Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Catroot?


  • Please log in to reply
10 replies to this topic

#1 btbraun

btbraun

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:11:03 PM

Posted 31 July 2012 - 09:18 PM

I'm running Windows 7 professional 64 bit. My system is infected with something and I suspect it's something pretty deep. Today a file showed up in my library named Catroot with some strange sub files. For about a week now I've known there was something in my system because of ghosting, freezing etc and I'm fairly certain that I can't get to it on my own. I've run Malwarebytes, Hijacthis, Microsoft Security Essentials, TDDSKiller etc. and I haven’t come up with anything solid.

However, when I run Superantispyware it picks up unknown cookies - most recently my email name @ol.qnsr.com, and my email name @qnsr.com, and my email @www.qsstats.com. I clean, restart, and rescan and then something new is found. There isn’t a question that it’s infected but I can’t seem to track it down. I also get pop ups asking me to update Adobie Flash. I always click no and even went to Adobie’s website and updated but I still get the popup.

Not feeling to good right now…

Can someone give me a hand?

Edited by Budapest, 31 July 2012 - 10:57 PM.
Moved from Win7 ~Budapest


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:03 AM

Posted 01 August 2012 - 06:07 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:11:03 PM

Posted 01 August 2012 - 10:37 AM

Ok Here's TDSSKILLER:

07:30:09.0407 3492 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
07:30:09.0875 3492 ============================================================
07:30:09.0875 3492 Current date / time: 2012/08/01 07:30:09.0875
07:30:09.0875 3492 SystemInfo:
07:30:09.0875 3492
07:30:09.0875 3492 OS Version: 6.1.7601 ServicePack: 1.0
07:30:09.0875 3492 Product type: Workstation
07:30:09.0875 3492 ComputerName: BTBRAUN_RSMC-PC
07:30:09.0875 3492 UserName: btbraun_rsmc
07:30:09.0875 3492 Windows directory: C:\Windows
07:30:09.0875 3492 System windows directory: C:\Windows
07:30:09.0875 3492 Running under WOW64
07:30:09.0875 3492 Processor architecture: Intel x64
07:30:09.0875 3492 Number of processors: 4
07:30:09.0875 3492 Page size: 0x1000
07:30:09.0875 3492 Boot type: Normal boot
07:30:09.0875 3492 ============================================================
07:30:11.0139 3492 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:30:11.0155 3492 ============================================================
07:30:11.0155 3492 \Device\Harddisk0\DR0:
07:30:11.0155 3492 MBR partitions:
07:30:11.0155 3492 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x42AA000, BlocksNum 0x7045C800
07:30:11.0155 3492 ============================================================
07:30:11.0201 3492 C: <-> \Device\Harddisk0\DR0\Partition0
07:30:11.0201 3492 ============================================================
07:30:11.0201 3492 Initialize success
07:30:11.0201 3492 ============================================================
07:30:21.0669 5220 ============================================================
07:30:21.0669 5220 Scan started
07:30:21.0669 5220 Mode: Manual; TDLFS;
07:30:21.0669 5220 ============================================================
07:30:22.0387 5220 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
07:30:22.0402 5220 !SASCORE - ok
07:30:22.0855 5220 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
07:30:22.0870 5220 1394ohci - ok
07:30:22.0948 5220 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
07:30:22.0979 5220 ACPI - ok
07:30:23.0011 5220 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
07:30:23.0011 5220 AcpiPmi - ok
07:30:23.0260 5220 AdobeActiveFileMonitor10.0 (047bd1eb681453a7fe492a71802ac9f3) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
07:30:23.0260 5220 AdobeActiveFileMonitor10.0 - ok
07:30:23.0369 5220 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:30:23.0401 5220 AdobeARMservice - ok
07:30:23.0869 5220 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:30:23.0884 5220 AdobeFlashPlayerUpdateSvc - ok
07:30:24.0009 5220 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
07:30:24.0040 5220 adp94xx - ok
07:30:24.0103 5220 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
07:30:24.0118 5220 adpahci - ok
07:30:24.0274 5220 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
07:30:24.0290 5220 adpu320 - ok
07:30:24.0352 5220 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
07:30:24.0383 5220 AeLookupSvc - ok
07:30:24.0430 5220 AFBAgent (69fd46fac0d9c4a8ecd522ac6a7481f5) C:\Windows\system32\FBAgent.exe
07:30:24.0430 5220 AFBAgent - ok
07:30:24.0555 5220 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
07:30:24.0602 5220 AFD - ok
07:30:24.0680 5220 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
07:30:24.0695 5220 agp440 - ok
07:30:24.0820 5220 AiCharger (14370049d8c9912eac7603809a77c378) C:\Windows\system32\DRIVERS\AiCharger.sys
07:30:24.0820 5220 AiCharger - ok
07:30:24.0867 5220 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
07:30:24.0867 5220 ALG - ok
07:30:24.0945 5220 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
07:30:24.0945 5220 aliide - ok
07:30:24.0976 5220 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
07:30:24.0976 5220 amdide - ok
07:30:25.0023 5220 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
07:30:25.0023 5220 AmdK8 - ok
07:30:25.0039 5220 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
07:30:25.0039 5220 AmdPPM - ok
07:30:25.0132 5220 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
07:30:25.0132 5220 amdsata - ok
07:30:25.0179 5220 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
07:30:25.0179 5220 amdsbs - ok
07:30:25.0241 5220 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
07:30:25.0241 5220 amdxata - ok
07:30:25.0319 5220 AMPPAL (b147910d07f862f1f5b7b80bf5d800bf) C:\Windows\system32\DRIVERS\AMPPAL.sys
07:30:25.0335 5220 AMPPAL - ok
07:30:25.0460 5220 AMPPALP (b147910d07f862f1f5b7b80bf5d800bf) C:\Windows\system32\DRIVERS\amppal.sys
07:30:25.0475 5220 AMPPALP - ok
07:30:25.0928 5220 AMPPALR3 (86dc20ff914596983023e9e4544667ee) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
07:30:25.0928 5220 AMPPALR3 - ok
07:30:26.0084 5220 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
07:30:26.0115 5220 AppID - ok
07:30:26.0146 5220 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
07:30:26.0146 5220 AppIDSvc - ok
07:30:26.0240 5220 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
07:30:26.0240 5220 Appinfo - ok
07:30:26.0443 5220 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
07:30:26.0458 5220 AppMgmt - ok
07:30:26.0536 5220 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
07:30:26.0536 5220 arc - ok
07:30:26.0583 5220 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
07:30:26.0583 5220 arcsas - ok
07:30:26.0692 5220 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
07:30:26.0692 5220 ASLDRService - ok
07:30:26.0708 5220 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
07:30:26.0708 5220 ASMMAP64 - ok
07:30:26.0770 5220 assd (a7e7ae771a2fcdbd5f28910a38d9a82c) C:\Windows\system32\drivers\assd.sys
07:30:26.0770 5220 assd - ok
07:30:26.0817 5220 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
07:30:26.0817 5220 AsyncMac - ok
07:30:26.0926 5220 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
07:30:26.0926 5220 atapi - ok
07:30:26.0973 5220 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
07:30:26.0989 5220 ATKGFNEXSrv - ok
07:30:27.0067 5220 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
07:30:27.0067 5220 ATKWMIACPIIO - ok
07:30:27.0191 5220 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:30:27.0207 5220 AudioEndpointBuilder - ok
07:30:27.0223 5220 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:30:27.0238 5220 AudioSrv - ok
07:30:27.0379 5220 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
07:30:27.0410 5220 AxInstSV - ok
07:30:27.0550 5220 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
07:30:27.0550 5220 b06bdrv - ok
07:30:27.0800 5220 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
07:30:27.0815 5220 b57nd60a - ok
07:30:27.0878 5220 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
07:30:27.0878 5220 BDESVC - ok
07:30:27.0925 5220 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
07:30:27.0940 5220 Beep - ok
07:30:28.0112 5220 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
07:30:28.0143 5220 BFE - ok
07:30:28.0283 5220 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
07:30:28.0315 5220 BITS - ok
07:30:28.0393 5220 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
07:30:28.0393 5220 blbdrive - ok
07:30:28.0471 5220 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
07:30:28.0471 5220 bowser - ok
07:30:28.0611 5220 bpenum (0aa04e09c6b7cd806a64489c3078e6e1) C:\Windows\system32\DRIVERS\bpenum.sys
07:30:28.0642 5220 bpenum - ok
07:30:28.0736 5220 bpmp (960f860f4c3c469bae94b3e867116ae0) C:\Windows\system32\DRIVERS\bpmp.sys
07:30:28.0736 5220 bpmp - ok
07:30:28.0798 5220 bpusb (7959ec01d55b9d838c27d5153cf55858) C:\Windows\system32\Drivers\bpusb.sys
07:30:28.0814 5220 bpusb - ok
07:30:28.0861 5220 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
07:30:28.0861 5220 BrFiltLo - ok
07:30:28.0892 5220 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
07:30:28.0892 5220 BrFiltUp - ok
07:30:29.0032 5220 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
07:30:29.0063 5220 Browser - ok
07:30:29.0173 5220 BrSerIb (e5e9b1625a767ceb6f319c12d33eab78) C:\Windows\system32\DRIVERS\BrSerIb.sys
07:30:29.0188 5220 BrSerIb - ok
07:30:29.0375 5220 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
07:30:29.0391 5220 Brserid - ok
07:30:29.0422 5220 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
07:30:29.0422 5220 BrSerWdm - ok
07:30:29.0438 5220 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:30:29.0438 5220 BrUsbMdm - ok
07:30:29.0469 5220 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
07:30:29.0469 5220 BrUsbSer - ok
07:30:29.0516 5220 BrUsbSIb (d9f6b30ad93cbd165ec71fadf51df25e) C:\Windows\system32\DRIVERS\BrUsbSIb.sys
07:30:29.0516 5220 BrUsbSIb - ok
07:30:29.0656 5220 BrYNSvc (ea7e57f87d6fee5fd6c5f813c04e8cd2) C:\Program Files (x86)\Browny02\BrYNSvc.exe
07:30:29.0656 5220 BrYNSvc - ok
07:30:29.0750 5220 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
07:30:29.0750 5220 BTHMODEM - ok
07:30:29.0797 5220 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
07:30:29.0797 5220 bthserv - ok
07:30:29.0968 5220 BTHSSecurityMgr (34c60d1f16d8fe67277dbb9d7e59f89d) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
07:30:29.0968 5220 BTHSSecurityMgr - ok
07:30:30.0015 5220 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
07:30:30.0015 5220 cdfs - ok
07:30:30.0124 5220 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
07:30:30.0124 5220 cdrom - ok
07:30:30.0249 5220 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:30:30.0249 5220 CertPropSvc - ok
07:30:30.0327 5220 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
07:30:30.0327 5220 circlass - ok
07:30:30.0421 5220 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
07:30:30.0421 5220 CLFS - ok
07:30:30.0577 5220 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:30:30.0577 5220 clr_optimization_v2.0.50727_32 - ok
07:30:30.0701 5220 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:30:30.0701 5220 clr_optimization_v2.0.50727_64 - ok
07:30:30.0779 5220 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:30:30.0779 5220 clr_optimization_v4.0.30319_32 - ok
07:30:30.0826 5220 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:30:30.0826 5220 clr_optimization_v4.0.30319_64 - ok
07:30:30.0873 5220 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
07:30:30.0873 5220 CmBatt - ok
07:30:30.0904 5220 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
07:30:30.0904 5220 cmdide - ok
07:30:30.0982 5220 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
07:30:30.0998 5220 CNG - ok
07:30:31.0060 5220 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
07:30:31.0060 5220 Compbatt - ok
07:30:31.0107 5220 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
07:30:31.0123 5220 CompositeBus - ok
07:30:31.0123 5220 COMSysApp - ok
07:30:31.0466 5220 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe
07:30:31.0466 5220 cphs - ok
07:30:31.0481 5220 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
07:30:31.0481 5220 crcdisk - ok
07:30:31.0606 5220 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
07:30:31.0622 5220 CryptSvc - ok
07:30:31.0762 5220 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
07:30:31.0778 5220 CSC - ok
07:30:31.0871 5220 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
07:30:31.0934 5220 CscService - ok
07:30:32.0059 5220 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
07:30:32.0059 5220 dc3d - ok
07:30:32.0199 5220 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:30:32.0215 5220 DcomLaunch - ok
07:30:32.0339 5220 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
07:30:32.0371 5220 defragsvc - ok
07:30:32.0417 5220 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
07:30:32.0417 5220 DfsC - ok
07:30:32.0527 5220 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
07:30:32.0542 5220 Dhcp - ok
07:30:32.0589 5220 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
07:30:32.0636 5220 discache - ok
07:30:32.0745 5220 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
07:30:32.0776 5220 Disk - ok
07:30:33.0088 5220 DMAgent (948e8b99bd47a53dcffbf07ec8a2cf58) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
07:30:33.0104 5220 DMAgent - ok
07:30:33.0416 5220 DMDefragService (2d124258a5a85169fe71b1dbf82be913) C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
07:30:33.0431 5220 DMDefragService - ok
07:30:33.0665 5220 DMRepairService (fd8d3e2e706bda77a84588637560ade2) C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
07:30:33.0712 5220 DMRepairService - ok
07:30:34.0009 5220 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
07:30:34.0024 5220 dmvsc - ok
07:30:34.0087 5220 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
07:30:34.0087 5220 Dnscache - ok
07:30:34.0149 5220 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
07:30:34.0149 5220 dot3svc - ok
07:30:34.0211 5220 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
07:30:34.0211 5220 Dot4 - ok
07:30:34.0243 5220 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
07:30:34.0243 5220 Dot4Print - ok
07:30:34.0305 5220 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
07:30:34.0305 5220 dot4usb - ok
07:30:34.0523 5220 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
07:30:34.0539 5220 DPS - ok
07:30:34.0617 5220 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
07:30:34.0617 5220 drmkaud - ok
07:30:34.0789 5220 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
07:30:34.0820 5220 DXGKrnl - ok
07:30:34.0882 5220 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
07:30:34.0882 5220 EapHost - ok
07:30:35.0225 5220 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
07:30:35.0335 5220 ebdrv - ok
07:30:35.0615 5220 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
07:30:35.0615 5220 EFS - ok
07:30:35.0803 5220 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
07:30:35.0834 5220 ehRecvr - ok
07:30:35.0865 5220 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
07:30:35.0881 5220 ehSched - ok
07:30:36.0146 5220 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
07:30:36.0146 5220 elxstor - ok
07:30:36.0177 5220 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
07:30:36.0177 5220 ErrDev - ok
07:30:36.0364 5220 ETD (5b042aa9cebdab5b61e747ddcebff51b) C:\Windows\system32\DRIVERS\ETD.sys
07:30:36.0380 5220 ETD - ok
07:30:36.0583 5220 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
07:30:36.0598 5220 EventSystem - ok
07:30:36.0926 5220 EvtEng (3a65d4af876f6cd47b22aa93a31e4646) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
07:30:36.0941 5220 EvtEng - ok
07:30:37.0035 5220 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
07:30:37.0051 5220 exfat - ok
07:30:37.0082 5220 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
07:30:37.0082 5220 fastfat - ok
07:30:37.0207 5220 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
07:30:37.0222 5220 Fax - ok
07:30:37.0285 5220 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
07:30:37.0285 5220 fdc - ok
07:30:37.0316 5220 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
07:30:37.0316 5220 fdPHost - ok
07:30:37.0347 5220 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
07:30:37.0347 5220 FDResPub - ok
07:30:37.0378 5220 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
07:30:37.0378 5220 FileInfo - ok
07:30:37.0394 5220 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
07:30:37.0394 5220 Filetrace - ok
07:30:37.0472 5220 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
07:30:37.0503 5220 flpydisk - ok
07:30:37.0550 5220 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
07:30:37.0565 5220 FltMgr - ok
07:30:37.0643 5220 FLxHCIc (7de8a770487fc4b5e3a168ad97e1d370) C:\Windows\system32\DRIVERS\FLxHCIc.sys
07:30:37.0690 5220 FLxHCIc - ok
07:30:37.0721 5220 FLxHCIh (2d54a3319fc955029e4b371cdc088ff4) C:\Windows\system32\DRIVERS\FLxHCIh.sys
07:30:37.0737 5220 FLxHCIh - ok
07:30:37.0862 5220 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
07:30:37.0877 5220 FontCache - ok
07:30:38.0002 5220 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:30:38.0002 5220 FontCache3.0.0.0 - ok
07:30:38.0080 5220 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
07:30:38.0111 5220 FsDepends - ok
07:30:38.0143 5220 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
07:30:38.0158 5220 Fs_Rec - ok
07:30:38.0330 5220 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
07:30:38.0377 5220 fvevol - ok
07:30:38.0392 5220 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
07:30:38.0392 5220 gagp30kx - ok
07:30:38.0533 5220 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
07:30:38.0595 5220 gpsvc - ok
07:30:38.0891 5220 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:30:38.0907 5220 gupdate - ok
07:30:39.0001 5220 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:30:39.0001 5220 gupdatem - ok
07:30:39.0047 5220 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
07:30:39.0047 5220 hcw85cir - ok
07:30:39.0157 5220 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
07:30:39.0172 5220 HdAudAddService - ok
07:30:39.0297 5220 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:30:39.0313 5220 HDAudBus - ok
07:30:39.0328 5220 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
07:30:39.0328 5220 HidBatt - ok
07:30:39.0375 5220 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
07:30:39.0375 5220 HidBth - ok
07:30:39.0406 5220 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
07:30:39.0437 5220 HidIr - ok
07:30:39.0515 5220 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
07:30:39.0515 5220 hidserv - ok
07:30:39.0625 5220 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
07:30:39.0625 5220 HidUsb - ok
07:30:39.0671 5220 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
07:30:39.0671 5220 hkmsvc - ok
07:30:39.0703 5220 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
07:30:39.0718 5220 HomeGroupListener - ok
07:30:39.0781 5220 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
07:30:39.0796 5220 HomeGroupProvider - ok
07:30:39.0874 5220 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
07:30:39.0905 5220 HpSAMD - ok
07:30:39.0983 5220 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
07:30:39.0983 5220 HTCAND64 - ok
07:30:40.0093 5220 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
07:30:40.0124 5220 htcnprot - ok
07:30:40.0264 5220 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
07:30:40.0373 5220 HTTP - ok
07:30:40.0389 5220 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
07:30:40.0389 5220 hwpolicy - ok
07:30:40.0451 5220 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
07:30:40.0483 5220 i8042prt - ok
07:30:40.0639 5220 iaStor (d1753c06ee17e29352b065eacf3f10d0) C:\Windows\system32\DRIVERS\iaStor.sys
07:30:40.0639 5220 iaStor - ok
07:30:40.0748 5220 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
07:30:40.0763 5220 iaStorV - ok
07:30:40.0982 5220 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:30:41.0029 5220 idsvc - ok
07:30:42.0105 5220 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys
07:30:42.0386 5220 igfx - ok
07:30:42.0682 5220 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
07:30:42.0713 5220 iirsp - ok
07:30:42.0838 5220 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
07:30:42.0854 5220 IKEEXT - ok
07:30:42.0947 5220 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys
07:30:42.0947 5220 intaud_WaveExtensible - ok
07:30:43.0275 5220 IntcAzAudAddService (5205de9bd47f633e06ef3ef3de11ef99) C:\Windows\system32\drivers\RTKVHD64.sys
07:30:43.0369 5220 IntcAzAudAddService - ok
07:30:43.0618 5220 IntcDAud (6c9fffeca9fed31347d211c5d1ffbd2d) C:\Windows\system32\DRIVERS\IntcDAud.sys
07:30:43.0618 5220 IntcDAud - ok
07:30:43.0649 5220 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
07:30:43.0649 5220 intelide - ok
07:30:43.0696 5220 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
07:30:43.0696 5220 intelppm - ok
07:30:43.0837 5220 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
07:30:43.0852 5220 IPBusEnum - ok
07:30:43.0899 5220 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:30:43.0899 5220 IpFilterDriver - ok
07:30:44.0008 5220 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
07:30:44.0039 5220 iphlpsvc - ok
07:30:44.0086 5220 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
07:30:44.0102 5220 IPMIDRV - ok
07:30:44.0195 5220 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
07:30:44.0195 5220 IPNAT - ok
07:30:44.0227 5220 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
07:30:44.0227 5220 IRENUM - ok
07:30:44.0242 5220 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
07:30:44.0242 5220 isapnp - ok
07:30:44.0383 5220 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
07:30:44.0398 5220 iScsiPrt - ok
07:30:44.0476 5220 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys
07:30:44.0476 5220 iwdbus - ok
07:30:44.0507 5220 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
07:30:44.0507 5220 kbdclass - ok
07:30:44.0554 5220 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
07:30:44.0554 5220 kbdhid - ok
07:30:44.0601 5220 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
07:30:44.0601 5220 kbfiltr - ok
07:30:44.0648 5220 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:30:44.0648 5220 KeyIso - ok
07:30:44.0710 5220 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
07:30:44.0741 5220 KSecDD - ok
07:30:44.0773 5220 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
07:30:44.0773 5220 KSecPkg - ok
07:30:44.0819 5220 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
07:30:44.0819 5220 ksthunk - ok
07:30:44.0913 5220 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
07:30:44.0913 5220 KtmRm - ok
07:30:45.0038 5220 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys
07:30:45.0100 5220 L1C - ok
07:30:45.0147 5220 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
07:30:45.0163 5220 LanmanServer - ok
07:30:45.0241 5220 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
07:30:45.0256 5220 LanmanWorkstation - ok
07:30:45.0506 5220 LBTServ (7772dfab22611050b79504e671b06e6e) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
07:30:45.0521 5220 LBTServ - ok
07:30:45.0584 5220 LEqdUsb (ed7ec050cd6c20e1a93a4dafb7efd14d) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
07:30:45.0584 5220 LEqdUsb - ok
07:30:45.0631 5220 LHidEqd (3267bc698e29474a8381e68904eb0390) C:\Windows\system32\DRIVERS\LHidEqd.Sys
07:30:45.0646 5220 LHidEqd - ok
07:30:45.0693 5220 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
07:30:45.0693 5220 LHidFilt - ok
07:30:45.0740 5220 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
07:30:45.0740 5220 lltdio - ok
07:30:45.0818 5220 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
07:30:45.0818 5220 lltdsvc - ok
07:30:45.0849 5220 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
07:30:45.0849 5220 lmhosts - ok
07:30:45.0911 5220 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
07:30:45.0911 5220 LMouFilt - ok
07:30:45.0974 5220 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
07:30:45.0989 5220 LSI_FC - ok
07:30:46.0021 5220 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
07:30:46.0021 5220 LSI_SAS - ok
07:30:46.0067 5220 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
07:30:46.0067 5220 LSI_SAS2 - ok
07:30:46.0114 5220 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
07:30:46.0145 5220 LSI_SCSI - ok
07:30:46.0208 5220 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
07:30:46.0208 5220 luafv - ok
07:30:46.0520 5220 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
07:30:46.0551 5220 MBAMProtector - ok
07:30:46.0988 5220 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
07:30:47.0003 5220 MBAMService - ok
07:30:47.0097 5220 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
07:30:47.0097 5220 Mcx2Svc - ok
07:30:47.0159 5220 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
07:30:47.0159 5220 megasas - ok
07:30:47.0347 5220 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
07:30:47.0362 5220 MegaSR - ok
07:30:47.0409 5220 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
07:30:47.0409 5220 MEIx64 - ok
07:30:47.0487 5220 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:30:47.0503 5220 MMCSS - ok
07:30:47.0518 5220 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
07:30:47.0518 5220 Modem - ok
07:30:47.0581 5220 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
07:30:47.0596 5220 monitor - ok
07:30:47.0612 5220 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
07:30:47.0627 5220 mouclass - ok
07:30:47.0643 5220 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
07:30:47.0643 5220 mouhid - ok
07:30:47.0705 5220 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
07:30:47.0705 5220 mountmgr - ok
07:30:47.0861 5220 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
07:30:47.0877 5220 MpFilter - ok
07:30:47.0939 5220 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
07:30:47.0955 5220 mpio - ok
07:30:48.0142 5220 MpKsl420009e3 - ok
07:30:48.0173 5220 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
07:30:48.0173 5220 mpsdrv - ok
07:30:48.0329 5220 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
07:30:48.0345 5220 MpsSvc - ok
07:30:48.0501 5220 MREMP50 - ok
07:30:48.0626 5220 MREMP50a64 - ok
07:30:48.0641 5220 MREMPR5 - ok
07:30:48.0641 5220 MRENDIS5 - ok
07:30:48.0719 5220 MRESP50 - ok
07:30:48.0735 5220 MRESP50a64 - ok
07:30:48.0782 5220 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
07:30:48.0797 5220 MRxDAV - ok
07:30:48.0844 5220 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:30:48.0860 5220 mrxsmb - ok
07:30:48.0969 5220 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:30:48.0969 5220 mrxsmb10 - ok
07:30:49.0031 5220 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:30:49.0063 5220 mrxsmb20 - ok
07:30:49.0141 5220 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
07:30:49.0141 5220 msahci - ok
07:30:49.0219 5220 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
07:30:49.0219 5220 msdsm - ok
07:30:49.0359 5220 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
07:30:49.0375 5220 MSDTC - ok
07:30:49.0437 5220 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
07:30:49.0437 5220 Msfs - ok
07:30:49.0468 5220 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
07:30:49.0484 5220 mshidkmdf - ok
07:30:49.0500 5220 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
07:30:49.0500 5220 msisadrv - ok
07:30:49.0562 5220 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
07:30:49.0578 5220 MSiSCSI - ok
07:30:49.0578 5220 msiserver - ok
07:30:49.0656 5220 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
07:30:49.0656 5220 MSKSSRV - ok
07:30:49.0812 5220 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:30:49.0812 5220 MsMpSvc - ok
07:30:49.0843 5220 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
07:30:49.0858 5220 MSPCLOCK - ok
07:30:49.0890 5220 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
07:30:49.0890 5220 MSPQM - ok
07:30:50.0014 5220 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
07:30:50.0046 5220 MsRPC - ok
07:30:50.0077 5220 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
07:30:50.0077 5220 mssmbios - ok
07:30:50.0108 5220 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
07:30:50.0108 5220 MSTEE - ok
07:30:50.0202 5220 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
07:30:50.0202 5220 MTConfig - ok
07:30:50.0217 5220 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
07:30:50.0217 5220 Mup - ok
07:30:50.0498 5220 MxEFUF (08835780cc6a5cff5275101b5a9d17a4) C:\Windows\system32\DRIVERS\MxEFUF64.sys
07:30:50.0529 5220 MxEFUF - ok
07:30:51.0153 5220 MyWiFiDHCPDNS (22299bbed2fd0dffc0fa1d46496c6d19) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
07:30:51.0294 5220 MyWiFiDHCPDNS - ok
07:30:51.0403 5220 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
07:30:51.0418 5220 napagent - ok
07:30:51.0637 5220 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
07:30:51.0668 5220 NativeWifiP - ok
07:30:51.0902 5220 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
07:30:51.0933 5220 NDIS - ok
07:30:51.0996 5220 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
07:30:51.0996 5220 NdisCap - ok
07:30:52.0074 5220 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
07:30:52.0089 5220 NdisTapi - ok
07:30:52.0152 5220 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
07:30:52.0152 5220 Ndisuio - ok
07:30:52.0183 5220 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
07:30:52.0183 5220 NdisWan - ok
07:30:52.0214 5220 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
07:30:52.0214 5220 NDProxy - ok
07:30:52.0261 5220 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
07:30:52.0261 5220 NetBIOS - ok
07:30:52.0323 5220 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
07:30:52.0339 5220 NetBT - ok
07:30:52.0401 5220 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:30:52.0401 5220 Netlogon - ok
07:30:52.0573 5220 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
07:30:52.0588 5220 Netman - ok
07:30:52.0776 5220 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
07:30:52.0822 5220 netprofm - ok
07:30:52.0994 5220 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:30:53.0025 5220 NetTcpPortSharing - ok
07:30:53.0836 5220 NETwNs64 (262225f08b891fd7f16b3b93a3177c1f) C:\Windows\system32\DRIVERS\Netwsw00.sys
07:30:54.0070 5220 NETwNs64 - ok
07:30:54.0460 5220 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
07:30:54.0460 5220 nfrd960 - ok
07:30:54.0694 5220 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:30:54.0726 5220 NisDrv - ok
07:30:55.0256 5220 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
07:30:55.0365 5220 NisSrv - ok
07:30:55.0443 5220 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
07:30:55.0443 5220 NlaSvc - ok
07:30:55.0506 5220 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
07:30:55.0521 5220 Npfs - ok
07:30:55.0568 5220 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
07:30:55.0584 5220 nsi - ok
07:30:55.0662 5220 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
07:30:55.0677 5220 nsiproxy - ok
07:30:55.0880 5220 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
07:30:55.0927 5220 Ntfs - ok
07:30:56.0223 5220 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
07:30:56.0223 5220 Null - ok
07:30:56.0301 5220 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
07:30:56.0301 5220 nvraid - ok
07:30:56.0395 5220 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
07:30:56.0426 5220 nvstor - ok
07:30:56.0504 5220 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
07:30:56.0504 5220 nv_agp - ok
07:30:56.0535 5220 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
07:30:56.0535 5220 ohci1394 - ok
07:30:56.0956 5220 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:30:57.0034 5220 ose - ok
07:30:57.0643 5220 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:30:57.0674 5220 osppsvc - ok
07:30:57.0986 5220 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:30:58.0033 5220 p2pimsvc - ok
07:30:58.0298 5220 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
07:30:58.0314 5220 p2psvc - ok
07:30:58.0579 5220 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
07:30:58.0610 5220 Parport - ok
07:30:58.0797 5220 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
07:30:58.0828 5220 partmgr - ok
07:30:58.0984 5220 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
07:30:58.0984 5220 PassThru Service - ok
07:30:59.0047 5220 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
07:30:59.0062 5220 PcaSvc - ok
07:30:59.0109 5220 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
07:30:59.0109 5220 pci - ok
07:30:59.0140 5220 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
07:30:59.0140 5220 pciide - ok
07:30:59.0312 5220 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
07:30:59.0359 5220 pcmcia - ok
07:30:59.0468 5220 PCTDMDefrag (fc507b2c75be6aea3ded5582cd3c9990) C:\Windows\system32\drivers\PCTDMDefrag.sys
07:30:59.0468 5220 PCTDMDefrag - ok
07:30:59.0530 5220 PCTDSMon (dd8798daefdac380de4d9c5dcb619d67) C:\Windows\system32\drivers\PCTDSMon.sys
07:30:59.0546 5220 PCTDSMon - ok
07:30:59.0827 5220 PCToolsSSDMonitorSvc (fc0b1577c1eb68b29ffb1af726558297) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
07:30:59.0874 5220 PCToolsSSDMonitorSvc - ok
07:30:59.0920 5220 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
07:30:59.0920 5220 pcw - ok
07:31:00.0123 5220 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
07:31:00.0170 5220 PEAUTH - ok
07:31:00.0763 5220 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
07:31:00.0810 5220 PeerDistSvc - ok
07:31:00.0934 5220 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
07:31:00.0934 5220 PerfHost - ok
07:31:01.0512 5220 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
07:31:01.0543 5220 pla - ok
07:31:01.0839 5220 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
07:31:01.0870 5220 PlugPlay - ok
07:31:02.0136 5220 PMBDeviceInfoProvider (3072137896bfccf4b190d248f583b48e) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
07:31:02.0151 5220 PMBDeviceInfoProvider - ok
07:31:02.0198 5220 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
07:31:02.0214 5220 PNRPAutoReg - ok
07:31:02.0260 5220 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:31:02.0276 5220 PNRPsvc - ok
07:31:02.0463 5220 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
07:31:02.0479 5220 Point64 - ok
07:31:03.0087 5220 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
07:31:03.0150 5220 PolicyAgent - ok
07:31:03.0321 5220 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
07:31:03.0352 5220 Power - ok
07:31:03.0462 5220 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
07:31:03.0462 5220 PptpMiniport - ok
07:31:03.0524 5220 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
07:31:03.0524 5220 Processor - ok
07:31:03.0680 5220 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
07:31:03.0680 5220 ProfSvc - ok
07:31:03.0758 5220 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:31:03.0758 5220 ProtectedStorage - ok
07:31:03.0820 5220 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
07:31:03.0820 5220 Psched - ok
07:31:03.0852 5220 PxHelp20 - ok
07:31:03.0914 5220 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
07:31:03.0914 5220 PxHlpa64 - ok
07:31:04.0101 5220 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
07:31:04.0164 5220 ql2300 - ok
07:31:04.0554 5220 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
07:31:04.0569 5220 ql40xx - ok
07:31:04.0694 5220 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
07:31:04.0694 5220 QWAVE - ok
07:31:04.0756 5220 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
07:31:04.0756 5220 QWAVEdrv - ok
07:31:04.0788 5220 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
07:31:04.0788 5220 RasAcd - ok
07:31:04.0897 5220 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:31:04.0928 5220 RasAgileVpn - ok
07:31:05.0115 5220 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
07:31:05.0162 5220 RasAuto - ok
07:31:05.0334 5220 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:31:05.0365 5220 Rasl2tp - ok
07:31:05.0412 5220 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
07:31:05.0427 5220 RasMan - ok
07:31:05.0552 5220 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
07:31:05.0599 5220 RasPppoe - ok
07:31:05.0739 5220 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
07:31:05.0817 5220 RasSstp - ok
07:31:05.0958 5220 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
07:31:05.0973 5220 rdbss - ok
07:31:06.0004 5220 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
07:31:06.0004 5220 rdpbus - ok
07:31:06.0036 5220 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:31:06.0036 5220 RDPCDD - ok
07:31:06.0098 5220 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
07:31:06.0114 5220 RDPDR - ok
07:31:06.0129 5220 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
07:31:06.0129 5220 RDPENCDD - ok
07:31:06.0160 5220 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
07:31:06.0160 5220 RDPREFMP - ok
07:31:06.0223 5220 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
07:31:06.0238 5220 RDPWD - ok
07:31:06.0332 5220 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
07:31:06.0348 5220 rdyboost - ok
07:31:06.0488 5220 RegSrvc (b29f5bd169cddee1049015255e7e3fbd) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
07:31:06.0488 5220 RegSrvc - ok
07:31:06.0519 5220 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
07:31:06.0535 5220 RemoteAccess - ok
07:31:06.0644 5220 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
07:31:06.0660 5220 RemoteRegistry - ok
07:31:06.0706 5220 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
07:31:06.0706 5220 RpcEptMapper - ok
07:31:06.0769 5220 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
07:31:06.0769 5220 RpcLocator - ok
07:31:07.0237 5220 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:31:07.0237 5220 RpcSs - ok
07:31:07.0393 5220 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
07:31:07.0424 5220 rspndr - ok
07:31:07.0455 5220 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
07:31:07.0471 5220 s3cap - ok
07:31:07.0502 5220 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:31:07.0502 5220 SamSs - ok
07:31:07.0596 5220 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
07:31:07.0596 5220 SASDIFSV - ok
07:31:07.0642 5220 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
07:31:07.0642 5220 SASKUTIL - ok
07:31:07.0720 5220 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
07:31:07.0752 5220 sbp2port - ok
07:31:07.0783 5220 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
07:31:08.0048 5220 SCardSvr - ok
07:31:08.0173 5220 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
07:31:08.0204 5220 scfilter - ok
07:31:08.0360 5220 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
07:31:08.0407 5220 Schedule - ok
07:31:08.0438 5220 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:31:08.0438 5220 SCPolicySvc - ok
07:31:08.0485 5220 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
07:31:08.0485 5220 SDRSVC - ok
07:31:08.0656 5220 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
07:31:08.0672 5220 secdrv - ok
07:31:08.0703 5220 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
07:31:08.0703 5220 seclogon - ok
07:31:08.0734 5220 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
07:31:08.0734 5220 SENS - ok
07:31:08.0812 5220 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
07:31:08.0812 5220 SensrSvc - ok
07:31:08.0844 5220 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
07:31:08.0844 5220 Serenum - ok
07:31:08.0859 5220 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
07:31:08.0875 5220 Serial - ok
07:31:08.0890 5220 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
07:31:08.0890 5220 sermouse - ok
07:31:08.0968 5220 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
07:31:08.0984 5220 SessionEnv - ok
07:31:09.0015 5220 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
07:31:09.0015 5220 sffdisk - ok
07:31:09.0062 5220 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
07:31:09.0062 5220 sffp_mmc - ok
07:31:09.0062 5220 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
07:31:09.0062 5220 sffp_sd - ok
07:31:09.0109 5220 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
07:31:09.0109 5220 sfloppy - ok
07:31:09.0187 5220 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
07:31:09.0202 5220 SharedAccess - ok
07:31:09.0249 5220 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
07:31:09.0265 5220 ShellHWDetection - ok
07:31:09.0358 5220 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
07:31:09.0358 5220 SiSRaid2 - ok
07:31:09.0374 5220 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
07:31:09.0374 5220 SiSRaid4 - ok
07:31:09.0421 5220 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
07:31:09.0436 5220 Smb - ok
07:31:09.0514 5220 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
07:31:09.0530 5220 SNMPTRAP - ok
07:31:09.0546 5220 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
07:31:09.0577 5220 spldr - ok
07:31:09.0655 5220 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
07:31:09.0670 5220 Spooler - ok
07:31:09.0951 5220 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
07:31:10.0045 5220 sppsvc - ok
07:31:10.0232 5220 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
07:31:10.0232 5220 sppuinotify - ok
07:31:10.0794 5220 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
07:31:10.0809 5220 srv - ok
07:31:11.0199 5220 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
07:31:11.0230 5220 srv2 - ok
07:31:11.0308 5220 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
07:31:11.0308 5220 srvnet - ok
07:31:11.0371 5220 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
07:31:11.0386 5220 SSDPSRV - ok
07:31:11.0402 5220 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
07:31:11.0418 5220 SstpSvc - ok
07:31:11.0449 5220 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
07:31:11.0449 5220 stexstor - ok
07:31:11.0558 5220 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
07:31:11.0574 5220 stisvc - ok
07:31:11.0605 5220 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
07:31:11.0605 5220 storflt - ok
07:31:11.0636 5220 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
07:31:11.0636 5220 StorSvc - ok
07:31:11.0667 5220 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
07:31:11.0667 5220 storvsc - ok
07:31:11.0698 5220 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
07:31:11.0698 5220 swenum - ok
07:31:11.0776 5220 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
07:31:11.0792 5220 swprv - ok
07:31:11.0995 5220 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
07:31:12.0057 5220 SysMain - ok
07:31:12.0400 5220 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
07:31:12.0400 5220 TabletInputService - ok
07:31:12.0463 5220 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
07:31:12.0478 5220 TapiSrv - ok
07:31:12.0525 5220 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
07:31:12.0525 5220 TBS - ok
07:31:12.0837 5220 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
07:31:12.0868 5220 Tcpip - ok
07:31:13.0368 5220 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
07:31:13.0383 5220 TCPIP6 - ok
07:31:13.0945 5220 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
07:31:13.0945 5220 tcpipreg - ok
07:31:13.0960 5220 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
07:31:13.0976 5220 TDPIPE - ok
07:31:13.0992 5220 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
07:31:13.0992 5220 TDTCP - ok
07:31:14.0116 5220 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
07:31:14.0148 5220 tdx - ok
07:31:14.0179 5220 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
07:31:14.0179 5220 TermDD - ok
07:31:14.0366 5220 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
07:31:14.0397 5220 TermService - ok
07:31:14.0475 5220 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
07:31:14.0491 5220 Themes - ok
07:31:14.0522 5220 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:31:14.0522 5220 THREADORDER - ok
07:31:14.0584 5220 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
07:31:14.0584 5220 TrkWks - ok
07:31:14.0787 5220 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
07:31:14.0803 5220 TrustedInstaller - ok
07:31:14.0865 5220 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:31:14.0896 5220 tssecsrv - ok
07:31:14.0912 5220 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
07:31:14.0912 5220 TsUsbFlt - ok
07:31:14.0959 5220 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
07:31:14.0959 5220 TsUsbGD - ok
07:31:15.0084 5220 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
07:31:15.0099 5220 tunnel - ok
07:31:15.0162 5220 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
07:31:15.0177 5220 TurboB - ok
07:31:15.0333 5220 TurboBoost (6564e84b1522c12ea1c3a181ed03276f) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
07:31:15.0333 5220 TurboBoost - ok
07:31:15.0380 5220 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
07:31:15.0380 5220 uagp35 - ok
07:31:15.0442 5220 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
07:31:15.0442 5220 udfs - ok
07:31:15.0520 5220 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
07:31:15.0520 5220 UI0Detect - ok
07:31:15.0567 5220 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
07:31:15.0583 5220 uliagpkx - ok
07:31:15.0692 5220 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
07:31:15.0708 5220 umbus - ok
07:31:15.0723 5220 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
07:31:15.0723 5220 UmPass - ok
07:31:15.0801 5220 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
07:31:15.0801 5220 UmRdpService - ok
07:31:15.0848 5220 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
07:31:15.0864 5220 upnphost - ok
07:31:15.0988 5220 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
07:31:16.0020 5220 usbccgp - ok
07:31:16.0098 5220 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
07:31:16.0113 5220 usbcir - ok
07:31:16.0129 5220 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
07:31:16.0129 5220 usbehci - ok
07:31:16.0207 5220 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
07:31:16.0222 5220 usbhub - ok
07:31:16.0254 5220 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
07:31:16.0269 5220 usbohci - ok
07:31:16.0285 5220 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
07:31:16.0285 5220 usbprint - ok
07:31:16.0332 5220 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
07:31:16.0332 5220 usbscan - ok
07:31:16.0378 5220 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:31:16.0378 5220 USBSTOR - ok
07:31:16.0425 5220 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
07:31:16.0441 5220 usbuhci - ok
07:31:16.0519 5220 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
07:31:16.0519 5220 usbvideo - ok
07:31:16.0597 5220 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
07:31:16.0597 5220 UxSms - ok
07:31:16.0628 5220 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:31:16.0628 5220 VaultSvc - ok
07:31:16.0690 5220 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
07:31:16.0722 5220 vdrvroot - ok
07:31:16.0831 5220 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
07:31:16.0846 5220 vds - ok
07:31:16.0893 5220 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
07:31:16.0893 5220 vga - ok
07:31:16.0909 5220 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
07:31:16.0909 5220 VgaSave - ok
07:31:17.0127 5220 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
07:31:17.0158 5220 vhdmp - ok
07:31:17.0174 5220 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
07:31:17.0174 5220 viaide - ok
07:31:17.0330 5220 VideoAcceleratorService - ok
07:31:17.0377 5220 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
07:31:17.0377 5220 vmbus - ok
07:31:17.0424 5220 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
07:31:17.0424 5220 VMBusHID - ok
07:31:17.0502 5220 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
07:31:17.0533 5220 volmgr - ok
07:31:17.0782 5220 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
07:31:17.0814 5220 volmgrx - ok
07:31:17.0876 5220 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
07:31:17.0892 5220 volsnap - ok
07:31:17.0985 5220 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
07:31:17.0985 5220 vsmraid - ok
07:31:18.0250 5220 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
07:31:18.0328 5220 VSS - ok
07:31:18.0578 5220 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
07:31:18.0578 5220 vwifibus - ok
07:31:18.0609 5220 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
07:31:18.0609 5220 vwififlt - ok
07:31:18.0672 5220 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
07:31:18.0672 5220 vwifimp - ok
07:31:18.0921 5220 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
07:31:18.0952 5220 W32Time - ok
07:31:19.0015 5220 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
07:31:19.0062 5220 WacomPen - ok
07:31:19.0108 5220 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:31:19.0124 5220 WANARP - ok
07:31:19.0124 5220 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:31:19.0124 5220 Wanarpv6 - ok
07:31:19.0327 5220 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
07:31:19.0374 5220 WatAdminSvc - ok
07:31:19.0623 5220 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
07:31:19.0670 5220 wbengine - ok
07:31:19.0888 5220 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
07:31:19.0904 5220 WbioSrvc - ok
07:31:20.0169 5220 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
07:31:20.0216 5220 wcncsvc - ok
07:31:20.0278 5220 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
07:31:20.0278 5220 WcsPlugInService - ok
07:31:20.0450 5220 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
07:31:20.0450 5220 Wd - ok
07:31:20.0497 5220 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
07:31:20.0528 5220 WDC_SAM - ok
07:31:20.0684 5220 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
07:31:20.0700 5220 Wdf01000 - ok
07:31:20.0746 5220 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:31:20.0746 5220 WdiServiceHost - ok
07:31:20.0762 5220 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:31:20.0762 5220 WdiSystemHost - ok
07:31:20.0934 5220 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
07:31:20.0965 5220 WebClient - ok
07:31:21.0043 5220 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
07:31:21.0058 5220 Wecsvc - ok
07:31:21.0090 5220 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
07:31:21.0090 5220 wercplsupport - ok
07:31:21.0136 5220 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
07:31:21.0136 5220 WerSvc - ok
07:31:21.0246 5220 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
07:31:21.0246 5220 WfpLwf - ok
07:31:21.0464 5220 WiMAXAppSrv (81730f74eb47552f1ece857b2f491a31) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
07:31:21.0480 5220 WiMAXAppSrv - ok
07:31:21.0573 5220 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
07:31:21.0573 5220 WimFltr - ok
07:31:21.0620 5220 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
07:31:21.0620 5220 WIMMount - ok
07:31:21.0667 5220 WinDefend - ok
07:31:21.0667 5220 WinHttpAutoProxySvc - ok
07:31:21.0745 5220 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
07:31:21.0760 5220 Winmgmt - ok
07:31:22.0010 5220 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
07:31:22.0057 5220 WinRM - ok
07:31:22.0400 5220 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
07:31:22.0431 5220 Wlansvc - ok
07:31:22.0556 5220 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
07:31:22.0556 5220 WmiAcpi - ok
07:31:22.0806 5220 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
07:31:22.0806 5220 wmiApSrv - ok
07:31:22.0946 5220 WMPNetworkSvc - ok
07:31:23.0008 5220 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
07:31:23.0008 5220 WPCSvc - ok
07:31:23.0102 5220 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
07:31:23.0118 5220 WPDBusEnum - ok
07:31:23.0180 5220 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
07:31:23.0180 5220 ws2ifsl - ok
07:31:23.0274 5220 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
07:31:23.0305 5220 wscsvc - ok
07:31:23.0305 5220 WSearch - ok
07:31:23.0539 5220 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
07:31:23.0617 5220 wuauserv - ok
07:31:23.0882 5220 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
07:31:23.0882 5220 WudfPf - ok
07:31:24.0007 5220 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:31:24.0022 5220 WUDFRd - ok
07:31:24.0054 5220 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
07:31:24.0069 5220 wudfsvc - ok
07:31:24.0116 5220 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
07:31:24.0163 5220 WwanSvc - ok
07:31:24.0366 5220 XobniService (12f9ead58e8ca6c8377b0e61766c5a12) C:\Program Files (x86)\Xobni\XobniService.exe
07:31:24.0381 5220 XobniService - ok
07:31:25.0099 5220 ZeroConfigService (9e35c40b0952f27e3f57e8f1d449f0a0) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
07:31:25.0177 5220 ZeroConfigService - ok
07:31:25.0224 5220 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
07:31:27.0330 5220 \Device\Harddisk0\DR0 - ok
07:31:27.0361 5220 Boot (0x1200) (f7afff46909a6aeb9f315239fb227f48) \Device\Harddisk0\DR0\Partition0
07:31:27.0376 5220 \Device\Harddisk0\DR0\Partition0 - ok
07:31:27.0376 5220 ============================================================
07:31:27.0376 5220 Scan finished
07:31:27.0376 5220 ============================================================
07:31:27.0392 4280 Detected object count: 0
07:31:27.0392 4280 Actual detected object count: 0
07:31:55.0456 5932 Deinitialize success

Here's Avast:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-01 07:37:59
-----------------------------
07:37:59.449 OS Version: Windows x64 6.1.7601 Service Pack 1
07:37:59.449 Number of processors: 4 586 0x2A07
07:37:59.449 ComputerName: BTBRAUN_RSMC-PC UserName: btbraun_rsmc
07:38:02.351 Initialize success
07:39:30.700 AVAST engine defs: 12080100
07:39:53.803 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
07:39:53.819 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
07:39:53.834 Disk 0 MBR read successfully
07:39:53.850 Disk 0 MBR scan
07:39:53.959 Disk 0 Windows 7 default MBR code
07:39:53.975 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 34131 MB offset 2048
07:39:54.006 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 919737 MB offset 69902336
07:39:54.209 Disk 0 scanning C:\Windows\system32\drivers
07:40:17.032 Service scanning
07:41:33.316 Modules scanning
07:41:33.316 Disk 0 trace - called modules:
07:41:33.331 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
07:41:33.331 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e81060]
07:41:33.331 3 CLASSPNP.SYS[fffff88001c5143f] -> nt!IofCallDriver -> [0xfffffa80077bbe40]
07:41:33.331 5 ACPI.sys[fffff88000ef57a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80077bc050]
07:41:36.919 AVAST engine scan C:\Windows
07:41:45.312 AVAST engine scan C:\Windows\system32
07:50:33.997 AVAST engine scan C:\Windows\system32\drivers
07:51:15.977 AVAST engine scan C:\Users\btbraun_rsmc
08:08:09.210 AVAST engine scan C:\ProgramData
08:11:31.995 Scan finished successfully
08:14:19.742 Disk 0 MBR has been saved successfully to "C:\Users\btbraun_rsmc\Desktop\Computer Crap File\MBR.dat"
08:14:19.757 The log file has been saved successfully to "C:\Users\btbraun_rsmc\Desktop\Computer Crap File\aswMBR.txt"

And ESET:

C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined

Hope I did it right - please let me know if you see a mistake.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:03 AM

Posted 01 August 2012 - 12:38 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:11:03 PM

Posted 01 August 2012 - 01:04 PM

I am running Malwarebytes right now but I've run it several times in the last few days and it hasn't picked anything up. Assuming that the last 3 steps will make it possible to find something that was previously hidden - should I be running it in safe mode for the first scan?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:03 AM

Posted 01 August 2012 - 01:10 PM

Please run it.Regarding your original issue,CATROOT is a valid system folder.Let me know if you have any other issues.

#7 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:11:03 PM

Posted 01 August 2012 - 01:19 PM

Ok, it's running. I discovered that about the catroot file after posting. The strange thing is that it was moved into a sub file of a file created by me. At the same time my files were moving around into other files and then reorganized and then returned to their original state. I didnít see it happening but when I would return to the computer I could see changes. Might be important to note that I run Google Drive.

#8 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:11:03 PM

Posted 01 August 2012 - 05:19 PM

mbam:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.01.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
btbraun_rsmc :: BTBRAUN_RSMC-PC [administrator]

Protection: Enabled

8/1/2012 1:00:52 PM
mbam-log-2012-08-01 (13-00-52).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 382587
Time elapsed: 47 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

transam
Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

1

MiniToolBox by Farbar Version: 23-07-2012
Ran by btbraun_rsmc (administrator) on 01-08-2012 at 15:35:26
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 192.168.1.1:80

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® WiMAX 6150 = Local Area Connection 2 (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Intel® Centrino® Wireless-N 6150 = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled sourceroutingbehavior=drop
set subinterface interface=?>) subinterface=wireless_0 mtu=1500
set subinterface interface=?>) subinterface=ethernet_9 mtu=1400


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : btbraun_rsmc-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : clearwire-wmx.net

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : clearwire-wmx.net
Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6150
Physical Address. . . . . . . . . : 64-D4-DA-62-59-E7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c935:18a1:5466:133e%16(Preferred)
IPv4 Address. . . . . . . . . . . : 75.92.253.255(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.192.0
Lease Obtained. . . . . . . . . . : Wednesday, August 01, 2012 12:52:37 PM
Lease Expires . . . . . . . . . . : Thursday, August 02, 2012 12:52:37 PM
Default Gateway . . . . . . . . . : 75.92.192.1
DHCP Server . . . . . . . . . . . : 64.13.84.152
DHCPv6 IAID . . . . . . . . . . . : 291820762
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-0B-EB-09-54-04-A6-1C-36-18
DNS Servers . . . . . . . . . . . : 66.233.164.12
64.13.115.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 40-25-C2-72-25-85
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 40-25-C2-72-25-85
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 6150
Physical Address. . . . . . . . . : 40-25-C2-72-25-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 54-04-A6-1C-36-18
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B7E348B6-DD22-49B8-9431-2E52C3BE6958}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:4e9:1be3:b4a3:200(Preferred)
Link-local IPv6 Address . . . . . : fe80::4e9:1be3:b4a3:200%12(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{D536F0C2-267A-4273-8D91-DB47AB4EBF1F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.clearwire-wmx.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : clearwire-wmx.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . : clearwire-wmx.net
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:4b5c:fdff::4b5c:fdff(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 66.233.164.12
64.13.115.12
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{342BCBB0-FBCC-4C9E-A905-67B173BF325A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{DA2359A8-B239-4653-997A-67B203698C4C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 66.233.164.12

Name: google.com
Addresses: 2607:f8b0:4009:801::1000
74.125.225.72
74.125.225.70
74.125.225.69
74.125.225.67
74.125.225.64
74.125.225.78
74.125.225.71
74.125.225.68
74.125.225.73
74.125.225.65
74.125.225.66


Pinging google.com [74.125.225.73] with 32 bytes of data:
Reply from 74.125.225.73: bytes=32 time=97ms TTL=57
Reply from 74.125.225.73: bytes=32 time=71ms TTL=57

Ping statistics for 74.125.225.73:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 71ms, Maximum = 97ms, Average = 84ms
Server: UnKnown
Address: 66.233.164.12

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=175ms TTL=54
Reply from 98.139.183.24: bytes=32 time=186ms TTL=54

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 175ms, Maximum = 186ms, Average = 180ms
Server: UnKnown
Address: 66.233.164.12

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
16...64 d4 da 62 59 e7 ......Intel® Centrino® WiMAX 6150
15...40 25 c2 72 25 85 ......Microsoft Virtual WiFi Miniport Adapter #2
14...40 25 c2 72 25 85 ......Microsoft Virtual WiFi Miniport Adapter
13...40 25 c2 72 25 84 ......Intel® Centrino® Wireless-N 6150
11...54 04 a6 1c 36 18 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 75.92.192.1 75.92.253.255 20
75.92.192.0 255.255.192.0 On-link 75.92.253.255 276
75.92.253.255 255.255.255.255 On-link 75.92.253.255 276
75.92.255.255 255.255.255.255 On-link 75.92.253.255 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 75.92.253.255 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 75.92.253.255 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 1125 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:4e9:1be3:b4a3:200/128
On-link
17 1025 2002::/16 On-link
17 281 2002:4b5c:fdff::4b5c:fdff/128
On-link
16 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::4e9:1be3:b4a3:200/128
On-link
16 276 fe80::c935:18a1:5466:133e/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
16 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/01/2012 02:08:03 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/01 14:08:03.367]: [00004392]: Initialize TwdsMain Class failed!

Error: (08/01/2012 02:08:03 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/01 14:08:03.367]: [00004392]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/01/2012 02:04:01 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/01 14:04:01.871]: [00004392]: Initialize TwdsMain Class failed!

Error: (08/01/2012 02:04:01 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/01 14:04:01.871]: [00004392]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/01/2012 01:02:19 PM) (Source: Application Error) (User: )
Description: Faulting application name: LiveUpdt.exe, version: 2.0.0.0, time stamp: 0x4a6d7c8e
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0x1bb8
Faulting application start time: 0xLiveUpdt.exe0
Faulting application path: LiveUpdt.exe1
Faulting module path: LiveUpdt.exe2
Report Id: LiveUpdt.exe3

Error: (08/01/2012 00:56:53 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.62.0.87 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 988

Start Time: 01cd700ea1082373

Termination Time: 0

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id: 3ff9c967-dc02-11e1-8eff-5404a61c3618

Error: (08/01/2012 00:52:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 11:11:00 AM) (Source: Application Error) (User: )
Description: Faulting application name: LiveUpdt.exe, version: 2.0.0.0, time stamp: 0x4a6d7c8e
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0xf28
Faulting application start time: 0xLiveUpdt.exe0
Faulting application path: LiveUpdt.exe1
Faulting module path: LiveUpdt.exe2
Report Id: LiveUpdt.exe3

Error: (08/01/2012 10:51:01 AM) (Source: Application Error) (User: )
Description: Faulting application name: LiveUpdt.exe, version: 2.0.0.0, time stamp: 0x4a6d7c8e
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0x1650
Faulting application start time: 0xLiveUpdt.exe0
Faulting application path: LiveUpdt.exe1
Faulting module path: LiveUpdt.exe2
Report Id: LiveUpdt.exe3

Error: (08/01/2012 10:40:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/01/2012 00:52:03 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PxHelp20

Error: (08/01/2012 00:51:43 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\PxHelp20.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/01/2012 10:40:55 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PxHelp20

Error: (08/01/2012 10:40:08 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\PxHelp20.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/01/2012 09:43:40 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/01/2012 06:42:55 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PxHelp20

Error: (08/01/2012 06:42:31 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\PxHelp20.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/01/2012 06:32:17 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{D536F0C2-267A-4273-8D91-DB47AB4EBF1F}.
The backup browser is stopping.

Error: (07/31/2012 10:06:16 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{D536F0C2-267A-4273-8D91-DB47AB4EBF1F}.
The backup browser is stopping.

Error: (07/31/2012 09:20:50 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (08/01/2012 02:08:03 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/01 14:08:03.367]: [00004392]: Initialize TwdsMain Class failed!

Error: (08/01/2012 02:08:03 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/01 14:08:03.367]: [00004392]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/01/2012 02:04:01 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/01 14:04:01.871]: [00004392]: Initialize TwdsMain Class failed!

Error: (08/01/2012 02:04:01 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/01 14:04:01.871]: [00004392]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/01/2012 01:02:19 PM) (Source: Application Error)(User: )
Description: LiveUpdt.exe2.0.0.04a6d7c8entdll.dll6.1.7601.177254ec49b8fc00000050002e3be1bb801cd700fc9803d6bC:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exeC:\Windows\SysWOW64\ntdll.dll08a28057-dc03-11e1-8eff-5404a61c3618

Error: (08/01/2012 00:56:53 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.62.0.8798801cd700ea10823730C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe3ff9c967-dc02-11e1-8eff-5404a61c3618

Error: (08/01/2012 00:52:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2012 11:11:00 AM) (Source: Application Error)(User: )
Description: LiveUpdt.exe2.0.0.04a6d7c8entdll.dll6.1.7601.177254ec49b8fc00000050002e3bef2801cd70003cd28d90C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exeC:\Windows\SysWOW64\ntdll.dll7bd37d38-dbf3-11e1-b097-5404a61c3618

Error: (08/01/2012 10:51:01 AM) (Source: Application Error)(User: )
Description: LiveUpdt.exe2.0.0.04a6d7c8entdll.dll6.1.7601.177254ec49b8fc00000050002e3be165001cd6ffd7179dd86C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exeC:\Windows\SysWOW64\ntdll.dllb0d69d2a-dbf0-11e1-b097-5404a61c3618

Error: (08/01/2012 10:40:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe AIR (Version: 3.3.0.3670)
Adobe Community Help (Version: 3.5.23)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Photoshop Elements 10 (Version: 10.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.09)
Adobe Premiere Elements 10 (Version: 10.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Adobe Support Advisor (Version: 1.6.0)
Adobe Support Advisor (Version: 1.6.0.20110628)
Akamai NetSession Interface
Alcor Micro USB Card Reader (Version: 1.7.17.25416)
ASUS FancyStart (Version: 1.1.1)
ASUS LifeFrame3 (Version: 3.0.21)
ASUS Live Update (Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.43)
ASUS Secure Delete (Version: 1.00.0006)
ASUS SmartLogon (Version: 1.0.0011)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0033)
ASUS U Series ScreenSaver (Version: 1.0.0002)
ASUS USB Charger Plus (Version: 2.0.2)
ASUS Virtual Camera (Version: 1.0.21)
ATK Package (Version: 1.0.0008)
Brother MFL-Pro Suite MFC-7860DW (Version: 1.0.7.0)
C5150n - C5200n Series GDI Driver from OKIģ Printing Solutions for Windows (Version: 210)
CCleaner (Version: 3.18)
CutePDF Writer 2.8
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox (Version: 1.4.7)
eFax Messenger (Version: 4.4.1.528)
Elements 10 Organizer (Version: 10.0)
eReg (Version: 1.20.138.34)
erLT (Version: 1.20.0137)
ESET Online Scanner v3
ETDWare PS/2-X64 8.0.5.0_WHQL (Version: 8.0.5.0)
Fast Boot (Version: 1.0.10)
FLV Player
Fresco Logic USB3.0 Host Controller (Version: 3.0.119.1)
Google Cloud Connect for Microsoft Office (Version: 2.0.2662.0553)
Google Drive (Version: 1.2.3123.250)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.115)
HiJackThis (Version: 1.0.0)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.021)
HTC Sync (Version: 3.2.10)
Intel PROSet Wireless
Intel® Processor Graphics (Version: 8.15.10.2656)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.1.0170)
Intel® Turbo Boost Technology Monitor (Version: 1.0.400.4)
Intel® WiDi (Version: 2.1.35.0)
Intel® Wireless Display
Intelģ PROSet/Wireless WiFi Software (Version: 15.01.1500.1034)
Intelģ PROSet/Wireless WiMAX Software (Version: 6.02.0000)
InterActual Player
Internet Explorer (Enable DEP)
IrfanView (remove only) (Version: 4.32)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
Java™ 7 Update 3 (64-bit) (Version: 7.0.30)
Java™ 7 Update 5 (Version: 7.0.50)
LG SP USB Driver (Version: 1.0)
LG United Mobile Driver (Version: 3.6.0.0)
LinkedIn Outlook Connector (Version: 1.1.10.0)
Logitech SetPoint 6.32 (Version: 6.32.20)
Loki ActiveX Control (Version: 3.4.2.20)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Mathematics (64-bit) (Version: 4.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Communicator 2007 R2 (Version: 3.5.6907.253)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Facebook 32-bit (Version: 14.0.6114.5003)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10516.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC90_CRT_x86 (Version: 1.0.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
PaperPort Image Printer 64-bit (Version: 1.00.0000)
PC Tools Performance Toolkit 2.0 (Version: 2.0)
PDF-Viewer (Version: 2.5.204.0)
PlayMemories Home (Version: 6.3.00.04221)
Point (Version: 1.0.0.370)
Point 7.5 SP1 (Version: 7.5.1381)
Point 7.6 (Version: 7.6.1417)
Point 7.6 SP1 (Version: 7.6.1419)
Point Old Verison Clean up Tool
PRE10STI64Installer (Version: 1.0)
PSE10 STI Installer (Version: 10.0)
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
Realtek High Definition Audio Driver (Version: 6.0.1.6428)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.94 (Version: 1.94)
SceneSwitch (Version: 1.0.6)
SmartSound Common Data (Version: 1.1.0)
SmartSound Premiere Elements 10 x64 Plugin (Version: 5.70.0001)
SmartSound Sonicfire Pro 5 (Version: 5.7.1)
Sonic Focus (Version: 1.0.0.4)
Sony USB Driver (Version: 2.00)
SUPERAntiSpyware (Version: 5.0.1134)
swMSM (Version: 12.0.0.1)
System Requirements Lab for Intel (Version: 4.5.5.0)
TweakMASTER (Version: 3.14)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Windows 7 Codec Pack 4.0.2 (Version: 4.0.2)
WinFlash (Version: 2.31.1)
Wireless Console 3 (Version: 3.0.27)
WModem Driver Installer (Version: 2.0.6.9)
Xobni (Version: 2.0.3.13734)
Xobni Core (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 8102.76 MB
Available physical RAM: 5245.43 MB
Total Pagefile: 16203.71 MB
Available Pagefile: 13216 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.23 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:898.18 GB) (Free:674.88 GB) NTFS

========================= Users: ========================================

User accounts for \\BTBRAUN_RSMC-PC

Administrator btbraun_rsmc Guest


**** End of log ****

* I think this is the FFS - I had to leave and someone got on my computer so if this doesn't look right - please tell me.

C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined

Adware Cleaner:

# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : btbraun_rsmc - BTBRAUN_RSMC-PC
# Running from : C:\Users\btbraun_rsmc\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\btbraun_rsmc\AppData\Local\Babylon
Folder Found : C:\Users\btbraun_rsmc\AppData\Roaming\Babylon
Folder Found : C:\ProgramData\Babylon
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

Key Found : HKCU\Software\IGearSettings
[x64] Key Found : HKCU\Software\IGearSettings

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:03 AM

Posted 01 August 2012 - 05:38 PM

Any current issues?

#10 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:11:03 PM

Posted 01 August 2012 - 07:09 PM

It runs better but Iím still getting a few microsoft style popup requests for updates of printer drivers and Adobie Flash. It just started today in between the very first step and the second step.

I've updated directly from Adobie and I still get the message. I doubt that it's a coincidence that it happens the most on pages that either require a password or have a link to a page with a password request.

Itís fishing for passwords where before it was moving around inside the system looking for data and I think it may have been copying it. I don't think I'm completly out of the woods yet. What do you think?

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:03 AM

Posted 01 August 2012 - 07:14 PM

Lets have a deeper look

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users