) - skipped by user

20:18:26.0970 2972 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

20:18:29.0569 4840 Deinitialize success

Link to post
Share on other sites

No, sorry. I had to deal with another problem, first.

Combofix

Combofix should only be run when adviced by a team member! Link

Important - Save the file to your desktop!

  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe

When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Link to post
Share on other sites

Safe mode did not seem to make a difference...once again I have been trying to run ComboFix for hours now in Safe Mode. It seems to start but then a second phase of the program starts and claims to be scanning sections. It scans up till section 48 and then just sits there...for hours. No log has yet been produced.

Link to post
Share on other sites

Scan with FRST

To run FRST on Vista and Windows7:

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt


  • In the command window:
  • type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.

It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Link to post
Share on other sites

OK - I did this procedure and it went well...For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive. Here is the result. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2013

Ran by SYSTEM on 09-06-2013 20:39:14

Running from F:\

Windows 7 Professional (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Recovery

The current controlset is ControlSet001

ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8114720 2009-09-11] (Realtek Semiconductor)

HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)

HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [232616 2012-01-17] (Visicom Media Inc. (Powered by Panda Security))

HKLM-x32\...\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" [46368 2010-03-08] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" [29984 2010-03-08] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" [328992 2010-02-09] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun [139264 2011-03-03] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN [2629632 2010-12-23] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE [1694608 2012-03-12] (Bandoo Media, inc)

HKLM-x32\...\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui [136416 2011-05-04] (Memeo Inc.)

HKLM-x32\...\Run: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent [144608 2011-05-04] (Memeo Inc.)

HKLM-x32\...\Run: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui [79112 2011-06-01] ()

HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [295072 2013-02-24] (RealNetworks, Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)

HKU\Desk2\...\Run: [Google Update] "C:\Users\Desk2\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-12-24] (Google Inc.)

HKU\Desk2\...\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-08-11] ()

HKU\Desk2\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5622512 2013-05-25] (SUPERAntiSpyware.com)

HKU\Desk2\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-10-16] (Google Inc.)

HKU\Desk2\...\Run: [Akamai NetSession Interface] "C:\Users\Temp BOB\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)

HKU\Desk2\...\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler [222496 2009-05-05] (Acresso Corporation)

HKU\Guest\...\Run: [Google Update] "C:\Users\Temp BOB\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-12-30] (Google Inc.)

HKU\Guest\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-10-16] (Google Inc.)

HKU\Guest\...\Run: [Akamai NetSession Interface] "C:\Users\Temp BOB\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)

HKU\Guest\...\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler [222496 2009-05-05] (Acresso Corporation)

HKU\Temp BOB\...\Run: [Google Update] "C:\Users\Temp BOB\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-12-30] (Google Inc.)

HKU\Temp BOB\...\Run: [Akamai NetSession Interface] "C:\Users\Temp BOB\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)

HKU\Temp BOB\...\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler [222496 2009-05-05] (Acresso Corporation)

HKU\Temp BOB\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-10-16] (Google Inc.)

HKU\Temp BOB\...\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" [x]

HKU\Temp BOB\...\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1641896 2013-06-06] (Valve Corporation)

HKU\Temp BOB\...\Run: [EADM] "C:\Users\Public\Desktop\Origin\Origin.exe" -AutoStart [x]

HKU\UpdatusUser\...\Run: [Google Update] "C:\Users\Temp BOB\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-12-30] (Google Inc.)

HKU\UpdatusUser\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-10-16] (Google Inc.)

HKU\UpdatusUser\...\Run: [Akamai NetSession Interface] "C:\Users\Temp BOB\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)

HKU\UpdatusUser\...\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler [222496 2009-05-05] (Acresso Corporation)

AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll [1791384 2012-03-12] (Bandoo Media, inc)

Startup: C:\Users\Temp BOB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameStop Now.lnk

ShortcutTarget: GameStop Now.lnk -> C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe (GameStop Corp.)

Startup: C:\Users\Temp BOB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SUPERAntiSpyware Free Edition.lnk

ShortcutTarget: SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

==================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-09-18] (SUPERAntiSpyware.com)

S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll [4561152 2013-03-20] (Akamai Technologies, Inc.)

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)

S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-31] (Symantec Corporation)

S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe [126392 2011-09-29] (Symantec Corporation)

S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)

S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()

S2 SOSNFFSV; C:\Program Files\SOS\SOSNF\sosnffsv.exe [1130888 2010-12-20] (Solid Oak Software)

S2 SOSNFLSV; C:\Program Files\SOS\SOSNF\sosnflsv.exe [2034056 2010-12-20] (Solid Oak Software)

S2 sosnfusv; C:\Program Files\SOS\SOSNF\sosnfusv.exe [1285000 2010-12-20] (Solid Oak Software)

==================== Drivers (Whitelisted) ====================

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)

S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)

S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S1 sosnf64; C:\Windows\System32\drivers\sosnf64.sys [57184 2010-12-08] (NetFilterSDK.com)

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-06-09 20:39 - 2013-06-09 20:39 - 00000000 ____D C:\FRST

2013-06-09 09:39 - 2013-06-09 09:46 - 00000000 ___SD C:\ComboFix

2013-06-09 07:30 - 2013-06-09 07:30 - 05078680 ____R (Swearware) C:\Users\Desk2\Desktop\ComboFix.exe

2013-06-07 17:17 - 2013-06-07 17:17 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Desk2\Downloads\tdsskiller.exe

2013-06-07 15:29 - 2013-06-07 15:29 - 00208216 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\63299061.sys

2013-06-07 15:24 - 2013-06-07 15:24 - 00000000 ____D C:\TDSSKiller_Quarantine

2013-06-06 15:56 - 2013-06-06 15:56 - 00000730 ____A C:\Users\Temp BOB\Desktop\aswMBR.txt

2013-06-06 15:54 - 2013-06-06 15:55 - 04745728 ____A (AVAST Software) C:\Users\Temp BOB\Downloads\aswMBR.exe

2013-06-06 15:47 - 2013-06-06 15:47 - 00001894 ____A C:\Users\Desk2\Desktop\aswMBR.txt

2013-06-06 15:47 - 2013-06-06 15:47 - 00000512 ____A C:\Users\Desk2\Desktop\MBR.dat

2013-06-06 15:45 - 2013-06-06 15:45 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Temp BOB\Downloads\tdsskiller.exe

2013-06-05 03:43 - 2013-06-05 03:45 - 00000000 ____D C:\Users\Temp BOB\Desktop\Dad Virus Fles

2013-06-05 03:39 - 2013-06-05 03:39 - 00021116 ____A C:\Users\Desk2\Desktop\DDSCopy.txt

2013-06-04 19:02 - 2013-06-04 19:02 - 00688992 ____R (Swearware) C:\Users\Temp BOB\Downloads\dds.com

2013-06-04 18:37 - 2013-06-04 21:58 - 00021116 ____A C:\Users\Desk2\Desktop\dds.txt

2013-06-03 19:02 - 2013-06-03 19:02 - 00291208 ____A C:\Windows\Minidump\060313-28111-01.dmp

2013-06-03 18:56 - 2013-06-03 18:56 - 00291208 ____A C:\Windows\Minidump\060313-22854-01.dmp

2013-06-03 18:54 - 2013-06-03 18:54 - 00000000 ____D C:\Users\Temp BOB\AppData\Local\Introversion

2013-06-03 14:33 - 2013-06-03 14:33 - 00000222 ____A C:\Users\Temp BOB\Desktop\Prison Architect.url

2013-06-02 13:45 - 2013-06-02 13:44 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-06-02 13:45 - 2013-06-02 13:44 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-06-02 13:45 - 2013-06-02 13:44 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-06-02 13:45 - 2013-06-02 13:44 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-06-02 13:37 - 2013-06-02 13:37 - 00903072 ____A (Oracle Corporation) C:\Users\Temp BOB\Downloads\chromeinstall-7u21.exe

2013-06-02 13:37 - 2013-06-02 13:37 - 00903072 ____A (Oracle Corporation) C:\Users\Temp BOB\Downloads\chromeinstall-7u21 (1).exe

2013-06-02 13:10 - 2013-06-02 13:10 - 00291208 ____A C:\Windows\Minidump\060213-23696-01.dmp

2013-06-02 12:57 - 2013-06-02 12:57 - 00291208 ____A C:\Windows\Minidump\060213-22011-01.dmp

2013-05-31 15:07 - 2013-05-31 15:07 - 00291208 ____A C:\Windows\Minidump\053113-25428-01.dmp

2013-05-28 15:53 - 2013-06-02 11:34 - 00000000 ____D C:\Firefox

2013-05-28 15:43 - 2013-05-28 15:43 - 00000000 ____D C:\ProgramData\Ask

2013-05-27 17:32 - 2013-05-28 15:36 - 00000004 ____A C:\Users\Temp BOB\AppData\Roaming\skype.ini

2013-05-26 23:13 - 2013-05-26 23:13 - 00291208 ____A C:\Windows\Minidump\052713-56425-01.dmp

2013-05-26 23:03 - 2013-05-26 23:03 - 00291208 ____A C:\Windows\Minidump\052713-27066-01.dmp

2013-05-26 07:47 - 2013-05-26 07:47 - 00000000 ____D C:\Users\Desk2\AppData\Roaming\Dell

2013-05-24 04:50 - 2013-06-08 20:56 - 00000000 ____D C:\Users\Temp BOB\AppData\Roaming\Origin

2013-05-24 04:50 - 2013-06-08 20:56 - 00000000 ____D C:\Users\Temp BOB\AppData\Local\Origin

2013-05-24 04:48 - 2013-06-09 09:55 - 00000000 ____D C:\Users\Public\Desktop\Origin

2013-05-24 04:48 - 2013-06-09 09:55 - 00000000 ____D C:\ProgramData\Origin

2013-05-21 13:43 - 2013-05-21 13:43 - 00291208 ____A C:\Windows\Minidump\052113-34429-01.dmp

2013-05-21 13:27 - 2013-06-02 10:23 - 00000000 ____D C:\Users\Temp BOB\AppData\Roaming\Skype

2013-05-21 13:27 - 2013-05-28 16:18 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-05-21 13:27 - 2013-05-21 13:28 - 00000000 ____D C:\ProgramData\Skype

2013-05-21 13:27 - 2013-05-21 13:27 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk

2013-05-20 23:09 - 2013-05-20 23:09 - 00291208 ____A C:\Windows\Minidump\052113-42276-01.dmp

2013-05-19 11:16 - 2013-05-19 11:16 - 00000000 ____D C:\Users\Temp BOB\Documents\Klei

2013-05-19 11:15 - 2013-05-19 11:15 - 00001920 ____A C:\Users\Temp BOB\Desktop\Don't Starve.lnk

2013-05-19 11:12 - 2013-05-19 11:16 - 00000000 ____D C:\Program Files (x86)\DontStarve

2013-05-19 11:10 - 2013-05-19 11:12 - 191897369 ____A C:\Users\Temp BOB\Downloads\DontStarve_Installer-1367288873.exe

2013-05-19 09:57 - 2013-05-19 09:57 - 00000919 ____A C:\Users\Public\Desktop\Steam.lnk

2013-05-19 09:56 - 2013-06-09 15:47 - 00000000 ____D C:\Program Files (x86)\Steam

2013-05-19 09:24 - 2013-05-19 09:25 - 01669632 ____A C:\Users\Temp BOB\Downloads\SteamInstall.msi

2013-05-15 00:12 - 2013-05-15 00:12 - 00000129 ____A C:\Windows\System32\MRT.INI

2013-05-15 00:01 - 2013-04-04 22:52 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-05-15 00:01 - 2013-04-04 22:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-05-15 00:01 - 2013-04-04 22:52 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2013-05-15 00:01 - 2013-04-04 22:50 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-05-15 00:01 - 2013-04-04 22:50 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-05-15 00:01 - 2013-04-04 22:50 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-05-15 00:01 - 2013-04-04 22:50 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-05-15 00:01 - 2013-04-04 22:50 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-05-15 00:01 - 2013-04-04 22:50 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-05-15 00:01 - 2013-04-04 22:50 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-05-15 00:01 - 2013-04-04 22:50 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2013-05-15 00:01 - 2013-04-04 22:50 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2013-05-15 00:01 - 2013-04-04 22:50 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-05-15 00:01 - 2013-04-04 22:50 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2013-05-15 00:01 - 2013-04-04 21:28 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-05-15 00:01 - 2013-04-04 21:28 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-05-15 00:01 - 2013-04-04 21:26 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-05-15 00:01 - 2013-04-04 20:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-05-15 00:01 - 2013-04-04 20:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-05-15 00:01 - 2013-04-04 19:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2013-05-15 00:01 - 2013-04-04 19:38 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-05-14 15:48 - 2013-04-09 22:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys

2013-05-14 15:48 - 2013-04-09 22:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys

2013-05-14 15:48 - 2013-04-09 19:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-05-14 15:48 - 2013-03-18 21:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll

2013-05-14 15:48 - 2013-03-18 21:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll

2013-05-14 15:48 - 2013-02-26 22:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe

2013-05-14 15:48 - 2013-02-26 21:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll

2013-05-14 15:48 - 2013-02-26 21:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll

2013-05-14 15:48 - 2013-02-26 21:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll

2013-05-14 15:48 - 2013-02-26 21:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll

2013-05-14 15:48 - 2013-02-26 20:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2013-05-14 15:48 - 2013-02-26 20:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2013-05-14 15:48 - 2013-02-26 20:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2013-05-14 15:48 - 2011-02-03 03:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll

2013-05-12 07:35 - 2013-05-12 07:35 - 00291208 ____A C:\Windows\Minidump\051213-78109-01.dmp

2013-05-12 07:30 - 2013-05-12 07:30 - 00291208 ____A C:\Windows\Minidump\051213-98436-01.dmp

==================== One Month Modified Files and Folders =======

2013-06-09 20:39 - 2013-06-09 20:39 - 00000000 ____D C:\FRST

2013-06-09 17:31 - 2012-07-07 17:58 - 00000506 ____A C:\Windows\Tasks\SystemToolsDailyTest.job

2013-06-09 17:31 - 2012-03-22 17:40 - 00000454 ___AH C:\Windows\Tasks\Norton Security Scan for Temp BOB.job

2013-06-09 17:31 - 2009-07-13 21:10 - 01267870 ____A C:\Windows\WindowsUpdate.log

2013-06-09 17:25 - 2011-10-16 18:32 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-06-09 17:17 - 2012-09-04 05:00 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-06-09 17:01 - 2010-12-30 12:38 - 00000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1239007821-1110583340-4102201496-1002UA.job

2013-06-09 16:54 - 2010-12-24 21:33 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1239007821-1110583340-4102201496-1000UA.job

2013-06-09 16:25 - 2011-10-16 18:32 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-06-09 15:47 - 2013-05-19 09:56 - 00000000 ____D C:\Program Files (x86)\Steam

2013-06-09 15:47 - 2012-03-23 17:18 - 00000312 ___AH C:\Windows\Tasks\C__Users_Temp BOB_AppData_Local_Temp_fliptoast.app.13430.fliptoast.exe.job

2013-06-09 15:47 - 2012-02-19 11:37 - 00000000 ____D C:\ProgramData\Anti-phishing Domain Advisor

2013-06-09 15:47 - 2009-07-13 20:51 - 00086685 ____A C:\Windows\setupact.log

2013-06-09 15:36 - 2009-07-13 20:45 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-06-09 15:36 - 2009-07-13 20:45 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-06-09 15:29 - 2010-12-02 01:28 - 00000000 ____D C:\ProgramData\NVIDIA

2013-06-09 15:29 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-06-09 15:28 - 2011-09-12 14:01 - 00000000 ____D C:\Users\Desk2\AppData\Local\PMB Files

2013-06-09 15:27 - 2010-12-02 01:26 - 00122938 ____A C:\Windows\PFRO.log

2013-06-09 14:01 - 2010-12-30 12:37 - 00000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1239007821-1110583340-4102201496-1002Core.job

2013-06-09 09:55 - 2013-05-24 04:48 - 00000000 ____D C:\Users\Public\Desktop\Origin

2013-06-09 09:55 - 2013-05-24 04:48 - 00000000 ____D C:\ProgramData\Origin

2013-06-09 09:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF

2013-06-09 09:46 - 2013-06-09 09:39 - 00000000 ___SD C:\ComboFix

2013-06-09 07:30 - 2013-06-09 07:30 - 05078680 ____R (Swearware) C:\Users\Desk2\Desktop\ComboFix.exe

2013-06-09 07:08 - 2012-09-04 05:00 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-06-09 07:08 - 2011-07-10 18:16 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-06-08 20:56 - 2013-05-24 04:50 - 00000000 ____D C:\Users\Temp BOB\AppData\Roaming\Origin

2013-06-08 20:56 - 2013-05-24 04:50 - 00000000 ____D C:\Users\Temp BOB\AppData\Local\Origin

2013-06-07 17:17 - 2013-06-07 17:17 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Desk2\Downloads\tdsskiller.exe

2013-06-07 15:33 - 2010-12-24 21:33 - 00002367 ____A C:\Users\Desk2\Desktop\Google Chrome.lnk

2013-06-07 15:29 - 2013-06-07 15:29 - 00208216 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\63299061.sys

2013-06-07 15:26 - 2010-12-18 20:47 - 00000000 ____D C:\users\Desk2

2013-06-07 15:24 - 2013-06-07 15:24 - 00000000 ____D C:\TDSSKiller_Quarantine

2013-06-07 07:53 - 2010-12-24 21:33 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1239007821-1110583340-4102201496-1000Core.job

2013-06-06 18:00 - 2012-02-19 14:27 - 00000000 ____D C:\users\Guest

2013-06-06 15:56 - 2013-06-06 15:56 - 00000730 ____A C:\Users\Temp BOB\Desktop\aswMBR.txt

2013-06-06 15:55 - 2013-06-06 15:54 - 04745728 ____A (AVAST Software) C:\Users\Temp BOB\Downloads\aswMBR.exe

2013-06-06 15:47 - 2013-06-06 15:47 - 00001894 ____A C:\Users\Desk2\Desktop\aswMBR.txt

2013-06-06 15:47 - 2013-06-06 15:47 - 00000512 ____A C:\Users\Desk2\Desktop\MBR.dat

2013-06-06 15:45 - 2013-06-06 15:45 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Temp BOB\Downloads\tdsskiller.exe

2013-06-06 15:43 - 2013-02-24 18:34 - 00000000 ____D C:\Users\Temp BOB\AppData\Roaming\.minecraft

2013-06-06 15:04 - 2010-12-30 12:38 - 00002382 ____A C:\Users\Temp BOB\Desktop\Google Chrome.lnk

2013-06-05 03:45 - 2013-06-05 03:43 - 00000000 ____D C:\Users\Temp BOB\Desktop\Dad Virus Fles

2013-06-05 03:39 - 2013-06-05 03:39 - 00021116 ____A C:\Users\Desk2\Desktop\DDSCopy.txt

2013-06-04 21:58 - 2013-06-04 18:37 - 00021116 ____A C:\Users\Desk2\Desktop\dds.txt

2013-06-04 19:02 - 2013-06-04 19:02 - 00688992 ____R (Swearware) C:\Users\Temp BOB\Downloads\dds.com

2013-06-03 19:02 - 2013-06-03 19:02 - 00291208 ____A C:\Windows\Minidump\060313-28111-01.dmp

2013-06-03 19:02 - 2011-07-13 18:41 - 400415281 ____A C:\Windows\MEMORY.DMP

2013-06-03 19:02 - 2011-07-13 18:41 - 00000000 ____D C:\Windows\Minidump

2013-06-03 18:56 - 2013-06-03 18:56 - 00291208 ____A C:\Windows\Minidump\060313-22854-01.dmp

2013-06-03 18:54 - 2013-06-03 18:54 - 00000000 ____D C:\Users\Temp BOB\AppData\Local\Introversion

2013-06-03 14:33 - 2013-06-03 14:33 - 00000222 ____A C:\Users\Temp BOB\Desktop\Prison Architect.url

2013-06-02 13:44 - 2013-06-02 13:45 - 00263584 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-06-02 13:44 - 2013-06-02 13:45 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-06-02 13:44 - 2013-06-02 13:45 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-06-02 13:44 - 2013-06-02 13:45 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-06-02 13:44 - 2012-09-04 14:20 - 00866720 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2013-06-02 13:44 - 2010-12-01 23:42 - 00788896 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2013-06-02 13:37 - 2013-06-02 13:37 - 00903072 ____A (Oracle Corporation) C:\Users\Temp BOB\Downloads\chromeinstall-7u21.exe

2013-06-02 13:37 - 2013-06-02 13:37 - 00903072 ____A (Oracle Corporation) C:\Users\Temp BOB\Downloads\chromeinstall-7u21 (1).exe

2013-06-02 13:10 - 2013-06-02 13:10 - 00291208 ____A C:\Windows\Minidump\060213-23696-01.dmp

2013-06-02 13:04 - 2012-08-15 10:07 - 00001354 ____A C:\Users\Temp BOB\Desktop\ROBLOX Player.lnk

2013-06-02 12:57 - 2013-06-02 12:57 - 00291208 ____A C:\Windows\Minidump\060213-22011-01.dmp

2013-06-02 11:34 - 2013-05-28 15:53 - 00000000 ____D C:\Firefox

2013-06-02 11:32 - 2013-01-14 14:52 - 00000000 ____D C:\Windows\System32\appmgmt

2013-06-02 10:23 - 2013-05-21 13:27 - 00000000 ____D C:\Users\Temp BOB\AppData\Roaming\Skype

2013-05-31 15:07 - 2013-05-31 15:07 - 00291208 ____A C:\Windows\Minidump\053113-25428-01.dmp

2013-05-30 15:19 - 2012-02-19 14:27 - 00110176 ____A C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT

2013-05-30 15:19 - 2012-02-19 14:27 - 00000000 ___RD C:\Users\Guest\Virtual Machines

2013-05-30 15:15 - 2010-12-24 21:33 - 00000000 ____D C:\Users\Desk2\AppData\Local\Google

2013-05-28 18:08 - 2009-07-13 21:08 - 00032606 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-05-28 16:18 - 2013-05-21 13:27 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-05-28 15:49 - 2013-04-02 16:22 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-28 15:49 - 2011-10-16 18:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-28 15:46 - 2010-12-25 12:54 - 00000000 ____D C:\ProgramData\Adobe

2013-05-28 15:43 - 2013-05-28 15:43 - 00000000 ____D C:\ProgramData\Ask

2013-05-28 15:36 - 2013-05-27 17:32 - 00000004 ____A C:\Users\Temp BOB\AppData\Roaming\skype.ini

2013-05-27 14:35 - 2012-09-12 13:53 - 00000000 ____D C:\Users\Temp BOB\Documents\Homework

2013-05-26 23:13 - 2013-05-26 23:13 - 00291208 ____A C:\Windows\Minidump\052713-56425-01.dmp

2013-05-26 23:03 - 2013-05-26 23:03 - 00291208 ____A C:\Windows\Minidump\052713-27066-01.dmp

2013-05-26 12:27 - 2012-03-22 17:40 - 00000000 ____D C:\Program Files\Wajam

2013-05-26 09:36 - 2013-01-31 09:40 - 00000000 ____A C:\END

2013-05-26 07:47 - 2013-05-26 07:47 - 00000000 ____D C:\Users\Desk2\AppData\Roaming\Dell

2013-05-26 07:46 - 2010-12-25 11:00 - 00000000 ____D C:\ProgramData\PCDr

2013-05-26 07:44 - 2011-12-25 22:24 - 00000000 ___RD C:\Users\Desk2\Virtual Machines

2013-05-26 07:44 - 2010-12-18 20:47 - 00110176 ____A C:\Users\Desk2\AppData\Local\GDIPFONTCACHEV1.DAT

2013-05-25 09:30 - 2011-04-22 19:18 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2013-05-23 14:44 - 2012-12-03 14:58 - 00000000 ____D C:\Users\Temp BOB\AppData\Roaming\.techniclauncher

2013-05-23 12:06 - 2011-01-11 19:00 - 00813334 ____A C:\Windows\SysWOW64\PerfStringBackup.INI

2013-05-21 13:43 - 2013-05-21 13:43 - 00291208 ____A C:\Windows\Minidump\052113-34429-01.dmp

2013-05-21 13:28 - 2013-05-21 13:27 - 00000000 ____D C:\ProgramData\Skype

2013-05-21 13:27 - 2013-05-21 13:27 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk

2013-05-20 23:09 - 2013-05-20 23:09 - 00291208 ____A C:\Windows\Minidump\052113-42276-01.dmp

2013-05-20 23:09 - 2012-07-07 17:58 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2013-05-20 23:09 - 2009-07-13 20:45 - 00421808 ____A C:\Windows\System32\FNTCACHE.DAT

2013-05-19 11:16 - 2013-05-19 11:16 - 00000000 ____D C:\Users\Temp BOB\Documents\Klei

2013-05-19 11:16 - 2013-05-19 11:12 - 00000000 ____D C:\Program Files (x86)\DontStarve

2013-05-19 11:15 - 2013-05-19 11:15 - 00001920 ____A C:\Users\Temp BOB\Desktop\Don't Starve.lnk

2013-05-19 11:12 - 2013-05-19 11:10 - 191897369 ____A C:\Users\Temp BOB\Downloads\DontStarve_Installer-1367288873.exe

2013-05-19 09:57 - 2013-05-19 09:57 - 00000919 ____A C:\Users\Public\Desktop\Steam.lnk

2013-05-19 09:57 - 2010-12-29 12:21 - 00000000 ____D C:\users\Temp BOB

2013-05-19 09:25 - 2013-05-19 09:24 - 01669632 ____A C:\Users\Temp BOB\Downloads\SteamInstall.msi

2013-05-17 22:36 - 2012-01-02 11:49 - 00000000 ____D C:\Users\Temp BOB\Documents\SimCity 4

2013-05-16 07:07 - 2010-12-29 12:22 - 00110176 ____A C:\Users\Temp BOB\AppData\Local\GDIPFONTCACHEV1.DAT

2013-05-15 07:15 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache

2013-05-15 04:49 - 2011-11-18 17:58 - 00000000 ___RD C:\Users\Temp BOB\Virtual Machines

2013-05-15 00:14 - 2010-12-27 13:52 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-05-15 00:12 - 2013-05-15 00:12 - 00000129 ____A C:\Windows\System32\MRT.INI

2013-05-15 00:08 - 2010-12-24 20:36 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-05-15 00:05 - 2009-07-13 21:13 - 00810118 ____A C:\Windows\System32\PerfStringBackup.INI

2013-05-12 07:35 - 2013-05-12 07:35 - 00291208 ____A C:\Windows\Minidump\051213-78109-01.dmp

2013-05-12 07:30 - 2013-05-12 07:30 - 00291208 ____A C:\Windows\Minidump\051213-98436-01.dmp

2013-05-10 20:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep

Files to move or delete:

====================

C:\Users\Temp BOB\AppData\Roaming\skype.ini

C:\ProgramData\hash.dat

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-06-05 21:00:34

Restore point made on: 2013-06-06 19:13:58

Restore point made on: 2013-06-09 09:40:42

==================== Memory info ===========================

Percentage of memory in use: 19%

Total physical RAM: 3070.8 MB

Available physical RAM: 2471.65 MB

Total Pagefile: 3068.95 MB

Available Pagefile: 2480.77 MB

Total Virtual: 8192 MB

Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:455.94 GB) (Free:240.53 GB) NTFS (Disk=0 Partition=3)

Drive e: (SIMCITY) (CDROM) (Total:1.85 GB) (Free:0 GB) UDF

Drive f: (ERRONDA) (Removable) (Total:0.47 GB) (Free:0.4 GB) FAT (Disk=1 Partition=1)

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Drive y: (RECOVERY) (Fixed) (Total:9.78 GB) (Free:3.98 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 466 GB) (Disk ID: 0FAA21D8)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=10 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)

========================================================

Disk: 1 (Size: 482 MB) (Disk ID: C91A8E36)

Partition 1: (Not Active) - (Size=478 MB) - (Type=0E)

LastRegBack: 2013-06-02 21:26

==================== End Of Log ============================

Link to post
Share on other sites

Fix with FRST

  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt
    AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll [1791384 2012-03-12] (Bandoo Media, inc)
    C:\PROGRA~2\SEARCH~1\Datamngr
    C:\ProgramData\Ask
    C:\Users\Temp BOB\AppData\Roaming\skype.ini
    C:\Program Files\Wajam
    C:\END
    C:\ProgramData\hash.dat


    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    Now please enter System Recovery Options again.

  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Start your computer in normal mode and tell me how it is behaving now.

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-06-2013

Ran by SYSTEM at 2013-06-11 19:33:54 Run:1

Running from F:\

Boot Mode: Recovery

==============================================

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.

C:\PROGRA~2\SEARCH~1\Datamngr => Moved successfully.

C:\ProgramData\Ask => Moved successfully.

C:\Users\Temp BOB\AppData\Roaming\skype.ini => Moved successfully.

C:\Program Files\Wajam => Moved successfully.

C:\END => Moved successfully.

C:\ProgramData\hash.dat => Moved successfully.

==== End of Fixlog ====

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.