Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer infected w/ backdoor trojan, possible roboot64 and Seedabutor.B


  • This topic is locked This topic is locked
15 replies to this topic

#1 Gr8Rdn4U

Gr8Rdn4U

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:12 AM

Posted 06 March 2013 - 11:24 PM

I've gone as far as I'm comfortable with the How to remove a Trojan, Virus, Worm, or other Malware Tutorial, through Manual Removal, step 9. I'm unable to find information on many of the entries in Autoruns and don't want to brick my only computer. :)

 

My MS Essentials quarantined Seedabutor.B on 2/28. It seems to have piggybacked on some P2P programs my DH grabbed from a dirty source (I h8 P2P!).  I noticed issues with random new toolbars in my Chrome browser on 3/2. I uninstalled BitTorrent, MP3Jam, Conduit, and SwvUpdater. I downloaded MalwareBytes as recommended by the above tutorial, it quarantined & deleted these on 3/3:

 

Registry Keys Detected: 6
 
Registry Data Items Detected: 1
 
Files Detected: 2.
 
(I can provide cut/paste log history if it helps)
 
Audio ads still run randomly when the browser is open, ads pop-up when I click most buttons and links, ad hyperlinks have invaded my browsers, and I receive occasional warnings from AVG 2012 Resident Shield that tracking cookies are being blocked.  I'm sorry I can't provide the word-for-word AVG messages. They seem to only appear when the system is idling and I'm busy with other activities.  Also, I can't seem to attach the attach.txt file, I click 'Choose Files', select attach.txt, and then receive a popup ad. 
 
I'd sure appreciate an experienced helping hand. Thanks in advance!
 
Here is the dds.txt:
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16464  BrowserJavaVersion: 10.15.2
Run by Aaron at 18:50:33 on 2013-03-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3894.1263 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Users\Aaron\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3274043&octid=CT3274043&SearchSource=61&CUI=UN39172793612225019&UM=UM_ID&UP=SP83E2305B-EE68-4929-8962-0064B4952B8A
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Google Update] "C:\Users\Aaron\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\Aaron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Aaron\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Aaron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\Users\Aaron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\EFAX44~1.LNK - C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\AMAZON~1.LNK - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{AC703835-493D-488E-95E2-09B030888431} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{AC703835-493D-488E-95E2-09B030888431}\2456C6B696E6E233645444 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{AC703835-493D-488E-95E2-09B030888431}\2656C6B696E6E253433643 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{AC703835-493D-488E-95E2-09B030888431}\84F4D454D203336423 : DHCPNameServer = 68.87.66.246 68.87.64.242
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: AutorunsDisabled - <orphaned>
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\mc8nxjcf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3274043&SearchSource=3&q={searchTerms}&CUI=UN37760971212562910
FF - prefs.js: browser.search.selectedEngine - Privitize VPN
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://searchab.com/?aff=7&uid=472d3e23-8209-11e2-b934-984be18da685&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\npjpi170_15.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Aaron\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Aaron\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-8-24 384352]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-1-31 39768]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-12-20 98208]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-3 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-3 682344]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2320920]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-2-18 968880]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-9-28 31088]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-11-9 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-3-5 271872]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-3 24176]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-12-20 1041760]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 FlyUsb;FLY Fusion;C:\Windows\System32\drivers\FlyUsb.sys [2011-11-12 24576]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-2 227232]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2011-4-4 21504]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 11776]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-15 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-12-20 245792]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-15 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-13 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-24 315392]
.
=============== Created Last 30 ================
.
2013-03-06 03:04:04 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCDC09C5-018A-4A4C-9025-5F93562CFBC8}\mpengine.dll
2013-03-04 16:50:16 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-03-04 16:50:16 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3CB10C2-6B43-4127-8280-15057C715D10}\mpengine.dll
2013-03-03 08:14:09 -------- d-----w- C:\Users\Aaron\AppData\Roaming\Malwarebytes
2013-03-03 08:14:02 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-03 08:14:01 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-03 08:14:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-03 08:12:40 -------- d-----w- C:\Users\Aaron\AppData\Local\Programs
2013-03-03 06:35:41 -------- d-----w- C:\Autoruns
2013-03-03 02:46:01 -------- d-----w- C:\Users\Aaron\AppData\Roaming\TuneUp Software
2013-03-01 00:46:08 -------- d-----w- C:\Program Files (x86)\KeyDownload-Addon
2013-03-01 00:45:43 -------- d-----w- C:\Users\Aaron\AppData\Roaming\DefaultTab
2013-03-01 00:45:35 -------- d-----w- C:\Users\Aaron\AppData\Local\SwvUpdater
2013-03-01 00:28:47 -------- d-----w- C:\Users\Aaron\AppData\Roaming\Nico Mak Computing
2013-03-01 00:28:43 19840 ----a-w- C:\Windows\System32\roboot64.exe
2013-03-01 00:27:06 -------- d-----w- C:\Users\Aaron\AppData\Roaming\BitTorrent
2013-02-28 21:22:50 -------- d-----w- C:\Users\Aaron\AppData\Roaming\Mp3jam
2013-02-28 21:21:25 -------- d-----w- C:\Program Files (x86)\Conduit
2013-02-28 21:21:17 -------- d-----w- C:\Users\Aaron\AppData\Local\Conduit
2013-02-28 21:20:36 -------- d-----w- C:\Users\Aaron\AppData\Local\CRE
2013-02-28 21:19:20 -------- d-----w- C:\Users\Aaron\AppData\Roaming\OpenCandy
2013-02-27 11:00:59 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-02-23 17:24:14 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-15 22:31:23 186432 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-02-15 22:31:23 186432 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-14 11:08:24 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 11:08:24 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 11:02:06 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-14 11:02:05 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-14 11:02:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-02-14 11:02:03 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2013-02-14 11:02:03 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-02-14 11:02:03 149528 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-02-14 11:02:01 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-02-13 23:50:40 -------- d-----w- C:\Users\Aaron\AppData\Local\Macromedia
2013-02-13 22:05:52 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-13 22:05:49 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 22:05:47 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 22:05:35 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-13 22:05:31 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 22:05:30 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 22:05:29 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 22:05:29 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 22:05:29 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 22:05:28 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 22:05:21 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-13 22:05:20 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 20:09:34 -------- d-----w- C:\Users\Aaron\AppData\Local\Xfinity.com
.
==================== Find3M  ====================
.
2013-02-27 23:00:04 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 23:00:04 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-23 17:24:05 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-02-23 17:24:05 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-02-18 18:19:01 39768 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-20 23:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-01-20 23:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-10 11:28:34 127328 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
.
============= FINISH: 18:51:57.21 ===============
 
 
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,453 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:12 AM

Posted 07 March 2013 - 09:11 AM

Please run the following:

Please create a new system restore point before running Malwarebytes Anti-Rootkit if you can.

MBAR tutorial

Download Malwarebytes Anti-Rootkit from HERE
  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt
  • ~~~~~~~~~~~~~~~~~~~~~~~

    Note:
    If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
    Internet access
    Windows Update
    Windows Firewall

    If there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit and reboot.
    Verify that your system is now functioning normally.


    NEXT


    Please download TDSSKiller.zip
    • Extract it to your desktop
    • Double click TDSSKiller.exe
    • when the window opens, click on Change Parameters
    • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
    • click OK
    • Press Start Scan
      • If Malicious objects are found then ensure Cure is selected
      • If TDLFS File System/TDSS File system is found then ensure Cure is selected (if cure is not available, choose skip)
      • Then click Continue > Reboot now
    • Copy and paste the log in your next reply
      • A copy of the log will be saved automatically to the root of the drive (typically C:\)

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013

#3 Gr8Rdn4U

Gr8Rdn4U
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:12 AM

Posted 07 March 2013 - 09:43 PM

Hi CatByte,

 

Thanks for the quick response!

 

Both scans came back clean. I ran MBAR Cleanup anyway. When I first turn on the computer everything acts normally, but after it's been idle for awhile, things begin acting up again. The hyperlinks are still prolific and I have a recurring popup at the bottom of my Chrome browser from "powered by WebSuggestor" which prevents me from navigating to my previous page. Also, to post this message, I had to type it, copy it to my clipboard, close the browser, paste it to OpenOffice, restart the computer, reopen, paste, and hit post right away.

 

Here are the reports:

 

 

mbar-log.txt:

 

 

Malwarebytes Anti-Rootkit BETA 1.01.0.1021

www.malwarebytes.org

 

Database version: v2013.03.07.11

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Aaron :: AARON-HP [administrator]

 

3/7/2013 9:46:03 AM

mbar-log-2013-03-07 (09-46-03).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled: 

Objects scanned: 33048

Time elapsed: 42 minute(s), 15 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

 

 

 

System-log.txt:

 

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.01.0.1021

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

 

Account is Administrative

 

Internet Explorer version: 9.0.8112.16421

 

Java version: 1.6.0_33

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED

CPU speed: 2.261000 GHz

Memory total: 4083007488, free: 1866162176

 

------------ Kernel report ------------

     03/07/2013 09:02:10

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\compbatt.sys

\SystemRoot\system32\DRIVERS\BATTC.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\DRIVERS\iaStor.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\msahci.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\system32\DRIVERS\MpFilter.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\avgrkx64.sys

\SystemRoot\system32\DRIVERS\avgidsha.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\avgmfx64.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\??\C:\Windows\system32\drivers\avgtpx64.sys

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\avgtdia.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\avgldx64.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\DRIVERS\igdkmd64.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\DRIVERS\HECIx64.sys

\SystemRoot\system32\drivers\usbehci.sys

\SystemRoot\system32\drivers\USBPORT.SYS

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\netr28x.sys

\SystemRoot\system32\DRIVERS\vwifibus.sys

\SystemRoot\system32\DRIVERS\Rt64win7.sys

\SystemRoot\system32\DRIVERS\i8042prt.sys

\SystemRoot\system32\drivers\kbdclass.sys

\SystemRoot\system32\DRIVERS\SynTP.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\Impcd.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\clwvd.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\DRIVERS\IntcDAud.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\System32\Drivers\usbvideo.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_iaStor.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\mbam.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\DRIVERS\avgidsfiltera.sys

\SystemRoot\system32\DRIVERS\vwifimp.sys

\SystemRoot\system32\DRIVERS\NisDrvWFP.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\system32\DRIVERS\avgidsdrivera.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8004c1f060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IAAStorageDevice-1\

Lower Device Object: 0xfffffa8004960050

Lower Device Driver Name: \Driver\iaStor\

Driver name found: iaStor

Initialization returned 0x0

Load Function returned 0x0

Downloaded database version: v2013.03.07.11

Initializing...

Done!

<<<2>>>

Device number: 0, partition: 2

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8004c1f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8004c1fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8004c1f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8004960050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0xfffff8a00547c620, 0xfffffa8004c1f060, 0xfffffa8006d526d0

Lower DeviceData: 0xfffff8a0042550d0, 0xfffffa8004960050, 0xfffffa8004d78530

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning directory: C:\Windows\system32\drivers...

<<<2>>>

Device number: 0, partition: 2

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: DD97EECE

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 2048  Numsec = 407552

    Partition file system is NTFS

    Partition is bootable

 

    Partition 1 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 409600  Numsec = 936112128

 

    Partition 2 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 936521728  Numsec = 40038400

 

    Partition 3 type is Other (0xc)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 976560128  Numsec = 210992

 

Disk Size: 500107862016 bytes

Sector size: 512 bytes

 

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...

Done!

Performing system, memory and registry scan...

Read File:  File "c:\ProgramData\AVG2012\Chjw\ecf0f3eaf0f3b942.dat" is sparse (flags = 32768)

Done!

Scan finished

=======================================

 

 

 

TDSSKiller_log:

 

10:06:24.0762 5564  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

10:06:25.0362 5564  ============================================================

10:06:25.0362 5564  Current date / time: 2013/03/07 10:06:25.0362

10:06:25.0362 5564  SystemInfo:

10:06:25.0362 5564  

10:06:25.0362 5564  OS Version: 6.1.7601 ServicePack: 1.0

10:06:25.0362 5564  Product type: Workstation

10:06:25.0362 5564  ComputerName: AARON-HP

10:06:25.0362 5564  UserName: Aaron

10:06:25.0362 5564  Windows directory: C:\Windows

10:06:25.0362 5564  System windows directory: C:\Windows

10:06:25.0362 5564  Running under WOW64

10:06:25.0362 5564  Processor architecture: Intel x64

10:06:25.0362 5564  Number of processors: 4

10:06:25.0362 5564  Page size: 0x1000

10:06:25.0362 5564  Boot type: Normal boot

10:06:25.0362 5564  ============================================================

10:06:26.0285 5564  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

10:06:26.0290 5564  ============================================================

10:06:26.0290 5564  \Device\Harddisk0\DR0:

10:06:26.0290 5564  MBR partitions:

10:06:26.0290 5564  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

10:06:26.0290 5564  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37CBF000

10:06:26.0290 5564  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37D23000, BlocksNum 0x262F000

10:06:26.0290 5564  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830

10:06:26.0291 5564  ============================================================

10:06:26.0308 5564  C: <-> \Device\Harddisk0\DR0\Partition2

10:06:26.0350 5564  D: <-> \Device\Harddisk0\DR0\Partition3

10:06:26.0370 5564  F: <-> \Device\Harddisk0\DR0\Partition4

10:06:26.0370 5564  ============================================================

10:06:26.0370 5564  Initialize success

10:06:26.0397 5564  ============================================================

10:06:52.0314 3012  ============================================================

10:06:52.0314 3012  Scan started

10:06:52.0314 3012  Mode: Manual; TDLFS; 

10:06:52.0314 3012  ============================================================

10:06:52.0522 3012  ================ Scan system memory ========================

10:06:52.0522 3012  System memory - ok

10:06:52.0522 3012  ================ Scan services =============================

10:06:52.0743 3012  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

10:06:52.0749 3012  1394ohci - ok

10:06:52.0829 3012  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

10:06:52.0838 3012  ACPI - ok

10:06:52.0909 3012  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

10:06:52.0911 3012  AcpiPmi - ok

10:06:53.0056 3012  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

10:06:53.0058 3012  AdobeARMservice - ok

10:06:53.0190 3012  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

10:06:53.0196 3012  AdobeFlashPlayerUpdateSvc - ok

10:06:53.0252 3012  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

10:06:53.0260 3012  adp94xx - ok

10:06:53.0319 3012  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

10:06:53.0325 3012  adpahci - ok

10:06:53.0371 3012  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

10:06:53.0375 3012  adpu320 - ok

10:06:53.0449 3012  [ 7233688FC422EF657E082309E6180142 ] ADVService      C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe

10:06:53.0451 3012  ADVService - ok

10:06:53.0473 3012  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

10:06:53.0475 3012  AeLookupSvc - ok

10:06:53.0555 3012  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

10:06:53.0557 3012  AERTFilters - ok

10:06:53.0625 3012  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys

10:06:53.0635 3012  AFD - ok

10:06:53.0694 3012  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

10:06:53.0696 3012  agp440 - ok

10:06:53.0779 3012  Akamai - ok

10:06:53.0822 3012  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

10:06:53.0825 3012  ALG - ok

10:06:53.0881 3012  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

10:06:53.0883 3012  aliide - ok

10:06:53.0902 3012  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

10:06:53.0903 3012  amdide - ok

10:06:53.0940 3012  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

10:06:53.0942 3012  AmdK8 - ok

10:06:53.0955 3012  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

10:06:53.0958 3012  AmdPPM - ok

10:06:54.0013 3012  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

10:06:54.0017 3012  amdsata - ok

10:06:54.0068 3012  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

10:06:54.0072 3012  amdsbs - ok

10:06:54.0092 3012  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

10:06:54.0094 3012  amdxata - ok

10:06:54.0155 3012  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

10:06:54.0158 3012  AppID - ok

10:06:54.0180 3012  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

10:06:54.0182 3012  AppIDSvc - ok

10:06:54.0244 3012  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll

10:06:54.0247 3012  Appinfo - ok

10:06:54.0294 3012  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys

10:06:54.0296 3012  arc - ok

10:06:54.0337 3012  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

10:06:54.0340 3012  arcsas - ok

10:06:54.0480 3012  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

10:06:54.0483 3012  aspnet_state - ok

10:06:54.0525 3012  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

10:06:54.0527 3012  AsyncMac - ok

10:06:54.0590 3012  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

10:06:54.0591 3012  atapi - ok

10:06:54.0668 3012  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

10:06:54.0685 3012  AudioEndpointBuilder - ok

10:06:54.0702 3012  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

10:06:54.0707 3012  AudioSrv - ok

10:06:54.0943 3012  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

10:06:54.0974 3012  AVGIDSAgent - ok

10:06:55.0052 3012  [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys

10:06:55.0054 3012  AVGIDSDriver - ok

10:06:55.0104 3012  [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter    C:\Windows\system32\DRIVERS\avgidsfiltera.sys

10:06:55.0105 3012  AVGIDSFilter - ok

10:06:55.0172 3012  [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys

10:06:55.0174 3012  AVGIDSHA - ok

10:06:55.0241 3012  [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys

10:06:55.0247 3012  Avgldx64 - ok

10:06:55.0263 3012  [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys

10:06:55.0265 3012  Avgmfx64 - ok

10:06:55.0325 3012  [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys

10:06:55.0327 3012  Avgrkx64 - ok

10:06:55.0374 3012  [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys

10:06:55.0382 3012  Avgtdia - ok

10:06:55.0449 3012  [ 90CF04574CF47B19EE5B2FE41BA52B32 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys

10:06:55.0451 3012  avgtp - ok

10:06:55.0495 3012  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

10:06:55.0499 3012  avgwd - ok

10:06:55.0552 3012  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

10:06:55.0556 3012  AxInstSV - ok

10:06:55.0604 3012  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

10:06:55.0614 3012  b06bdrv - ok

10:06:55.0673 3012  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

10:06:55.0679 3012  b57nd60a - ok

10:06:55.0729 3012  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

10:06:55.0732 3012  BDESVC - ok

10:06:55.0744 3012  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

10:06:55.0745 3012  Beep - ok

10:06:55.0821 3012  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

10:06:55.0840 3012  BFE - ok

10:06:55.0877 3012  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll

10:06:55.0907 3012  BITS - ok

10:06:55.0942 3012  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

10:06:55.0944 3012  blbdrive - ok

10:06:56.0008 3012  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

10:06:56.0011 3012  bowser - ok

10:06:56.0035 3012  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

10:06:56.0037 3012  BrFiltLo - ok

10:06:56.0051 3012  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

10:06:56.0052 3012  BrFiltUp - ok

10:06:56.0093 3012  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

10:06:56.0095 3012  Browser - ok

10:06:56.0127 3012  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

10:06:56.0132 3012  Brserid - ok

10:06:56.0168 3012  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

10:06:56.0170 3012  BrSerWdm - ok

10:06:56.0187 3012  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

10:06:56.0189 3012  BrUsbMdm - ok

10:06:56.0211 3012  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

10:06:56.0213 3012  BrUsbSer - ok

10:06:56.0252 3012  [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys

10:06:56.0254 3012  BTCFilterService - ok

10:06:56.0284 3012  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

10:06:56.0286 3012  BTHMODEM - ok

10:06:56.0326 3012  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

10:06:56.0329 3012  bthserv - ok

10:06:56.0367 3012  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

10:06:56.0369 3012  cdfs - ok

10:06:56.0425 3012  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

10:06:56.0427 3012  cdrom - ok

10:06:56.0479 3012  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

10:06:56.0481 3012  CertPropSvc - ok

10:06:56.0520 3012  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

10:06:56.0523 3012  circlass - ok

10:06:56.0569 3012  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

10:06:56.0575 3012  CLFS - ok

10:06:56.0642 3012  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

10:06:56.0645 3012  clr_optimization_v2.0.50727_32 - ok

10:06:56.0695 3012  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

10:06:56.0698 3012  clr_optimization_v2.0.50727_64 - ok

10:06:56.0786 3012  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

10:06:56.0789 3012  clr_optimization_v4.0.30319_32 - ok

10:06:56.0806 3012  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

10:06:56.0819 3012  clr_optimization_v4.0.30319_64 - ok

10:06:56.0864 3012  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys

10:06:56.0866 3012  clwvd - ok

10:06:56.0889 3012  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

10:06:56.0892 3012  CmBatt - ok

10:06:56.0938 3012  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

10:06:56.0940 3012  cmdide - ok

10:06:57.0013 3012  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys

10:06:57.0023 3012  CNG - ok

10:06:57.0062 3012  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

10:06:57.0064 3012  Compbatt - ok

10:06:57.0126 3012  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

10:06:57.0128 3012  CompositeBus - ok

10:06:57.0148 3012  COMSysApp - ok

10:06:57.0178 3012  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

10:06:57.0180 3012  crcdisk - ok

10:06:57.0243 3012  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll

10:06:57.0246 3012  CryptSvc - ok

10:06:57.0308 3012  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll

10:06:57.0318 3012  DcomLaunch - ok

10:06:57.0371 3012  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

10:06:57.0378 3012  defragsvc - ok

10:06:57.0426 3012  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

10:06:57.0429 3012  DfsC - ok

10:06:57.0492 3012  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

10:06:57.0499 3012  Dhcp - ok

10:06:57.0528 3012  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

10:06:57.0530 3012  discache - ok

10:06:57.0575 3012  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys

10:06:57.0578 3012  Disk - ok

10:06:57.0636 3012  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

10:06:57.0640 3012  Dnscache - ok

10:06:57.0711 3012  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

10:06:57.0718 3012  dot3svc - ok

10:06:57.0790 3012  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys

10:06:57.0794 3012  Dot4 - ok

10:06:57.0838 3012  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys

10:06:57.0840 3012  Dot4Print - ok

10:06:57.0884 3012  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys

10:06:57.0886 3012  dot4usb - ok

10:06:57.0931 3012  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

10:06:57.0935 3012  DPS - ok

10:06:57.0974 3012  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

10:06:57.0975 3012  drmkaud - ok

10:06:58.0059 3012  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

10:06:58.0093 3012  DXGKrnl - ok

10:06:58.0123 3012  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

10:06:58.0126 3012  EapHost - ok

10:06:58.0231 3012  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

10:06:58.0329 3012  ebdrv - ok

10:06:58.0385 3012  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe

10:06:58.0387 3012  EFS - ok

10:06:58.0492 3012  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

10:06:58.0508 3012  ehRecvr - ok

10:06:58.0539 3012  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

10:06:58.0541 3012  ehSched - ok

10:06:58.0596 3012  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

10:06:58.0605 3012  elxstor - ok

10:06:58.0649 3012  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

10:06:58.0651 3012  ErrDev - ok

10:06:58.0706 3012  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

10:06:58.0713 3012  EventSystem - ok

10:06:58.0748 3012  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

10:06:58.0752 3012  exfat - ok

10:06:58.0776 3012  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

10:06:58.0780 3012  fastfat - ok

10:06:58.0838 3012  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

10:06:58.0850 3012  Fax - ok

10:06:58.0881 3012  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

10:06:58.0883 3012  fdc - ok

10:06:58.0904 3012  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

10:06:58.0906 3012  fdPHost - ok

10:06:58.0921 3012  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

10:06:58.0923 3012  FDResPub - ok

10:06:58.0953 3012  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

10:06:58.0956 3012  FileInfo - ok

10:06:58.0968 3012  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

10:06:58.0970 3012  Filetrace - ok

10:06:58.0987 3012  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

10:06:58.0989 3012  flpydisk - ok

10:06:59.0107 3012  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

10:06:59.0113 3012  FltMgr - ok

10:06:59.0158 3012  [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb          C:\Windows\system32\DRIVERS\FlyUsb.sys

10:06:59.0160 3012  FlyUsb - ok

10:06:59.0256 3012  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll

10:06:59.0291 3012  FontCache - ok

10:06:59.0363 3012  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

10:06:59.0365 3012  FontCache3.0.0.0 - ok

10:06:59.0400 3012  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

10:06:59.0402 3012  FsDepends - ok

10:06:59.0435 3012  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

10:06:59.0437 3012  Fs_Rec - ok

10:06:59.0485 3012  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

10:06:59.0490 3012  fvevol - ok

10:06:59.0519 3012  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

10:06:59.0522 3012  gagp30kx - ok

10:06:59.0588 3012  [ 551D463E4CCEB5240234DA6718C93A44 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

10:06:59.0593 3012  GameConsoleService - ok

10:06:59.0663 3012  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

10:06:59.0683 3012  gpsvc - ok

10:06:59.0738 3012  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:06:59.0741 3012  gupdate - ok

10:06:59.0785 3012  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

10:06:59.0787 3012  gupdatem - ok

10:06:59.0850 3012  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

10:06:59.0853 3012  gusvc - ok

10:06:59.0882 3012  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

10:06:59.0884 3012  hcw85cir - ok

10:06:59.0946 3012  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

10:06:59.0952 3012  HdAudAddService - ok

10:06:59.0985 3012  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys

10:06:59.0988 3012  HDAudBus - ok

10:07:00.0028 3012  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys

10:07:00.0030 3012  HECIx64 - ok

10:07:00.0061 3012  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

10:07:00.0063 3012  HidBatt - ok

10:07:00.0084 3012  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

10:07:00.0086 3012  HidBth - ok

10:07:00.0113 3012  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

10:07:00.0115 3012  HidIr - ok

10:07:00.0142 3012  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll

10:07:00.0144 3012  hidserv - ok

10:07:00.0192 3012  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

10:07:00.0193 3012  HidUsb - ok

10:07:00.0243 3012  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

10:07:00.0246 3012  hkmsvc - ok

10:07:00.0294 3012  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

10:07:00.0301 3012  HomeGroupListener - ok

10:07:00.0355 3012  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

10:07:00.0360 3012  HomeGroupProvider - ok

10:07:00.0451 3012  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

10:07:00.0453 3012  HP Support Assistant Service - ok

10:07:00.0518 3012  [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

10:07:00.0521 3012  HP Wireless Assistant Service - ok

10:07:00.0548 3012  [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

10:07:00.0554 3012  HPClientSvc - ok

10:07:00.0724 3012  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

10:07:00.0730 3012  hpqcxs08 - ok

10:07:00.0750 3012  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

10:07:00.0753 3012  hpqddsvc - ok

10:07:00.0840 3012  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

10:07:00.0874 3012  hpqwmiex - ok

10:07:00.0947 3012  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

10:07:00.0949 3012  HpSAMD - ok

10:07:00.0996 3012  [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

10:07:00.0998 3012  HPWMISVC - ok

10:07:01.0076 3012  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

10:07:01.0094 3012  HTTP - ok

10:07:01.0165 3012  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

10:07:01.0166 3012  hwpolicy - ok

10:07:01.0234 3012  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

10:07:01.0237 3012  i8042prt - ok

10:07:01.0279 3012  [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys

10:07:01.0285 3012  iaStor - ok

10:07:01.0350 3012  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

10:07:01.0358 3012  iaStorV - ok

10:07:01.0431 3012  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

10:07:01.0446 3012  idsvc - ok

10:07:01.0755 3012  [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys

10:07:02.0011 3012  igfx - ok

10:07:02.0039 3012  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

10:07:02.0040 3012  iirsp - ok

10:07:02.0103 3012  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll

10:07:02.0136 3012  IKEEXT - ok

10:07:02.0178 3012  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys

10:07:02.0182 3012  Impcd - ok

10:07:02.0277 3012  [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

10:07:02.0347 3012  IntcAzAudAddService - ok

10:07:02.0389 3012  [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys

10:07:02.0393 3012  IntcDAud - ok

10:07:02.0442 3012  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

10:07:02.0444 3012  intelide - ok

10:07:02.0463 3012  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

10:07:02.0465 3012  intelppm - ok

10:07:02.0503 3012  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

10:07:02.0508 3012  IPBusEnum - ok

10:07:02.0564 3012  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

10:07:02.0566 3012  IpFilterDriver - ok

10:07:02.0647 3012  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

10:07:02.0656 3012  iphlpsvc - ok

10:07:02.0705 3012  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

10:07:02.0708 3012  IPMIDRV - ok

10:07:02.0728 3012  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

10:07:02.0730 3012  IPNAT - ok

10:07:02.0758 3012  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

10:07:02.0760 3012  IRENUM - ok

10:07:02.0809 3012  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

10:07:02.0810 3012  isapnp - ok

10:07:02.0862 3012  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

10:07:02.0868 3012  iScsiPrt - ok

10:07:02.0900 3012  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys

10:07:02.0902 3012  kbdclass - ok

10:07:02.0957 3012  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys

10:07:02.0959 3012  kbdhid - ok

10:07:02.0985 3012  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe

10:07:02.0987 3012  KeyIso - ok

10:07:03.0039 3012  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

10:07:03.0043 3012  KSecDD - ok

10:07:03.0100 3012  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

10:07:03.0104 3012  KSecPkg - ok

10:07:03.0146 3012  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

10:07:03.0148 3012  ksthunk - ok

10:07:03.0172 3012  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

10:07:03.0179 3012  KtmRm - ok

10:07:03.0259 3012  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll

10:07:03.0266 3012  LanmanServer - ok

10:07:03.0306 3012  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

10:07:03.0311 3012  LanmanWorkstation - ok

10:07:03.0509 3012  [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

10:07:03.0657 3012  LeapFrog Connect Device Service - ok

10:07:03.0713 3012  [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

10:07:03.0716 3012  LightScribeService - ok

10:07:03.0743 3012  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

10:07:03.0746 3012  lltdio - ok

10:07:03.0773 3012  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

10:07:03.0780 3012  lltdsvc - ok

10:07:03.0808 3012  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

10:07:03.0811 3012  lmhosts - ok

10:07:03.0902 3012  [ 7485FBCEF9136F530953575E2977859D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

10:07:03.0907 3012  LMS - ok

10:07:03.0938 3012  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

10:07:03.0942 3012  LSI_FC - ok

10:07:03.0981 3012  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

10:07:03.0984 3012  LSI_SAS - ok

10:07:03.0997 3012  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

10:07:03.0999 3012  LSI_SAS2 - ok

10:07:04.0019 3012  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

10:07:04.0022 3012  LSI_SCSI - ok

10:07:04.0053 3012  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

10:07:04.0056 3012  luafv - ok

10:07:04.0135 3012  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

10:07:04.0137 3012  MBAMProtector - ok

10:07:04.0187 3012  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

10:07:04.0194 3012  MBAMScheduler - ok

10:07:04.0263 3012  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

10:07:04.0273 3012  MBAMService - ok

10:07:04.0374 3012  [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe

10:07:04.0379 3012  McComponentHostService - ok

10:07:04.0440 3012  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

10:07:04.0444 3012  Mcx2Svc - ok

10:07:04.0476 3012  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

10:07:04.0478 3012  megasas - ok

10:07:04.0522 3012  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

10:07:04.0529 3012  MegaSR - ok

10:07:04.0557 3012  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

10:07:04.0561 3012  MMCSS - ok

10:07:04.0588 3012  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

10:07:04.0590 3012  Modem - ok

10:07:04.0616 3012  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

10:07:04.0617 3012  monitor - ok

10:07:04.0644 3012  [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys

10:07:04.0646 3012  motccgp - ok

10:07:04.0697 3012  [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl       C:\Windows\system32\DRIVERS\motccgpfl.sys

10:07:04.0698 3012  motccgpfl - ok

10:07:04.0728 3012  [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem        C:\Windows\system32\DRIVERS\motmodem.sys

10:07:04.0729 3012  motmodem - ok

10:07:04.0788 3012  [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper      C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

10:07:04.0792 3012  MotoHelper - ok

10:07:04.0816 3012  [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys

10:07:04.0818 3012  MotoSwitchService - ok

10:07:04.0850 3012  [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys

10:07:04.0852 3012  Motousbnet - ok

10:07:04.0912 3012  [ D075B1D964A314D240F5498773EE89DF ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys

10:07:04.0914 3012  motusbdevice - ok

10:07:04.0977 3012  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

10:07:04.0979 3012  mouclass - ok

10:07:05.0022 3012  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

10:07:05.0024 3012  mouhid - ok

10:07:05.0081 3012  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

10:07:05.0084 3012  mountmgr - ok

10:07:05.0152 3012  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys

10:07:05.0157 3012  MpFilter - ok

10:07:05.0209 3012  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

10:07:05.0213 3012  mpio - ok

10:07:05.0241 3012  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

10:07:05.0243 3012  mpsdrv - ok

10:07:05.0309 3012  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

10:07:05.0343 3012  MpsSvc - ok

10:07:05.0400 3012  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

10:07:05.0404 3012  MRxDAV - ok

10:07:05.0454 3012  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

10:07:05.0458 3012  mrxsmb - ok

10:07:05.0498 3012  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

10:07:05.0503 3012  mrxsmb10 - ok

10:07:05.0554 3012  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

10:07:05.0557 3012  mrxsmb20 - ok

10:07:05.0605 3012  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

10:07:05.0607 3012  msahci - ok

10:07:05.0660 3012  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

10:07:05.0664 3012  msdsm - ok

10:07:05.0683 3012  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

10:07:05.0688 3012  MSDTC - ok

10:07:05.0725 3012  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

10:07:05.0727 3012  Msfs - ok

10:07:05.0759 3012  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

10:07:05.0763 3012  mshidkmdf - ok

10:07:05.0806 3012  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

10:07:05.0807 3012  msisadrv - ok

10:07:05.0834 3012  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

10:07:05.0839 3012  MSiSCSI - ok

10:07:05.0844 3012  msiserver - ok

10:07:05.0882 3012  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

10:07:05.0884 3012  MSKSSRV - ok

10:07:05.0972 3012  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe

10:07:05.0973 3012  MsMpSvc - ok

10:07:05.0993 3012  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

10:07:05.0995 3012  MSPCLOCK - ok

10:07:06.0014 3012  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

10:07:06.0016 3012  MSPQM - ok

10:07:06.0075 3012  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

10:07:06.0083 3012  MsRPC - ok

10:07:06.0140 3012  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

10:07:06.0142 3012  mssmbios - ok

10:07:06.0176 3012  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

10:07:06.0177 3012  MSTEE - ok

10:07:06.0199 3012  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

10:07:06.0201 3012  MTConfig - ok

10:07:06.0224 3012  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

10:07:06.0226 3012  Mup - ok

10:07:06.0281 3012  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

10:07:06.0292 3012  napagent - ok

10:07:06.0326 3012  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

10:07:06.0332 3012  NativeWifiP - ok

10:07:06.0402 3012  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

10:07:06.0416 3012  NDIS - ok

10:07:06.0433 3012  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

10:07:06.0435 3012  NdisCap - ok

10:07:06.0464 3012  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

10:07:06.0466 3012  NdisTapi - ok

10:07:06.0515 3012  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

10:07:06.0517 3012  Ndisuio - ok

10:07:06.0566 3012  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

10:07:06.0570 3012  NdisWan - ok

10:07:06.0618 3012  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

10:07:06.0620 3012  NDProxy - ok

10:07:06.0682 3012  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

10:07:06.0685 3012  Net Driver HPZ12 - ok

10:07:06.0717 3012  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

10:07:06.0719 3012  NetBIOS - ok

10:07:06.0774 3012  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

10:07:06.0780 3012  NetBT - ok

10:07:06.0807 3012  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe

10:07:06.0809 3012  Netlogon - ok

10:07:06.0850 3012  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

10:07:06.0857 3012  Netman - ok

10:07:06.0907 3012  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:07:06.0910 3012  NetMsmqActivator - ok

10:07:06.0916 3012  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:07:06.0918 3012  NetPipeActivator - ok

10:07:06.0962 3012  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

10:07:06.0970 3012  netprofm - ok

10:07:07.0049 3012  [ 24CF1304D899124336F67F88F3C15E21 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys

10:07:07.0082 3012  netr28x - ok

10:07:07.0118 3012  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:07:07.0120 3012  NetTcpActivator - ok

10:07:07.0125 3012  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

10:07:07.0127 3012  NetTcpPortSharing - ok

10:07:07.0354 3012  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys

10:07:07.0488 3012  netw5v64 - ok

10:07:07.0533 3012  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

10:07:07.0535 3012  nfrd960 - ok

10:07:07.0588 3012  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys

10:07:07.0592 3012  NisDrv - ok

10:07:07.0660 3012  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe

10:07:07.0663 3012  NisSrv - ok

10:07:07.0692 3012  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll

10:07:07.0699 3012  NlaSvc - ok

10:07:07.0719 3012  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

10:07:07.0721 3012  Npfs - ok

10:07:07.0757 3012  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

10:07:07.0760 3012  nsi - ok

10:07:07.0778 3012  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

10:07:07.0780 3012  nsiproxy - ok

10:07:07.0874 3012  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

10:07:07.0919 3012  Ntfs - ok

10:07:07.0935 3012  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

10:07:07.0937 3012  Null - ok

10:07:07.0961 3012  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

10:07:07.0965 3012  nvraid - ok

10:07:08.0020 3012  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

10:07:08.0024 3012  nvstor - ok

10:07:08.0056 3012  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

10:07:08.0060 3012  nv_agp - ok

10:07:08.0105 3012  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

10:07:08.0107 3012  ohci1394 - ok

10:07:08.0172 3012  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

10:07:08.0176 3012  ose - ok

10:07:08.0353 3012  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

10:07:08.0380 3012  osppsvc - ok

10:07:08.0423 3012  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

10:07:08.0428 3012  p2pimsvc - ok

10:07:08.0449 3012  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

10:07:08.0463 3012  p2psvc - ok

10:07:08.0489 3012  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

10:07:08.0492 3012  Parport - ok

10:07:08.0528 3012  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

10:07:08.0531 3012  partmgr - ok

10:07:08.0556 3012  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

10:07:08.0562 3012  PcaSvc - ok

10:07:08.0614 3012  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

10:07:08.0619 3012  pci - ok

10:07:08.0665 3012  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

10:07:08.0667 3012  pciide - ok

10:07:08.0705 3012  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

10:07:08.0709 3012  pcmcia - ok

10:07:08.0727 3012  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

10:07:08.0729 3012  pcw - ok

10:07:08.0752 3012  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

10:07:08.0761 3012  PEAUTH - ok

10:07:08.0848 3012  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

10:07:08.0852 3012  PerfHost - ok

10:07:08.0938 3012  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

10:07:08.0981 3012  pla - ok

10:07:09.0024 3012  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

10:07:09.0033 3012  PlugPlay - ok

10:07:09.0080 3012  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

10:07:09.0084 3012  Pml Driver HPZ12 - ok

10:07:09.0106 3012  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

10:07:09.0110 3012  PNRPAutoReg - ok

10:07:09.0135 3012  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

10:07:09.0139 3012  PNRPsvc - ok

10:07:09.0207 3012  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

10:07:09.0218 3012  PolicyAgent - ok

10:07:09.0257 3012  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

10:07:09.0263 3012  Power - ok

10:07:09.0310 3012  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

10:07:09.0313 3012  PptpMiniport - ok

10:07:09.0343 3012  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys

10:07:09.0345 3012  Processor - ok

10:07:09.0397 3012  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

10:07:09.0402 3012  ProfSvc - ok

10:07:09.0418 3012  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

10:07:09.0421 3012  ProtectedStorage - ok

10:07:09.0488 3012  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

10:07:09.0491 3012  Psched - ok

10:07:09.0548 3012  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

10:07:09.0596 3012  ql2300 - ok

10:07:09.0642 3012  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

10:07:09.0645 3012  ql40xx - ok

10:07:09.0681 3012  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

10:07:09.0688 3012  QWAVE - ok

10:07:09.0708 3012  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

10:07:09.0711 3012  QWAVEdrv - ok

10:07:09.0727 3012  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

10:07:09.0729 3012  RasAcd - ok

10:07:09.0767 3012  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

10:07:09.0769 3012  RasAgileVpn - ok

10:07:09.0783 3012  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

10:07:09.0787 3012  RasAuto - ok

10:07:09.0834 3012  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

10:07:09.0837 3012  Rasl2tp - ok

10:07:09.0885 3012  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

10:07:09.0894 3012  RasMan - ok

10:07:09.0924 3012  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

10:07:09.0927 3012  RasPppoe - ok

10:07:09.0954 3012  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

10:07:09.0957 3012  RasSstp - ok

10:07:10.0003 3012  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

10:07:10.0009 3012  rdbss - ok

10:07:10.0029 3012  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

10:07:10.0031 3012  rdpbus - ok

10:07:10.0068 3012  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

10:07:10.0070 3012  RDPCDD - ok

10:07:10.0078 3012  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

10:07:10.0079 3012  RDPENCDD - ok

10:07:10.0099 3012  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

10:07:10.0100 3012  RDPREFMP - ok

10:07:10.0166 3012  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

10:07:10.0167 3012  RdpVideoMiniport - ok

10:07:10.0226 3012  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

10:07:10.0231 3012  RDPWD - ok

10:07:10.0300 3012  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

10:07:10.0305 3012  rdyboost - ok

10:07:10.0343 3012  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

10:07:10.0347 3012  RemoteAccess - ok

10:07:10.0362 3012  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

10:07:10.0367 3012  RemoteRegistry - ok

10:07:10.0429 3012  [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

10:07:10.0437 3012  RoxioNow Service - ok

10:07:10.0464 3012  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

10:07:10.0468 3012  RpcEptMapper - ok

10:07:10.0493 3012  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

10:07:10.0496 3012  RpcLocator - ok

10:07:10.0553 3012  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

10:07:10.0563 3012  RpcSs - ok

10:07:10.0596 3012  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

10:07:10.0598 3012  rspndr - ok

10:07:10.0639 3012  [ 22D6B47D004A6568C500680BE2972854 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys

10:07:10.0644 3012  RSUSBSTOR - ok

10:07:10.0708 3012  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

10:07:10.0716 3012  RTL8167 - ok

10:07:10.0769 3012  [ 4EA7E5DF0CB237156176FA0349E6E87F ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

10:07:10.0776 3012  RtVOsdService - ok

10:07:10.0796 3012  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe

10:07:10.0798 3012  SamSs - ok

10:07:10.0847 3012  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

10:07:10.0850 3012  sbp2port - ok

10:07:10.0876 3012  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

10:07:10.0882 3012  SCardSvr - ok

10:07:10.0927 3012  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

10:07:10.0929 3012  scfilter - ok

10:07:11.0006 3012  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

10:07:11.0041 3012  Schedule - ok

10:07:11.0090 3012  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

10:07:11.0092 3012  SCPolicySvc - ok

10:07:11.0161 3012  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys

10:07:11.0164 3012  sdbus - ok

10:07:11.0211 3012  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

10:07:11.0218 3012  SDRSVC - ok

10:07:11.0241 3012  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

10:07:11.0244 3012  secdrv - ok

10:07:11.0293 3012  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

10:07:11.0297 3012  seclogon - ok

10:07:11.0326 3012  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll

10:07:11.0330 3012  SENS - ok

10:07:11.0363 3012  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

10:07:11.0367 3012  SensrSvc - ok

10:07:11.0391 3012  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

10:07:11.0393 3012  Serenum - ok

10:07:11.0417 3012  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

10:07:11.0419 3012  Serial - ok

10:07:11.0468 3012  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

10:07:11.0470 3012  sermouse - ok

10:07:11.0522 3012  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

10:07:11.0526 3012  SessionEnv - ok

10:07:11.0571 3012  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

10:07:11.0573 3012  sffdisk - ok

10:07:11.0591 3012  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

10:07:11.0593 3012  sffp_mmc - ok

10:07:11.0610 3012  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

10:07:11.0612 3012  sffp_sd - ok

10:07:11.0641 3012  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

10:07:11.0643 3012  sfloppy - ok

10:07:11.0693 3012  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

10:07:11.0700 3012  SharedAccess - ok

10:07:11.0746 3012  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

10:07:11.0756 3012  ShellHWDetection - ok

10:07:11.0793 3012  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

10:07:11.0795 3012  SiSRaid2 - ok

10:07:11.0833 3012  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

10:07:11.0837 3012  SiSRaid4 - ok

10:07:11.0856 3012  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

10:07:11.0860 3012  Smb - ok

10:07:11.0917 3012  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

10:07:11.0921 3012  SNMPTRAP - ok

10:07:11.0937 3012  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

10:07:11.0940 3012  spldr - ok

10:07:12.0003 3012  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

10:07:12.0015 3012  Spooler - ok

10:07:12.0137 3012  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

10:07:12.0226 3012  sppsvc - ok

10:07:12.0259 3012  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

10:07:12.0262 3012  sppuinotify - ok

10:07:12.0322 3012  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

10:07:12.0331 3012  srv - ok

10:07:12.0389 3012  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

10:07:12.0398 3012  srv2 - ok

10:07:12.0438 3012  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS

10:07:12.0444 3012  SrvHsfHDA - ok

10:07:12.0491 3012  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS

10:07:12.0540 3012  SrvHsfV92 - ok

10:07:12.0572 3012  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

10:07:12.0581 3012  SrvHsfWinac - ok

10:07:12.0600 3012  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

10:07:12.0603 3012  srvnet - ok

10:07:12.0648 3012  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

10:07:12.0652 3012  SSDPSRV - ok

10:07:12.0664 3012  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

10:07:12.0667 3012  SstpSvc - ok

10:07:12.0693 3012  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

10:07:12.0694 3012  stexstor - ok

10:07:12.0770 3012  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

10:07:12.0789 3012  stisvc - ok

10:07:12.0838 3012  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys

10:07:12.0840 3012  swenum - ok

10:07:12.0897 3012  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

10:07:12.0909 3012  swprv - ok

10:07:12.0989 3012  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

10:07:12.0997 3012  SynTP - ok

10:07:13.0113 3012  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll

10:07:13.0154 3012  SysMain - ok

10:07:13.0199 3012  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

10:07:13.0204 3012  TabletInputService - ok

10:07:13.0254 3012  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

10:07:13.0263 3012  TapiSrv - ok

10:07:13.0289 3012  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

10:07:13.0293 3012  TBS - ok

10:07:13.0392 3012  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

10:07:13.0449 3012  Tcpip - ok

10:07:13.0506 3012  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

10:07:13.0519 3012  TCPIP6 - ok

10:07:13.0569 3012  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

10:07:13.0571 3012  tcpipreg - ok

10:07:13.0618 3012  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

10:07:13.0620 3012  TDPIPE - ok

10:07:13.0663 3012  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

10:07:13.0665 3012  TDTCP - ok

10:07:13.0726 3012  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

10:07:13.0729 3012  tdx - ok

10:07:13.0744 3012  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys

10:07:13.0746 3012  TermDD - ok

10:07:13.0815 3012  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

10:07:13.0832 3012  TermService - ok

10:07:13.0878 3012  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

10:07:13.0882 3012  Themes - ok

10:07:13.0912 3012  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

10:07:13.0915 3012  THREADORDER - ok

10:07:13.0936 3012  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

10:07:13.0940 3012  TrkWks - ok

10:07:14.0018 3012  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

10:07:14.0020 3012  TrustedInstaller - ok

10:07:14.0072 3012  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

10:07:14.0073 3012  tssecsrv - ok

10:07:14.0116 3012  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

10:07:14.0119 3012  TsUsbFlt - ok

10:07:14.0182 3012  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

10:07:14.0185 3012  tunnel - ok

10:07:14.0225 3012  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

10:07:14.0228 3012  uagp35 - ok

10:07:14.0281 3012  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

10:07:14.0287 3012  udfs - ok

10:07:14.0327 3012  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

10:07:14.0331 3012  UI0Detect - ok

10:07:14.0361 3012  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

10:07:14.0363 3012  uliagpkx - ok

10:07:14.0428 3012  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys

10:07:14.0430 3012  umbus - ok

10:07:14.0458 3012  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

10:07:14.0460 3012  UmPass - ok

10:07:14.0587 3012  [ 765F2DD351BA064F657751D8D75E58C0 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

10:07:14.0652 3012  UNS - ok

10:07:14.0692 3012  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

10:07:14.0698 3012  upnphost - ok

10:07:14.0739 3012  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

10:07:14.0741 3012  usbccgp - ok

10:07:14.0791 3012  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

10:07:14.0794 3012  usbcir - ok

10:07:14.0809 3012  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys

10:07:14.0811 3012  usbehci - ok

10:07:14.0844 3012  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

10:07:14.0850 3012  usbhub - ok

10:07:14.0878 3012  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

10:07:14.0880 3012  usbohci - ok

10:07:14.0908 3012  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

10:07:14.0909 3012  usbprint - ok

10:07:14.0970 3012  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

10:07:14.0972 3012  usbscan - ok

10:07:14.0988 3012  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

10:07:14.0991 3012  USBSTOR - ok

10:07:15.0042 3012  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

10:07:15.0044 3012  usbuhci - ok

10:07:15.0107 3012  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

10:07:15.0112 3012  usbvideo - ok

10:07:15.0137 3012  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

10:07:15.0140 3012  UxSms - ok

10:07:15.0151 3012  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe

10:07:15.0153 3012  VaultSvc - ok

10:07:15.0197 3012  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

10:07:15.0199 3012  vdrvroot - ok

10:07:15.0323 3012  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

10:07:15.0343 3012  vds - ok

10:07:15.0363 3012  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

10:07:15.0364 3012  vga - ok

10:07:15.0381 3012  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

10:07:15.0383 3012  VgaSave - ok

10:07:15.0433 3012  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

10:07:15.0438 3012  vhdmp - ok

10:07:15.0482 3012  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

10:07:15.0485 3012  viaide - ok

10:07:15.0536 3012  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

10:07:15.0538 3012  volmgr - ok

10:07:15.0593 3012  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

10:07:15.0601 3012  volmgrx - ok

10:07:15.0625 3012  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

10:07:15.0632 3012  volsnap - ok

10:07:15.0678 3012  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

10:07:15.0682 3012  vsmraid - ok

10:07:15.0767 3012  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

10:07:15.0812 3012  VSS - ok

10:07:15.0977 3012  [ 222D84CBE6A428A66A513B339EC633C8 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

10:07:16.0010 3012  vToolbarUpdater14.2.0 - ok

10:07:16.0040 3012  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

10:07:16.0042 3012  vwifibus - ok

10:07:16.0075 3012  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

10:07:16.0077 3012  vwififlt - ok

10:07:16.0105 3012  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

10:07:16.0107 3012  vwifimp - ok

10:07:16.0156 3012  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

10:07:16.0164 3012  W32Time - ok

10:07:16.0189 3012  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

10:07:16.0191 3012  WacomPen - ok

10:07:16.0249 3012  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

10:07:16.0252 3012  WANARP - ok

10:07:16.0263 3012  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

10:07:16.0266 3012  Wanarpv6 - ok

10:07:16.0349 3012  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

10:07:16.0395 3012  WatAdminSvc - ok

10:07:16.0462 3012  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

10:07:16.0496 3012  wbengine - ok

10:07:16.0517 3012  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

10:07:16.0522 3012  WbioSrvc - ok

10:07:16.0579 3012  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

10:07:16.0590 3012  wcncsvc - ok

10:07:16.0609 3012  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

10:07:16.0612 3012  WcsPlugInService - ok

10:07:16.0644 3012  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys

10:07:16.0646 3012  Wd - ok

10:07:16.0709 3012  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

10:07:16.0728 3012  Wdf01000 - ok

10:07:16.0747 3012  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

10:07:16.0753 3012  WdiServiceHost - ok

10:07:16.0759 3012  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

10:07:16.0763 3012  WdiSystemHost - ok

10:07:16.0828 3012  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll

10:07:16.0836 3012  WebClient - ok

10:07:16.0869 3012  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

10:07:16.0876 3012  Wecsvc - ok

10:07:16.0894 3012  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

10:07:16.0899 3012  wercplsupport - ok

10:07:16.0922 3012  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

10:07:16.0926 3012  WerSvc - ok

10:07:16.0963 3012  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

10:07:16.0965 3012  WfpLwf - ok

10:07:16.0978 3012  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

10:07:16.0980 3012  WIMMount - ok

10:07:17.0004 3012  WinDefend - ok

10:07:17.0013 3012  WinHttpAutoProxySvc - ok

10:07:17.0085 3012  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

10:07:17.0091 3012  Winmgmt - ok

10:07:17.0193 3012  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

10:07:17.0285 3012  WinRM - ok

10:07:17.0360 3012  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

10:07:17.0362 3012  WinUsb - ok

10:07:17.0414 3012  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

10:07:17.0448 3012  Wlansvc - ok

10:07:17.0573 3012  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

10:07:17.0593 3012  wlidsvc - ok

10:07:17.0639 3012  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

10:07:17.0640 3012  WmiAcpi - ok

10:07:17.0671 3012  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

10:07:17.0675 3012  wmiApSrv - ok

10:07:17.0705 3012  WMPNetworkSvc - ok

10:07:17.0725 3012  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

10:07:17.0728 3012  WPCSvc - ok

10:07:17.0773 3012  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

10:07:17.0779 3012  WPDBusEnum - ok

10:07:17.0816 3012  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

10:07:17.0818 3012  ws2ifsl - ok

10:07:17.0833 3012  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll

10:07:17.0838 3012  wscsvc - ok

10:07:17.0844 3012  WSearch - ok

10:07:17.0953 3012  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

10:07:18.0019 3012  wuauserv - ok

10:07:18.0064 3012  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

10:07:18.0067 3012  WudfPf - ok

10:07:18.0098 3012  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

10:07:18.0103 3012  WUDFRd - ok

10:07:18.0148 3012  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

10:07:18.0154 3012  wudfsvc - ok

10:07:18.0180 3012  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll

10:07:18.0187 3012  WwanSvc - ok

10:07:18.0238 3012  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys

10:07:18.0245 3012  yukonw7 - ok

10:07:18.0288 3012  ================ Scan global ===============================

10:07:18.0316 3012  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

10:07:18.0365 3012  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

10:07:18.0379 3012  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

10:07:18.0414 3012  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

10:07:18.0454 3012  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

10:07:18.0462 3012  [Global] - ok

10:07:18.0462 3012  ================ Scan MBR ==================================

10:07:18.0472 3012  [ FFAF756D8667FE0B6BD5103BD0D881B0 ] \Device\Harddisk0\DR0

10:07:18.0873 3012  \Device\Harddisk0\DR0 - ok

10:07:18.0874 3012  ================ Scan VBR ==================================

10:07:18.0878 3012  [ 2B569A8839A3047C312CFE5B610E2F68 ] \Device\Harddisk0\DR0\Partition1

10:07:18.0881 3012  \Device\Harddisk0\DR0\Partition1 - ok

10:07:18.0915 3012  [ 4B0D03AB1F8538A0AA967B0AD4D94EAE ] \Device\Harddisk0\DR0\Partition2

10:07:18.0917 3012  \Device\Harddisk0\DR0\Partition2 - ok

10:07:18.0954 3012  [ 1601C71B10D12CCE3C0B1134178AE312 ] \Device\Harddisk0\DR0\Partition3

10:07:18.0956 3012  \Device\Harddisk0\DR0\Partition3 - ok

10:07:18.0979 3012  [ B5C30D65C030D0772AB61E99AA082BF5 ] \Device\Harddisk0\DR0\Partition4

10:07:18.0980 3012  \Device\Harddisk0\DR0\Partition4 - ok

10:07:18.0982 3012  ============================================================

10:07:18.0982 3012  Scan finished

10:07:18.0982 3012  ============================================================

10:07:18.0995 5288  Detected object count: 0

10:07:18.0995 5288  Actual detected object count: 0

 


 



#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,453 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:12 AM

Posted 07 March 2013 - 09:57 PM

Please run the following:

Download ComboFix from the following location:
Link

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    CF_RC_notice.png
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    cfRC_screen_2.png
    • Click on Yes, to continue scanning for malware.
    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
    Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013

#5 Gr8Rdn4U

Gr8Rdn4U
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:12 AM

Posted 08 March 2013 - 01:02 AM

I ran Combofix & it created a log, however now I can't access the internet to post the message. I receive the message:

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Illegal operation attempted on a registry key that has been marked for deletion.

I received the same message when attempting to open Firefox & Explorer & AVG2012 (to turn protection back on).

#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,453 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:12 AM

Posted 08 March 2013 - 08:48 AM

just reboot the machine and that message will go away

Edited by CatByte, 08 March 2013 - 08:49 AM.

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013

#7 Gr8Rdn4U

Gr8Rdn4U
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:12 AM

Posted 08 March 2013 - 12:23 PM

Rebooted. Thanks :)

 

Here's the log:

 

 

ComboFix 13-03-07.03 - Aaron 03/07/2013  21:00:10.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3894.2449 [GMT -8:00]
Running from: c:\users\Aaron\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\DSCF1048.JPG
C:\DSCF1479.JPG
C:\DSCF1480.JPG
C:\DSCF1481.JPG
C:\DSCF1482.JPG
C:\DSCF1484.JPG
C:\DSCF1486.JPG
C:\DSCF1487.JPG
c:\users\Aaron\AppData\Local\Microsoft\Windows\Temporary Internet Files\{EEA3550D-5301-46D0-8BE4-CD6E3EB1FE53}.xps
c:\users\Aaron\AppData\Local\Temp\_MEI34962\_ctypes.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\_elementtree.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\_hashlib.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\_socket.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\_ssl.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\pyexpat.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\pysqlite2._sqlite.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\python26.dll
c:\users\Aaron\AppData\Local\Temp\_MEI34962\pythoncom26.dll
c:\users\Aaron\AppData\Local\Temp\_MEI34962\PyWinTypes26.dll
c:\users\Aaron\AppData\Local\Temp\_MEI34962\select.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\unicodedata.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32api.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32com.shell.shell.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32crypt.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32event.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32file.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32inet.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32pdh.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32process.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32profile.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32security.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\win32ts.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\windows._cacheinvalidation.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wx._controls_.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wx._core_.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wx._gdi_.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wx._html2.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wx._misc_.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wx._windows_.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wx._wizard.pyd
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wxbase293u_net_vc.dll
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wxbase293u_vc.dll
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wxmsw293u_adv_vc.dll
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wxmsw293u_core_vc.dll
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wxmsw293u_html_vc.dll
c:\users\Aaron\AppData\Local\Temp\_MEI34962\wxmsw293u_webview_vc.dll
c:\users\Aaron\AppData\Roaming\DefaultTab\DefaultTab
c:\users\Aaron\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
c:\users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\mc8nxjcf.default\searchplugins\bing-zugo.xml
c:\windows\security\Database\tmp.edb
.
.
(((((((((((((((((((((((((   Files Created from 2013-02-08 to 2013-03-08  )))))))))))))))))))))))))))))))
.
.
2013-03-08 05:14 . 2013-03-08 05:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-08 04:53 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7C21867A-D85B-4D92-8199-74F74FA3C846}\mpengine.dll
2013-03-07 04:17 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-03-03 08:14 . 2013-03-03 08:14 -------- d-----w- c:\users\Aaron\AppData\Roaming\Malwarebytes
2013-03-03 08:14 . 2013-03-03 08:14 -------- d-----w- c:\programdata\Malwarebytes
2013-03-03 08:14 . 2013-03-03 08:14 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-03 08:14 . 2012-12-15 00:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-03 08:12 . 2013-03-03 08:12 -------- d-----w- c:\users\Aaron\AppData\Local\Programs
2013-03-03 06:35 . 2013-03-03 06:35 -------- d-----w- C:\Autoruns
2013-03-03 02:46 . 2013-03-03 02:46 -------- d-----w- c:\users\Aaron\AppData\Roaming\TuneUp Software
2013-03-01 00:46 . 2013-03-01 03:26 -------- d-----w- c:\program files (x86)\KeyDownload-Addon
2013-03-01 00:45 . 2013-03-08 05:12 -------- d-----w- c:\users\Aaron\AppData\Roaming\DefaultTab
2013-03-01 00:45 . 2013-03-03 09:31 -------- d-----w- c:\users\Aaron\AppData\Local\SwvUpdater
2013-03-01 00:28 . 2013-03-03 09:49 -------- d-----w- c:\users\Aaron\AppData\Roaming\Nico Mak Computing
2013-03-01 00:28 . 2013-02-13 19:07 19840 ----a-w- c:\windows\system32\roboot64.exe
2013-03-01 00:27 . 2013-03-03 09:50 -------- d-----w- c:\users\Aaron\AppData\Roaming\BitTorrent
2013-02-28 21:22 . 2013-02-28 21:22 -------- d-----w- c:\users\Aaron\AppData\Roaming\Mp3jam
2013-02-28 21:21 . 2013-02-28 21:21 -------- d-----w- c:\program files (x86)\Conduit
2013-02-28 21:21 . 2013-03-01 08:56 -------- d-----w- c:\users\Aaron\AppData\Local\Conduit
2013-02-28 21:20 . 2013-03-01 00:29 -------- d-----w- c:\users\Aaron\AppData\Local\CRE
2013-02-28 21:19 . 2013-02-28 21:19 -------- d-----w- c:\users\Aaron\AppData\Roaming\OpenCandy
2013-02-27 11:00 . 2013-01-13 21:11 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-23 17:24 . 2013-02-23 17:24 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-18 03:20 . 2013-02-18 03:20 -------- d-----w- c:\programdata\Apple Computer
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-14 11:08 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 11:08 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 11:02 . 2013-01-09 01:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-14 11:02 . 2013-01-09 01:04 96768 ----a-w- c:\windows\system32\mshtmled.dll
2013-02-14 11:02 . 2013-01-08 21:56 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-02-14 11:02 . 2013-01-09 01:53 182816 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-02-14 11:02 . 2013-01-09 01:09 304640 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-02-14 11:02 . 2013-01-08 22:42 149528 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-02-14 11:02 . 2013-01-08 21:58 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-02-14 11:02 . 2013-01-08 22:00 194048 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-02-14 11:02 . 2013-01-09 01:00 248320 ----a-w- c:\windows\system32\ieui.dll
2013-02-13 23:50 . 2013-02-13 23:50 -------- d-----w- c:\users\Aaron\AppData\Local\Macromedia
2013-02-13 22:05 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 22:05 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 22:05 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 22:05 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 22:05 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 22:05 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 22:05 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 22:05 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 22:05 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 22:05 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 22:05 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 22:05 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 20:09 . 2013-02-13 20:09 -------- d-----w- c:\users\Aaron\AppData\Local\Xfinity.com
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 23:00 . 2012-04-05 23:51 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 23:00 . 2011-11-08 17:46 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-23 17:24 . 2012-07-06 14:40 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-02-23 17:24 . 2010-10-20 05:56 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-22 22:48 . 2011-06-07 17:51 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-02-22 22:47 . 2011-06-07 17:47 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-02-18 18:19 . 2013-01-31 22:36 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-02-05 06:49 . 2011-06-27 05:31 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-30 10:53 . 2011-06-27 17:16 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-20 23:59 . 2013-01-20 23:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 23:59 . 2011-04-27 22:25 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-04 04:43 . 2013-02-13 22:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-25 11:00 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-25 11:00 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-25 11:00 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-25 11:00 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-10 11:28 . 2012-12-10 11:28 127328 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-18 18:19 1929392 ----a-w- c:\program files (x86)\AVG SafeGuard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG SafeGuard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll" [2013-02-18 1929392]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-12-18 16328976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-20 2598520]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2013-02-18 1151152]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
.
c:\users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Aaron\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
OpenOffice.org 3.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
.
c:\users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
eFax 4.4.lnk - c:\program files (x86)\eFax Messenger 4.4\J2GTray.exe [2012-8-29 656896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-2 255536]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
Amazon Unbox.lnk - c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe [2010-9-13 97384]
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-9-28 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-30 6144]
R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [2011-11-12 24576]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-09-03 227232]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2011-04-04 21504]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-30 9216]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 26624]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2011-11-08 11776]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-05-07 245792]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-13 1255736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-11-08 307040]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-18 39768]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-15 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-15 682344]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-06 214896]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-18 968880]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-12-10 127328]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-09-29 31088]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2011-11-10 158976]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-03-05 271872]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-15 24176]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-11-05 1041760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ   Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-11-22 21:18 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-06 03:51 1630672 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 23:00]
.
2013-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-11 23:04]
.
2013-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-11 23:04]
.
2013-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2179074613-397383792-846881330-1000Core.job
- c:\users\Aaron\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-29 23:58]
.
2013-03-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2179074613-397383792-846881330-1000UA.job
- c:\users\Aaron\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-29 23:58]
.
2013-02-07 c:\windows\Tasks\HPCeeScheduleForAARON-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2013-02-14 c:\windows\Tasks\HPCeeScheduleForAaron.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutorunsDisabled\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-09-23 04:53 2210304 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Aaron\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-18 03:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-18 03:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-18 03:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-18 03:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-09-22 6489704]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-11 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-11 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-11 417560]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3274043&octid=CT3274043&SearchSource=61&CUI=UN39172793612225019&UM=UM_ID&UP=SP83E2305B-EE68-4929-8962-0064B4952B8A
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\mc8nxjcf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3274043&SearchSource=3&q={searchTerms}&CUI=UN37760971212562910
FF - prefs.js: browser.search.selectedEngine - Privitize VPN
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://searchab.com/?aff=7&uid=472d3e23-8209-11e2-b934-984be18da685&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_3c5db2f.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
.
**************************************************************************
.
Completion time: 2013-03-07  21:34:29 - machine was rebooted
ComboFix-quarantined-files.txt  2013-03-08 05:34
.
Pre-Run: 176,639,000,576 bytes free
Post-Run: 180,925,272,064 bytes free
.
- - End Of File - - 53AF114769F9896AC0EEE4FBA6A1391D


#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,453 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:12 AM

Posted 08 March 2013 - 12:46 PM

Please run the following:

Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • If TDLFS File System/TDSS File system is found then ensure Cure is selected (if cure is not available, choose skip)
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)
    NEXT


    Please download Junkware Removal Tool to your desktop.
    • Shutdown your antivirus to avoid any conflicts.
    • Right-mouse click JRT.exe and select Run as administrator
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message
    NEXT


    Download AdwCleaner from here and save it to your desktop.
    • Run AdwCleaner and select Delete
    • Once done it will ask to reboot, allow the reboot
    • On reboot a log will be produced, please attach the content of the log to your next reply
    NEXT
    • Please open your MalwareBytes AntiMalware Program
    • Click the Update Tab and search for updates
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish, so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected. <-- very important
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



    NEXT


    Go here to run an online scanner from ESET.
    • Turn off the real time scanner of any existing antivirus program while performing the online scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activeX control to install
    • Click Start
    • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
    • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    • Click Scan
    • Wait for the scan to finish
    • When the scan completes, press the LIST OF THREATS FOUND button
    • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
    • Include the contents of this report in your next reply.
    • Press the BACK button.
    • Press Finish

Edited by CatByte, 08 March 2013 - 12:47 PM.

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013

#9 Gr8Rdn4U

Gr8Rdn4U
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:12 AM

Posted 08 March 2013 - 04:45 PM

I followed all the above directions, except: ESET's popup for accepting the Terms of Use showed as a broken link in Explorer, so I accessed it through Chrome.  It came with this text instead & never stated anything about ActiveX.  I hope that is ok.

You are trying to launch ESET Online Scanner in a different browser than Internet Explorer. Please agree to the download of ESET Smart Installer - an application which installs and launches ESET Online Scanner in a separate window. At the end of the scan, there will be an option to uninstall ESET Online Scanner and all its components.

To download ESET Smart Installer click the link below.

After successful installation of ESET Smart Installer is ESET Online Scanner launched in a new window.

 
Here are all the logs:
 
TDSSKiller.2.8.16.0_08.03.2013_10.27.51_log.txt:
 
10:27:51.0205 3704  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:27:51.0827 3704  ============================================================
10:27:51.0827 3704  Current date / time: 2013/03/08 10:27:51.0827
10:27:51.0827 3704  SystemInfo:
10:27:51.0827 3704  
10:27:51.0827 3704  OS Version: 6.1.7601 ServicePack: 1.0
10:27:51.0827 3704  Product type: Workstation
10:27:51.0827 3704  ComputerName: AARON-HP
10:27:51.0828 3704  UserName: Aaron
10:27:51.0828 3704  Windows directory: C:\Windows
10:27:51.0828 3704  System windows directory: C:\Windows
10:27:51.0828 3704  Running under WOW64
10:27:51.0828 3704  Processor architecture: Intel x64
10:27:51.0828 3704  Number of processors: 4
10:27:51.0828 3704  Page size: 0x1000
10:27:51.0828 3704  Boot type: Normal boot
10:27:51.0828 3704  ============================================================
10:27:53.0071 3704  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:27:53.0096 3704  ============================================================
10:27:53.0096 3704  \Device\Harddisk0\DR0:
10:27:53.0096 3704  MBR partitions:
10:27:53.0096 3704  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
10:27:53.0096 3704  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37CBF000
10:27:53.0096 3704  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37D23000, BlocksNum 0x262F000
10:27:53.0096 3704  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
10:27:53.0096 3704  ============================================================
10:27:53.0126 3704  C: <-> \Device\Harddisk0\DR0\Partition2
10:27:53.0168 3704  D: <-> \Device\Harddisk0\DR0\Partition3
10:27:53.0222 3704  F: <-> \Device\Harddisk0\DR0\Partition4
10:27:53.0246 3704  ============================================================
10:27:53.0246 3704  Initialize success
10:27:53.0246 3704  ============================================================
10:28:04.0547 5660  ============================================================
10:28:04.0547 5660  Scan started
10:28:04.0547 5660  Mode: Manual; 
10:28:04.0547 5660  ============================================================
10:28:04.0797 5660  ================ Scan system memory ========================
10:28:04.0797 5660  System memory - ok
10:28:04.0797 5660  ================ Scan services =============================
10:28:05.0015 5660  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:28:05.0015 5660  1394ohci - ok
10:28:05.0093 5660  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:28:05.0109 5660  ACPI - ok
10:28:05.0156 5660  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:28:05.0156 5660  AcpiPmi - ok
10:28:05.0296 5660  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:28:05.0312 5660  AdobeARMservice - ok
10:28:05.0452 5660  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:28:05.0452 5660  AdobeFlashPlayerUpdateSvc - ok
10:28:05.0514 5660  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:28:05.0514 5660  adp94xx - ok
10:28:05.0561 5660  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:28:05.0577 5660  adpahci - ok
10:28:05.0624 5660  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:28:05.0624 5660  adpu320 - ok
10:28:05.0702 5660  [ 7233688FC422EF657E082309E6180142 ] ADVService      C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
10:28:05.0717 5660  ADVService - ok
10:28:05.0748 5660  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:28:05.0748 5660  AeLookupSvc - ok
10:28:05.0826 5660  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
10:28:05.0842 5660  AERTFilters - ok
10:28:05.0904 5660  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
10:28:05.0920 5660  AFD - ok
10:28:05.0982 5660  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:28:05.0982 5660  agp440 - ok
10:28:06.0076 5660  Akamai - ok
10:28:06.0107 5660  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
10:28:06.0123 5660  ALG - ok
10:28:06.0170 5660  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:28:06.0170 5660  aliide - ok
10:28:06.0185 5660  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
10:28:06.0201 5660  amdide - ok
10:28:06.0232 5660  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:28:06.0232 5660  AmdK8 - ok
10:28:06.0248 5660  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:28:06.0248 5660  AmdPPM - ok
10:28:06.0310 5660  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:28:06.0310 5660  amdsata - ok
10:28:06.0357 5660  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:28:06.0357 5660  amdsbs - ok
10:28:06.0388 5660  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:28:06.0388 5660  amdxata - ok
10:28:06.0450 5660  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
10:28:06.0466 5660  AppID - ok
10:28:06.0482 5660  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:28:06.0482 5660  AppIDSvc - ok
10:28:06.0560 5660  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
10:28:06.0560 5660  Appinfo - ok
10:28:06.0638 5660  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:28:06.0638 5660  arc - ok
10:28:06.0700 5660  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:28:06.0700 5660  arcsas - ok
10:28:06.0840 5660  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:28:06.0872 5660  aspnet_state - ok
10:28:06.0918 5660  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:28:06.0918 5660  AsyncMac - ok
10:28:06.0965 5660  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
10:28:06.0965 5660  atapi - ok
10:28:07.0043 5660  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:28:07.0059 5660  AudioEndpointBuilder - ok
10:28:07.0074 5660  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:28:07.0090 5660  AudioSrv - ok
10:28:07.0324 5660  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
10:28:07.0371 5660  AVGIDSAgent - ok
10:28:07.0433 5660  [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:28:07.0433 5660  AVGIDSDriver - ok
10:28:07.0480 5660  [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter    C:\Windows\system32\DRIVERS\avgidsfiltera.sys
10:28:07.0480 5660  AVGIDSFilter - ok
10:28:07.0558 5660  [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
10:28:07.0558 5660  AVGIDSHA - ok
10:28:07.0620 5660  [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
10:28:07.0620 5660  Avgldx64 - ok
10:28:07.0652 5660  [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
10:28:07.0652 5660  Avgmfx64 - ok
10:28:07.0714 5660  [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
10:28:07.0714 5660  Avgrkx64 - ok
10:28:07.0761 5660  [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
10:28:07.0776 5660  Avgtdia - ok
10:28:07.0823 5660  [ 90CF04574CF47B19EE5B2FE41BA52B32 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
10:28:07.0823 5660  avgtp - ok
10:28:07.0886 5660  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
10:28:07.0886 5660  avgwd - ok
10:28:07.0948 5660  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:28:07.0948 5660  AxInstSV - ok
10:28:07.0995 5660  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:28:08.0010 5660  b06bdrv - ok
10:28:08.0057 5660  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:28:08.0073 5660  b57nd60a - ok
10:28:08.0104 5660  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:28:08.0120 5660  BDESVC - ok
10:28:08.0120 5660  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:28:08.0120 5660  Beep - ok
10:28:08.0198 5660  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
10:28:08.0213 5660  BFE - ok
10:28:08.0260 5660  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
10:28:08.0307 5660  BITS - ok
10:28:08.0338 5660  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:28:08.0338 5660  blbdrive - ok
10:28:08.0416 5660  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:28:08.0416 5660  bowser - ok
10:28:08.0432 5660  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:28:08.0432 5660  BrFiltLo - ok
10:28:08.0447 5660  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:28:08.0447 5660  BrFiltUp - ok
10:28:08.0510 5660  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
10:28:08.0510 5660  BridgeMP - ok
10:28:08.0572 5660  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
10:28:08.0572 5660  Browser - ok
10:28:08.0588 5660  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:28:08.0603 5660  Brserid - ok
10:28:08.0619 5660  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:28:08.0634 5660  BrSerWdm - ok
10:28:08.0650 5660  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:28:08.0650 5660  BrUsbMdm - ok
10:28:08.0650 5660  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:28:08.0666 5660  BrUsbSer - ok
10:28:08.0697 5660  [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
10:28:08.0697 5660  BTCFilterService - ok
10:28:08.0728 5660  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:28:08.0728 5660  BTHMODEM - ok
10:28:08.0775 5660  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
10:28:08.0775 5660  bthserv - ok
10:28:08.0806 5660  catchme - ok
10:28:08.0853 5660  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:28:08.0853 5660  cdfs - ok
10:28:08.0900 5660  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:28:08.0915 5660  cdrom - ok
10:28:08.0962 5660  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
10:28:08.0962 5660  CertPropSvc - ok
10:28:08.0993 5660  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:28:08.0993 5660  circlass - ok
10:28:09.0040 5660  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
10:28:09.0040 5660  CLFS - ok
10:28:09.0118 5660  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:28:09.0149 5660  clr_optimization_v2.0.50727_32 - ok
10:28:09.0212 5660  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:28:09.0212 5660  clr_optimization_v2.0.50727_64 - ok
10:28:09.0305 5660  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:28:09.0399 5660  clr_optimization_v4.0.30319_32 - ok
10:28:09.0430 5660  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:28:09.0430 5660  clr_optimization_v4.0.30319_64 - ok
10:28:09.0492 5660  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
10:28:09.0492 5660  clwvd - ok
10:28:09.0508 5660  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:28:09.0524 5660  CmBatt - ok
10:28:09.0555 5660  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:28:09.0570 5660  cmdide - ok
10:28:09.0633 5660  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
10:28:09.0648 5660  CNG - ok
10:28:09.0680 5660  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:28:09.0680 5660  Compbatt - ok
10:28:09.0742 5660  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:28:09.0758 5660  CompositeBus - ok
10:28:09.0773 5660  COMSysApp - ok
10:28:09.0804 5660  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:28:09.0804 5660  crcdisk - ok
10:28:09.0882 5660  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:28:09.0882 5660  CryptSvc - ok
10:28:09.0960 5660  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:28:09.0976 5660  DcomLaunch - ok
10:28:10.0023 5660  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
10:28:10.0023 5660  defragsvc - ok
10:28:10.0085 5660  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:28:10.0085 5660  DfsC - ok
10:28:10.0148 5660  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:28:10.0148 5660  Dhcp - ok
10:28:10.0194 5660  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
10:28:10.0194 5660  discache - ok
10:28:10.0241 5660  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:28:10.0241 5660  Disk - ok
10:28:10.0288 5660  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:28:10.0304 5660  Dnscache - ok
10:28:10.0366 5660  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:28:10.0382 5660  dot3svc - ok
10:28:10.0460 5660  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:28:10.0460 5660  Dot4 - ok
10:28:10.0522 5660  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
10:28:10.0522 5660  Dot4Print - ok
10:28:10.0569 5660  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:28:10.0569 5660  dot4usb - ok
10:28:10.0616 5660  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
10:28:10.0616 5660  DPS - ok
10:28:10.0647 5660  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:28:10.0662 5660  drmkaud - ok
10:28:10.0725 5660  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:28:10.0756 5660  DXGKrnl - ok
10:28:10.0803 5660  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
10:28:10.0803 5660  EapHost - ok
10:28:10.0912 5660  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:28:11.0021 5660  ebdrv - ok
10:28:11.0068 5660  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
10:28:11.0084 5660  EFS - ok
10:28:11.0177 5660  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:28:11.0193 5660  ehRecvr - ok
10:28:11.0240 5660  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
10:28:11.0240 5660  ehSched - ok
10:28:11.0302 5660  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:28:11.0302 5660  elxstor - ok
10:28:11.0364 5660  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:28:11.0364 5660  ErrDev - ok
10:28:11.0411 5660  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
10:28:11.0427 5660  EventSystem - ok
10:28:11.0474 5660  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
10:28:11.0474 5660  exfat - ok
10:28:11.0505 5660  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:28:11.0505 5660  fastfat - ok
10:28:11.0661 5660  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
10:28:11.0676 5660  Fax - ok
10:28:11.0723 5660  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:28:11.0723 5660  fdc - ok
10:28:11.0786 5660  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:28:11.0786 5660  fdPHost - ok
10:28:11.0801 5660  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:28:11.0801 5660  FDResPub - ok
10:28:11.0832 5660  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:28:11.0832 5660  FileInfo - ok
10:28:11.0848 5660  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:28:11.0848 5660  Filetrace - ok
10:28:11.0879 5660  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:28:11.0879 5660  flpydisk - ok
10:28:11.0926 5660  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:28:11.0942 5660  FltMgr - ok
10:28:11.0988 5660  [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb          C:\Windows\system32\DRIVERS\FlyUsb.sys
10:28:11.0988 5660  FlyUsb - ok
10:28:12.0066 5660  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
10:28:12.0098 5660  FontCache - ok
10:28:12.0176 5660  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:28:12.0176 5660  FontCache3.0.0.0 - ok
10:28:12.0207 5660  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:28:12.0222 5660  FsDepends - ok
10:28:12.0254 5660  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:28:12.0269 5660  Fs_Rec - ok
10:28:12.0316 5660  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:28:12.0316 5660  fvevol - ok
10:28:12.0363 5660  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:28:12.0363 5660  gagp30kx - ok
10:28:12.0425 5660  [ 551D463E4CCEB5240234DA6718C93A44 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:28:12.0441 5660  GameConsoleService - ok
10:28:12.0519 5660  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
10:28:12.0550 5660  gpsvc - ok
10:28:12.0612 5660  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:28:12.0612 5660  gupdate - ok
10:28:12.0644 5660  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:28:12.0644 5660  gupdatem - ok
10:28:12.0690 5660  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:28:12.0706 5660  gusvc - ok
10:28:12.0737 5660  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:28:12.0737 5660  hcw85cir - ok
10:28:12.0784 5660  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:28:12.0800 5660  HdAudAddService - ok
10:28:12.0878 5660  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:28:12.0878 5660  HDAudBus - ok
10:28:12.0924 5660  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
10:28:12.0924 5660  HECIx64 - ok
10:28:12.0956 5660  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:28:12.0956 5660  HidBatt - ok
10:28:12.0971 5660  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:28:12.0971 5660  HidBth - ok
10:28:13.0002 5660  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:28:13.0002 5660  HidIr - ok
10:28:13.0034 5660  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
10:28:13.0034 5660  hidserv - ok
10:28:13.0096 5660  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:28:13.0112 5660  HidUsb - ok
10:28:13.0174 5660  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:28:13.0174 5660  hkmsvc - ok
10:28:13.0221 5660  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:28:13.0236 5660  HomeGroupListener - ok
10:28:13.0283 5660  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:28:13.0299 5660  HomeGroupProvider - ok
10:28:13.0392 5660  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:28:13.0392 5660  HP Support Assistant Service - ok
10:28:13.0470 5660  [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
10:28:13.0470 5660  HP Wireless Assistant Service - ok
10:28:13.0502 5660  [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:28:13.0533 5660  HPClientSvc - ok
10:28:13.0751 5660  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:28:14.0001 5660  hpqcxs08 - ok
10:28:14.0032 5660  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:28:14.0172 5660  hpqddsvc - ok
10:28:14.0266 5660  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
10:28:14.0282 5660  hpqwmiex - ok
10:28:14.0391 5660  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:28:14.0391 5660  HpSAMD - ok
10:28:14.0453 5660  [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:28:14.0453 5660  HPWMISVC - ok
10:28:14.0516 5660  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:28:14.0531 5660  HTTP - ok
10:28:14.0625 5660  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:28:14.0625 5660  hwpolicy - ok
10:28:14.0672 5660  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:28:14.0687 5660  i8042prt - ok
10:28:14.0718 5660  [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:28:14.0734 5660  iaStor - ok
10:28:14.0812 5660  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:28:14.0812 5660  iaStorV - ok
10:28:14.0906 5660  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:28:14.0952 5660  idsvc - ok
10:28:15.0311 5660  [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:28:15.0592 5660  igfx - ok
10:28:15.0623 5660  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:28:15.0623 5660  iirsp - ok
10:28:15.0701 5660  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
10:28:15.0732 5660  IKEEXT - ok
10:28:15.0779 5660  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
10:28:15.0779 5660  Impcd - ok
10:28:15.0873 5660  [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:28:15.0951 5660  IntcAzAudAddService - ok
10:28:15.0998 5660  [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:28:15.0998 5660  IntcDAud - ok
10:28:16.0060 5660  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
10:28:16.0060 5660  intelide - ok
10:28:16.0091 5660  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:28:16.0107 5660  intelppm - ok
10:28:16.0138 5660  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:28:16.0138 5660  IPBusEnum - ok
10:28:16.0200 5660  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:28:16.0200 5660  IpFilterDriver - ok
10:28:16.0278 5660  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:28:16.0294 5660  iphlpsvc - ok
10:28:16.0341 5660  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:28:16.0341 5660  IPMIDRV - ok
10:28:16.0356 5660  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:28:16.0372 5660  IPNAT - ok
10:28:16.0388 5660  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:28:16.0388 5660  IRENUM - ok
10:28:16.0450 5660  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:28:16.0450 5660  isapnp - ok
10:28:16.0512 5660  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:28:16.0512 5660  iScsiPrt - ok
10:28:16.0544 5660  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
10:28:16.0544 5660  kbdclass - ok
10:28:16.0606 5660  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:28:16.0606 5660  kbdhid - ok
10:28:16.0637 5660  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
10:28:16.0637 5660  KeyIso - ok
10:28:16.0684 5660  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:28:16.0684 5660  KSecDD - ok
10:28:16.0731 5660  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:28:16.0731 5660  KSecPkg - ok
10:28:16.0762 5660  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:28:16.0778 5660  ksthunk - ok
10:28:16.0793 5660  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:28:16.0809 5660  KtmRm - ok
10:28:16.0887 5660  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
10:28:16.0887 5660  LanmanServer - ok
10:28:16.0934 5660  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:28:16.0949 5660  LanmanWorkstation - ok
10:28:17.0152 5660  [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
10:28:17.0448 5660  LeapFrog Connect Device Service - ok
10:28:17.0511 5660  [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:28:17.0651 5660  LightScribeService - ok
10:28:17.0682 5660  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:28:17.0698 5660  lltdio - ok
10:28:17.0729 5660  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:28:17.0745 5660  lltdsvc - ok
10:28:17.0760 5660  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:28:17.0760 5660  lmhosts - ok
10:28:17.0854 5660  [ 7485FBCEF9136F530953575E2977859D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:28:17.0854 5660  LMS - ok
10:28:17.0885 5660  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:28:17.0885 5660  LSI_FC - ok
10:28:17.0932 5660  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:28:17.0932 5660  LSI_SAS - ok
10:28:17.0948 5660  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:28:17.0963 5660  LSI_SAS2 - ok
10:28:17.0979 5660  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:28:17.0979 5660  LSI_SCSI - ok
10:28:18.0010 5660  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:28:18.0010 5660  luafv - ok
10:28:18.0088 5660  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
10:28:18.0088 5660  MBAMProtector - ok
10:28:18.0150 5660  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:28:18.0150 5660  MBAMScheduler - ok
10:28:18.0228 5660  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:28:18.0244 5660  MBAMService - ok
10:28:18.0353 5660  [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
10:28:18.0353 5660  McComponentHostService - ok
10:28:18.0400 5660  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:28:18.0400 5660  Mcx2Svc - ok
10:28:18.0431 5660  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:28:18.0431 5660  megasas - ok
10:28:18.0478 5660  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:28:18.0478 5660  MegaSR - ok
10:28:18.0525 5660  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
10:28:18.0525 5660  MMCSS - ok
10:28:18.0556 5660  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
10:28:18.0556 5660  Modem - ok
10:28:18.0587 5660  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:28:18.0603 5660  monitor - ok
10:28:18.0618 5660  [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
10:28:18.0618 5660  motccgp - ok
10:28:18.0665 5660  [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl       C:\Windows\system32\DRIVERS\motccgpfl.sys
10:28:18.0665 5660  motccgpfl - ok
10:28:18.0696 5660  [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem        C:\Windows\system32\DRIVERS\motmodem.sys
10:28:18.0696 5660  motmodem - ok
10:28:18.0743 5660  [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper      C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
10:28:18.0915 5660  MotoHelper - ok
10:28:18.0946 5660  [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
10:28:18.0946 5660  MotoSwitchService - ok
10:28:18.0962 5660  [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
10:28:18.0962 5660  Motousbnet - ok
10:28:19.0040 5660  [ D075B1D964A314D240F5498773EE89DF ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys
10:28:19.0040 5660  motusbdevice - ok
10:28:19.0118 5660  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:28:19.0118 5660  mouclass - ok
10:28:19.0149 5660  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:28:19.0164 5660  mouhid - ok
10:28:19.0211 5660  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:28:19.0211 5660  mountmgr - ok
10:28:19.0289 5660  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:28:19.0289 5660  MpFilter - ok
10:28:19.0336 5660  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:28:19.0352 5660  mpio - ok
10:28:19.0367 5660  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:28:19.0383 5660  mpsdrv - ok
10:28:19.0445 5660  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:28:19.0476 5660  MpsSvc - ok
10:28:19.0523 5660  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:28:19.0523 5660  MRxDAV - ok
10:28:19.0570 5660  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:28:19.0586 5660  mrxsmb - ok
10:28:19.0617 5660  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:28:19.0632 5660  mrxsmb10 - ok
10:28:19.0695 5660  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:28:19.0695 5660  mrxsmb20 - ok
10:28:19.0757 5660  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:28:19.0757 5660  msahci - ok
10:28:19.0804 5660  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:28:19.0804 5660  msdsm - ok
10:28:19.0835 5660  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
10:28:19.0835 5660  MSDTC - ok
10:28:19.0866 5660  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:28:19.0866 5660  Msfs - ok
10:28:19.0898 5660  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:28:19.0913 5660  mshidkmdf - ok
10:28:19.0960 5660  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:28:19.0960 5660  msisadrv - ok
10:28:19.0991 5660  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:28:19.0991 5660  MSiSCSI - ok
10:28:20.0007 5660  msiserver - ok
10:28:20.0054 5660  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:28:20.0069 5660  MSKSSRV - ok
10:28:20.0147 5660  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:28:20.0147 5660  MsMpSvc - ok
10:28:20.0178 5660  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:28:20.0178 5660  MSPCLOCK - ok
10:28:20.0194 5660  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:28:20.0194 5660  MSPQM - ok
10:28:20.0241 5660  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:28:20.0256 5660  MsRPC - ok
10:28:20.0303 5660  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:28:20.0303 5660  mssmbios - ok
10:28:20.0350 5660  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:28:20.0350 5660  MSTEE - ok
10:28:20.0366 5660  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:28:20.0366 5660  MTConfig - ok
10:28:20.0397 5660  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:28:20.0397 5660  Mup - ok
10:28:20.0459 5660  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
10:28:20.0475 5660  napagent - ok
10:28:20.0506 5660  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:28:20.0506 5660  NativeWifiP - ok
10:28:20.0600 5660  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:28:20.0646 5660  NDIS - ok
10:28:20.0662 5660  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:28:20.0662 5660  NdisCap - ok
10:28:20.0693 5660  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:28:20.0693 5660  NdisTapi - ok
10:28:20.0756 5660  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:28:20.0756 5660  Ndisuio - ok
10:28:20.0818 5660  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:28:20.0818 5660  NdisWan - ok
10:28:20.0880 5660  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:28:20.0880 5660  NDProxy - ok
10:28:20.0927 5660  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:28:20.0927 5660  Net Driver HPZ12 - ok
10:28:20.0958 5660  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:28:20.0958 5660  NetBIOS - ok
10:28:21.0021 5660  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:28:21.0021 5660  NetBT - ok
10:28:21.0052 5660  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
10:28:21.0052 5660  Netlogon - ok
10:28:21.0114 5660  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
10:28:21.0114 5660  Netman - ok
10:28:21.0161 5660  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:28:21.0177 5660  NetMsmqActivator - ok
10:28:21.0192 5660  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:28:21.0192 5660  NetPipeActivator - ok
10:28:21.0224 5660  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
10:28:21.0224 5660  netprofm - ok
10:28:21.0302 5660  [ 24CF1304D899124336F67F88F3C15E21 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
10:28:21.0333 5660  netr28x - ok
10:28:21.0380 5660  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:28:21.0380 5660  NetTcpActivator - ok
10:28:21.0380 5660  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:28:21.0395 5660  NetTcpPortSharing - ok
10:28:21.0551 5660  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
10:28:21.0692 5660  netw5v64 - ok
10:28:21.0738 5660  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:28:21.0738 5660  nfrd960 - ok
10:28:21.0785 5660  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:28:21.0785 5660  NisDrv - ok
10:28:21.0863 5660  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:28:21.0863 5660  NisSrv - ok
10:28:21.0894 5660  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:28:21.0894 5660  NlaSvc - ok
10:28:21.0926 5660  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:28:21.0926 5660  Npfs - ok
10:28:21.0972 5660  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
10:28:21.0972 5660  nsi - ok
10:28:21.0988 5660  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:28:21.0988 5660  nsiproxy - ok
10:28:22.0066 5660  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:28:22.0113 5660  Ntfs - ok
10:28:22.0128 5660  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
10:28:22.0144 5660  Null - ok
10:28:22.0160 5660  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:28:22.0160 5660  nvraid - ok
10:28:22.0222 5660  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:28:22.0222 5660  nvstor - ok
10:28:22.0284 5660  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:28:22.0300 5660  nv_agp - ok
10:28:22.0331 5660  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:28:22.0347 5660  ohci1394 - ok
10:28:22.0394 5660  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:28:22.0394 5660  ose - ok
10:28:22.0565 5660  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:28:22.0612 5660  osppsvc - ok
10:28:22.0659 5660  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:28:22.0659 5660  p2pimsvc - ok
10:28:22.0690 5660  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:28:22.0706 5660  p2psvc - ok
10:28:22.0737 5660  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:28:22.0737 5660  Parport - ok
10:28:22.0799 5660  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:28:22.0799 5660  partmgr - ok
10:28:22.0815 5660  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:28:22.0815 5660  PcaSvc - ok
10:28:22.0877 5660  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
10:28:22.0877 5660  pci - ok
10:28:22.0924 5660  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
10:28:22.0924 5660  pciide - ok
10:28:22.0955 5660  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:28:22.0971 5660  pcmcia - ok
10:28:23.0002 5660  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:28:23.0002 5660  pcw - ok
10:28:23.0018 5660  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:28:23.0033 5660  PEAUTH - ok
10:28:23.0127 5660  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:28:23.0127 5660  PerfHost - ok
10:28:23.0220 5660  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
10:28:23.0267 5660  pla - ok
10:28:23.0330 5660  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:28:23.0330 5660  PlugPlay - ok
10:28:23.0392 5660  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:28:23.0392 5660  Pml Driver HPZ12 - ok
10:28:23.0423 5660  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:28:23.0439 5660  PNRPAutoReg - ok
10:28:23.0454 5660  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:28:23.0470 5660  PNRPsvc - ok
10:28:23.0517 5660  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:28:23.0532 5660  PolicyAgent - ok
10:28:23.0579 5660  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
10:28:23.0579 5660  Power - ok
10:28:23.0642 5660  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:28:23.0642 5660  PptpMiniport - ok
10:28:23.0673 5660  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:28:23.0673 5660  Processor - ok
10:28:23.0735 5660  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:28:23.0735 5660  ProfSvc - ok
10:28:23.0751 5660  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:28:23.0751 5660  ProtectedStorage - ok
10:28:23.0829 5660  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:28:23.0829 5660  Psched - ok
10:28:23.0891 5660  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:28:23.0922 5660  ql2300 - ok
10:28:23.0969 5660  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:28:23.0969 5660  ql40xx - ok
10:28:24.0000 5660  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
10:28:24.0016 5660  QWAVE - ok
10:28:24.0032 5660  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:28:24.0032 5660  QWAVEdrv - ok
10:28:24.0047 5660  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:28:24.0047 5660  RasAcd - ok
10:28:24.0078 5660  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:28:24.0078 5660  RasAgileVpn - ok
10:28:24.0094 5660  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
10:28:24.0094 5660  RasAuto - ok
10:28:24.0156 5660  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:28:24.0156 5660  Rasl2tp - ok
10:28:24.0203 5660  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
10:28:24.0219 5660  RasMan - ok
10:28:24.0250 5660  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:28:24.0250 5660  RasPppoe - ok
10:28:24.0281 5660  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:28:24.0281 5660  RasSstp - ok
10:28:24.0328 5660  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:28:24.0328 5660  rdbss - ok
10:28:24.0359 5660  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:28:24.0359 5660  rdpbus - ok
10:28:24.0375 5660  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:28:24.0375 5660  RDPCDD - ok
10:28:24.0406 5660  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:28:24.0406 5660  RDPENCDD - ok
10:28:24.0406 5660  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:28:24.0406 5660  RDPREFMP - ok
10:28:24.0484 5660  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:28:24.0484 5660  RdpVideoMiniport - ok
10:28:24.0546 5660  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:28:24.0546 5660  RDPWD - ok
10:28:24.0609 5660  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:28:24.0609 5660  rdyboost - ok
10:28:24.0640 5660  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:28:24.0656 5660  RemoteAccess - ok
10:28:24.0687 5660  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:28:24.0687 5660  RemoteRegistry - ok
10:28:24.0749 5660  [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
10:28:24.0765 5660  RoxioNow Service - ok
10:28:24.0780 5660  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:28:24.0796 5660  RpcEptMapper - ok
10:28:24.0827 5660  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
10:28:24.0827 5660  RpcLocator - ok
10:28:24.0890 5660  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
10:28:24.0890 5660  RpcSs - ok
10:28:24.0936 5660  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:28:24.0936 5660  rspndr - ok
10:28:24.0983 5660  [ 22D6B47D004A6568C500680BE2972854 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
10:28:25.0014 5660  RSUSBSTOR - ok
10:28:25.0061 5660  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:28:25.0077 5660  RTL8167 - ok
10:28:25.0139 5660  [ 4EA7E5DF0CB237156176FA0349E6E87F ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
10:28:25.0186 5660  RtVOsdService - ok
10:28:25.0202 5660  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
10:28:25.0202 5660  SamSs - ok
10:28:25.0248 5660  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:28:25.0248 5660  sbp2port - ok
10:28:25.0295 5660  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:28:25.0295 5660  SCardSvr - ok
10:28:25.0358 5660  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:28:25.0358 5660  scfilter - ok
10:28:25.0436 5660  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
10:28:25.0467 5660  Schedule - ok
10:28:25.0514 5660  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:28:25.0514 5660  SCPolicySvc - ok
10:28:25.0592 5660  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
10:28:25.0592 5660  sdbus - ok
10:28:25.0638 5660  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:28:25.0638 5660  SDRSVC - ok
10:28:25.0670 5660  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:28:25.0670 5660  secdrv - ok
10:28:25.0716 5660  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
10:28:25.0716 5660  seclogon - ok
10:28:25.0748 5660  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
10:28:25.0748 5660  SENS - ok
10:28:25.0779 5660  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:28:25.0779 5660  SensrSvc - ok
10:28:25.0810 5660  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:28:25.0810 5660  Serenum - ok
10:28:25.0841 5660  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:28:25.0841 5660  Serial - ok
10:28:25.0888 5660  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:28:25.0888 5660  sermouse - ok
10:28:25.0950 5660  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:28:25.0950 5660  SessionEnv - ok
10:28:26.0013 5660  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:28:26.0013 5660  sffdisk - ok
10:28:26.0028 5660  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:28:26.0028 5660  sffp_mmc - ok
10:28:26.0044 5660  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:28:26.0044 5660  sffp_sd - ok
10:28:26.0075 5660  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:28:26.0075 5660  sfloppy - ok
10:28:26.0138 5660  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:28:26.0153 5660  SharedAccess - ok
10:28:26.0184 5660  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:28:26.0200 5660  ShellHWDetection - ok
10:28:26.0231 5660  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:28:26.0247 5660  SiSRaid2 - ok
10:28:26.0278 5660  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:28:26.0278 5660  SiSRaid4 - ok
10:28:26.0309 5660  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:28:26.0309 5660  Smb - ok
10:28:26.0372 5660  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:28:26.0372 5660  SNMPTRAP - ok
10:28:26.0387 5660  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:28:26.0403 5660  spldr - ok
10:28:26.0465 5660  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
10:28:26.0465 5660  Spooler - ok
10:28:26.0606 5660  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
10:28:26.0715 5660  sppsvc - ok
10:28:26.0746 5660  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:28:26.0746 5660  sppuinotify - ok
10:28:26.0793 5660  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:28:26.0808 5660  srv - ok
10:28:26.0855 5660  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:28:26.0871 5660  srv2 - ok
10:28:26.0902 5660  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:28:26.0918 5660  SrvHsfHDA - ok
10:28:26.0964 5660  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:28:27.0011 5660  SrvHsfV92 - ok
10:28:27.0042 5660  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:28:27.0058 5660  SrvHsfWinac - ok
10:28:27.0074 5660  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:28:27.0089 5660  srvnet - ok
10:28:27.0120 5660  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:28:27.0136 5660  SSDPSRV - ok
10:28:27.0152 5660  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:28:27.0152 5660  SstpSvc - ok
10:28:27.0183 5660  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:28:27.0183 5660  stexstor - ok
10:28:27.0261 5660  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
10:28:27.0276 5660  stisvc - ok
10:28:27.0323 5660  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:28:27.0323 5660  swenum - ok
10:28:27.0370 5660  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
10:28:27.0370 5660  swprv - ok
10:28:27.0448 5660  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:28:27.0448 5660  SynTP - ok
10:28:27.0542 5660  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
10:28:27.0588 5660  SysMain - ok
10:28:27.0651 5660  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:28:27.0651 5660  TabletInputService - ok
10:28:27.0776 5660  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:28:27.0791 5660  TapiSrv - ok
10:28:27.0807 5660  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
10:28:27.0822 5660  TBS - ok
10:28:27.0916 5660  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:28:27.0978 5660  Tcpip - ok
10:28:28.0041 5660  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:28:28.0056 5660  TCPIP6 - ok
10:28:28.0103 5660  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:28:28.0103 5660  tcpipreg - ok
10:28:28.0134 5660  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:28:28.0134 5660  TDPIPE - ok
10:28:28.0181 5660  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:28:28.0197 5660  TDTCP - ok
10:28:28.0244 5660  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:28:28.0259 5660  tdx - ok
10:28:28.0275 5660  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:28:28.0275 5660  TermDD - ok
10:28:28.0337 5660  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
10:28:28.0353 5660  TermService - ok
10:28:28.0384 5660  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
10:28:28.0400 5660  Themes - ok
10:28:28.0431 5660  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
10:28:28.0431 5660  THREADORDER - ok
10:28:28.0446 5660  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
10:28:28.0446 5660  TrkWks - ok
10:28:28.0524 5660  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:28:28.0540 5660  TrustedInstaller - ok
10:28:28.0602 5660  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:28:28.0602 5660  tssecsrv - ok
10:28:28.0649 5660  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:28:28.0649 5660  TsUsbFlt - ok
10:28:28.0743 5660  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:28:28.0743 5660  tunnel - ok
10:28:28.0790 5660  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:28:28.0790 5660  uagp35 - ok
10:28:28.0836 5660  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:28:28.0836 5660  udfs - ok
10:28:28.0883 5660  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:28:28.0883 5660  UI0Detect - ok
10:28:28.0914 5660  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:28:28.0914 5660  uliagpkx - ok
10:28:28.0992 5660  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
10:28:28.0992 5660  umbus - ok
10:28:29.0024 5660  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:28:29.0024 5660  UmPass - ok
10:28:29.0148 5660  [ 765F2DD351BA064F657751D8D75E58C0 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:28:29.0180 5660  UNS - ok
10:28:29.0211 5660  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
10:28:29.0211 5660  upnphost - ok
10:28:29.0258 5660  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:28:29.0273 5660  usbccgp - ok
10:28:29.0320 5660  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:28:29.0336 5660  usbcir - ok
10:28:29.0351 5660  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:28:29.0351 5660  usbehci - ok
10:28:29.0382 5660  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:28:29.0398 5660  usbhub - ok
10:28:29.0429 5660  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:28:29.0429 5660  usbohci - ok
10:28:29.0460 5660  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:28:29.0460 5660  usbprint - ok
10:28:29.0523 5660  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:28:29.0523 5660  usbscan - ok
10:28:29.0538 5660  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:28:29.0554 5660  USBSTOR - ok
10:28:29.0585 5660  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:28:29.0585 5660  usbuhci - ok
10:28:29.0648 5660  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:28:29.0663 5660  usbvideo - ok
10:28:29.0679 5660  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
10:28:29.0679 5660  UxSms - ok
10:28:29.0694 5660  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
10:28:29.0694 5660  VaultSvc - ok
10:28:29.0741 5660  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:28:29.0741 5660  vdrvroot - ok
10:28:29.0788 5660  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
10:28:29.0819 5660  vds - ok
10:28:29.0835 5660  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:28:29.0850 5660  vga - ok
10:28:29.0866 5660  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:28:29.0866 5660  VgaSave - ok
10:28:29.0928 5660  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:28:29.0928 5660  vhdmp - ok
10:28:29.0975 5660  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:28:29.0975 5660  viaide - ok
10:28:30.0022 5660  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:28:30.0022 5660  volmgr - ok
10:28:30.0069 5660  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:28:30.0084 5660  volmgrx - ok
10:28:30.0100 5660  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:28:30.0116 5660  volsnap - ok
10:28:30.0162 5660  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:28:30.0162 5660  vsmraid - ok
10:28:30.0256 5660  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
10:28:30.0303 5660  VSS - ok
10:28:30.0474 5660  [ 222D84CBE6A428A66A513B339EC633C8 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
10:28:30.0474 5660  vToolbarUpdater14.2.0 - ok
10:28:30.0506 5660  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:28:30.0506 5660  vwifibus - ok
10:28:30.0537 5660  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:28:30.0552 5660  vwififlt - ok
10:28:30.0568 5660  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:28:30.0568 5660  vwifimp - ok
10:28:30.0615 5660  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
10:28:30.0630 5660  W32Time - ok
10:28:30.0662 5660  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:28:30.0662 5660  WacomPen - ok
10:28:30.0724 5660  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:28:30.0724 5660  WANARP - ok
10:28:30.0724 5660  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:28:30.0740 5660  Wanarpv6 - ok
10:28:30.0833 5660  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:28:30.0896 5660  WatAdminSvc - ok
10:28:30.0974 5660  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
10:28:31.0052 5660  wbengine - ok
10:28:31.0114 5660  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:28:31.0114 5660  WbioSrvc - ok
10:28:31.0176 5660  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:28:31.0176 5660  wcncsvc - ok
10:28:31.0223 5660  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:28:31.0223 5660  WcsPlugInService - ok
10:28:31.0254 5660  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:28:31.0254 5660  Wd - ok
10:28:31.0317 5660  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:28:31.0332 5660  Wdf01000 - ok
10:28:31.0379 5660  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:28:31.0379 5660  WdiServiceHost - ok
10:28:31.0395 5660  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:28:31.0395 5660  WdiSystemHost - ok
10:28:31.0457 5660  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
10:28:31.0473 5660  WebClient - ok
10:28:31.0504 5660  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:28:31.0504 5660  Wecsvc - ok
10:28:31.0535 5660  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:28:31.0535 5660  wercplsupport - ok
10:28:31.0551 5660  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:28:31.0566 5660  WerSvc - ok
10:28:31.0582 5660  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:28:31.0582 5660  WfpLwf - ok
10:28:31.0598 5660  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:28:31.0598 5660  WIMMount - ok
10:28:31.0629 5660  WinDefend - ok
10:28:31.0629 5660  WinHttpAutoProxySvc - ok
10:28:31.0722 5660  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:28:31.0738 5660  Winmgmt - ok
10:28:31.0832 5660  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
10:28:31.0878 5660  WinRM - ok
10:28:31.0941 5660  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:28:31.0941 5660  WinUsb - ok
10:28:31.0988 5660  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:28:32.0019 5660  Wlansvc - ok
10:28:32.0144 5660  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:28:32.0175 5660  wlidsvc - ok
10:28:32.0222 5660  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:28:32.0222 5660  WmiAcpi - ok
10:28:32.0253 5660  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:28:32.0253 5660  wmiApSrv - ok
10:28:32.0300 5660  WMPNetworkSvc - ok
10:28:32.0331 5660  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:28:32.0346 5660  WPCSvc - ok
10:28:32.0378 5660  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:28:32.0393 5660  WPDBusEnum - ok
10:28:32.0424 5660  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:28:32.0424 5660  ws2ifsl - ok
10:28:32.0456 5660  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
10:28:32.0456 5660  wscsvc - ok
10:28:32.0471 5660  WSearch - ok
10:28:32.0580 5660  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:28:32.0674 5660  wuauserv - ok
10:28:32.0736 5660  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:28:32.0736 5660  WudfPf - ok
10:28:32.0783 5660  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:28:32.0783 5660  WUDFRd - ok
10:28:32.0830 5660  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:28:32.0846 5660  wudfsvc - ok
10:28:32.0877 5660  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:28:32.0877 5660  WwanSvc - ok
10:28:32.0924 5660  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
10:28:32.0939 5660  yukonw7 - ok
10:28:32.0986 5660  ================ Scan global ===============================
10:28:33.0017 5660  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:28:33.0064 5660  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
10:28:33.0080 5660  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
10:28:33.0142 5660  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:28:33.0189 5660  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:28:33.0204 5660  [Global] - ok
10:28:33.0204 5660  ================ Scan MBR ==================================
10:28:33.0236 5660  [ FFAF756D8667FE0B6BD5103BD0D881B0 ] \Device\Harddisk0\DR0
10:28:33.0548 5660  \Device\Harddisk0\DR0 - ok
10:28:33.0548 5660  ================ Scan VBR ==================================
10:28:33.0563 5660  [ 2B569A8839A3047C312CFE5B610E2F68 ] \Device\Harddisk0\DR0\Partition1
10:28:33.0563 5660  \Device\Harddisk0\DR0\Partition1 - ok
10:28:33.0579 5660  [ 4B0D03AB1F8538A0AA967B0AD4D94EAE ] \Device\Harddisk0\DR0\Partition2
10:28:33.0579 5660  \Device\Harddisk0\DR0\Partition2 - ok
10:28:33.0626 5660  [ 1601C71B10D12CCE3C0B1134178AE312 ] \Device\Harddisk0\DR0\Partition3
10:28:33.0626 5660  \Device\Harddisk0\DR0\Partition3 - ok
10:28:33.0641 5660  [ B5C30D65C030D0772AB61E99AA082BF5 ] \Device\Harddisk0\DR0\Partition4
10:28:33.0641 5660  \Device\Harddisk0\DR0\Partition4 - ok
10:28:33.0641 5660  ============================================================
10:28:33.0641 5660  Scan finished
10:28:33.0641 5660  ============================================================
10:28:33.0657 6060  Detected object count: 0
10:28:33.0657 6060  Actual detected object count: 0
10:30:23.0403 5240  ============================================================
10:30:23.0403 5240  Scan started
10:30:23.0403 5240  Mode: Manual; TDLFS; 
10:30:23.0403 5240  ============================================================
10:30:23.0637 5240  ================ Scan system memory ========================
10:30:23.0637 5240  System memory - ok
10:30:23.0637 5240  ================ Scan services =============================
10:30:23.0855 5240  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:30:23.0855 5240  1394ohci - ok
10:30:23.0918 5240  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:30:23.0918 5240  ACPI - ok
10:30:23.0965 5240  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:30:23.0965 5240  AcpiPmi - ok
10:30:24.0058 5240  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:30:24.0058 5240  AdobeARMservice - ok
10:30:24.0167 5240  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:30:24.0183 5240  AdobeFlashPlayerUpdateSvc - ok
10:30:24.0230 5240  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:30:24.0230 5240  adp94xx - ok
10:30:24.0261 5240  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:30:24.0261 5240  adpahci - ok
10:30:24.0292 5240  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:30:24.0308 5240  adpu320 - ok
10:30:24.0355 5240  [ 7233688FC422EF657E082309E6180142 ] ADVService      C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
10:30:24.0355 5240  ADVService - ok
10:30:24.0370 5240  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:30:24.0386 5240  AeLookupSvc - ok
10:30:24.0448 5240  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
10:30:24.0448 5240  AERTFilters - ok
10:30:24.0511 5240  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
10:30:24.0511 5240  AFD - ok
10:30:24.0573 5240  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:30:24.0573 5240  agp440 - ok
10:30:24.0589 5240  Akamai - ok
10:30:24.0635 5240  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
10:30:24.0635 5240  ALG - ok
10:30:24.0635 5240  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:30:24.0651 5240  aliide - ok
10:30:24.0667 5240  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
10:30:24.0667 5240  amdide - ok
10:30:24.0698 5240  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:30:24.0698 5240  AmdK8 - ok
10:30:24.0713 5240  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:30:24.0713 5240  AmdPPM - ok
10:30:24.0760 5240  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:30:24.0760 5240  amdsata - ok
10:30:24.0807 5240  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:30:24.0807 5240  amdsbs - ok
10:30:24.0838 5240  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:30:24.0838 5240  amdxata - ok
10:30:24.0869 5240  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
10:30:24.0869 5240  AppID - ok
10:30:24.0901 5240  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:30:24.0901 5240  AppIDSvc - ok
10:30:24.0947 5240  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
10:30:24.0947 5240  Appinfo - ok
10:30:24.0994 5240  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:30:24.0994 5240  arc - ok
10:30:25.0025 5240  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:30:25.0041 5240  arcsas - ok
10:30:25.0166 5240  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:30:25.0166 5240  aspnet_state - ok
10:30:25.0181 5240  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:30:25.0181 5240  AsyncMac - ok
10:30:25.0228 5240  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
10:30:25.0228 5240  atapi - ok
10:30:25.0291 5240  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:30:25.0306 5240  AudioEndpointBuilder - ok
10:30:25.0337 5240  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:30:25.0353 5240  AudioSrv - ok
10:30:25.0571 5240  [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
10:30:25.0603 5240  AVGIDSAgent - ok
10:30:25.0649 5240  [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:30:25.0649 5240  AVGIDSDriver - ok
10:30:25.0696 5240  [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter    C:\Windows\system32\DRIVERS\avgidsfiltera.sys
10:30:25.0696 5240  AVGIDSFilter - ok
10:30:25.0743 5240  [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
10:30:25.0743 5240  AVGIDSHA - ok
10:30:25.0774 5240  [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
10:30:25.0774 5240  Avgldx64 - ok
10:30:25.0790 5240  [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
10:30:25.0790 5240  Avgmfx64 - ok
10:30:25.0837 5240  [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
10:30:25.0837 5240  Avgrkx64 - ok
10:30:25.0899 5240  [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
10:30:25.0899 5240  Avgtdia - ok
10:30:25.0946 5240  [ 90CF04574CF47B19EE5B2FE41BA52B32 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
10:30:25.0946 5240  avgtp - ok
10:30:25.0993 5240  [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd           C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
10:30:26.0008 5240  avgwd - ok
10:30:26.0055 5240  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:30:26.0055 5240  AxInstSV - ok
10:30:26.0102 5240  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:30:26.0102 5240  b06bdrv - ok
10:30:26.0149 5240  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:30:26.0149 5240  b57nd60a - ok
10:30:26.0195 5240  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:30:26.0195 5240  BDESVC - ok
10:30:26.0211 5240  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:30:26.0211 5240  Beep - ok
10:30:26.0273 5240  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
10:30:26.0273 5240  BFE - ok
10:30:26.0320 5240  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
10:30:26.0336 5240  BITS - ok
10:30:26.0367 5240  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:30:26.0367 5240  blbdrive - ok
10:30:26.0398 5240  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:30:26.0398 5240  bowser - ok
10:30:26.0414 5240  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:30:26.0414 5240  BrFiltLo - ok
10:30:26.0429 5240  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:30:26.0429 5240  BrFiltUp - ok
10:30:26.0445 5240  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
10:30:26.0461 5240  BridgeMP - ok
10:30:26.0476 5240  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
10:30:26.0476 5240  Browser - ok
10:30:26.0507 5240  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:30:26.0523 5240  Brserid - ok
10:30:26.0554 5240  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:30:26.0554 5240  BrSerWdm - ok
10:30:26.0570 5240  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:30:26.0570 5240  BrUsbMdm - ok
10:30:26.0585 5240  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:30:26.0585 5240  BrUsbSer - ok
10:30:26.0617 5240  [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
10:30:26.0617 5240  BTCFilterService - ok
10:30:26.0632 5240  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:30:26.0632 5240  BTHMODEM - ok
10:30:26.0663 5240  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
10:30:26.0663 5240  bthserv - ok
10:30:26.0679 5240  catchme - ok
10:30:26.0710 5240  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:30:26.0710 5240  cdfs - ok
10:30:26.0757 5240  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:30:26.0757 5240  cdrom - ok
10:30:26.0804 5240  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
10:30:26.0804 5240  CertPropSvc - ok
10:30:26.0819 5240  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:30:26.0819 5240  circlass - ok
10:30:26.0851 5240  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
10:30:26.0866 5240  CLFS - ok
10:30:26.0929 5240  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:30:26.0929 5240  clr_optimization_v2.0.50727_32 - ok
10:30:26.0975 5240  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:30:26.0975 5240  clr_optimization_v2.0.50727_64 - ok
10:30:27.0053 5240  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:30:27.0069 5240  clr_optimization_v4.0.30319_32 - ok
10:30:27.0085 5240  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:30:27.0085 5240  clr_optimization_v4.0.30319_64 - ok
10:30:27.0116 5240  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
10:30:27.0116 5240  clwvd - ok
10:30:27.0131 5240  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:30:27.0131 5240  CmBatt - ok
10:30:27.0178 5240  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:30:27.0178 5240  cmdide - ok
10:30:27.0241 5240  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
10:30:27.0241 5240  CNG - ok
10:30:27.0272 5240  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:30:27.0272 5240  Compbatt - ok
10:30:27.0319 5240  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:30:27.0319 5240  CompositeBus - ok
10:30:27.0334 5240  COMSysApp - ok
10:30:27.0350 5240  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:30:27.0350 5240  crcdisk - ok
10:30:27.0412 5240  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:30:27.0412 5240  CryptSvc - ok
10:30:27.0475 5240  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:30:27.0475 5240  DcomLaunch - ok
10:30:27.0521 5240  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
10:30:27.0521 5240  defragsvc - ok
10:30:27.0584 5240  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:30:27.0584 5240  DfsC - ok
10:30:27.0631 5240  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:30:27.0631 5240  Dhcp - ok
10:30:27.0662 5240  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
10:30:27.0662 5240  discache - ok
10:30:27.0693 5240  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:30:27.0693 5240  Disk - ok
10:30:27.0740 5240  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:30:27.0740 5240  Dnscache - ok
10:30:27.0802 5240  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:30:27.0818 5240  dot3svc - ok
10:30:27.0865 5240  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:30:27.0865 5240  Dot4 - ok
10:30:27.0927 5240  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
10:30:27.0927 5240  Dot4Print - ok
10:30:27.0989 5240  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:30:27.0989 5240  dot4usb - ok
10:30:28.0036 5240  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
10:30:28.0036 5240  DPS - ok
10:30:28.0067 5240  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:30:28.0067 5240  drmkaud - ok
10:30:28.0145 5240  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:30:28.0161 5240  DXGKrnl - ok
10:30:28.0208 5240  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
10:30:28.0208 5240  EapHost - ok
10:30:28.0301 5240  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:30:28.0333 5240  ebdrv - ok
10:30:28.0379 5240  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
10:30:28.0379 5240  EFS - ok
10:30:28.0473 5240  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:30:28.0489 5240  ehRecvr - ok
10:30:28.0520 5240  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
10:30:28.0520 5240  ehSched - ok
10:30:28.0551 5240  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:30:28.0551 5240  elxstor - ok
10:30:28.0598 5240  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:30:28.0598 5240  ErrDev - ok
10:30:28.0645 5240  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
10:30:28.0645 5240  EventSystem - ok
10:30:28.0676 5240  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
10:30:28.0676 5240  exfat - ok
10:30:28.0707 5240  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:30:28.0707 5240  fastfat - ok
10:30:28.0754 5240  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
10:30:28.0769 5240  Fax - ok
10:30:28.0816 5240  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:30:28.0816 5240  fdc - ok
10:30:28.0832 5240  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:30:28.0832 5240  fdPHost - ok
10:30:28.0847 5240  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:30:28.0847 5240  FDResPub - ok
10:30:28.0863 5240  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:30:28.0879 5240  FileInfo - ok
10:30:28.0879 5240  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:30:28.0879 5240  Filetrace - ok
10:30:28.0910 5240  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:30:28.0910 5240  flpydisk - ok
10:30:28.0957 5240  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:30:28.0957 5240  FltMgr - ok
10:30:28.0988 5240  [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb          C:\Windows\system32\DRIVERS\FlyUsb.sys
10:30:28.0988 5240  FlyUsb - ok
10:30:29.0066 5240  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
10:30:29.0081 5240  FontCache - ok
10:30:29.0144 5240  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:30:29.0144 5240  FontCache3.0.0.0 - ok
10:30:29.0175 5240  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:30:29.0175 5240  FsDepends - ok
10:30:29.0206 5240  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:30:29.0206 5240  Fs_Rec - ok
10:30:29.0253 5240  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:30:29.0253 5240  fvevol - ok
10:30:29.0284 5240  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:30:29.0284 5240  gagp30kx - ok
10:30:29.0347 5240  [ 551D463E4CCEB5240234DA6718C93A44 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:30:29.0347 5240  GameConsoleService - ok
10:30:29.0409 5240  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
10:30:29.0425 5240  gpsvc - ok
10:30:29.0471 5240  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:30:29.0471 5240  gupdate - ok
10:30:29.0471 5240  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:30:29.0471 5240  gupdatem - ok
10:30:29.0518 5240  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:30:29.0518 5240  gusvc - ok
10:30:29.0549 5240  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:30:29.0549 5240  hcw85cir - ok
10:30:29.0596 5240  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:30:29.0596 5240  HdAudAddService - ok
10:30:29.0659 5240  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:30:29.0659 5240  HDAudBus - ok
10:30:29.0690 5240  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
10:30:29.0690 5240  HECIx64 - ok
10:30:29.0721 5240  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:30:29.0721 5240  HidBatt - ok
10:30:29.0752 5240  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:30:29.0752 5240  HidBth - ok
10:30:29.0768 5240  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:30:29.0768 5240  HidIr - ok
10:30:29.0799 5240  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
10:30:29.0799 5240  hidserv - ok
10:30:29.0846 5240  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:30:29.0846 5240  HidUsb - ok
10:30:29.0893 5240  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:30:29.0893 5240  hkmsvc - ok
10:30:29.0939 5240  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:30:29.0955 5240  HomeGroupListener - ok
10:30:30.0002 5240  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:30:30.0017 5240  HomeGroupProvider - ok
10:30:30.0095 5240  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:30:30.0095 5240  HP Support Assistant Service - ok
10:30:30.0158 5240  [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
10:30:30.0158 5240  HP Wireless Assistant Service - ok
10:30:30.0189 5240  [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:30:30.0189 5240  HPClientSvc - ok
10:30:30.0345 5240  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:30:30.0345 5240  hpqcxs08 - ok
10:30:30.0361 5240  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:30:30.0376 5240  hpqddsvc - ok
10:30:30.0439 5240  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
10:30:30.0439 5240  hpqwmiex - ok
10:30:30.0501 5240  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:30:30.0517 5240  HpSAMD - ok
10:30:30.0548 5240  [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:30:30.0548 5240  HPWMISVC - ok
10:30:30.0610 5240  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:30:30.0626 5240  HTTP - ok
10:30:30.0673 5240  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:30:30.0673 5240  hwpolicy - ok
10:30:30.0735 5240  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:30:30.0735 5240  i8042prt - ok
10:30:30.0782 5240  [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:30:30.0782 5240  iaStor - ok
10:30:30.0844 5240  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:30:30.0844 5240  iaStorV - ok
10:30:30.0922 5240  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:30:30.0938 5240  idsvc - ok
10:30:31.0265 5240  [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:30:31.0328 5240  igfx - ok
10:30:31.0359 5240  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:30:31.0359 5240  iirsp - ok
10:30:31.0421 5240  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
10:30:31.0437 5240  IKEEXT - ok
10:30:31.0468 5240  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
10:30:31.0468 5240  Impcd - ok
10:30:31.0562 5240  [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:30:31.0577 5240  IntcAzAudAddService - ok
10:30:31.0609 5240  [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:30:31.0609 5240  IntcDAud - ok
10:30:31.0655 5240  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
10:30:31.0655 5240  intelide - ok
10:30:31.0671 5240  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:30:31.0671 5240  intelppm - ok
10:30:31.0702 5240  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:30:31.0702 5240  IPBusEnum - ok
10:30:31.0749 5240  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:30:31.0749 5240  IpFilterDriver - ok
10:30:31.0811 5240  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:30:31.0811 5240  iphlpsvc - ok
10:30:31.0874 5240  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:30:31.0874 5240  IPMIDRV - ok
10:30:31.0889 5240  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:30:31.0889 5240  IPNAT - ok
10:30:31.0921 5240  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:30:31.0921 5240  IRENUM - ok
10:30:31.0967 5240  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:30:31.0967 5240  isapnp - ok
10:30:32.0030 5240  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:30:32.0030 5240  iScsiPrt - ok
10:30:32.0045 5240  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
10:30:32.0045 5240  kbdclass - ok
10:30:32.0092 5240  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:30:32.0092 5240  kbdhid - ok
10:30:32.0108 5240  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
10:30:32.0123 5240  KeyIso - ok
10:30:32.0170 5240  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:30:32.0170 5240  KSecDD - ok
10:30:32.0217 5240  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:30:32.0217 5240  KSecPkg - ok
10:30:32.0248 5240  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:30:32.0248 5240  ksthunk - ok
10:30:32.0279 5240  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:30:32.0279 5240  KtmRm - ok
10:30:32.0326 5240  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
10:30:32.0342 5240  LanmanServer - ok
10:30:32.0373 5240  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:30:32.0389 5240  LanmanWorkstation - ok
10:30:32.0591 5240  [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
10:30:32.0623 5240  LeapFrog Connect Device Service - ok
10:30:32.0669 5240  [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:30:32.0669 5240  LightScribeService - ok
10:30:32.0701 5240  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:30:32.0701 5240  lltdio - ok
10:30:32.0732 5240  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:30:32.0732 5240  lltdsvc - ok
10:30:32.0747 5240  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:30:32.0747 5240  lmhosts - ok
10:30:32.0825 5240  [ 7485FBCEF9136F530953575E2977859D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:30:32.0825 5240  LMS - ok
10:30:32.0857 5240  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:30:32.0857 5240  LSI_FC - ok
10:30:32.0903 5240  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:30:32.0903 5240  LSI_SAS - ok
10:30:32.0919 5240  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:30:32.0935 5240  LSI_SAS2 - ok
10:30:32.0950 5240  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:30:32.0950 5240  LSI_SCSI - ok
10:30:32.0966 5240  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:30:32.0966 5240  luafv - ok
10:30:33.0013 5240  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
10:30:33.0013 5240  MBAMProtector - ok
10:30:33.0044 5240  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:30:33.0059 5240  MBAMScheduler - ok
10:30:33.0075 5240  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:30:33.0091 5240  MBAMService - ok
10:30:33.0184 5240  [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
10:30:33.0184 5240  McComponentHostService - ok
10:30:33.0231 5240  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:30:33.0231 5240  Mcx2Svc - ok
10:30:33.0262 5240  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:30:33.0262 5240  megasas - ok
10:30:33.0293 5240  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:30:33.0293 5240  MegaSR - ok
10:30:33.0325 5240  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
10:30:33.0340 5240  MMCSS - ok
10:30:33.0356 5240  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
10:30:33.0356 5240  Modem - ok
10:30:33.0387 5240  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:30:33.0387 5240  monitor - ok
10:30:33.0418 5240  [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
10:30:33.0418 5240  motccgp - ok
10:30:33.0449 5240  [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl       C:\Windows\system32\DRIVERS\motccgpfl.sys
10:30:33.0449 5240  motccgpfl - ok
10:30:33.0481 5240  [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem        C:\Windows\system32\DRIVERS\motmodem.sys
10:30:33.0481 5240  motmodem - ok
10:30:33.0527 5240  [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper      C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
10:30:33.0527 5240  MotoHelper - ok
10:30:33.0543 5240  [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
10:30:33.0543 5240  MotoSwitchService - ok
10:30:33.0574 5240  [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
10:30:33.0574 5240  Motousbnet - ok
10:30:33.0605 5240  [ D075B1D964A314D240F5498773EE89DF ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys
10:30:33.0605 5240  motusbdevice - ok
10:30:33.0668 5240  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:30:33.0668 5240  mouclass - ok
10:30:33.0699 5240  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:30:33.0699 5240  mouhid - ok
10:30:33.0746 5240  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:30:33.0746 5240  mountmgr - ok
10:30:33.0808 5240  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:30:33.0808 5240  MpFilter - ok
10:30:33.0855 5240  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:30:33.0855 5240  mpio - ok
10:30:33.0886 5240  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:30:33.0886 5240  mpsdrv - ok
10:30:33.0949 5240  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:30:33.0964 5240  MpsSvc - ok
10:30:34.0011 5240  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:30:34.0011 5240  MRxDAV - ok
10:30:34.0058 5240  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:30:34.0058 5240  mrxsmb - ok
10:30:34.0105 5240  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:30:34.0105 5240  mrxsmb10 - ok
10:30:34.0167 5240  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:30:34.0167 5240  mrxsmb20 - ok
10:30:34.0214 5240  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:30:34.0214 5240  msahci - ok
10:30:34.0261 5240  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:30:34.0276 5240  msdsm - ok
10:30:34.0292 5240  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
10:30:34.0292 5240  MSDTC - ok
10:30:34.0339 5240  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:30:34.0339 5240  Msfs - ok
10:30:34.0339 5240  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:30:34.0339 5240  mshidkmdf - ok
10:30:34.0385 5240  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:30:34.0385 5240  msisadrv - ok
10:30:34.0417 5240  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:30:34.0417 5240  MSiSCSI - ok
10:30:34.0432 5240  msiserver - ok
10:30:34.0448 5240  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:30:34.0448 5240  MSKSSRV - ok
10:30:34.0526 5240  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:30:34.0526 5240  MsMpSvc - ok
10:30:34.0541 5240  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:30:34.0541 5240  MSPCLOCK - ok
10:30:34.0557 5240  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:30:34.0573 5240  MSPQM - ok
10:30:34.0619 5240  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:30:34.0619 5240  MsRPC - ok
10:30:34.0666 5240  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:30:34.0666 5240  mssmbios - ok
10:30:34.0697 5240  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:30:34.0697 5240  MSTEE - ok
10:30:34.0729 5240  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:30:34.0729 5240  MTConfig - ok
10:30:34.0760 5240  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:30:34.0760 5240  Mup - ok
10:30:34.0807 5240  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
10:30:34.0822 5240  napagent - ok
10:30:34.0838 5240  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:30:34.0853 5240  NativeWifiP - ok
10:30:34.0916 5240  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:30:34.0916 5240  NDIS - ok
10:30:34.0978 5240  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:30:34.0978 5240  NdisCap - ok
10:30:35.0009 5240  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:30:35.0009 5240  NdisTapi - ok
10:30:35.0041 5240  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:30:35.0041 5240  Ndisuio - ok
10:30:35.0103 5240  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:30:35.0103 5240  NdisWan - ok
10:30:35.0150 5240  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:30:35.0165 5240  NDProxy - ok
10:30:35.0181 5240  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:30:35.0197 5240  Net Driver HPZ12 - ok
10:30:35.0212 5240  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:30:35.0212 5240  NetBIOS - ok
10:30:35.0275 5240  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:30:35.0275 5240  NetBT - ok
10:30:35.0290 5240  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
10:30:35.0290 5240  Netlogon - ok
10:30:35.0337 5240  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
10:30:35.0337 5240  Netman - ok
10:30:35.0384 5240  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:35.0384 5240  NetMsmqActivator - ok
10:30:35.0384 5240  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:35.0399 5240  NetPipeActivator - ok
10:30:35.0431 5240  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
10:30:35.0431 5240  netprofm - ok
10:30:35.0477 5240  [ 24CF1304D899124336F67F88F3C15E21 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
10:30:35.0493 5240  netr28x - ok
10:30:35.0493 5240  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:35.0509 5240  NetTcpActivator - ok
10:30:35.0509 5240  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:30:35.0509 5240  NetTcpPortSharing - ok
10:30:35.0665 5240  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
10:30:35.0696 5240  netw5v64 - ok
10:30:35.0727 5240  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:30:35.0727 5240  nfrd960 - ok
10:30:35.0774 5240  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:30:35.0774 5240  NisDrv - ok
10:30:35.0836 5240  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:30:35.0836 5240  NisSrv - ok
10:30:35.0867 5240  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:30:35.0867 5240  NlaSvc - ok
10:30:35.0899 5240  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:30:35.0899 5240  Npfs - ok
10:30:35.0930 5240  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
10:30:35.0930 5240  nsi - ok
10:30:35.0945 5240  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:30:35.0945 5240  nsiproxy - ok
10:30:36.0070 5240  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:30:36.0086 5240  Ntfs - ok
10:30:36.0101 5240  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
10:30:36.0101 5240  Null - ok
10:30:36.0117 5240  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:30:36.0117 5240  nvraid - ok
10:30:36.0164 5240  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:30:36.0179 5240  nvstor - ok
10:30:36.0226 5240  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:30:36.0226 5240  nv_agp - ok
10:30:36.0273 5240  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:30:36.0273 5240  ohci1394 - ok
10:30:36.0335 5240  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:30:36.0335 5240  ose - ok
10:30:36.0491 5240  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:30:36.0523 5240  osppsvc - ok
10:30:36.0554 5240  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:30:36.0554 5240  p2pimsvc - ok
10:30:36.0585 5240  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:30:36.0585 5240  p2psvc - ok
10:30:36.0616 5240  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:30:36.0616 5240  Parport - ok
10:30:36.0663 5240  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:30:36.0663 5240  partmgr - ok
10:30:36.0710 5240  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:30:36.0710 5240  PcaSvc - ok
10:30:36.0772 5240  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
10:30:36.0772 5240  pci - ok
10:30:36.0819 5240  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
10:30:36.0819 5240  pciide - ok
10:30:36.0850 5240  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:30:36.0866 5240  pcmcia - ok
10:30:36.0881 5240  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:30:36.0897 5240  pcw - ok
10:30:36.0913 5240  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:30:36.0928 5240  PEAUTH - ok
10:30:37.0037 5240  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:30:37.0037 5240  PerfHost - ok
10:30:37.0147 5240  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
10:30:37.0162 5240  pla - ok
10:30:37.0209 5240  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:30:37.0209 5240  PlugPlay - ok
10:30:37.0225 5240  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:30:37.0240 5240  Pml Driver HPZ12 - ok
10:30:37.0256 5240  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:30:37.0256 5240  PNRPAutoReg - ok
10:30:37.0287 5240  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:30:37.0287 5240  PNRPsvc - ok
10:30:37.0349 5240  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:30:37.0349 5240  PolicyAgent - ok
10:30:37.0396 5240  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
10:30:37.0396 5240  Power - ok
10:30:37.0443 5240  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:30:37.0459 5240  PptpMiniport - ok
10:30:37.0490 5240  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:30:37.0490 5240  Processor - ok
10:30:37.0537 5240  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:30:37.0537 5240  ProfSvc - ok
10:30:37.0552 5240  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:30:37.0568 5240  ProtectedStorage - ok
10:30:37.0615 5240  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:30:37.0615 5240  Psched - ok
10:30:37.0677 5240  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:30:37.0693 5240  ql2300 - ok
10:30:37.0708 5240  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:30:37.0724 5240  ql40xx - ok
10:30:37.0755 5240  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
10:30:37.0755 5240  QWAVE - ok
10:30:37.0786 5240  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:30:37.0786 5240  QWAVEdrv - ok
10:30:37.0802 5240  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:30:37.0802 5240  RasAcd - ok
10:30:37.0817 5240  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:30:37.0817 5240  RasAgileVpn - ok
10:30:37.0833 5240  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
10:30:37.0833 5240  RasAuto - ok
10:30:37.0880 5240  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:30:37.0895 5240  Rasl2tp - ok
10:30:37.0942 5240  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
10:30:37.0942 5240  RasMan - ok
10:30:37.0973 5240  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:30:37.0973 5240  RasPppoe - ok
10:30:37.0989 5240  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:30:37.0989 5240  RasSstp - ok
10:30:38.0036 5240  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:30:38.0051 5240  rdbss - ok
10:30:38.0067 5240  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:30:38.0067 5240  rdpbus - ok
10:30:38.0083 5240  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:30:38.0083 5240  RDPCDD - ok
10:30:38.0114 5240  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:30:38.0114 5240  RDPENCDD - ok
10:30:38.0114 5240  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:30:38.0114 5240  RDPREFMP - ok
10:30:38.0176 5240  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:30:38.0176 5240  RdpVideoMiniport - ok
10:30:38.0223 5240  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:30:38.0223 5240  RDPWD - ok
10:30:38.0270 5240  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:30:38.0270 5240  rdyboost - ok
10:30:38.0301 5240  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:30:38.0301 5240  RemoteAccess - ok
10:30:38.0317 5240  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:30:38.0332 5240  RemoteRegistry - ok
10:30:38.0379 5240  [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
10:30:38.0379 5240  RoxioNow Service - ok
10:30:38.0410 5240  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:30:38.0410 5240  RpcEptMapper - ok
10:30:38.0426 5240  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
10:30:38.0441 5240  RpcLocator - ok
10:30:38.0488 5240  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
10:30:38.0504 5240  RpcSs - ok
10:30:38.0519 5240  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:30:38.0519 5240  rspndr - ok
10:30:38.0551 5240  [ 22D6B47D004A6568C500680BE2972854 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
10:30:38.0566 5240  RSUSBSTOR - ok
10:30:38.0597 5240  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:30:38.0597 5240  RTL8167 - ok
10:30:38.0644 5240  [ 4EA7E5DF0CB237156176FA0349E6E87F ] RtVOsdService   C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
10:30:38.0644 5240  RtVOsdService - ok
10:30:38.0675 5240  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
10:30:38.0675 5240  SamSs - ok
10:30:38.0722 5240  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:30:38.0722 5240  sbp2port - ok
10:30:38.0753 5240  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:30:38.0753 5240  SCardSvr - ok
10:30:38.0816 5240  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:30:38.0816 5240  scfilter - ok
10:30:38.0894 5240  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
10:30:38.0909 5240  Schedule - ok
10:30:38.0956 5240  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:30:38.0956 5240  SCPolicySvc - ok
10:30:39.0003 5240  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
10:30:39.0003 5240  sdbus - ok
10:30:39.0050 5240  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:30:39.0050 5240  SDRSVC - ok
10:30:39.0065 5240  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:30:39.0065 5240  secdrv - ok
10:30:39.0128 5240  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
10:30:39.0128 5240  seclogon - ok
10:30:39.0159 5240  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
10:30:39.0159 5240  SENS - ok
10:30:39.0175 5240  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:30:39.0175 5240  SensrSvc - ok
10:30:39.0206 5240  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:30:39.0206 5240  Serenum - ok
10:30:39.0221 5240  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:30:39.0221 5240  Serial - ok
10:30:39.0268 5240  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:30:39.0268 5240  sermouse - ok
10:30:39.0315 5240  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:30:39.0315 5240  SessionEnv - ok
10:30:39.0377 5240  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:30:39.0377 5240  sffdisk - ok
10:30:39.0393 5240  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:30:39.0393 5240  sffp_mmc - ok
10:30:39.0424 5240  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:30:39.0424 5240  sffp_sd - ok
10:30:39.0440 5240  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:30:39.0455 5240  sfloppy - ok
10:30:39.0487 5240  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:30:39.0502 5240  SharedAccess - ok
10:30:39.0533 5240  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:30:39.0549 5240  ShellHWDetection - ok
10:30:39.0580 5240  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:30:39.0580 5240  SiSRaid2 - ok
10:30:39.0611 5240  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:30:39.0611 5240  SiSRaid4 - ok
10:30:39.0643 5240  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:30:39.0643 5240  Smb - ok
10:30:39.0674 5240  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:30:39.0689 5240  SNMPTRAP - ok
10:30:39.0705 5240  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:30:39.0705 5240  spldr - ok
10:30:39.0767 5240  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
10:30:39.0767 5240  Spooler - ok
10:30:39.0908 5240  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
10:30:39.0939 5240  sppsvc - ok
10:30:39.0970 5240  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:30:39.0970 5240  sppuinotify - ok
10:30:40.0033 5240  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:30:40.0033 5240  srv - ok
10:30:40.0079 5240  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:30:40.0095 5240  srv2 - ok
10:30:40.0126 5240  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:30:40.0126 5240  SrvHsfHDA - ok
10:30:40.0173 5240  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:30:40.0189 5240  SrvHsfV92 - ok
10:30:40.0220 5240  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:30:40.0235 5240  SrvHsfWinac - ok
10:30:40.0251 5240  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:30:40.0251 5240  srvnet - ok
10:30:40.0282 5240  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:30:40.0282 5240  SSDPSRV - ok
10:30:40.0298 5240  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:30:40.0313 5240  SstpSvc - ok
10:30:40.0329 5240  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:30:40.0329 5240  stexstor - ok
10:30:40.0391 5240  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
10:30:40.0407 5240  stisvc - ok
10:30:40.0454 5240  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:30:40.0454 5240  swenum - ok
10:30:40.0501 5240  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
10:30:40.0516 5240  swprv - ok
10:30:40.0563 5240  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:30:40.0563 5240  SynTP - ok
10:30:40.0657 5240  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
10:30:40.0672 5240  SysMain - ok
10:30:40.0703 5240  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:30:40.0703 5240  TabletInputService - ok
10:30:40.0766 5240  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:30:40.0766 5240  TapiSrv - ok
10:30:40.0797 5240  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
10:30:40.0797 5240  TBS - ok
10:30:40.0891 5240  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:30:40.0906 5240  Tcpip - ok
10:30:40.0953 5240  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:30:40.0969 5240  TCPIP6 - ok
10:30:41.0015 5240  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:30:41.0015 5240  tcpipreg - ok
10:30:41.0047 5240  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:30:41.0047 5240  TDPIPE - ok
10:30:41.0093 5240  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:30:41.0093 5240  TDTCP - ok
10:30:41.0140 5240  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:30:41.0140 5240  tdx - ok
10:30:41.0156 5240  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:30:41.0156 5240  TermDD - ok
10:30:41.0234 5240  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
10:30:41.0249 5240  TermService - ok
10:30:41.0265 5240  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
10:30:41.0265 5240  Themes - ok
10:30:41.0296 5240  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
10:30:41.0296 5240  THREADORDER - ok
10:30:41.0327 5240  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
10:30:41.0327 5240  TrkWks - ok
10:30:41.0405 5240  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:30:41.0405 5240  TrustedInstaller - ok
10:30:41.0468 5240  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:30:41.0468 5240  tssecsrv - ok
10:30:41.0515 5240  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:30:41.0515 5240  TsUsbFlt - ok
10:30:41.0561 5240  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:30:41.0561 5240  tunnel - ok
10:30:41.0608 5240  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:30:41.0608 5240  uagp35 - ok
10:30:41.0671 5240  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:30:41.0671 5240  udfs - ok
10:30:41.0717 5240  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:30:41.0717 5240  UI0Detect - ok
10:30:41.0733 5240  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:30:41.0733 5240  uliagpkx - ok
10:30:41.0795 5240  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
10:30:41.0795 5240  umbus - ok
10:30:41.0827 5240  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:30:41.0827 5240  UmPass - ok
10:30:41.0951 5240  [ 765F2DD351BA064F657751D8D75E58C0 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:30:41.0967 5240  UNS - ok
10:30:42.0014 5240  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
10:30:42.0014 5240  upnphost - ok
10:30:42.0061 5240  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:30:42.0076 5240  usbccgp - ok
10:30:42.0123 5240  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:30:42.0123 5240  usbcir - ok
10:30:42.0139 5240  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:30:42.0139 5240  usbehci - ok
10:30:42.0170 5240  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:30:42.0170 5240  usbhub - ok
10:30:42.0201 5240  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:30:42.0201 5240  usbohci - ok
10:30:42.0232 5240  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:30:42.0232 5240  usbprint - ok
10:30:42.0279 5240  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:30:42.0279 5240  usbscan - ok
10:30:42.0295 5240  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:30:42.0295 5240  USBSTOR - ok
10:30:42.0341 5240  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:30:42.0341 5240  usbuhci - ok
10:30:42.0388 5240  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:30:42.0388 5240  usbvideo - ok
10:30:42.0419 5240  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
10:30:42.0419 5240  UxSms - ok
10:30:42.0435 5240  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
10:30:42.0435 5240  VaultSvc - ok
10:30:42.0466 5240  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:30:42.0466 5240  vdrvroot - ok
10:30:42.0513 5240  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
10:30:42.0529 5240  vds - ok
10:30:42.0544 5240  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:30:42.0544 5240  vga - ok
10:30:42.0560 5240  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:30:42.0560 5240  VgaSave - ok
10:30:42.0622 5240  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:30:42.0622 5240  vhdmp - ok
10:30:42.0638 5240  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:30:42.0638 5240  viaide - ok
10:30:42.0685 5240  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:30:42.0685 5240  volmgr - ok
10:30:42.0747 5240  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:30:42.0747 5240  volmgrx - ok
10:30:42.0763 5240  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:30:42.0763 5240  volsnap - ok
10:30:42.0809 5240  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:30:42.0809 5240  vsmraid - ok
10:30:42.0903 5240  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
10:30:42.0919 5240  VSS - ok
10:30:43.0075 5240  [ 222D84CBE6A428A66A513B339EC633C8 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
10:30:43.0090 5240  vToolbarUpdater14.2.0 - ok
10:30:43.0106 5240  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:30:43.0106 5240  vwifibus - ok
10:30:43.0121 5240  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:30:43.0121 5240  vwififlt - ok
10:30:43.0153 5240  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:30:43.0153 5240  vwifimp - ok
10:30:43.0184 5240  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
10:30:43.0199 5240  W32Time - ok
10:30:43.0231 5240  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:30:43.0231 5240  WacomPen - ok
10:30:43.0277 5240  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:30:43.0277 5240  WANARP - ok
10:30:43.0293 5240  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:30:43.0293 5240  Wanarpv6 - ok
10:30:43.0371 5240  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:30:43.0387 5240  WatAdminSvc - ok
10:30:43.0465 5240  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
10:30:43.0480 5240  wbengine - ok
10:30:43.0511 5240  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:30:43.0511 5240  WbioSrvc - ok
10:30:43.0558 5240  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:30:43.0574 5240  wcncsvc - ok
10:30:43.0574 5240  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:30:43.0589 5240  WcsPlugInService - ok
10:30:43.0621 5240  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:30:43.0621 5240  Wd - ok
10:30:43.0683 5240  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:30:43.0699 5240  Wdf01000 - ok
10:30:43.0714 5240  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:30:43.0714 5240  WdiServiceHost - ok
10:30:43.0714 5240  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:30:43.0730 5240  WdiSystemHost - ok
10:30:43.0777 5240  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
10:30:43.0777 5240  WebClient - ok
10:30:43.0823 5240  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:30:43.0823 5240  Wecsvc - ok
10:30:43.0839 5240  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:30:43.0855 5240  wercplsupport - ok
10:30:43.0855 5240  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:30:43.0870 5240  WerSvc - ok
10:30:43.0886 5240  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:30:43.0886 5240  WfpLwf - ok
10:30:43.0901 5240  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:30:43.0901 5240  WIMMount - ok
10:30:43.0933 5240  WinDefend - ok
10:30:43.0948 5240  WinHttpAutoProxySvc - ok
10:30:44.0011 5240  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:30:44.0011 5240  Winmgmt - ok
10:30:44.0182 5240  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
10:30:44.0198 5240  WinRM - ok
10:30:44.0229 5240  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:30:44.0229 5240  WinUsb - ok
10:30:44.0276 5240  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:30:44.0291 5240  Wlansvc - ok
10:30:44.0416 5240  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:30:44.0432 5240  wlidsvc - ok
10:30:44.0494 5240  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:30:44.0494 5240  WmiAcpi - ok
10:30:44.0525 5240  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:30:44.0525 5240  wmiApSrv - ok
10:30:44.0557 5240  WMPNetworkSvc - ok
10:30:44.0588 5240  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:30:44.0588 5240  WPCSvc - ok
10:30:44.0635 5240  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:30:44.0635 5240  WPDBusEnum - ok
10:30:44.0681 5240  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:30:44.0681 5240  ws2ifsl - ok
10:30:44.0697 5240  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
10:30:44.0697 5240  wscsvc - ok
10:30:44.0713 5240  WSearch - ok
10:30:44.0837 5240  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:30:44.0869 5240  wuauserv - ok
10:30:44.0915 5240  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:30:44.0915 5240  WudfPf - ok
10:30:44.0931 5240  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:30:44.0947 5240  WUDFRd - ok
10:30:44.0993 5240  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:30:44.0993 5240  wudfsvc - ok
10:30:45.0025 5240  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:30:45.0025 5240  WwanSvc - ok
10:30:45.0056 5240  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
10:30:45.0056 5240  yukonw7 - ok
10:30:45.0071 5240  ================ Scan global ===============================
10:30:45.0103 5240  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:30:45.0149 5240  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
10:30:45.0165 5240  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
10:30:45.0181 5240  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:30:45.0227 5240  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:30:45.0227 5240  [Global] - ok
10:30:45.0227 5240  ================ Scan MBR ==================================
10:30:45.0243 5240  [ FFAF756D8667FE0B6BD5103BD0D881B0 ] \Device\Harddisk0\DR0
10:30:45.0649 5240  \Device\Harddisk0\DR0 - ok
10:30:45.0649 5240  ================ Scan VBR ==================================
10:30:45.0649 5240  [ 2B569A8839A3047C312CFE5B610E2F68 ] \Device\Harddisk0\DR0\Partition1
10:30:45.0649 5240  \Device\Harddisk0\DR0\Partition1 - ok
10:30:45.0680 5240  [ 4B0D03AB1F8538A0AA967B0AD4D94EAE ] \Device\Harddisk0\DR0\Partition2
10:30:45.0695 5240  \Device\Harddisk0\DR0\Partition2 - ok
10:30:45.0727 5240  [ 1601C71B10D12CCE3C0B1134178AE312 ] \Device\Harddisk0\DR0\Partition3
10:30:45.0727 5240  \Device\Harddisk0\DR0\Partition3 - ok
10:30:45.0758 5240  [ B5C30D65C030D0772AB61E99AA082BF5 ] \Device\Harddisk0\DR0\Partition4
10:30:45.0758 5240  \Device\Harddisk0\DR0\Partition4 - ok
10:30:45.0758 5240  ============================================================
10:30:45.0758 5240  Scan finished
10:30:45.0758 5240  ============================================================
10:30:45.0773 5172  Detected object count: 0
10:30:45.0773 5172  Actual detected object count: 0
10:31:13.0152 2536  Deinitialize success
 

 



#10 Gr8Rdn4U

Gr8Rdn4U
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:12 AM

Posted 08 March 2013 - 04:47 PM

JRT.txt:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Aaron on Fri 03/08/2013 at 10:43:39.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{95b7759c-8c7f-4bf1-b163-73684a933233} 
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2179074613-397383792-846881330-1000\software\microsoft\internet explorer\main\\Start Page
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\startsearch
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\competeinc
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\pricegong
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\scripthelper.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\viprotocol.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2998365
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3274043
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827} 
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827} 
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} 
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} 
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Aaron\AppData\Roaming\defaulttab"
Successfully deleted: [Folder] "C:\Users\Aaron\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Aaron\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Aaron\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\Aaron\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Aaron\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\Aaron\AppData\Roaming\mozilla\firefox\profiles\mc8nxjcf.default\user.js
Successfully deleted: [Folder] C:\Users\Aaron\AppData\Roaming\mozilla\firefox\profiles\mc8nxjcf.default\fctb
Successfully deleted: [Folder] C:\Users\Aaron\AppData\Roaming\mozilla\firefox\profiles\mc8nxjcf.default\extensions\[email protected]
Successfully deleted: [Folder] C:\Users\Aaron\AppData\Roaming\mozilla\firefox\profiles\mc8nxjcf.default\extensions\staged
Successfully deleted the following from C:\Users\Aaron\AppData\Roaming\mozilla\firefox\profiles\mc8nxjcf.default\prefs.js
 
user_pref("CT2998365.FF19Solved", "true");
user_pref("CT2998365.UserID", "UN37020039841427242");
user_pref("CT2998365.addressUrlXPETakeover", "true");
user_pref("CT2998365.autoDisableScopes", -1);
user_pref("CT2998365.browser.search.defaultthis.engineName", "true");
user_pref("CT2998365.defaultSearchXPETakeover", "true");
user_pref("CT2998365.installDate", "28/2/2013 13:19:49");
user_pref("CT2998365.keyword", "true");
user_pref("CT3274043.FF19Solved", "true");
user_pref("CT3274043.UserID", "UN37760971212562910");
user_pref("CT3274043.addressUrlXPETakeover", "true");
user_pref("CT3274043.autoDisableScopes", 10);
user_pref("CT3274043.browser.search.defaultthis.engineName", "true");
user_pref("CT3274043.defaultSearchXPETakeover", "true");
user_pref("CT3274043.installDate", "28/2/2013 16:29:26");
user_pref("CT3274043.keyword", "true");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://mysearch.avg.com/search?cid={3421101D-1510-4333-B413-CBFC100D89E0}&mid=93569ec8137b47d1ac064902a7694f76-838c7157f5aa
user_pref("browser.search.defaultengine", "Privitize VPN");
user_pref("browser.search.defaultenginename", "Privitize VPN");
user_pref("browser.search.defaultthis.engineName", "BTControl12DM2 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3274043&SearchSource=3&q={searchTerms}&CUI=UN37760971212562910");
user_pref("browser.search.order.1", "Privitize VPN");
user_pref("browser.search.selectedEngine", "Privitize VPN");
user_pref("freecause46d606b0a64511df981c0800200c9a66.DNSCatch", false);
user_pref("freecause46d606b0a64511df981c0800200c9a66.FirstLaunchShown", true);
user_pref("freecause46d606b0a64511df981c0800200c9a66.LastDate", 10);
user_pref("freecause46d606b0a64511df981c0800200c9a66.customNewTab", false);
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.CaptureType", 3);
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.dcaConfigInterval", "60");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.epochTimeInterval", "1440");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.eulaVersion", 20110301);
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.externalJSInterval", "60");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.externalJSRshInterval", "60");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.externalJSSerpInterval", "60");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.externalJSShoppingcartInterval", "60");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastDcaConfigModification", "Tue, 05 Jun 2012 21:15:39 GMT");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastDcaConfigTime", "1352600380828");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastDcaConfigUrl", "hxxps://dcs-config.consumerinput.com/configs/dca_config/FCZ3F9Lfox/8823?userId=FCZ3F9L53681069");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastEpochTime", "1352600380230");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSModification", "Tue, 15 May 2012 15:15:05 GMT");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSRshModification", "Tue, 14 Feb 2012 21:00:35 GMT");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSRshTime", "1352600380227");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSRshUrl", "hxxps://dcs-files.consumerinput.com/xml/modules/rsh/config-rsh.xml");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSSerpModification", "Mon, 10 Sep 2012 18:00:07 GMT");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSSerpTime", "1352600380298");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSSerpUrl", "hxxps://dcs-files.consumerinput.com/xml/modules/serp/config-serp.xml");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSShoppingcartModification", "Mon, 10 Sep 2012 18:00:07 GMT");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSShoppingcartTime", "1352600380288");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSShoppingcartUrl", "hxxps://dcs-files.consumerinput.com/xml/modules/tld/config-tld.xml");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSTime", "1352600380301");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastExternalJSUrl", "hxxps://dcs-files.consumerinput.com/xml/modules/core/config-core.xml");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastPingTime", "1339102997325");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastPrivacyRulesModification", "Mon, 17 Sep 2012 21:06:16 GMT");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastPrivacyRulesTime", "1352600380450");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastPrivacyRulesUrl", "hxxps://dcs-files.consumerinput.com/xml/privacy_rules/privacy_rules.xml");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastWhitelistModification", "Fri, 26 Oct 2012 21:15:13 GMT");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastWhitelistTime", "1352600380421");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.lastWhitelistUrl", "hxxps://dcs-files.consumerinput.com/xml/ajax_whitelist/ajax_whitelist.xml");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.panelID", "FCZ3F9Lfox");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.pingInterval", "1440");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.privacyFailures", 0);
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.privacyFailuresThreshold", 6);
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.privacyRulesInterval", "60");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.probationLength", 1440);
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.rulesVersion", "2003");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.userID", "FCZ3F9L53681069");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.version", "1.6.0.8823");
user_pref("freecause46d606b0a64511df981c0800200c9a66.dca.whitelistInterval", "60");
user_pref("freecause46d606b0a64511df981c0800200c9a66.processAddrBar", false);
user_pref("freecause46d606b0a64511df981c0800200c9a66.session", "C921023A8A9CF0B0BBD29F58C1156BCC045998FD0463A6E144519C20A519C60002AD28E1CC258604EF83CECD751C4F076315B6079364A81
user_pref("freecause46d606b0a64511df981c0800200c9a66.tb_lang", "en");
user_pref("freecause46d606b0a64511df981c0800200c9a66.user_id", "53681069");
user_pref("freecause46d606b0a64511df981c0800200c9a66.vars.dcaAlertShown", "1");
user_pref("freecause46d606b0a64511df981c0800200c9a66.vars.disablecuidinject", "1");
user_pref("freecause46d606b0a64511df981c0800200c9a66.vars.lastcheck", "Mon%20Dec%2026%202011%2015%3A15%3A31%20GMT-0800%20%28Pacific%20Standard%20Time%29");
user_pref("freecause46d606b0a64511df981c0800200c9a66.version", "0");
user_pref("freecause46d606b0a64511df981c0800200c9a66.yahooSearch", false);
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2998365&SearchSource=2&CUI=UN37020039841427242&UM=2&q=,hxxp://search.condui
user_pref("smartbar.originalSearchAddressUrl", "hxxp://mysearch.avg.com/search?cid={3421101D-1510-4333-B413-CBFC100D89E0}&mid=93569ec8137b47d1ac064902a7694f76-838c7157f5aa1bfa
user_pref("smartbar.originalSearchEngine", "XFINITY");
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/08/2013 at 10:51:57.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

AdwCleaner:

 

Attached File  AdwCleanerS1.txt   4.68KB   1 downloads

 

 

 

 

MBAM_log:

 

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.08.15
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Aaron :: AARON-HP [administrator]
 
Protection: Enabled
 
3/8/2013 11:03:05 AM
mbam-log-2013-03-08 (11-03-05).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232986
Time elapsed: 5 minute(s), 54 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 
 
 
ESETSCAN:
 
C:\Users\Aaron\Downloads\iLividSetup.exe Win32/Toolbar.SearchSuite application
C:\Users\Aaron\Downloads\openofficesuite-setup.exe Win32/DownloadAdmin.A.Gen application
 


#11 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,453 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:12 AM

Posted 08 March 2013 - 05:47 PM

Please do the following:

navigate to the following installer files and delete them if you no longer need them as they are bundled with adware


C:\Users\Aaron\Downloads\iLividSetup.exe
C:\Users\Aaron\Downloads\openofficesuite-setup.exe


how is the computer running now, are there any outstanding issues?
 
 
NEXT



Visit ADOBE and download the latest version of Acrobat Reader (version XI)
Having the latest updates ensures there are no security vulnerabilities in your system.

NEXT

javaicon.jpg
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.
  • Download the latest version of Java Runtime Environment (JRE) 7 and Save it to your Desktop.
  • Scroll down to where it says Java SE 7u17
  • Click the Download button under JRE to the right.
  • Read the License Agreement then select Accept License Agreement
  • Click on the link to download Windows x86 Offline and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java™ 6) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u17-windows-i586.exe to install the newest version.
    • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
      • On the General tab, under Temporary Internet Files, click the Settings button.
      • Next, click on the Delete Files button
      • There are three options in the window to clear the cache - Leave these two Checked

        • Trace and Log Files
          Cached Applications and Applets
        • Click OK on Delete Temporary Files Window
          Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
        • Click OK to leave the Temporary Files Window
        • Click OK to leave the Java Control Panel.

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013

#12 Gr8Rdn4U

Gr8Rdn4U
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:12 AM

Posted 09 March 2013 - 02:10 AM

Wow!  Thanks! This overloaded notebook is zipping along nicely.  I haven't left it idling yet, but the original issues seem to be gone.  

 

After following your above directions, I went in and uninstalled a few unused programs and cleaned up the Chrome browsing data.  While in Chrome's Task manager, I noticed a running background page called Extension: KeyDownload.  Every time I highlighted it, or ran a search for it, it crashed my browser. I disabled it, but since it appears to come from Chrome, I didn't know whether or not to delete it.  What are your thoughts?



#13 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,453 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:12 AM

Posted 09 March 2013 - 09:22 AM

as far as I can tell, that belongs to AdBlock, which is probably something you have selected to install, so I'd leave it.

We just have some housekeeping to do now, please do the following:


You can delete the DDS, JRT, TDSSKiller and MBAR logs and programs from your desktop.


NEXT

Follow these steps to uninstall Combofix


Combofix_uninstall_image.jpg
  • Make sure your security programs are totally disabled.
  • Press the WinKey +R to open a run box
  • Now copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.
  • NEXT
    • Double click on adwcleaner.exe to run the tool.
    • Click on Uninstall.
    • Confirm with yes.
    If there are any logs/tools remaining on your desktop > right click and delete them.


    NEXT


    ------------------------------------------------------

    Important

    Due to continued exploits of zero-day vulnerabilities in Oracle's Java application, it is the recommendation of many security experts, as well as the TSF Security Team, that you disable Java in your web browsers.

    Java

    US-CERT Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability

    We recommend disabling Java in your browsers, and enabling it only when needed by certain websites.

    Please disable Java in your browser(s) by following these instructions:

    How do I disable Java in my web browser?

    ------------------------------------------------------


    NEXT


    Below I have included a number of recommendations for how to protect your computer against malware infections.
    • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
      Strong passwords: How to create and use them Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.
    • Keep Windows updated by regularly checking their website at :
      http://windowsupdate.microsoft.com/
      This will ensure your computer has always the latest security updates available installed on your computer.
    • Make Internet Explorer more secure
      • Click Start > Run
      • Type Inetcpl.cpl & click OK
      • Click on the Security tab
      • Click Reset all zones to default level
      • Make sure the Internet Zone is selected & Click Custom level
      • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
      • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
    • Download TFC to your desktop
      • Close any open windows.
      • Double click the TFC icon to run the program
      • TFC will close all open programs itself in order to run,
      • Click the Start button to begin the process.
      • Allow TFC to run uninterrupted.
      • The program should not take long to finish it's job
      • Once its finished it should automatically reboot your machine,
      • if it doesn't, manually reboot to ensure a complete clean
      It's normal after running TFC cleaner that the PC will be slower to boot the first time.
    • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
      • Green to go
      • Yellow for caution
      • Red to stop
      WOT has an addon available for both Firefox and IE
    • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
    • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:
      PC Safety and Security--What Do I Need?.
    • Simple and easy ways to keep your computer safe and secure on the Internet
    Thank you for your patience, and performing all of the procedures requested.

    Please respond one last time so we can consider the thread resolved and close it, thank-you.

Edited by CatByte, 09 March 2013 - 09:23 AM.

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013

#14 Gr8Rdn4U

Gr8Rdn4U
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:12 AM

Posted 09 March 2013 - 04:12 PM

I'm working through the assigned :) reading and implementing the recommended changes. Thank you for all your assistance!



#15 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,453 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:07:12 AM

Posted 09 March 2013 - 04:19 PM

you are welcome

 

stay safe :hello:

 

~CB


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif
Microsoft MVP - 2010, 2011, 2012, 2013




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users