Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirected search engine links


  • Please log in to reply
13 replies to this topic

#1 celtictrinityknot

celtictrinityknot

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 28 September 2012 - 10:13 PM

Hi,

Windows 7 64bit

Redirected links was happening in firefox 14.0.1 with google, I started using yahoo then it spread to that and bing. As of right now google is redirecting, using the bing search in the toolbar gets me redirected as soon as the results page loads, Yahoo and Ask are working. Google links in chrome are working. I also randomly get tabs with the same redirects that pop up when doing nothing, just having a tab open.

thanks for any help.
Noel

Edited by celtictrinityknot, 28 September 2012 - 10:15 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 PM

Posted 29 September 2012 - 03:02 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 celtictrinityknot

celtictrinityknot
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 29 September 2012 - 11:41 AM

TDSSkiller- half asleep and scanned without changing parameters first this is the second scan done right

09:39:02.0480 4276 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
09:39:03.0187 4276 ============================================================
09:39:03.0187 4276 Current date / time: 2012/09/29 09:39:03.0187
09:39:03.0187 4276 SystemInfo:
09:39:03.0187 4276
09:39:03.0187 4276 OS Version: 6.1.7601 ServicePack: 1.0
09:39:03.0187 4276 Product type: Workstation
09:39:03.0188 4276 ComputerName: NOEL-PC
09:39:03.0188 4276 UserName: Noel
09:39:03.0188 4276 Windows directory: C:\Windows
09:39:03.0188 4276 System windows directory: C:\Windows
09:39:03.0188 4276 Running under WOW64
09:39:03.0188 4276 Processor architecture: Intel x64
09:39:03.0188 4276 Number of processors: 6
09:39:03.0188 4276 Page size: 0x1000
09:39:03.0188 4276 Boot type: Normal boot
09:39:03.0188 4276 ============================================================
09:39:03.0375 4276 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
09:39:03.0375 4276 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:39:03.0379 4276 ============================================================
09:39:03.0379 4276 \Device\Harddisk0\DR0:
09:39:03.0379 4276 MBR partitions:
09:39:03.0379 4276 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:39:03.0379 4276 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
09:39:03.0379 4276 \Device\Harddisk1\DR1:
09:39:03.0379 4276 MBR partitions:
09:39:03.0379 4276 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
09:39:03.0379 4276 ============================================================
09:39:03.0407 4276 C: <-> \Device\Harddisk0\DR0\Partition2
09:39:03.0408 4276 D: <-> \Device\Harddisk1\DR1\Partition1
09:39:03.0408 4276 ============================================================
09:39:03.0408 4276 Initialize success
09:39:03.0408 4276 ============================================================
09:39:38.0718 5300 ============================================================
09:39:38.0718 5300 Scan started
09:39:38.0718 5300 Mode: Manual; TDLFS;
09:39:38.0718 5300 ============================================================
09:39:39.0091 5300 ================ Scan system memory ========================
09:39:39.0091 5300 System memory - ok
09:39:39.0092 5300 ================ Scan services =============================
09:39:39.0265 5300 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:39:39.0267 5300 1394ohci - ok
09:39:39.0318 5300 [ F146E2BA475893DD77B2370DC1211FC6 ] 76989511 C:\Windows\system32\drivers\87497116.sys
09:39:39.0338 5300 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:39:39.0340 5300 ACPI - ok
09:39:39.0374 5300 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:39:39.0374 5300 AcpiPmi - ok
09:39:39.0425 5300 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
09:39:39.0426 5300 adfs - ok
09:39:39.0555 5300 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:39:39.0559 5300 AdobeFlashPlayerUpdateSvc - ok
09:39:39.0605 5300 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:39:39.0613 5300 adp94xx - ok
09:39:39.0640 5300 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:39:39.0642 5300 adpahci - ok
09:39:39.0661 5300 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:39:39.0662 5300 adpu320 - ok
09:39:39.0686 5300 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:39:39.0686 5300 AeLookupSvc - ok
09:39:39.0735 5300 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:39:39.0739 5300 AFD - ok
09:39:39.0772 5300 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:39:39.0773 5300 agp440 - ok
09:39:39.0969 5300 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
09:39:39.0969 5300 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
09:39:39.0978 5300 Akamai ( HiddenFile.Multi.Generic ) - warning
09:39:39.0978 5300 Akamai - detected HiddenFile.Multi.Generic (1)
09:39:39.0998 5300 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:39:39.0999 5300 ALG - ok
09:39:40.0017 5300 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:39:40.0018 5300 aliide - ok
09:39:40.0070 5300 [ 0642A7B1C4B119AE2AAF1AA61CF69668 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:39:40.0074 5300 AMD External Events Utility - ok
09:39:40.0092 5300 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:39:40.0093 5300 amdide - ok
09:39:40.0118 5300 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:39:40.0119 5300 AmdK8 - ok
09:39:40.0262 5300 [ C6C0F73A038FF38EBBD9C16F79F8D3E3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:39:40.0293 5300 amdkmdag - ok
09:39:40.0313 5300 [ 4647D713CFF04FAE4F862B3144725BC1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:39:40.0314 5300 amdkmdap - ok
09:39:40.0332 5300 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:39:40.0333 5300 AmdPPM - ok
09:39:40.0371 5300 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:39:40.0372 5300 amdsata - ok
09:39:40.0405 5300 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:39:40.0406 5300 amdsbs - ok
09:39:40.0422 5300 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:39:40.0422 5300 amdxata - ok
09:39:40.0485 5300 [ B6098C92A0B8F257FD15A3A1D71BCC4A ] AODService C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
09:39:40.0488 5300 AODService - ok
09:39:40.0532 5300 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:39:40.0533 5300 AppID - ok
09:39:40.0564 5300 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:39:40.0564 5300 AppIDSvc - ok
09:39:40.0601 5300 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:39:40.0602 5300 Appinfo - ok
09:39:40.0663 5300 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:39:40.0664 5300 Apple Mobile Device - ok
09:39:40.0708 5300 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:39:40.0710 5300 AppMgmt - ok
09:39:40.0737 5300 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:39:40.0741 5300 arc - ok
09:39:40.0759 5300 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:39:40.0759 5300 arcsas - ok
09:39:40.0781 5300 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:39:40.0781 5300 AsyncMac - ok
09:39:40.0813 5300 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:39:40.0813 5300 atapi - ok
09:39:40.0975 5300 [ C6C0F73A038FF38EBBD9C16F79F8D3E3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:39:41.0008 5300 atikmdag - ok
09:39:41.0054 5300 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:39:41.0058 5300 AudioEndpointBuilder - ok
09:39:41.0073 5300 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:39:41.0077 5300 AudioSrv - ok
09:39:41.0121 5300 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:39:41.0122 5300 AxInstSV - ok
09:39:41.0155 5300 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:39:41.0158 5300 b06bdrv - ok
09:39:41.0173 5300 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:39:41.0175 5300 b57nd60a - ok
09:39:41.0201 5300 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:39:41.0202 5300 BDESVC - ok
09:39:41.0221 5300 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:39:41.0221 5300 Beep - ok
09:39:41.0244 5300 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:39:41.0244 5300 blbdrive - ok
09:39:41.0330 5300 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:39:41.0338 5300 Bonjour Service - ok
09:39:41.0384 5300 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:39:41.0385 5300 bowser - ok
09:39:41.0404 5300 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:39:41.0404 5300 BrFiltLo - ok
09:39:41.0423 5300 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:39:41.0423 5300 BrFiltUp - ok
09:39:41.0459 5300 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
09:39:41.0460 5300 Browser - ok
09:39:41.0475 5300 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:39:41.0476 5300 Brserid - ok
09:39:41.0494 5300 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:39:41.0495 5300 BrSerWdm - ok
09:39:41.0516 5300 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:39:41.0516 5300 BrUsbMdm - ok
09:39:41.0521 5300 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:39:41.0521 5300 BrUsbSer - ok
09:39:41.0550 5300 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:39:41.0551 5300 BTHMODEM - ok
09:39:41.0586 5300 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:39:41.0587 5300 bthserv - ok
09:39:41.0600 5300 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:39:41.0601 5300 cdfs - ok
09:39:41.0653 5300 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
09:39:41.0656 5300 cdrom - ok
09:39:41.0698 5300 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:39:41.0699 5300 CertPropSvc - ok
09:39:41.0713 5300 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:39:41.0713 5300 circlass - ok
09:39:41.0729 5300 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:39:41.0731 5300 CLFS - ok
09:39:41.0795 5300 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:39:41.0797 5300 clr_optimization_v2.0.50727_32 - ok
09:39:41.0832 5300 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:39:41.0833 5300 clr_optimization_v2.0.50727_64 - ok
09:39:41.0939 5300 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:39:41.0941 5300 clr_optimization_v4.0.30319_32 - ok
09:39:41.0976 5300 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:39:41.0977 5300 clr_optimization_v4.0.30319_64 - ok
09:39:42.0019 5300 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:39:42.0020 5300 CmBatt - ok
09:39:42.0055 5300 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:39:42.0057 5300 cmdide - ok
09:39:42.0101 5300 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:39:42.0117 5300 CNG - ok
09:39:42.0156 5300 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:39:42.0158 5300 Compbatt - ok
09:39:42.0199 5300 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:39:42.0201 5300 CompositeBus - ok
09:39:42.0217 5300 COMSysApp - ok
09:39:42.0229 5300 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:39:42.0232 5300 crcdisk - ok
09:39:42.0271 5300 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:39:42.0274 5300 CryptSvc - ok
09:39:42.0310 5300 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
09:39:42.0317 5300 CSC - ok
09:39:42.0367 5300 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
09:39:42.0382 5300 CscService - ok
09:39:42.0407 5300 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:39:42.0413 5300 DcomLaunch - ok
09:39:42.0437 5300 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:39:42.0441 5300 defragsvc - ok
09:39:42.0478 5300 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:39:42.0488 5300 DfsC - ok
09:39:42.0588 5300 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:39:42.0595 5300 Dhcp - ok
09:39:42.0622 5300 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:39:42.0624 5300 discache - ok
09:39:42.0646 5300 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:39:42.0648 5300 Disk - ok
09:39:42.0685 5300 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:39:42.0690 5300 Dnscache - ok
09:39:42.0732 5300 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:39:42.0741 5300 dot3svc - ok
09:39:42.0795 5300 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:39:42.0797 5300 DPS - ok
09:39:42.0827 5300 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:39:42.0829 5300 drmkaud - ok
09:39:42.0876 5300 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:39:42.0893 5300 DXGKrnl - ok
09:39:42.0960 5300 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:39:42.0964 5300 EapHost - ok
09:39:43.0078 5300 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:39:43.0093 5300 ebdrv - ok
09:39:43.0127 5300 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:39:43.0128 5300 EFS - ok
09:39:43.0181 5300 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:39:43.0198 5300 ehRecvr - ok
09:39:43.0219 5300 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:39:43.0222 5300 ehSched - ok
09:39:43.0263 5300 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:39:43.0272 5300 elxstor - ok
09:39:43.0340 5300 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
09:39:43.0343 5300 EpsonBidirectionalService - ok
09:39:43.0362 5300 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:39:43.0363 5300 ErrDev - ok
09:39:43.0400 5300 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:39:43.0404 5300 EventSystem - ok
09:39:43.0430 5300 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:39:43.0433 5300 exfat - ok
09:39:43.0450 5300 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:39:43.0453 5300 fastfat - ok
09:39:43.0493 5300 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:39:43.0501 5300 Fax - ok
09:39:43.0510 5300 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:39:43.0511 5300 fdc - ok
09:39:43.0520 5300 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:39:43.0520 5300 fdPHost - ok
09:39:43.0529 5300 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:39:43.0530 5300 FDResPub - ok
09:39:43.0540 5300 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:39:43.0542 5300 FileInfo - ok
09:39:43.0548 5300 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:39:43.0549 5300 Filetrace - ok
09:39:43.0595 5300 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:39:43.0613 5300 FLEXnet Licensing Service - ok
09:39:43.0632 5300 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:39:43.0633 5300 flpydisk - ok
09:39:43.0679 5300 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:39:43.0687 5300 FltMgr - ok
09:39:43.0747 5300 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:39:43.0771 5300 FontCache - ok
09:39:43.0818 5300 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:39:43.0820 5300 FontCache3.0.0.0 - ok
09:39:43.0839 5300 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:39:43.0841 5300 FsDepends - ok
09:39:43.0876 5300 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:39:43.0878 5300 Fs_Rec - ok
09:39:43.0913 5300 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:39:43.0918 5300 fvevol - ok
09:39:43.0940 5300 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:39:43.0943 5300 gagp30kx - ok
09:39:43.0960 5300 gdrv - ok
09:39:44.0007 5300 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:39:44.0020 5300 GEARAspiWDM - ok
09:39:44.0065 5300 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:39:44.0091 5300 gpsvc - ok
09:39:44.0195 5300 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:39:44.0199 5300 gupdate - ok
09:39:44.0228 5300 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:39:44.0230 5300 gupdatem - ok
09:39:44.0246 5300 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:39:44.0248 5300 hcw85cir - ok
09:39:44.0308 5300 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:39:44.0314 5300 HdAudAddService - ok
09:39:44.0344 5300 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:39:44.0347 5300 HDAudBus - ok
09:39:44.0353 5300 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:39:44.0355 5300 HidBatt - ok
09:39:44.0376 5300 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:39:44.0378 5300 HidBth - ok
09:39:44.0397 5300 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:39:44.0398 5300 HidIr - ok
09:39:44.0426 5300 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:39:44.0428 5300 hidserv - ok
09:39:44.0453 5300 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:39:44.0454 5300 HidUsb - ok
09:39:44.0491 5300 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:39:44.0493 5300 hkmsvc - ok
09:39:44.0524 5300 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:39:44.0532 5300 HomeGroupListener - ok
09:39:44.0559 5300 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:39:44.0562 5300 HomeGroupProvider - ok
09:39:44.0581 5300 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:39:44.0583 5300 HpSAMD - ok
09:39:44.0654 5300 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:39:44.0662 5300 HTTP - ok
09:39:44.0692 5300 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:39:44.0693 5300 hwpolicy - ok
09:39:44.0731 5300 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:39:44.0733 5300 i8042prt - ok
09:39:44.0770 5300 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:39:44.0775 5300 iaStorV - ok
09:39:44.0815 5300 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:39:44.0823 5300 idsvc - ok
09:39:44.0855 5300 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:39:44.0856 5300 iirsp - ok
09:39:44.0892 5300 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:39:44.0901 5300 IKEEXT - ok
09:39:44.0971 5300 [ 76877DD763A2287F58908795F3F5CCCB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:39:45.0006 5300 IntcAzAudAddService - ok
09:39:45.0026 5300 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:39:45.0027 5300 intelide - ok
09:39:45.0081 5300 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:39:45.0082 5300 intelppm - ok
09:39:45.0111 5300 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:39:45.0116 5300 IPBusEnum - ok
09:39:45.0148 5300 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:39:45.0150 5300 IpFilterDriver - ok
09:39:45.0180 5300 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:39:45.0182 5300 IPMIDRV - ok
09:39:45.0217 5300 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:39:45.0219 5300 IPNAT - ok
09:39:45.0288 5300 [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:39:45.0314 5300 iPod Service - ok
09:39:45.0357 5300 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:39:45.0359 5300 IRENUM - ok
09:39:45.0380 5300 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:39:45.0383 5300 isapnp - ok
09:39:45.0417 5300 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:39:45.0421 5300 iScsiPrt - ok
09:39:45.0441 5300 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:39:45.0443 5300 kbdclass - ok
09:39:45.0474 5300 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:39:45.0475 5300 kbdhid - ok
09:39:45.0491 5300 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:39:45.0493 5300 KeyIso - ok
09:39:45.0531 5300 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:39:45.0534 5300 KSecDD - ok
09:39:45.0555 5300 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:39:45.0560 5300 KSecPkg - ok
09:39:45.0593 5300 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:39:45.0596 5300 ksthunk - ok
09:39:45.0631 5300 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:39:45.0638 5300 KtmRm - ok
09:39:45.0674 5300 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:39:45.0679 5300 LanmanServer - ok
09:39:45.0713 5300 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:39:45.0718 5300 LanmanWorkstation - ok
09:39:45.0758 5300 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:39:45.0760 5300 lltdio - ok
09:39:45.0784 5300 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:39:45.0789 5300 lltdsvc - ok
09:39:45.0800 5300 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:39:45.0802 5300 lmhosts - ok
09:39:45.0828 5300 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:39:45.0831 5300 LSI_FC - ok
09:39:45.0840 5300 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:39:45.0842 5300 LSI_SAS - ok
09:39:45.0853 5300 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:39:45.0855 5300 LSI_SAS2 - ok
09:39:45.0866 5300 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:39:45.0869 5300 LSI_SCSI - ok
09:39:45.0888 5300 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:39:45.0890 5300 luafv - ok
09:39:45.0924 5300 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:39:45.0925 5300 MBAMProtector - ok
09:39:45.0997 5300 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:39:46.0006 5300 MBAMScheduler - ok
09:39:46.0069 5300 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:39:46.0089 5300 MBAMService - ok
09:39:46.0221 5300 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
09:39:46.0226 5300 McComponentHostService - ok
09:39:46.0257 5300 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:39:46.0260 5300 Mcx2Svc - ok
09:39:46.0291 5300 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:39:46.0293 5300 megasas - ok
09:39:46.0324 5300 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:39:46.0329 5300 MegaSR - ok
09:39:46.0360 5300 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:39:46.0363 5300 MMCSS - ok
09:39:46.0371 5300 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:39:46.0373 5300 Modem - ok
09:39:46.0388 5300 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:39:46.0390 5300 monitor - ok
09:39:46.0437 5300 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:39:46.0439 5300 mouclass - ok
09:39:46.0459 5300 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:39:46.0461 5300 mouhid - ok
09:39:46.0499 5300 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:39:46.0503 5300 mountmgr - ok
09:39:46.0558 5300 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:39:46.0561 5300 MozillaMaintenance - ok
09:39:46.0587 5300 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:39:46.0590 5300 mpio - ok
09:39:46.0628 5300 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:39:46.0630 5300 mpsdrv - ok
09:39:46.0662 5300 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:39:46.0665 5300 MRxDAV - ok
09:39:46.0699 5300 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:39:46.0702 5300 mrxsmb - ok
09:39:46.0747 5300 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:39:46.0752 5300 mrxsmb10 - ok
09:39:46.0785 5300 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:39:46.0787 5300 mrxsmb20 - ok
09:39:46.0814 5300 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:39:46.0816 5300 msahci - ok
09:39:46.0851 5300 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:39:46.0854 5300 msdsm - ok
09:39:46.0876 5300 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:39:46.0880 5300 MSDTC - ok
09:39:46.0897 5300 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:39:46.0898 5300 Msfs - ok
09:39:46.0907 5300 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:39:46.0908 5300 mshidkmdf - ok
09:39:46.0941 5300 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:39:46.0942 5300 msisadrv - ok
09:39:46.0970 5300 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:39:46.0976 5300 MSiSCSI - ok
09:39:46.0980 5300 msiserver - ok
09:39:47.0007 5300 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:39:47.0008 5300 MSKSSRV - ok
09:39:47.0019 5300 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:39:47.0020 5300 MSPCLOCK - ok
09:39:47.0025 5300 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:39:47.0026 5300 MSPQM - ok
09:39:47.0071 5300 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:39:47.0080 5300 MsRPC - ok
09:39:47.0118 5300 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:39:47.0119 5300 mssmbios - ok
09:39:47.0130 5300 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:39:47.0132 5300 MSTEE - ok
09:39:47.0144 5300 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:39:47.0153 5300 MTConfig - ok
09:39:47.0182 5300 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:39:47.0184 5300 Mup - ok
09:39:47.0228 5300 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:39:47.0246 5300 napagent - ok
09:39:47.0301 5300 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:39:47.0308 5300 NativeWifiP - ok
09:39:47.0335 5300 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
09:39:47.0361 5300 NDIS - ok
09:39:47.0388 5300 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:39:47.0390 5300 NdisCap - ok
09:39:47.0416 5300 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:39:47.0418 5300 NdisTapi - ok
09:39:47.0454 5300 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:39:47.0456 5300 Ndisuio - ok
09:39:47.0486 5300 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:39:47.0490 5300 NdisWan - ok
09:39:47.0530 5300 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:39:47.0532 5300 NDProxy - ok
09:39:47.0547 5300 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:39:47.0549 5300 NetBIOS - ok
09:39:47.0590 5300 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:39:47.0620 5300 NetBT - ok
09:39:47.0636 5300 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:39:47.0638 5300 Netlogon - ok
09:39:47.0678 5300 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:39:47.0684 5300 Netman - ok
09:39:47.0705 5300 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:39:47.0713 5300 netprofm - ok
09:39:47.0735 5300 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:39:47.0737 5300 NetTcpPortSharing - ok
09:39:47.0759 5300 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:39:47.0761 5300 nfrd960 - ok
09:39:47.0796 5300 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:39:47.0802 5300 NlaSvc - ok
09:39:47.0818 5300 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:39:47.0820 5300 Npfs - ok
09:39:47.0827 5300 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:39:47.0830 5300 nsi - ok
09:39:47.0838 5300 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:39:47.0840 5300 nsiproxy - ok
09:39:47.0908 5300 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:39:47.0944 5300 Ntfs - ok
09:39:47.0988 5300 [ D4012918D3A3847B44B888D56BC095D6 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
09:39:47.0989 5300 NuidFltr - ok
09:39:47.0996 5300 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:39:47.0998 5300 Null - ok
09:39:48.0034 5300 [ 785298579B5F9B4032152DFBB992FDB6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
09:39:48.0036 5300 nusb3hub - ok
09:39:48.0057 5300 [ DF2750481B4964814467C974F2B0EEF1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:39:48.0060 5300 nusb3xhc - ok
09:39:48.0108 5300 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:39:48.0111 5300 nvraid - ok
09:39:48.0131 5300 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:39:48.0134 5300 nvstor - ok
09:39:48.0151 5300 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:39:48.0154 5300 nv_agp - ok
09:39:48.0214 5300 [ F79633A8B7DB75CB5FAD53B02985A414 ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
09:39:48.0227 5300 NWADI - ok
09:39:48.0276 5300 [ D944D4341429093F55CB7F0EC87C86B3 ] NWUSBCDFIL64 C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys
09:39:48.0279 5300 NWUSBCDFIL64 - ok
09:39:48.0316 5300 [ A3FADCF96ABF4803E7A946CD48641AC3 ] NWUSBModem C:\Windows\system32\DRIVERS\nwusbmdm.sys
09:39:48.0320 5300 NWUSBModem - ok
09:39:48.0368 5300 [ A3FADCF96ABF4803E7A946CD48641AC3 ] NWUSBPort C:\Windows\system32\DRIVERS\nwusbser.sys
09:39:48.0374 5300 NWUSBPort - ok
09:39:48.0422 5300 [ A3FADCF96ABF4803E7A946CD48641AC3 ] NWUSBPort2 C:\Windows\system32\DRIVERS\nwusbser2.sys
09:39:48.0425 5300 NWUSBPort2 - ok
09:39:48.0449 5300 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:39:48.0450 5300 ohci1394 - ok
09:39:48.0481 5300 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:39:48.0486 5300 p2pimsvc - ok
09:39:48.0512 5300 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:39:48.0519 5300 p2psvc - ok
09:39:48.0545 5300 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:39:48.0547 5300 Parport - ok
09:39:48.0574 5300 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:39:48.0575 5300 partmgr - ok
09:39:48.0586 5300 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:39:48.0589 5300 PcaSvc - ok
09:39:48.0602 5300 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:39:48.0605 5300 pci - ok
09:39:48.0638 5300 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:39:48.0639 5300 pciide - ok
09:39:48.0656 5300 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:39:48.0659 5300 pcmcia - ok
09:39:48.0700 5300 [ D48BD0FF27AFB97005B33C9B6D26DA3F ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
09:39:48.0705 5300 PCTCore - ok
09:39:48.0729 5300 [ 1335454528ADFA13E1D3C4FA3FDBDC42 ] pctDS C:\Windows\system32\drivers\pctDS64.sys
09:39:48.0735 5300 pctDS - ok
09:39:48.0795 5300 [ DF2A2505F17319DADA4B204688CEC0C2 ] pctEFA C:\Windows\system32\drivers\pctEFA64.sys
09:39:48.0832 5300 pctEFA - ok
09:39:48.0869 5300 [ 9B7670B21E7FCBE9DA9C4A751F31CCA6 ] PCTSD C:\Windows\system32\Drivers\PCTSD64.sys
09:39:48.0876 5300 PCTSD - ok
09:39:48.0913 5300 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:39:48.0915 5300 pcw - ok
09:39:48.0942 5300 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:39:48.0952 5300 PEAUTH - ok
09:39:49.0016 5300 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:39:49.0043 5300 PeerDistSvc - ok
09:39:49.0119 5300 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:39:49.0121 5300 PerfHost - ok
09:39:49.0173 5300 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:39:49.0200 5300 pla - ok
09:39:49.0236 5300 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:39:49.0241 5300 PlugPlay - ok
09:39:49.0267 5300 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:39:49.0269 5300 PNRPAutoReg - ok
09:39:49.0288 5300 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:39:49.0291 5300 PNRPsvc - ok
09:39:49.0350 5300 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:39:49.0356 5300 PolicyAgent - ok
09:39:49.0377 5300 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:39:49.0380 5300 Power - ok
09:39:49.0433 5300 [ 4DB7DC5AA61974B616EA2AA16E04F5F2 ] ppped C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
09:39:49.0443 5300 ppped - ok
09:39:49.0483 5300 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:39:49.0485 5300 PptpMiniport - ok
09:39:49.0508 5300 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:39:49.0509 5300 Processor - ok
09:39:49.0546 5300 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:39:49.0554 5300 ProfSvc - ok
09:39:49.0567 5300 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:39:49.0568 5300 ProtectedStorage - ok
09:39:49.0612 5300 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:39:49.0614 5300 Psched - ok
09:39:49.0663 5300 [ 2FE5264801C602167A410E7340122BC6 ] PTUMLBUS C:\Windows\system32\DRIVERS\PTUMLBUS.sys
09:39:49.0667 5300 PTUMLBUS - ok
09:39:49.0732 5300 [ 257BBA6AC5B344C01BE879FF6DBE6A69 ] ptumlcmsvc C:\Windows\system32\ptumlcmsvc64.exe
09:39:49.0739 5300 ptumlcmsvc - ok
09:39:49.0789 5300 [ C7B1BA777C7C1E3CDDC98F29D0FB34DF ] PTUMLCVsp C:\Windows\system32\DRIVERS\PTUMLCVsp.sys
09:39:49.0796 5300 PTUMLCVsp - ok
09:39:49.0816 5300 [ B530F5DB55CF0B27C9EF9B1628FBD061 ] PTUMLMdm C:\Windows\system32\DRIVERS\PTUMLMdm.sys
09:39:49.0822 5300 PTUMLMdm - ok
09:39:49.0850 5300 [ E6684FA7DFC71B7DFC8B76FFD089675B ] PTUMLNET61 C:\Windows\system32\DRIVERS\PTUMLNET61.sys
09:39:49.0854 5300 PTUMLNET61 - ok
09:39:49.0897 5300 [ 28EDCF7AF2CB4F7AE2CB3A336146CA9E ] PTUMLNVsp C:\Windows\system32\DRIVERS\PTUMLNVsp.sys
09:39:49.0901 5300 PTUMLNVsp - ok
09:39:49.0940 5300 [ B4190F3B562E6A21026484CFF465ECE9 ] PTUMLRMNET C:\Windows\system32\DRIVERS\PTUMLRMNET.sys
09:39:49.0942 5300 PTUMLRMNET - ok
09:39:49.0961 5300 [ 2363D7F03741B4291C53A698B5E8EAD5 ] PTUMLVsp C:\Windows\system32\DRIVERS\PTUMLVsp.sys
09:39:49.0965 5300 PTUMLVsp - ok
09:39:50.0004 5300 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:39:50.0031 5300 ql2300 - ok
09:39:50.0059 5300 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:39:50.0062 5300 ql40xx - ok
09:39:50.0091 5300 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:39:50.0096 5300 QWAVE - ok
09:39:50.0112 5300 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:39:50.0114 5300 QWAVEdrv - ok
09:39:50.0129 5300 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:39:50.0130 5300 RasAcd - ok
09:39:50.0165 5300 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:39:50.0168 5300 RasAgileVpn - ok
09:39:50.0184 5300 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:39:50.0188 5300 RasAuto - ok
09:39:50.0222 5300 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:39:50.0224 5300 Rasl2tp - ok
09:39:50.0261 5300 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:39:50.0266 5300 RasMan - ok
09:39:50.0277 5300 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:39:50.0279 5300 RasPppoe - ok
09:39:50.0289 5300 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:39:50.0290 5300 RasSstp - ok
09:39:50.0322 5300 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:39:50.0326 5300 rdbss - ok
09:39:50.0339 5300 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:39:50.0356 5300 rdpbus - ok
09:39:50.0373 5300 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:39:50.0374 5300 RDPCDD - ok
09:39:50.0407 5300 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:39:50.0409 5300 RDPDR - ok
09:39:50.0437 5300 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:39:50.0438 5300 RDPENCDD - ok
09:39:50.0450 5300 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:39:50.0451 5300 RDPREFMP - ok
09:39:50.0479 5300 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:39:50.0482 5300 RDPWD - ok
09:39:50.0508 5300 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:39:50.0511 5300 rdyboost - ok
09:39:50.0566 5300 [ BBFCAC1C23B867AE5D7EF96DF40680C5 ] Realtek11nSU C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
09:39:50.0568 5300 Realtek11nSU - ok
09:39:50.0599 5300 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:39:50.0602 5300 RemoteAccess - ok
09:39:50.0622 5300 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:39:50.0625 5300 RemoteRegistry - ok
09:39:50.0640 5300 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:39:50.0642 5300 RpcEptMapper - ok
09:39:50.0658 5300 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:39:50.0660 5300 RpcLocator - ok
09:39:50.0706 5300 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:39:50.0718 5300 RpcSs - ok
09:39:50.0784 5300 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:39:50.0786 5300 rspndr - ok
09:39:50.0822 5300 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
09:39:50.0826 5300 RTHDMIAzAudService - ok
09:39:50.0862 5300 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:39:50.0865 5300 RTL8167 - ok
09:39:50.0899 5300 [ FC00C0DE6DC83DE1B2B01420E2195B21 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
09:39:50.0908 5300 RTL8192su - ok
09:39:50.0939 5300 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:39:50.0940 5300 s3cap - ok
09:39:50.0957 5300 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:39:50.0958 5300 SamSs - ok
09:39:50.0988 5300 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:39:50.0990 5300 sbp2port - ok
09:39:51.0019 5300 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:39:51.0023 5300 SCardSvr - ok
09:39:51.0061 5300 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:39:51.0062 5300 scfilter - ok
09:39:51.0108 5300 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:39:51.0126 5300 Schedule - ok
09:39:51.0168 5300 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:39:51.0170 5300 SCPolicySvc - ok
09:39:51.0313 5300 [ 17D6A03103586D7954BA74C2219CE1BB ] sdAuxService C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
09:39:51.0323 5300 sdAuxService - ok
09:39:51.0398 5300 [ D2B30A5A8F57C00B0FA84A8880E9EC5B ] sdCoreService C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
09:39:51.0415 5300 sdCoreService - ok
09:39:51.0446 5300 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:39:51.0449 5300 SDRSVC - ok
09:39:51.0487 5300 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:39:51.0488 5300 secdrv - ok
09:39:51.0521 5300 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:39:51.0522 5300 seclogon - ok
09:39:51.0538 5300 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:39:51.0540 5300 SENS - ok
09:39:51.0549 5300 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:39:51.0550 5300 SensrSvc - ok
09:39:51.0568 5300 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:39:51.0569 5300 Serenum - ok
09:39:51.0577 5300 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:39:51.0579 5300 Serial - ok
09:39:51.0589 5300 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:39:51.0590 5300 sermouse - ok
09:39:51.0628 5300 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:39:51.0630 5300 SessionEnv - ok
09:39:51.0655 5300 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:39:51.0656 5300 sffdisk - ok
09:39:51.0672 5300 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:39:51.0675 5300 sffp_mmc - ok
09:39:51.0691 5300 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:39:51.0692 5300 sffp_sd - ok
09:39:51.0709 5300 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:39:51.0710 5300 sfloppy - ok
09:39:51.0764 5300 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:39:51.0770 5300 ShellHWDetection - ok
09:39:51.0789 5300 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:39:51.0791 5300 SiSRaid2 - ok
09:39:51.0804 5300 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:39:51.0806 5300 SiSRaid4 - ok
09:39:51.0818 5300 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:39:51.0820 5300 Smb - ok
09:39:51.0851 5300 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:39:51.0853 5300 SNMPTRAP - ok
09:39:51.0867 5300 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:39:51.0870 5300 spldr - ok
09:39:51.0897 5300 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
09:39:51.0905 5300 Spooler - ok
09:39:52.0002 5300 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:39:52.0055 5300 sppsvc - ok
09:39:52.0069 5300 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:39:52.0071 5300 sppuinotify - ok
09:39:52.0108 5300 [ B9413B99DBB704E0F5824775A1118CC7 ] Spyder2 C:\Windows\system32\DRIVERS\Spyder2.sys
09:39:52.0111 5300 Spyder2 - ok
09:39:52.0155 5300 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:39:52.0160 5300 srv - ok
09:39:52.0174 5300 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:39:52.0179 5300 srv2 - ok
09:39:52.0192 5300 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:39:52.0195 5300 srvnet - ok
09:39:52.0215 5300 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:39:52.0218 5300 SSDPSRV - ok
09:39:52.0227 5300 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:39:52.0229 5300 SstpSvc - ok
09:39:52.0248 5300 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:39:52.0249 5300 stexstor - ok
09:39:52.0306 5300 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:39:52.0324 5300 stisvc - ok
09:39:52.0357 5300 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:39:52.0359 5300 storflt - ok
09:39:52.0383 5300 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
09:39:52.0386 5300 StorSvc - ok
09:39:52.0403 5300 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:39:52.0405 5300 storvsc - ok
09:39:52.0429 5300 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:39:52.0431 5300 swenum - ok
09:39:52.0569 5300 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:39:52.0585 5300 SwitchBoard - ok
09:39:52.0651 5300 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:39:52.0723 5300 swprv - ok
09:39:52.0954 5300 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:39:52.0999 5300 SysMain - ok
09:39:53.0042 5300 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:39:53.0049 5300 TabletInputService - ok
09:39:53.0091 5300 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:39:53.0098 5300 TapiSrv - ok
09:39:53.0125 5300 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:39:53.0129 5300 TBS - ok
09:39:53.0193 5300 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:39:53.0230 5300 Tcpip - ok
09:39:53.0268 5300 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:39:53.0278 5300 TCPIP6 - ok
09:39:53.0313 5300 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:39:53.0315 5300 tcpipreg - ok
09:39:53.0341 5300 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:39:53.0342 5300 TDPIPE - ok
09:39:53.0372 5300 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:39:53.0373 5300 TDTCP - ok
09:39:53.0398 5300 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:39:53.0400 5300 tdx - ok
09:39:53.0432 5300 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:39:53.0433 5300 TermDD - ok
09:39:53.0477 5300 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:39:53.0485 5300 TermService - ok
09:39:53.0497 5300 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:39:53.0498 5300 Themes - ok
09:39:53.0541 5300 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:39:53.0552 5300 THREADORDER - ok
09:39:53.0573 5300 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:39:53.0575 5300 TrkWks - ok
09:39:53.0620 5300 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:39:53.0625 5300 TrustedInstaller - ok
09:39:53.0675 5300 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:39:53.0676 5300 tssecsrv - ok
09:39:53.0718 5300 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:39:53.0720 5300 TsUsbFlt - ok
09:39:53.0786 5300 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:39:53.0791 5300 tunnel - ok
09:39:53.0813 5300 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:39:53.0816 5300 uagp35 - ok
09:39:53.0853 5300 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:39:53.0858 5300 udfs - ok
09:39:53.0880 5300 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:39:53.0883 5300 UI0Detect - ok
09:39:53.0898 5300 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:39:53.0900 5300 uliagpkx - ok
09:39:53.0979 5300 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:39:53.0982 5300 umbus - ok
09:39:54.0004 5300 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:39:54.0006 5300 UmPass - ok
09:39:54.0044 5300 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
09:39:54.0049 5300 UmRdpService - ok
09:39:54.0080 5300 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:39:54.0086 5300 upnphost - ok
09:39:54.0123 5300 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:39:54.0140 5300 USBAAPL64 - ok
09:39:54.0178 5300 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:39:54.0192 5300 usbccgp - ok
09:39:54.0244 5300 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:39:54.0246 5300 usbcir - ok
09:39:54.0265 5300 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:39:54.0267 5300 usbehci - ok
09:39:54.0292 5300 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:39:54.0298 5300 usbhub - ok
09:39:54.0327 5300 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
09:39:54.0329 5300 usbohci - ok
09:39:54.0357 5300 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:39:54.0359 5300 usbprint - ok
09:39:54.0390 5300 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
09:39:54.0393 5300 USBSTOR - ok
09:39:54.0407 5300 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:39:54.0409 5300 usbuhci - ok
09:39:54.0438 5300 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:39:54.0439 5300 UxSms - ok
09:39:54.0452 5300 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:39:54.0453 5300 VaultSvc - ok
09:39:54.0473 5300 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:39:54.0474 5300 vdrvroot - ok
09:39:54.0518 5300 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:39:54.0525 5300 vds - ok
09:39:54.0529 5300 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:39:54.0530 5300 vga - ok
09:39:54.0539 5300 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:39:54.0551 5300 VgaSave - ok
09:39:54.0588 5300 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:39:54.0591 5300 vhdmp - ok
09:39:54.0606 5300 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:39:54.0607 5300 viaide - ok
09:39:54.0627 5300 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:39:54.0630 5300 vmbus - ok
09:39:54.0639 5300 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:39:54.0640 5300 VMBusHID - ok
09:39:54.0662 5300 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:39:54.0663 5300 volmgr - ok
09:39:54.0701 5300 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:39:54.0711 5300 volmgrx - ok
09:39:54.0748 5300 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:39:54.0752 5300 volsnap - ok
09:39:54.0762 5300 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:39:54.0765 5300 vsmraid - ok
09:39:54.0835 5300 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:39:54.0878 5300 VSS - ok
09:39:54.0908 5300 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:39:54.0909 5300 vwifibus - ok
09:39:54.0926 5300 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:39:54.0928 5300 vwififlt - ok
09:39:54.0931 5300 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:39:54.0932 5300 vwifimp - ok
09:39:54.0959 5300 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:39:54.0964 5300 W32Time - ok
09:39:54.0969 5300 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:39:54.0971 5300 WacomPen - ok
09:39:55.0002 5300 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:39:55.0004 5300 WANARP - ok
09:39:55.0007 5300 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:39:55.0008 5300 Wanarpv6 - ok
09:39:55.0075 5300 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:39:55.0101 5300 WatAdminSvc - ok
09:39:55.0161 5300 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:39:55.0212 5300 wbengine - ok
09:39:55.0263 5300 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:39:55.0272 5300 WbioSrvc - ok
09:39:55.0313 5300 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:39:55.0322 5300 wcncsvc - ok
09:39:55.0343 5300 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:39:55.0347 5300 WcsPlugInService - ok
09:39:55.0376 5300 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:39:55.0377 5300 Wd - ok
09:39:55.0408 5300 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:39:55.0423 5300 Wdf01000 - ok
09:39:55.0452 5300 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:39:55.0454 5300 WdiServiceHost - ok
09:39:55.0457 5300 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:39:55.0459 5300 WdiSystemHost - ok
09:39:55.0489 5300 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:39:55.0493 5300 WebClient - ok
09:39:55.0507 5300 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:39:55.0511 5300 Wecsvc - ok
09:39:55.0522 5300 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:39:55.0524 5300 wercplsupport - ok
09:39:55.0539 5300 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:39:55.0541 5300 WerSvc - ok
09:39:55.0560 5300 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:39:55.0561 5300 WfpLwf - ok
09:39:55.0572 5300 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:39:55.0573 5300 WIMMount - ok
09:39:55.0577 5300 WinHttpAutoProxySvc - ok
09:39:55.0643 5300 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:39:55.0649 5300 Winmgmt - ok
09:39:55.0730 5300 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:39:55.0789 5300 WinRM - ok
09:39:55.0832 5300 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:39:55.0836 5300 WinUsb - ok
09:39:55.0887 5300 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:39:55.0916 5300 Wlansvc - ok
09:39:55.0952 5300 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:39:55.0954 5300 WmiAcpi - ok
09:39:55.0987 5300 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:39:55.0991 5300 wmiApSrv - ok
09:39:56.0017 5300 WMPNetworkSvc - ok
09:39:56.0028 5300 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:39:56.0031 5300 WPCSvc - ok
09:39:56.0066 5300 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:39:56.0070 5300 WPDBusEnum - ok
09:39:56.0093 5300 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:39:56.0095 5300 ws2ifsl - ok
09:39:56.0102 5300 WSearch - ok
09:39:56.0117 5300 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:39:56.0120 5300 WudfPf - ok
09:39:56.0153 5300 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:39:56.0156 5300 WUDFRd - ok
09:39:56.0193 5300 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:39:56.0195 5300 wudfsvc - ok
09:39:56.0208 5300 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:39:56.0212 5300 WwanSvc - ok
09:39:56.0249 5300 ================ Scan global ===============================
09:39:56.0270 5300 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:39:56.0304 5300 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:39:56.0331 5300 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:39:56.0353 5300 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:39:56.0393 5300 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
09:39:56.0400 5300 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
09:39:56.0400 5300 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
09:39:56.0400 5300 ================ Scan MBR ==================================
09:39:56.0409 5300 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:39:56.0719 5300 \Device\Harddisk0\DR0 - ok
09:39:56.0722 5300 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:39:56.0808 5300 \Device\Harddisk1\DR1 - ok
09:39:56.0809 5300 ================ Scan VBR ==================================
09:39:56.0816 5300 [ 4FC7CBA4FB754357064EB5DBF4ECBDEA ] \Device\Harddisk0\DR0\Partition1
09:39:56.0817 5300 \Device\Harddisk0\DR0\Partition1 - ok
09:39:56.0831 5300 [ DAC575C5E6010A32F7C7938A56565619 ] \Device\Harddisk0\DR0\Partition2
09:39:56.0833 5300 \Device\Harddisk0\DR0\Partition2 - ok
09:39:56.0837 5300 [ BBB86E92B2EE288C8D7C0B75717D91EF ] \Device\Harddisk1\DR1\Partition1
09:39:56.0839 5300 \Device\Harddisk1\DR1\Partition1 - ok
09:39:56.0840 5300 ============================================================
09:39:56.0840 5300 Scan finished
09:39:56.0840 5300 ============================================================
09:39:56.0856 4808 Detected object count: 2
09:39:56.0857 4808 Actual detected object count: 2


aswMBR
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-29 09:43:36
-----------------------------
09:43:36.990 OS Version: Windows x64 6.1.7601 Service Pack 1
09:43:36.991 Number of processors: 6 586 0xA00
09:43:36.993 ComputerName: NOEL-PC UserName: Noel
09:43:37.993 Initialize success
09:59:21.728 AVAST engine defs: 12092900
10:42:25.457 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:42:25.467 Disk 0 Vendor: WDC_WD2500AAKS-00UU3A0 01.03B01 Size: 238475MB BusType: 3
10:42:25.471 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-2
10:42:25.474 Disk 1 Vendor: ST3250318AS CC38 Size: 238475MB BusType: 3
10:42:25.486 Disk 0 MBR read successfully
10:42:25.490 Disk 0 MBR scan
10:42:25.496 Disk 0 Windows 7 default MBR code
10:42:25.499 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:42:25.508 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238373 MB offset 206848
10:42:25.527 Disk 0 scanning C:\Windows\system32\drivers
10:42:36.398 Service scanning
10:42:37.175 Service 76989511 C:\Windows\system32\drivers\87497116.sys **HIDDEN**
10:42:57.829 Modules scanning
10:42:58.166 Disk 0 trace - called modules:
10:42:58.235 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
10:42:58.239 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a89060]
10:42:58.243 3 CLASSPNP.SYS[fffff88001bb143f] -> nt!IofCallDriver -> [0xfffffa8004916a60]
10:42:58.247 5 PCTCore64.sys[fffff88001186f38] -> nt!IofCallDriver -> [0xfffffa8003aefe40]
10:42:58.251 7 ACPI.sys[fffff88000eda7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80044c8060]
10:42:59.498 AVAST engine scan C:\Windows
10:43:01.537 AVAST engine scan C:\Windows\system32
10:44:19.114 File: C:\Windows\system32\services.exe **INFECTED** Win32:Patched-AKC [Trj]
10:44:50.853 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
10:44:53.450 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
10:45:36.248 AVAST engine scan C:\Windows\system32\drivers
10:45:52.645 AVAST engine scan C:\Users\Noel
10:46:44.502 Disk 0 MBR has been saved successfully to "C:\Users\Noel\Desktop\MBR.dat"
10:46:44.509 The log file has been saved successfully to "C:\Users\Noel\Desktop\aswMBR.txt"

ESET online scanner
C:\TDSSKiller_Quarantine\29.09.2012_09.37.36\zasubsys0000\file0000\tsk0000.dta Win64/Patched.B.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\29.09.2012_09.37.36\zasubsys0000\zafs0000\tsk0000.dta Win32/Sirefef.EZ trojan deleted - quarantined
C:\TDSSKiller_Quarantine\29.09.2012_09.37.36\zasubsys0000\zafs0000\tsk0001.dta Win64/Sirefef.AD trojan deleted - quarantined
C:\TDSSKiller_Quarantine\29.09.2012_09.37.36\zasubsys0000\zafs0000\tsk0005.dta Win64/Conedex.C trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.09.2012_09.37.36\zasubsys0000\zafs0000\tsk0006.dta Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.09.2012_09.37.36\zasubsys0000\zafs0000\tsk0007.dta Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.09.2012_09.37.36\zasubsys0000\zafs0000\tsk0008.dta Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.09.2012_09.37.36\zasubsys0000\zafs0000\tsk0009.dta probably a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\00000004.@ Win64/Conedex.C trojan cleaned by deleting - quarantined
C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ probably a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\fpiCAGP0R1J.htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\fpi[10].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\fpi[11].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\fpi[8].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\fpi[9].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\cute-kittens-trying-to-escape-from-laundry-basket[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
Operating memory multiple threats

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 PM

Posted 29 September 2012 - 01:02 PM

Launch TDSSkiller again and click on CURE for this infection

09:39:56.0400 5300 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
09:39:56.0400 5300 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)


Post the new log
Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

NOTE:For vista and windows 7,right click on the tool and select run as administrator

Edited by narenxp, 29 September 2012 - 01:05 PM.


#5 celtictrinityknot

celtictrinityknot
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 29 September 2012 - 07:59 PM

17:25:56.0897 3100 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:25:57.0583 3100 ============================================================
17:25:57.0583 3100 Current date / time: 2012/09/29 17:25:57.0583
17:25:57.0583 3100 SystemInfo:
17:25:57.0583 3100
17:25:57.0583 3100 OS Version: 6.1.7601 ServicePack: 1.0
17:25:57.0583 3100 Product type: Workstation
17:25:57.0584 3100 ComputerName: NOEL-PC
17:25:57.0584 3100 UserName: Noel
17:25:57.0584 3100 Windows directory: C:\Windows
17:25:57.0584 3100 System windows directory: C:\Windows
17:25:57.0584 3100 Running under WOW64
17:25:57.0584 3100 Processor architecture: Intel x64
17:25:57.0584 3100 Number of processors: 6
17:25:57.0584 3100 Page size: 0x1000
17:25:57.0584 3100 Boot type: Normal boot
17:25:57.0584 3100 ============================================================
17:26:23.0266 3100 BG loaded
17:26:23.0724 3100 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:26:23.0725 3100 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:26:23.0729 3100 ============================================================
17:26:23.0729 3100 \Device\Harddisk0\DR0:
17:26:23.0730 3100 MBR partitions:
17:26:23.0730 3100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:26:23.0730 3100 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
17:26:23.0730 3100 \Device\Harddisk1\DR1:
17:26:23.0730 3100 MBR partitions:
17:26:23.0730 3100 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
17:26:23.0730 3100 ============================================================
17:26:23.0780 3100 C: <-> \Device\Harddisk0\DR0\Partition2
17:26:23.0782 3100 D: <-> \Device\Harddisk1\DR1\Partition1
17:26:23.0782 3100 ============================================================
17:26:23.0782 3100 Initialize success
17:26:23.0782 3100 ============================================================
17:26:39.0640 0780 ============================================================
17:26:39.0640 0780 Scan started
17:26:39.0640 0780 Mode: Manual; TDLFS;
17:26:39.0640 0780 ============================================================
17:26:41.0626 0780 ================ Scan system memory ========================
17:26:41.0626 0780 System memory - ok
17:26:41.0627 0780 ================ Scan services =============================
17:26:43.0234 0780 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:26:43.0237 0780 1394ohci - ok
17:26:43.0385 0780 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:26:43.0408 0780 ACPI - ok
17:26:43.0468 0780 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:26:43.0484 0780 AcpiPmi - ok
17:26:43.0618 0780 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
17:26:43.0620 0780 adfs - ok
17:26:45.0297 0780 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:26:45.0386 0780 AdobeFlashPlayerUpdateSvc - ok
17:26:45.0587 0780 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:26:45.0705 0780 adp94xx - ok
17:26:45.0892 0780 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:26:45.0945 0780 adpahci - ok
17:26:45.0996 0780 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:26:46.0039 0780 adpu320 - ok
17:26:46.0163 0780 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:26:46.0164 0780 AeLookupSvc - ok
17:26:46.0462 0780 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:26:46.0464 0780 AFD - ok
17:26:46.0591 0780 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:26:46.0617 0780 agp440 - ok
17:26:48.0285 0780 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
17:26:48.0286 0780 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
17:26:48.0294 0780 Akamai ( HiddenFile.Multi.Generic ) - warning
17:26:48.0294 0780 Akamai - detected HiddenFile.Multi.Generic (1)
17:26:48.0417 0780 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:26:48.0444 0780 ALG - ok
17:26:48.0511 0780 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:26:48.0523 0780 aliide - ok
17:26:48.0690 0780 [ 0642A7B1C4B119AE2AAF1AA61CF69668 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:26:48.0693 0780 AMD External Events Utility - ok
17:26:48.0762 0780 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:26:48.0781 0780 amdide - ok
17:26:48.0887 0780 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:26:48.0924 0780 AmdK8 - ok
17:26:50.0629 0780 [ C6C0F73A038FF38EBBD9C16F79F8D3E3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:26:50.0663 0780 amdkmdag - ok
17:26:50.0799 0780 [ 4647D713CFF04FAE4F862B3144725BC1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:26:50.0800 0780 amdkmdap - ok
17:26:50.0885 0780 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:26:50.0886 0780 AmdPPM - ok
17:26:50.0982 0780 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:26:51.0013 0780 amdsata - ok
17:26:51.0073 0780 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:26:51.0136 0780 amdsbs - ok
17:26:51.0158 0780 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:26:51.0159 0780 amdxata - ok
17:26:51.0423 0780 [ B6098C92A0B8F257FD15A3A1D71BCC4A ] AODService C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
17:26:51.0424 0780 AODService - ok
17:26:51.0509 0780 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:26:51.0535 0780 AppID - ok
17:26:51.0600 0780 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:26:51.0640 0780 AppIDSvc - ok
17:26:51.0737 0780 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:26:51.0738 0780 Appinfo - ok
17:26:52.0246 0780 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:26:52.0250 0780 Apple Mobile Device - ok
17:26:52.0529 0780 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:26:52.0581 0780 AppMgmt - ok
17:26:52.0657 0780 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:26:52.0679 0780 arc - ok
17:26:52.0778 0780 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:26:52.0803 0780 arcsas - ok
17:26:52.0851 0780 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:26:52.0867 0780 AsyncMac - ok
17:26:52.0891 0780 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:26:52.0892 0780 atapi - ok
17:26:53.0929 0780 [ C6C0F73A038FF38EBBD9C16F79F8D3E3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:26:53.0963 0780 atikmdag - ok
17:26:54.0160 0780 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:26:54.0176 0780 AudioEndpointBuilder - ok
17:26:54.0245 0780 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:26:54.0255 0780 AudioSrv - ok
17:26:54.0342 0780 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:26:54.0358 0780 AxInstSV - ok
17:26:54.0484 0780 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:26:54.0515 0780 b06bdrv - ok
17:26:54.0639 0780 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:26:54.0653 0780 b57nd60a - ok
17:26:54.0763 0780 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:26:54.0786 0780 BDESVC - ok
17:26:54.0866 0780 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:26:54.0866 0780 Beep - ok
17:26:54.0931 0780 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:26:54.0931 0780 blbdrive - ok
17:26:55.0075 0780 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:26:55.0086 0780 Bonjour Service - ok
17:26:55.0146 0780 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:26:55.0148 0780 bowser - ok
17:26:55.0174 0780 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:26:55.0194 0780 BrFiltLo - ok
17:26:55.0219 0780 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:26:55.0221 0780 BrFiltUp - ok
17:26:55.0266 0780 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
17:26:55.0270 0780 Browser - ok
17:26:55.0306 0780 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:26:55.0328 0780 Brserid - ok
17:26:55.0350 0780 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:26:55.0369 0780 BrSerWdm - ok
17:26:55.0396 0780 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:26:55.0414 0780 BrUsbMdm - ok
17:26:55.0447 0780 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:26:55.0450 0780 BrUsbSer - ok
17:26:55.0480 0780 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:26:55.0505 0780 BTHMODEM - ok
17:26:55.0541 0780 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:26:55.0561 0780 bthserv - ok
17:26:55.0605 0780 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:26:55.0624 0780 cdfs - ok
17:26:55.0694 0780 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:26:55.0695 0780 cdrom - ok
17:26:55.0770 0780 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:26:55.0783 0780 CertPropSvc - ok
17:26:55.0868 0780 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:26:55.0872 0780 circlass - ok
17:26:55.0987 0780 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:26:56.0014 0780 CLFS - ok
17:26:56.0191 0780 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:26:56.0222 0780 clr_optimization_v2.0.50727_32 - ok
17:26:56.0370 0780 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:26:56.0390 0780 clr_optimization_v2.0.50727_64 - ok
17:26:56.0561 0780 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:26:56.0608 0780 clr_optimization_v4.0.30319_32 - ok
17:26:56.0762 0780 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:26:56.0766 0780 clr_optimization_v4.0.30319_64 - ok
17:26:56.0833 0780 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:26:56.0854 0780 CmBatt - ok
17:26:56.0901 0780 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:26:56.0913 0780 cmdide - ok
17:26:57.0010 0780 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:26:57.0044 0780 CNG - ok
17:26:57.0210 0780 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:26:57.0247 0780 Compbatt - ok
17:26:57.0337 0780 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:26:57.0337 0780 CompositeBus - ok
17:26:57.0379 0780 COMSysApp - ok
17:26:57.0592 0780 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:26:57.0627 0780 crcdisk - ok
17:26:57.0723 0780 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:26:57.0727 0780 CryptSvc - ok
17:26:57.0894 0780 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:26:57.0906 0780 CSC - ok
17:26:58.0139 0780 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:26:58.0149 0780 CscService - ok
17:26:58.0306 0780 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:26:58.0317 0780 DcomLaunch - ok
17:26:58.0484 0780 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:26:58.0506 0780 defragsvc - ok
17:26:58.0548 0780 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:26:58.0550 0780 DfsC - ok
17:26:58.0706 0780 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:26:58.0709 0780 Dhcp - ok
17:26:58.0794 0780 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:26:58.0796 0780 discache - ok
17:26:58.0885 0780 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:26:58.0901 0780 Disk - ok
17:26:58.0966 0780 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:26:58.0972 0780 Dnscache - ok
17:26:59.0013 0780 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:26:59.0028 0780 dot3svc - ok
17:26:59.0078 0780 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:26:59.0083 0780 DPS - ok
17:26:59.0158 0780 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:26:59.0186 0780 drmkaud - ok
17:26:59.0405 0780 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:26:59.0427 0780 DXGKrnl - ok
17:26:59.0499 0780 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:26:59.0503 0780 EapHost - ok
17:27:00.0099 0780 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:27:00.0643 0780 ebdrv - ok
17:27:00.0674 0780 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:27:00.0675 0780 EFS - ok
17:27:00.0971 0780 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:27:00.0992 0780 ehRecvr - ok
17:27:01.0024 0780 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:27:01.0038 0780 ehSched - ok
17:27:01.0149 0780 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:27:01.0176 0780 elxstor - ok
17:27:01.0246 0780 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
17:27:01.0250 0780 EpsonBidirectionalService - ok
17:27:01.0276 0780 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:27:01.0287 0780 ErrDev - ok
17:27:01.0432 0780 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:27:01.0439 0780 EventSystem - ok
17:27:01.0479 0780 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:27:01.0494 0780 exfat - ok
17:27:01.0557 0780 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:27:01.0563 0780 fastfat - ok
17:27:01.0720 0780 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:27:01.0731 0780 Fax - ok
17:27:01.0783 0780 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:27:01.0784 0780 fdc - ok
17:27:01.0842 0780 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:27:01.0844 0780 fdPHost - ok
17:27:01.0869 0780 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:27:01.0871 0780 FDResPub - ok
17:27:01.0921 0780 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:27:01.0937 0780 FileInfo - ok
17:27:01.0962 0780 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:27:01.0974 0780 Filetrace - ok
17:27:02.0134 0780 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:27:02.0174 0780 FLEXnet Licensing Service - ok
17:27:02.0238 0780 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:27:02.0240 0780 flpydisk - ok
17:27:02.0336 0780 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:27:02.0343 0780 FltMgr - ok
17:27:02.0482 0780 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:27:02.0497 0780 FontCache - ok
17:27:02.0575 0780 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:27:02.0593 0780 FontCache3.0.0.0 - ok
17:27:02.0646 0780 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:27:02.0660 0780 FsDepends - ok
17:27:02.0691 0780 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:27:02.0706 0780 Fs_Rec - ok
17:27:02.0854 0780 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:27:02.0881 0780 fvevol - ok
17:27:02.0929 0780 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:27:02.0951 0780 gagp30kx - ok
17:27:03.0000 0780 gdrv - ok
17:27:03.0063 0780 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:27:03.0065 0780 GEARAspiWDM - ok
17:27:03.0157 0780 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:27:03.0177 0780 gpsvc - ok
17:27:03.0277 0780 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:27:03.0280 0780 gupdate - ok
17:27:03.0328 0780 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:27:03.0331 0780 gupdatem - ok
17:27:03.0386 0780 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:27:03.0410 0780 hcw85cir - ok
17:27:03.0550 0780 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:27:03.0570 0780 HdAudAddService - ok
17:27:03.0635 0780 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:27:03.0637 0780 HDAudBus - ok
17:27:03.0662 0780 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:27:03.0686 0780 HidBatt - ok
17:27:03.0725 0780 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:27:03.0745 0780 HidBth - ok
17:27:03.0804 0780 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:27:03.0816 0780 HidIr - ok
17:27:03.0850 0780 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:27:03.0853 0780 hidserv - ok
17:27:03.0968 0780 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:27:03.0969 0780 HidUsb - ok
17:27:04.0016 0780 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:27:04.0034 0780 hkmsvc - ok
17:27:04.0108 0780 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:27:04.0134 0780 HomeGroupListener - ok
17:27:04.0193 0780 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:27:04.0199 0780 HomeGroupProvider - ok
17:27:04.0256 0780 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:27:04.0268 0780 HpSAMD - ok
17:27:04.0442 0780 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:27:04.0459 0780 HTTP - ok
17:27:04.0508 0780 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:27:04.0520 0780 hwpolicy - ok
17:27:04.0589 0780 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:27:04.0598 0780 i8042prt - ok
17:27:04.0681 0780 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:27:04.0697 0780 iaStorV - ok
17:27:04.0921 0780 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:27:04.0945 0780 idsvc - ok
17:27:04.0988 0780 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:27:05.0002 0780 iirsp - ok
17:27:05.0159 0780 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:27:05.0201 0780 IKEEXT - ok
17:27:05.0688 0780 [ 76877DD763A2287F58908795F3F5CCCB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:27:05.0737 0780 IntcAzAudAddService - ok
17:27:05.0792 0780 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:27:05.0803 0780 intelide - ok
17:27:05.0864 0780 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:27:05.0891 0780 intelppm - ok
17:27:05.0943 0780 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:27:05.0957 0780 IPBusEnum - ok
17:27:06.0006 0780 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:27:06.0031 0780 IpFilterDriver - ok
17:27:06.0062 0780 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:27:06.0076 0780 IPMIDRV - ok
17:27:06.0192 0780 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:27:06.0208 0780 IPNAT - ok
17:27:06.0399 0780 [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:27:06.0406 0780 iPod Service - ok
17:27:06.0456 0780 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:27:06.0473 0780 IRENUM - ok
17:27:06.0521 0780 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:27:06.0530 0780 isapnp - ok
17:27:06.0599 0780 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:27:06.0609 0780 iScsiPrt - ok
17:27:06.0633 0780 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:27:06.0634 0780 kbdclass - ok
17:27:06.0690 0780 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:27:06.0692 0780 kbdhid - ok
17:27:06.0749 0780 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:27:06.0751 0780 KeyIso - ok
17:27:06.0789 0780 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:27:06.0804 0780 KSecDD - ok
17:27:06.0842 0780 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:27:06.0850 0780 KSecPkg - ok
17:27:06.0910 0780 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:27:06.0912 0780 ksthunk - ok
17:27:07.0000 0780 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:27:07.0022 0780 KtmRm - ok
17:27:07.0125 0780 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:27:07.0134 0780 LanmanServer - ok
17:27:07.0189 0780 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:27:07.0194 0780 LanmanWorkstation - ok
17:27:07.0341 0780 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:27:07.0343 0780 lltdio - ok
17:27:07.0452 0780 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:27:07.0473 0780 lltdsvc - ok
17:27:07.0500 0780 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:27:07.0503 0780 lmhosts - ok
17:27:07.0562 0780 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:27:07.0577 0780 LSI_FC - ok
17:27:07.0607 0780 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:27:07.0628 0780 LSI_SAS - ok
17:27:07.0662 0780 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:27:07.0680 0780 LSI_SAS2 - ok
17:27:07.0717 0780 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:27:07.0725 0780 LSI_SCSI - ok
17:27:07.0755 0780 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:27:07.0759 0780 luafv - ok
17:27:07.0799 0780 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:27:07.0801 0780 MBAMProtector - ok
17:27:07.0978 0780 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:27:07.0984 0780 MBAMScheduler - ok
17:27:08.0127 0780 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:27:08.0137 0780 MBAMService - ok
17:27:08.0338 0780 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
17:27:08.0360 0780 McComponentHostService - ok
17:27:08.0400 0780 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:27:08.0419 0780 Mcx2Svc - ok
17:27:08.0483 0780 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:27:08.0504 0780 megasas - ok
17:27:08.0584 0780 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:27:08.0597 0780 MegaSR - ok
17:27:08.0661 0780 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:27:08.0665 0780 MMCSS - ok
17:27:08.0689 0780 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:27:08.0741 0780 Modem - ok
17:27:08.0781 0780 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:27:08.0783 0780 monitor - ok
17:27:08.0847 0780 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:27:08.0848 0780 mouclass - ok
17:27:08.0935 0780 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:27:08.0937 0780 mouhid - ok
17:27:08.0983 0780 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:27:08.0997 0780 mountmgr - ok
17:27:09.0159 0780 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:27:09.0179 0780 MozillaMaintenance - ok
17:27:09.0215 0780 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:27:09.0226 0780 mpio - ok
17:27:09.0287 0780 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:27:09.0304 0780 mpsdrv - ok
17:27:09.0352 0780 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:27:09.0369 0780 MRxDAV - ok
17:27:09.0409 0780 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:27:09.0414 0780 mrxsmb - ok
17:27:09.0452 0780 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:27:09.0460 0780 mrxsmb10 - ok
17:27:09.0486 0780 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:27:09.0491 0780 mrxsmb20 - ok
17:27:09.0532 0780 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:27:09.0544 0780 msahci - ok
17:27:09.0610 0780 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:27:09.0616 0780 msdsm - ok
17:27:09.0645 0780 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:27:09.0666 0780 MSDTC - ok
17:27:09.0740 0780 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:27:09.0742 0780 Msfs - ok
17:27:09.0775 0780 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:27:09.0789 0780 mshidkmdf - ok
17:27:09.0826 0780 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:27:09.0845 0780 msisadrv - ok
17:27:09.0942 0780 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:27:09.0954 0780 MSiSCSI - ok
17:27:09.0963 0780 msiserver - ok
17:27:10.0017 0780 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:27:10.0039 0780 MSKSSRV - ok
17:27:10.0088 0780 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:27:10.0102 0780 MSPCLOCK - ok
17:27:10.0148 0780 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:27:10.0161 0780 MSPQM - ok
17:27:10.0195 0780 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:27:10.0224 0780 MsRPC - ok
17:27:10.0269 0780 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:27:10.0271 0780 mssmbios - ok
17:27:10.0365 0780 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:27:10.0393 0780 MSTEE - ok
17:27:10.0421 0780 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:27:10.0432 0780 MTConfig - ok
17:27:10.0493 0780 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:27:10.0507 0780 Mup - ok
17:27:10.0552 0780 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:27:10.0595 0780 napagent - ok
17:27:10.0722 0780 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:27:10.0730 0780 NativeWifiP - ok
17:27:10.0900 0780 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:27:10.0914 0780 NDIS - ok
17:27:10.0957 0780 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:27:10.0960 0780 NdisCap - ok
17:27:10.0993 0780 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:27:10.0995 0780 NdisTapi - ok
17:27:11.0081 0780 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:27:11.0083 0780 Ndisuio - ok
17:27:11.0145 0780 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:27:11.0150 0780 NdisWan - ok
17:27:11.0176 0780 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:27:11.0178 0780 NDProxy - ok
17:27:11.0243 0780 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:27:11.0245 0780 NetBIOS - ok
17:27:11.0312 0780 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:27:11.0319 0780 NetBT - ok
17:27:11.0348 0780 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:27:11.0351 0780 Netlogon - ok
17:27:11.0492 0780 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:27:11.0500 0780 Netman - ok
17:27:11.0620 0780 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:27:11.0629 0780 netprofm - ok
17:27:11.0681 0780 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:27:11.0696 0780 NetTcpPortSharing - ok
17:27:11.0771 0780 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:27:11.0784 0780 nfrd960 - ok
17:27:11.0899 0780 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:27:11.0908 0780 NlaSvc - ok
17:27:11.0939 0780 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:27:11.0940 0780 Npfs - ok
17:27:11.0973 0780 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:27:11.0975 0780 nsi - ok
17:27:12.0001 0780 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:27:12.0003 0780 nsiproxy - ok
17:27:12.0196 0780 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:27:12.0304 0780 Ntfs - ok
17:27:12.0392 0780 [ D4012918D3A3847B44B888D56BC095D6 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
17:27:12.0394 0780 NuidFltr - ok
17:27:12.0434 0780 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:27:12.0436 0780 Null - ok
17:27:12.0530 0780 [ 785298579B5F9B4032152DFBB992FDB6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:27:12.0534 0780 nusb3hub - ok
17:27:12.0635 0780 [ DF2750481B4964814467C974F2B0EEF1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:27:12.0640 0780 nusb3xhc - ok
17:27:12.0706 0780 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:27:12.0722 0780 nvraid - ok
17:27:12.0754 0780 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:27:12.0764 0780 nvstor - ok
17:27:12.0791 0780 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:27:12.0801 0780 nv_agp - ok
17:27:12.0880 0780 [ F79633A8B7DB75CB5FAD53B02985A414 ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
17:27:12.0884 0780 NWADI - ok
17:27:12.0948 0780 [ D944D4341429093F55CB7F0EC87C86B3 ] NWUSBCDFIL64 C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys
17:27:12.0966 0780 NWUSBCDFIL64 - ok
17:27:13.0056 0780 [ A3FADCF96ABF4803E7A946CD48641AC3 ] NWUSBModem C:\Windows\system32\DRIVERS\nwusbmdm.sys
17:27:13.0075 0780 NWUSBModem - ok
17:27:13.0149 0780 [ A3FADCF96ABF4803E7A946CD48641AC3 ] NWUSBPort C:\Windows\system32\DRIVERS\nwusbser.sys
17:27:13.0167 0780 NWUSBPort - ok
17:27:13.0255 0780 [ A3FADCF96ABF4803E7A946CD48641AC3 ] NWUSBPort2 C:\Windows\system32\DRIVERS\nwusbser2.sys
17:27:13.0267 0780 NWUSBPort2 - ok
17:27:13.0288 0780 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:27:13.0304 0780 ohci1394 - ok
17:27:13.0422 0780 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:27:13.0430 0780 p2pimsvc - ok
17:27:13.0561 0780 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:27:13.0588 0780 p2psvc - ok
17:27:13.0643 0780 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:27:13.0647 0780 Parport - ok
17:27:13.0688 0780 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:27:13.0702 0780 partmgr - ok
17:27:13.0735 0780 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:27:13.0742 0780 PcaSvc - ok
17:27:13.0801 0780 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:27:13.0818 0780 pci - ok
17:27:13.0852 0780 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:27:13.0865 0780 pciide - ok
17:27:13.0939 0780 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:27:13.0970 0780 pcmcia - ok
17:27:14.0059 0780 [ D48BD0FF27AFB97005B33C9B6D26DA3F ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
17:27:14.0085 0780 PCTCore - ok
17:27:14.0145 0780 [ 1335454528ADFA13E1D3C4FA3FDBDC42 ] pctDS C:\Windows\system32\drivers\pctDS64.sys
17:27:14.0184 0780 pctDS - ok
17:27:14.0443 0780 [ DF2A2505F17319DADA4B204688CEC0C2 ] pctEFA C:\Windows\system32\drivers\pctEFA64.sys
17:27:14.0474 0780 pctEFA - ok
17:27:14.0533 0780 [ 9B7670B21E7FCBE9DA9C4A751F31CCA6 ] PCTSD C:\Windows\system32\Drivers\PCTSD64.sys
17:27:14.0540 0780 PCTSD - ok
17:27:14.0578 0780 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:27:14.0597 0780 pcw - ok
17:27:14.0693 0780 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:27:14.0707 0780 PEAUTH - ok
17:27:15.0087 0780 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:27:15.0101 0780 PeerDistSvc - ok
17:27:15.0426 0780 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:27:15.0442 0780 PerfHost - ok
17:27:15.0756 0780 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:27:15.0905 0780 pla - ok
17:27:16.0049 0780 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:27:16.0057 0780 PlugPlay - ok
17:27:16.0107 0780 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:27:16.0128 0780 PNRPAutoReg - ok
17:27:16.0239 0780 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:27:16.0246 0780 PNRPsvc - ok
17:27:16.0328 0780 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:27:16.0364 0780 PolicyAgent - ok
17:27:16.0436 0780 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:27:16.0441 0780 Power - ok
17:27:16.0705 0780 [ 4DB7DC5AA61974B616EA2AA16E04F5F2 ] ppped C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
17:27:16.0726 0780 ppped - ok
17:27:16.0808 0780 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:27:16.0812 0780 PptpMiniport - ok
17:27:16.0866 0780 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:27:16.0884 0780 Processor - ok
17:27:16.0945 0780 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:27:16.0950 0780 ProfSvc - ok
17:27:16.0974 0780 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:27:16.0977 0780 ProtectedStorage - ok
17:27:17.0086 0780 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:27:17.0088 0780 Psched - ok
17:27:17.0162 0780 [ 2FE5264801C602167A410E7340122BC6 ] PTUMLBUS C:\Windows\system32\DRIVERS\PTUMLBUS.sys
17:27:17.0181 0780 PTUMLBUS - ok
17:27:17.0291 0780 [ 257BBA6AC5B344C01BE879FF6DBE6A69 ] ptumlcmsvc C:\Windows\system32\ptumlcmsvc64.exe
17:27:17.0295 0780 ptumlcmsvc - ok
17:27:17.0355 0780 [ C7B1BA777C7C1E3CDDC98F29D0FB34DF ] PTUMLCVsp C:\Windows\system32\DRIVERS\PTUMLCVsp.sys
17:27:17.0365 0780 PTUMLCVsp - ok
17:27:17.0397 0780 [ B530F5DB55CF0B27C9EF9B1628FBD061 ] PTUMLMdm C:\Windows\system32\DRIVERS\PTUMLMdm.sys
17:27:17.0425 0780 PTUMLMdm - ok
17:27:17.0474 0780 [ E6684FA7DFC71B7DFC8B76FFD089675B ] PTUMLNET61 C:\Windows\system32\DRIVERS\PTUMLNET61.sys
17:27:17.0488 0780 PTUMLNET61 - ok
17:27:17.0514 0780 [ 28EDCF7AF2CB4F7AE2CB3A336146CA9E ] PTUMLNVsp C:\Windows\system32\DRIVERS\PTUMLNVsp.sys
17:27:17.0535 0780 PTUMLNVsp - ok
17:27:17.0573 0780 [ B4190F3B562E6A21026484CFF465ECE9 ] PTUMLRMNET C:\Windows\system32\DRIVERS\PTUMLRMNET.sys
17:27:17.0587 0780 PTUMLRMNET - ok
17:27:17.0636 0780 [ 2363D7F03741B4291C53A698B5E8EAD5 ] PTUMLVsp C:\Windows\system32\DRIVERS\PTUMLVsp.sys
17:27:17.0647 0780 PTUMLVsp - ok
17:27:17.0820 0780 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:27:17.0919 0780 ql2300 - ok
17:27:17.0984 0780 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:27:17.0998 0780 ql40xx - ok
17:27:18.0083 0780 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:27:18.0108 0780 QWAVE - ok
17:27:18.0128 0780 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:27:18.0143 0780 QWAVEdrv - ok
17:27:18.0170 0780 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:27:18.0183 0780 RasAcd - ok
17:27:18.0255 0780 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:27:18.0257 0780 RasAgileVpn - ok
17:27:18.0291 0780 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:27:18.0310 0780 RasAuto - ok
17:27:18.0348 0780 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:27:18.0352 0780 Rasl2tp - ok
17:27:18.0446 0780 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:27:18.0480 0780 RasMan - ok
17:27:18.0561 0780 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:27:18.0564 0780 RasPppoe - ok
17:27:18.0630 0780 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:27:18.0633 0780 RasSstp - ok
17:27:18.0759 0780 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:27:18.0767 0780 rdbss - ok
17:27:18.0789 0780 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:27:18.0791 0780 rdpbus - ok
17:27:18.0847 0780 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:27:18.0849 0780 RDPCDD - ok
17:27:18.0903 0780 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:27:18.0931 0780 RDPDR - ok
17:27:19.0003 0780 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:27:19.0005 0780 RDPENCDD - ok
17:27:19.0050 0780 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:27:19.0051 0780 RDPREFMP - ok
17:27:19.0114 0780 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:27:19.0133 0780 RDPWD - ok
17:27:19.0226 0780 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:27:19.0247 0780 rdyboost - ok
17:27:19.0474 0780 [ BBFCAC1C23B867AE5D7EF96DF40680C5 ] Realtek11nSU C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
17:27:19.0477 0780 Realtek11nSU - ok
17:27:19.0600 0780 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:27:19.0614 0780 RemoteAccess - ok
17:27:19.0679 0780 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:27:19.0692 0780 RemoteRegistry - ok
17:27:19.0752 0780 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:27:19.0757 0780 RpcEptMapper - ok
17:27:19.0817 0780 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:27:19.0829 0780 RpcLocator - ok
17:27:19.0922 0780 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:27:19.0932 0780 RpcSs - ok
17:27:20.0017 0780 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:27:20.0020 0780 rspndr - ok
17:27:20.0129 0780 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
17:27:20.0133 0780 RTHDMIAzAudService - ok
17:27:20.0239 0780 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:27:20.0245 0780 RTL8167 - ok
17:27:20.0492 0780 [ FC00C0DE6DC83DE1B2B01420E2195B21 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
17:27:20.0503 0780 RTL8192su - ok
17:27:20.0539 0780 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:27:20.0549 0780 s3cap - ok
17:27:20.0574 0780 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:27:20.0576 0780 SamSs - ok
17:27:20.0605 0780 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:27:20.0613 0780 sbp2port - ok
17:27:20.0696 0780 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:27:20.0761 0780 SCardSvr - ok
17:27:20.0803 0780 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:27:20.0821 0780 scfilter - ok
17:27:20.0909 0780 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:27:20.0937 0780 Schedule - ok
17:27:20.0969 0780 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:27:20.0970 0780 SCPolicySvc - ok
17:27:21.0269 0780 [ 17D6A03103586D7954BA74C2219CE1BB ] sdAuxService C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
17:27:21.0279 0780 sdAuxService - ok
17:27:21.0401 0780 [ D2B30A5A8F57C00B0FA84A8880E9EC5B ] sdCoreService C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
17:27:21.0418 0780 sdCoreService - ok
17:27:21.0469 0780 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:27:21.0481 0780 SDRSVC - ok
17:27:21.0554 0780 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:27:21.0556 0780 secdrv - ok
17:27:21.0597 0780 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:27:21.0610 0780 seclogon - ok
17:27:21.0664 0780 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:27:21.0669 0780 SENS - ok
17:27:21.0700 0780 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:27:21.0722 0780 SensrSvc - ok
17:27:21.0744 0780 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:27:21.0746 0780 Serenum - ok
17:27:21.0779 0780 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:27:21.0783 0780 Serial - ok
17:27:21.0806 0780 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:27:21.0823 0780 sermouse - ok
17:27:21.0880 0780 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:27:21.0894 0780 SessionEnv - ok
17:27:21.0931 0780 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:27:21.0942 0780 sffdisk - ok
17:27:21.0965 0780 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:27:21.0976 0780 sffp_mmc - ok
17:27:22.0000 0780 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:27:22.0017 0780 sffp_sd - ok
17:27:22.0052 0780 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:27:22.0066 0780 sfloppy - ok
17:27:22.0142 0780 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:27:22.0154 0780 ShellHWDetection - ok
17:27:22.0224 0780 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:27:22.0250 0780 SiSRaid2 - ok
17:27:22.0280 0780 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:27:22.0298 0780 SiSRaid4 - ok
17:27:22.0351 0780 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:27:22.0366 0780 Smb - ok
17:27:22.0444 0780 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:27:22.0461 0780 SNMPTRAP - ok
17:27:22.0484 0780 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:27:22.0500 0780 spldr - ok
17:27:22.0613 0780 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
17:27:22.0625 0780 Spooler - ok
17:27:23.0154 0780 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:27:23.0176 0780 sppsvc - ok
17:27:23.0229 0780 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:27:23.0242 0780 sppuinotify - ok
17:27:23.0301 0780 [ B9413B99DBB704E0F5824775A1118CC7 ] Spyder2 C:\Windows\system32\DRIVERS\Spyder2.sys
17:27:23.0312 0780 Spyder2 - ok
17:27:23.0435 0780 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:27:23.0446 0780 srv - ok
17:27:23.0539 0780 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:27:23.0549 0780 srv2 - ok
17:27:23.0595 0780 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:27:23.0600 0780 srvnet - ok
17:27:23.0710 0780 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:27:23.0716 0780 SSDPSRV - ok
17:27:23.0745 0780 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:27:23.0758 0780 SstpSvc - ok
17:27:23.0808 0780 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:27:23.0822 0780 stexstor - ok
17:27:24.0015 0780 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:27:24.0027 0780 stisvc - ok
17:27:24.0058 0780 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:27:24.0070 0780 storflt - ok
17:27:24.0101 0780 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:27:24.0122 0780 StorSvc - ok
17:27:24.0147 0780 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:27:24.0158 0780 storvsc - ok
17:27:24.0190 0780 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:27:24.0190 0780 swenum - ok
17:27:24.0429 0780 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:27:24.0437 0780 SwitchBoard - ok
17:27:24.0586 0780 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:27:24.0614 0780 swprv - ok
17:27:24.0873 0780 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:27:24.0886 0780 SysMain - ok
17:27:24.0910 0780 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:27:24.0928 0780 TabletInputService - ok
17:27:25.0003 0780 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:27:25.0027 0780 TapiSrv - ok
17:27:25.0062 0780 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:27:25.0066 0780 TBS - ok
17:27:25.0289 0780 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:27:25.0312 0780 Tcpip - ok
17:27:25.0411 0780 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:27:25.0425 0780 TCPIP6 - ok
17:27:25.0458 0780 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:27:25.0459 0780 tcpipreg - ok
17:27:25.0493 0780 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:27:25.0528 0780 TDPIPE - ok
17:27:25.0575 0780 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:27:25.0589 0780 TDTCP - ok
17:27:25.0643 0780 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:27:25.0647 0780 tdx - ok
17:27:25.0727 0780 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:27:25.0729 0780 TermDD - ok
17:27:25.0786 0780 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:27:25.0805 0780 TermService - ok
17:27:25.0858 0780 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:27:25.0860 0780 Themes - ok
17:27:25.0911 0780 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:27:25.0914 0780 THREADORDER - ok
17:27:25.0944 0780 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:27:25.0949 0780 TrkWks - ok
17:27:26.0056 0780 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:27:26.0073 0780 TrustedInstaller - ok
17:27:26.0111 0780 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:27:26.0136 0780 tssecsrv - ok
17:27:26.0239 0780 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:27:26.0250 0780 TsUsbFlt - ok
17:27:26.0356 0780 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:27:26.0360 0780 tunnel - ok
17:27:26.0425 0780 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:27:26.0444 0780 uagp35 - ok
17:27:26.0555 0780 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:27:26.0564 0780 udfs - ok
17:27:26.0608 0780 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:27:26.0619 0780 UI0Detect - ok
17:27:26.0643 0780 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:27:26.0657 0780 uliagpkx - ok
17:27:26.0716 0780 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:27:26.0717 0780 umbus - ok
17:27:26.0799 0780 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:27:26.0815 0780 UmPass - ok
17:27:26.0873 0780 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:27:26.0893 0780 UmRdpService - ok
17:27:27.0002 0780 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:27:27.0008 0780 upnphost - ok
17:27:27.0035 0780 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:27:27.0051 0780 USBAAPL64 - ok
17:27:27.0080 0780 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:27:27.0082 0780 usbccgp - ok
17:27:27.0165 0780 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:27:27.0176 0780 usbcir - ok
17:27:27.0203 0780 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:27:27.0205 0780 usbehci - ok
17:27:27.0331 0780 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:27:27.0337 0780 usbhub - ok
17:27:27.0364 0780 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:27:27.0366 0780 usbohci - ok
17:27:27.0461 0780 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:27:27.0489 0780 usbprint - ok
17:27:27.0512 0780 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
17:27:27.0514 0780 USBSTOR - ok
17:27:27.0536 0780 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:27:27.0553 0780 usbuhci - ok
17:27:27.0609 0780 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:27:27.0613 0780 UxSms - ok
17:27:27.0640 0780 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:27:27.0643 0780 VaultSvc - ok
17:27:27.0694 0780 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:27:27.0712 0780 vdrvroot - ok
17:27:27.0805 0780 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:27:27.0828 0780 vds - ok
17:27:27.0886 0780 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:27:27.0899 0780 vga - ok
17:27:27.0927 0780 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:27:27.0929 0780 VgaSave - ok
17:27:27.0994 0780 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:27:28.0009 0780 vhdmp - ok
17:27:28.0036 0780 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:27:28.0048 0780 viaide - ok
17:27:28.0091 0780 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:27:28.0111 0780 vmbus - ok
17:27:28.0135 0780 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:27:28.0146 0780 VMBusHID - ok
17:27:28.0175 0780 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:27:28.0188 0780 volmgr - ok
17:27:28.0230 0780 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:27:28.0249 0780 volmgrx - ok
17:27:28.0335 0780 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:27:28.0347 0780 volsnap - ok
17:27:28.0432 0780 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:27:28.0446 0780 vsmraid - ok
17:27:28.0777 0780 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:27:28.0804 0780 VSS - ok
17:27:28.0821 0780 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:27:28.0822 0780 vwifibus - ok
17:27:28.0873 0780 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:27:28.0876 0780 vwififlt - ok
17:27:28.0958 0780 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:27:28.0960 0780 vwifimp - ok
17:27:29.0067 0780 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:27:29.0085 0780 W32Time - ok
17:27:29.0147 0780 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:27:29.0174 0780 WacomPen - ok
17:27:29.0258 0780 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:27:29.0261 0780 WANARP - ok
17:27:29.0302 0780 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:27:29.0304 0780 Wanarpv6 - ok
17:27:29.0622 0780 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:27:29.0648 0780 WatAdminSvc - ok
17:27:29.0824 0780 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:27:29.0852 0780 wbengine - ok
17:27:29.0934 0780 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:27:29.0946 0780 WbioSrvc - ok
17:27:30.0054 0780 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:27:30.0068 0780 wcncsvc - ok
17:27:30.0097 0780 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:27:30.0115 0780 WcsPlugInService - ok
17:27:30.0164 0780 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:27:30.0176 0780 Wd - ok
17:27:30.0301 0780 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:27:30.0329 0780 Wdf01000 - ok
17:27:30.0350 0780 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:27:30.0352 0780 WdiServiceHost - ok
17:27:30.0365 0780 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:27:30.0368 0780 WdiSystemHost - ok
17:27:30.0439 0780 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:27:30.0452 0780 WebClient - ok
17:27:30.0532 0780 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:27:30.0545 0780 Wecsvc - ok
17:27:30.0570 0780 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:27:30.0581 0780 wercplsupport - ok
17:27:30.0637 0780 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:27:30.0652 0780 WerSvc - ok
17:27:30.0699 0780 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:27:30.0701 0780 WfpLwf - ok
17:27:30.0745 0780 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:27:30.0761 0780 WIMMount - ok
17:27:30.0772 0780 WinHttpAutoProxySvc - ok
17:27:30.0919 0780 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:27:30.0923 0780 Winmgmt - ok
17:27:31.0248 0780 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:27:31.0295 0780 WinRM - ok
17:27:31.0414 0780 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:27:31.0439 0780 WinUsb - ok
17:27:31.0614 0780 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:27:31.0628 0780 Wlansvc - ok
17:27:31.0700 0780 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:27:31.0701 0780 WmiAcpi - ok
17:27:31.0789 0780 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:27:31.0801 0780 wmiApSrv - ok
17:27:31.0924 0780 WMPNetworkSvc - ok
17:27:31.0984 0780 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:27:32.0012 0780 WPCSvc - ok
17:27:32.0090 0780 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:27:32.0095 0780 WPDBusEnum - ok
17:27:32.0175 0780 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:27:32.0177 0780 ws2ifsl - ok
17:27:32.0185 0780 WSearch - ok
17:27:32.0224 0780 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:27:32.0225 0780 WudfPf - ok
17:27:32.0329 0780 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:27:32.0339 0780 WUDFRd - ok
17:27:32.0384 0780 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:27:32.0389 0780 wudfsvc - ok
17:27:32.0475 0780 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:27:32.0502 0780 WwanSvc - ok
17:27:32.0670 0780 ================ Scan global ===============================
17:27:32.0752 0780 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:27:32.0805 0780 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:27:32.0839 0780 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:27:32.0893 0780 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:27:32.0986 0780 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:27:32.0997 0780 [Global] - ok
17:27:32.0998 0780 ================ Scan MBR ==================================
17:27:33.0016 0780 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:27:34.0415 0780 \Device\Harddisk0\DR0 - ok
17:27:34.0422 0780 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:27:34.0503 0780 \Device\Harddisk1\DR1 - ok
17:27:34.0504 0780 ================ Scan VBR ==================================
17:27:34.0531 0780 [ 4FC7CBA4FB754357064EB5DBF4ECBDEA ] \Device\Harddisk0\DR0\Partition1
17:27:34.0543 0780 \Device\Harddisk0\DR0\Partition1 - ok
17:27:34.0564 0780 [ DAC575C5E6010A32F7C7938A56565619 ] \Device\Harddisk0\DR0\Partition2
17:27:34.0585 0780 \Device\Harddisk0\DR0\Partition2 - ok
17:27:34.0591 0780 [ BBB86E92B2EE288C8D7C0B75717D91EF ] \Device\Harddisk1\DR1\Partition1
17:27:34.0595 0780 \Device\Harddisk1\DR1\Partition1 - ok
17:27:34.0596 0780 ============================================================
17:27:34.0596 0780 Scan finished
17:27:34.0596 0780 ============================================================
17:27:34.0621 3728 Detected object count: 1
17:27:34.0621 3728 Actual detected object count: 1


malwarebytes
2012/09/29 00:00:37 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:01:37 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:02:37 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:03:38 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:04:38 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:05:38 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:06:39 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:07:39 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:08:39 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:09:40 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:10:40 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:11:40 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:12:41 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:13:41 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:14:42 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:15:42 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:16:42 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:17:01 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:17:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:18:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:19:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:20:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:21:44 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:22:44 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:23:44 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:24:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:25:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:26:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:27:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:28:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:29:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:30:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:31:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:32:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:33:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:34:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:35:48 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:36:48 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:37:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:38:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:39:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:40:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:41:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:42:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:43:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:44:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:45:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:46:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:47:52 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:48:52 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:49:52 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:50:52 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:51:53 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:52:53 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:53:53 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:54:54 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:55:54 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:56:54 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:57:55 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:58:55 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 00:59:55 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:00:55 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:01:56 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:02:56 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:03:56 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:04:56 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:05:57 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:06:57 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:07:57 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:08:58 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:09:58 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:10:58 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:11:58 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:12:59 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:13:59 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:14:59 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:15:59 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:16:59 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:18:00 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:19:00 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:20:00 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:21:01 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:22:01 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:23:01 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:24:02 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 01:24:37 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:31:32 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:31:53 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:32:42 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:33:42 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:34:42 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:35:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:36:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:37:35 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:37:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:38:44 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:39:02 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:39:44 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:40:44 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:41:44 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:42:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:43:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:43:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:44:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:45:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:46:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:47:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:48:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:49:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:50:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:51:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:52:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:53:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:54:48 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:55:48 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:56:48 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:57:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:58:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 09:59:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:00:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:01:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:02:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:03:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:04:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:05:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:06:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:07:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:08:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:09:52 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:10:52 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:11:52 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:12:52 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:13:53 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:14:53 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:15:53 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:16:53 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:17:54 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:18:54 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:19:54 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:20:54 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:21:55 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:22:55 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:23:55 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:24:55 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:25:55 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:26:56 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:27:56 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:28:56 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:29:56 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:30:57 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:31:57 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:32:57 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:33:58 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:34:58 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:35:58 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:36:58 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:37:58 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:38:59 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:39:59 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:40:59 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:41:59 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:42:31 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:43:00 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:44:00 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:45:00 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:46:01 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:47:01 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:47:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:48:01 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:48:34 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:49:01 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:49:16 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:50:02 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:51:02 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:52:02 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:53:03 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:54:03 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:55:03 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:56:03 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:57:04 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:58:04 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 10:59:04 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:00:04 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:01:04 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:02:05 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:03:05 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:04:05 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:05:06 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:06:06 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:07:06 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:08:06 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:09:07 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:10:07 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:11:07 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:12:07 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:13:08 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:14:08 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:15:09 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:16:09 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:17:10 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:18:10 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:19:11 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:20:11 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:21:11 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:22:12 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:23:12 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:24:12 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:25:13 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:27:00 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\000000cb.@ Rootkit.0Access QUARANTINE
2012/09/29 11:27:01 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000000.@ Rootkit.0Access.64 QUARANTINE
2012/09/29 11:27:01 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:27:14 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:28:14 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:29:14 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:30:15 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:31:15 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:31:23 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\000000cb.@ Rootkit.0Access DENY
2012/09/29 11:31:31 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000000.@ Rootkit.0Access.64 DENY
2012/09/29 11:32:15 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:33:16 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:34:16 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:35:16 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:36:17 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:37:17 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:38:17 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:39:18 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:40:18 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:41:18 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:42:19 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:43:19 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:44:19 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:45:20 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:46:20 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:47:20 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:48:21 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:49:21 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:50:22 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:51:22 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:52:23 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:53:23 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:54:23 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:55:24 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:56:24 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:57:24 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:58:25 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 11:59:25 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:00:25 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:01:26 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:02:26 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:03:26 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:04:26 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:05:27 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:06:27 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:07:27 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:08:28 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:09:28 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:10:28 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:11:29 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:12:29 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:13:29 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:14:29 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:15:30 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:16:30 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:17:30 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:18:30 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:19:31 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:20:31 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:21:31 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:22:31 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:23:32 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:24:32 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:25:32 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:26:32 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:27:33 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:28:33 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:29:33 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:30:34 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:31:34 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:32:34 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:33:34 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:34:35 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:35:35 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:36:35 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:37:35 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:38:35 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:39:36 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:40:36 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:41:36 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:42:37 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:43:37 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:44:37 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:45:37 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:46:38 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:47:38 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:48:38 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:49:38 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:50:39 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:51:39 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:52:39 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:53:40 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:54:40 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:55:40 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:56:41 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:57:41 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:58:41 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 12:59:41 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:00:42 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:01:42 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:02:42 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:03:42 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:04:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:05:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:06:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:07:43 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:08:44 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:09:44 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:10:44 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:11:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:12:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:13:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:14:45 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:15:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:16:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:17:22 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:17:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:18:46 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:19:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:20:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:21:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:22:47 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:23:48 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:24:48 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:25:48 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:26:48 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:27:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:28:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:29:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:30:49 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:31:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:32:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:33:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:34:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:35:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:36:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:37:51 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 13:38:52 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 16:54:19 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 16:54:24 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 16:55:21 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 16:56:21 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 16:57:21 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 16:58:22 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 16:59:22 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:00:22 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:01:22 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:02:22 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:03:22 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:04:23 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:05:23 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:06:23 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:07:23 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:08:23 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:09:23 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:10:24 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:11:24 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:12:24 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:13:24 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:14:24 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:15:24 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:16:25 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:17:00 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:17:25 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:18:25 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:19:25 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:19:50 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:20:26 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:21:26 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:22:26 -0400 NOEL-PC Noel DETECTION C:\Windows\Installer\{08692e8e-56df-30f5-bb09-a0bd4b1a1011}\U\80000032.@ Rootkit.0Access DENY
2012/09/29 17:26:52 -0400 NOEL-PC Noel MESSAGE Starting protection
2012/09/29 17:26:52 -0400 NOEL-PC Noel MESSAGE Protection started successfully
2012/09/29 17:26:52 -0400 NOEL-PC Noel MESSAGE Starting IP protection
2012/09/29 17:26:52 -0400 NOEL-PC Noel ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/09/29 19:03:05 -0400 NOEL-PC Noel MESSAGE Starting protection
2012/09/29 19:03:05 -0400 NOEL-PC Noel MESSAGE Protection started successfully
2012/09/29 19:03:05 -0400 NOEL-PC Noel MESSAGE Starting IP protection
2012/09/29 19:03:05 -0400 NOEL-PC Noel ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/09/29 19:06:22 -0400 NOEL-PC Noel MESSAGE Starting protection
2012/09/29 19:06:22 -0400 NOEL-PC Noel MESSAGE Protection started successfully
2012/09/29 19:06:22 -0400 NOEL-PC Noel MESSAGE Starting IP protection
2012/09/29 19:06:22 -0400 NOEL-PC Noel ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/09/29 20:04:01 -0400 NOEL-PC Noel MESSAGE Starting protection
2012/09/29 20:04:01 -0400 NOEL-PC Noel MESSAGE Protection started successfully
2012/09/29 20:04:01 -0400 NOEL-PC Noel MESSAGE Starting IP protection
2012/09/29 20:04:01 -0400 NOEL-PC Noel ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753

MiniToolBox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Noel (administrator) on 29-09-2012 at 20:14:24
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "file:///C:/BrowserPAC.js"
"network.proxy.type", 1

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 3" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 4" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 5" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 6" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Noel-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : local.tld

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-02-72-8A-B9-D6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : local.tld
Description . . . . . . . . . . . : Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter
Physical Address. . . . . . . . . : 00-02-72-8A-B9-D6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f0fb:e1c3:e53e:69e7%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.166(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, September 29, 2012 8:01:52 PM
Lease Expires . . . . . . . . . . : Sunday, September 30, 2012 8:02:08 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 335544946
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-9D-1F-D1-6C-F0-49-7C-B9-1B
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domain_not_set.invalid
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 6C-F0-49-7C-B9-1B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{01FAE1D4-3F0B-4068-9656-ECC8238F368A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.local.tld:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cp.local.tld
Address: 192.168.0.1

Name: google.com
Addresses: 2001:4860:400a:800::1004
74.125.225.3
74.125.225.8
74.125.225.7
74.125.225.14
74.125.225.1
74.125.225.6
74.125.225.9
74.125.225.2
74.125.225.4
74.125.225.5
74.125.225.0


Pinging google.com [74.125.225.0] with 32 bytes of data:
Reply from 74.125.225.0: bytes=32 time=73ms TTL=53
Reply from 74.125.225.0: bytes=32 time=92ms TTL=53

Ping statistics for 74.125.225.0:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 73ms, Maximum = 92ms, Average = 82ms
Server: cp.local.tld
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=384ms TTL=48
Reply from 72.30.38.140: bytes=32 time=329ms TTL=48

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 329ms, Maximum = 384ms, Average = 356ms
Server: cp.local.tld
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...00 02 72 8a b9 d6 ......Microsoft Virtual WiFi Miniport Adapter
12...00 02 72 8a b9 d6 ......Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter
10...6c f0 49 7c b9 1b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.166 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.166 281
192.168.0.166 255.255.255.255 On-link 192.168.0.166 281
192.168.0.255 255.255.255.255 On-link 192.168.0.166 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.166 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.166 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::f0fb:e1c3:e53e:69e7/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/29/2012 07:02:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: pctsSvc.exe, version: 9.0.0.912, time stamp: 0x4f46cae5
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e211319
Exception code: 0x0eedfade
Fault offset: 0x0000b9bc
Faulting process id: 0xf04
Faulting application start time: 0xpctsSvc.exe0
Faulting application path: pctsSvc.exe1
Faulting module path: pctsSvc.exe2
Report Id: pctsSvc.exe3

Error: (09/29/2012 06:48:04 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7ec

Start Time: 01cd9e88c0b934ff

Termination Time: 60000

Application Path: C:\Windows\Explorer.EXE

Report Id: 8a193dc5-0a87-11e2-838f-6cf0497cb91b

Error: (09/29/2012 06:45:15 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.62.0.140 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1580

Start Time: 01cd9e8d829a51ba

Termination Time: 5

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id: 52076499-0a87-11e2-838f-6cf0497cb91b

Error: (09/29/2012 05:58:02 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.62.0.140 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e38

Start Time: 01cd9e899056b3ff

Termination Time: 6

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id: b96ea7ec-0a80-11e2-838f-6cf0497cb91b

Error: (09/29/2012 05:52:14 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 14.0.1.4577 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fb0

Start Time: 01cd9e8c6668ad41

Termination Time: 3

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: e4f87d96-0a7f-11e2-838f-6cf0497cb91b

Error: (09/29/2012 05:50:04 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 14.0.1.4577 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 10f4

Start Time: 01cd9e8b925b5864

Termination Time: 10

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 9b6b70f2-0a7f-11e2-838f-6cf0497cb91b

Error: (09/29/2012 05:22:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x504a0466
Exception code: 0xc0000005
Fault offset: 0x0101a4c1
Faulting process id: 0x1700
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/29/2012 05:21:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x504a0466
Exception code: 0xc0000005
Fault offset: 0x0101a4c1
Faulting process id: 0x1700
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/29/2012 05:20:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x504a0466
Exception code: 0xc0000005
Fault offset: 0x0101a4c1
Faulting process id: 0x1af0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/29/2012 05:19:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x504a0466
Exception code: 0xc0000005
Fault offset: 0x000ca4c1
Faulting process id: 0x18e4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (09/29/2012 08:02:09 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/29/2012 08:02:09 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/29/2012 08:01:55 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (09/29/2012 08:01:55 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (09/29/2012 08:01:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (09/29/2012 07:04:39 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/29/2012 07:04:39 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/29/2012 07:04:32 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/29/2012 07:04:32 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/29/2012 07:04:14 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (09/29/2012 07:02:38 PM) (Source: Application Error)(User: )
Description: pctsSvc.exe9.0.0.9124f46cae5KERNELBASE.dll6.1.7601.176514e2113190eedfade0000b9bcf0401cd9e96339540a7C:\Program Files (x86)\PC Tools Security\pctsSvc.exeC:\Windows\syswow64\KERNELBASE.dllc2f04fc1-0a89-11e2-b734-6cf0497cb91b

Error: (09/29/2012 06:48:04 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.175677ec01cd9e88c0b934ff60000C:\Windows\Explorer.EXE8a193dc5-0a87-11e2-838f-6cf0497cb91b

Error: (09/29/2012 06:45:15 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.62.0.140158001cd9e8d829a51ba5C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe52076499-0a87-11e2-838f-6cf0497cb91b

Error: (09/29/2012 05:58:02 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.62.0.140e3801cd9e899056b3ff6C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeb96ea7ec-0a80-11e2-838f-6cf0497cb91b

Error: (09/29/2012 05:52:14 PM) (Source: Application Hang)(User: )
Description: firefox.exe14.0.1.4577fb001cd9e8c6668ad413C:\Program Files (x86)\Mozilla Firefox\firefox.exee4f87d96-0a7f-11e2-838f-6cf0497cb91b

Error: (09/29/2012 05:50:04 PM) (Source: Application Hang)(User: )
Description: firefox.exe14.0.1.457710f401cd9e8b925b586410C:\Program Files (x86)\Mozilla Firefox\firefox.exe9b6b70f2-0a7f-11e2-838f-6cf0497cb91b

Error: (09/29/2012 05:22:26 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.0504a0466c00000050101a4c1170001cd9e88862842e8C:\Windows\SysWOW64\svchost.exe80000032.@c3d70048-0a7b-11e2-a0f9-6cf0497cb91b

Error: (09/29/2012 05:21:26 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.0504a0466c00000050101a4c1170001cd9e88623ad15bC:\Windows\SysWOW64\svchost.exe80000032.@9ffa7efc-0a7b-11e2-a0f9-6cf0497cb91b

Error: (09/29/2012 05:20:26 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.0504a0466c00000050101a4c11af001cd9e883e53c557C:\Windows\SysWOW64\svchost.exe80000032.@7c036d2b-0a7b-11e2-a0f9-6cf0497cb91b

Error: (09/29/2012 05:19:26 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.0504a0466c0000005000ca4c118e401cd9e881a60f957C:\Windows\SysWOW64\svchost.exe80000032.@5825fe3b-0a7b-11e2-a0f9-6cf0497cb91b


=========================== Installed Programs ============================

µTorrent (Version: 2.0.4)
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Adobe AIR (Version: 3.2.0.2070)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Download Assistant (Version: 1.2.1)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe Media Player (Version: 1.8)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Photoshop Lightroom 2.6 64-bit (Version: 2.6.1)
Adobe Reader 9.4.5 (Version: 9.4.5)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Akamai NetSession Interface
Akamai NetSession Interface Service
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD OverDrive (Version: 4.0.4.0506)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.825.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0504.2152.37420)
Catalyst Control Center Graphics Full Existing (Version: 2010.0504.2152.37420)
Catalyst Control Center Graphics Full New (Version: 2010.0504.2152.37420)
Catalyst Control Center Graphics Light (Version: 2010.0504.2152.37420)
Catalyst Control Center Graphics Previews Common (Version: 2010.0504.2152.37420)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0504.2152.37420)
Catalyst Control Center HydraVision Full (Version: 2010.0504.2152.37420)
Catalyst Control Center InstallProxy (Version: 2011.0419.2218.38209)
ccc-core-static (Version: 2010.0504.2152.37420)
ccc-utility64 (Version: 2010.0504.2152.37420)
CCC Help English (Version: 2010.0504.2151.37420)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Cross Stitch Professional Platinum Demo (No save, print only ex
Crossrider Web Apps
CyberPower PowerPanel Personal Edition 1.2.3 (Version: 1.2.3)
DivX Setup (Version: 2.2.0.24)
EPSON NX300 Series Printer Uninstall
EPSON Printer Software
EPSON Scan
ESET Online Scanner v3
FileZilla Client 3.3.3 (Version: 3.3.3)
Google Chrome (Version: 22.0.1229.79)
Google Gmail Notifier
Google SketchUp 8 (Version: 3.0.4811)
Google Update Helper (Version: 1.3.21.123)
Inkscape 0.48.2 (Version: 0.48.2)
iTunes (Version: 10.5.0.142)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 32 (Version: 6.0.320)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mobile Broadband Generic Drivers (Version: 2.03.03.002.17)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.18.0)
Norton Security Scan (Version: 2.7.3.34)
OpenOffice.org 3.3 (Version: 3.3.9567)
PandoraSaver 1.008e (standalone)
PANTECH UML290 (Version: 1.5.24.1102)
PDF Settings (Version: 1.0)
PDF Settings CS5 (Version: 10.0)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0009)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.5992)
Realtek High Definition Audio Driver (Version: 6.0.1.5998)
REALTEK Wireless LAN Driver and Utility (Version: 1.00.0142)
Spyder2express
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VZAccess Manager (Version: 7.6.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 4093.55 MB
Available physical RAM: 2644.12 MB
Total Pagefile: 8185.3 MB
Available Pagefile: 6536.14 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.08 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:232.79 GB) (Free:165.64 GB) NTFS
3 Drive d: (New Volume) (Fixed) (Total:232.88 GB) (Free:46.75 GB) NTFS
5 Drive f: (NEW) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\NOEL-PC

Administrator Guest Noel

========================= Restore Points ==================================

26-06-2012 13:52:20 Windows Update
04-07-2012 04:22:25 Windows Update
07-07-2012 04:26:44 Windows Update
10-07-2012 15:32:39 Windows Update
12-07-2012 07:00:28 Windows Update
17-07-2012 16:20:17 Windows Update
20-07-2012 16:31:07 Windows Update
25-07-2012 03:36:35 Windows Update

**** End of log ****


FSS
Farbar Service Scanner Version: 19-09-2012
Ran by Noel (administrator) on 29-09-2012 at 20:32:31
Running from "C:\Users\Noel\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll
[2011-07-01 02:47] - [2010-11-20 09:26] - 0317952 ____A (Microsoft Corporation)

C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


adware cleaner
# AdwCleaner v2.003 - Logfile created 09/29/2012 at 20:35:43
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Noel - NOEL-PC
# Boot Mode : Normal
# Running from : C:\Users\Noel\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\Noel\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\bflixtoolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A6BF16AB-42A1-4BC5-965D-5E407E449AAA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crossrider
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Noel\AppData\Roaming\Mozilla\Firefox\Profiles\yh2s65lm.default\prefs.js

Deleted : user_pref("extensions.crossriderapp435.435.active", true);
Deleted : user_pref("extensions.crossriderapp435.435.affid", "0");
Deleted : user_pref("extensions.crossriderapp435.435.backgroundjs", "\n\nfunction buttonClick() { \n \[...]
Deleted : user_pref("extensions.crossriderapp435.435.backgroundver", 8);
Deleted : user_pref("extensions.crossriderapp435.435.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.value", "%221324528216%22");
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_geo.expiration", "Sat Jun 23 2012 19:35:13 GM[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_geo.value", "%7B%22geoplugin_request%22%3A%22[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.value", "%2214974%22");
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.value", "%2214978%22");
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.value", "435");
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.expiration", "Fri Feb 01 2030 [...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.value", "14969");
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.expiration", "Fri Feb 01 2030 00:00:00[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.value", "%222993%22");
Deleted : user_pref("extensions.crossriderapp435.435.description", "Premiumplay Codec check");
Deleted : user_pref("extensions.crossriderapp435.435.domain", "");
Deleted : user_pref("extensions.crossriderapp435.435.emailsig", "");
Deleted : user_pref("extensions.crossriderapp435.435.exposesites", "");
Deleted : user_pref("extensions.crossriderapp435.435.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp435.435.group", 0);
Deleted : user_pref("extensions.crossriderapp435.435.homepage", "");
Deleted : user_pref("extensions.crossriderapp435.435.iframe", false);
Deleted : user_pref("extensions.crossriderapp435.435.js", "\n\n//------------------ PLUGIN app_435_specific S[...]
Deleted : user_pref("extensions.crossriderapp435.435.name", "Codec-V");
Deleted : user_pref("extensions.crossriderapp435.435.premium", true);
Deleted : user_pref("extensions.crossriderapp435.435.publisher", "Premiumplay");
Deleted : user_pref("extensions.crossriderapp435.435.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp435.435.thankyou", "");
Deleted : user_pref("extensions.crossriderapp435.435.ver", 51);
Deleted : user_pref("extensions.crossriderapp435.apps", "435");
Deleted : user_pref("extensions.crossriderapp435.bic", "132cfe3a83c610f2503b0f7b1abc34f6");
Deleted : user_pref("extensions.crossriderapp435.cid", 435);
Deleted : user_pref("extensions.crossriderapp435.firstrun", false);
Deleted : user_pref("extensions.crossriderapp435.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp435.installationdate", 1317747796);
Deleted : user_pref("extensions.crossriderapp435.jsver", 3);
Deleted : user_pref("extensions.crossriderapp435.lastcheck", 22338128);
Deleted : user_pref("extensions.crossriderapp435.lastcheckitem", 22338231);
Deleted : user_pref("extensions.crossriderapp435.misc.lastBgWorkerTimer", "1340293814665");
Deleted : user_pref("extensions.crossriderapp435.misc.lastDomWorkerTimer", "1340293814659");
Deleted : user_pref("extensions.crossriderapp435@crossrider.com.install-event-fired", true);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Noel\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [6021 octets] - [29/09/2012 20:35:43]

########## EOF - C:\AdwCleaner[S1].txt - [6081 octets] ##########


Junkware removal tool
Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.7 (09.29.2012)
OS: Windows 7 Professional x64
Ran by Noel on Sat 09/29/2012 at 20:46:11.45
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\crossrider"



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired

Removed the following from [PREFS.JS] :

user_pref("extensions.crossrider.bic", "132cfe3a83c610f2503b0f7b1abc34f6");


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sat 09/29/2012 at 20:46:21.56
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 PM

Posted 29 September 2012 - 08:26 PM

This is not the malwarebytes log.This is the protection log.Please post the other one

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 celtictrinityknot

celtictrinityknot
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 29 September 2012 - 08:51 PM

sorry didn't know there were two is this right?

Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.29.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Noel :: NOEL-PC [administrator]

Protection: Enabled

9/29/2012 7:06:58 PM
mbam-log-2012-09-29 (19-06-58).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 455360
Time elapsed: 52 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\TDSSKiller_Quarantine\29.09.2012_17.19.51\zasubsys0000\zafs0000\tsk0000.dta (Trojan.0access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\29.09.2012_17.19.51\zasubsys0000\zafs0000\tsk0001.dta (Trojan.Zaccess) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\29.09.2012_17.19.51\zasubsys0000\zafs0000\tsk0006.dta (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\29.09.2012_17.19.51\zasubsys0000\zafs0000\tsk0007.dta (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\TDSSKiller_Quarantine\29.09.2012_17.19.51\zasubsys0000\zafs0000\tsk0008.dta (Rootkit.0Access.64) -> Quarantined and deleted successfully.

(end)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 PM

Posted 29 September 2012 - 08:54 PM

Yep :)

Move to other scans.

#9 celtictrinityknot

celtictrinityknot
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 29 September 2012 - 09:15 PM

links on google seem to be working now


fss
Farbar Service Scanner Version: 19-09-2012
Ran by Noel (administrator) on 29-09-2012 at 22:04:06
Running from "C:\Users\Noel\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


rkill
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/29/2012 10:07:20 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:




autoruns
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "AdobeCS5ServiceManager" "Adobe CS5 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs5servicemanager\cs5servicemanager.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "DivX Download Manager" "DivX Download Manager Service" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ddmservice.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "NUSB3MON" "USB 3.0 Monitor" "NEC Electronics Corporation" "c:\program files (x86)\nec electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
+ "PowerPanel Personal Edition User Interaction" "PowerPanel Personal Edition User Interaction" "Cyber Power Systems, Inc." "c:\program files (x86)\cyberpower powerpanel personal edition\pppeuser.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" "Gmail Notifier" "Google Inc." "c:\program files (x86)\google\gmail notifier\gnotify.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "ColorVisionStartup.lnk" "ColorVisionStartup 1.2-1" "Datacolor" "c:\program files (x86)\colorvision\colorvisionstartup\colorvisionstartup.exe"
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\ssscheduler.exe"
"C:\Users\Noel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.3.lnk" "" "" "c:\program files (x86)\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Akamai NetSession Interface" "Akamai NetSession Client" "Akamai Technologies, Inc." "c:\users\noel\appdata\local\akamai\netsession_win.exe"
+ "CrossRiderPlugin" "Crossrider Helper" "Crossrider" "c:\program files (x86)\crossriderwebapps\crossrider.exe"
+ "EPSON NX300 Series" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\x64\3\e_iatieja.exe"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CrossRider" "Crossrider BHO" "" "c:\program files (x86)\crossriderwebapps\crossrider.dll"
+ "DivX HiQ" "DivX Web Player version 2.1.0.900" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\npdivx32.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Web Player version 2.1.0.900" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\npdivx32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
"Task Scheduler" "" "" ""
+ "\AdobeAAMUpdater-1.0-Noel-PC-Noel" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Norton Security Scan for Noel" "Norton Security Scan" "Symantec Corporation" "c:\program files (x86)\norton security scan\engine\2.7.3.34\nss.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Akamai" "Provides networking protocol and file transfer technologies. If the service is stopped, those applications that depend on the service may fail to transfer files or otherwise function properly." "Akamai Technologies, Inc." "c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AODService" "AOD assistant service" "" "c:\program files (x86)\amd\overdrive\aodassist.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "EPSON_EB_RPCV4_01" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\programdata\epson\epw!3 ssrp\e_s40stb.exe"
+ "EPSON_PM_RPCV4_01" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\programdata\epson\epw!3 ssrp\e_s40rpb.exe"
+ "EpsonBidirectionalService" "eEBAPI Core Process module" "SEIKO EPSON CORPORATION" "c:\program files (x86)\common files\epson\ebapi\eebsvc.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Macrovision Europe Ltd." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\mcchsvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ppped" "PowerPanel Personal Edition Service minitor the battery backup activity and take protect while power." "Cyber Power Systems, Inc." "c:\program files (x86)\cyberpower powerpanel personal edition\ppped.exe"
+ "ptumlcmsvc" "PANTECH UML290 Connection Manager Service" "DEVGURU Co., LTD" "c:\windows\system32\ptumlcmsvc64.exe"
+ "Realtek11nSU" "RtlService MFC Application" "Realtek" "c:\program files (x86)\realtek\11n usb wireless lan utility\rtlservice.exe"
+ "SwitchBoard" "Adobe SwitchBoard" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adfs" "Adobe Drive File System Driver" "Adobe Systems, Inc." "c:\windows\system32\drivers\adfs.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "gdrv" "" "" "File not found: C:\Windows\gdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "NEC Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "NEC Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "NWADI" "NWADI Interface Bus Enumerator" "Novatel Wireless Inc" "c:\windows\system32\drivers\nwadienum.sys"
+ "NWUSBCDFIL64" "Novatel Wireless USB CD Filter Driver" "Novatel Wireless Inc." "c:\windows\system32\drivers\nwusbcdfil64.sys"
+ "NWUSBModem" "Novatel Wireless USB Modem/Serial Device Driver" "Novatel Wireless Inc." "c:\windows\system32\drivers\nwusbmdm.sys"
+ "NWUSBPort" "Novatel Wireless USB Modem/Serial Device Driver" "Novatel Wireless Inc." "c:\windows\system32\drivers\nwusbser.sys"
+ "NWUSBPort2" "Novatel Wireless USB Modem/Serial Device Driver" "Novatel Wireless Inc." "c:\windows\system32\drivers\nwusbser2.sys"
+ "PTUMLBUS" "USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD." "c:\windows\system32\drivers\ptumlbus.sys"
+ "PTUMLCVsp" "PANTECH UML290 Connection Manager Port device driver" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ptumlcvsp.sys"
+ "PTUMLMdm" "PANTECH UML290 Driver" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ptumlmdm.sys"
+ "PTUMLNET61" "PANTECH UML290 WWAN device driver (NDIS6.1)" "DEVGURU Co., LTD." "c:\windows\system32\drivers\ptumlnet61.sys"
+ "PTUMLNVsp" "PANTECH UML290 NMEA Port device driver" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ptumlnvsp.sys"
+ "PTUMLRMNET" "PANTECH UML290 RMNET Service Device Driver" "DEVGURU Co., LTD." "c:\windows\system32\drivers\ptumlrmnet.sys"
+ "PTUMLVsp" "PANTECH UML290 Diagnostic Port device driver" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ptumlvsp.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTHDMIAzAudService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rthdmivx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "RTL8192su" "Realtek RTL8192S USB NDIS Driver" "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtl8192su.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "Spyder2" "Spyder2 USB Driver 1.0-3" "" "c:\windows\system32\drivers\spyder2.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "DivX AAC Decoder" "AAC Audio Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "DivX MKV Demux" "DivX MKV Splitter" "" "c:\program files (x86)\divx\divx plus directshow filters\dmfsource.ax"
+ "DivX MKV Demux (unrestricted)" "DivX MKV Splitter" "" "c:\program files (x86)\divx\divx plus directshow filters\dmfsource.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Epson Inbox Language Monitor01" "Epson Printer Driver" "SEIKO EPSON CORPORATION" "c:\windows\system32\ep0slm01.dll"
+ "EPSON NX300 Series 64MonitorBA" "EPSON Bi-directional Monitor AMD64" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_ilmeja.dll"
+ "EPSON Stylus Pro 3800 64MonitorDE" "EPSON Bi-directional Monitor" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_ilmdae.dll"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 PM

Posted 29 September 2012 - 09:25 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#11 celtictrinityknot

celtictrinityknot
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 29 September 2012 - 09:38 PM

Remove temporary and junk files

how do I do that?

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 PM

Posted 29 September 2012 - 09:40 PM

Read the instructions given below it :)

#13 celtictrinityknot

celtictrinityknot
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 29 September 2012 - 11:34 PM

Thanks, thought those were two separate instructions. Thank you for all the help.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 PM

Posted 30 September 2012 - 03:51 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users