Joshua Brown
Posts: 10 +0
Its in the background plays music and ADS randomly and my anti virus pops up with a random detection every day or so...and I delete it but it keeps happening. Its not on my task manager and im just lost on what to do.
Inactive [A] I have an ad/music virus that my Ad-Aware and antivirus can't find or remove :(
- Thread starter Joshua Brown
- Start date
- Status
Broni
Posts: 56,041 +516
Welcome aboard
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Please, observe following rules:
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Please, observe following rules:
- Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
- If you're stuck, or you're not sure about certain step, always ask before doing anything else.
- Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
- Never run more than one scan at a time.
- Keep updating me regarding your computer behavior, good, or bad.
- The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
- If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
- I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
Joshua Brown
Posts: 10 +0
Thank you so much for the help! heres the log from malware im doing GMER next
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Josh :: JOSH-PC [administrator]
Protection: Enabled
10/4/2012 12:28:16 AM
mbam-log-2012-10-04 (00-28-16).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 31346
Time elapsed: 39 second(s) [aborted]
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Josh :: JOSH-PC [administrator]
Protection: Enabled
10/4/2012 12:28:16 AM
mbam-log-2012-10-04 (00-28-16).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 31346
Time elapsed: 39 second(s) [aborted]
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Joshua Brown
Posts: 10 +0
2012/10/04 00:26:58 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access QUARANTINE
2012/10/04 00:27:06 -0400 JOSH-PC Josh IP-BLOCK 77.78.232.32 (Type: outgoing, Port: 56152, Process: svchost.exe)
2012/10/04 00:27:58 -0400 JOSH-PC Josh DETECTION c:\$recycle.bin\s-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\u\00000001.@ Trojan.0Access DENY
2012/10/04 00:29:34 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:29:59 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:29:59 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:31:00 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:32:00 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:32:00 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:33:00 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:27:06 -0400 JOSH-PC Josh IP-BLOCK 77.78.232.32 (Type: outgoing, Port: 56152, Process: svchost.exe)
2012/10/04 00:27:58 -0400 JOSH-PC Josh DETECTION c:\$recycle.bin\s-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\u\00000001.@ Trojan.0Access DENY
2012/10/04 00:29:34 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:29:59 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:29:59 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:31:00 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:32:00 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:32:00 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
2012/10/04 00:33:00 -0400 JOSH-PC Josh DETECTION C:\$RECYCLE.BIN\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ Trojan.0Access DENY
Joshua Brown
Posts: 10 +0
Gmer had no mods but heres DDS Log
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Josh at 1:13:01 on 2012-10-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.2120 [GMT -4:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\SysWOW64\UMonit.exe
C:\Program Files\Comcast\pcTrayApp.exe
C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
C:\Program Files (x86)\jmesoft\hotkey.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EQSSATS\4c389kms.exe
C:\$Recycle.Bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
mRun: [LenovoFSC] C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
mRun: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PWRISOVM.EXE] C:\Users\Josh\Desktop\PowerISO\PWRISOVM.EXE -startup
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre1.5.0\bin\npjpi150.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{9092C3BC-4B94-4EFA-921E-D9A02A578D80} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [LenovoFSC] C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
mRun-x64: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
mRun-x64: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [PWRISOVM.EXE] C:\Users\Josh\Desktop\PowerISO\PWRISOVM.EXE -startup
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
============= SERVICES / DRIVERS ===============
.
R0 pxscan;pxscan;C:\windows\system32\drivers\pxscan.sys --> C:\windows\system32\drivers\pxscan.sys [?]
R1 avkmgr;avkmgr;C:\windows\system32\DRIVERS\avkmgr.sys --> C:\windows\system32\DRIVERS\avkmgr.sys [?]
R1 pxrts;pxrts;C:\windows\system32\drivers\pxrts.sys --> C:\windows\system32\drivers\pxrts.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-1-12 86224]
R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-1-12 110032]
R2 avgntflt;avgntflt;C:\windows\system32\DRIVERS\avgntflt.sys --> C:\windows\system32\DRIVERS\avgntflt.sys [?]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-3 399432]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-8-17 1258856]
R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2012-2-1 361472]
R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2012-2-1 441344]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-30 382312]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?]
R3 pxkbf;pxkbf;C:\windows\system32\drivers\pxkbf.sys --> C:\windows\system32\drivers\pxkbf.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SuperIO;Lenovo ASD HWM Driver;C:\windows\system32\DRIVERS\spio.sys --> C:\windows\system32\DRIVERS\spio.sys [?]
R3 USTOR2K;USB Mass Storage Windows Driver;C:\windows\system32\DRIVERS\ustor2k.sys --> C:\windows\system32\DRIVERS\ustor2k.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 CSIScanner;CSIScanner;"C:\Program Files\Prevx\prevx.exe" /service --> C:\Program Files\Prevx\prevx.exe [?]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-19 136176]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-3 676936]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250288]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-19 136176]
S3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;C:\windows\system32\DRIVERS\Rtnic64.sys --> C:\windows\system32\DRIVERS\Rtnic64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\system32\DRIVERS\yk62x64.sys --> C:\windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-10-04 02:56:49 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-04 02:56:48 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-10-04 02:56:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-04 01:54:14 62976 ----a-w- C:\windows\SysWow64\PxSecure.dll-3427919
2012-10-04 01:54:13 65736 ----a-w- C:\windows\System32\drivers\pxrts.sys
2012-10-04 01:54:13 36384 ----a-w- C:\windows\System32\drivers\pxscan.sys
2012-10-04 01:54:12 24024 ----a-w- C:\windows\System32\drivers\pxkbf.sys
2012-10-03 04:06:18 -------- d-----w- C:\Program Files (x86)\1ClickDownload
2012-09-21 13:45:24 -------- d-----w- C:\Program Files\PeerBlock
2012-09-21 08:47:41 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{71EC4769-1D3C-4727-A060-9C4B25F240B4}\mpengine.dll
2012-09-20 11:48:51 -------- d-----w- C:\Users\Josh\AppData\Local\ArmA 2 OA
2012-09-20 11:45:28 -------- d-----w- C:\Program Files (x86)\Bohemia Interactive
2012-09-20 11:45:25 -------- d-----w- C:\Users\Josh\AppData\Local\ArmA 2
2012-09-20 11:45:09 519000 ----a-w- C:\windows\System32\d3dx10_40.dll
2012-09-20 11:45:09 452440 ----a-w- C:\windows\SysWow64\d3dx10_40.dll
2012-09-20 11:45:09 2605920 ----a-w- C:\windows\System32\D3DCompiler_40.dll
2012-09-20 11:45:09 2036576 ----a-w- C:\windows\SysWow64\D3DCompiler_40.dll
2012-09-20 11:45:08 5631312 ----a-w- C:\windows\System32\D3DX9_40.dll
2012-09-20 11:45:08 4379984 ----a-w- C:\windows\SysWow64\D3DX9_40.dll
2012-09-20 11:40:13 -------- d-----w- C:\Users\Josh\AppData\Local\Play withSIX
2012-09-20 01:49:24 -------- d-----w- C:\temp
2012-09-20 01:47:09 -------- d-----w- C:\Users\Josh\AppData\Roaming\six-zsync
2012-09-20 01:46:47 -------- d-----w- C:\Users\Josh\AppData\Roaming\Play withSIX
2012-09-20 01:46:27 -------- d-----w- C:\Program Files (x86)\SIX Networks
2012-09-20 01:16:22 -------- d-----w- C:\Program Files (x86)\Steam
2012-09-20 01:16:22 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2012-09-12 16:09:47 950128 ----a-w- C:\windows\System32\drivers\ndis.sys
2012-09-12 16:09:47 41472 ----a-w- C:\windows\System32\drivers\RNDISMP.sys
2012-09-12 16:09:46 574464 ----a-w- C:\windows\System32\d3d10level9.dll
2012-09-12 16:09:46 490496 ----a-w- C:\windows\SysWow64\d3d10level9.dll
2012-09-12 16:09:45 376688 ----a-w- C:\windows\System32\drivers\netio.sys
2012-09-12 16:09:45 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 16:09:45 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-09-11 09:15:12 -------- d-----w- C:\Program Files (x86)\NovaLogic
2012-09-11 09:15:06 315904 ----a-w- C:\windows\IsUninst.exe
2012-09-11 07:56:05 -------- d--h--w- C:\windows\msdownld.tmp
2012-09-11 07:56:00 -------- d-----w- C:\windows\SysWow64\directx
2012-09-11 07:54:20 -------- d-----w- C:\Program Files (x86)\Telltale Games
2012-09-08 13:54:16 -------- d-----w- C:\Program Files (x86)\Valve
2012-09-08 07:16:33 -------- d-----w- C:\Users\Josh\AppData\Roaming\NVIDIA
2012-09-07 05:11:49 -------- d-----w- C:\Users\Josh\AppData\Local\DOSBox
2012-09-07 05:07:55 -------- d-----w- C:\Users\Josh\Shadow Pres
.
==================== Find3M ====================
.
2012-09-20 01:51:07 696240 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-09-20 01:51:06 73136 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-30 16:18:05 891240 ----a-w- C:\windows\System32\nvvsvc.exe
2012-08-30 16:18:05 63336 ----a-w- C:\windows\System32\nvshext.dll
2012-08-30 16:18:05 118120 ----a-w- C:\windows\System32\nvmctray.dll
2012-08-30 16:18:04 3487434 ----a-w- C:\windows\System32\nvcoproc.bin
2012-08-30 16:18:01 3266920 ----a-w- C:\windows\System32\nvsvc64.dll
2012-08-30 16:17:59 6198120 ----a-w- C:\windows\System32\nvcpl.dll
2012-08-30 14:40:14 429416 ----a-w- C:\windows\SysWow64\nvStreaming.exe
2012-07-18 18:15:06 3148800 ----a-w- C:\windows\System32\win32k.sys
.
============= FINISH: 1:13:24.54 ===============
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Josh at 1:13:01 on 2012-10-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.2120 [GMT -4:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\SysWOW64\UMonit.exe
C:\Program Files\Comcast\pcTrayApp.exe
C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
C:\Program Files (x86)\jmesoft\hotkey.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EQSSATS\4c389kms.exe
C:\$Recycle.Bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
mRun: [LenovoFSC] C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
mRun: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PWRISOVM.EXE] C:\Users\Josh\Desktop\PowerISO\PWRISOVM.EXE -startup
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre1.5.0\bin\npjpi150.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{9092C3BC-4B94-4EFA-921E-D9A02A578D80} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [LenovoFSC] C:\Program Files (x86)\Lenovo\FanSpeedControl\LenovoFSC.exe
mRun-x64: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
mRun-x64: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [PWRISOVM.EXE] C:\Users\Josh\Desktop\PowerISO\PWRISOVM.EXE -startup
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
============= SERVICES / DRIVERS ===============
.
R0 pxscan;pxscan;C:\windows\system32\drivers\pxscan.sys --> C:\windows\system32\drivers\pxscan.sys [?]
R1 avkmgr;avkmgr;C:\windows\system32\DRIVERS\avkmgr.sys --> C:\windows\system32\DRIVERS\avkmgr.sys [?]
R1 pxrts;pxrts;C:\windows\system32\drivers\pxrts.sys --> C:\windows\system32\drivers\pxrts.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-1-12 86224]
R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-1-12 110032]
R2 avgntflt;avgntflt;C:\windows\system32\DRIVERS\avgntflt.sys --> C:\windows\system32\DRIVERS\avgntflt.sys [?]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-3 399432]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-8-17 1258856]
R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2012-2-1 361472]
R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2012-2-1 441344]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-30 382312]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?]
R3 pxkbf;pxkbf;C:\windows\system32\drivers\pxkbf.sys --> C:\windows\system32\drivers\pxkbf.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SuperIO;Lenovo ASD HWM Driver;C:\windows\system32\DRIVERS\spio.sys --> C:\windows\system32\DRIVERS\spio.sys [?]
R3 USTOR2K;USB Mass Storage Windows Driver;C:\windows\system32\DRIVERS\ustor2k.sys --> C:\windows\system32\DRIVERS\ustor2k.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 CSIScanner;CSIScanner;"C:\Program Files\Prevx\prevx.exe" /service --> C:\Program Files\Prevx\prevx.exe [?]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-19 136176]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-3 676936]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250288]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-19 136176]
S3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;C:\windows\system32\DRIVERS\Rtnic64.sys --> C:\windows\system32\DRIVERS\Rtnic64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\system32\DRIVERS\yk62x64.sys --> C:\windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-10-04 02:56:49 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-04 02:56:48 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-10-04 02:56:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-04 01:54:14 62976 ----a-w- C:\windows\SysWow64\PxSecure.dll-3427919
2012-10-04 01:54:13 65736 ----a-w- C:\windows\System32\drivers\pxrts.sys
2012-10-04 01:54:13 36384 ----a-w- C:\windows\System32\drivers\pxscan.sys
2012-10-04 01:54:12 24024 ----a-w- C:\windows\System32\drivers\pxkbf.sys
2012-10-03 04:06:18 -------- d-----w- C:\Program Files (x86)\1ClickDownload
2012-09-21 13:45:24 -------- d-----w- C:\Program Files\PeerBlock
2012-09-21 08:47:41 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{71EC4769-1D3C-4727-A060-9C4B25F240B4}\mpengine.dll
2012-09-20 11:48:51 -------- d-----w- C:\Users\Josh\AppData\Local\ArmA 2 OA
2012-09-20 11:45:28 -------- d-----w- C:\Program Files (x86)\Bohemia Interactive
2012-09-20 11:45:25 -------- d-----w- C:\Users\Josh\AppData\Local\ArmA 2
2012-09-20 11:45:09 519000 ----a-w- C:\windows\System32\d3dx10_40.dll
2012-09-20 11:45:09 452440 ----a-w- C:\windows\SysWow64\d3dx10_40.dll
2012-09-20 11:45:09 2605920 ----a-w- C:\windows\System32\D3DCompiler_40.dll
2012-09-20 11:45:09 2036576 ----a-w- C:\windows\SysWow64\D3DCompiler_40.dll
2012-09-20 11:45:08 5631312 ----a-w- C:\windows\System32\D3DX9_40.dll
2012-09-20 11:45:08 4379984 ----a-w- C:\windows\SysWow64\D3DX9_40.dll
2012-09-20 11:40:13 -------- d-----w- C:\Users\Josh\AppData\Local\Play withSIX
2012-09-20 01:49:24 -------- d-----w- C:\temp
2012-09-20 01:47:09 -------- d-----w- C:\Users\Josh\AppData\Roaming\six-zsync
2012-09-20 01:46:47 -------- d-----w- C:\Users\Josh\AppData\Roaming\Play withSIX
2012-09-20 01:46:27 -------- d-----w- C:\Program Files (x86)\SIX Networks
2012-09-20 01:16:22 -------- d-----w- C:\Program Files (x86)\Steam
2012-09-20 01:16:22 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2012-09-12 16:09:47 950128 ----a-w- C:\windows\System32\drivers\ndis.sys
2012-09-12 16:09:47 41472 ----a-w- C:\windows\System32\drivers\RNDISMP.sys
2012-09-12 16:09:46 574464 ----a-w- C:\windows\System32\d3d10level9.dll
2012-09-12 16:09:46 490496 ----a-w- C:\windows\SysWow64\d3d10level9.dll
2012-09-12 16:09:45 376688 ----a-w- C:\windows\System32\drivers\netio.sys
2012-09-12 16:09:45 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 16:09:45 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-09-11 09:15:12 -------- d-----w- C:\Program Files (x86)\NovaLogic
2012-09-11 09:15:06 315904 ----a-w- C:\windows\IsUninst.exe
2012-09-11 07:56:05 -------- d--h--w- C:\windows\msdownld.tmp
2012-09-11 07:56:00 -------- d-----w- C:\windows\SysWow64\directx
2012-09-11 07:54:20 -------- d-----w- C:\Program Files (x86)\Telltale Games
2012-09-08 13:54:16 -------- d-----w- C:\Program Files (x86)\Valve
2012-09-08 07:16:33 -------- d-----w- C:\Users\Josh\AppData\Roaming\NVIDIA
2012-09-07 05:11:49 -------- d-----w- C:\Users\Josh\AppData\Local\DOSBox
2012-09-07 05:07:55 -------- d-----w- C:\Users\Josh\Shadow Pres
.
==================== Find3M ====================
.
2012-09-20 01:51:07 696240 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-09-20 01:51:06 73136 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-30 16:18:05 891240 ----a-w- C:\windows\System32\nvvsvc.exe
2012-08-30 16:18:05 63336 ----a-w- C:\windows\System32\nvshext.dll
2012-08-30 16:18:05 118120 ----a-w- C:\windows\System32\nvmctray.dll
2012-08-30 16:18:04 3487434 ----a-w- C:\windows\System32\nvcoproc.bin
2012-08-30 16:18:01 3266920 ----a-w- C:\windows\System32\nvsvc64.dll
2012-08-30 16:17:59 6198120 ----a-w- C:\windows\System32\nvcpl.dll
2012-08-30 14:40:14 429416 ----a-w- C:\windows\SysWow64\nvStreaming.exe
2012-07-18 18:15:06 3148800 ----a-w- C:\windows\System32\win32k.sys
.
============= FINISH: 1:13:24.54 ===============
Broni
Posts: 56,041 +516
I still need Attach.txt part of DDS.
Next....
Download TDSSKiller and save it to your desktop.
=================================
=================================
Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.
NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
Next....
Download TDSSKiller and save it to your desktop.
- Extract (unzip) its contents to your desktop.
- Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
- If an infected file is detected, the default action will be Cure, click on Continue.
- If a suspicious file is detected, the default action will be Skip, click on Continue.
- It may ask you to reboot the computer to complete the process. Click on Reboot Now.
- If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
- If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
=================================
- Download RogueKiller on the desktop
- Close all the running programs
- Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
- Otherwise just double-click on RogueKiller.exe
- Pre-scan will start. Let it finish.
- Click on SCAN button.
- Wait until the Status box shows Scan Finished
- Click on Delete.
- Wait until the Status box shows Deleting Finished.
- Click on Report and copy/paste the content of the Notepad into your next reply.
- RKreport.txt could also be found on your desktop.
- If more than one log is produced post all logs.
- If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
=================================
Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.
NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
Joshua Brown
Posts: 10 +0
DDS attach.txt I apologize
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/21/2011 8:32:31 AM
System Uptime: 10/4/2012 1:21:20 AM (16 hours ago)
.
Motherboard: LENOVO | | To be filled by O.E.M.
Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz | CPU 1 | 3203/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 906 GiB total, 671.975 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: ZTekWare Original CD Emulator
Device ID: ROOT\SCSIADAPTER\0000
Manufacturer:
Name: ZTekWare Original CD Emulator
PNP Device ID: ROOT\SCSIADAPTER\0000
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.2
Adobe Shockwave Player 11.6
Akamai NetSession Interface
Akamai NetSession Interface Service
Any Video Converter 3.3.2
Apple Application Support
Apple Software Update
ARMA 2
ARMA 2: Operation Arrowhead
Avira Antivirus Premium 2012
BattlEye for OA Uninstall
BattlEye Uninstall
Best Buy pc app
BitTorrent
Comcast Desktop Software (v1.2.0.9)
Counter-Strike
Diablo III
Easy Solve
FanSpeedControl
File Type Assistant
Final Media Player 2011
Genesys USB Mass Storage Device
Google Chrome
Google Update Helper
J2SE Runtime Environment 5.0
Junk Mail filter update
League of Legends
Lenovo Driver and Application Installation
Lenovo Rescue System
LVT
LXH-JME2207FN Hotkey Driver
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft Choice Guard
Microsoft Office 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSVCRT
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Pando Media Booster
Play withSIX
PowerISO
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
Realtek High Definition Audio Driver
Revo Uninstaller 1.93
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Skype Click to Call
Skype™ 5.10
Steam
swMSM
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client
VLC media player 1.1.11
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR 4.20 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
10/4/2012 1:22:43 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
10/4/2012 1:22:43 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
10/4/2012 1:22:38 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
10/4/2012 1:22:38 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/4/2012 1:21:53 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
10/1/2012 6:46:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user Josh-PC\Josh SID (S-1-5-21-1143952926-2400091773-3937541990-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/1/2012 6:46:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user Josh-PC\Josh SID (S-1-5-21-1143952926-2400091773-3937541990-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/21/2011 8:32:31 AM
System Uptime: 10/4/2012 1:21:20 AM (16 hours ago)
.
Motherboard: LENOVO | | To be filled by O.E.M.
Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz | CPU 1 | 3203/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 906 GiB total, 671.975 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: ZTekWare Original CD Emulator
Device ID: ROOT\SCSIADAPTER\0000
Manufacturer:
Name: ZTekWare Original CD Emulator
PNP Device ID: ROOT\SCSIADAPTER\0000
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.2
Adobe Shockwave Player 11.6
Akamai NetSession Interface
Akamai NetSession Interface Service
Any Video Converter 3.3.2
Apple Application Support
Apple Software Update
ARMA 2
ARMA 2: Operation Arrowhead
Avira Antivirus Premium 2012
BattlEye for OA Uninstall
BattlEye Uninstall
Best Buy pc app
BitTorrent
Comcast Desktop Software (v1.2.0.9)
Counter-Strike
Diablo III
Easy Solve
FanSpeedControl
File Type Assistant
Final Media Player 2011
Genesys USB Mass Storage Device
Google Chrome
Google Update Helper
J2SE Runtime Environment 5.0
Junk Mail filter update
League of Legends
Lenovo Driver and Application Installation
Lenovo Rescue System
LVT
LXH-JME2207FN Hotkey Driver
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft Choice Guard
Microsoft Office 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSVCRT
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Pando Media Booster
Play withSIX
PowerISO
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
Realtek High Definition Audio Driver
Revo Uninstaller 1.93
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Skype Click to Call
Skype™ 5.10
Steam
swMSM
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client
VLC media player 1.1.11
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR 4.20 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
10/4/2012 1:22:43 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
10/4/2012 1:22:43 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
10/4/2012 1:22:38 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
10/4/2012 1:22:38 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/4/2012 1:21:53 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
10/1/2012 6:46:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user Josh-PC\Josh SID (S-1-5-21-1143952926-2400091773-3937541990-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/1/2012 6:46:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user Josh-PC\Josh SID (S-1-5-21-1143952926-2400091773-3937541990-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
Joshua Brown
Posts: 10 +0
Heres TDS scan in 2 parts
17:19:07.0760 1252 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:19:08.0010 1252 ============================================================
17:19:08.0010 1252 Current date / time: 2012/10/04 17:19:08.0010
17:19:08.0010 1252 SystemInfo:
17:19:08.0010 1252
17:19:08.0010 1252 OS Version: 6.1.7601 ServicePack: 1.0
17:19:08.0010 1252 Product type: Workstation
17:19:08.0010 1252 ComputerName: JOSH-PC
17:19:08.0010 1252 UserName: Josh
17:19:08.0010 1252 Windows directory: C:\windows
17:19:08.0010 1252 System windows directory: C:\windows
17:19:08.0010 1252 Running under WOW64
17:19:08.0010 1252 Processor architecture: Intel x64
17:19:08.0010 1252 Number of processors: 2
17:19:08.0010 1252 Page size: 0x1000
17:19:08.0010 1252 Boot type: Normal boot
17:19:08.0010 1252 ============================================================
17:19:08.0992 1252 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:19:08.0992 1252 ============================================================
17:19:08.0992 1252 \Device\Harddisk0\DR0:
17:19:08.0992 1252 MBR partitions:
17:19:08.0992 1252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:19:08.0992 1252 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x714AE800
17:19:08.0992 1252 ============================================================
17:19:09.0039 1252 C: <-> \Device\Harddisk0\DR0\Partition2
17:19:09.0039 1252 ============================================================
17:19:09.0039 1252 Initialize success
17:19:09.0039 1252 ============================================================
17:19:25.0981 4836 ============================================================
17:19:25.0981 4836 Scan started
17:19:25.0981 4836 Mode: Manual;
17:19:25.0981 4836 ============================================================
17:19:27.0088 4836 ================ Scan system memory ========================
17:19:27.0088 4836 System memory - ok
17:19:27.0088 4836 ================ Scan services =============================
17:19:27.0166 4836 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:19:27.0166 4836 !SASCORE - ok
17:19:27.0307 4836 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:19:27.0307 4836 1394ohci - ok
17:19:27.0354 4836 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:19:27.0369 4836 ACPI - ok
17:19:27.0400 4836 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:19:27.0416 4836 AcpiPmi - ok
17:19:27.0510 4836 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:19:27.0510 4836 AdobeFlashPlayerUpdateSvc - ok
17:19:27.0541 4836 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
17:19:27.0541 4836 adp94xx - ok
17:19:27.0572 4836 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
17:19:27.0572 4836 adpahci - ok
17:19:27.0588 4836 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
17:19:27.0603 4836 adpu320 - ok
17:19:27.0619 4836 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:19:27.0619 4836 AeLookupSvc - ok
17:19:27.0650 4836 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
17:19:27.0666 4836 AFD - ok
17:19:27.0666 4836 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
17:19:27.0666 4836 agp440 - ok
17:19:27.0900 4836 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
17:19:27.0900 4836 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
17:19:27.0900 4836 Akamai ( HiddenFile.Multi.Generic ) - warning
17:19:27.0900 4836 Akamai - detected HiddenFile.Multi.Generic (1)
17:19:27.0931 4836 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:19:27.0931 4836 ALG - ok
17:19:27.0946 4836 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
17:19:27.0946 4836 aliide - ok
17:19:27.0962 4836 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
17:19:27.0962 4836 amdide - ok
17:19:27.0962 4836 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
17:19:27.0962 4836 AmdK8 - ok
17:19:27.0978 4836 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
17:19:27.0978 4836 AmdPPM - ok
17:19:28.0009 4836 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:19:28.0009 4836 amdsata - ok
17:19:28.0024 4836 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
17:19:28.0024 4836 amdsbs - ok
17:19:28.0040 4836 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:19:28.0040 4836 amdxata - ok
17:19:28.0087 4836 [ 697010BAA012BF4FC8EC64B35E446B1C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:19:28.0087 4836 AntiVirSchedulerService - ok
17:19:28.0102 4836 [ 82101C790E8E488A4C0B2A6465942B6F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:19:28.0118 4836 AntiVirService - ok
17:19:28.0180 4836 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
17:19:28.0180 4836 AppID - ok
17:19:28.0212 4836 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:19:28.0212 4836 AppIDSvc - ok
17:19:28.0258 4836 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
17:19:28.0258 4836 Appinfo - ok
17:19:28.0336 4836 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:19:28.0336 4836 Apple Mobile Device - ok
17:19:28.0352 4836 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
17:19:28.0352 4836 arc - ok
17:19:28.0368 4836 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
17:19:28.0368 4836 arcsas - ok
17:19:28.0383 4836 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:19:28.0383 4836 AsyncMac - ok
17:19:28.0383 4836 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
17:19:28.0383 4836 atapi - ok
17:19:28.0524 4836 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\windows\system32\drivers\atikmdag.sys
17:19:28.0617 4836 atikmdag - ok
17:19:28.0695 4836 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:19:28.0711 4836 AudioEndpointBuilder - ok
17:19:28.0711 4836 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:19:28.0726 4836 AudioSrv - ok
17:19:28.0742 4836 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
17:19:28.0742 4836 avgntflt - ok
17:19:28.0773 4836 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
17:19:28.0773 4836 avipbb - ok
17:19:28.0773 4836 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
17:19:28.0773 4836 avkmgr - ok
17:19:28.0836 4836 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
17:19:28.0851 4836 AxInstSV - ok
17:19:28.0882 4836 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
17:19:28.0882 4836 b06bdrv - ok
17:19:28.0898 4836 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:19:28.0914 4836 b57nd60a - ok
17:19:28.0929 4836 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:19:28.0929 4836 BDESVC - ok
17:19:28.0945 4836 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:19:28.0945 4836 Beep - ok
17:19:29.0023 4836 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
17:19:29.0023 4836 BFE - ok
17:19:29.0038 4836 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:19:29.0038 4836 blbdrive - ok
17:19:29.0085 4836 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:19:29.0085 4836 Bonjour Service - ok
17:19:29.0116 4836 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:19:29.0116 4836 bowser - ok
17:19:29.0132 4836 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
17:19:29.0132 4836 BrFiltLo - ok
17:19:29.0148 4836 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
17:19:29.0148 4836 BrFiltUp - ok
17:19:29.0179 4836 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
17:19:29.0179 4836 BridgeMP - ok
17:19:29.0241 4836 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
17:19:29.0241 4836 Browser - ok
17:19:29.0257 4836 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:19:29.0257 4836 Brserid - ok
17:19:29.0272 4836 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:19:29.0272 4836 BrSerWdm - ok
17:19:29.0288 4836 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:19:29.0288 4836 BrUsbMdm - ok
17:19:29.0288 4836 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:19:29.0288 4836 BrUsbSer - ok
17:19:29.0304 4836 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
17:19:29.0304 4836 BTHMODEM - ok
17:19:29.0319 4836 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:19:29.0335 4836 bthserv - ok
17:19:29.0335 4836 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:19:29.0335 4836 cdfs - ok
17:19:29.0397 4836 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:19:29.0397 4836 cdrom - ok
17:19:29.0444 4836 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
17:19:29.0460 4836 CertPropSvc - ok
17:19:29.0475 4836 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
17:19:29.0475 4836 circlass - ok
17:19:29.0506 4836 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:19:29.0506 4836 CLFS - ok
17:19:29.0569 4836 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:19:29.0569 4836 clr_optimization_v2.0.50727_32 - ok
17:19:29.0631 4836 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:19:29.0647 4836 clr_optimization_v2.0.50727_64 - ok
17:19:29.0787 4836 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:19:29.0787 4836 clr_optimization_v4.0.30319_32 - ok
17:19:29.0818 4836 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:19:29.0818 4836 clr_optimization_v4.0.30319_64 - ok
17:19:29.0834 4836 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:19:29.0834 4836 CmBatt - ok
17:19:29.0881 4836 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
17:19:29.0881 4836 cmdide - ok
17:19:29.0943 4836 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
17:19:29.0959 4836 CNG - ok
17:19:29.0959 4836 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:19:29.0959 4836 Compbatt - ok
17:19:30.0006 4836 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
17:19:30.0006 4836 CompositeBus - ok
17:19:30.0006 4836 COMSysApp - ok
17:19:30.0021 4836 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
17:19:30.0021 4836 crcdisk - ok
17:19:30.0084 4836 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
17:19:30.0084 4836 CryptSvc - ok
17:19:30.0130 4836 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
17:19:30.0130 4836 DcomLaunch - ok
17:19:30.0177 4836 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:19:30.0193 4836 defragsvc - ok
17:19:30.0240 4836 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:19:30.0240 4836 DfsC - ok
17:19:30.0286 4836 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
17:19:30.0302 4836 Dhcp - ok
17:19:30.0302 4836 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:19:30.0318 4836 discache - ok
17:19:30.0333 4836 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
17:19:30.0333 4836 Disk - ok
17:19:30.0380 4836 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:19:30.0380 4836 Dnscache - ok
17:19:30.0427 4836 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
17:19:30.0442 4836 dot3svc - ok
17:19:30.0489 4836 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
17:19:30.0489 4836 DPS - ok
17:19:30.0505 4836 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:19:30.0505 4836 drmkaud - ok
17:19:30.0567 4836 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:19:30.0583 4836 DXGKrnl - ok
17:19:30.0598 4836 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:19:30.0614 4836 EapHost - ok
17:19:30.0676 4836 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
17:19:30.0723 4836 ebdrv - ok
17:19:30.0754 4836 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
17:19:30.0754 4836 EFS - ok
17:19:30.0801 4836 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:19:30.0832 4836 ehRecvr - ok
17:19:30.0848 4836 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:19:30.0864 4836 ehSched - ok
17:19:30.0879 4836 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
17:19:30.0879 4836 elxstor - ok
17:19:30.0926 4836 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
17:19:30.0926 4836 ErrDev - ok
17:19:30.0957 4836 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:19:30.0957 4836 EventSystem - ok
17:19:30.0973 4836 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:19:30.0973 4836 exfat - ok
17:19:30.0988 4836 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:19:30.0988 4836 fastfat - ok
17:19:31.0051 4836 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
17:19:31.0051 4836 Fax - ok
17:19:31.0066 4836 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
17:19:31.0066 4836 fdc - ok
17:19:31.0082 4836 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:19:31.0098 4836 fdPHost - ok
17:19:31.0098 4836 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:19:31.0113 4836 FDResPub - ok
17:19:31.0113 4836 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:19:31.0113 4836 FileInfo - ok
17:19:31.0144 4836 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:19:31.0144 4836 Filetrace - ok
17:19:31.0144 4836 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
17:19:31.0144 4836 flpydisk - ok
17:19:31.0191 4836 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:19:31.0207 4836 FltMgr - ok
17:19:31.0285 4836 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
17:19:31.0300 4836 FontCache - ok
17:19:31.0347 4836 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:19:31.0378 4836 FontCache3.0.0.0 - ok
17:19:31.0394 4836 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:19:31.0394 4836 FsDepends - ok
17:19:31.0441 4836 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:19:31.0441 4836 Fs_Rec - ok
17:19:31.0503 4836 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:19:31.0503 4836 fvevol - ok
17:19:31.0519 4836 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
17:19:31.0519 4836 gagp30kx - ok
17:19:31.0581 4836 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:19:31.0581 4836 GEARAspiWDM - ok
17:19:31.0644 4836 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
17:19:31.0659 4836 gpsvc - ok
17:19:31.0753 4836 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:19:31.0753 4836 gupdate - ok
17:19:31.0768 4836 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:19:31.0768 4836 gupdatem - ok
17:19:31.0784 4836 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:19:31.0784 4836 hcw85cir - ok
17:19:31.0831 4836 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:19:31.0831 4836 HdAudAddService - ok
17:19:31.0846 4836 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:19:31.0846 4836 HDAudBus - ok
17:19:31.0878 4836 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
17:19:31.0878 4836 HidBatt - ok
17:19:31.0893 4836 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
17:19:31.0893 4836 HidBth - ok
17:19:31.0909 4836 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
17:19:31.0909 4836 HidIr - ok
17:19:31.0940 4836 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
17:19:31.0940 4836 hidserv - ok
17:19:31.0971 4836 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:19:31.0971 4836 HidUsb - ok
17:19:32.0002 4836 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
17:19:32.0018 4836 hkmsvc - ok
17:19:32.0080 4836 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:19:32.0096 4836 HomeGroupListener - ok
17:19:32.0112 4836 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:19:32.0112 4836 HomeGroupProvider - ok
17:19:32.0127 4836 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:19:32.0127 4836 HpSAMD - ok
17:19:32.0190 4836 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:19:32.0205 4836 HTTP - ok
17:19:32.0252 4836 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:19:32.0252 4836 hwpolicy - ok
17:19:32.0283 4836 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
17:19:32.0283 4836 i8042prt - ok
17:19:32.0330 4836 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:19:32.0330 4836 iaStorV - ok
17:19:32.0392 4836 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:19:32.0439 4836 idsvc - ok
17:19:32.0658 4836 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:19:32.0814 4836 igfx - ok
17:19:32.0829 4836 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
17:19:32.0829 4836 iirsp - ok
17:19:32.0892 4836 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
17:19:32.0892 4836 IKEEXT - ok
17:19:32.0970 4836 [ E9BEFD8C6A1DB3B544B61647DDA35F62 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
17:19:33.0001 4836 IntcAzAudAddService - ok
17:19:33.0016 4836 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
17:19:33.0016 4836 intelide - ok
17:19:33.0032 4836 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:19:33.0032 4836 intelppm - ok
17:19:33.0063 4836 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:19:33.0063 4836 IPBusEnum - ok
17:19:33.0110 4836 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:19:33.0110 4836 IpFilterDriver - ok
17:19:33.0157 4836 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:19:33.0157 4836 IPMIDRV - ok
17:19:33.0172 4836 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:19:33.0172 4836 IPNAT - ok
17:19:33.0204 4836 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:19:33.0219 4836 iPod Service - ok
17:19:33.0219 4836 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:19:33.0219 4836 IRENUM - ok
17:19:33.0235 4836 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:19:33.0235 4836 isapnp - ok
17:19:33.0282 4836 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:19:33.0282 4836 iScsiPrt - ok
17:19:33.0297 4836 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
17:19:33.0297 4836 kbdclass - ok
17:19:33.0313 4836 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:19:33.0313 4836 kbdhid - ok
17:19:33.0328 4836 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
17:19:33.0328 4836 KeyIso - ok
17:19:33.0344 4836 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:19:33.0360 4836 KSecDD - ok
17:19:33.0375 4836 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:19:33.0375 4836 KSecPkg - ok
17:19:33.0391 4836 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:19:33.0391 4836 ksthunk - ok
17:19:33.0453 4836 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:19:33.0469 4836 KtmRm - ok
17:19:33.0547 4836 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
17:19:33.0547 4836 LanmanServer - ok
17:19:33.0609 4836 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:19:33.0625 4836 LanmanWorkstation - ok
17:19:33.0656 4836 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:19:33.0656 4836 lltdio - ok
17:19:33.0687 4836 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:19:33.0703 4836 lltdsvc - ok
17:19:33.0718 4836 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:19:33.0734 4836 lmhosts - ok
17:19:33.0765 4836 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
17:19:33.0765 4836 LSI_FC - ok
17:19:33.0781 4836 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
17:19:33.0781 4836 LSI_SAS - ok
17:19:33.0796 4836 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
17:19:33.0796 4836 LSI_SAS2 - ok
17:19:33.0796 4836 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
17:19:33.0796 4836 LSI_SCSI - ok
17:19:33.0812 4836 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:19:33.0812 4836 luafv - ok
17:19:33.0859 4836 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
17:19:33.0859 4836 MBAMProtector - ok
17:19:33.0937 4836 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:19:33.0952 4836 MBAMScheduler - ok
17:19:33.0968 4836 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:19:33.0984 4836 MBAMService - ok
17:19:34.0030 4836 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:19:34.0030 4836 Mcx2Svc - ok
17:19:34.0062 4836 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
17:19:34.0062 4836 megasas - ok
17:19:34.0077 4836 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
17:19:34.0077 4836 MegaSR - ok
17:19:34.0093 4836 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:19:34.0093 4836 MMCSS - ok
17:19:34.0108 4836 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:19:34.0108 4836 Modem - ok
17:19:34.0108 4836 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:19:34.0108 4836 monitor - ok
17:19:34.0155 4836 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:19:34.0155 4836 mouclass - ok
17:19:34.0171 4836 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:19:34.0171 4836 mouhid - ok
17:19:34.0218 4836 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:19:34.0218 4836 mountmgr - ok
17:19:34.0218 4836 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
17:19:34.0233 4836 mpio - ok
17:19:34.0233 4836 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:19:34.0233 4836 mpsdrv - ok
17:19:34.0280 4836 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
17:19:34.0280 4836 MREMP50 - ok
17:19:34.0327 4836 [ C2758DF79C83A0D12A5599A040CA1818 ] MREMP50a64 C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
17:19:34.0327 4836 MREMP50a64 - ok
17:19:34.0327 4836 MREMPR5 - ok
17:19:34.0342 4836 MRENDIS5 - ok
17:19:34.0358 4836 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
17:19:34.0358 4836 MRESP50 - ok
17:19:34.0358 4836 [ 38BD5B32E0722752BE8465D2A6DA43D9 ] MRESP50a64 C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
17:19:34.0374 4836 MRESP50a64 - ok
17:19:34.0405 4836 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:19:34.0405 4836 MRxDAV - ok
17:19:34.0452 4836 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:19:34.0467 4836 mrxsmb - ok
17:19:34.0514 4836 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:19:34.0514 4836 mrxsmb10 - ok
17:19:34.0530 4836 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:19:34.0530 4836 mrxsmb20 - ok
17:19:34.0545 4836 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
17:19:34.0545 4836 msahci - ok
17:19:34.0592 4836 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:19:34.0592 4836 msdsm - ok
17:19:34.0623 4836 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:19:34.0639 4836 MSDTC - ok
17:19:34.0670 4836 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:19:34.0670 4836 Msfs - ok
17:19:34.0686 4836 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:19:34.0686 4836 mshidkmdf - ok
17:19:34.0732 4836 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:19:34.0732 4836 msisadrv - ok
17:19:34.0779 4836 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:19:34.0795 4836 MSiSCSI - ok
17:19:34.0810 4836 msiserver - ok
17:19:34.0826 4836 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:19:34.0826 4836 MSKSSRV - ok
17:19:34.0826 4836 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:19:34.0826 4836 MSPCLOCK - ok
17:19:34.0842 4836 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:19:34.0842 4836 MSPQM - ok
17:19:34.0888 4836 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:19:34.0888 4836 MsRPC - ok
17:19:34.0904 4836 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
17:19:34.0904 4836 mssmbios - ok
17:19:34.0920 4836 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:19:34.0920 4836 MSTEE - ok
17:19:34.0920 4836 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
17:19:34.0920 4836 MTConfig - ok
17:19:34.0935 4836 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:19:34.0935 4836 Mup - ok
17:19:34.0998 4836 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
17:19:34.0998 4836 napagent - ok
17:19:35.0044 4836 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:19:35.0044 4836 NativeWifiP - ok
17:19:35.0122 4836 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
17:19:35.0122 4836 NDIS - ok
17:19:35.0138 4836 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:19:07.0760 1252 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:19:08.0010 1252 ============================================================
17:19:08.0010 1252 Current date / time: 2012/10/04 17:19:08.0010
17:19:08.0010 1252 SystemInfo:
17:19:08.0010 1252
17:19:08.0010 1252 OS Version: 6.1.7601 ServicePack: 1.0
17:19:08.0010 1252 Product type: Workstation
17:19:08.0010 1252 ComputerName: JOSH-PC
17:19:08.0010 1252 UserName: Josh
17:19:08.0010 1252 Windows directory: C:\windows
17:19:08.0010 1252 System windows directory: C:\windows
17:19:08.0010 1252 Running under WOW64
17:19:08.0010 1252 Processor architecture: Intel x64
17:19:08.0010 1252 Number of processors: 2
17:19:08.0010 1252 Page size: 0x1000
17:19:08.0010 1252 Boot type: Normal boot
17:19:08.0010 1252 ============================================================
17:19:08.0992 1252 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:19:08.0992 1252 ============================================================
17:19:08.0992 1252 \Device\Harddisk0\DR0:
17:19:08.0992 1252 MBR partitions:
17:19:08.0992 1252 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:19:08.0992 1252 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x714AE800
17:19:08.0992 1252 ============================================================
17:19:09.0039 1252 C: <-> \Device\Harddisk0\DR0\Partition2
17:19:09.0039 1252 ============================================================
17:19:09.0039 1252 Initialize success
17:19:09.0039 1252 ============================================================
17:19:25.0981 4836 ============================================================
17:19:25.0981 4836 Scan started
17:19:25.0981 4836 Mode: Manual;
17:19:25.0981 4836 ============================================================
17:19:27.0088 4836 ================ Scan system memory ========================
17:19:27.0088 4836 System memory - ok
17:19:27.0088 4836 ================ Scan services =============================
17:19:27.0166 4836 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:19:27.0166 4836 !SASCORE - ok
17:19:27.0307 4836 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:19:27.0307 4836 1394ohci - ok
17:19:27.0354 4836 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:19:27.0369 4836 ACPI - ok
17:19:27.0400 4836 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:19:27.0416 4836 AcpiPmi - ok
17:19:27.0510 4836 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:19:27.0510 4836 AdobeFlashPlayerUpdateSvc - ok
17:19:27.0541 4836 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
17:19:27.0541 4836 adp94xx - ok
17:19:27.0572 4836 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
17:19:27.0572 4836 adpahci - ok
17:19:27.0588 4836 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
17:19:27.0603 4836 adpu320 - ok
17:19:27.0619 4836 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:19:27.0619 4836 AeLookupSvc - ok
17:19:27.0650 4836 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
17:19:27.0666 4836 AFD - ok
17:19:27.0666 4836 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
17:19:27.0666 4836 agp440 - ok
17:19:27.0900 4836 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
17:19:27.0900 4836 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
17:19:27.0900 4836 Akamai ( HiddenFile.Multi.Generic ) - warning
17:19:27.0900 4836 Akamai - detected HiddenFile.Multi.Generic (1)
17:19:27.0931 4836 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:19:27.0931 4836 ALG - ok
17:19:27.0946 4836 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
17:19:27.0946 4836 aliide - ok
17:19:27.0962 4836 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
17:19:27.0962 4836 amdide - ok
17:19:27.0962 4836 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
17:19:27.0962 4836 AmdK8 - ok
17:19:27.0978 4836 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
17:19:27.0978 4836 AmdPPM - ok
17:19:28.0009 4836 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:19:28.0009 4836 amdsata - ok
17:19:28.0024 4836 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
17:19:28.0024 4836 amdsbs - ok
17:19:28.0040 4836 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:19:28.0040 4836 amdxata - ok
17:19:28.0087 4836 [ 697010BAA012BF4FC8EC64B35E446B1C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:19:28.0087 4836 AntiVirSchedulerService - ok
17:19:28.0102 4836 [ 82101C790E8E488A4C0B2A6465942B6F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:19:28.0118 4836 AntiVirService - ok
17:19:28.0180 4836 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
17:19:28.0180 4836 AppID - ok
17:19:28.0212 4836 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:19:28.0212 4836 AppIDSvc - ok
17:19:28.0258 4836 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
17:19:28.0258 4836 Appinfo - ok
17:19:28.0336 4836 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:19:28.0336 4836 Apple Mobile Device - ok
17:19:28.0352 4836 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
17:19:28.0352 4836 arc - ok
17:19:28.0368 4836 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
17:19:28.0368 4836 arcsas - ok
17:19:28.0383 4836 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:19:28.0383 4836 AsyncMac - ok
17:19:28.0383 4836 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
17:19:28.0383 4836 atapi - ok
17:19:28.0524 4836 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\windows\system32\drivers\atikmdag.sys
17:19:28.0617 4836 atikmdag - ok
17:19:28.0695 4836 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:19:28.0711 4836 AudioEndpointBuilder - ok
17:19:28.0711 4836 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:19:28.0726 4836 AudioSrv - ok
17:19:28.0742 4836 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
17:19:28.0742 4836 avgntflt - ok
17:19:28.0773 4836 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
17:19:28.0773 4836 avipbb - ok
17:19:28.0773 4836 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
17:19:28.0773 4836 avkmgr - ok
17:19:28.0836 4836 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
17:19:28.0851 4836 AxInstSV - ok
17:19:28.0882 4836 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
17:19:28.0882 4836 b06bdrv - ok
17:19:28.0898 4836 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:19:28.0914 4836 b57nd60a - ok
17:19:28.0929 4836 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:19:28.0929 4836 BDESVC - ok
17:19:28.0945 4836 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:19:28.0945 4836 Beep - ok
17:19:29.0023 4836 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
17:19:29.0023 4836 BFE - ok
17:19:29.0038 4836 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:19:29.0038 4836 blbdrive - ok
17:19:29.0085 4836 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:19:29.0085 4836 Bonjour Service - ok
17:19:29.0116 4836 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:19:29.0116 4836 bowser - ok
17:19:29.0132 4836 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
17:19:29.0132 4836 BrFiltLo - ok
17:19:29.0148 4836 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
17:19:29.0148 4836 BrFiltUp - ok
17:19:29.0179 4836 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
17:19:29.0179 4836 BridgeMP - ok
17:19:29.0241 4836 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
17:19:29.0241 4836 Browser - ok
17:19:29.0257 4836 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:19:29.0257 4836 Brserid - ok
17:19:29.0272 4836 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:19:29.0272 4836 BrSerWdm - ok
17:19:29.0288 4836 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:19:29.0288 4836 BrUsbMdm - ok
17:19:29.0288 4836 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:19:29.0288 4836 BrUsbSer - ok
17:19:29.0304 4836 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
17:19:29.0304 4836 BTHMODEM - ok
17:19:29.0319 4836 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:19:29.0335 4836 bthserv - ok
17:19:29.0335 4836 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:19:29.0335 4836 cdfs - ok
17:19:29.0397 4836 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:19:29.0397 4836 cdrom - ok
17:19:29.0444 4836 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
17:19:29.0460 4836 CertPropSvc - ok
17:19:29.0475 4836 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
17:19:29.0475 4836 circlass - ok
17:19:29.0506 4836 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:19:29.0506 4836 CLFS - ok
17:19:29.0569 4836 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:19:29.0569 4836 clr_optimization_v2.0.50727_32 - ok
17:19:29.0631 4836 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:19:29.0647 4836 clr_optimization_v2.0.50727_64 - ok
17:19:29.0787 4836 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:19:29.0787 4836 clr_optimization_v4.0.30319_32 - ok
17:19:29.0818 4836 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:19:29.0818 4836 clr_optimization_v4.0.30319_64 - ok
17:19:29.0834 4836 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:19:29.0834 4836 CmBatt - ok
17:19:29.0881 4836 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
17:19:29.0881 4836 cmdide - ok
17:19:29.0943 4836 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
17:19:29.0959 4836 CNG - ok
17:19:29.0959 4836 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:19:29.0959 4836 Compbatt - ok
17:19:30.0006 4836 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
17:19:30.0006 4836 CompositeBus - ok
17:19:30.0006 4836 COMSysApp - ok
17:19:30.0021 4836 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
17:19:30.0021 4836 crcdisk - ok
17:19:30.0084 4836 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
17:19:30.0084 4836 CryptSvc - ok
17:19:30.0130 4836 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
17:19:30.0130 4836 DcomLaunch - ok
17:19:30.0177 4836 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:19:30.0193 4836 defragsvc - ok
17:19:30.0240 4836 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:19:30.0240 4836 DfsC - ok
17:19:30.0286 4836 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
17:19:30.0302 4836 Dhcp - ok
17:19:30.0302 4836 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:19:30.0318 4836 discache - ok
17:19:30.0333 4836 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
17:19:30.0333 4836 Disk - ok
17:19:30.0380 4836 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:19:30.0380 4836 Dnscache - ok
17:19:30.0427 4836 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
17:19:30.0442 4836 dot3svc - ok
17:19:30.0489 4836 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
17:19:30.0489 4836 DPS - ok
17:19:30.0505 4836 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:19:30.0505 4836 drmkaud - ok
17:19:30.0567 4836 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:19:30.0583 4836 DXGKrnl - ok
17:19:30.0598 4836 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:19:30.0614 4836 EapHost - ok
17:19:30.0676 4836 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
17:19:30.0723 4836 ebdrv - ok
17:19:30.0754 4836 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
17:19:30.0754 4836 EFS - ok
17:19:30.0801 4836 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:19:30.0832 4836 ehRecvr - ok
17:19:30.0848 4836 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:19:30.0864 4836 ehSched - ok
17:19:30.0879 4836 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
17:19:30.0879 4836 elxstor - ok
17:19:30.0926 4836 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
17:19:30.0926 4836 ErrDev - ok
17:19:30.0957 4836 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:19:30.0957 4836 EventSystem - ok
17:19:30.0973 4836 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:19:30.0973 4836 exfat - ok
17:19:30.0988 4836 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:19:30.0988 4836 fastfat - ok
17:19:31.0051 4836 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
17:19:31.0051 4836 Fax - ok
17:19:31.0066 4836 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
17:19:31.0066 4836 fdc - ok
17:19:31.0082 4836 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:19:31.0098 4836 fdPHost - ok
17:19:31.0098 4836 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:19:31.0113 4836 FDResPub - ok
17:19:31.0113 4836 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:19:31.0113 4836 FileInfo - ok
17:19:31.0144 4836 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:19:31.0144 4836 Filetrace - ok
17:19:31.0144 4836 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
17:19:31.0144 4836 flpydisk - ok
17:19:31.0191 4836 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:19:31.0207 4836 FltMgr - ok
17:19:31.0285 4836 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
17:19:31.0300 4836 FontCache - ok
17:19:31.0347 4836 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:19:31.0378 4836 FontCache3.0.0.0 - ok
17:19:31.0394 4836 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:19:31.0394 4836 FsDepends - ok
17:19:31.0441 4836 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:19:31.0441 4836 Fs_Rec - ok
17:19:31.0503 4836 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:19:31.0503 4836 fvevol - ok
17:19:31.0519 4836 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
17:19:31.0519 4836 gagp30kx - ok
17:19:31.0581 4836 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:19:31.0581 4836 GEARAspiWDM - ok
17:19:31.0644 4836 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
17:19:31.0659 4836 gpsvc - ok
17:19:31.0753 4836 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:19:31.0753 4836 gupdate - ok
17:19:31.0768 4836 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:19:31.0768 4836 gupdatem - ok
17:19:31.0784 4836 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:19:31.0784 4836 hcw85cir - ok
17:19:31.0831 4836 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:19:31.0831 4836 HdAudAddService - ok
17:19:31.0846 4836 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:19:31.0846 4836 HDAudBus - ok
17:19:31.0878 4836 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
17:19:31.0878 4836 HidBatt - ok
17:19:31.0893 4836 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
17:19:31.0893 4836 HidBth - ok
17:19:31.0909 4836 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
17:19:31.0909 4836 HidIr - ok
17:19:31.0940 4836 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
17:19:31.0940 4836 hidserv - ok
17:19:31.0971 4836 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:19:31.0971 4836 HidUsb - ok
17:19:32.0002 4836 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
17:19:32.0018 4836 hkmsvc - ok
17:19:32.0080 4836 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:19:32.0096 4836 HomeGroupListener - ok
17:19:32.0112 4836 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:19:32.0112 4836 HomeGroupProvider - ok
17:19:32.0127 4836 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:19:32.0127 4836 HpSAMD - ok
17:19:32.0190 4836 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:19:32.0205 4836 HTTP - ok
17:19:32.0252 4836 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:19:32.0252 4836 hwpolicy - ok
17:19:32.0283 4836 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
17:19:32.0283 4836 i8042prt - ok
17:19:32.0330 4836 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:19:32.0330 4836 iaStorV - ok
17:19:32.0392 4836 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:19:32.0439 4836 idsvc - ok
17:19:32.0658 4836 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:19:32.0814 4836 igfx - ok
17:19:32.0829 4836 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
17:19:32.0829 4836 iirsp - ok
17:19:32.0892 4836 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
17:19:32.0892 4836 IKEEXT - ok
17:19:32.0970 4836 [ E9BEFD8C6A1DB3B544B61647DDA35F62 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
17:19:33.0001 4836 IntcAzAudAddService - ok
17:19:33.0016 4836 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
17:19:33.0016 4836 intelide - ok
17:19:33.0032 4836 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:19:33.0032 4836 intelppm - ok
17:19:33.0063 4836 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:19:33.0063 4836 IPBusEnum - ok
17:19:33.0110 4836 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:19:33.0110 4836 IpFilterDriver - ok
17:19:33.0157 4836 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:19:33.0157 4836 IPMIDRV - ok
17:19:33.0172 4836 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:19:33.0172 4836 IPNAT - ok
17:19:33.0204 4836 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:19:33.0219 4836 iPod Service - ok
17:19:33.0219 4836 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:19:33.0219 4836 IRENUM - ok
17:19:33.0235 4836 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:19:33.0235 4836 isapnp - ok
17:19:33.0282 4836 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:19:33.0282 4836 iScsiPrt - ok
17:19:33.0297 4836 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
17:19:33.0297 4836 kbdclass - ok
17:19:33.0313 4836 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:19:33.0313 4836 kbdhid - ok
17:19:33.0328 4836 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
17:19:33.0328 4836 KeyIso - ok
17:19:33.0344 4836 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:19:33.0360 4836 KSecDD - ok
17:19:33.0375 4836 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:19:33.0375 4836 KSecPkg - ok
17:19:33.0391 4836 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:19:33.0391 4836 ksthunk - ok
17:19:33.0453 4836 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:19:33.0469 4836 KtmRm - ok
17:19:33.0547 4836 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
17:19:33.0547 4836 LanmanServer - ok
17:19:33.0609 4836 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:19:33.0625 4836 LanmanWorkstation - ok
17:19:33.0656 4836 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:19:33.0656 4836 lltdio - ok
17:19:33.0687 4836 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:19:33.0703 4836 lltdsvc - ok
17:19:33.0718 4836 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:19:33.0734 4836 lmhosts - ok
17:19:33.0765 4836 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
17:19:33.0765 4836 LSI_FC - ok
17:19:33.0781 4836 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
17:19:33.0781 4836 LSI_SAS - ok
17:19:33.0796 4836 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
17:19:33.0796 4836 LSI_SAS2 - ok
17:19:33.0796 4836 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
17:19:33.0796 4836 LSI_SCSI - ok
17:19:33.0812 4836 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:19:33.0812 4836 luafv - ok
17:19:33.0859 4836 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
17:19:33.0859 4836 MBAMProtector - ok
17:19:33.0937 4836 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:19:33.0952 4836 MBAMScheduler - ok
17:19:33.0968 4836 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:19:33.0984 4836 MBAMService - ok
17:19:34.0030 4836 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:19:34.0030 4836 Mcx2Svc - ok
17:19:34.0062 4836 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
17:19:34.0062 4836 megasas - ok
17:19:34.0077 4836 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
17:19:34.0077 4836 MegaSR - ok
17:19:34.0093 4836 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:19:34.0093 4836 MMCSS - ok
17:19:34.0108 4836 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:19:34.0108 4836 Modem - ok
17:19:34.0108 4836 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:19:34.0108 4836 monitor - ok
17:19:34.0155 4836 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:19:34.0155 4836 mouclass - ok
17:19:34.0171 4836 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:19:34.0171 4836 mouhid - ok
17:19:34.0218 4836 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:19:34.0218 4836 mountmgr - ok
17:19:34.0218 4836 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
17:19:34.0233 4836 mpio - ok
17:19:34.0233 4836 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:19:34.0233 4836 mpsdrv - ok
17:19:34.0280 4836 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
17:19:34.0280 4836 MREMP50 - ok
17:19:34.0327 4836 [ C2758DF79C83A0D12A5599A040CA1818 ] MREMP50a64 C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
17:19:34.0327 4836 MREMP50a64 - ok
17:19:34.0327 4836 MREMPR5 - ok
17:19:34.0342 4836 MRENDIS5 - ok
17:19:34.0358 4836 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
17:19:34.0358 4836 MRESP50 - ok
17:19:34.0358 4836 [ 38BD5B32E0722752BE8465D2A6DA43D9 ] MRESP50a64 C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
17:19:34.0374 4836 MRESP50a64 - ok
17:19:34.0405 4836 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:19:34.0405 4836 MRxDAV - ok
17:19:34.0452 4836 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:19:34.0467 4836 mrxsmb - ok
17:19:34.0514 4836 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:19:34.0514 4836 mrxsmb10 - ok
17:19:34.0530 4836 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:19:34.0530 4836 mrxsmb20 - ok
17:19:34.0545 4836 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
17:19:34.0545 4836 msahci - ok
17:19:34.0592 4836 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:19:34.0592 4836 msdsm - ok
17:19:34.0623 4836 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:19:34.0639 4836 MSDTC - ok
17:19:34.0670 4836 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:19:34.0670 4836 Msfs - ok
17:19:34.0686 4836 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:19:34.0686 4836 mshidkmdf - ok
17:19:34.0732 4836 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:19:34.0732 4836 msisadrv - ok
17:19:34.0779 4836 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:19:34.0795 4836 MSiSCSI - ok
17:19:34.0810 4836 msiserver - ok
17:19:34.0826 4836 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:19:34.0826 4836 MSKSSRV - ok
17:19:34.0826 4836 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:19:34.0826 4836 MSPCLOCK - ok
17:19:34.0842 4836 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:19:34.0842 4836 MSPQM - ok
17:19:34.0888 4836 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:19:34.0888 4836 MsRPC - ok
17:19:34.0904 4836 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
17:19:34.0904 4836 mssmbios - ok
17:19:34.0920 4836 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:19:34.0920 4836 MSTEE - ok
17:19:34.0920 4836 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
17:19:34.0920 4836 MTConfig - ok
17:19:34.0935 4836 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:19:34.0935 4836 Mup - ok
17:19:34.0998 4836 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
17:19:34.0998 4836 napagent - ok
17:19:35.0044 4836 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:19:35.0044 4836 NativeWifiP - ok
17:19:35.0122 4836 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
17:19:35.0122 4836 NDIS - ok
17:19:35.0138 4836 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
Joshua Brown
Posts: 10 +0
Part 2
17:19:35.0138 4836 NdisCap - ok
17:19:35.0154 4836 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:19:35.0154 4836 NdisTapi - ok
17:19:35.0185 4836 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:19:35.0200 4836 Ndisuio - ok
17:19:35.0232 4836 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:19:35.0232 4836 NdisWan - ok
17:19:35.0278 4836 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:19:35.0278 4836 NDProxy - ok
17:19:35.0294 4836 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:19:35.0294 4836 NetBIOS - ok
17:19:35.0310 4836 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:19:35.0310 4836 NetBT - ok
17:19:35.0325 4836 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
17:19:35.0341 4836 Netlogon - ok
17:19:35.0372 4836 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:19:35.0372 4836 Netman - ok
17:19:35.0403 4836 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:19:35.0403 4836 netprofm - ok
17:19:35.0450 4836 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:19:35.0450 4836 NetTcpPortSharing - ok
17:19:35.0481 4836 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
17:19:35.0481 4836 nfrd960 - ok
17:19:35.0512 4836 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
17:19:35.0512 4836 NlaSvc - ok
17:19:35.0528 4836 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:19:35.0528 4836 Npfs - ok
17:19:35.0544 4836 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:19:35.0544 4836 nsi - ok
17:19:35.0559 4836 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:19:35.0559 4836 nsiproxy - ok
17:19:35.0622 4836 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:19:35.0668 4836 Ntfs - ok
17:19:35.0684 4836 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:19:35.0684 4836 Null - ok
17:19:35.0762 4836 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
17:19:35.0762 4836 NVHDA - ok
17:19:35.0996 4836 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
17:19:36.0183 4836 nvlddmkm - ok
17:19:36.0214 4836 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
17:19:36.0214 4836 nvraid - ok
17:19:36.0246 4836 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
17:19:36.0246 4836 nvstor - ok
17:19:36.0261 4836 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\windows\system32\nvvsvc.exe
17:19:36.0261 4836 nvsvc - ok
17:19:36.0370 4836 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:19:36.0386 4836 nvUpdatusService - ok
17:19:36.0448 4836 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:19:36.0448 4836 nv_agp - ok
17:19:36.0495 4836 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:19:36.0495 4836 ohci1394 - ok
17:19:36.0511 4836 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:19:36.0511 4836 p2pimsvc - ok
17:19:36.0558 4836 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:19:36.0558 4836 p2psvc - ok
17:19:36.0589 4836 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
17:19:36.0589 4836 Parport - ok
17:19:36.0636 4836 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
17:19:36.0636 4836 partmgr - ok
17:19:36.0651 4836 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:19:36.0651 4836 PcaSvc - ok
17:19:36.0682 4836 [ 9C049ACD0CB71931AF89E055427DFAC9 ] pcCMService C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
17:19:36.0682 4836 pcCMService - ok
17:19:36.0714 4836 [ D8C295D4F9D0DCC03DE7FF006C1F3034 ] pcCMService64 C:\Program Files\Common Files\Motive\pcCMService.exe
17:19:36.0729 4836 pcCMService64 - ok
17:19:36.0776 4836 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
17:19:36.0776 4836 pci - ok
17:19:36.0792 4836 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
17:19:36.0792 4836 pciide - ok
17:19:36.0807 4836 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
17:19:36.0807 4836 pcmcia - ok
17:19:36.0823 4836 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:19:36.0823 4836 pcw - ok
17:19:36.0854 4836 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:19:36.0854 4836 PEAUTH - ok
17:19:36.0916 4836 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:19:36.0916 4836 PerfHost - ok
17:19:36.0994 4836 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
17:19:37.0057 4836 pla - ok
17:19:37.0104 4836 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:19:37.0119 4836 PlugPlay - ok
17:19:37.0135 4836 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:19:37.0135 4836 PNRPAutoReg - ok
17:19:37.0150 4836 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:19:37.0166 4836 PNRPsvc - ok
17:19:37.0182 4836 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:19:37.0197 4836 PolicyAgent - ok
17:19:37.0213 4836 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:19:37.0213 4836 Power - ok
17:19:37.0260 4836 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:19:37.0260 4836 PptpMiniport - ok
17:19:37.0275 4836 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
17:19:37.0275 4836 Processor - ok
17:19:37.0338 4836 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
17:19:37.0353 4836 ProfSvc - ok
17:19:37.0369 4836 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:19:37.0369 4836 ProtectedStorage - ok
17:19:37.0416 4836 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:19:37.0416 4836 Psched - ok
17:19:37.0462 4836 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
17:19:37.0478 4836 ql2300 - ok
17:19:37.0494 4836 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
17:19:37.0509 4836 ql40xx - ok
17:19:37.0525 4836 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:19:37.0540 4836 QWAVE - ok
17:19:37.0540 4836 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:19:37.0556 4836 QWAVEdrv - ok
17:19:37.0572 4836 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:19:37.0572 4836 RasAcd - ok
17:19:37.0587 4836 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:19:37.0587 4836 RasAgileVpn - ok
17:19:37.0603 4836 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:19:37.0618 4836 RasAuto - ok
17:19:37.0634 4836 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:19:37.0634 4836 Rasl2tp - ok
17:19:37.0665 4836 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
17:19:37.0681 4836 RasMan - ok
17:19:37.0696 4836 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:19:37.0696 4836 RasPppoe - ok
17:19:37.0696 4836 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:19:37.0712 4836 RasSstp - ok
17:19:37.0712 4836 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:19:37.0728 4836 rdbss - ok
17:19:37.0728 4836 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
17:19:37.0728 4836 rdpbus - ok
17:19:37.0743 4836 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:19:37.0743 4836 RDPCDD - ok
17:19:37.0759 4836 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:19:37.0759 4836 RDPENCDD - ok
17:19:37.0774 4836 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:19:37.0774 4836 RDPREFMP - ok
17:19:37.0821 4836 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:19:37.0821 4836 RDPWD - ok
17:19:37.0884 4836 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:19:37.0884 4836 rdyboost - ok
17:19:37.0930 4836 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:19:37.0930 4836 RemoteAccess - ok
17:19:37.0946 4836 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:19:37.0962 4836 RemoteRegistry - ok
17:19:37.0977 4836 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:19:37.0977 4836 RpcEptMapper - ok
17:19:37.0977 4836 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:19:37.0977 4836 RpcLocator - ok
17:19:37.0993 4836 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
17:19:38.0008 4836 RpcSs - ok
17:19:38.0008 4836 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:19:38.0008 4836 rspndr - ok
17:19:38.0024 4836 [ 68DD0457D18FCCEF7384AE84022F0C86 ] RTL8023x64 C:\windows\system32\DRIVERS\Rtnic64.sys
17:19:38.0024 4836 RTL8023x64 - ok
17:19:38.0055 4836 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
17:19:38.0055 4836 RTL8167 - ok
17:19:38.0055 4836 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
17:19:38.0071 4836 SamSs - ok
17:19:38.0118 4836 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:19:38.0118 4836 SASDIFSV - ok
17:19:38.0164 4836 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:19:38.0180 4836 SASKUTIL - ok
17:19:38.0211 4836 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:19:38.0211 4836 sbp2port - ok
17:19:38.0242 4836 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:19:38.0258 4836 SCardSvr - ok
17:19:38.0320 4836 [ 741B338D675FE20B779E7EFFA55032FE ] SCDEmu C:\windows\system32\drivers\SCDEmu.sys
17:19:38.0320 4836 SCDEmu - ok
17:19:38.0367 4836 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:19:38.0367 4836 scfilter - ok
17:19:38.0461 4836 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
17:19:38.0476 4836 Schedule - ok
17:19:38.0523 4836 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
17:19:38.0523 4836 SCPolicySvc - ok
17:19:38.0539 4836 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:19:38.0554 4836 SDRSVC - ok
17:19:38.0586 4836 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:19:38.0586 4836 secdrv - ok
17:19:38.0632 4836 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
17:19:38.0632 4836 seclogon - ok
17:19:38.0648 4836 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
17:19:38.0648 4836 SENS - ok
17:19:38.0679 4836 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:19:38.0679 4836 SensrSvc - ok
17:19:38.0695 4836 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
17:19:38.0695 4836 Serenum - ok
17:19:38.0710 4836 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
17:19:38.0710 4836 Serial - ok
17:19:38.0726 4836 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
17:19:38.0726 4836 sermouse - ok
17:19:38.0773 4836 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
17:19:38.0788 4836 SessionEnv - ok
17:19:38.0851 4836 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:19:38.0851 4836 sffdisk - ok
17:19:38.0851 4836 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:19:38.0851 4836 sffp_mmc - ok
17:19:38.0866 4836 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:19:38.0866 4836 sffp_sd - ok
17:19:38.0882 4836 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
17:19:38.0882 4836 sfloppy - ok
17:19:38.0929 4836 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:19:38.0944 4836 ShellHWDetection - ok
17:19:38.0944 4836 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
17:19:38.0944 4836 SiSRaid2 - ok
17:19:38.0960 4836 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
17:19:38.0960 4836 SiSRaid4 - ok
17:19:39.0022 4836 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:19:39.0022 4836 SkypeUpdate - ok
17:19:39.0070 4836 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:19:39.0070 4836 Smb - ok
17:19:39.0086 4836 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:19:39.0101 4836 SNMPTRAP - ok
17:19:39.0101 4836 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:19:39.0101 4836 spldr - ok
17:19:39.0164 4836 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
17:19:39.0195 4836 Spooler - ok
17:19:39.0289 4836 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
17:19:39.0367 4836 sppsvc - ok
17:19:39.0398 4836 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:19:39.0398 4836 sppuinotify - ok
17:19:39.0445 4836 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
17:19:39.0445 4836 srv - ok
17:19:39.0460 4836 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:19:39.0476 4836 srv2 - ok
17:19:39.0476 4836 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:19:39.0476 4836 srvnet - ok
17:19:39.0507 4836 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:19:39.0523 4836 SSDPSRV - ok
17:19:39.0523 4836 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:19:39.0538 4836 SstpSvc - ok
17:19:39.0569 4836 Steam Client Service - ok
17:19:39.0679 4836 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:19:39.0679 4836 Stereo Service - ok
17:19:39.0694 4836 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
17:19:39.0694 4836 stexstor - ok
17:19:39.0757 4836 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
17:19:39.0772 4836 stisvc - ok
17:19:39.0803 4836 [ D310DA4BB3D61A52F8C50DDB1A62FF5E ] SuperIO C:\windows\system32\DRIVERS\spio.sys
17:19:39.0803 4836 SuperIO - ok
17:19:39.0850 4836 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
17:19:39.0850 4836 swenum - ok
17:19:39.0866 4836 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:19:39.0881 4836 swprv - ok
17:19:39.0975 4836 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
17:19:40.0006 4836 SysMain - ok
17:19:40.0053 4836 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:19:40.0069 4836 TabletInputService - ok
17:19:40.0115 4836 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
17:19:40.0115 4836 TapiSrv - ok
17:19:40.0147 4836 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:19:40.0147 4836 TBS - ok
17:19:40.0240 4836 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:19:40.0271 4836 Tcpip - ok
17:19:40.0303 4836 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:19:40.0318 4836 TCPIP6 - ok
17:19:40.0365 4836 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:19:40.0365 4836 tcpipreg - ok
17:19:40.0381 4836 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:19:40.0381 4836 TDPIPE - ok
17:19:40.0427 4836 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:19:40.0427 4836 TDTCP - ok
17:19:40.0490 4836 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:19:40.0490 4836 tdx - ok
17:19:40.0505 4836 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
17:19:40.0505 4836 TermDD - ok
17:19:40.0537 4836 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
17:19:40.0552 4836 TermService - ok
17:19:40.0568 4836 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:19:40.0583 4836 Themes - ok
17:19:40.0615 4836 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:19:40.0615 4836 THREADORDER - ok
17:19:40.0630 4836 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:19:40.0630 4836 TrkWks - ok
17:19:40.0661 4836 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:19:40.0661 4836 TrustedInstaller - ok
17:19:40.0677 4836 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:19:40.0677 4836 tssecsrv - ok
17:19:40.0708 4836 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:19:40.0708 4836 TsUsbFlt - ok
17:19:40.0771 4836 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:19:40.0771 4836 tunnel - ok
17:19:40.0802 4836 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
17:19:40.0802 4836 uagp35 - ok
17:19:40.0817 4836 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:19:40.0833 4836 udfs - ok
17:19:40.0849 4836 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:19:40.0864 4836 UI0Detect - ok
17:19:40.0895 4836 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:19:40.0895 4836 uliagpkx - ok
17:19:40.0942 4836 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:19:40.0942 4836 umbus - ok
17:19:40.0958 4836 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
17:19:40.0958 4836 UmPass - ok
17:19:40.0973 4836 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:19:40.0973 4836 upnphost - ok
17:19:41.0036 4836 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
17:19:41.0051 4836 USBAAPL64 - ok
17:19:41.0083 4836 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\drivers\usbccgp.sys
17:19:41.0083 4836 usbccgp - ok
17:19:41.0145 4836 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:19:41.0145 4836 usbcir - ok
17:19:41.0161 4836 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:19:41.0176 4836 usbehci - ok
17:19:41.0223 4836 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:19:41.0223 4836 usbhub - ok
17:19:41.0239 4836 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
17:19:41.0239 4836 usbohci - ok
17:19:41.0254 4836 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:19:41.0254 4836 usbprint - ok
17:19:41.0270 4836 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:19:41.0270 4836 USBSTOR - ok
17:19:41.0285 4836 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
17:19:41.0285 4836 usbuhci - ok
17:19:41.0301 4836 [ 88CE07826F25B851E824ED2E57106323 ] USTOR2K C:\windows\system32\DRIVERS\ustor2k.sys
17:19:41.0301 4836 USTOR2K - ok
17:19:41.0317 4836 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:19:41.0317 4836 UxSms - ok
17:19:41.0332 4836 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
17:19:41.0332 4836 VaultSvc - ok
17:19:41.0348 4836 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:19:41.0348 4836 vdrvroot - ok
17:19:41.0363 4836 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
17:19:41.0379 4836 vds - ok
17:19:41.0395 4836 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:19:41.0395 4836 vga - ok
17:19:41.0410 4836 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:19:41.0410 4836 VgaSave - ok
17:19:41.0426 4836 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:19:41.0426 4836 vhdmp - ok
17:19:41.0441 4836 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
17:19:41.0441 4836 viaide - ok
17:19:41.0457 4836 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:19:41.0457 4836 volmgr - ok
17:19:41.0488 4836 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:19:41.0504 4836 volmgrx - ok
17:19:41.0504 4836 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
17:19:41.0519 4836 volsnap - ok
17:19:41.0519 4836 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
17:19:41.0519 4836 vsmraid - ok
17:19:41.0597 4836 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
17:19:41.0629 4836 VSS - ok
17:19:41.0644 4836 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
17:19:41.0644 4836 vwifibus - ok
17:19:41.0675 4836 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:19:41.0675 4836 W32Time - ok
17:19:41.0707 4836 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
17:19:41.0707 4836 WacomPen - ok
17:19:41.0738 4836 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:19:41.0738 4836 WANARP - ok
17:19:41.0738 4836 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:19:41.0738 4836 Wanarpv6 - ok
17:19:41.0816 4836 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:19:41.0878 4836 WatAdminSvc - ok
17:19:41.0941 4836 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
17:19:41.0987 4836 wbengine - ok
17:19:42.0019 4836 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:19:42.0034 4836 WbioSrvc - ok
17:19:42.0081 4836 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
17:19:42.0081 4836 wcncsvc - ok
17:19:42.0097 4836 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:19:42.0112 4836 WcsPlugInService - ok
17:19:42.0112 4836 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
17:19:42.0128 4836 Wd - ok
17:19:42.0143 4836 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:19:42.0143 4836 Wdf01000 - ok
17:19:42.0159 4836 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:19:42.0159 4836 WdiServiceHost - ok
17:19:42.0175 4836 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:19:42.0175 4836 WdiSystemHost - ok
17:19:42.0190 4836 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
17:19:42.0206 4836 WebClient - ok
17:19:42.0206 4836 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:19:42.0221 4836 Wecsvc - ok
17:19:42.0221 4836 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:19:42.0237 4836 wercplsupport - ok
17:19:42.0253 4836 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:19:42.0268 4836 WerSvc - ok
17:19:42.0268 4836 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:19:42.0284 4836 WfpLwf - ok
17:19:42.0284 4836 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:19:42.0284 4836 WIMMount - ok
17:19:42.0284 4836 WinHttpAutoProxySvc - ok
17:19:42.0331 4836 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:19:42.0331 4836 Winmgmt - ok
17:19:42.0362 4836 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
17:19:42.0409 4836 WinRM - ok
17:19:42.0471 4836 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:19:42.0471 4836 WinUsb - ok
17:19:42.0502 4836 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:19:42.0502 4836 Wlansvc - ok
17:19:42.0549 4836 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:19:42.0549 4836 WmiAcpi - ok
17:19:42.0580 4836 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:19:42.0596 4836 wmiApSrv - ok
17:19:42.0611 4836 WMPNetworkSvc - ok
17:19:42.0627 4836 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:19:42.0627 4836 WPCSvc - ok
17:19:42.0674 4836 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:19:42.0674 4836 WPDBusEnum - ok
17:19:42.0689 4836 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:19:42.0689 4836 ws2ifsl - ok
17:19:42.0705 4836 WSearch - ok
17:19:42.0736 4836 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
17:19:42.0736 4836 wsvd - ok
17:19:42.0783 4836 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:19:42.0783 4836 WudfPf - ok
17:19:42.0845 4836 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:19:42.0845 4836 WUDFRd - ok
17:19:42.0892 4836 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:19:42.0892 4836 wudfsvc - ok
17:19:42.0923 4836 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:19:42.0923 4836 WwanSvc - ok
17:19:42.0955 4836 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys
17:19:42.0955 4836 yukonw7 - ok
17:19:42.0955 4836 ================ Scan global ===============================
17:19:42.0986 4836 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:19:43.0033 4836 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
17:19:43.0064 4836 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
17:19:43.0095 4836 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:19:43.0111 4836 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:19:43.0126 4836 [Global] - ok
17:19:43.0126 4836 ================ Scan MBR ==================================
17:19:43.0126 4836 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:19:43.0220 4836 \Device\Harddisk0\DR0 - ok
17:19:43.0220 4836 ================ Scan VBR ==================================
17:19:43.0220 4836 [ 2FB48A5ADEEF78B1E1E2F5DF24C9E9DF ] \Device\Harddisk0\DR0\Partition1
17:19:43.0235 4836 \Device\Harddisk0\DR0\Partition1 - ok
17:19:43.0235 4836 [ 611638F035BB18098798501CDDB615B4 ] \Device\Harddisk0\DR0\Partition2
17:19:43.0235 4836 \Device\Harddisk0\DR0\Partition2 - ok
17:19:43.0235 4836 ============================================================
17:19:43.0235 4836 Scan finished
17:19:43.0235 4836 ============================================================
17:19:43.0251 4944 Detected object count: 1
17:19:43.0251 4944 Actual detected object count: 1
17:19:48.0914 4944 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
17:19:48.0914 4944 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
17:19:35.0138 4836 NdisCap - ok
17:19:35.0154 4836 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:19:35.0154 4836 NdisTapi - ok
17:19:35.0185 4836 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:19:35.0200 4836 Ndisuio - ok
17:19:35.0232 4836 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:19:35.0232 4836 NdisWan - ok
17:19:35.0278 4836 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:19:35.0278 4836 NDProxy - ok
17:19:35.0294 4836 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:19:35.0294 4836 NetBIOS - ok
17:19:35.0310 4836 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:19:35.0310 4836 NetBT - ok
17:19:35.0325 4836 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
17:19:35.0341 4836 Netlogon - ok
17:19:35.0372 4836 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:19:35.0372 4836 Netman - ok
17:19:35.0403 4836 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:19:35.0403 4836 netprofm - ok
17:19:35.0450 4836 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:19:35.0450 4836 NetTcpPortSharing - ok
17:19:35.0481 4836 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
17:19:35.0481 4836 nfrd960 - ok
17:19:35.0512 4836 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
17:19:35.0512 4836 NlaSvc - ok
17:19:35.0528 4836 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:19:35.0528 4836 Npfs - ok
17:19:35.0544 4836 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:19:35.0544 4836 nsi - ok
17:19:35.0559 4836 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:19:35.0559 4836 nsiproxy - ok
17:19:35.0622 4836 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:19:35.0668 4836 Ntfs - ok
17:19:35.0684 4836 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:19:35.0684 4836 Null - ok
17:19:35.0762 4836 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
17:19:35.0762 4836 NVHDA - ok
17:19:35.0996 4836 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
17:19:36.0183 4836 nvlddmkm - ok
17:19:36.0214 4836 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
17:19:36.0214 4836 nvraid - ok
17:19:36.0246 4836 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
17:19:36.0246 4836 nvstor - ok
17:19:36.0261 4836 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\windows\system32\nvvsvc.exe
17:19:36.0261 4836 nvsvc - ok
17:19:36.0370 4836 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:19:36.0386 4836 nvUpdatusService - ok
17:19:36.0448 4836 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:19:36.0448 4836 nv_agp - ok
17:19:36.0495 4836 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:19:36.0495 4836 ohci1394 - ok
17:19:36.0511 4836 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:19:36.0511 4836 p2pimsvc - ok
17:19:36.0558 4836 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:19:36.0558 4836 p2psvc - ok
17:19:36.0589 4836 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
17:19:36.0589 4836 Parport - ok
17:19:36.0636 4836 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
17:19:36.0636 4836 partmgr - ok
17:19:36.0651 4836 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:19:36.0651 4836 PcaSvc - ok
17:19:36.0682 4836 [ 9C049ACD0CB71931AF89E055427DFAC9 ] pcCMService C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
17:19:36.0682 4836 pcCMService - ok
17:19:36.0714 4836 [ D8C295D4F9D0DCC03DE7FF006C1F3034 ] pcCMService64 C:\Program Files\Common Files\Motive\pcCMService.exe
17:19:36.0729 4836 pcCMService64 - ok
17:19:36.0776 4836 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
17:19:36.0776 4836 pci - ok
17:19:36.0792 4836 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
17:19:36.0792 4836 pciide - ok
17:19:36.0807 4836 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
17:19:36.0807 4836 pcmcia - ok
17:19:36.0823 4836 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:19:36.0823 4836 pcw - ok
17:19:36.0854 4836 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:19:36.0854 4836 PEAUTH - ok
17:19:36.0916 4836 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:19:36.0916 4836 PerfHost - ok
17:19:36.0994 4836 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
17:19:37.0057 4836 pla - ok
17:19:37.0104 4836 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:19:37.0119 4836 PlugPlay - ok
17:19:37.0135 4836 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:19:37.0135 4836 PNRPAutoReg - ok
17:19:37.0150 4836 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:19:37.0166 4836 PNRPsvc - ok
17:19:37.0182 4836 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:19:37.0197 4836 PolicyAgent - ok
17:19:37.0213 4836 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:19:37.0213 4836 Power - ok
17:19:37.0260 4836 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:19:37.0260 4836 PptpMiniport - ok
17:19:37.0275 4836 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
17:19:37.0275 4836 Processor - ok
17:19:37.0338 4836 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
17:19:37.0353 4836 ProfSvc - ok
17:19:37.0369 4836 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:19:37.0369 4836 ProtectedStorage - ok
17:19:37.0416 4836 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:19:37.0416 4836 Psched - ok
17:19:37.0462 4836 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
17:19:37.0478 4836 ql2300 - ok
17:19:37.0494 4836 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
17:19:37.0509 4836 ql40xx - ok
17:19:37.0525 4836 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:19:37.0540 4836 QWAVE - ok
17:19:37.0540 4836 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:19:37.0556 4836 QWAVEdrv - ok
17:19:37.0572 4836 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:19:37.0572 4836 RasAcd - ok
17:19:37.0587 4836 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:19:37.0587 4836 RasAgileVpn - ok
17:19:37.0603 4836 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:19:37.0618 4836 RasAuto - ok
17:19:37.0634 4836 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:19:37.0634 4836 Rasl2tp - ok
17:19:37.0665 4836 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
17:19:37.0681 4836 RasMan - ok
17:19:37.0696 4836 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:19:37.0696 4836 RasPppoe - ok
17:19:37.0696 4836 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:19:37.0712 4836 RasSstp - ok
17:19:37.0712 4836 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:19:37.0728 4836 rdbss - ok
17:19:37.0728 4836 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
17:19:37.0728 4836 rdpbus - ok
17:19:37.0743 4836 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:19:37.0743 4836 RDPCDD - ok
17:19:37.0759 4836 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:19:37.0759 4836 RDPENCDD - ok
17:19:37.0774 4836 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:19:37.0774 4836 RDPREFMP - ok
17:19:37.0821 4836 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:19:37.0821 4836 RDPWD - ok
17:19:37.0884 4836 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:19:37.0884 4836 rdyboost - ok
17:19:37.0930 4836 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:19:37.0930 4836 RemoteAccess - ok
17:19:37.0946 4836 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:19:37.0962 4836 RemoteRegistry - ok
17:19:37.0977 4836 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:19:37.0977 4836 RpcEptMapper - ok
17:19:37.0977 4836 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:19:37.0977 4836 RpcLocator - ok
17:19:37.0993 4836 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
17:19:38.0008 4836 RpcSs - ok
17:19:38.0008 4836 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:19:38.0008 4836 rspndr - ok
17:19:38.0024 4836 [ 68DD0457D18FCCEF7384AE84022F0C86 ] RTL8023x64 C:\windows\system32\DRIVERS\Rtnic64.sys
17:19:38.0024 4836 RTL8023x64 - ok
17:19:38.0055 4836 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
17:19:38.0055 4836 RTL8167 - ok
17:19:38.0055 4836 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
17:19:38.0071 4836 SamSs - ok
17:19:38.0118 4836 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:19:38.0118 4836 SASDIFSV - ok
17:19:38.0164 4836 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:19:38.0180 4836 SASKUTIL - ok
17:19:38.0211 4836 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:19:38.0211 4836 sbp2port - ok
17:19:38.0242 4836 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:19:38.0258 4836 SCardSvr - ok
17:19:38.0320 4836 [ 741B338D675FE20B779E7EFFA55032FE ] SCDEmu C:\windows\system32\drivers\SCDEmu.sys
17:19:38.0320 4836 SCDEmu - ok
17:19:38.0367 4836 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:19:38.0367 4836 scfilter - ok
17:19:38.0461 4836 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
17:19:38.0476 4836 Schedule - ok
17:19:38.0523 4836 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
17:19:38.0523 4836 SCPolicySvc - ok
17:19:38.0539 4836 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:19:38.0554 4836 SDRSVC - ok
17:19:38.0586 4836 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:19:38.0586 4836 secdrv - ok
17:19:38.0632 4836 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
17:19:38.0632 4836 seclogon - ok
17:19:38.0648 4836 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
17:19:38.0648 4836 SENS - ok
17:19:38.0679 4836 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:19:38.0679 4836 SensrSvc - ok
17:19:38.0695 4836 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
17:19:38.0695 4836 Serenum - ok
17:19:38.0710 4836 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
17:19:38.0710 4836 Serial - ok
17:19:38.0726 4836 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
17:19:38.0726 4836 sermouse - ok
17:19:38.0773 4836 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
17:19:38.0788 4836 SessionEnv - ok
17:19:38.0851 4836 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:19:38.0851 4836 sffdisk - ok
17:19:38.0851 4836 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:19:38.0851 4836 sffp_mmc - ok
17:19:38.0866 4836 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:19:38.0866 4836 sffp_sd - ok
17:19:38.0882 4836 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
17:19:38.0882 4836 sfloppy - ok
17:19:38.0929 4836 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:19:38.0944 4836 ShellHWDetection - ok
17:19:38.0944 4836 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
17:19:38.0944 4836 SiSRaid2 - ok
17:19:38.0960 4836 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
17:19:38.0960 4836 SiSRaid4 - ok
17:19:39.0022 4836 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:19:39.0022 4836 SkypeUpdate - ok
17:19:39.0070 4836 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:19:39.0070 4836 Smb - ok
17:19:39.0086 4836 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:19:39.0101 4836 SNMPTRAP - ok
17:19:39.0101 4836 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:19:39.0101 4836 spldr - ok
17:19:39.0164 4836 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
17:19:39.0195 4836 Spooler - ok
17:19:39.0289 4836 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
17:19:39.0367 4836 sppsvc - ok
17:19:39.0398 4836 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:19:39.0398 4836 sppuinotify - ok
17:19:39.0445 4836 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
17:19:39.0445 4836 srv - ok
17:19:39.0460 4836 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:19:39.0476 4836 srv2 - ok
17:19:39.0476 4836 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:19:39.0476 4836 srvnet - ok
17:19:39.0507 4836 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:19:39.0523 4836 SSDPSRV - ok
17:19:39.0523 4836 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:19:39.0538 4836 SstpSvc - ok
17:19:39.0569 4836 Steam Client Service - ok
17:19:39.0679 4836 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:19:39.0679 4836 Stereo Service - ok
17:19:39.0694 4836 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
17:19:39.0694 4836 stexstor - ok
17:19:39.0757 4836 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
17:19:39.0772 4836 stisvc - ok
17:19:39.0803 4836 [ D310DA4BB3D61A52F8C50DDB1A62FF5E ] SuperIO C:\windows\system32\DRIVERS\spio.sys
17:19:39.0803 4836 SuperIO - ok
17:19:39.0850 4836 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
17:19:39.0850 4836 swenum - ok
17:19:39.0866 4836 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:19:39.0881 4836 swprv - ok
17:19:39.0975 4836 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
17:19:40.0006 4836 SysMain - ok
17:19:40.0053 4836 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:19:40.0069 4836 TabletInputService - ok
17:19:40.0115 4836 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
17:19:40.0115 4836 TapiSrv - ok
17:19:40.0147 4836 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:19:40.0147 4836 TBS - ok
17:19:40.0240 4836 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:19:40.0271 4836 Tcpip - ok
17:19:40.0303 4836 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:19:40.0318 4836 TCPIP6 - ok
17:19:40.0365 4836 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:19:40.0365 4836 tcpipreg - ok
17:19:40.0381 4836 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:19:40.0381 4836 TDPIPE - ok
17:19:40.0427 4836 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:19:40.0427 4836 TDTCP - ok
17:19:40.0490 4836 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:19:40.0490 4836 tdx - ok
17:19:40.0505 4836 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
17:19:40.0505 4836 TermDD - ok
17:19:40.0537 4836 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
17:19:40.0552 4836 TermService - ok
17:19:40.0568 4836 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:19:40.0583 4836 Themes - ok
17:19:40.0615 4836 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:19:40.0615 4836 THREADORDER - ok
17:19:40.0630 4836 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:19:40.0630 4836 TrkWks - ok
17:19:40.0661 4836 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:19:40.0661 4836 TrustedInstaller - ok
17:19:40.0677 4836 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:19:40.0677 4836 tssecsrv - ok
17:19:40.0708 4836 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:19:40.0708 4836 TsUsbFlt - ok
17:19:40.0771 4836 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:19:40.0771 4836 tunnel - ok
17:19:40.0802 4836 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
17:19:40.0802 4836 uagp35 - ok
17:19:40.0817 4836 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:19:40.0833 4836 udfs - ok
17:19:40.0849 4836 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:19:40.0864 4836 UI0Detect - ok
17:19:40.0895 4836 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:19:40.0895 4836 uliagpkx - ok
17:19:40.0942 4836 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:19:40.0942 4836 umbus - ok
17:19:40.0958 4836 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
17:19:40.0958 4836 UmPass - ok
17:19:40.0973 4836 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:19:40.0973 4836 upnphost - ok
17:19:41.0036 4836 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
17:19:41.0051 4836 USBAAPL64 - ok
17:19:41.0083 4836 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\drivers\usbccgp.sys
17:19:41.0083 4836 usbccgp - ok
17:19:41.0145 4836 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:19:41.0145 4836 usbcir - ok
17:19:41.0161 4836 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:19:41.0176 4836 usbehci - ok
17:19:41.0223 4836 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:19:41.0223 4836 usbhub - ok
17:19:41.0239 4836 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
17:19:41.0239 4836 usbohci - ok
17:19:41.0254 4836 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:19:41.0254 4836 usbprint - ok
17:19:41.0270 4836 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:19:41.0270 4836 USBSTOR - ok
17:19:41.0285 4836 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
17:19:41.0285 4836 usbuhci - ok
17:19:41.0301 4836 [ 88CE07826F25B851E824ED2E57106323 ] USTOR2K C:\windows\system32\DRIVERS\ustor2k.sys
17:19:41.0301 4836 USTOR2K - ok
17:19:41.0317 4836 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:19:41.0317 4836 UxSms - ok
17:19:41.0332 4836 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
17:19:41.0332 4836 VaultSvc - ok
17:19:41.0348 4836 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:19:41.0348 4836 vdrvroot - ok
17:19:41.0363 4836 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
17:19:41.0379 4836 vds - ok
17:19:41.0395 4836 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:19:41.0395 4836 vga - ok
17:19:41.0410 4836 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:19:41.0410 4836 VgaSave - ok
17:19:41.0426 4836 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:19:41.0426 4836 vhdmp - ok
17:19:41.0441 4836 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
17:19:41.0441 4836 viaide - ok
17:19:41.0457 4836 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:19:41.0457 4836 volmgr - ok
17:19:41.0488 4836 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:19:41.0504 4836 volmgrx - ok
17:19:41.0504 4836 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
17:19:41.0519 4836 volsnap - ok
17:19:41.0519 4836 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
17:19:41.0519 4836 vsmraid - ok
17:19:41.0597 4836 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
17:19:41.0629 4836 VSS - ok
17:19:41.0644 4836 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
17:19:41.0644 4836 vwifibus - ok
17:19:41.0675 4836 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:19:41.0675 4836 W32Time - ok
17:19:41.0707 4836 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
17:19:41.0707 4836 WacomPen - ok
17:19:41.0738 4836 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:19:41.0738 4836 WANARP - ok
17:19:41.0738 4836 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:19:41.0738 4836 Wanarpv6 - ok
17:19:41.0816 4836 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:19:41.0878 4836 WatAdminSvc - ok
17:19:41.0941 4836 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
17:19:41.0987 4836 wbengine - ok
17:19:42.0019 4836 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:19:42.0034 4836 WbioSrvc - ok
17:19:42.0081 4836 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
17:19:42.0081 4836 wcncsvc - ok
17:19:42.0097 4836 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:19:42.0112 4836 WcsPlugInService - ok
17:19:42.0112 4836 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
17:19:42.0128 4836 Wd - ok
17:19:42.0143 4836 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:19:42.0143 4836 Wdf01000 - ok
17:19:42.0159 4836 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:19:42.0159 4836 WdiServiceHost - ok
17:19:42.0175 4836 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:19:42.0175 4836 WdiSystemHost - ok
17:19:42.0190 4836 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
17:19:42.0206 4836 WebClient - ok
17:19:42.0206 4836 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:19:42.0221 4836 Wecsvc - ok
17:19:42.0221 4836 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:19:42.0237 4836 wercplsupport - ok
17:19:42.0253 4836 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:19:42.0268 4836 WerSvc - ok
17:19:42.0268 4836 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:19:42.0284 4836 WfpLwf - ok
17:19:42.0284 4836 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:19:42.0284 4836 WIMMount - ok
17:19:42.0284 4836 WinHttpAutoProxySvc - ok
17:19:42.0331 4836 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:19:42.0331 4836 Winmgmt - ok
17:19:42.0362 4836 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
17:19:42.0409 4836 WinRM - ok
17:19:42.0471 4836 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:19:42.0471 4836 WinUsb - ok
17:19:42.0502 4836 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:19:42.0502 4836 Wlansvc - ok
17:19:42.0549 4836 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:19:42.0549 4836 WmiAcpi - ok
17:19:42.0580 4836 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:19:42.0596 4836 wmiApSrv - ok
17:19:42.0611 4836 WMPNetworkSvc - ok
17:19:42.0627 4836 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:19:42.0627 4836 WPCSvc - ok
17:19:42.0674 4836 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:19:42.0674 4836 WPDBusEnum - ok
17:19:42.0689 4836 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:19:42.0689 4836 ws2ifsl - ok
17:19:42.0705 4836 WSearch - ok
17:19:42.0736 4836 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
17:19:42.0736 4836 wsvd - ok
17:19:42.0783 4836 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:19:42.0783 4836 WudfPf - ok
17:19:42.0845 4836 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:19:42.0845 4836 WUDFRd - ok
17:19:42.0892 4836 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:19:42.0892 4836 wudfsvc - ok
17:19:42.0923 4836 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:19:42.0923 4836 WwanSvc - ok
17:19:42.0955 4836 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys
17:19:42.0955 4836 yukonw7 - ok
17:19:42.0955 4836 ================ Scan global ===============================
17:19:42.0986 4836 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:19:43.0033 4836 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
17:19:43.0064 4836 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
17:19:43.0095 4836 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:19:43.0111 4836 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:19:43.0126 4836 [Global] - ok
17:19:43.0126 4836 ================ Scan MBR ==================================
17:19:43.0126 4836 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:19:43.0220 4836 \Device\Harddisk0\DR0 - ok
17:19:43.0220 4836 ================ Scan VBR ==================================
17:19:43.0220 4836 [ 2FB48A5ADEEF78B1E1E2F5DF24C9E9DF ] \Device\Harddisk0\DR0\Partition1
17:19:43.0235 4836 \Device\Harddisk0\DR0\Partition1 - ok
17:19:43.0235 4836 [ 611638F035BB18098798501CDDB615B4 ] \Device\Harddisk0\DR0\Partition2
17:19:43.0235 4836 \Device\Harddisk0\DR0\Partition2 - ok
17:19:43.0235 4836 ============================================================
17:19:43.0235 4836 Scan finished
17:19:43.0235 4836 ============================================================
17:19:43.0251 4944 Detected object count: 1
17:19:43.0251 4944 Actual detected object count: 1
17:19:48.0914 4944 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
17:19:48.0914 4944 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
Joshua Brown
Posts: 10 +0
Rogue Scan
RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Josh [Admin rights]
Mode : Remove -- Date : 10/04/2012 17:29:11
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 12 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : Unattend0000000001{BFA3D12B-66DD-4617-923A-E864BC7D20B5} (C:\Windows\test.bat) -> DELETED
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\Run : PWRISOVM.EXE (C:\Users\Josh\Desktop\PowerISO\PWRISOVM.EXE -startup) -> DELETED
[TASK][SUSP PATH] IHUninstallTrackingTASK : CMD /C DEL C:\Users\Josh\AppData\Local\Temp\IHU56BC.tmp.exe -> DELETED
[TASK][SUSP PATH] {122C963F-4FB4-4EFF-93F1-387FB9925612} : C:\windows\system32\pcalua.exe -a "C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B9QN542A\Bow_&_Arrow_Shareware_Setup.exe" -d C:\Users\Josh\Desktop -> DELETED
[TASK][SUSP PATH] {989CFAE9-38A8-4DB8-B23F-146FC4B2F46D} : C:\windows\system32\pcalua.exe -a "C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VICU319S\avira_antivirus_premium.exe" -d C:\Users\Josh\Desktop -> DELETED
[TASK][SUSP PATH] {B25B961E-2B9E-416B-BECE-E1C8149E5982} : C:\windows\system32\pcalua.exe -a C:\Users\Josh\Desktop\OfficialAresSetup.exe -d C:\Users\Josh\Desktop -> DELETED
[STARTUP][SUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> DELETED
[STARTUP][SUSP PATH] Best Buy pc app.lnk @UpdatusUser : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\n.) -> REPLACED (C:\windows\system32\wbem\fastprox.dll)
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\@ --> REMOVED
[Del.Parent][FILE] 00000001.@ : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ --> REMOVED
[Del.Parent][FILE] 80000000.@ : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\80000000.@ --> REMOVED
[Del.Parent][FILE] 800000cb.@ : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\800000cb.@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\L --> REMOVED
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST31000528AS ATA Device +++++
--- User ---
[MBR] 12690e6ff1f7a0cdfe5158a184672c8e
[BSP] 5c5f63ae5db351265c77b868f0c02f57 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 928093 Mo
2 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1900941312 | Size: 25675 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Josh [Admin rights]
Mode : Remove -- Date : 10/04/2012 17:29:11
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 12 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : Unattend0000000001{BFA3D12B-66DD-4617-923A-E864BC7D20B5} (C:\Windows\test.bat) -> DELETED
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\Run : PWRISOVM.EXE (C:\Users\Josh\Desktop\PowerISO\PWRISOVM.EXE -startup) -> DELETED
[TASK][SUSP PATH] IHUninstallTrackingTASK : CMD /C DEL C:\Users\Josh\AppData\Local\Temp\IHU56BC.tmp.exe -> DELETED
[TASK][SUSP PATH] {122C963F-4FB4-4EFF-93F1-387FB9925612} : C:\windows\system32\pcalua.exe -a "C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B9QN542A\Bow_&_Arrow_Shareware_Setup.exe" -d C:\Users\Josh\Desktop -> DELETED
[TASK][SUSP PATH] {989CFAE9-38A8-4DB8-B23F-146FC4B2F46D} : C:\windows\system32\pcalua.exe -a "C:\Users\Josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VICU319S\avira_antivirus_premium.exe" -d C:\Users\Josh\Desktop -> DELETED
[TASK][SUSP PATH] {B25B961E-2B9E-416B-BECE-E1C8149E5982} : C:\windows\system32\pcalua.exe -a C:\Users\Josh\Desktop\OfficialAresSetup.exe -d C:\Users\Josh\Desktop -> DELETED
[STARTUP][SUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> DELETED
[STARTUP][SUSP PATH] Best Buy pc app.lnk @UpdatusUser : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\n.) -> REPLACED (C:\windows\system32\wbem\fastprox.dll)
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\@ --> REMOVED
[Del.Parent][FILE] 00000001.@ : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\00000001.@ --> REMOVED
[Del.Parent][FILE] 80000000.@ : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\80000000.@ --> REMOVED
[Del.Parent][FILE] 800000cb.@ : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U\800000cb.@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-18\$333e1fddb37adcd54ec57f8820eb2329\L --> REMOVED
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST31000528AS ATA Device +++++
--- User ---
[MBR] 12690e6ff1f7a0cdfe5158a184672c8e
[BSP] 5c5f63ae5db351265c77b868f0c02f57 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 928093 Mo
2 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1900941312 | Size: 25675 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Joshua Brown
Posts: 10 +0
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-04 17:31:03
-----------------------------
17:31:03.956 OS Version: Windows x64 6.1.7601 Service Pack 1
17:31:03.956 Number of processors: 2 586 0x170A
17:31:03.956 ComputerName: JOSH-PC UserName: Josh
17:31:05.032 Initialize success
17:31:58.965 AVAST engine defs: 12100400
17:32:12.069 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:32:12.085 Disk 0 Vendor: ST31000528AS CC68 Size: 953869MB BusType: 11
17:32:12.116 Disk 0 MBR read successfully
17:32:12.116 Disk 0 MBR scan
17:32:12.116 Disk 0 Windows 7 default MBR code
17:32:12.132 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:32:12.147 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 928093 MB offset 206848
17:32:12.179 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 1900941312
17:32:12.225 Disk 0 scanning C:\windows\system32\drivers
17:32:23.972 Service scanning
17:32:43.503 Modules scanning
17:32:43.503 Disk 0 trace - called modules:
17:32:43.550 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:32:44.065 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c67650]
17:32:44.065 3 CLASSPNP.SYS[fffff880018e043f] -> nt!IofCallDriver -> [0xfffffa80046e31e0]
17:32:44.081 5 ACPI.sys[fffff88000f637a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800471f060]
17:32:47.637 AVAST engine scan C:\windows
17:32:51.771 AVAST engine scan C:\windows\system32
17:37:01.239 AVAST engine scan C:\windows\system32\drivers
17:37:17.479 AVAST engine scan C:\Users\Josh
17:46:24.664 Disk 0 MBR has been saved successfully to "C:\Users\Josh\Desktop\MBR.dat"
17:46:24.680 The log file has been saved successfully to "C:\Users\Josh\Desktop\aswMBR.txt"
Run date: 2012-10-04 17:31:03
-----------------------------
17:31:03.956 OS Version: Windows x64 6.1.7601 Service Pack 1
17:31:03.956 Number of processors: 2 586 0x170A
17:31:03.956 ComputerName: JOSH-PC UserName: Josh
17:31:05.032 Initialize success
17:31:58.965 AVAST engine defs: 12100400
17:32:12.069 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:32:12.085 Disk 0 Vendor: ST31000528AS CC68 Size: 953869MB BusType: 11
17:32:12.116 Disk 0 MBR read successfully
17:32:12.116 Disk 0 MBR scan
17:32:12.116 Disk 0 Windows 7 default MBR code
17:32:12.132 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:32:12.147 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 928093 MB offset 206848
17:32:12.179 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 1900941312
17:32:12.225 Disk 0 scanning C:\windows\system32\drivers
17:32:23.972 Service scanning
17:32:43.503 Modules scanning
17:32:43.503 Disk 0 trace - called modules:
17:32:43.550 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:32:44.065 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c67650]
17:32:44.065 3 CLASSPNP.SYS[fffff880018e043f] -> nt!IofCallDriver -> [0xfffffa80046e31e0]
17:32:44.081 5 ACPI.sys[fffff88000f637a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800471f060]
17:32:47.637 AVAST engine scan C:\windows
17:32:51.771 AVAST engine scan C:\windows\system32
17:37:01.239 AVAST engine scan C:\windows\system32\drivers
17:37:17.479 AVAST engine scan C:\Users\Josh
17:46:24.664 Disk 0 MBR has been saved successfully to "C:\Users\Josh\Desktop\MBR.dat"
17:46:24.680 The log file has been saved successfully to "C:\Users\Josh\Desktop\aswMBR.txt"
Broni
Posts: 56,041 +516
For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.
Plug the flashdrive into the infected PC.
Enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
To enter System Recovery Options by using Windows installation disc:
On the System Recovery Options menu you will get the following options:
Next...
Re-run FRST again.
Type the following in the edit box after "Search:".
services.exe
Click Search button and post the log (Search.txt) it makes in your reply.
I'll expect two logs:
- FRST.txt
- Search.txt
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.
Plug the flashdrive into the infected PC.
Enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
- Restart the computer.
- As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
- Use the arrow keys to select the Repair your computer menu item.
- Select US as the keyboard language settings, and then click Next.
- Select the operating system you want to repair, and then click Next.
- Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
- Insert the installation disc.
- Restart your computer.
- If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
- Click Repair your computer.
- Select US as the keyboard language settings, and then click Next.
- Select the operating system you want to repair, and then click Next.
- Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
- Select Command Prompt
- In the command window type in notepad and press Enter.
- The notepad opens. Under File menu select Open.
- Select "Computer" and find your flash drive letter and close the notepad.
- In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive. - The tool will start to run.
- When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
Next...
Re-run FRST again.
Type the following in the edit box after "Search:".
services.exe
Click Search button and post the log (Search.txt) it makes in your reply.
I'll expect two logs:
- FRST.txt
- Search.txt
Joshua Brown
Posts: 10 +0
If I dont have a flashdrive can I burn it on a disk?? I dont have a W7 disc it was already installed on the computer when bought
- Status
