Started as redirect, now system very unstable

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Franknj229

Thread Starter
Joined
Sep 21, 2009
Messages
88
My logs are below, but here is the background:
I use a Virtual Machine running Ubuntu for most of my internet use and in 4 years I have not had any issues with Malware/Spyware that I am aware of, but my girlfriend recently started using my computer for Facebook and free-tv-show websites. Hasn't been a problem so far but started getting Google redirects out of nowhere a few days ago.

Did a system restore to a point 2 weeks ago (just to be safe) and the system became very unstable. If I try to do more than 1 thing at a time, I crash to a blue screen that basically says, "Windows is shutting down to avoid damaging itself further." It does a quick crash dump and then restarts. Tried undoing the restore, but nothing changed.

Upon start up, I get several pop-up messages, including: "Host Process for Windows Services stopped working and was closed" - "Google Installer stopped working and was closed" - "McAfee HTML UI Container stopped working and was closed" - Microsoft Resource File To COFF Object Conversion Utility has stopped working" - "Visual C# Command Line Compiler has stopped working" - Host Process for Windows Services stopped working and was closed" - "COM Surrogate has stopped working" - "GetODDModel has stopped working"

And finally, the most annoying one, because it keeps popping up every few minutes even though I have uninstalled it: "RealPlayer has stopped working".

Microsoft Support wants to charge me $99 just to tell me to do a full system restore. Is there anything I can try before that?

Thank you for any advice. Here are my logs:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:46:17 PM, on 1/14/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
C:\Program Files (x86)\RivaTuner v2.24\RivaTunerWrapper.exe
C:\Program Files (x86)\Steam\Video Games\steam.exe
C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
C:\Users\Franknj229\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Acer Display\eDisplay Management\DTHtml.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\QuickTime\QTTask.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Franknj229\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor[1].gadget\GPUMonitor.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Franknj229\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT ACR] "C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe" -ACR
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [CanonSolutionMenuEx] "C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\video games\steam.exe" -silent
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [Apple Computer] rundll32 "C:\Users\Franknj229\AppData\Local\Apps\Apple Computer\thasashz.dll",DllRegisterServerW
O4 - Startup: GameStop Now.lnk = C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
O4 - Startup: MLB.TV NexDef Plug-in.lnk = C:\Users\Franknj229\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) - http://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {87BE3784-6977-4E84-AA08-55A96B9CEAC5} (Bl_camera Control) - http://cam4231246.viewnetcam.com:5001/bl_camera.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EAEFAD15-8753-45EF-94B0-1BAA7970CC21} (pmpeg4cam Class) - http://barkatl9991.viewnetcam.com:5007/MpegInst.cab
O16 - DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} (pmjpegcam Class) - http://cam8997481.viewnetcam.com:5009/JpegInst.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14345 bytes


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2
Run by Franknj229 at 13:48:55 on 2013-01-14
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6134.2087 [GMT -5:00]
.
AV: McAfee VirusScan *Enabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Personal Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AEADISRV.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
\\.\globalroot\systemroot\svchost.exe -netsvcs
C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
C:\Program Files (x86)\RivaTuner v2.24\RivaTunerWrapper.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Steam\Video Games\steam.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Franknj229\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Windows\system32\consent.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Acer Display\eDisplay Management\DTHtml.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\QuickTime\QTTask.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\RivaTuner v2.24\RivaTuner.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\splwow64.exe
C:\Users\Franknj229\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor[1].gadget\GPUMonitor.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://news.yahoo.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Steam] "c:\program files (x86)\steam\video games\steam.exe" -silent
uRun: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [Apple Computer] rundll32 "C:\Users\Franknj229\AppData\Local\Apps\Apple Computer\thasashz.dll",DllRegisterServerW
mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
mRun: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
mRun: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
mRun: [DT ACR] "C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe" -ACR
mRun: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe"
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [CanonSolutionMenuEx] "C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\FRANKN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEST~1.LNK - C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
StartupFolder: C:\Users\FRANKN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MLBTVN~1.LNK - C:\Users\Franknj229\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
LSP: mswsock.dll
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.8.3/GarminAxControl.CAB
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {87BE3784-6977-4E84-AA08-55A96B9CEAC5} - hxxp://cam4231246.viewnetcam.com:5001/bl_camera.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EAEFAD15-8753-45EF-94B0-1BAA7970CC21} - hxxp://barkatl9991.viewnetcam.com:5007/MpegInst.cab
DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} - hxxp://cam8997481.viewnetcam.com:5009/JpegInst.cab
TCP: NameServer = 208.59.247.45 208.59.247.46
TCP: Interfaces\{55733108-CDE5-453C-BA75-9CAFD17B0FEC} : DHCPNameServer = 208.59.247.45 208.59.247.46
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [SoundMAX] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe" /tray
x64-Run: [RivaTuner] "C:\Program Files (x86)\RivaTuner v2.24\RivaTunerWrapper.exe" /T
x64-Run: [RivaTunerStartupDaemon] "C:\Program Files (x86)\RivaTuner v2.24\RivaTunerWrapper.exe" /S
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
.
============= SERVICES / DRIVERS ===============
.
R0 mv61xx;mv61xx;C:\Windows\System32\drivers\mv61xx.sys [2008-6-23 173096]
R0 mv64xx;mv64xx;C:\Windows\System32\drivers\mv64xx.sys [2009-4-1 316456]
R1 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2009-11-6 308296]
R1 VBoxDrv;VirtualBox Service;C:\Windows\System32\drivers\VBoxDrv.sys [2012-12-2 237400]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\Windows\System32\drivers\VBoxUSBMon.sys [2012-12-2 119640]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-8-15 86016]
R2 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-27 25832]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 McProxy;McAfee Proxy Service;C:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-11-6 359952]
R2 McShield;McAfee Real-time Scanner;C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-11-6 155456]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-4-1 90112]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R3 McSysmon;McAfee SystemGuards;C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [2009-11-6 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2009-11-6 102472]
R3 mfesmfk;McAfee Inc. mfesmfk;C:\Windows\System32\drivers\mfesmfk.sys [2009-11-6 49480]
R3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys [2009-2-25 19952]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\Windows\System32\drivers\VBoxNetAdp.sys [2012-10-26 131416]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;C:\Windows\System32\drivers\VBoxNetFlt.sys [2012-10-26 146264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 mferkdk;McAfee Inc. mferkdk;C:\Windows\System32\drivers\mferkdk.sys [2009-11-6 40904]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2011-12-19 117040]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-8-1 89920]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-01-08 22:52:18 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-08 22:52:18 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-16 13:31:20 48128 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 13:12:54 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 11:08:21 368128 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 10:50:29 293376 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-14 02:22:06 67413224 ----a-w- C:\Windows\System32\mrt.exe
2012-11-14 07:06:18 17811968 ----a-w- C:\Windows\System32\mshtml.dll
2012-11-14 06:32:33 10925568 ----a-w- C:\Windows\System32\ieframe.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:44 1346048 ----a-w- C:\Windows\System32\urlmon.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 06:02:04 237056 ----a-w- C:\Windows\System32\url.dll
2012-11-14 05:59:52 85504 ----a-w- C:\Windows\System32\jsproxy.dll
2012-11-14 05:58:36 816640 ----a-w- C:\Windows\System32\jscript.dll
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:55:45 2144768 ----a-w- C:\Windows\System32\iertutil.dll
2012-11-14 05:55:26 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2012-11-14 05:53:22 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 05:46:25 248320 ----a-w- C:\Windows\System32\ieui.dll
2012-11-14 02:48:26 12320256 ----a-w- C:\Windows\SysWow64\mshtml.dll
2012-11-14 02:14:59 9738240 ----a-w- C:\Windows\SysWow64\ieframe.dll
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:44 1103872 ----a-w- C:\Windows\SysWow64\urlmon.dll
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:55:46 231936 ----a-w- C:\Windows\SysWow64\url.dll
2012-11-14 01:51:44 65024 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:49:19 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:47:20 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2012-11-14 01:46:38 1793024 ----a-w- C:\Windows\SysWow64\iertutil.dll
2012-11-14 01:45:01 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-14 01:41:30 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2012-11-13 01:55:22 2770432 ----a-w- C:\Windows\System32\win32k.sys
2012-11-13 01:45:48 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-13 01:29:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 10:45:52 477696 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 10:45:51 68096 ----a-w- C:\Windows\System32\dpnathlp.dll
2012-11-02 10:18:17 376320 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-02 08:59:56 26112 ----a-w- C:\Windows\System32\dpnsvr.exe
2012-11-02 08:26:06 23040 ----a-w- C:\Windows\SysWow64\dpnsvr.exe
2012-10-27 00:01:18 237400 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2012-10-27 00:00:50 131416 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2012-10-26 23:59:44 203608 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
2012-10-26 23:59:44 146264 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
2012-10-26 23:59:44 119640 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2012-10-25 08:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-10-25 08:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-10-24 03:20:47 198864 ----a-w- C:\Windows\SysWow64\rmoc3260.dll
2012-10-24 03:20:40 6656 ----a-w- C:\Windows\SysWow64\pndx5016.dll
2012-10-24 03:20:40 5632 ----a-w- C:\Windows\SysWow64\pndx5032.dll
.
============= FINISH: 13:49:36.38 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/1/2009 2:47:45 AM
System Uptime: 1/14/2013 11:47:41 AM (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P6T6 WS REVOLUTION
Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz | LGA1366 | 2668/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 932 GiB total, 469.515 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 932 GiB total, 476.259 GiB free.
F: is FIXED (NTFS) - 596 GiB total, 484.797 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
AA3Deploy
Acer eDisplay Management
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Battlefield 1942™
Bonjour
BovadaPoker
Canon Easy-PhotoPrint EX
Canon MP Navigator EX 4.0
Canon MP495 series MP Drivers
Canon MP495 series User Registration
Canon My Printer
Canon Solution Menu EX
Creation Kit
CyberLink DVD Suite
Download Manager 2.3.10
Dragon Age DLC Service
Dragon Age II
Dragon Age Origins - Ultimate Edition
Dragon Age: Origins
EA Installer
EA Shared Game Component: Activation
EPU-6 Engine
EVGA Precision 1.4.0
Express Gate
Fraps
GameStop App
Garmin Communicator Plugin
Garmin POI Loader
Garmin USB Drivers
Google Chrome
Google Earth Plug-in
Google Update Helper
HGTV Instant Makeover Workshop
Host OpenAL (ADI)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iCloud
Intel(R) Processor ID Utility
iTunes
Java 7 Update 7
Java Auto Updater
Java(TM) 6 Update 7
JavaFX 2.1.1
Left 4 Dead
Left 4 Dead 2 Demo
LG ODD Auto Firmware Update
marvell 61xx
McAfee SecurityCenter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Default Manager
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft UI Engine
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Move Media Player
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Essentials
neroxml
NVIDIA 3D Vision Controller Driver 306.97
NVIDIA 3D Vision Driver 306.97
NVIDIA Control Panel 306.97
NVIDIA Graphics Driver 306.97
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenOffice.org 3.2
Oracle VM VirtualBox 4.2.4
Origin
Overhead Door Configurator
Peggle Extreme
Pivot Software
PokerStars
Portal
PunkBuster Services
Puzzle Agent
PVSonyDll
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
Realtek 8169 8168 8101E 8102E Ethernet Driver
RealUpgrade 1.1
RivaTuner v2.24
SDK
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
SoundMAX
Steam
swMSM
System Requirements Lab
The Elder Scrolls V: Skyrim
TurboV
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Vista Codec Package
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio C++ 10.0 Runtime
VLC media player 1.0.3
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Live ID Sign-in Assistant
WinRAR archiver
x64 Components v2.1.1
.
==== End Of File ===========================


GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-14 14:10:55
Windows 6.0.6002 Service Pack 2 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD1001FALS-00J7B0 rev.05.00K05 931.51GB
Running: 00bsdxb5.exe; Driver: C:\Users\FRANKN~1\AppData\Local\Temp\axlyykoc.sys

---- Disk sectors - GMER 2.0 ----
Disk \Device\Harddisk0\DR0 sector 0: rootkit-like behavior
---- Devices - GMER 2.0 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 ð¹A
---- Threads - GMER 2.0 ----
Thread C:\Windows\system32\svchost.exe [360:3504] 0000000000781808
Thread C:\Windows\system32\svchost.exe [360:3508] 0000000000f24960
Thread C:\Windows\system32\svchost.exe [360:3512] 0000000000f24430
Thread C:\Windows\system32\svchost.exe [360:3516] 0000000000f28c50
Thread C:\Windows\system32\svchost.exe [360:3520] 0000000000f24060
Thread c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [1156:748] 00000000754df36f
Thread c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [1156:2056] 000000006031ffe0
Thread c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [1156:2212] 000000006453fa00
Thread c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [1156:2216] 000000006453fa00
Thread c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [1156:2220] 000000006453fa00
Thread c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [1156:2224] 0000000064644310
Thread c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [1156:2240] 0000000074e357e9
Thread c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [1156:2300] 0000000064201910
Thread c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [1156:3636] 0000000075193402
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:3040] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:3044] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:3048] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:3052] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:3056] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:3060] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:3064] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:3068] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:620] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2140] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2184] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2084] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2264] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2268] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2304] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2336] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2360] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2388] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2440] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2460] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2488] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2560] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2564] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2004] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2756] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2752] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2848] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2852] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:1472] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:2896] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:1836] 0000000066241ad0
Thread C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776:3032] 0000000066241ad0
Thread C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [2068:2332] 0000000063469b7c
Thread C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [2736:2760] 00000000754df36f
Thread C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [2736:4048] 0000000074e357e9
Thread C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [2736:3756] 0000000075193402
Thread C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [2736:3464] 0000000074e357e9
Thread C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [2736:7404] 0000000075193402
Thread C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [3904:3988] 0000000066241850
Thread C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [3904:3992] 0000000066241850
Thread C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [3904:3996] 0000000066241850
Thread C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [3904:4000] 0000000066241850
Thread c:\PROGRA~2\mcafee.com\agent\mcagent.exe [4440:5092] 0000000075193402
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:4132] 0000000073266488
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6956] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:1664] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:7000] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6756] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6332] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6208] 0000000069c30540
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:5848] 000000006349a510
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6832] 0000000063ca28ad
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6280] 000000007715dd19
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6252] 00000000771e810d
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:1080] 000000006349a510
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:3376] 000000006349a510
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6944] 000000006349a510
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6864] 0000000069c30540
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:4116] 0000000069c30540
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6964] 00000000380b5530
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:3684] 0000000072217e7e
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6932] 0000000069c30540
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:5844] 0000000069c30540
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:3228] 0000000069c30540
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:1440] 0000000075193402
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6996] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:3532] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6180] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:352] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:5768] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:4868] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6776] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6492] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6496] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6500] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6448] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:4944] 0000000069c30540
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:5344] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6680] 00000000301a81a4
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:3700] 0000000069d4b420
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:4916] 0000000069c30540
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:5500] 00000000771db5ab
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:4260] 000000007715dd19
Thread C:\Program Files (x86)\Steam\Video Games\steam.exe [4800:6584] 0000000075193402
Thread [6432:6732] 0000000075193402
Thread C:\Program Files (x86)\Internet Explorer\iexplore.exe [5972:4816] 00000000005cc920
Thread C:\Program Files (x86)\Internet Explorer\iexplore.exe [5972:4032] 00000000005cb3e0
Thread C:\Windows\SysWOW64\svchost.exe [5380:7616] 0000000071d47fa0
Thread C:\Windows\SysWOW64\svchost.exe [5380:7328] 0000000071d47a80
Thread C:\Windows\SysWOW64\svchost.exe [5380:8188] 0000000071d47a40
---- Processes - GMER 2.0 ----
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\System32\svchost.exe [328] 000007fefcbb0000
Library c:\windows\system32\y (*** suspicious ***) @ C:\Windows\system32\svchost.exe [360] 0000033345670000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\System32\spoolsv.exe [1620] 000007fefcbb0000
Library ? (*** suspicious ***) @ c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe [1156] 0000000077120000
Library ? (*** suspicious ***) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [1776] 0000000062a00000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [2068] 0000000062e00000
Library ? (*** suspicious ***) @ C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe [2736] 0000000077120000
Library \\.\globalroot\systemroot\svchost.exe (*** suspicious ***) @ \\.\globalroot\systemroot\svchost.exe [3284] 0000000000c00000
Library ? (*** suspicious ***) @ C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe [3904] 0000000073620000
Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe [4092] 0000000073260000
Library ? (*** suspicious ***) @ c:\PROGRA~2\mcafee.com\agent\mcagent.exe [4440] 0000000077120000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [5328] 000007fefcbb0000
Library c:\windows\system32\y (*** suspicious ***) @ C:\Windows\Explorer.EXE [5328] 0000033345670000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Program Files\Windows Sidebar\sidebar.exe [4760] 000007fefcbb0000
Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe [6024] 0000000073260000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [5488] 000007fefcbb0000
Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [6388] 0000000073260000
Library ? (*** suspicious ***) @ [6432] 0000000000950000
Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\iTunes\iTunesHelper.exe [6480] 0000000073260000
Library \\.\globalroot\systemroot\system32\mswsock.dll (*** suspicious ***) @ C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [2536] 000007fefcbb0000
Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\Internet Explorer\iexplore.exe [5972] 0000000073260000
Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\Internet Explorer\iexplore.exe [3976] 0000000073260000
Library \\.\globalroot\systemroot\syswow64\mswsock.dll (*** suspicious ***) @ C:\Program Files (x86)\Internet Explorer\iexplore.exe [6592] 0000000073260000
---- EOF - GMER 2.0 ----
 

Franknj229

Thread Starter
Joined
Sep 21, 2009
Messages
88
Posted 3 days ago. No replies. Just bumping back to the top. I appreciate any help that can be offered.

Thank you.

*Update* I can get the computer to stay on (no blue screen crashes) and even get online, but only if I don't do more than one thing at a time. During boot up, I have to wait for every single pop-up warning (as listed in previous message) to clear one at a time and I don't do anything until at least a minute has passed with no new messages, or it will crash. Once I feel comfortable enough to tip-toe out onto the ice and open Internet Explorer, I can usually get around fine as long as I stay away from Google searches. Occassionally a new window will open up on its own with some ad, and I still get the "Real Player has stopped working" message every 10 minutes or so.
 

Franknj229

Thread Starter
Joined
Sep 21, 2009
Messages
88
Still bumping...

Some new things I've noticed:
-Can't access my inbox when trying to access my mail through Comcast.net
-My girlfriend can't log into her school account (works on other computers)

Could really use a hand here...
 

Franknj229

Thread Starter
Joined
Sep 21, 2009
Messages
88
This will be my last bump, I promise. I am trying really hard to be patient. I know this site is run by volunteers and I really appreciate that you all are willing to help others without the promise of financial compensation.

I'm frustrated because a post titled "999" has over 700 replies and has essentially turned into a chat-room, but my ACTUAL problem has not received a single response. Not even a "your call will be answered in the order it was received" to at least let me know it might eventually be looked at.

The idea that maybe the lack of response is somehow my own fault has begun to occur to me. If I left something out of my initial post, or I inadvertatly committed some kind of message board faux pas, please let me know. It was not intentional. I thought I followed all the rules before posting and I waited over 48 hours with no response before bumping the first couple of times.

If I don't hear anything by Friday I'm going to have to do a full system restore, which I REEEEEALLY don't want to do.

Please let me know if I have any other options.

Thank you for any help you can give me.

-Frank
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
118,439
Everyone here are volunteers and they may pass up certain threads in favour of others. There could be many reasons but it's certainly their perogative. So I'll try to help you out.

Please go here and download the TDSSKiller.exe to your desktop.
  • Double-click to TDSSKiller.exe on your desktop to run it.
  • Click on Start Scan
  • As we don't want to fix anything yet, if any malicious objects are detected, do NOT select Cure but select Skip instead.
It will produce a log once it finishes in the root drive which should look like this example:

C:\TDSSKiller.<version_date_time>log.txt

Please copy and paste the contents of that log in your next reply.
 

Franknj229

Thread Starter
Joined
Sep 21, 2009
Messages
88
First, thank you very much for even getting back to me.

Second, (so you have any and all information you need) when I didn't get a single response in over 2 weeks, I assumed the lack of response was your team's way of telling me the solution would be obvious if I just took the time to read some of the other similar posts. So a couple of days ago I ran Microsoft Security Essentials as suggested to another poster. It found 8 threats and was able to clean up 6. It then prompted me to download some offline removal software. (I think it was called Windows Defender Offline, or something similar) It had me create a CD and then boot from that CD. That program found 11 threats and claimed to have cleaned them all.

I don't seem to be getting the google re-directs anymore and I can once again access my email through Comcast.net. I do, however, continue to get these popup messages that some random system has stopped working as I mentioned in my original post. The most common/annoying one is "Real Player has stopped working". This comes up every few minutes despite (as far as I can tell) being uninstalled.

I'm afraid my problem is somehow related to Java, but that's a hunch and I don't know/understand why that would be a problem, but everytime I click "ok" to the popup about updating it, I get the crash.

Here is the report from TDSSkiller: (Thanks again)

12:12:07.0836 2356 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:12:08.0123 2356 ============================================================
12:12:08.0123 2356 Current date / time: 2013/01/28 12:12:08.0123
12:12:08.0123 2356 SystemInfo:
12:12:08.0123 2356
12:12:08.0123 2356 OS Version: 6.0.6002 ServicePack: 2.0
12:12:08.0123 2356 Product type: Workstation
12:12:08.0123 2356 ComputerName: FRANKNJ229-PC
12:12:08.0124 2356 UserName: Franknj229
12:12:08.0124 2356 Windows directory: C:\Windows
12:12:08.0124 2356 System windows directory: C:\Windows
12:12:08.0124 2356 Running under WOW64
12:12:08.0124 2356 Processor architecture: Intel x64
12:12:08.0124 2356 Number of processors: 8
12:12:08.0124 2356 Page size: 0x1000
12:12:08.0124 2356 Boot type: Normal boot
12:12:08.0124 2356 ============================================================
12:12:09.0114 2356 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:12:09.0129 2356 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:12:09.0134 2356 ============================================================
12:12:09.0134 2356 \Device\Harddisk0\DR0:
12:12:09.0134 2356 MBR partitions:
12:12:09.0134 2356 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:12:09.0134 2356 \Device\Harddisk1\DR1:
12:12:09.0134 2356 MBR partitions:
12:12:09.0134 2356 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000
12:12:09.0134 2356 ============================================================
12:12:09.0157 2356 C: <-> \Device\Harddisk0\DR0\Partition1
12:12:09.0171 2356 F: <-> \Device\Harddisk1\DR1\Partition1
12:12:09.0172 2356 ============================================================
12:12:09.0172 2356 Initialize success
12:12:09.0172 2356 ============================================================
12:12:23.0072 5144 ============================================================
12:12:23.0072 5144 Scan started
12:12:23.0072 5144 Mode: Manual;
12:12:23.0072 5144 ============================================================
12:12:23.0457 5144 ================ Scan system memory ========================
12:12:23.0457 5144 System memory - ok
12:12:23.0457 5144 ================ Scan services =============================
12:12:23.0549 5144 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:12:23.0553 5144 ACPI - ok
12:12:23.0581 5144 [ 59AA63B5DCC9B99C25ACC1BC5E9E6816 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
12:12:23.0586 5144 ADIHdAudAddService - ok
12:12:23.0641 5144 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:12:23.0642 5144 AdobeARMservice - ok
12:12:23.0724 5144 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:12:23.0725 5144 AdobeFlashPlayerUpdateSvc - ok
12:12:23.0751 5144 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:12:23.0756 5144 adp94xx - ok
12:12:23.0771 5144 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:12:23.0775 5144 adpahci - ok
12:12:23.0787 5144 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:12:23.0789 5144 adpu160m - ok
12:12:23.0798 5144 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:12:23.0800 5144 adpu320 - ok
12:12:23.0824 5144 [ 3BDB13C79CC8C06E2F8182595903ED69 ] AEADIFilters C:\Windows\system32\AEADISRV.EXE
12:12:23.0826 5144 AEADIFilters - ok
12:12:23.0845 5144 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:12:23.0846 5144 AeLookupSvc - ok
12:12:23.0867 5144 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
12:12:23.0872 5144 AFD - ok
12:12:23.0881 5144 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:12:23.0882 5144 agp440 - ok
12:12:23.0899 5144 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:12:23.0900 5144 aic78xx - ok
12:12:23.0906 5144 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
12:12:23.0907 5144 ALG - ok
12:12:23.0913 5144 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
12:12:23.0914 5144 aliide - ok
12:12:23.0916 5144 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
12:12:23.0917 5144 amdide - ok
12:12:23.0929 5144 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:12:23.0929 5144 AmdK8 - ok
12:12:23.0943 5144 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
12:12:23.0944 5144 Appinfo - ok
12:12:23.0983 5144 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:12:23.0984 5144 Apple Mobile Device - ok
12:12:23.0994 5144 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
12:12:23.0995 5144 arc - ok
12:12:24.0005 5144 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:12:24.0006 5144 arcsas - ok
12:12:24.0043 5144 [ 8065A7659562005127673AC52898675F ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
12:12:24.0044 5144 AsIO - ok
12:12:24.0072 5144 aspnet_state - ok
12:12:24.0090 5144 [ EDABC3FA8F941D2047DA630E95E936C7 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
12:12:24.0136 5144 AsSysCtrlService - ok
12:12:24.0138 5144 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:12:24.0139 5144 AsyncMac - ok
12:12:24.0155 5144 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
12:12:24.0155 5144 atapi - ok
12:12:24.0186 5144 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:12:24.0191 5144 AudioEndpointBuilder - ok
12:12:24.0197 5144 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:12:24.0199 5144 AudioSrv - ok
12:12:24.0222 5144 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
12:12:24.0227 5144 BFE - ok
12:12:24.0264 5144 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
12:12:24.0278 5144 BITS - ok
12:12:24.0287 5144 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:12:24.0288 5144 blbdrive - ok
12:12:24.0333 5144 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:12:24.0339 5144 Bonjour Service - ok
12:12:24.0360 5144 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:12:24.0361 5144 bowser - ok
12:12:24.0364 5144 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:12:24.0365 5144 BrFiltLo - ok
12:12:24.0375 5144 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:12:24.0376 5144 BrFiltUp - ok
12:12:24.0393 5144 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
12:12:24.0394 5144 Browser - ok
12:12:24.0401 5144 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
12:12:24.0402 5144 Brserid - ok
12:12:24.0411 5144 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:12:24.0412 5144 BrSerWdm - ok
12:12:24.0414 5144 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:12:24.0415 5144 BrUsbMdm - ok
12:12:24.0422 5144 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:12:24.0423 5144 BrUsbSer - ok
12:12:24.0428 5144 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:12:24.0429 5144 BTHMODEM - ok
12:12:24.0433 5144 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:12:24.0434 5144 cdfs - ok
12:12:24.0459 5144 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:12:24.0460 5144 cdrom - ok
12:12:24.0481 5144 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
12:12:24.0482 5144 CertPropSvc - ok
12:12:24.0501 5144 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
12:12:24.0502 5144 circlass - ok
12:12:24.0532 5144 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
12:12:24.0536 5144 CLFS - ok
12:12:24.0555 5144 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:12:24.0573 5144 clr_optimization_v2.0.50727_32 - ok
12:12:24.0616 5144 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:12:24.0617 5144 clr_optimization_v2.0.50727_64 - ok
12:12:24.0659 5144 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:12:24.0661 5144 clr_optimization_v4.0.30319_32 - ok
12:12:24.0698 5144 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:12:24.0700 5144 clr_optimization_v4.0.30319_64 - ok
12:12:24.0711 5144 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:12:24.0712 5144 cmdide - ok
12:12:24.0714 5144 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:12:24.0715 5144 Compbatt - ok
12:12:24.0717 5144 COMSysApp - ok
12:12:24.0848 5144 cpuz132 - ok
12:12:24.0850 5144 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:12:24.0851 5144 crcdisk - ok
12:12:24.0870 5144 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:12:24.0873 5144 CryptSvc - ok
12:12:24.0915 5144 [ 80861969541971176E005D2C09DAE851 ] DAUpdaterSvc C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
12:12:24.0916 5144 DAUpdaterSvc - ok
12:12:24.0976 5144 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:12:24.0984 5144 DcomLaunch - ok
12:12:25.0003 5144 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:12:25.0004 5144 DfsC - ok
12:12:25.0161 5144 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
12:12:25.0203 5144 DFSR - ok
12:12:25.0226 5144 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:12:25.0229 5144 Dhcp - ok
12:12:25.0253 5144 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
12:12:25.0254 5144 disk - ok
12:12:25.0281 5144 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:12:25.0282 5144 Dnscache - ok
12:12:25.0305 5144 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
12:12:25.0308 5144 dot3svc - ok
12:12:25.0324 5144 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
12:12:25.0326 5144 DPS - ok
12:12:25.0338 5144 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:12:25.0339 5144 drmkaud - ok
12:12:25.0351 5144 [ 3430A3D6A97C0E827DB0930FEE017499 ] DTSRVC C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
12:12:25.0688 5144 DTSRVC - ok
12:12:25.0690 5144 dvumgzsl - ok
12:12:25.0715 5144 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:12:25.0725 5144 DXGKrnl - ok
12:12:25.0738 5144 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
12:12:25.0740 5144 E1G60 - ok
12:12:25.0764 5144 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
12:12:25.0765 5144 EapHost - ok
12:12:25.0789 5144 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
12:12:25.0791 5144 Ecache - ok
12:12:25.0799 5144 edygbarx - ok
12:12:25.0825 5144 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:12:25.0856 5144 ehRecvr - ok
12:12:25.0859 5144 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
12:12:25.0861 5144 ehSched - ok
12:12:25.0869 5144 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
12:12:25.0869 5144 ehstart - ok
12:12:25.0886 5144 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:12:25.0891 5144 elxstor - ok
12:12:25.0918 5144 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:12:25.0923 5144 EMDMgmt - ok
12:12:25.0928 5144 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:12:25.0928 5144 ErrDev - ok
12:12:25.0957 5144 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
12:12:25.0962 5144 EventSystem - ok
12:12:25.0982 5144 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
12:12:25.0985 5144 exfat - ok
12:12:26.0009 5144 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:12:26.0012 5144 fastfat - ok
12:12:26.0021 5144 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:12:26.0022 5144 fdc - ok
12:12:26.0024 5144 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
12:12:26.0025 5144 fdPHost - ok
12:12:26.0031 5144 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
12:12:26.0032 5144 FDResPub - ok
12:12:26.0039 5144 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:12:26.0041 5144 FileInfo - ok
12:12:26.0051 5144 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:12:26.0053 5144 Filetrace - ok
12:12:26.0073 5144 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:12:26.0074 5144 flpydisk - ok
12:12:26.0094 5144 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:12:26.0097 5144 FltMgr - ok
12:12:26.0134 5144 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
12:12:26.0147 5144 FontCache - ok
12:12:26.0177 5144 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:12:26.0178 5144 FontCache3.0.0.0 - ok
12:12:26.0190 5144 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:12:26.0191 5144 Fs_Rec - ok
12:12:26.0199 5144 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:12:26.0201 5144 gagp30kx - ok
12:12:26.0223 5144 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:12:26.0224 5144 GEARAspiWDM - ok
12:12:26.0226 5144 ghhhadcu - ok
12:12:26.0263 5144 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
12:12:26.0271 5144 gpsvc - ok
12:12:26.0309 5144 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:12:26.0354 5144 gupdate - ok
12:12:26.0360 5144 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:12:26.0361 5144 gupdatem - ok
12:12:26.0387 5144 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:12:26.0392 5144 HdAudAddService - ok
12:12:26.0430 5144 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:12:26.0600 5144 HDAudBus - ok
12:12:26.0689 5144 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:12:26.0690 5144 HidBth - ok
12:12:26.0727 5144 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:12:26.0728 5144 HidIr - ok
12:12:26.0734 5144 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
12:12:26.0735 5144 hidserv - ok
12:12:26.0754 5144 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:12:26.0755 5144 HidUsb - ok
12:12:26.0776 5144 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
12:12:26.0778 5144 hkmsvc - ok
12:12:26.0788 5144 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:12:26.0789 5144 HpCISSs - ok
12:12:26.0810 5144 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:12:26.0817 5144 HTTP - ok
12:12:26.0824 5144 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:12:26.0825 5144 i2omp - ok
12:12:26.0831 5144 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:12:26.0832 5144 i8042prt - ok
12:12:26.0859 5144 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:12:26.0862 5144 iaStorV - ok
12:12:26.0906 5144 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:12:26.0907 5144 IDriverT - ok
12:12:27.0035 5144 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:12:27.0087 5144 idsvc - ok
12:12:27.0093 5144 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:12:27.0094 5144 iirsp - ok
12:12:27.0119 5144 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
12:12:27.0124 5144 IKEEXT - ok
12:12:27.0136 5144 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
12:12:27.0137 5144 intelide - ok
12:12:27.0146 5144 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:12:27.0147 5144 intelppm - ok
12:12:27.0161 5144 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:12:27.0162 5144 IPBusEnum - ok
12:12:27.0179 5144 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:12:27.0180 5144 IpFilterDriver - ok
12:12:27.0209 5144 [ BF0DBFA9792C5C14FA00F61C75116C1B ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
12:12:27.0212 5144 IpHlpSvc - ok
12:12:27.0214 5144 IpInIp - ok
12:12:27.0222 5144 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:12:27.0224 5144 IPMIDRV - ok
12:12:27.0231 5144 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:12:27.0232 5144 IPNAT - ok
12:12:27.0261 5144 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:12:27.0268 5144 iPod Service - ok
12:12:27.0295 5144 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:12:27.0296 5144 IRENUM - ok
12:12:27.0306 5144 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:12:27.0307 5144 isapnp - ok
12:12:27.0330 5144 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:12:27.0333 5144 iScsiPrt - ok
12:12:27.0343 5144 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:12:27.0344 5144 iteatapi - ok
12:12:27.0355 5144 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:12:27.0356 5144 iteraid - ok
12:12:27.0358 5144 juekuvjz - ok
12:12:27.0369 5144 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:12:27.0370 5144 kbdclass - ok
12:12:27.0384 5144 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:12:27.0385 5144 kbdhid - ok
12:12:27.0397 5144 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
12:12:27.0397 5144 KeyIso - ok
12:12:27.0419 5144 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:12:27.0425 5144 KSecDD - ok
12:12:27.0434 5144 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:12:27.0434 5144 ksthunk - ok
12:12:27.0462 5144 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
12:12:27.0467 5144 KtmRm - ok
12:12:27.0483 5144 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:12:27.0486 5144 LanmanServer - ok
12:12:27.0503 5144 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:12:27.0506 5144 LanmanWorkstation - ok
12:12:27.0519 5144 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:12:27.0520 5144 lltdio - ok
12:12:27.0543 5144 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:12:27.0547 5144 lltdsvc - ok
12:12:27.0560 5144 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:12:27.0561 5144 lmhosts - ok
12:12:27.0563 5144 lowqnqxo - ok
12:12:27.0608 5144 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:12:27.0610 5144 LSI_FC - ok
12:12:27.0619 5144 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:12:27.0621 5144 LSI_SAS - ok
12:12:27.0631 5144 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:12:27.0633 5144 LSI_SCSI - ok
12:12:27.0641 5144 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
12:12:27.0643 5144 luafv - ok
12:12:27.0663 5144 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:12:27.0665 5144 Mcx2Svc - ok
12:12:27.0678 5144 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
12:12:27.0678 5144 megasas - ok
12:12:27.0695 5144 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:12:27.0700 5144 MegaSR - ok
12:12:27.0715 5144 [ 4A1C21576FB7F96F4DBDEA627FFDA775 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
12:12:27.0716 5144 mfeavfk - ok
12:12:27.0736 5144 [ 9E0AC52B3232FF8DC65FEE1A9C2FE8D1 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
12:12:27.0740 5144 mfehidk - ok
12:12:27.0758 5144 [ 624D717B11E5004F68442B5740F17F21 ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
12:12:27.0759 5144 mferkdk - ok
12:12:27.0764 5144 [ 0CD9DE7B96735F33F078C4EA044E8B34 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
12:12:27.0765 5144 mfesmfk - ok
12:12:27.0782 5144 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
12:12:27.0783 5144 MMCSS - ok
12:12:27.0796 5144 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
12:12:27.0797 5144 Modem - ok
12:12:27.0813 5144 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:12:27.0814 5144 monitor - ok
12:12:27.0819 5144 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:12:27.0820 5144 mouclass - ok
12:12:27.0838 5144 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:12:27.0838 5144 mouhid - ok
12:12:27.0846 5144 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:12:27.0847 5144 MountMgr - ok
12:12:27.0870 5144 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:12:27.0872 5144 MpFilter - ok
12:12:27.0884 5144 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
12:12:27.0886 5144 mpio - ok
12:12:27.0892 5144 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:12:27.0893 5144 mpsdrv - ok
12:12:27.0920 5144 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
12:12:27.0928 5144 MpsSvc - ok
12:12:27.0940 5144 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:12:27.0940 5144 Mraid35x - ok
12:12:27.0962 5144 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:12:27.0964 5144 MRxDAV - ok
12:12:27.0987 5144 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:12:27.0988 5144 mrxsmb - ok
12:12:28.0003 5144 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:12:28.0006 5144 mrxsmb10 - ok
12:12:28.0016 5144 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:12:28.0017 5144 mrxsmb20 - ok
12:12:28.0039 5144 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
12:12:28.0040 5144 msahci - ok
12:12:28.0051 5144 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:12:28.0052 5144 msdsm - ok
12:12:28.0067 5144 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
12:12:28.0104 5144 MSDTC - ok
12:12:28.0127 5144 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:12:28.0128 5144 Msfs - ok
12:12:28.0134 5144 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:12:28.0134 5144 msisadrv - ok
12:12:28.0160 5144 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:12:28.0162 5144 MSiSCSI - ok
12:12:28.0164 5144 msiserver - ok
12:12:28.0167 5144 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:12:28.0167 5144 MSKSSRV - ok
12:12:28.0207 5144 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:12:28.0208 5144 MsMpSvc - ok
12:12:28.0219 5144 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:12:28.0219 5144 MSPCLOCK - ok
12:12:28.0221 5144 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:12:28.0222 5144 MSPQM - ok
12:12:28.0240 5144 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:12:28.0244 5144 MsRPC - ok
12:12:28.0264 5144 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:12:28.0265 5144 mssmbios - ok
12:12:28.0267 5144 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:12:28.0267 5144 MSTEE - ok
12:12:28.0292 5144 [ 6936198F2CC25B39CF5262436C80DF46 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
12:12:28.0293 5144 MTsensor - ok
12:12:28.0300 5144 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
12:12:28.0301 5144 Mup - ok
12:12:28.0315 5144 [ E884FD7FB31BC82041AAB75BE5C81EEF ] mv61xx C:\Windows\system32\DRIVERS\mv61xx.sys
12:12:28.0318 5144 mv61xx - ok
12:12:28.0333 5144 [ 6E6A3ADF84ED72514C65484AF6E51242 ] mv64xx C:\Windows\system32\DRIVERS\mv64xx.sys
12:12:28.0337 5144 mv64xx - ok
12:12:28.0348 5144 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
12:12:28.0354 5144 napagent - ok
12:12:28.0371 5144 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:12:28.0374 5144 NativeWifiP - ok
12:12:28.0375 5144 nbdvbzzw - ok
12:12:28.0406 5144 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:12:28.0414 5144 NDIS - ok
12:12:28.0425 5144 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:12:28.0425 5144 NdisTapi - ok
12:12:28.0435 5144 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:12:28.0435 5144 Ndisuio - ok
12:12:28.0464 5144 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:12:28.0480 5144 NdisWan - ok
12:12:28.0483 5144 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:12:28.0484 5144 NDProxy - ok
12:12:28.0486 5144 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:12:28.0487 5144 NetBIOS - ok
12:12:28.0557 5144 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:12:28.0560 5144 netbt - ok
12:12:28.0572 5144 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
12:12:28.0572 5144 Netlogon - ok
12:12:28.0687 5144 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
12:12:28.0733 5144 Netman - ok
12:12:28.0757 5144 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
12:12:28.0761 5144 netprofm - ok
12:12:28.0782 5144 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:12:28.0784 5144 NetTcpPortSharing - ok
12:12:28.0795 5144 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:12:28.0796 5144 nfrd960 - ok
12:12:28.0819 5144 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:12:28.0820 5144 NisDrv - ok
12:12:28.0844 5144 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
12:12:28.0848 5144 NisSrv - ok
12:12:28.0857 5144 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
12:12:28.0861 5144 NlaSvc - ok
12:12:28.0933 5144 [ 193FA51DDDD0BFFDED1C340F0434999A ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
12:12:28.0992 5144 NMIndexingService - ok
12:12:29.0010 5144 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:12:29.0011 5144 Npfs - ok
12:12:29.0029 5144 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
12:12:29.0030 5144 nsi - ok
12:12:29.0032 5144 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:12:29.0033 5144 nsiproxy - ok
12:12:29.0159 5144 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:12:29.0175 5144 Ntfs - ok
12:12:29.0181 5144 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
12:12:29.0181 5144 Null - ok
12:12:29.0563 5144 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:12:29.0753 5144 nvlddmkm - ok
12:12:29.0771 5144 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:12:29.0773 5144 nvraid - ok
12:12:29.0785 5144 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:12:29.0786 5144 nvstor - ok
12:12:29.0817 5144 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
12:12:29.0828 5144 nvsvc - ok
12:12:29.0892 5144 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:12:29.0906 5144 nvUpdatusService - ok
12:12:29.0913 5144 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:12:29.0914 5144 nv_agp - ok
12:12:29.0916 5144 NwlnkFlt - ok
12:12:29.0919 5144 NwlnkFwd - ok
12:12:29.0943 5144 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:12:29.0945 5144 ohci1394 - ok
12:12:29.0980 5144 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:12:29.0989 5144 p2pimsvc - ok
12:12:30.0001 5144 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
12:12:30.0005 5144 p2psvc - ok
12:12:30.0018 5144 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
12:12:30.0019 5144 Parport - ok
12:12:30.0041 5144 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:12:30.0043 5144 partmgr - ok
12:12:30.0058 5144 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
12:12:30.0060 5144 PcaSvc - ok
12:12:30.0078 5144 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
12:12:30.0081 5144 pci - ok
12:12:30.0098 5144 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
12:12:30.0099 5144 pciide - ok
12:12:30.0115 5144 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:12:30.0118 5144 pcmcia - ok
12:12:30.0143 5144 [ FD1BB23371EE2E5E3076D7B0D8B33E91 ] PdiPorts C:\Windows\system32\DRIVERS\PdiPorts.sys
12:12:30.0150 5144 PdiPorts - ok
12:12:30.0178 5144 [ A1F1260AD7AEABA9D53724E66AA274BA ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
12:12:30.0227 5144 PdiService - ok
12:12:30.0268 5144 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:12:30.0275 5144 PEAUTH - ok
12:12:30.0345 5144 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:12:30.0346 5144 PerfHost - ok
12:12:30.0378 5144 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
12:12:30.0393 5144 pla - ok
12:12:30.0419 5144 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:12:30.0423 5144 PlugPlay - ok
12:12:30.0433 5144 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:12:30.0437 5144 PNRPAutoReg - ok
12:12:30.0446 5144 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:12:30.0450 5144 PNRPsvc - ok
12:12:30.0478 5144 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:12:30.0485 5144 PolicyAgent - ok
12:12:30.0510 5144 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:12:30.0512 5144 PptpMiniport - ok
12:12:30.0518 5144 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
12:12:30.0519 5144 Processor - ok
12:12:30.0541 5144 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
12:12:30.0544 5144 ProfSvc - ok
12:12:30.0556 5144 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
12:12:30.0557 5144 ProtectedStorage - ok
12:12:30.0579 5144 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:12:30.0580 5144 PSched - ok
12:12:30.0602 5144 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:12:30.0615 5144 ql2300 - ok
12:12:30.0625 5144 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:12:30.0626 5144 ql40xx - ok
12:12:30.0645 5144 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
12:12:30.0649 5144 QWAVE - ok
12:12:30.0654 5144 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:12:30.0655 5144 QWAVEdrv - ok
12:12:30.0663 5144 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:12:30.0663 5144 RasAcd - ok
12:12:30.0675 5144 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
12:12:30.0677 5144 RasAuto - ok
12:12:30.0699 5144 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:12:30.0701 5144 Rasl2tp - ok
12:12:30.0706 5144 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
12:12:30.0710 5144 RasMan - ok
12:12:30.0732 5144 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:12:30.0733 5144 RasPppoe - ok
12:12:30.0751 5144 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:12:30.0752 5144 RasSstp - ok
12:12:30.0774 5144 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:12:30.0777 5144 rdbss - ok
12:12:30.0814 5144 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:12:30.0815 5144 RDPCDD - ok
12:12:30.0825 5144 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:12:30.0829 5144 rdpdr - ok
12:12:30.0831 5144 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:12:30.0832 5144 RDPENCDD - ok
12:12:30.0860 5144 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:12:30.0863 5144 RDPWD - ok
12:12:30.0874 5144 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:12:30.0876 5144 RemoteAccess - ok
12:12:30.0900 5144 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:12:30.0903 5144 RemoteRegistry - ok
12:12:30.0940 5144 [ A10B40CF9EB57D24E44717A2D38A00F4 ] RivaTuner64 C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys
12:12:30.0941 5144 RivaTuner64 - ok
12:12:30.0956 5144 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
12:12:30.0957 5144 RpcLocator - ok
12:12:30.0976 5144 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
12:12:30.0981 5144 RpcSs - ok
12:12:30.0995 5144 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:12:30.0996 5144 rspndr - ok
12:12:31.0020 5144 [ A2CBE070FBA458357ACEF41C3F3906CA ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
12:12:31.0022 5144 RTL8169 - ok
12:12:31.0025 5144 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
12:12:31.0025 5144 SamSs - ok
12:12:31.0039 5144 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:12:31.0040 5144 sbp2port - ok
12:12:31.0060 5144 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:12:31.0063 5144 SCardSvr - ok
12:12:31.0092 5144 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
12:12:31.0104 5144 Schedule - ok
12:12:31.0117 5144 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:12:31.0118 5144 SCPolicySvc - ok
12:12:31.0142 5144 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:12:31.0144 5144 SDRSVC - ok
12:12:31.0184 5144 [ CA7E42E0B8D117165ED553A7D681352A ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:12:31.0187 5144 SeaPort - ok
12:12:31.0195 5144 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:12:31.0196 5144 secdrv - ok
12:12:31.0205 5144 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
12:12:31.0206 5144 seclogon - ok
12:12:31.0215 5144 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
12:12:31.0217 5144 SENS - ok
12:12:31.0221 5144 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:12:31.0222 5144 Serenum - ok
12:12:31.0228 5144 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
12:12:31.0229 5144 Serial - ok
12:12:31.0232 5144 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:12:31.0233 5144 sermouse - ok
12:12:31.0243 5144 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
12:12:31.0245 5144 SessionEnv - ok
12:12:31.0253 5144 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:12:31.0253 5144 sffdisk - ok
12:12:31.0262 5144 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:12:31.0262 5144 sffp_mmc - ok
12:12:31.0265 5144 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:12:31.0270 5144 sffp_sd - ok
12:12:31.0273 5144 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:12:31.0274 5144 sfloppy - ok
12:12:31.0299 5144 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:12:31.0304 5144 SharedAccess - ok
12:12:31.0333 5144 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:12:31.0337 5144 ShellHWDetection - ok
12:12:31.0343 5144 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:12:31.0344 5144 SiSRaid2 - ok
12:12:31.0354 5144 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:12:31.0355 5144 SiSRaid4 - ok
12:12:31.0402 5144 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
12:12:31.0441 5144 slsvc - ok
12:12:31.0470 5144 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:12:31.0472 5144 SLUINotify - ok
12:12:31.0491 5144 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:12:31.0492 5144 Smb - ok
12:12:31.0518 5144 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:12:31.0519 5144 SNMPTRAP - ok
12:12:31.0538 5144 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
12:12:31.0539 5144 spldr - ok
12:12:31.0565 5144 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
12:12:31.0569 5144 Spooler - ok
12:12:31.0595 5144 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
12:12:31.0600 5144 srv - ok
12:12:31.0622 5144 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:12:31.0625 5144 srv2 - ok
12:12:31.0638 5144 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:12:31.0639 5144 srvnet - ok
12:12:31.0645 5144 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:12:31.0648 5144 SSDPSRV - ok
12:12:31.0656 5144 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:12:31.0659 5144 SstpSvc - ok
12:12:31.0669 5144 Steam Client Service - ok
12:12:31.0709 5144 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:12:31.0713 5144 Stereo Service - ok
12:12:31.0819 5144 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
12:12:31.0883 5144 stisvc - ok
12:12:31.0905 5144 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:12:31.0905 5144 swenum - ok
12:12:31.0936 5144 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
12:12:31.0943 5144 swprv - ok
12:12:31.0951 5144 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:12:31.0952 5144 Symc8xx - ok
12:12:31.0963 5144 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:12:31.0964 5144 Sym_hi - ok
12:12:31.0983 5144 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:12:31.0984 5144 Sym_u3 - ok
12:12:32.0006 5144 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
12:12:32.0017 5144 SysMain - ok
12:12:32.0034 5144 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:12:32.0036 5144 TabletInputService - ok
12:12:32.0065 5144 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:12:32.0069 5144 TapiSrv - ok
12:12:32.0072 5144 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
12:12:32.0074 5144 TBS - ok
12:12:32.0113 5144 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:12:32.0130 5144 Tcpip - ok
12:12:32.0188 5144 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:12:32.0195 5144 Tcpip6 - ok
12:12:32.0216 5144 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:12:32.0217 5144 tcpipreg - ok
12:12:32.0222 5144 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:12:32.0223 5144 TDPIPE - ok
12:12:32.0235 5144 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:12:32.0235 5144 TDTCP - ok
12:12:32.0259 5144 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:12:32.0260 5144 tdx - ok
12:12:32.0281 5144 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:12:32.0283 5144 TermDD - ok
12:12:32.0311 5144 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
12:12:32.0318 5144 TermService - ok
12:12:32.0333 5144 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
12:12:32.0335 5144 Themes - ok
12:12:32.0344 5144 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
12:12:32.0345 5144 THREADORDER - ok
12:12:32.0360 5144 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
12:12:32.0363 5144 TrkWks - ok
12:12:32.0396 5144 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:12:32.0414 5144 TrustedInstaller - ok
12:12:32.0436 5144 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:12:32.0436 5144 tssecsrv - ok
12:12:32.0462 5144 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:12:32.0462 5144 tunmp - ok
12:12:32.0486 5144 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:12:32.0487 5144 tunnel - ok
12:12:32.0492 5144 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:12:32.0494 5144 uagp35 - ok
12:12:32.0520 5144 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:12:32.0524 5144 udfs - ok
12:12:32.0533 5144 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:12:32.0535 5144 UI0Detect - ok
12:12:32.0546 5144 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:12:32.0547 5144 uliagpkx - ok
12:12:32.0557 5144 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:12:32.0560 5144 uliahci - ok
12:12:32.0572 5144 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:12:32.0574 5144 UlSata - ok
12:12:32.0582 5144 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:12:32.0584 5144 ulsata2 - ok
12:12:32.0589 5144 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:12:32.0590 5144 umbus - ok
12:12:32.0605 5144 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
12:12:32.0610 5144 upnphost - ok
12:12:32.0637 5144 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:12:32.0638 5144 USBAAPL64 - ok
12:12:32.0657 5144 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:12:32.0659 5144 usbaudio - ok
12:12:32.0675 5144 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:12:32.0677 5144 usbccgp - ok
12:12:32.0686 5144 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:12:32.0687 5144 usbcir - ok
12:12:32.0701 5144 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:12:32.0702 5144 usbehci - ok
12:12:32.0713 5144 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:12:32.0717 5144 usbhub - ok
12:12:32.0725 5144 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:12:32.0726 5144 usbohci - ok
12:12:32.0739 5144 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:12:32.0740 5144 usbprint - ok
12:12:32.0761 5144 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:12:32.0762 5144 usbscan - ok
12:12:32.0782 5144 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:12:32.0784 5144 USBSTOR - ok
12:12:32.0800 5144 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:12:32.0800 5144 usbuhci - ok
12:12:32.0821 5144 [ 1E36BB1A3C5AAF2AA9FA9A126DF8C16C ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
12:12:32.0822 5144 usb_rndisx - ok
12:12:32.0845 5144 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
12:12:32.0867 5144 UxSms - ok
12:12:32.0885 5144 [ 72EC34F9999A5A48CFD43F5E6BD779E4 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
12:12:32.0888 5144 VBoxDrv - ok
12:12:32.0909 5144 [ A2FE818D7F930C51ADA37C04DBCB015D ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
12:12:32.0911 5144 VBoxNetAdp - ok
12:12:32.0922 5144 [ CD37A9264C404E48BCE162D37B117B45 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
12:12:32.0924 5144 VBoxNetFlt - ok
12:12:32.0949 5144 [ B925B19718A435D86D1A0CF82E902D15 ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
12:12:32.0950 5144 VBoxUSB - ok
12:12:32.0970 5144 [ F649B3D30C6F40B04BDCCD0D11A43481 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
12:12:32.0972 5144 VBoxUSBMon - ok
12:12:32.0995 5144 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
12:12:33.0001 5144 vds - ok
12:12:33.0013 5144 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:12:33.0014 5144 vga - ok
12:12:33.0021 5144 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:12:33.0022 5144 VgaSave - ok
12:12:33.0032 5144 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
12:12:33.0033 5144 viaide - ok
12:12:33.0037 5144 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:12:33.0038 5144 volmgr - ok
12:12:33.0056 5144 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:12:33.0060 5144 volmgrx - ok
12:12:33.0191 5144 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:12:33.0220 5144 volsnap - ok
12:12:33.0223 5144 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:12:33.0225 5144 vsmraid - ok
12:12:33.0272 5144 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
12:12:33.0298 5144 VSS - ok
12:12:33.0331 5144 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
12:12:33.0336 5144 W32Time - ok
12:12:33.0349 5144 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:12:33.0350 5144 WacomPen - ok
12:12:33.0378 5144 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:12:33.0379 5144 Wanarp - ok
12:12:33.0381 5144 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:12:33.0382 5144 Wanarpv6 - ok
12:12:33.0412 5144 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:12:33.0419 5144 wcncsvc - ok
12:12:33.0440 5144 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:12:33.0461 5144 WcsPlugInService - ok
12:12:33.0463 5144 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
12:12:33.0464 5144 Wd - ok
12:12:33.0486 5144 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
12:12:33.0487 5144 WDC_SAM - ok
12:12:33.0511 5144 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:12:33.0520 5144 Wdf01000 - ok
12:12:33.0531 5144 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:12:33.0533 5144 WdiServiceHost - ok
12:12:33.0535 5144 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:12:33.0536 5144 WdiSystemHost - ok
12:12:33.0549 5144 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
12:12:33.0553 5144 WebClient - ok
12:12:33.0673 5144 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:12:33.0737 5144 Wecsvc - ok
12:12:33.0758 5144 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:12:33.0760 5144 wercplsupport - ok
12:12:33.0772 5144 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
12:12:33.0775 5144 WerSvc - ok
12:12:33.0782 5144 WinDefend - ok
12:12:33.0785 5144 WinHttpAutoProxySvc - ok
12:12:33.0809 5144 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:12:33.0829 5144 Winmgmt - ok
12:12:34.0034 5144 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
12:12:34.0065 5144 WinRM - ok
12:12:34.0098 5144 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:12:34.0106 5144 Wlansvc - ok
12:12:34.0236 5144 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:12:34.0268 5144 wlidsvc - ok
12:12:34.0297 5144 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:12:34.0298 5144 WmiAcpi - ok
12:12:34.0313 5144 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:12:34.0316 5144 wmiApSrv - ok
12:12:34.0320 5144 WMPNetworkSvc - ok
12:12:34.0347 5144 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:12:34.0350 5144 WPCSvc - ok
12:12:34.0371 5144 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:12:34.0373 5144 WPDBusEnum - ok
12:12:34.0395 5144 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:12:34.0396 5144 WpdUsb - ok
12:12:34.0501 5144 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:12:34.0513 5144 WPFFontCache_v0400 - ok
12:12:34.0520 5144 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:12:34.0521 5144 ws2ifsl - ok
12:12:34.0545 5144 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
12:12:34.0547 5144 wscsvc - ok
12:12:34.0548 5144 WSearch - ok
12:12:34.0601 5144 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:12:34.0641 5144 wuauserv - ok
12:12:34.0680 5144 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:12:34.0681 5144 WudfPf - ok
12:12:34.0693 5144 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:12:34.0695 5144 WUDFRd - ok
12:12:34.0712 5144 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:12:34.0714 5144 wudfsvc - ok
12:12:34.0721 5144 ================ Scan global ===============================
12:12:34.0747 5144 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
12:12:34.0776 5144 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
12:12:34.0786 5144 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
12:12:34.0810 5144 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
12:12:34.0815 5144 [Global] - ok
12:12:34.0815 5144 ================ Scan MBR ==================================
12:12:34.0825 5144 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:12:34.0825 5144 Suspicious mbr (Forged): \Device\Harddisk0\DR0
12:12:34.0867 5144 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
12:12:34.0867 5144 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
12:12:34.0883 5144 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
12:12:34.0887 5144 \Device\Harddisk1\DR1 - ok
12:12:34.0887 5144 ================ Scan VBR ==================================
12:12:34.0888 5144 [ AA196B102977ED3A5D7E43D93C935B97 ] \Device\Harddisk0\DR0\Partition1
12:12:34.0889 5144 \Device\Harddisk0\DR0\Partition1 - ok
12:12:34.0892 5144 [ 843733667AFDB121A2A52E03B536DA34 ] \Device\Harddisk1\DR1\Partition1
12:12:34.0893 5144 \Device\Harddisk1\DR1\Partition1 - ok
12:12:34.0893 5144 ============================================================
12:12:34.0893 5144 Scan finished
12:12:34.0893 5144 ============================================================
12:12:34.0899 6924 Detected object count: 1
12:12:34.0899 6924 Actual detected object count: 1
12:12:48.0303 6924 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
12:12:48.0303 6924 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
118,439
Your system has a nasty rootkit infection still on it.

Please be sure that you have everything important (documents, photos, music, etc.) backed up to external media before proceeding. Do not back up any programs (executable files) though.

Run TDSSKiller again and this time select the option to "cure' the pihar.c rootkit infection then post the resulting log.
 

Franknj229

Thread Starter
Joined
Sep 21, 2009
Messages
88
Re-ran TDSSkiller, clicked cure, clicked reboot computer.....

Upon startup, I received this pop-up:

(Well, I took a picture of it and tried to attach it, but the upload failed)

Anyway, it said: Do you want to run this file?

Name: ...p\3EE8C176-602E-4887-BFF7-05053584BF17.exe
Publisher: Kaspersky Lab
Type: Application
From: C:\Users\Franknj229\AppData\Local\Temp\3EE8C...

Run or Cancel

Since you didn't say anything about it, I clicked "cancel". Was I supposed to "Run" it? Do I just do the whole process over again?
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
118,439
Yes, since it's signed by Kaspersky so it's part of TDSSKiller.

Please run TDSSKiller again and post the log so I can see if it removed the infection.
 

Franknj229

Thread Starter
Joined
Sep 21, 2009
Messages
88
Ok, so I re-ran TDSSkiller again, but this time it said it found no infection, so it didn't prompt me to reboot this time. Here is the log though.

16:19:45.0518 5824 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

16:19:45.0861 5824 ============================================================

16:19:45.0862 5824 Current date / time: 2013/01/28 16:19:45.0861

16:19:45.0862 5824 SystemInfo:

16:19:45.0862 5824

16:19:45.0862 5824 OS Version: 6.0.6002 ServicePack: 2.0

16:19:45.0862 5824 Product type: Workstation

16:19:45.0862 5824 ComputerName: FRANKNJ229-PC

16:19:45.0862 5824 UserName: Franknj229

16:19:45.0862 5824 Windows directory: C:\Windows

16:19:45.0862 5824 System windows directory: C:\Windows

16:19:45.0862 5824 Running under WOW64

16:19:45.0862 5824 Processor architecture: Intel x64

16:19:45.0862 5824 Number of processors: 8

16:19:45.0862 5824 Page size: 0x1000

16:19:45.0862 5824 Boot type: Normal boot

16:19:45.0862 5824 ============================================================

16:19:47.0126 5824 BG loaded

16:19:55.0299 5824 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:19:55.0388 5824 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:19:55.0393 5824 ============================================================

16:19:55.0393 5824 \Device\Harddisk0\DR0:

16:19:55.0405 5824 MBR partitions:

16:19:55.0405 5824 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800

16:19:55.0405 5824 \Device\Harddisk1\DR1:

16:19:55.0405 5824 MBR partitions:

16:19:55.0405 5824 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000

16:19:55.0405 5824 ============================================================

16:19:55.0432 5824 C: <-> \Device\Harddisk0\DR0\Partition1

16:19:55.0448 5824 F: <-> \Device\Harddisk1\DR1\Partition1

16:19:55.0448 5824 ============================================================

16:19:55.0448 5824 Initialize success

16:19:55.0448 5824 ============================================================

16:19:58.0521 5768 ============================================================

16:19:58.0521 5768 Scan started

16:19:58.0521 5768 Mode: Manual;

16:19:58.0521 5768 ============================================================

16:19:59.0430 5768 ================ Scan system memory ========================

16:19:59.0430 5768 System memory - ok

16:19:59.0430 5768 ================ Scan services =============================

16:20:00.0506 5768 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys

16:20:00.0659 5768 ACPI - ok

16:20:00.0732 5768 [ 59AA63B5DCC9B99C25ACC1BC5E9E6816 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys

16:20:00.0734 5768 ADIHdAudAddService - ok

16:20:00.0914 5768 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:20:00.0914 5768 AdobeARMservice - ok

16:20:01.0264 5768 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

16:20:01.0266 5768 AdobeFlashPlayerUpdateSvc - ok

16:20:01.0677 5768 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

16:20:01.0679 5768 adp94xx - ok

16:20:01.0944 5768 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys

16:20:02.0003 5768 adpahci - ok

16:20:02.0027 5768 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

16:20:02.0028 5768 adpu160m - ok

16:20:02.0034 5768 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

16:20:02.0037 5768 adpu320 - ok

16:20:02.0057 5768 [ 3BDB13C79CC8C06E2F8182595903ED69 ] AEADIFilters C:\Windows\system32\AEADISRV.EXE

16:20:02.0058 5768 AEADIFilters - ok

16:20:02.0086 5768 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

16:20:02.0087 5768 AeLookupSvc - ok

16:20:02.0382 5768 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys

16:20:02.0383 5768 AFD - ok

16:20:02.0533 5768 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys

16:20:02.0620 5768 agp440 - ok

16:20:02.0654 5768 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys

16:20:02.0656 5768 aic78xx - ok

16:20:02.0664 5768 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe

16:20:02.0665 5768 ALG - ok

16:20:02.0677 5768 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys

16:20:02.0678 5768 aliide - ok

16:20:02.0687 5768 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys

16:20:02.0688 5768 amdide - ok

16:20:02.0696 5768 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

16:20:02.0696 5768 AmdK8 - ok

16:20:02.0717 5768 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll

16:20:02.0718 5768 Appinfo - ok

16:20:02.0791 5768 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:20:02.0792 5768 Apple Mobile Device - ok

16:20:02.0862 5768 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys

16:20:02.0916 5768 arc - ok

16:20:02.0940 5768 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys

16:20:02.0942 5768 arcsas - ok

16:20:02.0985 5768 [ 8065A7659562005127673AC52898675F ] AsIO C:\Windows\syswow64\drivers\AsIO.sys

16:20:02.0985 5768 AsIO - ok

16:20:03.0139 5768 aspnet_state - ok

16:20:03.0164 5768 [ EDABC3FA8F941D2047DA630E95E936C7 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe

16:20:03.0165 5768 AsSysCtrlService - ok

16:20:03.0205 5768 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

16:20:03.0206 5768 AsyncMac - ok

16:20:03.0314 5768 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys

16:20:03.0314 5768 atapi - ok

16:20:03.0595 5768 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

16:20:03.0597 5768 AudioEndpointBuilder - ok

16:20:03.0773 5768 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll

16:20:03.0775 5768 AudioSrv - ok

16:20:04.0164 5768 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll

16:20:04.0166 5768 BFE - ok

16:20:04.0205 5768 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll

16:20:04.0210 5768 BITS - ok

16:20:04.0250 5768 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

16:20:04.0274 5768 blbdrive - ok

16:20:04.0532 5768 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

16:20:04.0534 5768 Bonjour Service - ok

16:20:04.0675 5768 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

16:20:04.0676 5768 bowser - ok

16:20:04.0769 5768 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

16:20:04.0769 5768 BrFiltLo - ok

16:20:04.0873 5768 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

16:20:04.0915 5768 BrFiltUp - ok

16:20:04.0941 5768 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll

16:20:04.0942 5768 Browser - ok

16:20:04.0954 5768 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys

16:20:04.0955 5768 Brserid - ok

16:20:04.0972 5768 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

16:20:04.0972 5768 BrSerWdm - ok

16:20:04.0983 5768 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

16:20:04.0984 5768 BrUsbMdm - ok

16:20:04.0994 5768 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

16:20:04.0995 5768 BrUsbSer - ok

16:20:05.0009 5768 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

16:20:05.0009 5768 BTHMODEM - ok

16:20:05.0019 5768 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

16:20:05.0020 5768 cdfs - ok

16:20:05.0040 5768 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

16:20:05.0041 5768 cdrom - ok

16:20:05.0138 5768 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll

16:20:05.0139 5768 CertPropSvc - ok

16:20:05.0183 5768 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys

16:20:05.0184 5768 circlass - ok

16:20:05.0205 5768 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys

16:20:05.0209 5768 CLFS - ok

16:20:05.0229 5768 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:20:05.0230 5768 clr_optimization_v2.0.50727_32 - ok

16:20:05.0564 5768 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:20:05.0615 5768 clr_optimization_v2.0.50727_64 - ok

16:20:05.0669 5768 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:20:05.0716 5768 clr_optimization_v4.0.30319_32 - ok

16:20:05.0749 5768 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:20:05.0757 5768 clr_optimization_v4.0.30319_64 - ok

16:20:05.0771 5768 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys

16:20:05.0771 5768 cmdide - ok

16:20:05.0778 5768 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

16:20:05.0779 5768 Compbatt - ok

16:20:05.0781 5768 COMSysApp - ok

16:20:07.0815 5768 cpuz132 - ok

16:20:07.0933 5768 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

16:20:07.0984 5768 crcdisk - ok

16:20:08.0012 5768 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll

16:20:08.0013 5768 CryptSvc - ok

16:20:08.0098 5768 [ 80861969541971176E005D2C09DAE851 ] DAUpdaterSvc C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

16:20:08.0098 5768 DAUpdaterSvc - ok

16:20:08.0168 5768 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll

16:20:08.0171 5768 DcomLaunch - ok

16:20:08.0212 5768 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

16:20:08.0213 5768 DfsC - ok

16:20:09.0232 5768 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe

16:20:09.0246 5768 DFSR - ok

16:20:09.0444 5768 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll

16:20:09.0445 5768 Dhcp - ok

16:20:09.0538 5768 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys

16:20:09.0538 5768 disk - ok

16:20:09.0673 5768 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll

16:20:09.0674 5768 Dnscache - ok

16:20:09.0981 5768 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll

16:20:09.0982 5768 dot3svc - ok

16:20:10.0185 5768 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll

16:20:10.0186 5768 DPS - ok

16:20:10.0286 5768 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

16:20:10.0324 5768 drmkaud - ok

16:20:10.0378 5768 [ 3430A3D6A97C0E827DB0930FEE017499 ] DTSRVC C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe

16:20:10.0379 5768 DTSRVC - ok

16:20:10.0381 5768 dvumgzsl - ok

16:20:10.0848 5768 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

16:20:10.0852 5768 DXGKrnl - ok

16:20:11.0018 5768 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys

16:20:11.0019 5768 E1G60 - ok

16:20:11.0090 5768 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll

16:20:11.0091 5768 EapHost - ok

16:20:11.0149 5768 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys

16:20:11.0151 5768 Ecache - ok

16:20:11.0153 5768 edygbarx - ok

16:20:11.0318 5768 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe

16:20:11.0319 5768 ehRecvr - ok

16:20:11.0498 5768 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe

16:20:11.0499 5768 ehSched - ok

16:20:11.0603 5768 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll

16:20:11.0604 5768 ehstart - ok

16:20:12.0069 5768 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys

16:20:12.0071 5768 elxstor - ok

16:20:12.0434 5768 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll

16:20:12.0436 5768 EMDMgmt - ok

16:20:12.0558 5768 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys

16:20:12.0559 5768 ErrDev - ok

16:20:12.0642 5768 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll

16:20:12.0644 5768 EventSystem - ok

16:20:12.0730 5768 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys

16:20:12.0731 5768 exfat - ok

16:20:12.0920 5768 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys

16:20:12.0981 5768 fastfat - ok

16:20:12.0998 5768 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys

16:20:12.0998 5768 fdc - ok

16:20:13.0016 5768 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll

16:20:13.0017 5768 fdPHost - ok

16:20:13.0025 5768 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll

16:20:13.0026 5768 FDResPub - ok

16:20:13.0033 5768 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

16:20:13.0052 5768 FileInfo - ok

16:20:13.0073 5768 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys

16:20:13.0074 5768 Filetrace - ok

16:20:13.0080 5768 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

16:20:13.0080 5768 flpydisk - ok

16:20:13.0105 5768 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

16:20:13.0106 5768 FltMgr - ok

16:20:13.0162 5768 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll

16:20:13.0167 5768 FontCache - ok

16:20:13.0363 5768 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:20:13.0363 5768 FontCache3.0.0.0 - ok

16:20:13.0542 5768 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

16:20:13.0542 5768 Fs_Rec - ok

16:20:13.0715 5768 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

16:20:13.0715 5768 gagp30kx - ok

16:20:13.0933 5768 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:20:13.0933 5768 GEARAspiWDM - ok

16:20:13.0935 5768 ghhhadcu - ok

16:20:14.0190 5768 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll

16:20:14.0194 5768 gpsvc - ok

16:20:14.0430 5768 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:20:14.0430 5768 gupdate - ok

16:20:14.0519 5768 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:20:14.0519 5768 gupdatem - ok

16:20:14.0854 5768 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

16:20:14.0885 5768 HdAudAddService - ok

16:20:14.0932 5768 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

16:20:14.0936 5768 HDAudBus - ok

16:20:15.0030 5768 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys

16:20:15.0031 5768 HidBth - ok

16:20:15.0163 5768 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys

16:20:15.0164 5768 HidIr - ok

16:20:15.0195 5768 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll

16:20:15.0197 5768 hidserv - ok

16:20:15.0208 5768 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

16:20:15.0208 5768 HidUsb - ok

16:20:15.0255 5768 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll

16:20:15.0256 5768 hkmsvc - ok

16:20:15.0344 5768 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

16:20:15.0427 5768 HpCISSs - ok

16:20:15.0464 5768 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys

16:20:15.0467 5768 HTTP - ok

16:20:15.0480 5768 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys

16:20:15.0502 5768 i2omp - ok

16:20:15.0522 5768 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

16:20:15.0523 5768 i8042prt - ok

16:20:15.0538 5768 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

16:20:15.0542 5768 iaStorV - ok

16:20:15.0584 5768 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

16:20:15.0598 5768 IDriverT - ok

16:20:16.0157 5768 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:20:16.0166 5768 idsvc - ok

16:20:16.0173 5768 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys

16:20:16.0174 5768 iirsp - ok

16:20:16.0205 5768 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll

16:20:16.0208 5768 IKEEXT - ok

16:20:16.0221 5768 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys

16:20:16.0240 5768 intelide - ok

16:20:16.0266 5768 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

16:20:16.0267 5768 intelppm - ok

16:20:16.0295 5768 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

16:20:16.0295 5768 IPBusEnum - ok

16:20:16.0379 5768 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:20:16.0417 5768 IpFilterDriver - ok

16:20:16.0507 5768 [ BF0DBFA9792C5C14FA00F61C75116C1B ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll

16:20:16.0508 5768 IpHlpSvc - ok

16:20:16.0510 5768 IpInIp - ok

16:20:16.0560 5768 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

16:20:16.0562 5768 IPMIDRV - ok

16:20:16.0606 5768 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

16:20:16.0662 5768 IPNAT - ok

16:20:16.0795 5768 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

16:20:16.0798 5768 iPod Service - ok

16:20:16.0815 5768 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys

16:20:16.0815 5768 IRENUM - ok

16:20:16.0828 5768 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys

16:20:16.0829 5768 isapnp - ok

16:20:16.0850 5768 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

16:20:16.0851 5768 iScsiPrt - ok

16:20:16.0866 5768 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

16:20:16.0867 5768 iteatapi - ok

16:20:16.0869 5768 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys

16:20:16.0870 5768 iteraid - ok

16:20:16.0872 5768 juekuvjz - ok

16:20:16.0881 5768 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

16:20:16.0881 5768 kbdclass - ok

16:20:16.0896 5768 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

16:20:16.0896 5768 kbdhid - ok

16:20:16.0908 5768 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe

16:20:16.0909 5768 KeyIso - ok

16:20:16.0931 5768 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

16:20:16.0995 5768 KSecDD - ok

16:20:17.0012 5768 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

16:20:17.0013 5768 ksthunk - ok

16:20:17.0036 5768 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll

16:20:17.0038 5768 KtmRm - ok

16:20:17.0053 5768 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll

16:20:17.0055 5768 LanmanServer - ok

16:20:17.0073 5768 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

16:20:17.0075 5768 LanmanWorkstation - ok

16:20:17.0081 5768 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

16:20:17.0081 5768 lltdio - ok

16:20:17.0222 5768 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll

16:20:17.0265 5768 lltdsvc - ok

16:20:17.0289 5768 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll

16:20:17.0289 5768 lmhosts - ok

16:20:17.0291 5768 lowqnqxo - ok

16:20:17.0305 5768 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

16:20:17.0307 5768 LSI_FC - ok

16:20:17.0313 5768 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

16:20:17.0315 5768 LSI_SAS - ok

16:20:17.0334 5768 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

16:20:17.0335 5768 LSI_SCSI - ok

16:20:17.0345 5768 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys

16:20:17.0346 5768 luafv - ok

16:20:17.0367 5768 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

16:20:17.0387 5768 Mcx2Svc - ok

16:20:17.0406 5768 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys

16:20:17.0406 5768 megasas - ok

16:20:17.0418 5768 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys

16:20:17.0423 5768 MegaSR - ok

16:20:17.0444 5768 [ 4A1C21576FB7F96F4DBDEA627FFDA775 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys

16:20:17.0446 5768 mfeavfk - ok

16:20:17.0470 5768 [ 9E0AC52B3232FF8DC65FEE1A9C2FE8D1 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys

16:20:17.0472 5768 mfehidk - ok

16:20:17.0487 5768 [ 624D717B11E5004F68442B5740F17F21 ] mferkdk C:\Windows\system32\drivers\mferkdk.sys

16:20:17.0504 5768 mferkdk - ok

16:20:17.0524 5768 [ 0CD9DE7B96735F33F078C4EA044E8B34 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys

16:20:17.0525 5768 mfesmfk - ok

16:20:17.0540 5768 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll

16:20:17.0541 5768 MMCSS - ok

16:20:17.0551 5768 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys

16:20:17.0552 5768 Modem - ok

16:20:17.0568 5768 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

16:20:17.0568 5768 monitor - ok

16:20:17.0574 5768 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

16:20:17.0575 5768 mouclass - ok

16:20:17.0584 5768 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

16:20:17.0585 5768 mouhid - ok

16:20:17.0626 5768 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

16:20:17.0658 5768 MountMgr - ok

16:20:17.0724 5768 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

16:20:17.0726 5768 MpFilter - ok

16:20:17.0764 5768 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys

16:20:17.0784 5768 mpio - ok

16:20:17.0805 5768 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

16:20:17.0806 5768 mpsdrv - ok

16:20:17.0834 5768 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll

16:20:17.0837 5768 MpsSvc - ok

16:20:17.0855 5768 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

16:20:17.0861 5768 Mraid35x - ok

16:20:17.0900 5768 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

16:20:17.0901 5768 MRxDAV - ok

16:20:17.0978 5768 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

16:20:17.0979 5768 mrxsmb - ok

16:20:18.0195 5768 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:20:18.0196 5768 mrxsmb10 - ok

16:20:18.0199 5768 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:20:18.0200 5768 mrxsmb20 - ok

16:20:18.0206 5768 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys

16:20:18.0207 5768 msahci - ok

16:20:18.0220 5768 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys

16:20:18.0222 5768 msdsm - ok

16:20:18.0239 5768 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe

16:20:18.0241 5768 MSDTC - ok

16:20:18.0265 5768 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys

16:20:18.0266 5768 Msfs - ok

16:20:18.0272 5768 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

16:20:18.0273 5768 msisadrv - ok

16:20:18.0298 5768 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

16:20:18.0313 5768 MSiSCSI - ok

16:20:18.0315 5768 msiserver - ok

16:20:18.0334 5768 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

16:20:18.0334 5768 MSKSSRV - ok

16:20:18.0375 5768 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe

16:20:18.0375 5768 MsMpSvc - ok

16:20:18.0413 5768 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

16:20:18.0436 5768 MSPCLOCK - ok

16:20:18.0457 5768 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

16:20:18.0457 5768 MSPQM - ok

16:20:18.0478 5768 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

16:20:18.0482 5768 MsRPC - ok

16:20:18.0494 5768 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

16:20:18.0494 5768 mssmbios - ok

16:20:18.0500 5768 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

16:20:18.0501 5768 MSTEE - ok

16:20:18.0522 5768 [ 6936198F2CC25B39CF5262436C80DF46 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys

16:20:18.0522 5768 MTsensor - ok

16:20:18.0530 5768 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys

16:20:18.0531 5768 Mup - ok

16:20:18.0554 5768 [ E884FD7FB31BC82041AAB75BE5C81EEF ] mv61xx C:\Windows\system32\DRIVERS\mv61xx.sys

16:20:18.0557 5768 mv61xx - ok

16:20:18.0580 5768 [ 6E6A3ADF84ED72514C65484AF6E51242 ] mv64xx C:\Windows\system32\DRIVERS\mv64xx.sys

16:20:18.0584 5768 mv64xx - ok

16:20:18.0595 5768 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll

16:20:18.0597 5768 napagent - ok

16:20:18.0660 5768 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

16:20:18.0677 5768 NativeWifiP - ok

16:20:18.0679 5768 nbdvbzzw - ok

16:20:18.0719 5768 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys

16:20:18.0726 5768 NDIS - ok

16:20:18.0771 5768 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

16:20:18.0772 5768 NdisTapi - ok

16:20:18.0843 5768 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

16:20:18.0888 5768 Ndisuio - ok

16:20:18.0919 5768 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

16:20:18.0920 5768 NdisWan - ok

16:20:18.0922 5768 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

16:20:18.0923 5768 NDProxy - ok

16:20:18.0925 5768 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

16:20:18.0925 5768 NetBIOS - ok

16:20:18.0945 5768 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

16:20:18.0946 5768 netbt - ok

16:20:18.0951 5768 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe

16:20:18.0952 5768 Netlogon - ok

16:20:19.0100 5768 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll

16:20:19.0103 5768 Netman - ok

16:20:19.0187 5768 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll

16:20:19.0189 5768 netprofm - ok

16:20:19.0212 5768 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:20:19.0214 5768 NetTcpPortSharing - ok

16:20:19.0226 5768 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

16:20:19.0227 5768 nfrd960 - ok

16:20:19.0248 5768 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

16:20:19.0250 5768 NisDrv - ok

16:20:19.0266 5768 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe

16:20:19.0270 5768 NisSrv - ok

16:20:19.0279 5768 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll

16:20:19.0280 5768 NlaSvc - ok

16:20:19.0411 5768 [ 193FA51DDDD0BFFDED1C340F0434999A ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

16:20:19.0433 5768 NMIndexingService - ok

16:20:19.0455 5768 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys

16:20:19.0455 5768 Npfs - ok

16:20:19.0474 5768 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll

16:20:19.0475 5768 nsi - ok

16:20:19.0481 5768 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

16:20:19.0481 5768 nsiproxy - ok

16:20:20.0174 5768 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

16:20:20.0190 5768 Ntfs - ok

16:20:20.0196 5768 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys

16:20:20.0196 5768 Null - ok

16:20:22.0269 5768 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

16:20:22.0320 5768 nvlddmkm - ok

16:20:22.0380 5768 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys

16:20:22.0382 5768 nvraid - ok

16:20:22.0395 5768 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys

16:20:22.0396 5768 nvstor - ok

16:20:22.0426 5768 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe

16:20:22.0430 5768 nvsvc - ok

16:20:23.0201 5768 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

16:20:23.0214 5768 nvUpdatusService - ok

16:20:23.0228 5768 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

16:20:23.0230 5768 nv_agp - ok

16:20:23.0232 5768 NwlnkFlt - ok

16:20:23.0234 5768 NwlnkFwd - ok

16:20:23.0243 5768 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

16:20:23.0245 5768 ohci1394 - ok

16:20:23.0272 5768 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll

16:20:23.0276 5768 p2pimsvc - ok

16:20:23.0459 5768 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll

16:20:23.0463 5768 p2psvc - ok

16:20:23.0608 5768 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys

16:20:23.0686 5768 Parport - ok

16:20:23.0717 5768 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys

16:20:23.0718 5768 partmgr - ok

16:20:23.0734 5768 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll

16:20:23.0735 5768 PcaSvc - ok

16:20:23.0754 5768 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys

16:20:23.0756 5768 pci - ok

16:20:23.0774 5768 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys

16:20:23.0774 5768 pciide - ok

16:20:23.0786 5768 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

16:20:23.0788 5768 pcmcia - ok

16:20:23.0810 5768 [ FD1BB23371EE2E5E3076D7B0D8B33E91 ] PdiPorts C:\Windows\system32\DRIVERS\PdiPorts.sys

16:20:23.0831 5768 PdiPorts - ok

16:20:23.0920 5768 [ A1F1260AD7AEABA9D53724E66AA274BA ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe

16:20:23.0921 5768 PdiService - ok

16:20:24.0177 5768 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys

16:20:24.0179 5768 PEAUTH - ok

16:20:25.0190 5768 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe

16:20:25.0191 5768 PerfHost - ok

16:20:25.0272 5768 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll

16:20:25.0278 5768 pla - ok

16:20:25.0555 5768 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

16:20:25.0557 5768 PlugPlay - ok

16:20:26.0158 5768 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

16:20:26.0162 5768 PNRPAutoReg - ok

16:20:26.0171 5768 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll

16:20:26.0175 5768 PNRPsvc - ok

16:20:26.0414 5768 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

16:20:26.0417 5768 PolicyAgent - ok

16:20:26.0480 5768 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

16:20:26.0481 5768 PptpMiniport - ok

16:20:26.0498 5768 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys

16:20:26.0516 5768 Processor - ok

16:20:26.0544 5768 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll

16:20:26.0546 5768 ProfSvc - ok

16:20:26.0584 5768 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe

16:20:26.0585 5768 ProtectedStorage - ok

16:20:26.0698 5768 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys

16:20:26.0699 5768 PSched - ok

16:20:27.0322 5768 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys

16:20:27.0394 5768 ql2300 - ok

16:20:27.0407 5768 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

16:20:27.0408 5768 ql40xx - ok

16:20:27.0433 5768 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll

16:20:27.0435 5768 QWAVE - ok

16:20:27.0442 5768 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

16:20:27.0442 5768 QWAVEdrv - ok

16:20:27.0450 5768 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

16:20:27.0451 5768 RasAcd - ok

16:20:27.0504 5768 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll

16:20:27.0506 5768 RasAuto - ok

16:20:27.0604 5768 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

16:20:27.0604 5768 Rasl2tp - ok

16:20:27.0894 5768 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll

16:20:27.0896 5768 RasMan - ok

16:20:28.0053 5768 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

16:20:28.0053 5768 RasPppoe - ok

16:20:28.0155 5768 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

16:20:28.0155 5768 RasSstp - ok

16:20:28.0254 5768 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

16:20:28.0255 5768 rdbss - ok

16:20:28.0302 5768 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

16:20:28.0302 5768 RDPCDD - ok

16:20:28.0525 5768 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

16:20:28.0603 5768 rdpdr - ok

16:20:28.0605 5768 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

16:20:28.0605 5768 RDPENCDD - ok

16:20:28.0638 5768 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

16:20:28.0641 5768 RDPWD - ok

16:20:28.0665 5768 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll

16:20:28.0666 5768 RemoteAccess - ok

16:20:28.0688 5768 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll

16:20:28.0689 5768 RemoteRegistry - ok

16:20:28.0815 5768 [ A10B40CF9EB57D24E44717A2D38A00F4 ] RivaTuner64 C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys

16:20:28.0815 5768 RivaTuner64 - ok

16:20:28.0987 5768 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe

16:20:28.0988 5768 RpcLocator - ok

16:20:29.0174 5768 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll

16:20:29.0177 5768 RpcSs - ok

16:20:29.0182 5768 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

16:20:29.0183 5768 rspndr - ok

16:20:29.0226 5768 [ A2CBE070FBA458357ACEF41C3F3906CA ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys

16:20:29.0227 5768 RTL8169 - ok

16:20:29.0253 5768 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe

16:20:29.0254 5768 SamSs - ok

16:20:29.0302 5768 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

16:20:29.0378 5768 sbp2port - ok

16:20:29.0407 5768 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll

16:20:29.0409 5768 SCardSvr - ok

16:20:29.0806 5768 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll

16:20:29.0810 5768 Schedule - ok

16:20:29.0955 5768 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll

16:20:29.0955 5768 SCPolicySvc - ok

16:20:30.0156 5768 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll

16:20:30.0157 5768 SDRSVC - ok

16:20:30.0281 5768 [ CA7E42E0B8D117165ED553A7D681352A ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

16:20:30.0282 5768 SeaPort - ok

16:20:30.0443 5768 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

16:20:30.0443 5768 secdrv - ok

16:20:30.0577 5768 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll

16:20:30.0578 5768 seclogon - ok

16:20:30.0754 5768 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll

16:20:30.0755 5768 SENS - ok

16:20:30.0873 5768 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys

16:20:30.0959 5768 Serenum - ok

16:20:30.0976 5768 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys

16:20:30.0978 5768 Serial - ok

16:20:30.0988 5768 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys

16:20:30.0989 5768 sermouse - ok

16:20:31.0015 5768 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll

16:20:31.0016 5768 SessionEnv - ok

16:20:31.0024 5768 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

16:20:31.0025 5768 sffdisk - ok

16:20:31.0036 5768 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

16:20:31.0036 5768 sffp_mmc - ok

16:20:31.0043 5768 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

16:20:31.0043 5768 sffp_sd - ok

16:20:31.0053 5768 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

16:20:31.0054 5768 sfloppy - ok

16:20:31.0077 5768 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll

16:20:31.0079 5768 SharedAccess - ok

16:20:31.0220 5768 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

16:20:31.0222 5768 ShellHWDetection - ok

16:20:31.0279 5768 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

16:20:31.0299 5768 SiSRaid2 - ok

16:20:31.0318 5768 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

16:20:31.0319 5768 SiSRaid4 - ok

16:20:32.0165 5768 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe

16:20:32.0175 5768 slsvc - ok

16:20:32.0191 5768 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll

16:20:32.0193 5768 SLUINotify - ok

16:20:32.0279 5768 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys

16:20:32.0279 5768 Smb - ok

16:20:32.0380 5768 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe

16:20:32.0382 5768 SNMPTRAP - ok

16:20:32.0476 5768 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys

16:20:32.0536 5768 spldr - ok

16:20:32.0667 5768 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe

16:20:32.0669 5768 Spooler - ok

16:20:32.0807 5768 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys

16:20:32.0809 5768 srv - ok

16:20:32.0877 5768 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

16:20:32.0878 5768 srv2 - ok

16:20:32.0925 5768 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

16:20:32.0926 5768 srvnet - ok

16:20:33.0100 5768 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

16:20:33.0102 5768 SSDPSRV - ok

16:20:33.0177 5768 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll

16:20:33.0178 5768 SstpSvc - ok

16:20:33.0199 5768 Steam Client Service - ok

16:20:33.0255 5768 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

16:20:33.0257 5768 Stereo Service - ok

16:20:33.0329 5768 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll

16:20:33.0332 5768 stisvc - ok

16:20:33.0459 5768 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys

16:20:33.0460 5768 swenum - ok

16:20:33.0892 5768 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll

16:20:33.0901 5768 swprv - ok

16:20:33.0996 5768 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

16:20:34.0073 5768 Symc8xx - ok

16:20:34.0095 5768 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

16:20:34.0097 5768 Sym_hi - ok

16:20:34.0107 5768 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

16:20:34.0108 5768 Sym_u3 - ok

16:20:34.0139 5768 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll

16:20:34.0143 5768 SysMain - ok

16:20:34.0167 5768 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll

16:20:34.0168 5768 TabletInputService - ok

16:20:34.0339 5768 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll

16:20:34.0341 5768 TapiSrv - ok

16:20:34.0500 5768 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll

16:20:34.0502 5768 TBS - ok

16:20:35.0212 5768 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys

16:20:35.0218 5768 Tcpip - ok

16:20:35.0235 5768 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

16:20:35.0241 5768 Tcpip6 - ok

16:20:35.0365 5768 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

16:20:35.0366 5768 tcpipreg - ok

16:20:35.0508 5768 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

16:20:35.0571 5768 TDPIPE - ok

16:20:35.0588 5768 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

16:20:35.0588 5768 TDTCP - ok

16:20:35.0608 5768 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

16:20:35.0609 5768 tdx - ok

16:20:35.0664 5768 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

16:20:35.0665 5768 TermDD - ok

16:20:36.0140 5768 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll

16:20:36.0144 5768 TermService - ok

16:20:36.0166 5768 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll

16:20:36.0168 5768 Themes - ok

16:20:36.0177 5768 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll

16:20:36.0177 5768 THREADORDER - ok

16:20:36.0193 5768 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll

16:20:36.0195 5768 TrkWks - ok

16:20:36.0430 5768 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

16:20:36.0430 5768 TrustedInstaller - ok

16:20:36.0570 5768 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

16:20:36.0628 5768 tssecsrv - ok

16:20:36.0654 5768 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

16:20:36.0654 5768 tunmp - ok

16:20:36.0678 5768 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

16:20:36.0679 5768 tunnel - ok

16:20:36.0718 5768 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

16:20:36.0737 5768 uagp35 - ok

16:20:36.0771 5768 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

16:20:36.0775 5768 udfs - ok

16:20:36.0784 5768 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe

16:20:36.0785 5768 UI0Detect - ok

16:20:36.0800 5768 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

16:20:36.0801 5768 uliagpkx - ok

16:20:36.0823 5768 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys

16:20:36.0827 5768 uliahci - ok

16:20:36.0841 5768 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys

16:20:36.0843 5768 UlSata - ok

16:20:36.0859 5768 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

16:20:36.0861 5768 ulsata2 - ok

16:20:36.0874 5768 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

16:20:36.0874 5768 umbus - ok

16:20:36.0889 5768 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll

16:20:36.0891 5768 upnphost - ok

16:20:36.0910 5768 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

16:20:36.0910 5768 USBAAPL64 - ok

16:20:36.0989 5768 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

16:20:37.0031 5768 usbaudio - ok

16:20:37.0059 5768 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

16:20:37.0060 5768 usbccgp - ok

16:20:37.0083 5768 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys

16:20:37.0105 5768 usbcir - ok

16:20:37.0126 5768 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

16:20:37.0127 5768 usbehci - ok

16:20:37.0139 5768 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

16:20:37.0140 5768 usbhub - ok

16:20:37.0150 5768 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys

16:20:37.0151 5768 usbohci - ok

16:20:37.0163 5768 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

16:20:37.0163 5768 usbprint - ok

16:20:37.0174 5768 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

16:20:37.0174 5768 usbscan - ok

16:20:37.0191 5768 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:20:37.0193 5768 USBSTOR - ok

16:20:37.0217 5768 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

16:20:37.0217 5768 usbuhci - ok

16:20:37.0243 5768 [ 1E36BB1A3C5AAF2AA9FA9A126DF8C16C ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys

16:20:37.0262 5768 usb_rndisx - ok

16:20:37.0296 5768 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll

16:20:37.0297 5768 UxSms - ok

16:20:37.0400 5768 [ 72EC34F9999A5A48CFD43F5E6BD779E4 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys

16:20:37.0401 5768 VBoxDrv - ok

16:20:37.0549 5768 [ A2FE818D7F930C51ADA37C04DBCB015D ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys

16:20:37.0550 5768 VBoxNetAdp - ok

16:20:37.0752 5768 [ CD37A9264C404E48BCE162D37B117B45 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys

16:20:37.0753 5768 VBoxNetFlt - ok

16:20:37.0895 5768 [ B925B19718A435D86D1A0CF82E902D15 ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys

16:20:37.0954 5768 VBoxUSB - ok

16:20:38.0083 5768 [ F649B3D30C6F40B04BDCCD0D11A43481 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys

16:20:38.0084 5768 VBoxUSBMon - ok

16:20:38.0154 5768 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe

16:20:38.0157 5768 vds - ok

16:20:38.0222 5768 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

16:20:38.0226 5768 vga - ok

16:20:38.0288 5768 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys

16:20:38.0289 5768 VgaSave - ok

16:20:38.0331 5768 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys

16:20:38.0333 5768 viaide - ok

16:20:38.0346 5768 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys

16:20:38.0347 5768 volmgr - ok

16:20:38.0518 5768 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

16:20:38.0556 5768 volmgrx - ok

16:20:38.0585 5768 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys

16:20:38.0588 5768 volsnap - ok

16:20:38.0597 5768 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

16:20:38.0599 5768 vsmraid - ok

16:20:38.0631 5768 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe

16:20:38.0637 5768 VSS - ok

16:20:38.0790 5768 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll

16:20:38.0793 5768 W32Time - ok

16:20:38.0860 5768 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

16:20:38.0909 5768 WacomPen - ok

16:20:38.0937 5768 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

16:20:38.0938 5768 Wanarp - ok

16:20:38.0940 5768 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

16:20:38.0940 5768 Wanarpv6 - ok

16:20:38.0954 5768 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll

16:20:38.0958 5768 wcncsvc - ok

16:20:39.0041 5768 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

16:20:39.0042 5768 WcsPlugInService - ok

16:20:39.0099 5768 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys

16:20:39.0100 5768 Wd - ok

16:20:39.0132 5768 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

16:20:39.0133 5768 WDC_SAM - ok

16:20:39.0154 5768 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

16:20:39.0157 5768 Wdf01000 - ok

16:20:39.0165 5768 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll

16:20:39.0167 5768 WdiServiceHost - ok

16:20:39.0191 5768 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll

16:20:39.0192 5768 WdiSystemHost - ok

16:20:39.0276 5768 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll

16:20:39.0277 5768 WebClient - ok

16:20:39.0465 5768 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll

16:20:39.0467 5768 Wecsvc - ok

16:20:39.0566 5768 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll

16:20:39.0567 5768 wercplsupport - ok

16:20:39.0664 5768 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll

16:20:39.0665 5768 WerSvc - ok

16:20:39.0806 5768 WinDefend - ok

16:20:39.0808 5768 WinHttpAutoProxySvc - ok

16:20:40.0233 5768 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

16:20:40.0234 5768 Winmgmt - ok

16:20:41.0195 5768 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll

16:20:41.0204 5768 WinRM - ok

16:20:41.0442 5768 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll

16:20:41.0446 5768 Wlansvc - ok

16:20:42.0200 5768 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

16:20:42.0209 5768 wlidsvc - ok

16:20:42.0284 5768 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

16:20:42.0284 5768 WmiAcpi - ok

16:20:42.0458 5768 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

16:20:42.0459 5768 wmiApSrv - ok

16:20:42.0578 5768 WMPNetworkSvc - ok

16:20:42.0758 5768 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll

16:20:42.0760 5768 WPCSvc - ok

16:20:42.0882 5768 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

16:20:42.0884 5768 WPDBusEnum - ok

16:20:42.0995 5768 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

16:20:42.0995 5768 WpdUsb - ok

16:20:43.0646 5768 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

16:20:43.0684 5768 WPFFontCache_v0400 - ok

16:20:43.0716 5768 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

16:20:43.0716 5768 ws2ifsl - ok

16:20:43.0731 5768 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll

16:20:43.0733 5768 wscsvc - ok

16:20:43.0734 5768 WSearch - ok

16:20:44.0188 5768 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

16:20:44.0198 5768 wuauserv - ok

16:20:44.0283 5768 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

16:20:44.0284 5768 WudfPf - ok

16:20:44.0439 5768 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

16:20:44.0440 5768 WUDFRd - ok

16:20:44.0565 5768 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

16:20:44.0567 5768 wudfsvc - ok

16:20:44.0572 5768 ================ Scan global ===============================

16:20:44.0667 5768 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll

16:20:44.0854 5768 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll

16:20:45.0063 5768 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll

16:20:45.0380 5768 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe

16:20:45.0383 5768 [Global] - ok

16:20:45.0383 5768 ================ Scan MBR ==================================

16:20:45.0445 5768 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

16:20:48.0379 5768 \Device\Harddisk0\DR0 - ok

16:20:48.0400 5768 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1

16:20:48.0434 5768 \Device\Harddisk1\DR1 - ok

16:20:48.0434 5768 ================ Scan VBR ==================================

16:20:48.0465 5768 [ AA196B102977ED3A5D7E43D93C935B97 ] \Device\Harddisk0\DR0\Partition1

16:20:48.0531 5768 \Device\Harddisk0\DR0\Partition1 - ok

16:20:48.0554 5768 [ 843733667AFDB121A2A52E03B536DA34 ] \Device\Harddisk1\DR1\Partition1

16:20:48.0585 5768 \Device\Harddisk1\DR1\Partition1 - ok

16:20:48.0585 5768 ============================================================

16:20:48.0585 5768 Scan finished

16:20:48.0585 5768 ============================================================

16:20:48.0590 2564 Detected object count: 0

16:20:48.0590 2564 Actual detected object count: 0
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
118,439
That's good.

Please visit Combofix Guide & Instructions for instructions for installing the Recovery Console and downloading and running ComboFix.

The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.

Post the log from ComboFix when you've accomplished that.

Important notes regarding ComboFix:

ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

ComboFix also prevents autorun of ALL CDs, floppies and USB devices (don't worry, the keyboard and mouse will still function) to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read HERE for an article written by dvk01 on why we disable autoruns.
 

Franknj229

Thread Starter
Joined
Sep 21, 2009
Messages
88
When I click the "ComboFix Download Link", the page says the download is not available at this time and they hope to have it up and running again soon.

I will keep checking and post the results as soon as possible.

Thank you.
 

Franknj229

Thread Starter
Joined
Sep 21, 2009
Messages
88
Just a heads up: The ComboFix website confirmed that the program was infected with the WIN32/Sality.AT virus and the link has been temporarily disabled until they can fix it. As far as they can tell, it has been infected since January 29th.
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
118,439
Yes, it was an unfortunate and isolated incident. We'll come back to that when ComboFix becomes available again.

Download OTS.exe to your Desktop.
  1. Close any open browsers.
  2. If your Real protection or Antivirus interferes with OTS, allow it to run.
  3. Double-click on OTS.exe to start the program.
  4. At the top put a check mark in the box beside "Scan All Users".
  5. Under the Additional Scans section put a check in the box next to Disabled MS Config Items, NetSvcs and EventViewer logs (Last 10 errors)
  6. Now click the Run Scan button on the toolbar.
  7. Let it run unhindered until it finishes.
  8. When the scan is complete Notepad will open with the report file loaded in it.
  9. Save that notepad file.
Use the Reply button, scroll down to the attachments section and attach the notepad file here.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Staff online

Members online

Top