Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Many Things


  • This topic is locked This topic is locked
19 replies to this topic

#1 babytequila03

babytequila03

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:09 AM

Posted 23 August 2012 - 05:15 PM

When I go to a certain website, I will have to refresh my computer several times, It will kick me off of yahoo messenger, and I even have to restart my computer.
I took my computer to the shop and its still doing the same thing. Im not sure if I have a virus. Thank you for reading and have a wonderful and blessed day.

Edited by babytequila03, 23 August 2012 - 05:23 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:09 AM

Posted 26 August 2012 - 11:59 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 babytequila03

babytequila03
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:09 AM

Posted 27 August 2012 - 04:27 PM

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by ik at 14:21:47 on 2012-08-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3895.2121 [GMT -7:00]
.
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
C:\windows\System32\rundll32.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Ares\Ares.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\ik\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\ik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\windows\system32\igfxext.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\wmiprvse.exe
C:\Users\ik\AppData\Local\RockMelt\Application\rockmelt.exe
C:\windows\system32\DllHost.exe
C:\Users\ik\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\ik\Downloads\Defogger (1).exe
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k defragsvc
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2830765
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearch Bar =
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.bigseekpro.com/ares001/{87751968-EFFF-4643-B5EF-2C7EA11119EC}
uInternet Settings,ProxyOverride = <local>
mSearchAssistant =
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Ploose Engine: {4728c29f-7ff4-4fa1-9d34-199451b03bd3} - mscoree.dll
BHO: Fast Search: {5ab7104a-b71f-49ad-9154-f7f8806ae848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.DLL
BHO: Special Savings: {74f475fa-6c75-43bd-aab9-ecda6184f600} - C:\Program Files (x86)\Superfish\Special Savings\SpecialSavings.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Browse For Change BHO: {912c156f-05cf-4b62-851a-96e167a677b0} - mscoree.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: !{06C7AD57-B655-418D-9AB8-9526A6D2E052} - No File
TB: !{99079a25-328f-4bd4-be04-00955acaa0a7} - No File
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {8C5878D0-6106-423B-AAA8-144C143DBF44} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
uRun: [Itibiti.exe] C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
uRun: [Facebook Update] "C:\Users\ik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
uRun: [Google Update] "C:\Users\ik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [RockMelt Update] "C:\Users\ik\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
uRun: [Spotify] "C:\Users\ik\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [Spotify Web Helper] "C:\Users\ik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun: [TaskTray]
mRun: [Ploose Updater] C:\Program Files (x86)\Ploose\PlooseUpdater.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [RMAlert] "C:\Program Files (x86)\Registry Mechanic\Alert.exe" /PRODUCT=RM /R
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\Superfish\Special Savings\SpecialSavings.dll
Trusted Zone: ccis.edu
Trusted Zone: ccis.edu\rd
Trusted Zone: ucourses.com\ccis
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{A73D470F-1F5B-492A-A55E-6519DBA1CDE1} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{A73D470F-1F5B-492A-A55E-6519DBA1CDE1} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{A73D470F-1F5B-492A-A55E-6519DBA1CDE1}\2375942554730353 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{A73D470F-1F5B-492A-A55E-6519DBA1CDE1}\2375942554730353 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{A73D470F-1F5B-492A-A55E-6519DBA1CDE1}\75051445572656A7 : DhcpNameServer = 168.94.0.14 168.94.0.15
TCP: Interfaces\{A73D470F-1F5B-492A-A55E-6519DBA1CDE1}\76F676F696E666C696768647 : DhcpNameServer = 172.19.134.2
TCP: Interfaces\{FE4CA3D1-2BB6-4509-A7A0-2E22CEC836FE} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{FE4CA3D1-2BB6-4509-A7A0-2E22CEC836FE} : DhcpNameServer = 68.87.72.130 68.87.77.130
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Ploose Engine: {4728c29f-7ff4-4fa1-9d34-199451b03bd3} - mscoree.dll
BHO-X64: Fast Search: {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
BHO-X64: IE BHO Utility - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Special Savings: {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Special Savings\SpecialSavings.dll
BHO-X64: Special Savings - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Browse For Change BHO: {912C156F-05CF-4B62-851A-96E167A677B0} - mscoree.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {8C5878D0-6106-423B-AAA8-144C143DBF44} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun-x64: [TaskTray]
mRun-x64: [Ploose Updater] C:\Program Files (x86)\Ploose\PlooseUpdater.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [RMAlert] "C:\Program Files (x86)\Registry Mechanic\Alert.exe" /PRODUCT=RM /R
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\system32\DRIVERS\avgidsha.sys --> C:\windows\system32\DRIVERS\avgidsha.sys [?]
R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\NAVx64\1308000.00E\SYMDS64.SYS --> C:\windows\system32\drivers\NAVx64\1308000.00E\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\NAVx64\1308000.00E\SYMEFA64.SYS --> C:\windows\system32\drivers\NAVx64\1308000.00E\SYMEFA64.SYS [?]
R1 Avgtdia;AVG TDI Driver;C:\windows\system32\DRIVERS\avgtdia.sys --> C:\windows\system32\DRIVERS\avgtdia.sys [?]
R1 avgtp;avgtp;\??\C:\windows\system32\drivers\avgtpx64.sys --> C:\windows\system32\drivers\avgtpx64.sys [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\BASHDefs\20120823.005\BHDrvx64.sys [2012-8-21 1385120]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\windows\system32\drivers\NAVx64\1308000.00E\ccSetx64.sys --> C:\windows\system32\drivers\NAVx64\1308000.00E\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\IPSDefs\20120824.001\IDSviA64.sys [2012-8-24 512672]
R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\NAVx64\1308000.00E\Ironx64.SYS --> C:\windows\system32\drivers\NAVx64\1308000.00E\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\system32\Drivers\NAVx64\1308000.00E\SYMNETS.SYS --> C:\windows\system32\Drivers\NAVx64\1308000.00E\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2012-8-22 1852048]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-18 655944]
R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccsvchst.exe [2012-8-18 138272]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-7-4 632792]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-7-5 3048136]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-3-24 2886528]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-1-19 2320920]
R2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [2012-8-18 927840]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-20 138912]
R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\windows\system32\DRIVERS\Impcd.sys --> C:\windows\system32\DRIVERS\Impcd.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-1-19 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-5 136176]
S2 RelevantKnowledge;RelevantKnowledge;C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service --> C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-14 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-25 250056]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-5 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2012-3-25 24176]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 SWDUMon;SWDUMon;C:\windows\system32\DRIVERS\SWDUMon.sys --> C:\windows\system32\DRIVERS\SWDUMon.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-19 02:19:39 405624 ----a-w- C:\windows\System32\drivers\NAVx64\1308000.00E\symnets.sys
2012-08-19 02:19:39 1129120 ----a-w- C:\windows\System32\drivers\NAVx64\1308000.00E\symefa64.sys
2012-08-19 02:19:38 451192 ----a-r- C:\windows\System32\drivers\NAVx64\1308000.00E\symds64.sys
2012-08-19 02:19:38 37536 ----a-w- C:\windows\System32\drivers\NAVx64\1308000.00E\srtspx64.sys
2012-08-19 02:19:37 737952 ----a-w- C:\windows\System32\drivers\NAVx64\1308000.00E\srtsp64.sys
2012-08-19 02:19:37 190072 ----a-w- C:\windows\System32\drivers\NAVx64\1308000.00E\ironx64.sys
2012-08-19 02:19:37 167072 ----a-w- C:\windows\System32\drivers\NAVx64\1308000.00E\ccsetx64.sys
2012-08-19 02:19:05 -------- d-----w- C:\windows\System32\drivers\NAVx64\1308000.00E
2012-08-19 01:45:16 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2012-08-19 01:34:28 175736 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS
2012-08-19 01:34:28 -------- d-----w- C:\Program Files\Symantec
2012-08-19 01:34:28 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2012-08-19 01:33:05 -------- d-----w- C:\windows\System32\drivers\NAVx64
2012-08-19 01:32:54 -------- d-----w- C:\Program Files (x86)\Norton AntiVirus
2012-08-19 00:44:42 -------- d-----w- C:\Users\ik\AppData\Roaming\Malwarebytes
2012-08-19 00:44:36 24904 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-08-19 00:44:36 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-19 00:44:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-16 15:42:36 15712 ----a-w- C:\windows\System32\drivers\SWDUMon.sys
2012-08-16 15:42:36 -------- d-----w- C:\Users\ik\AppData\Local\SlimWare Utilities Inc
2012-08-16 15:42:30 -------- d-----w- C:\Program Files (x86)\DriverUpdate
2012-08-15 14:04:09 -------- d-----w- C:\309bf44b96dfceab3a
2012-08-15 13:44:57 3148800 ----a-w- C:\windows\System32\win32k.sys
2012-08-15 13:44:56 503808 ----a-w- C:\windows\System32\srcore.dll
2012-08-15 13:44:56 43008 ----a-w- C:\windows\SysWow64\srclient.dll
2012-08-15 13:44:55 751104 ----a-w- C:\windows\System32\win32spl.dll
2012-08-15 13:44:54 67072 ----a-w- C:\windows\splwow64.exe
2012-08-15 13:44:54 559104 ----a-w- C:\windows\System32\spoolsv.exe
2012-08-15 13:44:54 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2012-08-15 13:44:53 59392 ----a-w- C:\windows\System32\browcli.dll
2012-08-15 13:44:53 41984 ----a-w- C:\windows\SysWow64\browcli.dll
2012-08-15 13:44:53 136704 ----a-w- C:\windows\System32\browser.dll
2012-08-15 13:40:04 956928 ----a-w- C:\windows\System32\localspl.dll
2012-08-11 17:41:23 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{654192DA-0B99-4D46-A215-2608B898E936}\mpengine.dll
2012-08-10 02:16:08 -------- d-----w- C:\Program Files (x86)\ESET
2012-08-03 06:07:44 -------- d-----w- C:\Users\ik\AppData\Roaming\AVG2012
2012-08-03 06:06:22 -------- d-----w- C:\Users\ik\AppData\Local\AVG Secure Search
2012-08-03 06:06:17 -------- d-----w- C:\ProgramData\AVG Secure Search
2012-08-03 06:06:13 31080 ----a-w- C:\windows\System32\drivers\avgtpx64.sys
2012-08-03 06:06:11 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2012-08-03 06:05:42 -------- d-----w- C:\windows\SysWow64\drivers\AVG
2012-08-03 06:05:24 -------- d--h--w- C:\$AVG
2012-08-03 06:05:24 -------- d-----w- C:\ProgramData\AVG2012
2012-08-03 06:04:46 -------- d-----w- C:\Program Files (x86)\AVG
2012-08-03 06:01:17 -------- d--h--w- C:\ProgramData\Common Files
2012-08-03 06:01:16 -------- d-----w- C:\ProgramData\MFAData
2012-07-30 20:12:52 -------- d-----w- C:\Users\ik\AppData\Local\{57064525-F41F-4192-A4B8-874B9940DE2F}
2012-07-30 20:12:44 -------- d-----w- C:\Users\ik\AppData\Local\{493DA272-8ED0-43BE-B221-8439DE829208}
.
==================== Find3M ====================
.
2012-08-15 22:48:22 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 22:48:22 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-07-03 05:45:36 50952 ----a-w- C:\windows\System32\certsentry.dll
2012-07-03 05:45:36 42760 ----a-w- C:\windows\SysWow64\certsentry.dll
2012-06-29 03:56:34 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-06-06 06:06:16 2004480 ----a-w- C:\windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\windows\SysWow64\cdosys.dll
2012-06-02 22:19:42 186752 ----a-w- C:\windows\System32\wuwebv.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\windows\System32\wucltux.dll
2012-06-02 22:15:12 36864 ----a-w- C:\windows\System32\wuapp.exe
2012-06-02 22:15:08 99840 ----a-w- C:\windows\System32\wudriver.dll
2012-06-02 05:50:10 458704 ----a-w- C:\windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2012-05-31 19:25:12 279656 ------w- C:\windows\System32\MpSigStub.exe
.

============= FINISH: 14:22:22.39 ===============




.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/23/2011 11:30:33 AM
System Uptime: 8/27/2012 2:10:08 PM (0 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel® Core™ i3 CPU M 380 @ 2.53GHz | CPU | 2533/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 454 GiB total, 378.311 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP542: 7/10/2012 11:00:01 PM - Windows Update
RP544: 7/17/2012 6:19:43 AM - Windows Update
RP546: 7/20/2012 10:57:11 AM - Windows Update
RP548: 7/24/2012 12:12:55 PM - Windows Update
RP550: 7/27/2012 3:25:58 PM - Windows Update
RP552: 7/31/2012 6:29:29 AM - Windows Update
RP554: 8/2/2012 11:04:39 PM - Installed AVG 2012
RP556: 8/2/2012 11:05:00 PM - Installed AVG 2012
RP558: 8/11/2012 10:41:17 AM - Windows Update
RP560: 8/15/2012 7:04:02 AM - Windows Update
RP562: 8/15/2012 8:29:57 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.3.4
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
Ares 2.1.7
Ares 4.1
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Atheros Driver Installation Program
Best Buy pc app
BitLord 2.0
Browse For Change
Comodo Dragon
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Setup
Driver Performer
DriverUpdate
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159
Fast Search by Surf Canyon
Google Chrome
Google Talk Plugin
Google Update Helper
Imikimi Plugin
InstaCodecs
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® Rapid Storage Technology
Itibiti RTC
Java Auto Updater
Java™ 6 Update 31
Java™ 7 Update 5
JavaFX 2.1.1
Junk Mail filter update
Label@Once 1.0
Malwarebytes Anti-Malware version 1.62.0.1300
Mesh Runtime
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mplayer 0.6.9
MSVCRT
MSVCRT_amd64
MySQL Servers and Clients 3.23.52
NetAssistant
NetAssistant for Firefox
Norton AntiVirus
PlayReady PC Runtime x86
Ploose
QuickTime
Realtek USB 2.0 Card Reader
Registry Mechanic 10.0
RockMelt
SAM2 (remove only)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Setup Support for RelevantKnowledge 1.0
Skype Click to Call
Skype™ 5.10
Special Savings
Spotify
swMSM
TeamViewer 7
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Quality Application
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
UltimaDownloads
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053
Visual Studio 2008 x64 Redistributables
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
8/22/2012 9:16:00 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer USER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A73D470F-1F5B-492A-A55E-6519DBA1CDE1}. The master browser is stopping or an election is being forced.
8/20/2012 7:52:20 PM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:09 AM

Posted 27 August 2012 - 04:29 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 babytequila03

babytequila03
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:09 AM

Posted 27 August 2012 - 04:34 PM

Results of screen317's Security Check version 0.99.46
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton AntiVirus
AVG Anti-Virus Free Edition 2012
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java™ 6 Update 31
Java™ 7 Update 5
Java version out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
Norton AntiVirus Engine 19.8.0.14 ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:09 AM

Posted 27 August 2012 - 04:35 PM

I will check for the combofix report before I go to work


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 babytequila03

babytequila03
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:09 AM

Posted 27 August 2012 - 05:10 PM

ComboFix 12-08-25.04 - ik 08/27/2012 14:39:56.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3895.2129 [GMT -7:00]
Running from: c:\users\ik\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\568bb977
c:\users\ik\AppData\Local\TempDIR
c:\users\ik\AppData\Roaming\inst.exe
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome.manifest
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\background.html
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\browser.xul
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\crossrider.js
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\crossriderapi.js
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\dialog.js
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\lib\faye-browser-min.js
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\manage-apps-style.css
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\manage-apps.html
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\messaging.js
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\options.js
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\options.xul
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\push.html
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\search_dialog.xul
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\chrome\content\update.html
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\defaults\preferences\prefs.js
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\install.rdf
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\locale\en-US\translations.dtd
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\button1.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\button2.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\button3.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\button4.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\button5.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\crossrider_statusbar.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\icon128.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\icon16.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\icon24.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\icon48.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\panelarrow-up.png
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\popup.html
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\popup_binding.xml
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\skin.css
c:\users\ik\AppData\Roaming\Mozilla\Firefox\Profiles\0fxn9pf7.default\extensions\crossriderapp2258@crossrider.com\skin\update.css
c:\users\ik\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_RelevantKnowledge
.
.
((((((((((((((((((((((((( Files Created from 2012-07-27 to 2012-08-27 )))))))))))))))))))))))))))))))
.
.
2012-08-27 21:47 . 2012-08-27 21:47 -------- d-----w- c:\users\family\AppData\Local\temp
2012-08-19 01:45 . 2012-08-19 01:45 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-08-19 01:34 . 2012-08-19 02:20 -------- d-----w- c:\program files\Symantec
2012-08-19 01:34 . 2012-08-19 02:19 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-08-19 01:34 . 2012-08-19 01:34 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-08-19 01:33 . 2012-08-21 03:00 -------- d-----w- c:\windows\system32\drivers\NAVx64
2012-08-19 01:32 . 2012-08-19 01:33 -------- d-----w- c:\program files (x86)\Norton AntiVirus
2012-08-19 00:44 . 2012-08-19 00:44 -------- d-----w- c:\users\ik\AppData\Roaming\Malwarebytes
2012-08-19 00:44 . 2012-08-21 03:00 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-19 00:44 . 2012-08-19 00:44 -------- d-----w- c:\programdata\Malwarebytes
2012-08-19 00:44 . 2012-07-03 20:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-16 15:42 . 2012-08-27 21:48 15712 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-08-16 15:42 . 2012-08-16 15:42 -------- d-----w- c:\users\ik\AppData\Local\SlimWare Utilities Inc
2012-08-16 15:42 . 2012-08-16 15:42 -------- d-----w- c:\program files (x86)\DriverUpdate
2012-08-15 14:04 . 2012-08-15 14:04 -------- d-----w- C:\309bf44b96dfceab3a
2012-08-15 13:44 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 13:44 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 13:44 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 13:44 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 13:44 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 13:44 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 13:44 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 13:44 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 13:44 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 13:44 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 13:44 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 13:40 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-11 17:41 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{654192DA-0B99-4D46-A215-2608B898E936}\mpengine.dll
2012-08-10 02:16 . 2012-08-10 02:16 -------- d-----w- c:\program files (x86)\ESET
2012-08-03 06:07 . 2012-08-03 06:07 -------- d-----w- c:\users\ik\AppData\Roaming\AVG2012
2012-08-03 06:06 . 2012-08-03 06:06 -------- d-----w- c:\users\ik\AppData\Local\AVG Secure Search
2012-08-03 06:06 . 2012-08-19 01:45 -------- d-----w- c:\programdata\AVG Secure Search
2012-08-03 06:06 . 2012-08-19 01:45 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-08-03 06:06 . 2012-08-03 06:06 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-08-03 06:05 . 2012-08-19 01:44 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-08-03 06:05 . 2012-08-03 06:21 -------- d-----w- c:\programdata\AVG2012
2012-08-03 06:05 . 2012-08-03 06:05 -------- d-----w- C:\$AVG
2012-08-03 06:04 . 2012-08-03 06:04 -------- d-----w- c:\program files (x86)\AVG
2012-08-03 06:01 . 2012-08-03 06:01 -------- d--h--w- c:\programdata\Common Files
2012-08-03 06:01 . 2012-08-27 15:37 -------- d-----w- c:\programdata\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 22:48 . 2012-05-25 14:02 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 22:48 . 2011-07-08 23:09 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 14:04 . 2012-01-05 22:00 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 05:45 . 2012-07-03 05:45 50952 ----a-w- c:\windows\system32\certsentry.dll
2012-07-03 05:45 . 2012-07-03 05:45 42760 ----a-w- c:\windows\SysWow64\certsentry.dll
2012-06-09 05:43 . 2012-07-10 23:53 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-10 23:53 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-10 23:53 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-10 23:53 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-10 23:53 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-10 23:53 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-10 23:53 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-21 18:30 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 18:30 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 18:30 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 18:30 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 18:30 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-21 18:30 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 18:30 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 18:30 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-21 18:30 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 05:50 . 2012-07-10 23:53 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-10 23:53 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-10 23:53 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-10 23:53 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-10 23:53 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-10 23:53 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-10 23:53 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-10 23:53 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-10 23:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 19:25 . 2011-10-05 12:39 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{4728c29f-7ff4-4fa1-9d34-199451b03bd3}]
2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-08-19 01:45 2045024 ----a-w- c:\program files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll" [2012-08-19 2045024]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-11-24 6497592]
"Facebook Update"="c:\users\ik\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"ares"="c:\program files (x86)\Ares\Ares.exe" [2010-10-27 1015808]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17420464]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2010-10-15 2646128]
"RockMelt Update"="c:\users\ik\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" [2012-07-02 136336]
"Spotify"="c:\users\ik\AppData\Roaming\Spotify\Spotify.exe" [2012-07-25 7601880]
"Spotify Web Helper"="c:\users\ik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-25 1193176]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
"ToshibaAppPlace"="c:\program files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [2010-09-23 552960]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-16 112600]
"Ploose Updater"="c:\program files (x86)\Ploose\PlooseUpdater.exe" [2011-05-16 370176]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"RMAlert"="c:\program files (x86)\Registry Mechanic\Alert.exe" [2010-09-16 1016792]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-08-19 1162848]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-08-19 1020512]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2010-6-24 9216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-14 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 136176]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-10-15 24176]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-01 232992]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-08-27 15712]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-24 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1308000.00E\SYMDS64.SYS [2011-05-16 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1308000.00E\SYMEFA64.SYS [2012-05-22 1129120]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-08-19 31080]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\BASHDefs\20120823.005\BHDrvx64.sys [2012-08-21 1385120]
S1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1308000.00E\ccSetx64.sys [2012-06-07 167072]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\IPSDefs\20120824.001\IDSvia64.sys [2012-08-22 512672]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1308000.00E\Ironx64.SYS [2012-04-18 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1308000.00E\SYMNETS.SYS [2012-04-18 405624]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [2012-08-22 1852048]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe [2012-06-16 138272]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-06 3048136]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-10 2320920]
S2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [2012-08-19 927840]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-21 138912]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-03-05 75816]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 35008]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-25 22:48]
.
2012-08-27 c:\windows\Tasks\DriverUpdate Startup.job
- c:\program files (x86)\DriverUpdate\DriverUpdate.exe [2012-08-10 16:08]
.
2012-08-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3515138813-1237380366-1013828875-1000Core.job
- c:\users\ik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-29 01:03]
.
2012-08-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3515138813-1237380366-1013828875-1000UA.job
- c:\users\ik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-29 01:03]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 06:02]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 06:02]
.
2012-08-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3515138813-1237380366-1013828875-1000Core.job
- c:\users\ik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-02 20:24]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3515138813-1237380366-1013828875-1000UA.job
- c:\users\ik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-02 20:24]
.
2012-08-26 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3515138813-1237380366-1013828875-1000Core.job
- c:\users\ik\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-04-23 23:20]
.
2012-08-27 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3515138813-1237380366-1013828875-1000UA.job
- c:\users\ik\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-04-23 23:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-26 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-26 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-26 410648]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]
"combofix"="c:\combofix\CF13088.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2830765
mStart Page = hxxp://www.bigseekpro.com/ares001/{87751968-EFFF-4643-B5EF-2C7EA11119EC}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files (x86)\Superfish\Special Savings\SpecialSavings.dll
Trusted Zone: ccis.edu
Trusted Zone: ccis.edu\rd
Trusted Zone: ucourses.com\ccis
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{A73D470F-1F5B-492A-A55E-6519DBA1CDE1}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{A73D470F-1F5B-492A-A55E-6519DBA1CDE1}\2375942554730353: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{FE4CA3D1-2BB6-4509-A7A0-2E22CEC836FE}: NameServer = 8.26.56.26,156.154.70.22
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll
DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
URLSearchHooks-{8c5878d0-6106-423b-aaa8-144c143dbf44} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-!{06C7AD57-B655-418D-9AB8-9526A6D2E052} - (no file)
Wow6432Node-HKCU-Run-Weather - c:\program files (x86)\AWS\WeatherBug\Weather.exe
Wow6432Node-HKCU-Run-Itibiti.exe - c:\program files (x86)\Itibiti Soft Phone\Itibiti.exe
Wow6432Node-HKLM-Run-TaskTray - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-!{06C7AD57-B655-418D-9AB8-9526A6D2E052} - (no file)
Toolbar-!{99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
WebBrowser-{8C5878D0-6106-423B-AAA8-144C143DBF44} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-(Default) - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-iBryte_browseforchange - c:\program files (x86)\iBryte\browseforchange\uninstall.exe
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\19.8.0.14\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{8C5878D0-6106-423B-AAA8-144C143DBF44}"=hex:51,66,7a,6c,4c,1d,38,12,be,7b,4b,
88,34,2f,55,07,d5,be,57,0c,11,63,fb,50
"{5911488E-9D1E-40EC-8CBB-06B231CC153F}"=hex:51,66,7a,6c,4c,1d,38,12,e0,4b,02,
5d,2c,d3,82,05,f3,ad,45,f2,34,92,51,2b
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{4728C29F-7FF4-4FA1-9D34-199451B03BD3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,c1,3b,
43,c6,31,cf,0a,e2,22,5a,d4,54,ee,7f,c7
"{5AB7104A-B71F-49AD-9154-F7F8806AE848}"=hex:51,66,7a,6c,4c,1d,38,12,24,13,a4,
5e,2d,f9,c3,0c,ee,42,b4,b8,85,34,ac,5c
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{6E13D095-45C3-4271-9475-F3B48227DD9F}"=hex:51,66,7a,6c,4c,1d,38,12,fb,d3,00,
6a,f1,0b,1f,07,eb,63,b0,f4,87,79,99,8b
"{74F475FA-6C75-43BD-AAB9-ECDA6184F600}"=hex:51,66,7a,6c,4c,1d,38,12,94,76,e7,
70,47,22,d3,06,d5,af,af,9a,64,da,b2,14
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F3C88694-EFFA-4D78-B409-54B7B2535B14}"=hex:51,66,7a,6c,4c,1d,38,12,fa,85,db,
f7,c8,a1,16,08,cb,1f,17,f7,b7,0d,1f,00
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,38,12,70,05,61,
f9,ec,d1,23,0d,da,9c,48,eb,44,0f,8e,cc
"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
"{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,38,12,e4,48,13,
36,9b,0a,89,06,fb,ff,c3,c8,3d,de,d1,0d
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:8f,6a,26,18,ab,7b,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,22,7d,d7,aa,bf,a8,4c,92,76,d7,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,22,7d,d7,aa,bf,a8,4c,92,76,d7,\
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.partial\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.PARTIAL"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.SVG"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.URL"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.website\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.WEBSITE"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.XHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.XHT"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\mysql\bin\mysqld-nt.exe
.
**************************************************************************
.
Completion time: 2012-08-27 14:53:56 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-27 21:53
.
Pre-Run: 414,386,659,328 bytes free
Post-Run: 414,257,664,000 bytes free
.
- - End Of File - - 9224CF12315D53D0061770A7D8B58647

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:09 AM

Posted 27 August 2012 - 11:51 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 babytequila03

babytequila03
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:09 AM

Posted 28 August 2012 - 10:01 PM

19:56:29.0372 6120 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
19:56:29.0828 6120 ============================================================
19:56:29.0828 6120 Current date / time: 2012/08/28 19:56:29.0828
19:56:29.0828 6120 SystemInfo:
19:56:29.0828 6120
19:56:29.0828 6120 OS Version: 6.1.7601 ServicePack: 1.0
19:56:29.0828 6120 Product type: Workstation
19:56:29.0829 6120 ComputerName: IK-PC
19:56:29.0829 6120 UserName: ik
19:56:29.0829 6120 Windows directory: C:\windows
19:56:29.0829 6120 System windows directory: C:\windows
19:56:29.0829 6120 Running under WOW64
19:56:29.0829 6120 Processor architecture: Intel x64
19:56:29.0829 6120 Number of processors: 4
19:56:29.0829 6120 Page size: 0x1000
19:56:29.0829 6120 Boot type: Normal boot
19:56:29.0829 6120 ============================================================
19:56:30.0657 6120 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:56:30.0664 6120 ============================================================
19:56:30.0664 6120 \Device\Harddisk0\DR0:
19:56:30.0664 6120 MBR partitions:
19:56:30.0664 6120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38BF7800
19:56:30.0664 6120 ============================================================
19:56:30.0743 6120 C: <-> \Device\Harddisk0\DR0\Partition1
19:56:30.0743 6120 ============================================================
19:56:30.0743 6120 Initialize success
19:56:30.0743 6120 ============================================================
19:56:41.0591 2504 ============================================================
19:56:41.0591 2504 Scan started
19:56:41.0591 2504 Mode: Manual;
19:56:41.0591 2504 ============================================================
19:56:43.0031 2504 ================ Scan system memory ========================
19:56:43.0031 2504 System memory - ok
19:56:43.0032 2504 ================ Scan services =============================
19:56:43.0366 2504 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:56:43.0374 2504 1394ohci - ok
19:56:43.0424 2504 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:56:43.0431 2504 ACPI - ok
19:56:43.0494 2504 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:56:43.0498 2504 AcpiPmi - ok
19:56:43.0924 2504 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:43.0930 2504 AdobeFlashPlayerUpdateSvc - ok
19:56:44.0009 2504 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
19:56:44.0032 2504 adp94xx - ok
19:56:44.0096 2504 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
19:56:44.0103 2504 adpahci - ok
19:56:44.0117 2504 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
19:56:44.0122 2504 adpu320 - ok
19:56:44.0156 2504 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:56:44.0158 2504 AeLookupSvc - ok
19:56:44.0248 2504 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
19:56:44.0270 2504 AFD - ok
19:56:44.0325 2504 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
19:56:44.0328 2504 agp440 - ok
19:56:44.0348 2504 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
19:56:44.0351 2504 ALG - ok
19:56:44.0405 2504 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
19:56:44.0408 2504 aliide - ok
19:56:44.0421 2504 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
19:56:44.0425 2504 amdide - ok
19:56:44.0450 2504 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
19:56:44.0453 2504 AmdK8 - ok
19:56:44.0467 2504 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
19:56:44.0470 2504 AmdPPM - ok
19:56:44.0507 2504 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
19:56:44.0510 2504 amdsata - ok
19:56:44.0565 2504 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
19:56:44.0569 2504 amdsbs - ok
19:56:44.0591 2504 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
19:56:44.0594 2504 amdxata - ok
19:56:44.0657 2504 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
19:56:44.0661 2504 AppID - ok
19:56:44.0690 2504 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:56:44.0692 2504 AppIDSvc - ok
19:56:44.0728 2504 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
19:56:44.0729 2504 Appinfo - ok
19:56:44.0827 2504 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
19:56:44.0830 2504 arc - ok
19:56:44.0847 2504 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
19:56:44.0850 2504 arcsas - ok
19:56:44.0895 2504 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:56:44.0898 2504 AsyncMac - ok
19:56:44.0955 2504 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
19:56:44.0958 2504 atapi - ok
19:56:45.0045 2504 [ D6CAD7E5B05055BB8226BDCB1644DA27 ] athr C:\windows\system32\DRIVERS\athrx.sys
19:56:45.0091 2504 athr - ok
19:56:45.0158 2504 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:56:45.0168 2504 AudioEndpointBuilder - ok
19:56:45.0191 2504 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:56:45.0195 2504 AudioSrv - ok
19:56:45.0267 2504 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys
19:56:45.0270 2504 AVGIDSHA - ok
19:56:45.0316 2504 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
19:56:45.0323 2504 Avgtdia - ok
19:56:45.0343 2504 [ E964EA70249DDE1343C8F694B52575EE ] avgtp C:\windows\system32\drivers\avgtpx64.sys
19:56:45.0345 2504 avgtp - ok
19:56:45.0438 2504 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:56:45.0443 2504 avgwd - ok
19:56:45.0523 2504 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
19:56:45.0537 2504 AxInstSV - ok
19:56:45.0680 2504 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
19:56:45.0702 2504 b06bdrv - ok
19:56:45.0748 2504 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:56:45.0756 2504 b57nd60a - ok
19:56:45.0819 2504 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
19:56:45.0823 2504 BDESVC - ok
19:56:45.0840 2504 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
19:56:45.0842 2504 Beep - ok
19:56:45.0936 2504 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
19:56:45.0958 2504 BFE - ok
19:56:46.0177 2504 [ E99F59342171101EE2446D0CD1A60A8D ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\BASHDefs\20120823.005\BHDrvx64.sys
19:56:46.0217 2504 BHDrvx64 - ok
19:56:46.0268 2504 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
19:56:46.0291 2504 BITS - ok
19:56:46.0333 2504 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:56:46.0335 2504 blbdrive - ok
19:56:46.0395 2504 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:56:46.0399 2504 bowser - ok
19:56:46.0452 2504 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
19:56:46.0455 2504 BrFiltLo - ok
19:56:46.0470 2504 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
19:56:46.0474 2504 BrFiltUp - ok
19:56:46.0537 2504 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
19:56:46.0540 2504 BridgeMP - ok
19:56:46.0607 2504 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
19:56:46.0610 2504 Browser - ok
19:56:46.0678 2504 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:56:46.0686 2504 Brserid - ok
19:56:46.0727 2504 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:56:46.0730 2504 BrSerWdm - ok
19:56:46.0743 2504 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:56:46.0745 2504 BrUsbMdm - ok
19:56:46.0763 2504 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:56:46.0766 2504 BrUsbSer - ok
19:56:46.0777 2504 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
19:56:46.0780 2504 BTHMODEM - ok
19:56:46.0848 2504 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
19:56:46.0851 2504 bthserv - ok
19:56:46.0920 2504 catchme - ok
19:56:47.0013 2504 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NAV C:\windows\system32\drivers\NAVx64\1308000.00E\ccSetx64.sys
19:56:47.0018 2504 ccSet_NAV - ok
19:56:47.0052 2504 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:56:47.0056 2504 cdfs - ok
19:56:47.0130 2504 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
19:56:47.0135 2504 cdrom - ok
19:56:47.0207 2504 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
19:56:47.0209 2504 CertPropSvc - ok
19:56:47.0268 2504 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
19:56:47.0270 2504 circlass - ok
19:56:47.0323 2504 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
19:56:47.0329 2504 CLFS - ok
19:56:47.0394 2504 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:47.0398 2504 clr_optimization_v2.0.50727_32 - ok
19:56:47.0438 2504 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:56:47.0440 2504 clr_optimization_v2.0.50727_64 - ok
19:56:47.0613 2504 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:47.0640 2504 clr_optimization_v4.0.30319_32 - ok
19:56:47.0726 2504 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:56:47.0727 2504 clr_optimization_v4.0.30319_64 - ok
19:56:47.0776 2504 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:56:47.0779 2504 CmBatt - ok
19:56:47.0814 2504 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
19:56:47.0817 2504 cmdide - ok
19:56:47.0887 2504 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
19:56:47.0908 2504 CNG - ok
19:56:47.0973 2504 [ 25C58EE97BE0416A373E3E4F855206B5 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
19:56:47.0996 2504 CnxtHdAudService - ok
19:56:48.0057 2504 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
19:56:48.0059 2504 Compbatt - ok
19:56:48.0112 2504 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
19:56:48.0114 2504 CompositeBus - ok
19:56:48.0136 2504 COMSysApp - ok
19:56:48.0167 2504 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
19:56:48.0169 2504 crcdisk - ok
19:56:48.0206 2504 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
19:56:48.0209 2504 CryptSvc - ok
19:56:48.0248 2504 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
19:56:48.0256 2504 DcomLaunch - ok
19:56:48.0285 2504 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
19:56:48.0291 2504 defragsvc - ok
19:56:48.0326 2504 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:56:48.0329 2504 DfsC - ok
19:56:48.0389 2504 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
19:56:48.0393 2504 Dhcp - ok
19:56:48.0415 2504 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
19:56:48.0417 2504 discache - ok
19:56:48.0466 2504 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
19:56:48.0469 2504 Disk - ok
19:56:48.0495 2504 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:56:48.0498 2504 Dnscache - ok
19:56:48.0529 2504 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
19:56:48.0547 2504 dot3svc - ok
19:56:48.0631 2504 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
19:56:48.0635 2504 DPS - ok
19:56:48.0792 2504 [ 64EE6EE123B81A5C3406EFA83E2447AF ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
19:56:48.0803 2504 DragonUpdater - ok
19:56:48.0825 2504 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:56:48.0828 2504 drmkaud - ok
19:56:48.0875 2504 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:56:48.0901 2504 DXGKrnl - ok
19:56:48.0936 2504 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
19:56:48.0938 2504 EapHost - ok
19:56:49.0016 2504 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
19:56:49.0094 2504 ebdrv - ok
19:56:49.0198 2504 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:56:49.0205 2504 eeCtrl - ok
19:56:49.0231 2504 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
19:56:49.0232 2504 EFS - ok
19:56:49.0307 2504 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:56:49.0332 2504 ehRecvr - ok
19:56:49.0368 2504 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
19:56:49.0372 2504 ehSched - ok
19:56:49.0442 2504 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
19:56:49.0450 2504 elxstor - ok
19:56:49.0536 2504 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:56:49.0541 2504 EraserUtilRebootDrv - ok
19:56:49.0560 2504 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
19:56:49.0563 2504 ErrDev - ok
19:56:49.0611 2504 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
19:56:49.0617 2504 EventSystem - ok
19:56:49.0690 2504 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
19:56:49.0696 2504 exfat - ok
19:56:49.0730 2504 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
19:56:49.0736 2504 fastfat - ok
19:56:49.0795 2504 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
19:56:49.0817 2504 Fax - ok
19:56:49.0836 2504 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
19:56:49.0839 2504 fdc - ok
19:56:49.0887 2504 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
19:56:49.0889 2504 fdPHost - ok
19:56:49.0904 2504 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
19:56:49.0907 2504 FDResPub - ok
19:56:49.0934 2504 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:56:49.0937 2504 FileInfo - ok
19:56:49.0953 2504 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:56:49.0955 2504 Filetrace - ok
19:56:49.0975 2504 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
19:56:49.0978 2504 flpydisk - ok
19:56:50.0010 2504 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:56:50.0015 2504 FltMgr - ok
19:56:50.0071 2504 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
19:56:50.0102 2504 FontCache - ok
19:56:50.0156 2504 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:50.0160 2504 FontCache3.0.0.0 - ok
19:56:50.0183 2504 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:56:50.0186 2504 FsDepends - ok
19:56:50.0222 2504 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:56:50.0225 2504 Fs_Rec - ok
19:56:50.0292 2504 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:56:50.0297 2504 fvevol - ok
19:56:50.0372 2504 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
19:56:50.0375 2504 FwLnk - ok
19:56:50.0396 2504 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
19:56:50.0401 2504 gagp30kx - ok
19:56:50.0447 2504 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
19:56:50.0470 2504 gpsvc - ok
19:56:50.0614 2504 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:50.0616 2504 gupdate - ok
19:56:50.0690 2504 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:50.0692 2504 gupdatem - ok
19:56:50.0715 2504 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:56:50.0718 2504 hcw85cir - ok
19:56:50.0798 2504 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:56:50.0805 2504 HdAudAddService - ok
19:56:50.0857 2504 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
19:56:50.0860 2504 HDAudBus - ok
19:56:50.0914 2504 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
19:56:50.0916 2504 HECIx64 - ok
19:56:50.0939 2504 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
19:56:50.0941 2504 HidBatt - ok
19:56:50.0954 2504 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
19:56:50.0957 2504 HidBth - ok
19:56:50.0975 2504 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
19:56:50.0978 2504 HidIr - ok
19:56:51.0006 2504 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
19:56:51.0008 2504 hidserv - ok
19:56:51.0074 2504 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
19:56:51.0077 2504 HidUsb - ok
19:56:51.0114 2504 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
19:56:51.0117 2504 hkmsvc - ok
19:56:51.0173 2504 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:56:51.0178 2504 HomeGroupListener - ok
19:56:51.0219 2504 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:56:51.0224 2504 HomeGroupProvider - ok
19:56:51.0280 2504 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:56:51.0283 2504 HpSAMD - ok
19:56:51.0328 2504 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:56:51.0337 2504 HTTP - ok
19:56:51.0366 2504 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:56:51.0367 2504 hwpolicy - ok
19:56:51.0435 2504 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
19:56:51.0437 2504 i8042prt - ok
19:56:51.0474 2504 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
19:56:51.0477 2504 iaStor - ok
19:56:51.0532 2504 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:56:51.0550 2504 iaStorV - ok
19:56:51.0696 2504 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:51.0776 2504 idsvc - ok
19:56:51.0972 2504 [ 82AB40147567DE48C405AFE570A2266F ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\IPSDefs\20120828.001\IDSvia64.sys
19:56:51.0978 2504 IDSVia64 - ok
19:56:52.0238 2504 [ 898AB5BFED7040D7AB07AF01885EB944 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
19:56:52.0459 2504 igfx - ok
19:56:52.0507 2504 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
19:56:52.0510 2504 iirsp - ok
19:56:52.0559 2504 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
19:56:52.0582 2504 IKEEXT - ok
19:56:52.0642 2504 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
19:56:52.0646 2504 Impcd - ok
19:56:52.0672 2504 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
19:56:52.0674 2504 intelide - ok
19:56:52.0721 2504 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:56:52.0723 2504 intelppm - ok
19:56:52.0742 2504 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:56:52.0746 2504 IPBusEnum - ok
19:56:52.0778 2504 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:56:52.0782 2504 IpFilterDriver - ok
19:56:52.0808 2504 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
19:56:52.0816 2504 iphlpsvc - ok
19:56:52.0857 2504 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:56:52.0859 2504 IPMIDRV - ok
19:56:52.0890 2504 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:56:52.0894 2504 IPNAT - ok
19:56:52.0934 2504 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
19:56:52.0936 2504 IRENUM - ok
19:56:52.0948 2504 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:56:52.0951 2504 isapnp - ok
19:56:52.0968 2504 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:56:52.0974 2504 iScsiPrt - ok
19:56:53.0015 2504 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
19:56:53.0017 2504 kbdclass - ok
19:56:53.0063 2504 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
19:56:53.0066 2504 kbdhid - ok
19:56:53.0084 2504 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
19:56:53.0086 2504 KeyIso - ok
19:56:53.0120 2504 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:56:53.0123 2504 KSecDD - ok
19:56:53.0150 2504 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:56:53.0154 2504 KSecPkg - ok
19:56:53.0201 2504 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
19:56:53.0203 2504 ksthunk - ok
19:56:53.0228 2504 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
19:56:53.0236 2504 KtmRm - ok
19:56:53.0294 2504 [ 48686C29856F46443952A831424F8D6F ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
19:56:53.0297 2504 L1C - ok
19:56:53.0366 2504 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
19:56:53.0371 2504 LanmanServer - ok
19:56:53.0406 2504 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:56:53.0409 2504 LanmanWorkstation - ok
19:56:53.0476 2504 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:56:53.0479 2504 lltdio - ok
19:56:53.0516 2504 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
19:56:53.0523 2504 lltdsvc - ok
19:56:53.0531 2504 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
19:56:53.0533 2504 lmhosts - ok
19:56:53.0700 2504 [ 259E9D38F7CABB068530101F87B6C202 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:56:53.0703 2504 LMS - ok
19:56:53.0752 2504 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
19:56:53.0756 2504 LSI_FC - ok
19:56:53.0768 2504 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
19:56:53.0772 2504 LSI_SAS - ok
19:56:53.0794 2504 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
19:56:53.0797 2504 LSI_SAS2 - ok
19:56:53.0804 2504 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
19:56:53.0807 2504 LSI_SCSI - ok
19:56:53.0820 2504 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
19:56:53.0823 2504 luafv - ok
19:56:53.0899 2504 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
19:56:53.0900 2504 MBAMProtector - ok
19:56:54.0015 2504 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:56:54.0036 2504 MBAMService - ok
19:56:54.0076 2504 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:56:54.0080 2504 Mcx2Svc - ok
19:56:54.0106 2504 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
19:56:54.0110 2504 megasas - ok
19:56:54.0129 2504 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
19:56:54.0134 2504 MegaSR - ok
19:56:54.0161 2504 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
19:56:54.0163 2504 MMCSS - ok
19:56:54.0168 2504 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
19:56:54.0170 2504 Modem - ok
19:56:54.0213 2504 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:56:54.0214 2504 monitor - ok
19:56:54.0273 2504 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
19:56:54.0275 2504 mouclass - ok
19:56:54.0320 2504 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:56:54.0324 2504 mouhid - ok
19:56:54.0408 2504 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:56:54.0411 2504 mountmgr - ok
19:56:54.0474 2504 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
19:56:54.0479 2504 mpio - ok
19:56:54.0493 2504 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:56:54.0496 2504 mpsdrv - ok
19:56:54.0546 2504 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
19:56:54.0578 2504 MpsSvc - ok
19:56:54.0615 2504 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:56:54.0619 2504 MRxDAV - ok
19:56:54.0657 2504 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:56:54.0661 2504 mrxsmb - ok
19:56:54.0704 2504 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:56:54.0711 2504 mrxsmb10 - ok
19:56:54.0732 2504 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:56:54.0736 2504 mrxsmb20 - ok
19:56:54.0775 2504 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
19:56:54.0779 2504 msahci - ok
19:56:54.0796 2504 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:56:54.0800 2504 msdsm - ok
19:56:54.0813 2504 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
19:56:54.0819 2504 MSDTC - ok
19:56:54.0882 2504 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
19:56:54.0884 2504 Msfs - ok
19:56:54.0932 2504 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:56:54.0934 2504 mshidkmdf - ok
19:56:54.0966 2504 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:56:54.0968 2504 msisadrv - ok
19:56:54.0998 2504 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:56:55.0002 2504 MSiSCSI - ok
19:56:55.0006 2504 msiserver - ok
19:56:55.0061 2504 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:56:55.0063 2504 MSKSSRV - ok
19:56:55.0073 2504 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:56:55.0074 2504 MSPCLOCK - ok
19:56:55.0085 2504 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:56:55.0087 2504 MSPQM - ok
19:56:55.0116 2504 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:56:55.0121 2504 MsRPC - ok
19:56:55.0153 2504 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
19:56:55.0154 2504 mssmbios - ok
19:56:55.0174 2504 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:56:55.0176 2504 MSTEE - ok
19:56:55.0192 2504 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
19:56:55.0194 2504 MTConfig - ok
19:56:55.0208 2504 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
19:56:55.0210 2504 Mup - ok
19:56:55.0405 2504 [ 953FAD3DA03F50AF5E9E7B1FF6B5C90A ] MySql C:\mysql\bin\mysqld-nt.exe
19:56:55.0427 2504 MySql - ok
19:56:55.0475 2504 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
19:56:55.0482 2504 napagent - ok
19:56:55.0546 2504 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:56:55.0553 2504 NativeWifiP - ok
19:56:55.0765 2504 [ F2840DBFE9322F35557219AE82CC4597 ] NAV C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
19:56:55.0768 2504 NAV - ok
19:56:55.0867 2504 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\VirusDefs\20120828.018\ENG64.SYS
19:56:55.0868 2504 NAVENG - ok
19:56:55.0940 2504 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\VirusDefs\20120828.018\EX64.SYS
19:56:55.0954 2504 NAVEX15 - ok
19:56:56.0005 2504 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
19:56:56.0028 2504 NDIS - ok
19:56:56.0092 2504 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:56:56.0094 2504 NdisCap - ok
19:56:56.0132 2504 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:56:56.0134 2504 NdisTapi - ok
19:56:56.0181 2504 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:56:56.0183 2504 Ndisuio - ok
19:56:56.0227 2504 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:56:56.0231 2504 NdisWan - ok
19:56:56.0260 2504 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:56:56.0262 2504 NDProxy - ok
19:56:56.0274 2504 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:56:56.0277 2504 NetBIOS - ok
19:56:56.0313 2504 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:56:56.0319 2504 NetBT - ok
19:56:56.0363 2504 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
19:56:56.0365 2504 Netlogon - ok
19:56:56.0422 2504 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
19:56:56.0429 2504 Netman - ok
19:56:56.0456 2504 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
19:56:56.0473 2504 netprofm - ok
19:56:56.0497 2504 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:56:56.0500 2504 NetTcpPortSharing - ok
19:56:56.0527 2504 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
19:56:56.0535 2504 nfrd960 - ok
19:56:56.0599 2504 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
19:56:56.0607 2504 NlaSvc - ok
19:56:56.0625 2504 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
19:56:56.0627 2504 Npfs - ok
19:56:56.0651 2504 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
19:56:56.0653 2504 nsi - ok
19:56:56.0687 2504 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:56:56.0688 2504 nsiproxy - ok
19:56:56.0751 2504 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:56:56.0796 2504 Ntfs - ok
19:56:56.0809 2504 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
19:56:56.0811 2504 Null - ok
19:56:56.0849 2504 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
19:56:56.0853 2504 nvraid - ok
19:56:56.0864 2504 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
19:56:56.0868 2504 nvstor - ok
19:56:56.0879 2504 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:56:56.0882 2504 nv_agp - ok
19:56:56.0897 2504 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:56:56.0900 2504 ohci1394 - ok
19:56:56.0980 2504 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:56:56.0984 2504 ose - ok
19:56:57.0164 2504 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:56:57.0195 2504 osppsvc - ok
19:56:57.0283 2504 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:56:57.0289 2504 p2pimsvc - ok
19:56:57.0323 2504 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
19:56:57.0331 2504 p2psvc - ok
19:56:57.0360 2504 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
19:56:57.0363 2504 Parport - ok
19:56:57.0399 2504 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
19:56:57.0402 2504 partmgr - ok
19:56:57.0504 2504 [ 5418D3D8A2135C533F232E3C2B83F153 ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
19:56:57.0506 2504 pbfilter - ok
19:56:57.0533 2504 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
19:56:57.0539 2504 PcaSvc - ok
19:56:57.0557 2504 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
19:56:57.0562 2504 pci - ok
19:56:57.0586 2504 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
19:56:57.0588 2504 pciide - ok
19:56:57.0609 2504 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
19:56:57.0614 2504 pcmcia - ok
19:56:57.0706 2504 [ A0E7D752514A7D99341D5F2A834224A9 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
19:56:57.0714 2504 PCToolsSSDMonitorSvc - ok
19:56:57.0727 2504 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
19:56:57.0729 2504 pcw - ok
19:56:57.0751 2504 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:56:57.0760 2504 PEAUTH - ok
19:56:57.0847 2504 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
19:56:57.0850 2504 PerfHost - ok
19:56:57.0922 2504 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
19:56:57.0935 2504 PGEffect - ok
19:56:58.0104 2504 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
19:56:58.0144 2504 pla - ok
19:56:58.0213 2504 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:56:58.0224 2504 PlugPlay - ok
19:56:58.0239 2504 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:56:58.0244 2504 PNRPAutoReg - ok
19:56:58.0296 2504 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:56:58.0300 2504 PNRPsvc - ok
19:56:58.0351 2504 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:56:58.0360 2504 PolicyAgent - ok
19:56:58.0387 2504 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
19:56:58.0392 2504 Power - ok
19:56:58.0453 2504 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:56:58.0456 2504 PptpMiniport - ok
19:56:58.0484 2504 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
19:56:58.0488 2504 Processor - ok
19:56:58.0531 2504 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
19:56:58.0537 2504 ProfSvc - ok
19:56:58.0553 2504 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
19:56:58.0555 2504 ProtectedStorage - ok
19:56:58.0603 2504 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:56:58.0606 2504 Psched - ok
19:56:58.0662 2504 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
19:56:58.0697 2504 ql2300 - ok
19:56:58.0718 2504 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
19:56:58.0722 2504 ql40xx - ok
19:56:58.0745 2504 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
19:56:58.0752 2504 QWAVE - ok
19:56:58.0762 2504 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:56:58.0764 2504 QWAVEdrv - ok
19:56:58.0784 2504 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:56:58.0787 2504 RasAcd - ok
19:56:58.0840 2504 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:56:58.0843 2504 RasAgileVpn - ok
19:56:58.0859 2504 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
19:56:58.0863 2504 RasAuto - ok
19:56:58.0898 2504 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:56:58.0901 2504 Rasl2tp - ok
19:56:58.0939 2504 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
19:56:58.0945 2504 RasMan - ok
19:56:58.0979 2504 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:56:58.0982 2504 RasPppoe - ok
19:56:58.0991 2504 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:56:58.0993 2504 RasSstp - ok
19:56:59.0034 2504 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:56:59.0040 2504 rdbss - ok
19:56:59.0057 2504 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
19:56:59.0060 2504 rdpbus - ok
19:56:59.0074 2504 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:56:59.0074 2504 RDPCDD - ok
19:56:59.0096 2504 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:56:59.0097 2504 RDPENCDD - ok
19:56:59.0130 2504 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:56:59.0130 2504 RDPREFMP - ok
19:56:59.0165 2504 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:56:59.0171 2504 RDPWD - ok
19:56:59.0235 2504 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:56:59.0240 2504 rdyboost - ok
19:56:59.0267 2504 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
19:56:59.0270 2504 RemoteAccess - ok
19:56:59.0296 2504 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:56:59.0301 2504 RemoteRegistry - ok
19:56:59.0311 2504 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:56:59.0313 2504 RpcEptMapper - ok
19:56:59.0322 2504 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
19:56:59.0325 2504 RpcLocator - ok
19:56:59.0364 2504 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
19:56:59.0368 2504 RpcSs - ok
19:56:59.0424 2504 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:56:59.0426 2504 rspndr - ok
19:56:59.0504 2504 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
19:56:59.0509 2504 RSUSBSTOR - ok
19:56:59.0522 2504 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
19:56:59.0523 2504 SamSs - ok
19:56:59.0604 2504 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:56:59.0616 2504 sbp2port - ok
19:56:59.0684 2504 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
19:56:59.0689 2504 SCardSvr - ok
19:56:59.0724 2504 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:56:59.0726 2504 scfilter - ok
19:56:59.0769 2504 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
19:56:59.0796 2504 Schedule - ok
19:56:59.0831 2504 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
19:56:59.0831 2504 SCPolicySvc - ok
19:56:59.0868 2504 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:56:59.0876 2504 SDRSVC - ok
19:56:59.0936 2504 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:56:59.0938 2504 secdrv - ok
19:56:59.0949 2504 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
19:56:59.0951 2504 seclogon - ok
19:56:59.0974 2504 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
19:56:59.0976 2504 SENS - ok
19:56:59.0992 2504 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
19:56:59.0996 2504 SensrSvc - ok
19:57:00.0027 2504 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
19:57:00.0031 2504 Serenum - ok
19:57:00.0086 2504 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
19:57:00.0091 2504 Serial - ok
19:57:00.0133 2504 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
19:57:00.0136 2504 sermouse - ok
19:57:00.0183 2504 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
19:57:00.0187 2504 SessionEnv - ok
19:57:00.0218 2504 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:57:00.0221 2504 sffdisk - ok
19:57:00.0233 2504 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:57:00.0238 2504 sffp_mmc - ok
19:57:00.0256 2504 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:57:00.0259 2504 sffp_sd - ok
19:57:00.0290 2504 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
19:57:00.0293 2504 sfloppy - ok
19:57:00.0328 2504 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
19:57:00.0334 2504 SharedAccess - ok
19:57:00.0368 2504 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:57:00.0375 2504 ShellHWDetection - ok
19:57:00.0390 2504 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
19:57:00.0392 2504 SiSRaid2 - ok
19:57:00.0403 2504 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
19:57:00.0406 2504 SiSRaid4 - ok
19:57:00.0612 2504 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:57:00.0699 2504 Skype C2C Service - ok
19:57:00.0812 2504 [ EF3B592545676301CDEB7C2609EED7BF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:57:00.0815 2504 SkypeUpdate - ok
19:57:00.0863 2504 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
19:57:00.0866 2504 Smb - ok
19:57:00.0930 2504 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:57:00.0934 2504 SNMPTRAP - ok
19:57:00.0953 2504 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
19:57:00.0955 2504 spldr - ok
19:57:00.0996 2504 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
19:57:01.0004 2504 Spooler - ok
19:57:01.0096 2504 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
19:57:01.0192 2504 sppsvc - ok
19:57:01.0211 2504 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:57:01.0214 2504 sppuinotify - ok
19:57:01.0320 2504 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\windows\System32\Drivers\NAVx64\1308000.00E\SRTSP64.SYS
19:57:01.0342 2504 SRTSP - ok
19:57:01.0361 2504 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\windows\system32\drivers\NAVx64\1308000.00E\SRTSPX64.SYS
19:57:01.0363 2504 SRTSPX - ok
19:57:01.0403 2504 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
19:57:01.0410 2504 srv - ok
19:57:01.0425 2504 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:57:01.0432 2504 srv2 - ok
19:57:01.0443 2504 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:57:01.0446 2504 srvnet - ok
19:57:01.0498 2504 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:57:01.0502 2504 SSDPSRV - ok
19:57:01.0511 2504 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
19:57:01.0513 2504 SstpSvc - ok
19:57:01.0537 2504 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
19:57:01.0539 2504 stexstor - ok
19:57:01.0604 2504 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
19:57:01.0613 2504 stisvc - ok
19:57:01.0691 2504 [ 85BF0B7CE3D9B6D1611E05872E1C3E56 ] SWDUMon C:\windows\system32\DRIVERS\SWDUMon.sys
19:57:01.0693 2504 SWDUMon - ok
19:57:01.0731 2504 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
19:57:01.0733 2504 swenum - ok
19:57:01.0775 2504 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
19:57:01.0799 2504 swprv - ok
19:57:01.0874 2504 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\windows\system32\drivers\NAVx64\1308000.00E\SYMDS64.SYS
19:57:01.0894 2504 SymDS - ok
19:57:01.0973 2504 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\windows\system32\drivers\NAVx64\1308000.00E\SYMEFA64.SYS
19:57:02.0003 2504 SymEFA - ok
19:57:02.0093 2504 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
19:57:02.0097 2504 SymEvent - ok
19:57:02.0154 2504 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\windows\system32\drivers\NAVx64\1308000.00E\Ironx64.SYS
19:57:02.0157 2504 SymIRON - ok
19:57:02.0181 2504 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\windows\System32\Drivers\NAVx64\1308000.00E\SYMNETS.SYS
19:57:02.0187 2504 SymNetS - ok
19:57:02.0258 2504 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
19:57:02.0264 2504 SynTP - ok
19:57:02.0327 2504 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
19:57:02.0361 2504 SysMain - ok
19:57:02.0394 2504 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:57:02.0398 2504 TabletInputService - ok
19:57:02.0447 2504 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
19:57:02.0456 2504 TapiSrv - ok
19:57:02.0478 2504 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
19:57:02.0481 2504 TBS - ok
19:57:02.0593 2504 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:57:02.0657 2504 Tcpip - ok
19:57:02.0749 2504 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:57:02.0773 2504 TCPIP6 - ok
19:57:02.0823 2504 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:57:02.0826 2504 tcpipreg - ok
19:57:02.0897 2504 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
19:57:02.0899 2504 tdcmdpst - ok
19:57:02.0925 2504 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:57:02.0928 2504 TDPIPE - ok
19:57:02.0957 2504 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:57:02.0960 2504 TDTCP - ok
19:57:02.0989 2504 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:57:02.0992 2504 tdx - ok
19:57:03.0159 2504 [ 74FC70AE64A7B7DABEC9697CE0A1F4FA ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
19:57:03.0177 2504 TeamViewer7 - ok
19:57:03.0223 2504 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
19:57:03.0226 2504 TermDD - ok
19:57:03.0276 2504 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
19:57:03.0298 2504 TermService - ok
19:57:03.0321 2504 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
19:57:03.0324 2504 Themes - ok
19:57:03.0351 2504 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
19:57:03.0352 2504 THREADORDER - ok
19:57:03.0458 2504 [ 28644B0523D64EFF2FC7312A2EE74B0A ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:57:03.0459 2504 TMachInfo - ok
19:57:03.0530 2504 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\windows\system32\TODDSrv.exe
19:57:03.0540 2504 TODDSrv - ok
19:57:03.0731 2504 [ DB9719688C08F42705FEB3F6A0C98B91 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:57:03.0738 2504 TosCoSrv - ok
19:57:03.0821 2504 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:57:03.0825 2504 TOSHIBA HDD SSD Alert Service - ok
19:57:03.0854 2504 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
19:57:03.0857 2504 TrkWks - ok
19:57:03.0916 2504 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:57:03.0918 2504 TrustedInstaller - ok
19:57:03.0959 2504 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:57:03.0961 2504 tssecsrv - ok
19:57:04.0016 2504 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:57:04.0018 2504 TsUsbFlt - ok
19:57:04.0088 2504 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:57:04.0092 2504 tunnel - ok
19:57:04.0146 2504 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
19:57:04.0149 2504 TVALZ - ok
19:57:04.0173 2504 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
19:57:04.0176 2504 uagp35 - ok
19:57:04.0217 2504 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:57:04.0224 2504 udfs - ok
19:57:04.0264 2504 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:57:04.0268 2504 UI0Detect - ok
19:57:04.0281 2504 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:57:04.0283 2504 uliagpkx - ok
19:57:04.0344 2504 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
19:57:04.0346 2504 umbus - ok
19:57:04.0399 2504 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
19:57:04.0401 2504 UmPass - ok
19:57:04.0543 2504 [ 48E114762941941D5821EAAE29D75E9E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:57:04.0599 2504 UNS - ok
19:57:04.0626 2504 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
19:57:04.0633 2504 upnphost - ok
19:57:04.0662 2504 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:57:04.0665 2504 usbccgp - ok
19:57:04.0687 2504 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:57:04.0690 2504 usbcir - ok
19:57:04.0710 2504 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
19:57:04.0713 2504 usbehci - ok
19:57:04.0763 2504 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:57:04.0770 2504 usbhub - ok
19:57:04.0791 2504 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
19:57:04.0794 2504 usbohci - ok
19:57:04.0816 2504 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
19:57:04.0818 2504 usbprint - ok
19:57:04.0835 2504 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:57:04.0838 2504 USBSTOR - ok
19:57:04.0856 2504 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:57:04.0858 2504 usbuhci - ok
19:57:04.0918 2504 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
19:57:04.0922 2504 usbvideo - ok
19:57:04.0945 2504 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
19:57:04.0947 2504 UxSms - ok
19:57:04.0958 2504 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
19:57:04.0959 2504 VaultSvc - ok
19:57:05.0003 2504 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:57:05.0005 2504 vdrvroot - ok
19:57:05.0047 2504 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
19:57:05.0056 2504 vds - ok
19:57:05.0088 2504 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:57:05.0090 2504 vga - ok
19:57:05.0101 2504 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
19:57:05.0103 2504 VgaSave - ok
19:57:05.0146 2504 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:57:05.0150 2504 vhdmp - ok
19:57:05.0164 2504 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
19:57:05.0166 2504 viaide - ok
19:57:05.0180 2504 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:57:05.0182 2504 volmgr - ok
19:57:05.0223 2504 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:57:05.0229 2504 volmgrx - ok
19:57:05.0246 2504 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
19:57:05.0252 2504 volsnap - ok
19:57:05.0289 2504 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
19:57:05.0293 2504 vsmraid - ok
19:57:05.0347 2504 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
19:57:05.0381 2504 VSS - ok
19:57:05.0463 2504 [ EF51747440486C23BD466311048BD924 ] vToolbarUpdater12.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
19:57:05.0494 2504 vToolbarUpdater12.2.0 - ok
19:57:05.0518 2504 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:57:05.0520 2504 vwifibus - ok
19:57:05.0586 2504 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:57:05.0589 2504 vwififlt - ok
19:57:05.0679 2504 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
19:57:05.0687 2504 W32Time - ok
19:57:05.0713 2504 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
19:57:05.0716 2504 WacomPen - ok
19:57:05.0784 2504 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:57:05.0787 2504 WANARP - ok
19:57:05.0792 2504 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:57:05.0793 2504 Wanarpv6 - ok
19:57:05.0902 2504 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:57:05.0936 2504 WatAdminSvc - ok
19:57:05.0995 2504 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
19:57:06.0029 2504 wbengine - ok
19:57:06.0058 2504 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:57:06.0064 2504 WbioSrvc - ok
19:57:06.0105 2504 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
19:57:06.0128 2504 wcncsvc - ok
19:57:06.0147 2504 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:57:06.0154 2504 WcsPlugInService - ok
19:57:06.0186 2504 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
19:57:06.0188 2504 Wd - ok
19:57:06.0210 2504 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:57:06.0233 2504 Wdf01000 - ok
19:57:06.0247 2504 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
19:57:06.0249 2504 WdiServiceHost - ok
19:57:06.0256 2504 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
19:57:06.0258 2504 WdiSystemHost - ok
19:57:06.0292 2504 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
19:57:06.0299 2504 WebClient - ok
19:57:06.0342 2504 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
19:57:06.0348 2504 Wecsvc - ok
19:57:06.0364 2504 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
19:57:06.0366 2504 wercplsupport - ok
19:57:06.0413 2504 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
19:57:06.0416 2504 WerSvc - ok
19:57:06.0453 2504 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:57:06.0455 2504 WfpLwf - ok
19:57:06.0488 2504 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:57:06.0490 2504 WIMMount - ok
19:57:06.0520 2504 WinDefend - ok
19:57:06.0529 2504 WinHttpAutoProxySvc - ok
19:57:06.0593 2504 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:57:06.0598 2504 Winmgmt - ok
19:57:06.0675 2504 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
19:57:06.0744 2504 WinRM - ok
19:57:06.0831 2504 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
19:57:06.0833 2504 WinUsb - ok
19:57:06.0876 2504 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
19:57:06.0899 2504 Wlansvc - ok
19:57:06.0973 2504 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:57:06.0977 2504 wlcrasvc - ok
19:57:07.0070 2504 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:57:07.0154 2504 wlidsvc - ok
19:57:07.0185 2504 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
19:57:07.0187 2504 WmiAcpi - ok
19:57:07.0210 2504 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:57:07.0214 2504 wmiApSrv - ok
19:57:07.0265 2504 WMPNetworkSvc - ok
19:57:07.0295 2504 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
19:57:07.0312 2504 WPCSvc - ok
19:57:07.0350 2504 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:57:07.0353 2504 WPDBusEnum - ok
19:57:07.0386 2504 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:57:07.0388 2504 ws2ifsl - ok
19:57:07.0447 2504 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
19:57:07.0452 2504 wscsvc - ok
19:57:07.0457 2504 WSearch - ok
19:57:07.0544 2504 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
19:57:07.0601 2504 wuauserv - ok
19:57:07.0643 2504 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:57:07.0647 2504 WudfPf - ok
19:57:07.0753 2504 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:57:07.0758 2504 WUDFRd - ok
19:57:07.0798 2504 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:57:07.0801 2504 wudfsvc - ok
19:57:07.0829 2504 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
19:57:07.0835 2504 WwanSvc - ok
19:57:07.0869 2504 ================ Scan global ===============================
19:57:07.0915 2504 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:57:07.0950 2504 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
19:57:07.0960 2504 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
19:57:07.0979 2504 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:57:08.0007 2504 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:57:08.0013 2504 [Global] - ok
19:57:08.0013 2504 ================ Scan MBR ==================================
19:57:08.0023 2504 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
19:57:08.0365 2504 \Device\Harddisk0\DR0 - ok
19:57:08.0366 2504 ================ Scan VBR ==================================
19:57:08.0376 2504 [ 98FFE74104032F2AE1C7F47A0E31CC26 ] \Device\Harddisk0\DR0\Partition1
19:57:08.0379 2504 \Device\Harddisk0\DR0\Partition1 - ok
19:57:08.0380 2504 ============================================================
19:57:08.0380 2504 Scan finished
19:57:08.0380 2504 ============================================================
19:57:08.0399 5516 Detected object count: 0
19:57:08.0399 5516 Actual detected object count: 0
19:57:44.0450 3160 ============================================================
19:57:44.0450 3160 Scan started
19:57:44.0450 3160 Mode: Manual;
19:57:44.0450 3160 ============================================================
19:57:44.0690 3160 ================ Scan system memory ========================
19:57:44.0690 3160 System memory - ok
19:57:44.0691 3160 ================ Scan services =============================
19:57:44.0861 3160 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:57:44.0864 3160 1394ohci - ok
19:57:44.0908 3160 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:57:44.0911 3160 ACPI - ok
19:57:44.0945 3160 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:57:44.0945 3160 AcpiPmi - ok
19:57:45.0068 3160 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:57:45.0071 3160 AdobeFlashPlayerUpdateSvc - ok
19:57:45.0108 3160 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
19:57:45.0113 3160 adp94xx - ok
19:57:45.0129 3160 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
19:57:45.0132 3160 adpahci - ok
19:57:45.0151 3160 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
19:57:45.0152 3160 adpu320 - ok
19:57:45.0178 3160 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:57:45.0179 3160 AeLookupSvc - ok
19:57:45.0234 3160 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
19:57:45.0237 3160 AFD - ok
19:57:45.0270 3160 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
19:57:45.0271 3160 agp440 - ok
19:57:45.0293 3160 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
19:57:45.0294 3160 ALG - ok
19:57:45.0328 3160 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
19:57:45.0329 3160 aliide - ok
19:57:45.0366 3160 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
19:57:45.0367 3160 amdide - ok
19:57:45.0395 3160 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
19:57:45.0396 3160 AmdK8 - ok
19:57:45.0412 3160 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
19:57:45.0413 3160 AmdPPM - ok
19:57:45.0452 3160 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
19:57:45.0453 3160 amdsata - ok
19:57:45.0477 3160 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
19:57:45.0478 3160 amdsbs - ok
19:57:45.0514 3160 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
19:57:45.0515 3160 amdxata - ok
19:57:45.0547 3160 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
19:57:45.0548 3160 AppID - ok
19:57:45.0579 3160 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:57:45.0580 3160 AppIDSvc - ok
19:57:45.0618 3160 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
19:57:45.0619 3160 Appinfo - ok
19:57:45.0651 3160 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
19:57:45.0652 3160 arc - ok
19:57:45.0671 3160 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
19:57:45.0672 3160 arcsas - ok
19:57:45.0685 3160 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:57:45.0686 3160 AsyncMac - ok
19:57:45.0724 3160 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
19:57:45.0725 3160 atapi - ok
19:57:45.0776 3160 [ D6CAD7E5B05055BB8226BDCB1644DA27 ] athr C:\windows\system32\DRIVERS\athrx.sys
19:57:45.0785 3160 athr - ok
19:57:45.0842 3160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:57:45.0850 3160 AudioEndpointBuilder - ok
19:57:45.0877 3160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:57:45.0882 3160 AudioSrv - ok
19:57:45.0915 3160 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys
19:57:45.0916 3160 AVGIDSHA - ok
19:57:45.0933 3160 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
19:57:45.0936 3160 Avgtdia - ok
19:57:45.0958 3160 [ E964EA70249DDE1343C8F694B52575EE ] avgtp C:\windows\system32\drivers\avgtpx64.sys
19:57:45.0958 3160 avgtp - ok
19:57:46.0054 3160 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:57:46.0057 3160 avgwd - ok
19:57:46.0094 3160 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
19:57:46.0096 3160 AxInstSV - ok
19:57:46.0138 3160 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
19:57:46.0143 3160 b06bdrv - ok
19:57:46.0165 3160 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:57:46.0167 3160 b57nd60a - ok
19:57:46.0203 3160 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
19:57:46.0204 3160 BDESVC - ok
19:57:46.0223 3160 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
19:57:46.0224 3160 Beep - ok
19:57:46.0273 3160 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
19:57:46.0279 3160 BFE - ok
19:57:46.0480 3160 [ E99F59342171101EE2446D0CD1A60A8D ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\BASHDefs\20120823.005\BHDrvx64.sys
19:57:46.0493 3160 BHDrvx64 - ok
19:57:46.0556 3160 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
19:57:46.0569 3160 BITS - ok
19:57:46.0584 3160 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:57:46.0585 3160 blbdrive - ok
19:57:46.0614 3160 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:57:46.0615 3160 bowser - ok
19:57:46.0649 3160 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
19:57:46.0649 3160 BrFiltLo - ok
19:57:46.0666 3160 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
19:57:46.0667 3160 BrFiltUp - ok
19:57:46.0678 3160 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
19:57:46.0679 3160 BridgeMP - ok
19:57:46.0715 3160 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
19:57:46.0716 3160 Browser - ok
19:57:46.0740 3160 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:57:46.0742 3160 Brserid - ok
19:57:46.0758 3160 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:57:46.0759 3160 BrSerWdm - ok
19:57:46.0774 3160 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:57:46.0775 3160 BrUsbMdm - ok
19:57:46.0795 3160 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:57:46.0795 3160 BrUsbSer - ok
19:57:46.0808 3160 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
19:57:46.0809 3160 BTHMODEM - ok
19:57:46.0846 3160 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
19:57:46.0847 3160 bthserv - ok
19:57:46.0850 3160 catchme - ok
19:57:46.0923 3160 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NAV C:\windows\system32\drivers\NAVx64\1308000.00E\ccSetx64.sys
19:57:46.0924 3160 ccSet_NAV - ok
19:57:46.0951 3160 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:57:46.0952 3160 cdfs - ok
19:57:46.0996 3160 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
19:57:46.0998 3160 cdrom - ok
19:57:47.0029 3160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
19:57:47.0030 3160 CertPropSvc - ok
19:57:47.0046 3160 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
19:57:47.0047 3160 circlass - ok
19:57:47.0079 3160 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
19:57:47.0081 3160 CLFS - ok
19:57:47.0151 3160 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:57:47.0153 3160 clr_optimization_v2.0.50727_32 - ok
19:57:47.0194 3160 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:57:47.0197 3160 clr_optimization_v2.0.50727_64 - ok
19:57:47.0249 3160 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:57:47.0251 3160 clr_optimization_v4.0.30319_32 - ok
19:57:47.0285 3160 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:57:47.0288 3160 clr_optimization_v4.0.30319_64 - ok
19:57:47.0301 3160 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:57:47.0302 3160 CmBatt - ok
19:57:47.0339 3160 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
19:57:47.0340 3160 cmdide - ok
19:57:47.0378 3160 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
19:57:47.0382 3160 CNG - ok
19:57:47.0424 3160 [ 25C58EE97BE0416A373E3E4F855206B5 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
19:57:47.0430 3160 CnxtHdAudService - ok
19:57:47.0461 3160 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
19:57:47.0462 3160 Compbatt - ok
19:57:47.0494 3160 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
19:57:47.0495 3160 CompositeBus - ok
19:57:47.0500 3160 COMSysApp - ok
19:57:47.0516 3160 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
19:57:47.0517 3160 crcdisk - ok
19:57:47.0556 3160 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
19:57:47.0558 3160 CryptSvc - ok
19:57:47.0609 3160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
19:57:47.0615 3160 DcomLaunch - ok
19:57:47.0646 3160 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
19:57:47.0649 3160 defragsvc - ok
19:57:47.0686 3160 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:57:47.0687 3160 DfsC - ok
19:57:47.0728 3160 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
19:57:47.0731 3160 Dhcp - ok
19:57:47.0753 3160 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
19:57:47.0754 3160 discache - ok
19:57:47.0771 3160 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
19:57:47.0772 3160 Disk - ok
19:57:47.0801 3160 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:57:47.0803 3160 Dnscache - ok
19:57:47.0843 3160 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
19:57:47.0846 3160 dot3svc - ok
19:57:47.0883 3160 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
19:57:47.0885 3160 DPS - ok
19:57:47.0976 3160 [ 64EE6EE123B81A5C3406EFA83E2447AF ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
19:57:47.0990 3160 DragonUpdater - ok
19:57:48.0020 3160 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:57:48.0021 3160 drmkaud - ok
19:57:48.0070 3160 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:57:48.0075 3160 DXGKrnl - ok
19:57:48.0109 3160 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
19:57:48.0111 3160 EapHost - ok
19:57:48.0191 3160 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
19:57:48.0212 3160 ebdrv - ok
19:57:48.0296 3160 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:57:48.0301 3160 eeCtrl - ok
19:57:48.0327 3160 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
19:57:48.0329 3160 EFS - ok
19:57:48.0401 3160 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:57:48.0407 3160 ehRecvr - ok
19:57:48.0442 3160 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
19:57:48.0444 3160 ehSched - ok
19:57:48.0485 3160 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
19:57:48.0489 3160 elxstor - ok
19:57:48.0523 3160 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:57:48.0524 3160 EraserUtilRebootDrv - ok
19:57:48.0546 3160 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
19:57:48.0547 3160 ErrDev - ok
19:57:48.0585 3160 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
19:57:48.0589 3160 EventSystem - ok
19:57:48.0611 3160 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
19:57:48.0613 3160 exfat - ok
19:57:48.0650 3160 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
19:57:48.0652 3160 fastfat - ok
19:57:48.0793 3160 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
19:57:48.0800 3160 Fax - ok
19:57:48.0822 3160 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
19:57:48.0823 3160 fdc - ok
19:57:48.0852 3160 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
19:57:48.0853 3160 fdPHost - ok
19:57:48.0868 3160 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
19:57:48.0870 3160 FDResPub - ok
19:57:48.0898 3160 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:57:48.0899 3160 FileInfo - ok
19:57:48.0917 3160 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:57:48.0918 3160 Filetrace - ok
19:57:48.0939 3160 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
19:57:48.0940 3160 flpydisk - ok
19:57:48.0974 3160 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:57:48.0976 3160 FltMgr - ok
19:57:49.0018 3160 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
19:57:49.0025 3160 FontCache - ok
19:57:49.0087 3160 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:57:49.0088 3160 FontCache3.0.0.0 - ok
19:57:49.0114 3160 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:57:49.0115 3160 FsDepends - ok
19:57:49.0153 3160 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:57:49.0154 3160 Fs_Rec - ok
19:57:49.0191 3160 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:57:49.0193 3160 fvevol - ok
19:57:49.0226 3160 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
19:57:49.0227 3160 FwLnk - ok
19:57:49.0250 3160 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
19:57:49.0251 3160 gagp30kx - ok
19:57:49.0300 3160 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
19:57:49.0308 3160 gpsvc - ok
19:57:49.0402 3160 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:57:49.0403 3160 gupdate - ok
19:57:49.0409 3160 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:57:49.0410 3160 gupdatem - ok
19:57:49.0436 3160 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:57:49.0437 3160 hcw85cir - ok
19:57:49.0474 3160 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:57:49.0476 3160 HdAudAddService - ok
19:57:49.0511 3160 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
19:57:49.0512 3160 HDAudBus - ok
19:57:49.0536 3160 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
19:57:49.0536 3160 HECIx64 - ok
19:57:49.0550 3160 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
19:57:49.0550 3160 HidBatt - ok
19:57:49.0565 3160 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
19:57:49.0566 3160 HidBth - ok
19:57:49.0575 3160 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
19:57:49.0576 3160 HidIr - ok
19:57:49.0606 3160 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
19:57:49.0607 3160 hidserv - ok
19:57:49.0641 3160 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
19:57:49.0642 3160 HidUsb - ok
19:57:49.0681 3160 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
19:57:49.0683 3160 hkmsvc - ok
19:57:49.0719 3160 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:57:49.0721 3160 HomeGroupListener - ok
19:57:49.0753 3160 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:57:49.0756 3160 HomeGroupProvider - ok
19:57:49.0792 3160 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:57:49.0793 3160 HpSAMD - ok
19:57:49.0839 3160 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:57:49.0846 3160 HTTP - ok
19:57:49.0878 3160 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:57:49.0878 3160 hwpolicy - ok
19:57:49.0925 3160 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
19:57:49.0926 3160 i8042prt - ok
19:57:49.0964 3160 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
19:57:49.0967 3160 iaStor - ok
19:57:49.0996 3160 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:57:49.0998 3160 iaStorV - ok
19:57:50.0056 3160 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:57:50.0061 3160 idsvc - ok
19:57:50.0172 3160 [ 82AB40147567DE48C405AFE570A2266F ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\IPSDefs\20120828.001\IDSvia64.sys
19:57:50.0177 3160 IDSVia64 - ok
19:57:50.0407 3160 [ 898AB5BFED7040D7AB07AF01885EB944 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
19:57:50.0458 3160 igfx - ok
19:57:50.0490 3160 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
19:57:50.0491 3160 iirsp - ok
19:57:50.0531 3160 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
19:57:50.0536 3160 IKEEXT - ok
19:57:50.0560 3160 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
19:57:50.0561 3160 Impcd - ok
19:57:50.0578 3160 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
19:57:50.0579 3160 intelide - ok
19:57:50.0594 3160 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:57:50.0596 3160 intelppm - ok
19:57:50.0616 3160 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:57:50.0618 3160 IPBusEnum - ok
19:57:50.0652 3160 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:57:50.0653 3160 IpFilterDriver - ok
19:57:50.0682 3160 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
19:57:50.0686 3160 iphlpsvc - ok
19:57:50.0719 3160 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:57:50.0720 3160 IPMIDRV - ok
19:57:50.0753 3160 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:57:50.0753 3160 IPNAT - ok
19:57:50.0774 3160 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
19:57:50.0775 3160 IRENUM - ok
19:57:50.0789 3160 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:57:50.0789 3160 isapnp - ok
19:57:50.0819 3160 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:57:50.0821 3160 iScsiPrt - ok
19:57:50.0844 3160 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
19:57:50.0845 3160 kbdclass - ok
19:57:50.0881 3160 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
19:57:50.0882 3160 kbdhid - ok
19:57:50.0902 3160 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
19:57:50.0903 3160 KeyIso - ok
19:57:50.0938 3160 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:57:50.0939 3160 KSecDD - ok
19:57:50.0969 3160 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:57:50.0970 3160 KSecPkg - ok
19:57:50.0986 3160 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
19:57:50.0987 3160 ksthunk - ok
19:57:51.0013 3160 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
19:57:51.0017 3160 KtmRm - ok
19:57:51.0047 3160 [ 48686C29856F46443952A831424F8D6F ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
19:57:51.0048 3160 L1C - ok
19:57:51.0086 3160 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
19:57:51.0088 3160 LanmanServer - ok
19:57:51.0115 3160 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:57:51.0117 3160 LanmanWorkstation - ok
19:57:51.0141 3160 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:57:51.0141 3160 lltdio - ok
19:57:51.0181 3160 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
19:57:51.0183 3160 lltdsvc - ok
19:57:51.0195 3160 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
19:57:51.0197 3160 lmhosts - ok
19:57:51.0265 3160 [ 259E9D38F7CABB068530101F87B6C202 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:57:51.0266 3160 LMS - ok
19:57:51.0284 3160 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
19:57:51.0285 3160 LSI_FC - ok
19:57:51.0315 3160 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
19:57:51.0316 3160 LSI_SAS - ok
19:57:51.0326 3160 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
19:57:51.0327 3160 LSI_SAS2 - ok
19:57:51.0344 3160 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
19:57:51.0345 3160 LSI_SCSI - ok
19:57:51.0363 3160 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
19:57:51.0364 3160 luafv - ok
19:57:51.0387 3160 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
19:57:51.0388 3160 MBAMProtector - ok
19:57:51.0467 3160 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:57:51.0470 3160 MBAMService - ok
19:57:51.0509 3160 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:57:51.0510 3160 Mcx2Svc - ok
19:57:51.0539 3160 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
19:57:51.0540 3160 megasas - ok
19:57:51.0562 3160 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
19:57:51.0564 3160 MegaSR - ok
19:57:51.0595 3160 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
19:57:51.0596 3160 MMCSS - ok
19:57:51.0601 3160 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
19:57:51.0602 3160 Modem - ok
19:57:51.0614 3160 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:57:51.0614 3160 monitor - ok
19:57:51.0651 3160 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
19:57:51.0652 3160 mouclass - ok
19:57:51.0676 3160 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:57:51.0677 3160 mouhid - ok
19:57:51.0709 3160 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:57:51.0710 3160 mountmgr - ok
19:57:51.0742 3160 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
19:57:51.0743 3160 mpio - ok
19:57:51.0761 3160 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:57:51.0762 3160 mpsdrv - ok
19:57:51.0809 3160 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
19:57:51.0814 3160 MpsSvc - ok
19:57:51.0850 3160 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:57:51.0851 3160 MRxDAV - ok
19:57:51.0891 3160 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:57:51.0892 3160 mrxsmb - ok
19:57:51.0938 3160 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:57:51.0939 3160 mrxsmb10 - ok
19:57:51.0955 3160 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:57:51.0956 3160 mrxsmb20 - ok
19:57:51.0988 3160 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
19:57:51.0989 3160 msahci - ok
19:57:52.0009 3160 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:57:52.0010 3160 msdsm - ok
19:57:52.0026 3160 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
19:57:52.0028 3160 MSDTC - ok
19:57:52.0062 3160 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
19:57:52.0063 3160 Msfs - ok
19:57:52.0079 3160 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:57:52.0080 3160 mshidkmdf - ok
19:57:52.0114 3160 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:57:52.0114 3160 msisadrv - ok
19:57:52.0145 3160 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:57:52.0147 3160 MSiSCSI - ok
19:57:52.0151 3160 msiserver - ok
19:57:52.0175 3160 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:57:52.0176 3160 MSKSSRV - ok
19:57:52.0187 3160 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:57:52.0188 3160 MSPCLOCK - ok
19:57:52.0200 3160 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:57:52.0200 3160 MSPQM - ok
19:57:52.0230 3160 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:57:52.0233 3160 MsRPC - ok
19:57:52.0278 3160 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
19:57:52.0279 3160 mssmbios - ok
19:57:52.0310 3160 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:57:52.0311 3160 MSTEE - ok
19:57:52.0328 3160 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
19:57:52.0329 3160 MTConfig - ok
19:57:52.0344 3160 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
19:57:52.0345 3160 Mup - ok
19:57:52.0434 3160 [ 953FAD3DA03F50AF5E9E7B1FF6B5C90A ] MySql C:\mysql\bin\mysqld-nt.exe
19:57:52.0443 3160 MySql - ok
19:57:52.0490 3160 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
19:57:52.0493 3160 napagent - ok
19:57:52.0528 3160 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:57:52.0530 3160 NativeWifiP - ok
19:57:52.0583 3160 [ F2840DBFE9322F35557219AE82CC4597 ] NAV C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
19:57:52.0585 3160 NAV - ok
19:57:52.0651 3160 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\VirusDefs\20120828.018\ENG64.SYS
19:57:52.0652 3160 NAVENG - ok
19:57:52.0721 3160 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.0.0.128\Definitions\VirusDefs\20120828.018\EX64.SYS
19:57:52.0731 3160 NAVEX15 - ok
19:57:52.0778 3160 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
19:57:52.0782 3160 NDIS - ok
19:57:52.0810 3160 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:57:52.0810 3160 NdisCap - ok
19:57:52.0828 3160 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:57:52.0828 3160 NdisTapi - ok
19:57:52.0855 3160 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:57:52.0855 3160 Ndisuio - ok
19:57:52.0901 3160 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:57:52.0902 3160 NdisWan - ok
19:57:52.0934 3160 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:57:52.0935 3160 NDProxy - ok
19:57:52.0959 3160 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:57:52.0960 3160 NetBIOS - ok
19:57:52.0999 3160 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:57:53.0002 3160 NetBT - ok
19:57:53.0015 3160 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
19:57:53.0017 3160 Netlogon - ok
19:57:53.0053 3160 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
19:57:53.0059 3160 Netman - ok
19:57:53.0076 3160 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
19:57:53.0084 3160 netprofm - ok
19:57:53.0116 3160 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:57:53.0117 3160 NetTcpPortSharing - ok
19:57:53.0146 3160 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
19:57:53.0146 3160 nfrd960 - ok
19:57:53.0183 3160 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
19:57:53.0185 3160 NlaSvc - ok
19:57:53.0200 3160 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
19:57:53.0200 3160 Npfs - ok
19:57:53.0226 3160 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
19:57:53.0227 3160 nsi - ok
19:57:53.0240 3160 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:57:53.0240 3160 nsiproxy - ok
19:57:53.0309 3160 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:57:53.0328 3160 Ntfs - ok
19:57:53.0362 3160 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
19:57:53.0363 3160 Null - ok
19:57:53.0403 3160 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
19:57:53.0404 3160 nvraid - ok
19:57:53.0417 3160 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
19:57:53.0418 3160 nvstor - ok
19:57:53.0454 3160 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:57:53.0455 3160 nv_agp - ok
19:57:53.0483 3160 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:57:53.0484 3160 ohci1394 - ok
19:57:53.0533 3160 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:57:53.0534 3160 ose - ok
19:57:53.0698 3160 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:57:53.0724 3160 osppsvc - ok
19:57:53.0769 3160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:57:53.0772 3160 p2pimsvc - ok
19:57:53.0809 3160 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
19:57:53.0813 3160 p2psvc - ok
19:57:53.0846 3160 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
19:57:53.0847 3160 Parport - ok
19:57:53.0875 3160 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
19:57:53.0876 3160 partmgr - ok
19:57:53.0913 3160 [ 5418D3D8A2135C533F232E3C2B83F153 ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
19:57:53.0914 3160 pbfilter - ok
19:57:53.0942 3160 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
19:57:53.0945 3160 PcaSvc - ok
19:57:53.0967 3160 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
19:57:53.0969 3160 pci - ok
19:57:53.0995 3160 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
19:57:53.0996 3160 pciide - ok
19:57:54.0018 3160 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
19:57:54.0020 3160 pcmcia - ok
19:57:54.0071 3160 [ A0E7D752514A7D99341D5F2A834224A9 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
19:57:54.0074 3160 PCToolsSSDMonitorSvc - ok
19:57:54.0092 3160 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
19:57:54.0093 3160 pcw - ok
19:57:54.0117 3160 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:57:54.0120 3160 PEAUTH - ok
19:57:54.0191 3160 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
19:57:54.0192 3160 PerfHost - ok
19:57:54.0222 3160 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
19:57:54.0223 3160 PGEffect - ok
19:57:54.0287 3160 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
19:57:54.0299 3160 pla - ok
19:57:54.0349 3160 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:57:54.0357 3160 PlugPlay - ok
19:57:54.0374 3160 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:57:54.0376 3160 PNRPAutoReg - ok
19:57:54.0397 3160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:57:54.0400 3160 PNRPsvc - ok
19:57:54.0419 3160 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:57:54.0423 3160 PolicyAgent - ok
19:57:54.0456 3160 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
19:57:54.0458 3160 Power - ok
19:57:54.0488 3160 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:57:54.0489 3160 PptpMiniport - ok
19:57:54.0520 3160 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
19:57:54.0521 3160 Processor - ok
19:57:54.0563 3160 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
19:57:54.0565 3160 ProfSvc - ok
19:57:54.0578 3160 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
19:57:54.0579 3160 ProtectedStorage - ok
19:57:54.0605 3160 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:57:54.0606 3160 Psched - ok
19:57:54.0652 3160 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
19:57:54.0661 3160 ql2300 - ok
19:57:54.0687 3160 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
19:57:54.0688 3160 ql40xx - ok
19:57:54.0714 3160 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
19:57:54.0717 3160 QWAVE - ok
19:57:54.0731 3160 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:57:54.0732 3160 QWAVEdrv - ok
19:57:54.0754 3160 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:57:54.0754 3160 RasAcd - ok
19:57:54.0788 3160 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:57:54.0789 3160 RasAgileVpn - ok
19:57:54.0807 3160 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
19:57:54.0809 3160 RasAuto - ok
19:57:54.0846 3160 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:57:54.0847 3160 Rasl2tp - ok
19:57:54.0886 3160 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
19:57:54.0889 3160 RasMan - ok
19:57:54.0916 3160 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:57:54.0917 3160 RasPppoe - ok
19:57:54.0928 3160 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:57:54.0929 3160 RasSstp - ok
19:57:54.0960 3160 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:57:54.0962 3160 rdbss - ok
19:57:54.0983 3160 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
19:57:54.0984 3160 rdpbus - ok
19:57:54.0999 3160 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:57:55.0000 3160 RDPCDD - ok
19:57:55.0006 3160 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:57:55.0006 3160 RDPENCDD - ok
19:57:55.0022 3160 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:57:55.0023 3160 RDPREFMP - ok
19:57:55.0058 3160 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:57:55.0060 3160 RDPWD - ok
19:57:55.0106 3160 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:57:55.0108 3160 rdyboost - ok
19:57:55.0138 3160 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
19:57:55.0140 3160 RemoteAccess - ok
19:57:55.0167 3160 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:57:55.0170 3160 RemoteRegistry - ok
19:57:55.0182 3160 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:57:55.0184 3160 RpcEptMapper - ok
19:57:55.0193 3160 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
19:57:55.0194 3160 RpcLocator - ok
19:57:55.0234 3160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
19:57:55.0238 3160 RpcSs - ok
19:57:55.0261 3160 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:57:55.0262 3160 rspndr - ok
19:57:55.0298 3160 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
19:57:55.0300 3160 RSUSBSTOR - ok
19:57:55.0315 3160 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
19:57:55.0317 3160 SamSs - ok
19:57:55.0351 3160 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:57:55.0352 3160 sbp2port - ok
19:57:55.0423 3160 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
19:57:55.0428 3160 SCardSvr - ok
19:57:55.0462 3160 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:57:55.0463 3160 scfilter - ok
19:57:55.0511 3160 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
19:57:55.0523 3160 Schedule - ok
19:57:55.0569 3160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
19:57:55.0571 3160 SCPolicySvc - ok
19:57:55.0606 3160 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:57:55.0610 3160 SDRSVC - ok
19:57:55.0641 3160 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:57:55.0642 3160 secdrv - ok
19:57:55.0677 3160 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
19:57:55.0679 3160 seclogon - ok
19:57:55.0702 3160 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
19:57:55.0704 3160 SENS - ok
19:57:55.0719 3160 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
19:57:55.0722 3160 SensrSvc - ok
19:57:55.0744 3160 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
19:57:55.0744 3160 Serenum - ok
19:57:55.0758 3160 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
19:57:55.0759 3160 Serial - ok
19:57:55.0773 3160 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
19:57:55.0774 3160 sermouse - ok
19:57:55.0823 3160 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
19:57:55.0825 3160 SessionEnv - ok
19:57:55.0858 3160 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:57:55.0858 3160 sffdisk - ok
19:57:55.0894 3160 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:57:55.0895 3160 sffp_mmc - ok
19:57:55.0907 3160 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:57:55.0907 3160 sffp_sd - ok
19:57:55.0941 3160 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
19:57:55.0941 3160 sfloppy - ok
19:57:55.0978 3160 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
19:57:55.0982 3160 SharedAccess - ok
19:57:56.0019 3160 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:57:56.0023 3160 ShellHWDetection - ok
19:57:56.0040 3160 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
19:57:56.0041 3160 SiSRaid2 - ok
19:57:56.0064 3160 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
19:57:56.0065 3160 SiSRaid4 - ok
19:57:56.0180 3160 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:57:56.0199 3160 Skype C2C Service - ok
19:57:56.0265 3160 [ EF3B592545676301CDEB7C2609EED7BF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:57:56.0267 3160 SkypeUpdate - ok
19:57:56.0283 3160 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
19:57:56.0284 3160 Smb - ok
19:57:56.0328 3160 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:57:56.0330 3160 SNMPTRAP - ok
19:57:56.0350 3160 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
19:57:56.0351 3160 spldr - ok
19:57:56.0395 3160 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
19:57:56.0401 3160 Spooler - ok
19:57:56.0516 3160 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
19:57:56.0541 3160 sppsvc - ok
19:57:56.0564 3160 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:57:56.0566 3160 sppuinotify - ok
19:57:56.0641 3160 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\windows\System32\Drivers\NAVx64\1308000.00E\SRTSP64.SYS
19:57:56.0645 3160 SRTSP - ok
19:57:56.0659 3160 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\windows\system32\drivers\NAVx64\1308000.00E\SRTSPX64.SYS
19:57:56.0660 3160 SRTSPX - ok
19:57:56.0701 3160 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
19:57:56.0704 3160 srv - ok
19:57:56.0724 3160 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:57:56.0726 3160 srv2 - ok
19:57:56.0741 3160 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:57:56.0743 3160 srvnet - ok
19:57:56.0764 3160 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:57:56.0766 3160 SSDPSRV - ok
19:57:56.0776 3160 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
19:57:56.0778 3160 SstpSvc - ok
19:57:56.0802 3160 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
19:57:56.0803 3160 stexstor - ok
19:57:56.0858 3160 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
19:57:56.0864 3160 stisvc - ok
19:57:56.0890 3160 [ 85BF0B7CE3D9B6D1611E05872E1C3E56 ] SWDUMon C:\windows\system32\DRIVERS\SWDUMon.sys
19:57:56.0890 3160 SWDUMon - ok
19:57:56.0930 3160 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
19:57:56.0931 3160 swenum - ok
19:57:56.0963 3160 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
19:57:56.0967 3160 swprv - ok
19:57:57.0016 3160 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\windows\system32\drivers\NAVx64\1308000.00E\SYMDS64.SYS
19:57:57.0020 3160 SymDS - ok
19:57:57.0072 3160 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\windows\system32\drivers\NAVx64\1308000.00E\SYMEFA64.SYS
19:57:57.0079 3160 SymEFA - ok
19:57:57.0117 3160 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
19:57:57.0118 3160 SymEvent - ok
19:57:57.0144 3160 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\windows\system32\drivers\NAVx64\1308000.00E\Ironx64.SYS
19:57:57.0145 3160 SymIRON - ok
19:57:57.0171 3160 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\windows\System32\Drivers\NAVx64\1308000.00E\SYMNETS.SYS
19:57:57.0174 3160 SymNetS - ok
19:57:57.0208 3160 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
19:57:57.0210 3160 SynTP - ok
19:57:57.0295 3160 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
19:57:57.0305 3160 SysMain - ok
19:57:57.0351 3160 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:57:57.0353 3160 TabletInputService - ok
19:57:57.0369 3160 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
19:57:57.0372 3160 TapiSrv - ok
19:57:57.0391 3160 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
19:57:57.0392 3160 TBS - ok
19:57:57.0450 3160 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:57:57.0461 3160 Tcpip - ok
19:57:57.0516 3160 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:57:57.0527 3160 TCPIP6 - ok
19:57:57.0571 3160 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:57:57.0572 3160 tcpipreg - ok
19:57:57.0623 3160 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
19:57:57.0623 3160 tdcmdpst - ok
19:57:57.0651 3160 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:57:57.0652 3160 TDPIPE - ok
19:57:57.0683 3160 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:57:57.0684 3160 TDTCP - ok
19:57:57.0726 3160 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:57:57.0727 3160 tdx - ok
19:57:57.0835 3160 [ 74FC70AE64A7B7DABEC9697CE0A1F4FA ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
19:57:57.0851 3160 TeamViewer7 - ok
19:57:57.0894 3160 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
19:57:57.0895 3160 TermDD - ok
19:57:57.0924 3160 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
19:57:57.0929 3160 TermService - ok
19:57:57.0948 3160 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
19:57:57.0950 3160 Themes - ok
19:57:57.0977 3160 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
19:57:57.0979 3160 THREADORDER - ok
19:57:58.0074 3160 [ 28644B0523D64EFF2FC7312A2EE74B0A ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:57:58.0075 3160 TMachInfo - ok
19:57:58.0111 3160 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\windows\system32\TODDSrv.exe
19:57:58.0114 3160 TODDSrv - ok
19:57:58.0172 3160 [ DB9719688C08F42705FEB3F6A0C98B91 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:57:58.0178 3160 TosCoSrv - ok
19:57:58.0229 3160 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:57:58.0230 3160 TOSHIBA HDD SSD Alert Service - ok
19:57:58.0261 3160 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
19:57:58.0263 3160 TrkWks - ok
19:57:58.0324 3160 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:57:58.0326 3160 TrustedInstaller - ok
19:57:58.0366 3160 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:57:58.0367 3160 tssecsrv - ok
19:57:58.0400 3160 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:57:58.0402 3160 TsUsbFlt - ok
19:57:58.0440 3160 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:57:58.0442 3160 tunnel - ok
19:57:58.0465 3160 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
19:57:58.0466 3160 TVALZ - ok
19:57:58.0492 3160 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
19:57:58.0493 3160 uagp35 - ok
19:57:58.0535 3160 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:57:58.0538 3160 udfs - ok
19:57:58.0572 3160 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:57:58.0575 3160 UI0Detect - ok
19:57:58.0589 3160 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:57:58.0590 3160 uliagpkx - ok
19:57:58.0619 3160 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
19:57:58.0620 3160 umbus - ok
19:57:58.0641 3160 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
19:57:58.0642 3160 UmPass - ok
19:57:58.0748 3160 [ 48E114762941941D5821EAAE29D75E9E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:57:58.0761 3160 UNS - ok
19:57:58.0802 3160 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
19:57:58.0805 3160 upnphost - ok
19:57:58.0838 3160 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:57:58.0839 3160 usbccgp - ok
19:57:58.0873 3160 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:57:58.0874 3160 usbcir - ok
19:57:58.0908 3160 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
19:57:58.0908 3160 usbehci - ok
19:57:58.0950 3160 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:57:58.0952 3160 usbhub - ok
19:57:58.0978 3160 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
19:57:58.0979 3160 usbohci - ok
19:57:59.0002 3160 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
19:57:59.0003 3160 usbprint - ok
19:57:59.0044 3160 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:57:59.0045 3160 USBSTOR - ok
19:57:59.0053 3160 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:57:59.0054 3160 usbuhci - ok
19:57:59.0094 3160 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
19:57:59.0096 3160 usbvideo - ok
19:57:59.0121 3160 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
19:57:59.0123 3160 UxSms - ok
19:57:59.0134 3160 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
19:57:59.0135 3160 VaultSvc - ok
19:57:59.0146 3160 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:57:59.0146 3160 vdrvroot - ok
19:57:59.0190 3160 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
19:57:59.0195 3160 vds - ok
19:57:59.0231 3160 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:57:59.0232 3160 vga - ok
19:57:59.0262 3160 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
19:57:59.0263 3160 VgaSave - ok
19:57:59.0300 3160 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:57:59.0301 3160 vhdmp - ok
19:57:59.0340 3160 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
19:57:59.0340 3160 viaide - ok
19:57:59.0356 3160 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:57:59.0356 3160 volmgr - ok
19:57:59.0399 3160 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:57:59.0401 3160 volmgrx - ok
19:57:59.0422 3160 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
19:57:59.0424 3160 volsnap - ok
19:57:59.0454 3160 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
19:57:59.0455 3160 vsmraid - ok
19:57:59.0511 3160 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
19:57:59.0523 3160 VSS - ok
19:57:59.0606 3160 [ EF51747440486C23BD466311048BD924 ] vToolbarUpdater12.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
19:57:59.0617 3160 vToolbarUpdater12.2.0 - ok
19:57:59.0639 3160 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:57:59.0639 3160 vwifibus - ok
19:57:59.0652 3160 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:57:59.0653 3160 vwififlt - ok
19:57:59.0690 3160 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
19:57:59.0694 3160 W32Time - ok
19:57:59.0723 3160 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
19:57:59.0724 3160 WacomPen - ok
19:57:59.0762 3160 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:57:59.0763 3160 WANARP - ok
19:57:59.0770 3160 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:57:59.0771 3160 Wanarpv6 - ok
19:57:59.0833 3160 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:57:59.0842 3160 WatAdminSvc - ok
19:57:59.0901 3160 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
19:57:59.0922 3160 wbengine - ok
19:57:59.0981 3160 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:57:59.0985 3160 WbioSrvc - ok
19:58:00.0026 3160 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
19:58:00.0031 3160 wcncsvc - ok
19:58:00.0047 3160 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:58:00.0050 3160 WcsPlugInService - ok
19:58:00.0075 3160 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
19:58:00.0076 3160 Wd - ok
19:58:00.0100 3160 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:58:00.0106 3160 Wdf01000 - ok
19:58:00.0126 3160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
19:58:00.0128 3160 WdiServiceHost - ok
19:58:00.0134 3160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
19:58:00.0137 3160 WdiSystemHost - ok
19:58:00.0183 3160 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
19:58:00.0187 3160 WebClient - ok
19:58:00.0221 3160 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
19:58:00.0228 3160 Wecsvc - ok
19:58:00.0243 3160 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
19:58:00.0248 3160 wercplsupport - ok
19:58:00.0258 3160 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
19:58:00.0261 3160 WerSvc - ok
19:58:00.0277 3160 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:58:00.0278 3160 WfpLwf - ok
19:58:00.0311 3160 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:58:00.0312 3160 WIMMount - ok
19:58:00.0344 3160 WinDefend - ok
19:58:00.0348 3160 WinHttpAutoProxySvc - ok
19:58:00.0406 3160 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:58:00.0410 3160 Winmgmt - ok
19:58:00.0489 3160 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
19:58:00.0504 3160 WinRM - ok
19:58:00.0544 3160 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
19:58:00.0545 3160 WinUsb - ok
19:58:00.0578 3160 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
19:58:00.0586 3160 Wlansvc - ok
19:58:00.0632 3160 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:58:00.0632 3160 wlcrasvc - ok
19:58:00.0720 3160 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:58:00.0738 3160 wlidsvc - ok
19:58:00.0778 3160 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
19:58:00.0779 3160 WmiAcpi - ok
19:58:00.0814 3160 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:58:00.0816 3160 wmiApSrv - ok
19:58:00.0837 3160 WMPNetworkSvc - ok
19:58:00.0866 3160 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
19:58:00.0868 3160 WPCSvc - ok
19:58:00.0899 3160 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:58:00.0902 3160 WPDBusEnum - ok
19:58:00.0924 3160 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:58:00.0925 3160 ws2ifsl - ok
19:58:00.0942 3160 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
19:58:00.0944 3160 wscsvc - ok
19:58:00.0950 3160 WSearch - ok
19:58:01.0037 3160 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
19:58:01.0056 3160 wuauserv - ok
19:58:01.0071 3160 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:58:01.0072 3160 WudfPf - ok
19:58:01.0105 3160 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:58:01.0106 3160 WUDFRd - ok
19:58:01.0139 3160 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:58:01.0141 3160 wudfsvc - ok
19:58:01.0170 3160 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
19:58:01.0173 3160 WwanSvc - ok
19:58:01.0183 3160 ================ Scan global ===============================
19:58:01.0211 3160 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:58:01.0248 3160 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
19:58:01.0256 3160 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
19:58:01.0276 3160 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:58:01.0304 3160 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:58:01.0307 3160 [Global] - ok
19:58:01.0308 3160 ================ Scan MBR ==================================
19:58:01.0319 3160 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
19:58:01.0676 3160 \Device\Harddisk0\DR0 - ok
19:58:01.0677 3160 ================ Scan VBR ==================================
19:58:01.0704 3160 [ 98FFE74104032F2AE1C7F47A0E31CC26 ] \Device\Harddisk0\DR0\Partition1
19:58:01.0707 3160 \Device\Harddisk0\DR0\Partition1 - ok
19:58:01.0707 3160 ============================================================
19:58:01.0707 3160 Scan finished
19:58:01.0707 3160 ============================================================
19:58:01.0716 3424 Detected object count: 0
19:58:01.0716 3424 Actual detected object count: 0

#10 babytequila03

babytequila03
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:09 AM

Posted 28 August 2012 - 10:11 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-28 20:03:52
-----------------------------
20:03:52.943 OS Version: Windows x64 6.1.7601 Service Pack 1
20:03:52.943 Number of processors: 4 586 0x2505
20:03:52.944 ComputerName: IK-PC UserName: ik
20:03:54.818 Initialize success
20:07:44.116 AVAST engine defs: 12082803
20:10:26.636 The log file has been saved successfully to "C:\Users\ik\Documents\aswMBR.txt"

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:09 AM

Posted 28 August 2012 - 10:13 PM

how is the computer doing now?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 babytequila03

babytequila03
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:09 AM

Posted 29 August 2012 - 12:28 PM

Its doing alright, its still doing the same thing. Thank you for helping me.

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:09 AM

Posted 31 August 2012 - 11:08 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 babytequila03

babytequila03
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:09 AM

Posted 01 September 2012 - 11:07 AM

I found out what the problem is, it was the many things you helped me with. I thank you for that. Also we need a new modem, the old one is starting to slowly go out. Thank you for all of your help

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:09 AM

Posted 01 September 2012 - 11:30 AM

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

Adobe Reader 9.3.4
Java™ 6 Update 31

[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be careful not to install anything to do with AskBar.
[/list]

Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users