TechSpot

Sudden speed decrease take 2

Inactive
By James G
Oct 9, 2012
  1. Malwarebytes Anti-Malware (Trial) 1.65.0.1400
    www.malwarebytes.org

    Database version: v2012.10.09.11

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    James :: JAMES-PC [administrator]

    Protection: Enabled

    10/9/2012 8:50:11 PM
    mbam-log-2012-10-09 (20-50-11).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 311543
    Time elapsed: 11 minute(s), 37 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
  2. James G

    James G Newcomer, in training Topic Starter Posts: 48

    No GMER log onto DDS



    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by James at 21:28:09 on 2012-10-09
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4066.2141 [GMT -4:00]
    .
    AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
    SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Tablet\Pen\Pen_TouchService.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
    C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k WbioSvcGroup
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe
    C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
    C:\Program Files (x86)\WSED\WSED.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe
    C:\Program Files (x86)\Infineon\Security Platform Software\SpTna.exe
    C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Secunia\PSI\sua.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.msn.com
    mStart Page = hxxp://www.msn.com
    BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    BHO: EgisPBIE Sign-in Helper: {7b51ccbe-4af9-44a6-bdab-d7f7e4c4e6f9} - C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [IFXSPMGT] "C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe" /NotifyLogon
    mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
    mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
    mRun: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run
    mRun: [WSED] C:\Program Files (x86)\WSED\WSED.exe
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    mRun: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{B8B6929E-F570-4FB6-BA4B-9EB1F8805F8D} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{C96D66C6-6118-4052-BFAF-FB25306E8570} : DhcpNameServer = 10.0.0.2
    BHO-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    BHO-X64: Ad-Aware Security Toolbar - No File
    BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    BHO-X64: Search Helper - No File
    BHO-X64: EgisPBIE Sign-in Helper: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll
    BHO-X64: EgisPBIE - No File
    BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    mRun-x64: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun-x64: [IFXSPMGT] "C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe" /NotifyLogon
    mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
    mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
    mRun-x64: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run
    mRun-x64: [WSED] C:\Program Files (x86)\WSED\WSED.exe
    mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    mRun-x64: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\my2whn7b.default\
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 EMSC;COMPAL Embedded System Control;C:\Windows\System32\drivers\EMSC.sys [2009-6-26 13680]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\system32\DRIVERS\iusb3hcs.sys --> C:\Windows\system32\DRIVERS\iusb3hcs.sys [?]
    R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
    R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
    R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
    R1 PersonalSecureDrive;PersonalSecureDrive;C:\Windows\system32\drivers\psd.sys --> C:\Windows\system32\drivers\psd.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-7-12 1239952]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-19 1014096]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-19 1104208]
    R2 EgisTec Service;EgisTec Service;C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe [2011-10-26 704048]
    R2 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-10-26 646704]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-9-6 13592]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-9-6 128280]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-9-6 161560]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-9 399432]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-9 676936]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-9-6 2458944]
    R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]
    R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-7-25 1326176]
    R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-7-25 681056]
    R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2012-9-16 5790064]
    R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2012-9-16 487280]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-9-6 363800]
    R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\system32\DRIVERS\ATSwpWDF.sys --> C:\Windows\system32\DRIVERS\ATSwpWDF.sys [?]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-19 1304912]
    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
    R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
    R3 ibtfltcoex;ibtfltcoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\iusb3hub.sys --> C:\Windows\system32\DRIVERS\iusb3hub.sys [?]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\DRIVERS\iusb3xhc.sys --> C:\Windows\system32\DRIVERS\iusb3xhc.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
    R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys --> C:\Windows\system32\Drivers\RtsUVStor.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    S1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-10-26 101112]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-9-14 114144]
    S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
    S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-10-10 00:47:19 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-10-10 00:47:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-10-05 01:46:00 -------- d-----w- C:\Users\James\AppData\Local\Secunia PSI
    2012-10-05 01:45:53 -------- d-----w- C:\Program Files (x86)\Secunia
    2012-09-26 20:40:34 -------- d-----w- C:\Program Files (x86)\ESET
    2012-09-25 00:41:22 -------- d-----w- C:\$RECYCLE.BIN
    2012-09-19 01:02:18 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
    2012-09-18 01:22:47 -------- d-----w- C:\Users\James\AppData\Roaming\Malwarebytes
    2012-09-18 01:22:19 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-09-16 23:24:18 -------- d-----w- C:\Users\James\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
    2012-09-16 23:24:18 -------- d-----w- C:\ProgramData\Wacom
    2012-09-16 23:24:16 -------- d-----w- C:\Users\James\AppData\Roaming\Wacom
    2012-09-16 23:23:43 -------- d-----w- C:\Program Files (x86)\Bamboo Dock
    2012-09-16 23:18:14 642928 ------w- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
    2012-09-16 23:18:14 -------- d-----w- C:\Users\James\AppData\Roaming\WTablet
    2012-09-16 23:18:12 749936 ------w- C:\Windows\System32\Pen_Touch_Tablet.dll
    2012-09-16 23:18:02 -------- d-----w- C:\Program Files (x86)\TabletPlugins
    2012-09-16 23:17:04 18288 ----a-w- C:\Windows\System32\drivers\wacmoumonitor.sys
    2012-09-16 23:17:02 12848 ----a-w- C:\Windows\System32\drivers\wacommousefilter.sys
    2012-09-16 23:16:58 16168 ----a-w- C:\Windows\System32\drivers\wacomvhid.sys
    2012-09-16 23:16:55 506736 ------w- C:\Windows\SysWow64\Wintab32.dll
    2012-09-16 23:16:54 600432 ------w- C:\Windows\System32\Wintab32.dll
    2012-09-16 23:16:53 756592 ------w- C:\Windows\System32\Pen_Tablet.dll
    2012-09-16 23:16:53 650096 ------w- C:\Windows\SysWow64\Pen_Tablet.dll
    2012-09-16 23:16:38 -------- d-----w- C:\Program Files\Tablet
    2012-09-16 20:24:08 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus
    2012-09-16 18:48:46 -------- d-----w- C:\Users\James\AppData\Local\adaware
    2012-09-16 18:48:39 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys
    2012-09-16 18:48:39 57976 ----a-w- C:\Windows\System32\drivers\sbredrv.sys
    2012-09-16 18:48:39 45936 ----a-w- C:\Windows\System32\sbbd.exe
    2012-09-16 18:48:38 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
    2012-09-16 18:43:44 -------- d-----w- C:\Users\James\AppData\Roaming\Ad-Aware Antivirus
    2012-09-16 18:37:45 -------- d-----w- C:\ProgramData\GFI Software
    2012-09-16 17:55:27 -------- d-----w- C:\Users\James\AppData\Local\Downloaded Installations
    2012-09-16 17:50:19 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-09-16 17:50:19 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-09-16 17:50:18 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-09-16 17:50:07 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
    2012-09-16 17:50:07 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2012-09-16 17:50:07 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2012-09-16 17:42:50 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
    2012-09-16 17:42:50 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
    2012-09-16 17:42:18 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-09-16 17:42:18 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-09-16 17:42:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2012-09-16 17:42:18 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-09-16 17:36:04 -------- d-----w- C:\Users\James\AppData\Local\adawarebp
    2012-09-16 17:36:04 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
    2012-09-16 17:36:04 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
    2012-09-16 17:36:03 -------- d-----w- C:\Program Files (x86)\adawaretb
    2012-09-16 17:29:52 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
    2012-09-16 17:29:51 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
    2012-09-16 17:29:49 142336 ----a-w- C:\Windows\System32\poqexec.exe
    2012-09-16 17:29:49 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
    2012-09-16 17:29:37 961024 ----a-w- C:\Windows\System32\CPFilters.dll
    2012-09-16 17:29:37 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
    2012-09-16 17:29:37 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
    2012-09-16 17:29:37 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
    2012-09-16 17:29:37 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
    2012-09-16 17:29:37 1118720 ----a-w- C:\Windows\System32\sbe.dll
    2012-09-16 17:27:29 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
    2012-09-16 17:27:28 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2012-09-16 17:27:28 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
    2012-09-16 17:27:28 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
    2012-09-16 17:25:13 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
    2012-09-16 17:25:13 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
    2012-09-16 17:25:13 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
    2012-09-16 17:24:10 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
    2012-09-16 17:24:10 613888 ----a-w- C:\Windows\System32\psisdecd.dll
    2012-09-16 17:24:10 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
    2012-09-16 17:24:10 108032 ----a-w- C:\Windows\System32\psisrndr.ax
    2012-09-16 17:24:04 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-09-16 17:24:00 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
    2012-09-16 17:17:38 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
    2012-09-16 17:17:37 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2012-09-16 17:17:36 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
    2012-09-16 17:17:22 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
    2012-09-16 17:17:22 634880 ----a-w- C:\Windows\System32\msvcrt.dll
    2012-09-16 17:17:12 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-09-16 17:16:45 956928 ----a-w- C:\Windows\System32\localspl.dll
    2012-09-16 17:16:35 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
    2012-09-16 17:16:33 861696 ----a-w- C:\Windows\System32\oleaut32.dll
    2012-09-16 17:16:33 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
    2012-09-16 17:16:33 331776 ----a-w- C:\Windows\System32\oleacc.dll
    2012-09-16 17:16:33 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
    2012-09-16 17:16:27 723456 ----a-w- C:\Windows\System32\EncDec.dll
    2012-09-16 17:16:27 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
    2012-09-16 17:16:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2012-09-16 17:16:11 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-09-16 17:13:43 1731920 ----a-w- C:\Windows\System32\ntdll.dll
    2012-09-16 17:13:43 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2012-09-16 07:03:29 81408 ----a-w- C:\Windows\System32\imagehlp.dll
    2012-09-16 07:03:29 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
    2012-09-16 07:03:29 5120 ----a-w- C:\Windows\System32\wmi.dll
    2012-09-16 07:03:29 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
    2012-09-16 07:03:29 220672 ----a-w- C:\Windows\System32\wintrust.dll
    2012-09-16 07:03:29 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2012-09-16 07:03:29 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
    2012-09-16 06:48:05 77312 ----a-w- C:\Windows\System32\packager.dll
    2012-09-16 06:48:05 67072 ----a-w- C:\Windows\SysWow64\packager.dll
    2012-09-16 05:27:45 -------- d-----w- C:\Users\James\AppData\Local\Diagnostics
    2012-09-15 23:00:22 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
    2012-09-15 23:00:22 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
    2012-09-15 23:00:22 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
    2012-09-15 23:00:22 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
    2012-09-15 23:00:22 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
    2012-09-14 21:42:29 -------- d-----w- C:\Users\James\AppData\Roaming\NVIDIA
    2012-09-14 21:42:11 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
    2012-09-14 21:38:48 -------- d-----w- C:\Users\James\AppData\Local\Adobe
    2012-09-14 15:50:07 -------- d-----w- C:\Users\James\AppData\Local\Macromedia
    2012-09-14 15:49:33 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-09-14 15:49:33 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-09-14 14:24:42 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-09-14 14:24:42 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-09-14 14:24:42 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    2012-09-14 14:23:32 -------- d-----w- C:\Users\James\AppData\Roaming\Intel Corporation
    .
    ==================== Find3M ====================
    .
    2012-09-06 21:45:19 62776 ----a-w- C:\Windows\System32\drivers\mwlPSDVDisk.sys
    2012-09-06 21:45:19 22648 ----a-w- C:\Windows\System32\drivers\mwlPSDFilter.sys
    2012-09-06 21:45:19 20520 ----a-w- C:\Windows\System32\drivers\mwlPSDNserv.sys
    2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
    2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    .
    ============= FINISH: 21:28:25.33 ===============
  3. James G

    James G Newcomer, in training Topic Starter Posts: 48

    Attach txt

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 9/14/2012 10:22:15 AM
    System Uptime: 10/9/2012 8:47:49 PM (1 hours ago)
    .
    Motherboard: Compal | | Type2 - Board Product Name1
    Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz | U3E1 | 2301/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 223 GiB total, 186.648 GiB free.
    D: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP11: 9/16/2012 9:11:24 PM - Windows Update
    RP12: 9/18/2012 9:02:06 PM - Windows Update
    RP13: 9/24/2012 8:38:05 PM - ComboFix created restore point
    RP14: 9/26/2012 3:08:01 PM - Windows Update
    RP15: 9/26/2012 7:09:17 PM - OTL Restore Point - 9/26/2012 7:09:17 PM
    RP16: 10/6/2012 3:15:58 PM - Scheduled Checkpoint
    .
    ==== Installed Programs ======================
    .
    Ad-Aware Antivirus
    Ad-Aware Browsing Protection
    Ad-Aware Security Toolbar
    Adobe AIR
    Adobe Flash Player 11 Plugin
    Adobe Photoshop CS6
    Alcor Micro Smart Card Reader Driver
    AveoCap
    Bamboo
    Bamboo Dock
    Bamboo Dock 3.3
    BioExcess
    EMSC
    ESET Online Scanner v3
    Intel(R) Manageability Engine Firmware Recovery Agent
    Intel(R) Management Engine Components
    Intel(R) Rapid Storage Technology
    Intel(R) USB 3.0 eXtensible Host Controller Driver
    Junk Mail filter update
    Malwarebytes Anti-Malware version 1.65.0.1400
    Microsoft Choice Guard
    Microsoft Office 2010
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft_VC80_CRT_x86
    Microsoft_VC90_CRT_x86
    Mozilla Firefox 15.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NVIDIA PhysX
    PDF Settings CS6
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Card Reader
    Secunia PSI (3.0.0.3001)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    WebTablet IE Plugin
    WebTablet Netscape Plugin
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Wireless enable/disable
    WSED
    .
    ==== End Of File ===========================
  4. Broni

    Broni Malware Annihilator Posts: 46,479   +252

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===========================

    You're not saying what your computer problems are.
  5. James G

    James G Newcomer, in training Topic Starter Posts: 48

    Oh sorry, I thought I had written something in this thread that told you I was coming from this other thread.

    http://www.techspot.com/community/t...-suspected-malware.185394/page-2#post-1239621

    My trouble is that for the last 3 days my internet speed has slowed dramatically and stopped fully loading pages, sometimes just continuing to load even when the page seems to have loaded fully or to an extent that all of the pages small, quickly loading features, have appeared. I also noticed while backing up some files to a hard drive that the files did not copy quickly having trouble or completely coming to a halt which shouldn't happen in normal functioning. The internet connection reports that it's running at 54 mbps and yet I cannot load speed test pages or if I do they are very slow.

    Thank you.
  6. Broni

    Broni Malware Annihilator Posts: 46,479   +252

    We can run some more checks...

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

    ============================

    • Download RogueKiller on the desktop
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    ==============================

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it..
  7. James G

    James G Newcomer, in training Topic Starter Posts: 48

    20:03:48.0030 6120 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
    20:03:48.0454 6120 ============================================================
    20:03:48.0454 6120 Current date / time: 2012/10/10 20:03:48.0454
    20:03:48.0454 6120 SystemInfo:
    20:03:48.0454 6120
    20:03:48.0454 6120 OS Version: 6.1.7601 ServicePack: 1.0
    20:03:48.0454 6120 Product type: Workstation
    20:03:48.0454 6120 ComputerName: JAMES-PC
    20:03:48.0454 6120 UserName: James
    20:03:48.0454 6120 Windows directory: C:\Windows
    20:03:48.0454 6120 System windows directory: C:\Windows
    20:03:48.0454 6120 Running under WOW64
    20:03:48.0454 6120 Processor architecture: Intel x64
    20:03:48.0454 6120 Number of processors: 8
    20:03:48.0454 6120 Page size: 0x1000
    20:03:48.0454 6120 Boot type: Normal boot
    20:03:48.0454 6120 ============================================================
    20:03:48.0671 6120 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    20:03:48.0675 6120 ============================================================
    20:03:48.0675 6120 \Device\Harddisk0\DR0:
    20:03:48.0675 6120 MBR partitions:
    20:03:48.0675 6120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    20:03:48.0675 6120 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF1000
    20:03:48.0675 6120 ============================================================
    20:03:48.0676 6120 C: <-> \Device\Harddisk0\DR0\Partition2
    20:03:48.0676 6120 ============================================================
    20:03:48.0676 6120 Initialize success
    20:03:48.0676 6120 ============================================================
    20:03:50.0852 6128 ============================================================
    20:03:50.0852 6128 Scan started
    20:03:50.0852 6128 Mode: Manual;
    20:03:50.0852 6128 ============================================================
    20:03:51.0176 6128 ================ Scan system memory ========================
    20:03:51.0177 6128 System memory - ok
    20:03:51.0177 6128 ================ Scan services =============================
    20:03:51.0227 6128 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    20:03:51.0230 6128 1394ohci - ok
    20:03:51.0240 6128 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    20:03:51.0244 6128 ACPI - ok
    20:03:51.0249 6128 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    20:03:51.0250 6128 AcpiPmi - ok
    20:03:51.0273 6128 [ AF9658974154C3B6A333D86DC2E0AAC8 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    20:03:51.0285 6128 Ad-Aware Service - ok
    20:03:51.0296 6128 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    20:03:51.0302 6128 adp94xx - ok
    20:03:51.0311 6128 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
    20:03:51.0315 6128 adpahci - ok
    20:03:51.0323 6128 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    20:03:51.0325 6128 adpu320 - ok
    20:03:51.0333 6128 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    20:03:51.0335 6128 AeLookupSvc - ok
    20:03:51.0346 6128 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    20:03:51.0352 6128 AFD - ok
    20:03:51.0358 6128 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    20:03:51.0359 6128 agp440 - ok
    20:03:51.0364 6128 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    20:03:51.0366 6128 ALG - ok
    20:03:51.0371 6128 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    20:03:51.0372 6128 aliide - ok
    20:03:51.0376 6128 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    20:03:51.0377 6128 amdide - ok
    20:03:51.0383 6128 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    20:03:51.0384 6128 AmdK8 - ok
    20:03:51.0390 6128 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
    20:03:51.0391 6128 AmdPPM - ok
    20:03:51.0396 6128 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
    20:03:51.0397 6128 amdsata - ok
    20:03:51.0403 6128 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
    20:03:51.0404 6128 amdsbs - ok
    20:03:51.0408 6128 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    20:03:51.0409 6128 amdxata - ok
    20:03:51.0412 6128 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    20:03:51.0413 6128 AppID - ok
    20:03:51.0417 6128 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    20:03:51.0417 6128 AppIDSvc - ok
    20:03:51.0421 6128 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
    20:03:51.0422 6128 Appinfo - ok
    20:03:51.0428 6128 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
    20:03:51.0429 6128 arc - ok
    20:03:51.0433 6128 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
    20:03:51.0435 6128 arcsas - ok
    20:03:51.0438 6128 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    20:03:51.0439 6128 AsyncMac - ok
    20:03:51.0442 6128 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    20:03:51.0442 6128 atapi - ok
    20:03:51.0499 6128 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    20:03:51.0545 6128 atikmdag - ok
    20:03:51.0558 6128 [ 0C9039EC45E6C4631BE31DDEC370D341 ] ATSwpWDF C:\Windows\system32\DRIVERS\ATSwpWDF.sys
    20:03:51.0562 6128 ATSwpWDF - ok
    20:03:51.0572 6128 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    20:03:51.0575 6128 AudioEndpointBuilder - ok
    20:03:51.0582 6128 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    20:03:51.0585 6128 AudioSrv - ok
    20:03:51.0589 6128 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    20:03:51.0590 6128 AxInstSV - ok
    20:03:51.0596 6128 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
    20:03:51.0598 6128 b06bdrv - ok
    20:03:51.0604 6128 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    20:03:51.0605 6128 b57nd60a - ok
    20:03:51.0609 6128 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    20:03:51.0610 6128 BDESVC - ok
    20:03:51.0612 6128 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    20:03:51.0613 6128 Beep - ok
    20:03:51.0621 6128 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    20:03:51.0624 6128 BFE - ok
    20:03:51.0634 6128 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
    20:03:51.0638 6128 BITS - ok
    20:03:51.0641 6128 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    20:03:51.0642 6128 blbdrive - ok
    20:03:51.0655 6128 [ 05981C3E51D827ED6B8101A54B05E392 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    20:03:51.0659 6128 Bluetooth Device Monitor - ok
    20:03:51.0675 6128 [ BBFAF63BF768047FE2441B4139E803E3 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    20:03:51.0680 6128 Bluetooth Media Service - ok
    20:03:51.0693 6128 [ 41D8F56E6BBE0111244D87BE2FA90374 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    20:03:51.0697 6128 Bluetooth OBEX Service - ok
    20:03:51.0701 6128 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    20:03:51.0701 6128 bowser - ok
    20:03:51.0704 6128 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
    20:03:51.0705 6128 BrFiltLo - ok
    20:03:51.0707 6128 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
    20:03:51.0707 6128 BrFiltUp - ok
    20:03:51.0710 6128 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
    20:03:51.0711 6128 BridgeMP - ok
    20:03:51.0714 6128 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
    20:03:51.0715 6128 Browser - ok
    20:03:51.0720 6128 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    20:03:51.0721 6128 Brserid - ok
    20:03:51.0725 6128 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    20:03:51.0726 6128 BrSerWdm - ok
    20:03:51.0728 6128 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    20:03:51.0728 6128 BrUsbMdm - ok
    20:03:51.0731 6128 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    20:03:51.0731 6128 BrUsbSer - ok
    20:03:51.0734 6128 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
    20:03:51.0735 6128 BthEnum - ok
    20:03:51.0738 6128 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    20:03:51.0738 6128 BTHMODEM - ok
    20:03:51.0741 6128 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
    20:03:51.0742 6128 BthPan - ok
    20:03:51.0749 6128 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
    20:03:51.0752 6128 BTHPORT - ok
    20:03:51.0755 6128 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    20:03:51.0756 6128 bthserv - ok
    20:03:51.0760 6128 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
    20:03:51.0760 6128 BTHUSB - ok
    20:03:51.0763 6128 [ 988CC6CC49303665D3B2435C51505C3F ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
    20:03:51.0764 6128 btmaux - ok
    20:03:51.0773 6128 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
    20:03:51.0777 6128 btmhsf - ok
    20:03:51.0780 6128 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    20:03:51.0781 6128 cdfs - ok
    20:03:51.0784 6128 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    20:03:51.0785 6128 cdrom - ok
    20:03:51.0788 6128 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    20:03:51.0789 6128 CertPropSvc - ok
    20:03:51.0792 6128 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
    20:03:51.0792 6128 circlass - ok
    20:03:51.0798 6128 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    20:03:51.0799 6128 CLFS - ok
    20:03:51.0805 6128 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    20:03:51.0806 6128 clr_optimization_v2.0.50727_32 - ok
    20:03:51.0811 6128 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    20:03:51.0812 6128 clr_optimization_v2.0.50727_64 - ok
    20:03:51.0818 6128 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    20:03:51.0819 6128 clr_optimization_v4.0.30319_32 - ok
    20:03:51.0824 6128 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    20:03:51.0825 6128 clr_optimization_v4.0.30319_64 - ok
    20:03:51.0828 6128 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    20:03:51.0829 6128 CmBatt - ok
    20:03:51.0831 6128 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    20:03:51.0832 6128 cmdide - ok
    20:03:51.0838 6128 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
    20:03:51.0840 6128 CNG - ok
    20:03:51.0843 6128 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    20:03:51.0843 6128 Compbatt - ok
    20:03:51.0846 6128 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
    20:03:51.0846 6128 CompositeBus - ok
    20:03:51.0849 6128 COMSysApp - ok
    20:03:51.0853 6128 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    20:03:51.0854 6128 crcdisk - ok
    20:03:51.0859 6128 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
    20:03:51.0860 6128 CryptSvc - ok
    20:03:51.0867 6128 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    20:03:51.0870 6128 DcomLaunch - ok
    20:03:51.0875 6128 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    20:03:51.0877 6128 defragsvc - ok
    20:03:51.0880 6128 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    20:03:51.0881 6128 DfsC - ok
    20:03:51.0886 6128 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    20:03:51.0887 6128 Dhcp - ok
    20:03:51.0892 6128 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    20:03:51.0893 6128 discache - ok
    20:03:51.0896 6128 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
    20:03:51.0897 6128 Disk - ok
    20:03:51.0901 6128 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    20:03:51.0902 6128 Dnscache - ok
    20:03:51.0906 6128 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    20:03:51.0908 6128 dot3svc - ok
    20:03:51.0911 6128 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    20:03:51.0912 6128 DPS - ok
    20:03:51.0915 6128 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    20:03:51.0916 6128 drmkaud - ok
    20:03:51.0928 6128 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    20:03:51.0931 6128 DXGKrnl - ok
    20:03:51.0935 6128 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    20:03:51.0936 6128 EapHost - ok
    20:03:51.0966 6128 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
    20:03:51.0987 6128 ebdrv - ok
    20:03:51.0991 6128 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    20:03:51.0992 6128 EFS - ok
    20:03:52.0000 6128 [ 837080D0CE753D424A7597687ADF635E ] EgisTec Service C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
    20:03:52.0003 6128 EgisTec Service - ok
    20:03:52.0012 6128 [ 8383299C07CDBA1D4FC9BA4F14C32F7F ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
    20:03:52.0014 6128 EgisTec Ticket Service - ok
    20:03:52.0024 6128 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    20:03:52.0029 6128 ehRecvr - ok
    20:03:52.0032 6128 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    20:03:52.0033 6128 ehSched - ok
    20:03:52.0041 6128 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
    20:03:52.0046 6128 elxstor - ok
    20:03:52.0048 6128 [ E47D9D7E6E53892FC97282482F4AE307 ] EMSC C:\Windows\system32\DRIVERS\EMSC.SYS
    20:03:52.0049 6128 EMSC - ok
    20:03:52.0052 6128 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    20:03:52.0052 6128 ErrDev - ok
    20:03:52.0059 6128 [ 1550E7977E376F7AE4D9D44D7C8FC8E8 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
    20:03:52.0060 6128 ETD - ok
    20:03:52.0068 6128 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    20:03:52.0070 6128 EventSystem - ok
    20:03:52.0074 6128 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    20:03:52.0075 6128 exfat - ok
    20:03:52.0079 6128 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    20:03:52.0080 6128 fastfat - ok
    20:03:52.0089 6128 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    20:03:52.0092 6128 Fax - ok
    20:03:52.0095 6128 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
    20:03:52.0096 6128 fdc - ok
    20:03:52.0098 6128 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    20:03:52.0099 6128 fdPHost - ok
    20:03:52.0103 6128 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    20:03:52.0103 6128 FDResPub - ok
    20:03:52.0106 6128 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    20:03:52.0107 6128 FileInfo - ok
    20:03:52.0109 6128 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    20:03:52.0110 6128 Filetrace - ok
    20:03:52.0112 6128 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
    20:03:52.0113 6128 flpydisk - ok
    20:03:52.0117 6128 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    20:03:52.0119 6128 FltMgr - ok
    20:03:52.0131 6128 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
    20:03:52.0136 6128 FontCache - ok
    20:03:52.0139 6128 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    20:03:52.0140 6128 FontCache3.0.0.0 - ok
    20:03:52.0143 6128 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    20:03:52.0143 6128 FsDepends - ok
    20:03:52.0146 6128 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    20:03:52.0147 6128 Fs_Rec - ok
    20:03:52.0151 6128 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    20:03:52.0152 6128 fvevol - ok
    20:03:52.0155 6128 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    20:03:52.0155 6128 gagp30kx - ok
    20:03:52.0164 6128 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    20:03:52.0167 6128 gpsvc - ok
    20:03:52.0170 6128 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    20:03:52.0171 6128 hcw85cir - ok
    20:03:52.0176 6128 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    20:03:52.0178 6128 HdAudAddService - ok
    20:03:52.0181 6128 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
    20:03:52.0182 6128 HDAudBus - ok
    20:03:52.0184 6128 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
    20:03:52.0185 6128 HidBatt - ok
    20:03:52.0188 6128 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
    20:03:52.0188 6128 HidBth - ok
    20:03:52.0191 6128 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
    20:03:52.0192 6128 HidIr - ok
    20:03:52.0195 6128 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
    20:03:52.0195 6128 hidserv - ok
    20:03:52.0198 6128 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    20:03:52.0199 6128 HidUsb - ok
    20:03:52.0202 6128 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    20:03:52.0203 6128 hkmsvc - ok
    20:03:52.0207 6128 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    20:03:52.0209 6128 HomeGroupListener - ok
    20:03:52.0213 6128 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    20:03:52.0215 6128 HomeGroupProvider - ok
    20:03:52.0218 6128 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    20:03:52.0218 6128 HpSAMD - ok
    20:03:52.0227 6128 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    20:03:52.0230 6128 HTTP - ok
    20:03:52.0232 6128 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    20:03:52.0233 6128 hwpolicy - ok
    20:03:52.0236 6128 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
    20:03:52.0237 6128 i8042prt - ok
    20:03:52.0244 6128 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
    20:03:52.0247 6128 iaStor - ok
    20:03:52.0252 6128 [ 545462D0DBE24AF379BA869B7C185CCD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    20:03:52.0253 6128 IAStorDataMgrSvc - ok
    20:03:52.0259 6128 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    20:03:52.0260 6128 iaStorV - ok
    20:03:52.0264 6128 [ 9E3D44CE737388F6BBBB6DD4A1C1847C ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
    20:03:52.0264 6128 ibtfltcoex - ok
    20:03:52.0268 6128 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    20:03:52.0268 6128 IDriverT - ok
    20:03:52.0278 6128 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    20:03:52.0284 6128 idsvc - ok
    20:03:52.0297 6128 [ BB530F1C035DD72A33ACE0A5DB65CB78 ] IFXSpMgtSrv C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe
    20:03:52.0301 6128 IFXSpMgtSrv - ok
    20:03:52.0312 6128 [ DD2CA93025BB1174C870F0B0A7B445DE ] IFXTCS C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe
    20:03:52.0316 6128 IFXTCS - ok
    20:03:52.0319 6128 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    20:03:52.0320 6128 iirsp - ok
    20:03:52.0329 6128 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    20:03:52.0336 6128 IKEEXT - ok
    20:03:52.0365 6128 [ ABA41EE6F5EEFC034F3BBD025506B37E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    20:03:52.0377 6128 IntcAzAudAddService - ok
    20:03:52.0386 6128 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
    20:03:52.0389 6128 Intel(R) Capability Licensing Service Interface - ok
    20:03:52.0393 6128 [ 896AA2F1D79662B17D5DBBE588E24E30 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    20:03:52.0394 6128 Intel(R) ME Service - ok
    20:03:52.0397 6128 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    20:03:52.0397 6128 intelide - ok
    20:03:52.0400 6128 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    20:03:52.0401 6128 intelppm - ok
    20:03:52.0404 6128 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    20:03:52.0405 6128 IPBusEnum - ok
    20:03:52.0408 6128 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    20:03:52.0409 6128 IpFilterDriver - ok
    20:03:52.0415 6128 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    20:03:52.0418 6128 iphlpsvc - ok
    20:03:52.0422 6128 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    20:03:52.0422 6128 IPMIDRV - ok
    20:03:52.0425 6128 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    20:03:52.0426 6128 IPNAT - ok
    20:03:52.0428 6128 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    20:03:52.0429 6128 IRENUM - ok
    20:03:52.0431 6128 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    20:03:52.0432 6128 isapnp - ok
    20:03:52.0437 6128 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    20:03:52.0438 6128 iScsiPrt - ok
    20:03:52.0441 6128 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
    20:03:52.0441 6128 iusb3hcs - ok
    20:03:52.0447 6128 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
    20:03:52.0448 6128 iusb3hub - ok
    20:03:52.0458 6128 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
    20:03:52.0461 6128 iusb3xhc - ok
    20:03:52.0465 6128 [ 3C6630473DD42FFC57D9F5564F533127 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    20:03:52.0466 6128 jhi_service - ok
    20:03:52.0469 6128 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    20:03:52.0470 6128 kbdclass - ok
    20:03:52.0472 6128 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
    20:03:52.0473 6128 kbdhid - ok
    20:03:52.0475 6128 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    20:03:52.0476 6128 KeyIso - ok
    20:03:52.0479 6128 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    20:03:52.0480 6128 KSecDD - ok
    20:03:52.0483 6128 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    20:03:52.0484 6128 KSecPkg - ok
    20:03:52.0487 6128 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    20:03:52.0488 6128 ksthunk - ok
    20:03:52.0493 6128 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    20:03:52.0495 6128 KtmRm - ok
    20:03:52.0500 6128 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
    20:03:52.0501 6128 LanmanServer - ok
    20:03:52.0505 6128 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    20:03:52.0507 6128 LanmanWorkstation - ok
    20:03:52.0510 6128 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    20:03:52.0511 6128 lltdio - ok
    20:03:52.0516 6128 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    20:03:52.0518 6128 lltdsvc - ok
    20:03:52.0520 6128 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    20:03:52.0521 6128 lmhosts - ok
    20:03:52.0527 6128 [ 2B23FAA39D8F949ED5EEE03ECA50BCD5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    20:03:52.0528 6128 LMS - ok
    20:03:52.0532 6128 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    20:03:52.0533 6128 LSI_FC - ok
    20:03:52.0536 6128 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    20:03:52.0537 6128 LSI_SAS - ok
    20:03:52.0540 6128 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
    20:03:52.0540 6128 LSI_SAS2 - ok
    20:03:52.0544 6128 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    20:03:52.0544 6128 LSI_SCSI - ok
    20:03:52.0547 6128 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    20:03:52.0548 6128 luafv - ok
    20:03:52.0551 6128 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
    20:03:52.0551 6128 MBAMProtector - ok
    20:03:52.0558 6128 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    20:03:52.0560 6128 MBAMScheduler - ok
    20:03:52.0568 6128 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    20:03:52.0571 6128 MBAMService - ok
    20:03:52.0575 6128 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    20:03:52.0576 6128 Mcx2Svc - ok
    20:03:52.0579 6128 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
    20:03:52.0579 6128 megasas - ok
    20:03:52.0584 6128 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
    20:03:52.0585 6128 MegaSR - ok
    20:03:52.0588 6128 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
    20:03:52.0589 6128 MEIx64 - ok
    20:03:52.0592 6128 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    20:03:52.0593 6128 MMCSS - ok
    20:03:52.0595 6128 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    20:03:52.0596 6128 Modem - ok
    20:03:52.0598 6128 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    20:03:52.0599 6128 monitor - ok
    20:03:52.0602 6128 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    20:03:52.0603 6128 mouclass - ok
    20:03:52.0605 6128 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    20:03:52.0606 6128 mouhid - ok
    20:03:52.0608 6128 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    20:03:52.0609 6128 mountmgr - ok
    20:03:52.0613 6128 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    20:03:52.0613 6128 MozillaMaintenance - ok
    20:03:52.0617 6128 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    20:03:52.0618 6128 mpio - ok
    20:03:52.0621 6128 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    20:03:52.0622 6128 mpsdrv - ok
    20:03:52.0631 6128 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    20:03:52.0635 6128 MpsSvc - ok
    20:03:52.0639 6128 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    20:03:52.0640 6128 MRxDAV - ok
    20:03:52.0644 6128 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    20:03:52.0645 6128 mrxsmb - ok
    20:03:52.0650 6128 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    20:03:52.0651 6128 mrxsmb10 - ok
    20:03:52.0654 6128 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    20:03:52.0655 6128 mrxsmb20 - ok
    20:03:52.0658 6128 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    20:03:52.0659 6128 msahci - ok
    20:03:52.0662 6128 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    20:03:52.0663 6128 msdsm - ok
    20:03:52.0666 6128 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    20:03:52.0668 6128 MSDTC - ok
    20:03:52.0672 6128 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    20:03:52.0672 6128 Msfs - ok
    20:03:52.0675 6128 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    20:03:52.0675 6128 mshidkmdf - ok
    20:03:52.0677 6128 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    20:03:52.0678 6128 msisadrv - ok
    20:03:52.0682 6128 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    20:03:52.0683 6128 MSiSCSI - ok
    20:03:52.0685 6128 msiserver - ok
    20:03:52.0688 6128 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    20:03:52.0688 6128 MSKSSRV - ok
    20:03:52.0691 6128 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    20:03:52.0691 6128 MSPCLOCK - ok
    20:03:52.0694 6128 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    20:03:52.0694 6128 MSPQM - ok
    20:03:52.0699 6128 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    20:03:52.0701 6128 MsRPC - ok
    20:03:52.0705 6128 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
    20:03:52.0705 6128 mssmbios - ok
    20:03:52.0708 6128 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    20:03:52.0708 6128 MSTEE - ok
    20:03:52.0711 6128 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
    20:03:52.0711 6128 MTConfig - ok
    20:03:52.0714 6128 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    20:03:52.0714 6128 Mup - ok
    20:03:52.0717 6128 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
    20:03:52.0717 6128 mwlPSDFilter - ok
    20:03:52.0720 6128 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
    20:03:52.0720 6128 mwlPSDNServ - ok
    20:03:52.0723 6128 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
    20:03:52.0724 6128 mwlPSDVDisk - ok
    20:03:52.0730 6128 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    20:03:52.0732 6128 napagent - ok
    20:03:52.0738 6128 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    20:03:52.0740 6128 NativeWifiP - ok
    20:03:52.0751 6128 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
    20:03:52.0755 6128 NDIS - ok
    20:03:52.0758 6128 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    20:03:52.0758 6128 NdisCap - ok
    20:03:52.0761 6128 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    20:03:52.0761 6128 NdisTapi - ok
    20:03:52.0764 6128 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    20:03:52.0765 6128 Ndisuio - ok
    20:03:52.0768 6128 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    20:03:52.0769 6128 NdisWan - ok
    20:03:52.0772 6128 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    20:03:52.0773 6128 NDProxy - ok
    20:03:52.0775 6128 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    20:03:52.0776 6128 NetBIOS - ok
    20:03:52.0781 6128 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    20:03:52.0782 6128 NetBT - ok
    20:03:52.0785 6128 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    20:03:52.0785 6128 Netlogon - ok
    20:03:52.0791 6128 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    20:03:52.0793 6128 Netman - ok
    20:03:52.0799 6128 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    20:03:52.0802 6128 netprofm - ok
    20:03:52.0805 6128 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    20:03:52.0806 6128 NetTcpPortSharing - ok
    20:03:52.0907 6128 [ 47DC062656EA661FE9175DBACAD00E9D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
    20:03:52.0953 6128 NETwNs64 - ok
    20:03:52.0959 6128 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
    20:03:52.0960 6128 nfrd960 - ok
    20:03:52.0965 6128 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
    20:03:52.0967 6128 NlaSvc - ok
    20:03:52.0970 6128 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    20:03:52.0970 6128 Npfs - ok
    20:03:52.0973 6128 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    20:03:52.0974 6128 nsi - ok
    20:03:52.0976 6128 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    20:03:52.0977 6128 nsiproxy - ok
    20:03:52.0994 6128 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    20:03:53.0007 6128 Ntfs - ok
    20:03:53.0010 6128 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
  8. James G

    James G Newcomer, in training Topic Starter Posts: 48

    20:03:53.0010 6128 Null - ok
    20:03:53.0014 6128 [ A4247F976E40B5C23273631153D97D58 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
    20:03:53.0015 6128 NVHDA - ok
    20:03:53.0141 6128 [ 62CFE4DB3B014D248B70D1076636B001 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
    20:03:53.0198 6128 nvlddmkm - ok
    20:03:53.0205 6128 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    20:03:53.0206 6128 nvraid - ok
    20:03:53.0210 6128 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    20:03:53.0211 6128 nvstor - ok
    20:03:53.0221 6128 [ 09EA4E7A5BB2F65DB0818CC5385E0A19 ] nvsvc C:\Windows\system32\nvvsvc.exe
    20:03:53.0225 6128 nvsvc - ok
    20:03:53.0249 6128 [ 961A4BD1A239F032056CE5F9B61CAE6D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    20:03:53.0259 6128 nvUpdatusService - ok
    20:03:53.0263 6128 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    20:03:53.0264 6128 nv_agp - ok
    20:03:53.0267 6128 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    20:03:53.0268 6128 ohci1394 - ok
    20:03:53.0273 6128 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    20:03:53.0275 6128 p2pimsvc - ok
    20:03:53.0282 6128 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    20:03:53.0284 6128 p2psvc - ok
    20:03:53.0287 6128 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
    20:03:53.0288 6128 Parport - ok
    20:03:53.0291 6128 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    20:03:53.0292 6128 partmgr - ok
    20:03:53.0296 6128 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    20:03:53.0297 6128 PcaSvc - ok
    20:03:53.0301 6128 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    20:03:53.0302 6128 pci - ok
    20:03:53.0305 6128 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    20:03:53.0305 6128 pciide - ok
    20:03:53.0309 6128 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
    20:03:53.0311 6128 pcmcia - ok
    20:03:53.0314 6128 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    20:03:53.0315 6128 pcw - ok
    20:03:53.0323 6128 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    20:03:53.0326 6128 PEAUTH - ok
    20:03:53.0349 6128 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    20:03:53.0350 6128 PerfHost - ok
    20:03:53.0356 6128 [ F20612DF7E12DE3A087D0F44CC545FB1 ] PersonalSecureDrive C:\Windows\System32\drivers\psd.sys
    20:03:53.0357 6128 PersonalSecureDrive - ok
    20:03:53.0361 6128 [ 0AED704097BA683113CF08E8AD37723B ] PersonalSecureDriveService C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
    20:03:53.0362 6128 PersonalSecureDriveService - ok
    20:03:53.0376 6128 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    20:03:53.0387 6128 pla - ok
    20:03:53.0394 6128 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    20:03:53.0396 6128 PlugPlay - ok
    20:03:53.0399 6128 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    20:03:53.0400 6128 PNRPAutoReg - ok
    20:03:53.0405 6128 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    20:03:53.0407 6128 PNRPsvc - ok
    20:03:53.0415 6128 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    20:03:53.0417 6128 PolicyAgent - ok
    20:03:53.0422 6128 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    20:03:53.0424 6128 Power - ok
    20:03:53.0427 6128 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    20:03:53.0428 6128 PptpMiniport - ok
    20:03:53.0431 6128 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
    20:03:53.0432 6128 Processor - ok
    20:03:53.0436 6128 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
    20:03:53.0438 6128 ProfSvc - ok
    20:03:53.0441 6128 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    20:03:53.0441 6128 ProtectedStorage - ok
    20:03:53.0445 6128 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    20:03:53.0446 6128 Psched - ok
    20:03:53.0449 6128 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
    20:03:53.0450 6128 PSI - ok
    20:03:53.0465 6128 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    20:03:53.0476 6128 ql2300 - ok
    20:03:53.0480 6128 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    20:03:53.0481 6128 ql40xx - ok
    20:03:53.0486 6128 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    20:03:53.0488 6128 QWAVE - ok
    20:03:53.0490 6128 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    20:03:53.0491 6128 QWAVEdrv - ok
    20:03:53.0493 6128 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    20:03:53.0493 6128 RasAcd - ok
    20:03:53.0496 6128 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    20:03:53.0497 6128 RasAgileVpn - ok
    20:03:53.0500 6128 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    20:03:53.0501 6128 RasAuto - ok
    20:03:53.0504 6128 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    20:03:53.0505 6128 Rasl2tp - ok
    20:03:53.0510 6128 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    20:03:53.0512 6128 RasMan - ok
    20:03:53.0515 6128 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    20:03:53.0516 6128 RasPppoe - ok
    20:03:53.0519 6128 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    20:03:53.0520 6128 RasSstp - ok
    20:03:53.0524 6128 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    20:03:53.0526 6128 rdbss - ok
    20:03:53.0528 6128 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
    20:03:53.0529 6128 rdpbus - ok
    20:03:53.0531 6128 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    20:03:53.0531 6128 RDPCDD - ok
    20:03:53.0535 6128 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    20:03:53.0535 6128 RDPENCDD - ok
    20:03:53.0538 6128 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    20:03:53.0539 6128 RDPREFMP - ok
    20:03:53.0543 6128 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    20:03:53.0544 6128 RDPWD - ok
    20:03:53.0548 6128 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    20:03:53.0549 6128 rdyboost - ok
    20:03:53.0552 6128 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    20:03:53.0554 6128 RemoteAccess - ok
    20:03:53.0557 6128 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    20:03:53.0559 6128 RemoteRegistry - ok
    20:03:53.0563 6128 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
    20:03:53.0564 6128 RFCOMM - ok
    20:03:53.0566 6128 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    20:03:53.0568 6128 RpcEptMapper - ok
    20:03:53.0570 6128 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    20:03:53.0571 6128 RpcLocator - ok
    20:03:53.0577 6128 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    20:03:53.0581 6128 RpcSs - ok
    20:03:53.0584 6128 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    20:03:53.0585 6128 rspndr - ok
    20:03:53.0590 6128 [ D4A7B5BE29413AFE27DFA2054DCEF957 ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys
    20:03:53.0591 6128 RSUSBVSTOR - ok
    20:03:53.0598 6128 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    20:03:53.0601 6128 RTL8167 - ok
    20:03:53.0605 6128 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    20:03:53.0605 6128 SamSs - ok
    20:03:53.0638 6128 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    20:03:53.0651 6128 SBAMSvc - ok
    20:03:53.0656 6128 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
    20:03:53.0657 6128 sbapifs - ok
    20:03:53.0660 6128 [ B671EEF468D13016B9286F5835A06AE1 ] sbhips C:\Windows\system32\drivers\sbhips.sys
    20:03:53.0660 6128 sbhips - ok
    20:03:53.0663 6128 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    20:03:53.0664 6128 sbp2port - ok
    20:03:53.0667 6128 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
    20:03:53.0667 6128 SBRE - ok
    20:03:53.0671 6128 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    20:03:53.0673 6128 SCardSvr - ok
    20:03:53.0676 6128 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    20:03:53.0676 6128 scfilter - ok
    20:03:53.0687 6128 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    20:03:53.0693 6128 Schedule - ok
    20:03:53.0696 6128 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    20:03:53.0697 6128 SCPolicySvc - ok
    20:03:53.0701 6128 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    20:03:53.0703 6128 SDRSVC - ok
    20:03:53.0709 6128 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    20:03:53.0710 6128 SeaPort - ok
    20:03:53.0713 6128 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    20:03:53.0714 6128 secdrv - ok
    20:03:53.0717 6128 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    20:03:53.0718 6128 seclogon - ok
    20:03:53.0733 6128 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    20:03:53.0738 6128 Secunia PSI Agent - ok
    20:03:53.0747 6128 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
    20:03:53.0749 6128 Secunia Update Agent - ok
    20:03:53.0753 6128 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
    20:03:53.0754 6128 SENS - ok
    20:03:53.0757 6128 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    20:03:53.0758 6128 SensrSvc - ok
    20:03:53.0760 6128 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
    20:03:53.0761 6128 Serenum - ok
    20:03:53.0764 6128 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
    20:03:53.0764 6128 Serial - ok
    20:03:53.0767 6128 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
    20:03:53.0767 6128 sermouse - ok
    20:03:53.0773 6128 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    20:03:53.0775 6128 SessionEnv - ok
    20:03:53.0778 6128 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    20:03:53.0778 6128 sffdisk - ok
    20:03:53.0780 6128 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    20:03:53.0781 6128 sffp_mmc - ok
    20:03:53.0783 6128 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    20:03:53.0783 6128 sffp_sd - ok
    20:03:53.0785 6128 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    20:03:53.0786 6128 sfloppy - ok
    20:03:53.0791 6128 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    20:03:53.0793 6128 SharedAccess - ok
    20:03:53.0799 6128 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    20:03:53.0801 6128 ShellHWDetection - ok
    20:03:53.0804 6128 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
    20:03:53.0804 6128 SiSRaid2 - ok
    20:03:53.0807 6128 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    20:03:53.0808 6128 SiSRaid4 - ok
    20:03:53.0811 6128 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    20:03:53.0811 6128 Smb - ok
    20:03:53.0816 6128 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    20:03:53.0817 6128 SNMPTRAP - ok
    20:03:53.0819 6128 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    20:03:53.0820 6128 spldr - ok
    20:03:53.0827 6128 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
    20:03:53.0830 6128 Spooler - ok
    20:03:53.0866 6128 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    20:03:53.0881 6128 sppsvc - ok
    20:03:53.0885 6128 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    20:03:53.0886 6128 sppuinotify - ok
    20:03:53.0892 6128 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    20:03:53.0894 6128 srv - ok
    20:03:53.0901 6128 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    20:03:53.0903 6128 srv2 - ok
    20:03:53.0907 6128 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    20:03:53.0908 6128 srvnet - ok
    20:03:53.0912 6128 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    20:03:53.0914 6128 SSDPSRV - ok
    20:03:53.0917 6128 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    20:03:53.0919 6128 SstpSvc - ok
    20:03:53.0922 6128 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
    20:03:53.0923 6128 stexstor - ok
    20:03:53.0930 6128 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    20:03:53.0936 6128 stisvc - ok
    20:03:53.0939 6128 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
    20:03:53.0940 6128 swenum - ok
    20:03:53.0947 6128 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    20:03:53.0949 6128 SwitchBoard - ok
    20:03:53.0959 6128 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    20:03:53.0962 6128 swprv - ok
    20:03:53.0981 6128 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    20:03:53.0989 6128 SysMain - ok
    20:03:53.0992 6128 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    20:03:53.0994 6128 TabletInputService - ok
    20:03:54.0044 6128 [ 5F5AC85DE73FD25AD36BF591185EC009 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    20:03:54.0068 6128 TabletServicePen - ok
    20:03:54.0075 6128 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    20:03:54.0077 6128 TapiSrv - ok
    20:03:54.0081 6128 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    20:03:54.0082 6128 TBS - ok
    20:03:54.0101 6128 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    20:03:54.0115 6128 Tcpip - ok
    20:03:54.0135 6128 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    20:03:54.0143 6128 TCPIP6 - ok
    20:03:54.0147 6128 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    20:03:54.0148 6128 tcpipreg - ok
    20:03:54.0152 6128 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    20:03:54.0152 6128 TDPIPE - ok
    20:03:54.0155 6128 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    20:03:54.0155 6128 TDTCP - ok
    20:03:54.0159 6128 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    20:03:54.0160 6128 tdx - ok
    20:03:54.0162 6128 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
    20:03:54.0163 6128 TermDD - ok
    20:03:54.0171 6128 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    20:03:54.0177 6128 TermService - ok
    20:03:54.0180 6128 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    20:03:54.0181 6128 Themes - ok
    20:03:54.0184 6128 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    20:03:54.0185 6128 THREADORDER - ok
    20:03:54.0191 6128 [ 7446E9D669A3B747BC4D11A82F69A5ED ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
    20:03:54.0194 6128 TouchServicePen - ok
    20:03:54.0197 6128 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
    20:03:54.0197 6128 TPM - ok
    20:03:54.0201 6128 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    20:03:54.0202 6128 TrkWks - ok
    20:03:54.0206 6128 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    20:03:54.0207 6128 TrustedInstaller - ok
    20:03:54.0211 6128 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    20:03:54.0211 6128 tssecsrv - ok
    20:03:54.0214 6128 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    20:03:54.0214 6128 TsUsbFlt - ok
    20:03:54.0216 6128 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
    20:03:54.0217 6128 TsUsbGD - ok
    20:03:54.0220 6128 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    20:03:54.0221 6128 tunnel - ok
    20:03:54.0224 6128 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    20:03:54.0224 6128 uagp35 - ok
    20:03:54.0230 6128 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    20:03:54.0231 6128 udfs - ok
    20:03:54.0236 6128 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    20:03:54.0237 6128 UI0Detect - ok
    20:03:54.0240 6128 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    20:03:54.0240 6128 uliagpkx - ok
    20:03:54.0243 6128 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    20:03:54.0244 6128 umbus - ok
    20:03:54.0246 6128 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
    20:03:54.0246 6128 UmPass - ok
    20:03:54.0253 6128 [ 3C5405EF78576E8E4D791EB18F6856A8 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    20:03:54.0255 6128 UNS - ok
    20:03:54.0260 6128 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    20:03:54.0263 6128 upnphost - ok
    20:03:54.0266 6128 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    20:03:54.0267 6128 usbccgp - ok
    20:03:54.0270 6128 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    20:03:54.0271 6128 usbcir - ok
    20:03:54.0274 6128 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    20:03:54.0274 6128 usbehci - ok
    20:03:54.0279 6128 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    20:03:54.0281 6128 usbhub - ok
    20:03:54.0283 6128 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    20:03:54.0284 6128 usbohci - ok
    20:03:54.0286 6128 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
    20:03:54.0287 6128 usbprint - ok
    20:03:54.0290 6128 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    20:03:54.0290 6128 USBSTOR - ok
    20:03:54.0293 6128 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    20:03:54.0293 6128 usbuhci - ok
    20:03:54.0297 6128 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
    20:03:54.0298 6128 usbvideo - ok
    20:03:54.0301 6128 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    20:03:54.0302 6128 UxSms - ok
    20:03:54.0305 6128 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    20:03:54.0305 6128 VaultSvc - ok
    20:03:54.0308 6128 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    20:03:54.0308 6128 vdrvroot - ok
    20:03:54.0315 6128 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    20:03:54.0321 6128 vds - ok
    20:03:54.0323 6128 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    20:03:54.0324 6128 vga - ok
    20:03:54.0326 6128 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    20:03:54.0327 6128 VgaSave - ok
    20:03:54.0330 6128 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    20:03:54.0331 6128 vhdmp - ok
    20:03:54.0334 6128 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    20:03:54.0334 6128 viaide - ok
    20:03:54.0337 6128 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    20:03:54.0338 6128 volmgr - ok
    20:03:54.0343 6128 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    20:03:54.0344 6128 volmgrx - ok
    20:03:54.0350 6128 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    20:03:54.0351 6128 volsnap - ok
    20:03:54.0355 6128 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    20:03:54.0356 6128 vsmraid - ok
    20:03:54.0372 6128 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    20:03:54.0379 6128 VSS - ok
    20:03:54.0383 6128 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    20:03:54.0383 6128 vwifibus - ok
    20:03:54.0386 6128 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    20:03:54.0387 6128 vwififlt - ok
    20:03:54.0392 6128 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    20:03:54.0395 6128 W32Time - ok
    20:03:54.0399 6128 [ 43CE14E1E17DA81EA71DFE686805ED07 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
    20:03:54.0400 6128 wacmoumonitor - ok
    20:03:54.0403 6128 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
    20:03:54.0403 6128 wacommousefilter - ok
    20:03:54.0406 6128 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    20:03:54.0406 6128 WacomPen - ok
    20:03:54.0410 6128 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
    20:03:54.0410 6128 wacomvhid - ok
    20:03:54.0413 6128 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    20:03:54.0414 6128 WANARP - ok
    20:03:54.0416 6128 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    20:03:54.0417 6128 Wanarpv6 - ok
    20:03:54.0432 6128 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    20:03:54.0443 6128 WatAdminSvc - ok
    20:03:54.0460 6128 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    20:03:54.0475 6128 wbengine - ok
    20:03:54.0479 6128 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    20:03:54.0481 6128 WbioSrvc - ok
    20:03:54.0486 6128 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    20:03:54.0489 6128 wcncsvc - ok
    20:03:54.0492 6128 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    20:03:54.0493 6128 WcsPlugInService - ok
    20:03:54.0495 6128 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
    20:03:54.0496 6128 Wd - ok
    20:03:54.0503 6128 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    20:03:54.0509 6128 Wdf01000 - ok
    20:03:54.0512 6128 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    20:03:54.0513 6128 WdiServiceHost - ok
    20:03:54.0515 6128 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    20:03:54.0517 6128 WdiSystemHost - ok
    20:03:54.0521 6128 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    20:03:54.0524 6128 WebClient - ok
    20:03:54.0528 6128 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    20:03:54.0530 6128 Wecsvc - ok
    20:03:54.0533 6128 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    20:03:54.0535 6128 wercplsupport - ok
    20:03:54.0538 6128 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    20:03:54.0539 6128 WerSvc - ok
    20:03:54.0542 6128 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    20:03:54.0542 6128 WfpLwf - ok
    20:03:54.0545 6128 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    20:03:54.0545 6128 WIMMount - ok
    20:03:54.0547 6128 WinDefend - ok
    20:03:54.0550 6128 WinHttpAutoProxySvc - ok
    20:03:54.0558 6128 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    20:03:54.0559 6128 Winmgmt - ok
    20:03:54.0579 6128 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    20:03:54.0594 6128 WinRM - ok
    20:03:54.0607 6128 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    20:03:54.0611 6128 Wlansvc - ok
    20:03:54.0614 6128 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    20:03:54.0615 6128 WmiAcpi - ok
    20:03:54.0620 6128 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    20:03:54.0621 6128 wmiApSrv - ok
    20:03:54.0623 6128 WMPNetworkSvc - ok
    20:03:54.0626 6128 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    20:03:54.0627 6128 WPCSvc - ok
    20:03:54.0630 6128 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    20:03:54.0631 6128 WPDBusEnum - ok
    20:03:54.0634 6128 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    20:03:54.0634 6128 ws2ifsl - ok
    20:03:54.0638 6128 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
    20:03:54.0639 6128 wscsvc - ok
    20:03:54.0641 6128 WSearch - ok
    20:03:54.0666 6128 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    20:03:54.0677 6128 wuauserv - ok
    20:03:54.0681 6128 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    20:03:54.0681 6128 WudfPf - ok
    20:03:54.0685 6128 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    20:03:54.0686 6128 WUDFRd - ok
    20:03:54.0689 6128 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    20:03:54.0691 6128 wudfsvc - ok
    20:03:54.0695 6128 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
    20:03:54.0697 6128 WwanSvc - ok
    20:03:54.0704 6128 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
    20:03:54.0706 6128 yukonw7 - ok
    20:03:54.0710 6128 ================ Scan global ===============================
    20:03:54.0712 6128 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    20:03:54.0718 6128 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
    20:03:54.0726 6128 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
    20:03:54.0730 6128 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    20:03:54.0737 6128 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    20:03:54.0739 6128 [Global] - ok
    20:03:54.0739 6128 ================ Scan MBR ==================================
    20:03:54.0741 6128 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    20:03:54.0856 6128 \Device\Harddisk0\DR0 - ok
    20:03:54.0857 6128 ================ Scan VBR ==================================
    20:03:54.0860 6128 [ 8BA29F45985061580F2CA956B80F8AB3 ] \Device\Harddisk0\DR0\Partition1
    20:03:54.0862 6128 \Device\Harddisk0\DR0\Partition1 - ok
    20:03:54.0866 6128 [ D604E63852D1A910704C8BCF6BE22E01 ] \Device\Harddisk0\DR0\Partition2
    20:03:54.0868 6128 \Device\Harddisk0\DR0\Partition2 - ok
    20:03:54.0869 6128 ============================================================
    20:03:54.0869 6128 Scan finished
    20:03:54.0869 6128 ============================================================
    20:03:54.0880 5400 Detected object count: 0
    20:03:54.0880 5400 Actual detected object count: 0
    20:10:01.0024 5716 Deinitialize success
  9. James G

    James G Newcomer, in training Topic Starter Posts: 48

    RogueKiller V8.1.1 [10/03/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website: http://tigzy.geekstogo.com/roguekiller.php
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : James [Admin rights]
    Mode : Scan -- Date : 10/10/2012 20:18:19

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 6 ¤¤¤
    [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
    [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
    [HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
    [HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
    [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
    [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: OCZ-AGILITY3 +++++
    --- User ---
    [MBR] a32dc4640a8c83caedb008b592508e6d
    [BSP] b0fca25fc34b0767feb236b4df13e150 : Windows 7 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 228834 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[1].txt >>
    RKreport[1].txt
  10. James G

    James G Newcomer, in training Topic Starter Posts: 48

    RogueKiller V8.1.1 [10/03/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website: http://tigzy.geekstogo.com/roguekiller.php
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : James [Admin rights]
    Mode : Remove -- Date : 10/10/2012 20:18:30

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 5 ¤¤¤
    [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
    [HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REPLACED (0)
    [HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REPLACED (0)
    [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
    [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: OCZ-AGILITY3 +++++
    --- User ---
    [MBR] a32dc4640a8c83caedb008b592508e6d
    [BSP] b0fca25fc34b0767feb236b4df13e150 : Windows 7 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 228834 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[2].txt >>
    RKreport[1].txt ; RKreport[2].txt
  11. James G

    James G Newcomer, in training Topic Starter Posts: 48

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-10-10 21:11:45
    -----------------------------
    21:11:45.750 OS Version: Windows x64 6.1.7601 Service Pack 1
    21:11:45.750 Number of processors: 8 586 0x3A09
    21:11:45.751 ComputerName: JAMES-PC UserName: James
    21:11:46.108 Initialize success
    21:15:40.890 AVAST engine defs: 12101001
    21:16:14.506 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    21:16:14.510 Disk 0 Vendor: OCZ-AGIL 2.22 Size: 228936MB BusType: 3
    21:16:14.516 Disk 0 MBR read successfully
    21:16:14.520 Disk 0 MBR scan
    21:16:14.528 Disk 0 Windows 7 default MBR code
    21:16:14.533 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    21:16:14.540 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 228834 MB offset 206848
    21:16:14.553 Disk 0 scanning C:\Windows\system32\drivers
    21:16:17.124 Service scanning
    21:16:23.750 Modules scanning
    21:16:23.763 Disk 0 trace - called modules:
    21:16:23.772 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
    21:16:23.779 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005023790]
    21:16:23.786 3 CLASSPNP.SYS[fffff88001d2643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a76050]
    21:16:24.088 AVAST engine scan C:\Windows
    21:16:24.788 AVAST engine scan C:\Windows\system32
    21:17:47.418 AVAST engine scan C:\Windows\system32\drivers
    21:17:50.754 AVAST engine scan C:\Users\James
    21:18:09.302 AVAST engine scan C:\ProgramData
    21:18:18.303 Scan finished successfully
    21:18:41.319 Disk 0 MBR has been saved successfully to "C:\Users\James\Desktop\MBR.dat"
    21:18:41.328 The log file has been saved successfully to "C:\Users\James\Desktop\aswMBR.txt"
     
  12. Broni

    Broni Malware Annihilator Posts: 46,479   +252

    Create new restore point before proceeding with the next step....
    How to:
    - Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
    - Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
    - XP: http://support.microsoft.com/kb/948247

    =================================

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If restarting doesn't help use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
  13. James G

    James G Newcomer, in training Topic Starter Posts: 48

    ComboFix 12-10-11.03 - James 10/11/2012 11:17:24.2.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4066.2717 [GMT -4:00]
    Running from: c:\users\James\Desktop\ComboFix.exe
    AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
    FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
    SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-09-11 to 2012-10-11 )))))))))))))))))))))))))))))))
    .
    .
    2012-10-11 15:19 . 2012-10-11 15:19 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2012-10-11 15:19 . 2012-10-11 15:19 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-10-10 00:47 . 2012-10-10 00:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-10-10 00:47 . 2012-09-07 21:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-10-05 01:45 . 2012-10-05 01:45 -------- d-----w- c:\program files (x86)\Secunia
    2012-09-26 20:40 . 2012-09-26 20:40 -------- d-----w- c:\program files (x86)\ESET
    2012-09-19 01:02 . 2012-09-19 01:02 -------- d-----w- c:\program files (x86)\MSXML 4.0
    2012-09-18 01:22 . 2012-09-18 01:22 -------- d-----w- c:\programdata\Malwarebytes
    2012-09-17 01:11 . 2012-10-11 00:02 65309168 ----a-w- c:\windows\system32\MRT.exe
    2012-09-16 23:24 . 2012-09-16 23:56 -------- d-----w- c:\programdata\Wacom
    2012-09-16 23:24 . 2012-10-05 04:30 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
    2012-09-16 23:23 . 2012-09-16 23:39 -------- d-----w- c:\program files (x86)\Bamboo Dock
    2012-09-16 23:18 . 2010-10-26 21:42 642928 ------w- c:\windows\SysWow64\Pen_Touch_Tablet.dll
    2012-09-16 23:18 . 2010-10-26 21:42 749936 ------w- c:\windows\system32\Pen_Touch_Tablet.dll
    2012-09-16 23:18 . 2012-09-16 23:18 -------- d-----w- c:\program files (x86)\TabletPlugins
    2012-09-16 23:17 . 2010-10-11 19:19 18288 ----a-w- c:\windows\system32\drivers\wacmoumonitor.sys
    2012-09-16 23:17 . 2010-10-11 19:19 12848 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
    2012-09-16 23:16 . 2010-10-11 19:19 16168 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
    2012-09-16 23:16 . 2010-10-26 21:42 506736 ------w- c:\windows\SysWow64\Wintab32.dll
    2012-09-16 23:16 . 2010-10-26 21:42 600432 ------w- c:\windows\system32\Wintab32.dll
    2012-09-16 23:16 . 2010-10-26 21:42 756592 ------w- c:\windows\system32\Pen_Tablet.dll
    2012-09-16 23:16 . 2010-10-26 21:42 650096 ------w- c:\windows\SysWow64\Pen_Tablet.dll
    2012-09-16 23:16 . 2012-09-16 23:18 -------- d-----w- c:\program files\Tablet
    2012-09-16 20:24 . 2012-09-16 20:24 -------- d-----w- c:\programdata\Ad-Aware Antivirus
    2012-09-16 18:48 . 2011-12-19 17:21 45936 ----a-w- c:\windows\system32\sbbd.exe
    2012-09-16 18:48 . 2011-12-19 16:44 60536 ----a-w- c:\windows\system32\drivers\sbhips.sys
    2012-09-16 18:48 . 2011-10-26 18:23 57976 ----a-w- c:\windows\system32\drivers\sbredrv.sys
    2012-09-16 18:48 . 2012-09-16 20:21 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus
    2012-09-16 18:48 . 2012-09-16 18:48 -------- d-----w- c:\programdata\Lavasoft
    2012-09-16 18:37 . 2012-09-16 18:37 -------- d-----w- c:\programdata\GFI Software
    2012-09-16 17:50 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
    2012-09-16 17:50 . 2011-04-29 03:05 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
    2012-09-16 17:50 . 2011-04-29 03:05 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2012-09-16 17:42 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
    2012-09-16 17:42 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
    2012-09-16 17:42 . 2011-02-19 12:03 46080 ----a-w- c:\windows\system32\atmlib.dll
    2012-09-16 17:42 . 2011-02-19 09:00 367616 ----a-w- c:\windows\system32\atmfd.dll
    2012-09-16 17:42 . 2011-02-19 06:30 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
    2012-09-16 17:42 . 2011-02-19 04:34 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
    2012-09-16 17:36 . 2012-09-19 23:42 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
    2012-09-16 17:36 . 2012-09-16 17:36 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
    2012-09-16 17:36 . 2012-09-16 17:36 -------- d-----w- c:\program files (x86)\adawaretb
    2012-09-16 17:29 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
    2012-09-16 17:29 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
    2012-09-16 17:29 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
    2012-09-16 17:29 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
    2012-09-16 17:29 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
    2012-09-16 17:29 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
    2012-09-16 17:29 . 2010-12-23 10:36 259072 ----a-w- c:\windows\system32\mpg2splt.ax
    2012-09-16 17:29 . 2010-12-23 05:54 850944 ----a-w- c:\windows\SysWow64\sbe.dll
    2012-09-16 17:29 . 2010-12-23 05:54 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
    2012-09-16 17:29 . 2010-12-23 05:50 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
    2012-09-16 17:27 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll
    2012-09-16 17:27 . 2011-03-11 06:34 1395712 ----a-w- c:\windows\system32\mfc42.dll
    2012-09-16 17:27 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
    2012-09-16 17:27 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
    2012-09-16 17:27 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
    2012-09-16 17:25 . 2011-03-03 06:24 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
    2012-09-16 17:25 . 2011-03-03 06:24 357888 ----a-w- c:\windows\system32\dnsapi.dll
    2012-09-16 17:25 . 2011-03-03 06:21 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
    2012-09-16 17:25 . 2011-03-03 05:36 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
    2012-09-16 17:24 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
    2012-09-16 17:24 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
    2012-09-16 17:24 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
    2012-09-16 17:24 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
    2012-09-16 17:24 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-09-16 17:24 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
    2012-09-16 17:17 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
    2012-09-16 17:17 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
    2012-09-16 17:17 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
    2012-09-16 17:17 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
    2012-09-16 17:17 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
    2012-09-16 17:17 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
    2012-09-16 17:16 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
    2012-09-16 17:16 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
    2012-09-16 17:16 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
    2012-09-16 17:16 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
    2012-09-16 17:16 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
    2012-09-16 17:16 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
    2012-09-16 17:16 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
    2012-09-16 17:16 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
    2012-09-16 17:13 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
    2012-09-16 17:13 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
    2012-09-16 07:03 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2012-09-16 07:03 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
    2012-09-16 07:03 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
    2012-09-16 07:03 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
    2012-09-16 07:03 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
    2012-09-16 06:48 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
    2012-09-16 06:48 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
    2012-09-15 23:00 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
    2012-09-15 23:00 . 2011-05-24 10:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll
    2012-09-15 23:00 . 2011-05-24 10:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
    2012-09-15 23:00 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
    2012-09-15 23:00 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
    2012-09-14 21:42 . 2012-09-14 21:42 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
    2012-09-14 21:41 . 2012-09-16 06:40 -------- d-----w- c:\program files\Adobe
    2012-09-14 21:40 . 2012-09-16 06:40 -------- d-----w- c:\program files\Common Files\Adobe
    2012-09-14 21:40 . 2012-09-16 06:40 -------- d-----w- c:\program files (x86)\Common Files\Adobe
    2012-09-14 15:49 . 2012-09-14 15:49 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-09-14 15:49 . 2012-09-14 15:49 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-09-14 15:49 . 2012-09-16 06:40 -------- d-----w- c:\windows\SysWow64\Macromed
    2012-09-14 15:49 . 2012-09-16 06:40 -------- d-----w- c:\windows\system32\Macromed
    2012-09-14 14:32 . 2012-09-16 06:40 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
    2012-09-14 14:24 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
    2012-09-14 14:24 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
    2012-09-14 14:24 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
    2012-09-14 14:22 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
    2012-09-14 14:22 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
    2012-09-14 14:22 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
    2012-09-14 14:22 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
    2012-09-14 14:22 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
    2012-09-14 14:22 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
    2012-09-14 14:22 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
    2012-09-14 14:22 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
    2012-09-14 14:22 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
    2012-09-14 14:22 . 2012-09-16 23:19 -------- d-----w- c:\users\James
    2012-09-14 14:22 . 2012-09-14 14:22 -------- d-----w- C:\Recovery
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-09-06 21:45 . 2012-09-06 21:45 62776 ----a-w- c:\windows\system32\drivers\mwlPSDVDisk.sys
    2012-09-06 21:45 . 2012-09-06 21:45 22648 ----a-w- c:\windows\system32\drivers\mwlPSDFilter.sys
    2012-09-06 21:45 . 2012-09-06 21:45 20520 ----a-w- c:\windows\system32\drivers\mwlPSDNserv.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
    2012-04-11 20:08 87440 ----a-w- c:\program files (x86)\adawaretb\adawareDx.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2012-04-11 87440]
    .
    [HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
    "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
    "IFXSPMGT"="c:\program files (x86)\Infineon\Security Platform Software\ifxspmgt.exe" [2009-08-04 1107232]
    "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-06-22 418672]
    "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-06-22 202608]
    "VitaKeyTSR"="c:\program files (x86)\EgisTec BioExcess\EgisTSR.exe" [2011-10-26 384048]
    "WSED"="c:\program files (x86)\WSED\WSED.exe" [2010-12-02 320880]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
    "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
    "BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2012-09-16 646232]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-7-25 572000]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
    @="Ad-Aware Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
    @="Service"
    .
    R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-10-26 57976]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
    R2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
    R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
    R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-12-19 60536]
    R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
    R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-10-11 18288]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-01 1255736]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
    S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS [2009-06-26 16752]
    S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152]
    S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-09-06 22648]
    S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-09-06 20520]
    S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-06 62776]
    S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [2009-07-19 44576]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-07-12 1239952]
    S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-20 1014096]
    S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-20 1104208]
    S2 EgisTec Service;EgisTec Service;c:\program files (x86)\EgisTec BioExcess\EgisService.exe [2011-10-26 704048]
    S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-10-26 646704]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
    S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
    S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
    S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-25 2458944]
    S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2011-11-29 74872]
    S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-07-25 1326176]
    S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-07-25 681056]
    S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-26 5790064]
    S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-26 487280]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
    S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\DRIVERS\ATSwpWDF.sys [2011-08-30 1050016]
    S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-20 1304912]
    S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-12-13 94720]
    S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-12-13 747008]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-03-11 240432]
    S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-14 60416]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736]
    S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
    S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2012-01-08 11416576]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-12-22 187712]
    S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
    S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2012-03-19 314472]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-10-11 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
    - c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
    .
    2012-10-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
    - c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-12 13353064]
    "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.msn.com
    mStart Page = hxxp://www.msn.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\James\AppData\Roaming\Mozilla\Firefox\Profiles\my2whn7b.default\
    .
    - - - - ORPHANS REMOVED - - - -
    .
    HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2012-10-11 11:20:07
    ComboFix-quarantined-files.txt 2012-10-11 15:20
    .
    Pre-Run: 200,434,245,632 bytes free
    Post-Run: 200,141,578,240 bytes free
    .
    - - End Of File - - A739E4107925B560E8B1BAFCD0304C0D
  14. Broni

    Broni Malware Annihilator Posts: 46,479   +252

    I don't see anything malicious there.

    In this forum, we make sure, your computer is free of malware and your computer is clean :)
    Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
    You'll get more attention.
  15. James G

    James G Newcomer, in training Topic Starter Posts: 48

    Will do, Thank you
  16. Broni

    Broni Malware Annihilator Posts: 46,479   +252



Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.