Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix file. Virus on computer.


  • This topic is locked This topic is locked
23 replies to this topic

#1 chele9

chele9

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:05:56 AM

Posted 16 November 2012 - 06:06 PM

I have a combofix file but I'm not sure what it all means. But I know that something is causing my computer to run really slow and also on occasion maybe turning my ethernet port off and my wifi... Is this even possible? Or am I paranoid?

ComboFix 12-11-14.01 - CK 11/15/2012 11:29:56.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2807.1717 [GMT -5:00]
Running from: c:\users\CK\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-- Previous Run --
.
c:\windows\SysWow64\sfcfiles.dll . . . is missing!!
.
c:\windows\system32\drivers\ipsec.sys . . . is missing!!
.
c:\windows\system32\drivers\psched.sys . . . is missing!!
.
--------
.
.
((((((((((((((((((((((((( Files Created from 2012-10-15 to 2012-11-15 )))))))))))))))))))))))))))))))
.
.
2012-11-15 16:36 . 2012-11-15 16:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-15 08:16 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-15 08:16 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 08:16 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 08:16 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 08:06 . 2012-10-08 11:13 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-15 08:06 . 2012-10-08 11:13 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-15 08:06 . 2012-10-08 07:40 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-15 08:02 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 08:02 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 08:02 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 08:02 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 08:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 08:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 08:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-04 16:07 . 2012-11-04 16:07 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-11-04 16:07 . 2012-11-04 16:07 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-11-04 16:07 . 2012-11-04 16:07 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-11-04 04:58 . 2012-11-04 04:58 -------- d-----w- c:\users\Public\Recorded TV
2012-11-03 13:36 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-03 13:36 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-03 13:36 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-03 13:36 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-03 13:36 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-03 13:36 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-03 13:36 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-03 13:36 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-11-03 13:36 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-03 00:22 . 2012-11-03 00:30 -------- d-----w- c:\users\CK
2012-10-31 18:59 . 2012-10-31 18:59 -------- d-----w- c:\programdata\Ask
2012-10-31 18:58 . 2012-09-25 03:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-28 00:34 . 2012-11-03 03:28 -------- d-----w- c:\program files (x86)\OverDrive Media Console
2012-10-27 17:14 . 2012-08-21 17:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-10-27 17:13 . 2012-11-03 03:28 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-10-27 17:13 . 2012-11-03 03:28 -------- d-----w- c:\program files\iTunes
2012-10-27 17:13 . 2012-11-03 03:28 -------- d-----w- c:\program files\iPod
2012-10-27 17:13 . 2012-11-03 03:28 -------- d-----w- c:\program files (x86)\iTunes
2012-10-27 17:09 . 2012-11-03 03:28 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-10-22 18:02 . 2012-10-22 18:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-15 14:23 . 2012-06-21 08:58 22368 ----a-w- c:\windows\system32\drivers\AFD.SYS
2012-11-15 14:23 . 2009-07-14 00:10 22368 ----a-w- c:\windows\system32\drivers\WS2IFSL.SYS
2012-11-15 08:03 . 2012-06-21 09:32 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-27 04:42 . 2012-09-22 06:37 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-10-27 04:41 . 2012-09-14 14:29 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-10-27 04:41 . 2012-09-14 14:29 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-10-15 08:48 . 2012-10-15 08:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-10-09 04:05 . 2012-09-14 14:29 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-10-09 04:05 . 2012-09-21 11:04 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-10-09 04:04 . 2012-09-21 11:04 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-10-09 04:04 . 2012-09-14 14:29 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-10-08 19:36 . 2012-06-21 14:39 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-08 19:36 . 2012-06-21 14:39 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-05 08:32 . 2012-10-05 08:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2012-10-02 07:30 . 2012-10-02 07:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-09-22 06:36 . 2012-09-22 06:36 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-09-21 07:46 . 2012-09-21 07:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2012-09-21 07:46 . 2012-09-21 07:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys
2012-09-14 19:19 . 2012-10-09 18:09 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-09 18:09 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-14 07:05 . 2012-09-14 07:05 40800 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2012-09-11 21:18 . 2012-07-07 22:36 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-11 21:18 . 2012-07-07 22:36 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-31 18:19 . 2012-10-09 18:10 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-09 18:10 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-09 18:10 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-09 18:10 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-09 18:09 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-09 18:09 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-22 18:12 . 2012-09-12 02:30 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 02:30 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 02:30 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 07:51 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 17:01 . 2012-08-21 17:01 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 17:01 . 2012-08-21 17:01 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-20 18:48 . 2012-10-09 18:10 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-09 18:10 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-09 18:10 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-09 18:10 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-09 18:10 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-09 18:10 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-09 18:10 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-09 18:10 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-09 18:10 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:09 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:09 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-09 18:10 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-09 18:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-09 18:10 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-09 18:10 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-09 18:10 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-09 18:10 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:09 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:09 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-07 3143800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R3 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 19:36]
.
2012-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 09:05]
.
2012-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 09:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-01-29 517176]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 97.81.22.195 71.92.29.130 24.217.201.67
FF - ProfilePath - c:\users\CK\AppData\Roaming\Mozilla\Firefox\Profiles\vawpt9j8.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
.
**************************************************************************
.
Completion time: 2012-11-15 11:44:24 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-15 16:44
.
Pre-Run: 35,487,236,096 bytes free
Post-Run: 35,323,883,520 bytes free
.
- - End Of File - - E6506AA738814E15A73804D603467200

BC AdBot (Login to Remove)

 


#2 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:56 AM

Posted 17 November 2012 - 02:57 PM

Hello chele9, and welcome to the MRT forums! :thumbsup:

My name is bloopie and I'll be helping you with your problems as best I can! :thumbup2:

A few things to keep in mind while we are working together:

  • If you have since resolved the original problem you were having, I would appreciate it if you let me know.
  • If you are unsure about any of the steps just post what you can and I will guide you!
  • Please tell me if you have your original Windows CD/DVD available.
  • Please copy and paste all logs here unless otherwise instructed!
  • Upon completing the steps below I will review your topic an do my best to resolve your issues.

==========

From your log, Combofix did not find three important files:

c:\windows\SysWow64\sfcfiles.dll . . . is missing!!
c:\windows\system32\drivers\ipsec.sys . . . is missing!!
c:\windows\system32\drivers\psched.sys . . . is missing!!


That doesn't necessarily mean that they aren't on the machine, so I'd like to get another log and then run a search to look for the missing files.

Step :step1:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

==========

Step :step2:

Please run Farbar Service Scanner a second time to search.
Type the following in the edit box after "Search:".

sfcfiles.dll
ipsec.sys
psched.sys


Click Search Files button and post the log (FSS.txt) it makes to your reply.

==========

Please be sure to post both FSS logs in your next reply!

bloopie

#3 chele9

chele9
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:05:56 AM

Posted 17 November 2012 - 05:01 PM

Okay, thank you for your help! I ran farbar and this is the first thing I got...

Farbar Service Scanner Version: 09-11-2012
Ran by CK (administrator) on 17-11-2012 at 16:44:45
Running from "C:\Users\CK\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-11-16 04:30] - [2012-10-03 12:56] - 1914248 ____A (Microsoft Corporation) 37608401DFDB388CAF66917F6B2D6FB0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Then I ran the search...


Farbar Service Scanner Version: 09-11-2012
Ran by CK (administrator) on 17-11-2012 at 16:51:32
Windows 7 Home Premium Service Pack 1 (X64)

************************************************
======== Search: "sfcfiles.dllipsec.syspsched.sys" =========

====== End Of Search ======

Also I am not sure if I should mention this or not, but I downloaded and ran a few other programs last night and today to try to help. I got Auslogics Disk defrag, Kingsoft PC Doctor, Avast Antivirus, CCleaner, Glary Utilities, Malwarebytes Anti-Malware, Wise Care 365, Wise Disk Cleaner, Wise Registry Cleaner. All of these are free programs I was reading about last night so I don't know if they are good or not, but I still have the same problem. Thanks, again!

#4 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:56 AM

Posted 17 November 2012 - 05:19 PM

Hi again,

I'm glad to help! :)

Please don't use any registry cleaners as they can do more harm than good. :thumbup2:

You haven't yet responded to this:

Please tell me if you have your original Windows CD/DVD available.


Also, let me know if you have the i386 folder located at C:\WINDOWS\i386

bloopie

#5 chele9

chele9
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:05:56 AM

Posted 17 November 2012 - 05:23 PM

No, I don't have a windows CD or DVD available. I don't have the C:\WINDOWS\i386 folder either. I'm so confused why this would happen because I thought I'd been so careful to not go on sites that might be bad. Thanks, again. Sorry for the late response.

#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:56 AM

Posted 17 November 2012 - 05:28 PM

Hi again,

Let me get back to you either later tonight or tomorrow, as I have somewhere to be tonight.

In the meantime, please delete Combofix from your desktop (via right-click > delete), then download a fresh copy from one of the following links:

Link 1
Link 2

Follow the prompts to run the tool again, then post the new log for me. Thanks!

bloopie

Edited by bloopie, 17 November 2012 - 05:28 PM.


#7 chele9

chele9
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:05:56 AM

Posted 17 November 2012 - 08:48 PM

Okay bloopie. Have a good night. Thanks for your help. Here is the new combofix log for you when you have time. :)

ComboFix 12-11-16.02 - CK 11/17/2012 18:03:12.1.2 - x64
Running from: c:\users\CK\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-10-17 to 2012-11-17 )))))))))))))))))))))))))))))))
.
.
2012-11-17 23:20 . 2012-11-17 23:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-17 15:24 . 2012-11-17 15:33 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2012-11-17 15:11 . 2012-11-17 15:47 -------- d-----w- c:\program files (x86)\Wise
2012-11-17 14:45 . 2012-11-17 20:09 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E111A0A9-8E5A-4EE7-AF93-B94651075A34}\offreg.dll
2012-11-17 14:34 . 2012-10-17 06:31 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E111A0A9-8E5A-4EE7-AF93-B94651075A34}\mpengine.dll
2012-11-17 09:33 . 2012-10-30 23:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-11-17 09:33 . 2012-10-30 23:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-11-17 09:32 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-11-17 09:32 . 2012-10-30 23:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-11-17 09:32 . 2012-10-30 23:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-11-17 09:32 . 2012-10-30 23:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-11-17 09:32 . 2012-10-30 23:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-11-17 09:30 . 2012-11-17 09:31 -------- d-----w- c:\program files (x86)\Glary Utilities
2012-11-17 09:28 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2012-11-17 09:28 . 2012-10-30 23:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-11-17 09:27 . 2012-11-17 09:27 -------- d-----w- c:\programdata\AVAST Software
2012-11-17 09:27 . 2012-11-17 09:27 -------- d-----w- c:\program files\AVAST Software
2012-11-17 09:16 . 2012-11-17 09:16 -------- d-----w- c:\programdata\Babylon
2012-11-17 09:08 . 2012-11-17 09:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-17 09:08 . 2012-09-30 00:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-17 08:58 . 2012-11-17 08:58 -------- d-----w- c:\programdata\KSafe
2012-11-17 08:58 . 2012-11-17 08:58 -------- d-----w- C:\KSafeRecycle
2012-11-17 08:58 . 2012-11-17 09:01 -------- d-----w- c:\programdata\Kingsoft
2012-11-17 08:57 . 2012-11-17 08:57 -------- d-----w- c:\program files (x86)\Kingsoft
2012-11-17 08:20 . 2012-11-17 08:20 -------- d-----w- c:\program files (x86)\Auslogics
2012-11-17 07:24 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-11-17 07:24 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-11-17 07:24 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-17 07:24 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-17 07:24 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-11-17 07:22 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-17 07:22 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-17 02:54 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-17 02:54 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-17 02:54 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-17 02:54 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-17 02:31 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-17 02:31 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-17 02:31 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-17 02:31 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-17 02:31 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-17 02:31 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-17 01:43 . 2012-11-17 01:44 -------- d-----w- c:\program files\CCleaner
2012-11-16 23:45 . 2012-11-16 23:45 -------- d-----w- c:\programdata\Malwarebytes
2012-11-16 09:30 . 2012-10-03 17:56 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-16 09:30 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-16 09:30 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-16 09:30 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-16 09:30 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-16 09:30 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-11-16 09:30 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-16 09:30 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-11-16 09:30 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-11-16 09:30 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-11-16 09:30 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-16 09:30 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2012-11-16 08:56 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 01:35 . 2012-11-16 01:35 -------- d-----w- C:\75700625ca394fc6f5575117e053
2012-11-04 04:58 . 2012-11-04 04:58 -------- d-----w- c:\users\Public\Recorded TV
2012-11-03 00:22 . 2012-11-17 09:13 -------- d-----w- c:\users\CK
2012-10-31 18:59 . 2012-10-31 18:59 -------- d-----w- c:\programdata\Ask
2012-10-31 18:58 . 2012-09-25 03:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-28 03:01 . 2012-11-16 10:01 -------- d-----w- c:\users\Public\ged
2012-10-28 00:34 . 2012-11-16 10:01 -------- d-----w- c:\program files (x86)\OverDrive Media Console
2012-10-27 17:13 . 2012-11-17 02:03 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-17 15:22 . 2012-06-21 14:39 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-17 15:22 . 2012-06-21 14:39 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-17 02:33 . 2012-06-21 09:32 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-16 19:11 . 2012-09-14 14:29 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-11-16 19:10 . 2012-09-21 11:04 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-11-16 19:10 . 2012-09-21 11:04 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-11-16 19:10 . 2012-09-22 06:36 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-10-27 04:42 . 2012-09-22 06:37 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-10-27 04:41 . 2012-09-14 14:29 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-10-27 04:41 . 2012-09-14 14:29 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-10-09 04:04 . 2012-09-14 14:29 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-14 19:19 . 2012-10-09 18:09 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-09 18:09 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-11 21:18 . 2012-07-07 22:36 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-11 21:18 . 2012-07-07 22:36 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-31 18:19 . 2012-10-09 18:10 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-09 18:10 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-09 18:10 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-09 18:10 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-09 18:09 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 18:05 . 2012-10-09 18:09 220160 ----a-w- c:\windows\system32\wintrust(293).dll
2012-08-24 16:57 . 2012-10-09 18:09 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 16:57 . 2012-10-09 18:09 172544 ----a-w- c:\windows\SysWow64\wintrust(308).dll
2012-08-24 10:22 . 2012-09-22 14:42 1346048 ----a-w- c:\windows\system32\urlmon(286).dll
2012-08-24 10:21 . 2012-09-22 14:42 1392128 ----a-w- c:\windows\system32\wininet(290).dll
2012-08-24 10:12 . 2012-09-22 14:42 2144768 ----a-w- c:\windows\system32\iertutil(263).dll
2012-08-24 06:51 . 2012-09-22 14:42 1103872 ----a-w- c:\windows\SysWow64\urlmon(305).dll
2012-08-24 06:51 . 2012-09-22 14:42 1129472 ----a-w- c:\windows\SysWow64\wininet(307).dll
2012-08-24 06:44 . 2012-09-22 14:42 1793024 ----a-w- c:\windows\SysWow64\iertutil(301).dll
2012-08-22 18:12 . 2012-09-12 02:30 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 02:30 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 02:30 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 07:51 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 18:48 . 2012-10-09 18:10 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-09 18:10 243200 ----a-w- c:\windows\system32\wow64(295).dll
2012-08-20 18:48 . 2012-10-09 18:10 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-09 18:10 362496 ----a-w- c:\windows\system32\wow64win(297).dll
2012-08-20 18:48 . 2012-10-09 18:10 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-09 18:10 13312 ----a-w- c:\windows\system32\wow64cpu(296).dll
2012-08-20 18:48 . 2012-10-09 18:10 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-09 18:10 215040 ----a-w- c:\windows\system32\winsrv(292).dll
2012-08-20 18:48 . 2012-10-09 18:10 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-09 18:10 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-09 18:10 424448 ----a-w- c:\windows\system32\KernelBase(267).dll
2012-08-20 18:48 . 2012-10-09 18:10 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:48 . 2012-10-09 18:10 1162240 ----a-w- c:\windows\system32\kernel32(266).dll
2012-08-20 18:46 . 2012-10-09 18:10 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-09 18:10 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:09 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-09 18:09 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-09 18:10 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-09 18:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-09 18:10 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-09 18:10 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-09 18:10 1114112 ----a-w- c:\windows\SysWow64\kernel32(302).dll
2012-08-20 17:37 . 2012-10-09 18:10 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:37 . 2012-10-09 18:10 274944 ----a-w- c:\windows\SysWow64\KernelBase(303).dll
2012-08-20 17:32 . 2012-10-09 18:10 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-09 18:10 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [2012-07-17 580648]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 36328]
R3 KSafeSvc;KSafe service;c:\program files (x86)\Kingsoft\PCDoctor\KSafeSvc.exe [2012-04-10 290720]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-09 239136]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-21 1255736]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 kmodurl;kmodurl;c:\program files (x86)\Kingsoft\PCDoctor\kmodurl64.sys [2011-12-20 133096]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-15 202752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 35008]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1103904]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 15:22]
.
2012-11-17 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2012-11-17 17:45]
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 09:05]
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 09:05]
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2322471880-4145311734-2804448420-1001Core.job
- c:\users\Chele\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-21 09:01]
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2322471880-4145311734-2804448420-1001UA.job
- c:\users\Chele\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-21 09:01]
.
2012-11-17 c:\windows\Tasks\Wise Care 365.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTray.exe [2012-11-17 22:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-10-25 19:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-01-29 517176]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.claro-search.com/?affID=116695&tt=4612_5&babsrc=HP_ss&mntrId=3aafdc5400000000000070f1a1fb71da
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 97.81.22.195 71.92.29.130 24.217.201.67
FF - ProfilePath - c:\users\CK\AppData\Roaming\Mozilla\Firefox\Profiles\vawpt9j8.default\
FF - ExtSQL: 2012-11-17 04:47; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: extensions.claro.tlbrSrchUrl -
FF - user.js: extensions.claro.id - 3aafdc5400000000000070f1a1fb71da
FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}
FF - user.js: extensions.claro.instlDay - 15661
FF - user.js: extensions.claro.vrsn - 1.8.3.10
FF - user.js: extensions.claro.vrsni - 1.8.3.10
FF - user.js: extensions.claro_i.vrsnTs - 1.8.3.104:16
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - base
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-17 18:43:39
ComboFix-quarantined-files.txt 2012-11-17 23:43
ComboFix2.txt 2012-11-15 16:44
.
Pre-Run: 39,505,436,672 bytes free
Post-Run: 39,425,056,768 bytes free
.
- - End Of File - - 38B580F956C9BF21560429D48D9DC392

#8 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:56 AM

Posted 17 November 2012 - 09:14 PM

Hi again,

That's interesting...the last combofix log doesn't show those files still missing, and it also now shows it's the first time you're running the tool (your first post showed you ran the tool 3 times past).

Let's run these next:

Step :step1:

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note*** If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents in your next reply.

==========

Step :step2:

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

==========

In your next reply, please include the following:

  • The TDSSKiller log
  • The aswMBR log
  • How is the computer running now?
bloopie

#9 chele9

chele9
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:05:56 AM

Posted 18 November 2012 - 08:54 AM

Here is the TDSS log.

21:18:12.0624 4684 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:18:14.0628 4684 ============================================================
21:18:14.0628 4684 Current date / time: 2012/11/17 21:18:14.0628
21:18:14.0628 4684 SystemInfo:
21:18:14.0628 4684
21:18:14.0628 4684 OS Version: 6.1.7601 ServicePack: 1.0
21:18:14.0628 4684 Product type: Workstation
21:18:14.0629 4684 ComputerName: CHELE-PC
21:18:14.0630 4684 UserName: CK
21:18:14.0630 4684 Windows directory: C:\windows
21:18:14.0630 4684 System windows directory: C:\windows
21:18:14.0631 4684 Running under WOW64
21:18:14.0631 4684 Processor architecture: Intel x64
21:18:14.0631 4684 Number of processors: 2
21:18:14.0631 4684 Page size: 0x1000
21:18:14.0631 4684 Boot type: Normal boot
21:18:14.0631 4684 ============================================================
21:18:16.0465 4684 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:18:16.0520 4684 ============================================================
21:18:16.0520 4684 \Device\Harddisk0\DR0:
21:18:16.0532 4684 MBR partitions:
21:18:16.0532 4684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BAB2800
21:18:16.0532 4684 ============================================================
21:18:16.0591 4684 C: <-> \Device\Harddisk0\DR0\Partition1
21:18:16.0591 4684 ============================================================
21:18:16.0591 4684 Initialize success
21:18:16.0591 4684 ============================================================
21:19:12.0519 4888 ============================================================
21:19:12.0519 4888 Scan started
21:19:12.0519 4888 Mode: Manual; SigCheck; TDLFS;
21:19:12.0519 4888 ============================================================
21:19:12.0706 4888 ================ Scan system memory ========================
21:19:12.0706 4888 System memory - ok
21:19:12.0706 4888 ================ Scan services =============================
21:19:12.0862 4888 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:19:12.0971 4888 1394ohci - ok
21:19:12.0987 4888 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:19:13.0018 4888 ACPI - ok
21:19:13.0049 4888 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:19:13.0096 4888 AcpiPmi - ok
21:19:13.0221 4888 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:19:13.0236 4888 AdobeARMservice - ok
21:19:13.0361 4888 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:19:13.0424 4888 AdobeFlashPlayerUpdateSvc - ok
21:19:13.0517 4888 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
21:19:13.0548 4888 adp94xx - ok
21:19:13.0595 4888 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
21:19:13.0626 4888 adpahci - ok
21:19:13.0658 4888 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
21:19:13.0689 4888 adpu320 - ok
21:19:13.0720 4888 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:19:13.0782 4888 AeLookupSvc - ok
21:19:13.0829 4888 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
21:19:13.0876 4888 AFD - ok
21:19:13.0923 4888 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:19:13.0938 4888 agp440 - ok
21:19:13.0985 4888 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:19:14.0016 4888 ALG - ok
21:19:14.0063 4888 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:19:14.0094 4888 aliide - ok
21:19:14.0126 4888 [ 57B773D82E8CC3C6D7E02CC8A6632043 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
21:19:14.0172 4888 AMD External Events Utility - ok
21:19:14.0188 4888 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:19:14.0204 4888 amdide - ok
21:19:14.0250 4888 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
21:19:14.0297 4888 AmdK8 - ok
21:19:14.0484 4888 [ AEFAF27F1B7E52C705DF4FB6C96732F6 ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys
21:23:48.0637 4888 amdkmdag - ok
21:23:57.0716 4888 [ 8149DB73BE27950EC72767A1193153A6 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
21:24:08.0761 4888 amdkmdap - ok
21:24:09.0977 4888 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
21:24:15.0219 4888 AmdPPM - ok
21:24:16.0155 4888 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:24:17.0731 4888 amdsata - ok
21:24:17.0965 4888 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
21:24:19.0384 4888 amdsbs - ok
21:24:20.0008 4888 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
21:24:20.0851 4888 amdxata - ok
21:24:21.0459 4888 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\windows\system32\Drivers\ssadadb.sys
21:24:38.0116 4888 androidusb - ok
21:24:38.0600 4888 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:24:50.0050 4888 AppID - ok
21:24:56.0852 4888 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:25:12.0828 4888 AppIDSvc - ok
21:25:13.0764 4888 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
21:25:14.0248 4888 Appinfo - ok
21:25:15.0121 4888 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
21:25:15.0823 4888 arc - ok
21:25:16.0229 4888 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
21:25:16.0993 4888 arcsas - ok
21:25:17.0960 4888 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
21:25:18.0475 4888 aswFsBlk - ok
21:25:19.0115 4888 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
21:25:19.0489 4888 aswMonFlt - ok
21:25:20.0753 4888 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
21:25:21.0236 4888 aswRdr - ok
21:25:23.0994 4888 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
21:25:24.0486 4888 aswSnx - ok
21:25:24.0923 4888 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
21:25:25.0094 4888 aswSP - ok
21:25:25.0703 4888 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
21:25:26.0202 4888 aswTdi - ok
21:25:26.0561 4888 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:25:27.0091 4888 AsyncMac - ok
21:25:27.0263 4888 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:25:27.0824 4888 atapi - ok
21:25:28.0651 4888 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
21:25:29.0556 4888 AtiPcie - ok
21:25:30.0445 4888 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:25:31.0100 4888 AudioEndpointBuilder - ok
21:25:32.0005 4888 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:25:32.0255 4888 AudioSrv - ok
21:25:33.0734 4888 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:25:34.0495 4888 avast! Antivirus - ok
21:25:35.0188 4888 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:25:36.0960 4888 AxInstSV - ok
21:25:37.0386 4888 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
21:25:38.0192 4888 b06bdrv - ok
21:25:38.0675 4888 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:25:39.0204 4888 b57nd60a - ok
21:25:39.0392 4888 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:25:40.0369 4888 BDESVC - ok
21:25:40.0712 4888 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:25:41.0102 4888 Beep - ok
21:25:41.0992 4888 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
21:25:42.0319 4888 BFE - ok
21:25:43.0037 4888 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
21:25:47.0413 4888 BITS - ok
21:25:47.0514 4888 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:25:47.0885 4888 blbdrive - ok
21:25:48.0177 4888 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:25:48.0812 4888 bowser - ok
21:25:48.0926 4888 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
21:25:50.0253 4888 BrFiltLo - ok
21:25:50.0359 4888 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
21:25:50.0481 4888 BrFiltUp - ok
21:25:51.0464 4888 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
21:25:51.0636 4888 BridgeMP - ok
21:25:51.0807 4888 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
21:25:52.0151 4888 Browser - ok
21:25:52.0244 4888 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:25:52.0572 4888 Brserid - ok
21:25:52.0634 4888 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:25:52.0775 4888 BrSerWdm - ok
21:25:52.0821 4888 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:25:52.0962 4888 BrUsbMdm - ok
21:25:53.0009 4888 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:25:53.0204 4888 BrUsbSer - ok
21:25:53.0284 4888 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
21:25:53.0359 4888 BTHMODEM - ok
21:25:53.0508 4888 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:25:53.0874 4888 bthserv - ok
21:25:53.0940 4888 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:25:54.0087 4888 cdfs - ok
21:25:54.0245 4888 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
21:25:54.0417 4888 cdrom - ok
21:25:54.0579 4888 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:25:54.0761 4888 CertPropSvc - ok
21:25:54.0949 4888 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
21:25:55.0089 4888 circlass - ok
21:25:55.0323 4888 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:25:55.0448 4888 CLFS - ok
21:25:56.0243 4888 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:25:56.0945 4888 clr_optimization_v2.0.50727_32 - ok
21:25:57.0944 4888 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:25:58.0365 4888 clr_optimization_v2.0.50727_64 - ok
21:25:59.0151 4888 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:25:59.0985 4888 clr_optimization_v4.0.30319_32 - ok
21:26:00.0740 4888 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:26:00.0938 4888 clr_optimization_v4.0.30319_64 - ok
21:26:01.0004 4888 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:26:01.0150 4888 CmBatt - ok
21:26:01.0274 4888 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:26:01.0420 4888 cmdide - ok
21:26:01.0825 4888 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
21:26:02.0287 4888 CNG - ok
21:26:02.0709 4888 [ E10C47A06EFDCD635940B6849F3654B4 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
21:26:02.0865 4888 CnxtHdAudService - ok
21:26:03.0005 4888 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
21:26:03.0083 4888 Compbatt - ok
21:26:03.0192 4888 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
21:26:03.0955 4888 CompositeBus - ok
21:26:03.0989 4888 COMSysApp - ok
21:26:04.0065 4888 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
21:26:04.0118 4888 crcdisk - ok
21:26:04.0230 4888 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
21:26:04.0605 4888 CryptSvc - ok
21:26:04.0812 4888 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:26:05.0143 4888 DcomLaunch - ok
21:26:05.0269 4888 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:26:05.0363 4888 defragsvc - ok
21:26:05.0425 4888 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:26:05.0722 4888 DfsC - ok
21:26:05.0893 4888 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:26:06.0314 4888 Dhcp - ok
21:26:06.0361 4888 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:26:06.0533 4888 discache - ok
21:26:06.0736 4888 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
21:26:06.0798 4888 Disk - ok
21:26:06.0907 4888 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:26:07.0219 4888 Dnscache - ok
21:26:07.0328 4888 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:26:07.0562 4888 dot3svc - ok
21:26:07.0656 4888 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:26:07.0812 4888 DPS - ok
21:26:07.0968 4888 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:26:08.0077 4888 drmkaud - ok
21:26:08.0498 4888 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:26:08.0779 4888 DXGKrnl - ok
21:26:08.0873 4888 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:26:08.0998 4888 EapHost - ok
21:26:10.0339 4888 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
21:26:10.0604 4888 ebdrv - ok
21:26:10.0729 4888 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
21:26:11.0384 4888 EFS - ok
21:26:12.0055 4888 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:26:12.0882 4888 ehRecvr - ok
21:26:12.0929 4888 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:26:13.0132 4888 ehSched - ok
21:26:13.0397 4888 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
21:26:13.0646 4888 elxstor - ok
21:26:14.0114 4888 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
21:26:14.0676 4888 EPSON_PM_RPCV4_01 - ok
21:26:14.0738 4888 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:26:14.0801 4888 ErrDev - ok
21:26:15.0206 4888 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:26:15.0581 4888 EventSystem - ok
21:26:15.0784 4888 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:26:16.0018 4888 exfat - ok
21:26:16.0189 4888 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:26:16.0314 4888 fastfat - ok
21:26:16.0688 4888 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:26:17.0000 4888 Fax - ok
21:26:17.0063 4888 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
21:26:17.0234 4888 fdc - ok
21:26:17.0381 4888 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:26:17.0602 4888 fdPHost - ok
21:26:17.0635 4888 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:26:17.0754 4888 FDResPub - ok
21:26:17.0800 4888 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:26:17.0835 4888 FileInfo - ok
21:26:17.0946 4888 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:26:18.0175 4888 Filetrace - ok
21:26:18.0245 4888 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
21:26:18.0322 4888 flpydisk - ok
21:26:18.0477 4888 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:26:18.0751 4888 FltMgr - ok
21:26:19.0625 4888 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
21:26:20.0686 4888 FontCache - ok
21:26:21.0107 4888 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:26:21.0388 4888 FontCache3.0.0.0 - ok
21:26:21.0481 4888 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:26:21.0559 4888 FsDepends - ok
21:26:21.0747 4888 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:26:21.0825 4888 Fs_Rec - ok
21:26:22.0137 4888 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:26:22.0230 4888 fvevol - ok
21:26:22.0355 4888 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
21:26:22.0464 4888 gagp30kx - ok
21:26:22.0839 4888 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:26:23.0275 4888 gpsvc - ok
21:26:23.0541 4888 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:26:23.0572 4888 gupdate - ok
21:26:23.0619 4888 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:26:23.0634 4888 gupdatem - ok
21:26:23.0650 4888 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:26:23.0728 4888 hcw85cir - ok
21:26:23.0775 4888 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:26:23.0821 4888 HdAudAddService - ok
21:26:23.0853 4888 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
21:26:23.0993 4888 HDAudBus - ok
21:26:24.0071 4888 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
21:26:24.0227 4888 HidBatt - ok
21:26:24.0274 4888 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
21:26:24.0321 4888 HidBth - ok
21:26:24.0336 4888 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
21:26:24.0414 4888 HidIr - ok
21:26:24.0477 4888 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
21:26:24.0617 4888 hidserv - ok
21:26:24.0742 4888 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
21:26:24.0789 4888 HidUsb - ok
21:26:24.0851 4888 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:26:25.0023 4888 hkmsvc - ok
21:26:25.0116 4888 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:26:25.0366 4888 HomeGroupListener - ok
21:26:25.0475 4888 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:26:25.0682 4888 HomeGroupProvider - ok
21:26:25.0883 4888 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:26:25.0998 4888 HpSAMD - ok
21:26:26.0229 4888 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:26:26.0463 4888 HTTP - ok
21:26:26.0503 4888 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:26:26.0618 4888 hwpolicy - ok
21:26:26.0728 4888 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
21:26:26.0774 4888 i8042prt - ok
21:26:26.0993 4888 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:26:27.0086 4888 iaStorV - ok
21:26:27.0461 4888 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:26:27.0742 4888 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:26:27.0866 4888 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:26:28.0366 4888 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:26:28.0459 4888 idsvc - ok
21:26:28.0615 4888 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
21:26:28.0678 4888 iirsp - ok
21:26:28.0802 4888 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
21:26:28.0927 4888 IKEEXT - ok
21:26:28.0958 4888 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:26:28.0990 4888 intelide - ok
21:26:29.0083 4888 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:26:29.0208 4888 intelppm - ok
21:26:29.0286 4888 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:26:29.0395 4888 IPBusEnum - ok
21:26:29.0442 4888 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:26:29.0520 4888 IpFilterDriver - ok
21:26:29.0629 4888 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:26:29.0770 4888 iphlpsvc - ok
21:26:29.0816 4888 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:26:29.0879 4888 IPMIDRV - ok
21:26:29.0926 4888 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:26:30.0019 4888 IPNAT - ok
21:26:30.0082 4888 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:26:30.0316 4888 IRENUM - ok
21:26:30.0347 4888 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:26:30.0362 4888 isapnp - ok
21:26:30.0425 4888 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:26:30.0456 4888 iScsiPrt - ok
21:26:30.0503 4888 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:26:30.0612 4888 kbdclass - ok
21:26:30.0690 4888 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
21:26:30.0768 4888 kbdhid - ok
21:26:30.0830 4888 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
21:26:30.0893 4888 KeyIso - ok
21:26:31.0220 4888 [ 5D5017ACEBE26E166EA64D143F3EE3B8 ] kmodurl C:\Program files (x86)\Kingsoft\PCDoctor\kmodurl64.sys
21:26:31.0470 4888 kmodurl - ok
21:26:31.0766 4888 [ C32D068757D4AD6E4781A78CFFD883E5 ] KSafeSvc C:\Program files (x86)\Kingsoft\PCDoctor\KSafeSvc.exe
21:26:31.0813 4888 KSafeSvc - ok
21:26:31.0844 4888 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:26:31.0891 4888 KSecDD - ok
21:26:31.0954 4888 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:26:32.0032 4888 KSecPkg - ok
21:26:32.0063 4888 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:26:32.0250 4888 ksthunk - ok
21:26:32.0281 4888 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:26:32.0359 4888 KtmRm - ok
21:26:32.0437 4888 [ 655A5D8E80869781CCE23760ADA7E695 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
21:26:32.0484 4888 L1C - ok
21:26:32.0578 4888 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
21:26:33.0077 4888 LanmanServer - ok
21:26:33.0186 4888 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:26:33.0704 4888 LanmanWorkstation - ok
21:26:33.0821 4888 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:26:33.0954 4888 lltdio - ok
21:26:34.0084 4888 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:26:34.0204 4888 lltdsvc - ok
21:26:34.0231 4888 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:26:34.0314 4888 lmhosts - ok
21:26:34.0403 4888 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
21:26:34.0467 4888 LSI_FC - ok
21:26:34.0704 4888 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
21:26:34.0766 4888 LSI_SAS - ok
21:26:34.0907 4888 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
21:26:35.0038 4888 LSI_SAS2 - ok
21:26:35.0111 4888 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
21:26:35.0140 4888 LSI_SCSI - ok
21:26:35.0176 4888 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:26:35.0274 4888 luafv - ok
21:26:35.0373 4888 [ 07389F6925E490D2DB7882110E99921C ] lvpepf64 C:\windows\system32\DRIVERS\lv302a64.sys
21:26:35.0431 4888 lvpepf64 - ok
21:26:35.0857 4888 [ 7F0BA3A6E8996F15693C6B7D81DA049E ] LVRS64 C:\windows\system32\DRIVERS\lvrs64.sys
21:26:35.0938 4888 LVRS64 - ok
21:26:35.0994 4888 [ 5C3FF68267A5D242EE79EE01B993D6CE ] LVUSBS64 C:\windows\system32\drivers\LVUSBS64.sys
21:26:36.0087 4888 LVUSBS64 - ok
21:26:36.0150 4888 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:26:36.0259 4888 Mcx2Svc - ok
21:26:36.0415 4888 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
21:26:36.0493 4888 megasas - ok
21:26:36.0743 4888 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
21:26:36.0774 4888 MegaSR - ok
21:26:36.0992 4888 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:26:37.0304 4888 MMCSS - ok
21:26:37.0367 4888 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:26:37.0538 4888 Modem - ok
21:26:37.0601 4888 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:26:37.0679 4888 monitor - ok
21:26:37.0741 4888 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:26:37.0772 4888 mouclass - ok
21:26:37.0928 4888 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:26:38.0053 4888 mouhid - ok
21:26:38.0209 4888 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:26:38.0303 4888 mountmgr - ok
21:26:38.0615 4888 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:26:38.0739 4888 MozillaMaintenance - ok
21:26:38.0786 4888 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:26:38.0833 4888 mpio - ok
21:26:38.0880 4888 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:26:39.0005 4888 mpsdrv - ok
21:26:39.0285 4888 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
21:26:39.0535 4888 MpsSvc - ok
21:26:39.0675 4888 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:26:39.0785 4888 MRxDAV - ok
21:26:39.0863 4888 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:26:40.0019 4888 mrxsmb - ok
21:26:40.0081 4888 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:26:40.0175 4888 mrxsmb10 - ok
21:26:40.0190 4888 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:26:40.0237 4888 mrxsmb20 - ok
21:26:40.0268 4888 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
21:26:40.0315 4888 msahci - ok
21:26:40.0424 4888 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:26:40.0502 4888 msdsm - ok
21:26:40.0565 4888 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:26:40.0736 4888 MSDTC - ok
21:26:40.0783 4888 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:26:40.0892 4888 Msfs - ok
21:26:40.0986 4888 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:26:41.0079 4888 mshidkmdf - ok
21:26:41.0126 4888 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:26:41.0173 4888 msisadrv - ok
21:26:41.0220 4888 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:26:41.0313 4888 MSiSCSI - ok
21:26:41.0329 4888 msiserver - ok
21:26:41.0454 4888 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:26:41.0547 4888 MSKSSRV - ok
21:26:41.0594 4888 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:26:41.0735 4888 MSPCLOCK - ok
21:26:41.0797 4888 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:26:41.0875 4888 MSPQM - ok
21:26:42.0171 4888 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:26:42.0327 4888 MsRPC - ok
21:26:42.0468 4888 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
21:26:42.0530 4888 mssmbios - ok
21:26:42.0608 4888 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:26:42.0702 4888 MSTEE - ok
21:26:42.0764 4888 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
21:26:42.0827 4888 MTConfig - ok
21:26:42.0920 4888 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:26:43.0014 4888 Mup - ok
21:26:43.0232 4888 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:26:43.0419 4888 napagent - ok
21:26:43.0685 4888 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:26:43.0809 4888 NativeWifiP - ok
21:26:44.0433 4888 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
21:26:44.0589 4888 NDIS - ok
21:26:44.0777 4888 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:26:44.0979 4888 NdisCap - ok
21:26:45.0057 4888 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:26:45.0120 4888 NdisTapi - ok
21:26:45.0338 4888 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:26:45.0447 4888 Ndisuio - ok
21:26:45.0588 4888 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:26:45.0666 4888 NdisWan - ok
21:26:45.0728 4888 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:26:45.0853 4888 NDProxy - ok
21:26:45.0900 4888 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:26:46.0056 4888 NetBIOS - ok
21:26:46.0212 4888 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:26:46.0321 4888 NetBT - ok
21:26:46.0368 4888 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
21:26:46.0430 4888 Netlogon - ok
21:26:46.0571 4888 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:26:46.0727 4888 Netman - ok
21:26:46.0867 4888 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:26:47.0007 4888 netprofm - ok
21:26:47.0085 4888 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:26:47.0163 4888 NetTcpPortSharing - ok
21:26:47.0273 4888 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
21:26:47.0382 4888 nfrd960 - ok
21:26:47.0616 4888 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
21:26:47.0772 4888 NlaSvc - ok
21:26:47.0881 4888 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:26:47.0959 4888 Npfs - ok
21:26:48.0084 4888 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:26:48.0255 4888 nsi - ok
21:26:48.0302 4888 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:26:48.0411 4888 nsiproxy - ok
21:26:48.0895 4888 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:26:49.0067 4888 Ntfs - ok
21:26:49.0145 4888 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:26:49.0316 4888 Null - ok
21:26:49.0425 4888 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
21:26:49.0628 4888 nvraid - ok
21:26:49.0706 4888 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
21:26:49.0784 4888 nvstor - ok
21:26:49.0831 4888 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:26:49.0893 4888 nv_agp - ok
21:26:49.0940 4888 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:26:50.0034 4888 ohci1394 - ok
21:26:50.0361 4888 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:26:50.0595 4888 ose - ok
21:26:54.0676 4888 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:26:54.0988 4888 osppsvc - ok
21:26:55.0176 4888 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:26:55.0378 4888 p2pimsvc - ok
21:26:55.0503 4888 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:26:55.0581 4888 p2psvc - ok
21:26:55.0659 4888 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
21:26:55.0706 4888 Parport - ok
21:26:55.0768 4888 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
21:26:55.0800 4888 partmgr - ok
21:26:55.0878 4888 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:26:55.0956 4888 PcaSvc - ok
21:26:56.0096 4888 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:26:56.0205 4888 pci - ok
21:26:56.0283 4888 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
21:26:56.0361 4888 pciide - ok
21:26:56.0439 4888 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
21:26:56.0502 4888 pcmcia - ok
21:26:56.0611 4888 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:26:56.0658 4888 pcw - ok
21:26:56.0782 4888 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:26:56.0907 4888 PEAUTH - ok
21:26:58.0312 4888 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:26:58.0374 4888 PerfHost - ok
21:26:58.0421 4888 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
21:26:58.0452 4888 PGEffect - ok
21:26:58.0920 4888 [ 087A343DFC337F37723DD7912DE6B6CD ] PID_PEPI C:\windows\system32\DRIVERS\LV302V64.SYS
21:26:59.0123 4888 PID_PEPI - ok
21:26:59.0435 4888 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:26:59.0731 4888 pla - ok
21:27:00.0028 4888 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:27:00.0246 4888 PlugPlay - ok
21:27:00.0293 4888 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:27:00.0355 4888 PNRPAutoReg - ok
21:27:00.0371 4888 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:27:00.0402 4888 PNRPsvc - ok
21:27:00.0465 4888 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:27:00.0589 4888 PolicyAgent - ok
21:27:00.0652 4888 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:27:00.0745 4888 Power - ok
21:27:00.0823 4888 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:27:00.0886 4888 PptpMiniport - ok
21:27:00.0933 4888 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
21:27:00.0979 4888 Processor - ok
21:27:01.0057 4888 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
21:27:01.0229 4888 ProfSvc - ok
21:27:01.0245 4888 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
21:27:01.0276 4888 ProtectedStorage - ok
21:27:01.0323 4888 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:27:01.0369 4888 Psched - ok
21:27:01.0416 4888 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
21:27:01.0447 4888 QIOMem - ok
21:27:01.0603 4888 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
21:27:01.0681 4888 ql2300 - ok
21:27:01.0728 4888 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
21:27:01.0791 4888 ql40xx - ok
21:27:01.0853 4888 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:27:01.0900 4888 QWAVE - ok
21:27:01.0931 4888 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:27:01.0993 4888 QWAVEdrv - ok
21:27:02.0025 4888 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:27:02.0087 4888 RasAcd - ok
21:27:02.0118 4888 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:27:02.0181 4888 RasAgileVpn - ok
21:27:02.0212 4888 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:27:02.0305 4888 RasAuto - ok
21:27:02.0337 4888 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:27:02.0399 4888 Rasl2tp - ok
21:27:02.0446 4888 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:27:02.0508 4888 RasMan - ok
21:27:02.0555 4888 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:27:02.0617 4888 RasPppoe - ok
21:27:02.0680 4888 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:27:02.0727 4888 RasSstp - ok
21:27:02.0867 4888 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:27:02.0961 4888 rdbss - ok
21:27:03.0007 4888 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
21:27:03.0039 4888 rdpbus - ok
21:27:03.0085 4888 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:27:03.0148 4888 RDPCDD - ok
21:27:03.0179 4888 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:27:03.0210 4888 RDPENCDD - ok
21:27:03.0241 4888 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:27:03.0288 4888 RDPREFMP - ok
21:27:03.0413 4888 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:27:03.0507 4888 RDPWD - ok
21:27:03.0569 4888 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:27:03.0585 4888 rdyboost - ok
21:27:03.0616 4888 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:27:03.0678 4888 RemoteAccess - ok
21:27:03.0720 4888 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:27:03.0807 4888 RemoteRegistry - ok
21:27:03.0833 4888 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:27:03.0891 4888 RpcEptMapper - ok
21:27:03.0953 4888 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:27:04.0064 4888 RpcLocator - ok
21:27:04.0148 4888 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
21:27:04.0216 4888 RpcSs - ok
21:27:04.0305 4888 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:27:04.0385 4888 rspndr - ok
21:27:04.0422 4888 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
21:27:04.0448 4888 RSUSBSTOR - ok
21:27:04.0573 4888 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
21:27:04.0654 4888 rtl8192se - ok
21:27:04.0677 4888 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
21:27:04.0696 4888 SamSs - ok
21:27:04.0728 4888 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:27:04.0753 4888 sbp2port - ok
21:27:04.0798 4888 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:27:04.0865 4888 SCardSvr - ok
21:27:04.0904 4888 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:27:04.0954 4888 scfilter - ok
21:27:05.0219 4888 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:27:05.0328 4888 Schedule - ok
21:27:05.0390 4888 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:27:05.0437 4888 SCPolicySvc - ok
21:27:05.0531 4888 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:27:05.0609 4888 SDRSVC - ok
21:27:05.0656 4888 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:27:05.0718 4888 secdrv - ok
21:27:05.0780 4888 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:27:05.0843 4888 seclogon - ok
21:27:05.0874 4888 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
21:27:05.0957 4888 SENS - ok
21:27:06.0012 4888 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:27:06.0149 4888 SensrSvc - ok
21:27:06.0176 4888 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
21:27:06.0208 4888 Serenum - ok
21:27:06.0234 4888 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
21:27:06.0292 4888 Serial - ok
21:27:06.0321 4888 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
21:27:06.0353 4888 sermouse - ok
21:27:06.0396 4888 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:27:06.0473 4888 SessionEnv - ok
21:27:06.0536 4888 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:27:06.0619 4888 sffdisk - ok
21:27:06.0642 4888 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:27:06.0676 4888 sffp_mmc - ok
21:27:06.0697 4888 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:27:06.0717 4888 sffp_sd - ok
21:27:06.0746 4888 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
21:27:06.0780 4888 sfloppy - ok
21:27:06.0925 4888 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:27:07.0008 4888 SharedAccess - ok
21:27:07.0055 4888 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:27:07.0117 4888 ShellHWDetection - ok
21:27:07.0164 4888 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
21:27:07.0179 4888 SiSRaid2 - ok
21:27:07.0226 4888 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
21:27:07.0273 4888 SiSRaid4 - ok
21:27:07.0320 4888 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:27:07.0398 4888 Smb - ok
21:27:07.0460 4888 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:27:07.0507 4888 SNMPTRAP - ok
21:27:07.0554 4888 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:27:07.0569 4888 spldr - ok
21:27:07.0647 4888 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
21:27:07.0725 4888 Spooler - ok
21:27:08.0132 4888 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:27:08.0384 4888 sppsvc - ok
21:27:08.0437 4888 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:27:08.0525 4888 sppuinotify - ok
21:27:08.0563 4888 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
21:27:08.0671 4888 srv - ok
21:27:08.0696 4888 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:27:08.0734 4888 srv2 - ok
21:27:08.0769 4888 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
21:27:08.0806 4888 SrvHsfHDA - ok
21:27:09.0119 4888 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
21:27:09.0228 4888 SrvHsfV92 - ok
21:27:09.0306 4888 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
21:27:09.0384 4888 SrvHsfWinac - ok
21:27:09.0462 4888 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:27:09.0524 4888 srvnet - ok
21:27:09.0587 4888 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\windows\system32\DRIVERS\ssadbus.sys
21:27:09.0633 4888 ssadbus - ok
21:27:09.0665 4888 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\windows\system32\DRIVERS\ssadmdfl.sys
21:27:09.0727 4888 ssadmdfl - ok
21:27:09.0758 4888 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\windows\system32\DRIVERS\ssadmdm.sys
21:27:09.0805 4888 ssadmdm - ok
21:27:09.0836 4888 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\windows\system32\DRIVERS\ssadserd.sys
21:27:09.0899 4888 ssadserd - ok
21:27:09.0914 4888 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:27:10.0012 4888 SSDPSRV - ok
21:27:10.0071 4888 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:27:10.0141 4888 SstpSvc - ok
21:27:10.0188 4888 Steam Client Service - ok
21:27:10.0219 4888 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
21:27:10.0250 4888 stexstor - ok
21:27:10.0304 4888 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:27:10.0355 4888 stisvc - ok
21:27:10.0391 4888 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
21:27:10.0468 4888 swenum - ok
21:27:10.0537 4888 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:27:10.0598 4888 swprv - ok
21:27:10.0681 4888 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:27:10.0702 4888 SynTP - ok
21:27:11.0182 4888 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:27:11.0369 4888 SysMain - ok
21:27:11.0416 4888 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:27:11.0478 4888 TabletInputService - ok
21:27:11.0541 4888 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:27:11.0619 4888 TapiSrv - ok
21:27:11.0650 4888 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:27:11.0697 4888 TBS - ok
21:27:12.0149 4888 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:27:12.0289 4888 Tcpip - ok
21:27:12.0539 4888 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:27:12.0601 4888 TCPIP6 - ok
21:27:12.0664 4888 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:27:12.0726 4888 tcpipreg - ok
21:27:12.0773 4888 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
21:27:12.0789 4888 tdcmdpst - ok
21:27:12.0820 4888 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:27:12.0898 4888 TDPIPE - ok
21:27:12.0929 4888 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:27:12.0960 4888 TDTCP - ok
21:27:12.0991 4888 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:27:13.0069 4888 tdx - ok
21:27:13.0085 4888 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
21:27:13.0116 4888 TermDD - ok
21:27:13.0335 4888 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:27:13.0491 4888 TermService - ok
21:27:13.0553 4888 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:27:13.0615 4888 Themes - ok
21:27:13.0631 4888 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:27:13.0678 4888 THREADORDER - ok
21:27:13.0865 4888 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:27:13.0927 4888 TMachInfo - ok
21:27:13.0990 4888 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
21:27:14.0021 4888 TODDSrv - ok
21:27:14.0099 4888 [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
21:27:14.0161 4888 TosCoSrv - ok
21:27:14.0255 4888 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
21:27:14.0286 4888 TOSHIBA HDD SSD Alert Service - ok
21:27:14.0317 4888 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:27:14.0380 4888 TrkWks - ok
21:27:14.0489 4888 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:27:14.0598 4888 TrustedInstaller - ok
21:27:14.0676 4888 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:27:14.0770 4888 tssecsrv - ok
21:27:14.0879 4888 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:27:14.0988 4888 TsUsbFlt - ok
21:27:15.0035 4888 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:27:15.0097 4888 tunnel - ok
21:27:15.0175 4888 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:27:15.0191 4888 TVALZ - ok
21:27:15.0222 4888 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
21:27:15.0269 4888 uagp35 - ok
21:27:15.0409 4888 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:27:15.0519 4888 udfs - ok
21:27:15.0565 4888 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:27:15.0643 4888 UI0Detect - ok
21:27:15.0675 4888 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:27:15.0690 4888 uliagpkx - ok
21:27:15.0737 4888 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
21:27:15.0768 4888 umbus - ok
21:27:15.0799 4888 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
21:27:15.0815 4888 UmPass - ok
21:27:15.0877 4888 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:27:15.0971 4888 upnphost - ok
21:27:16.0033 4888 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
21:27:16.0033 4888 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
21:27:16.0033 4888 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
21:27:16.0080 4888 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
21:27:16.0111 4888 usbaudio - ok
21:27:16.0127 4888 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:27:16.0189 4888 usbccgp - ok
21:27:16.0221 4888 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:27:16.0267 4888 usbcir - ok
21:27:16.0283 4888 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:27:16.0299 4888 usbehci - ok
21:27:16.0350 4888 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:27:16.0386 4888 usbhub - ok
21:27:16.0414 4888 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
21:27:16.0450 4888 usbohci - ok
21:27:16.0532 4888 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:27:16.0585 4888 usbprint - ok
21:27:16.0630 4888 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:27:16.0661 4888 usbscan - ok
21:27:16.0691 4888 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:27:16.0776 4888 USBSTOR - ok
21:27:16.0808 4888 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:27:16.0849 4888 usbuhci - ok
21:27:16.0896 4888 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
21:27:16.0933 4888 usbvideo - ok
21:27:16.0959 4888 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:27:17.0051 4888 UxSms - ok
21:27:17.0077 4888 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
21:27:17.0095 4888 VaultSvc - ok
21:27:17.0168 4888 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:27:17.0184 4888 vdrvroot - ok
21:27:17.0324 4888 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:27:17.0432 4888 vds - ok
21:27:17.0495 4888 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:27:17.0526 4888 vga - ok
21:27:17.0557 4888 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:27:17.0635 4888 VgaSave - ok
21:27:17.0682 4888 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:27:17.0697 4888 vhdmp - ok
21:27:17.0760 4888 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:27:17.0822 4888 viaide - ok
21:27:17.0838 4888 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:27:17.0869 4888 volmgr - ok
21:27:17.0900 4888 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:27:17.0931 4888 volmgrx - ok
21:27:18.0025 4888 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
21:27:18.0056 4888 volsnap - ok
21:27:18.0119 4888 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
21:27:18.0134 4888 vsmraid - ok
21:27:18.0243 4888 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:27:18.0368 4888 VSS - ok
21:27:18.0415 4888 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:27:18.0477 4888 vwifibus - ok
21:27:18.0524 4888 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:27:18.0587 4888 vwififlt - ok
21:27:18.0602 4888 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:27:18.0618 4888 vwifimp - ok
21:27:18.0665 4888 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:27:18.0727 4888 W32Time - ok
21:27:18.0821 4888 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
21:27:18.0899 4888 WacomPen - ok
21:27:18.0945 4888 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:27:19.0023 4888 WANARP - ok
21:27:19.0086 4888 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:27:19.0133 4888 Wanarpv6 - ok
21:27:19.0398 4888 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:27:19.0569 4888 WatAdminSvc - ok
21:27:20.0037 4888 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:27:20.0193 4888 wbengine - ok
21:27:20.0240 4888 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:27:20.0303 4888 WbioSrvc - ok
21:27:20.0443 4888 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:27:20.0505 4888 wcncsvc - ok
21:27:20.0552 4888 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:27:20.0771 4888 WcsPlugInService - ok
21:27:20.0802 4888 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
21:27:20.0849 4888 Wd - ok
21:27:21.0067 4888 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:27:21.0161 4888 Wdf01000 - ok
21:27:21.0207 4888 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:27:21.0348 4888 WdiServiceHost - ok
21:27:21.0363 4888 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:27:21.0379 4888 WdiSystemHost - ok
21:27:21.0473 4888 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
21:27:21.0582 4888 WebClient - ok
21:27:21.0629 4888 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:27:21.0722 4888 Wecsvc - ok
21:27:21.0785 4888 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:27:21.0909 4888 wercplsupport - ok
21:27:21.0956 4888 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:27:22.0019 4888 WerSvc - ok
21:27:22.0065 4888 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:27:22.0112 4888 WfpLwf - ok
21:27:22.0143 4888 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:27:22.0206 4888 WIMMount - ok
21:27:22.0237 4888 WinDefend - ok
21:27:22.0253 4888 WinHttpAutoProxySvc - ok
21:27:22.0611 4888 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:27:22.0752 4888 Winmgmt - ok
21:27:23.0204 4888 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:27:23.0376 4888 WinRM - ok
21:27:23.0423 4888 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:27:23.0438 4888 WinUsb - ok
21:27:23.0547 4888 [ F514C1C9D814F3DB46A17C59EA8214B2 ] WiseBootAssistant C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
21:27:23.0579 4888 WiseBootAssistant - ok
21:27:23.0766 4888 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:27:23.0859 4888 Wlansvc - ok
21:27:23.0906 4888 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
21:27:23.0937 4888 WmiAcpi - ok
21:27:23.0984 4888 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:27:24.0062 4888 wmiApSrv - ok
21:27:24.0093 4888 WMPNetworkSvc - ok
21:27:24.0140 4888 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:27:24.0265 4888 WPCSvc - ok
21:27:24.0327 4888 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:27:24.0405 4888 WPDBusEnum - ok
21:27:24.0421 4888 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:27:24.0515 4888 ws2ifsl - ok
21:27:24.0561 4888 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
21:27:24.0639 4888 wscsvc - ok
21:27:24.0655 4888 WSearch - ok
21:27:25.0170 4888 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
21:27:25.0357 4888 wuauserv - ok
21:27:25.0419 4888 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:27:25.0529 4888 WudfPf - ok
21:27:25.0575 4888 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:27:25.0607 4888 WUDFRd - ok
21:27:25.0638 4888 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:27:25.0653 4888 wudfsvc - ok
21:27:25.0716 4888 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
21:27:25.0794 4888 WwanSvc - ok
21:27:25.0872 4888 ================ Scan global ===============================
21:27:25.0919 4888 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:27:25.0950 4888 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
21:27:25.0981 4888 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
21:27:26.0012 4888 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:27:26.0075 4888 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:27:26.0090 4888 [Global] - ok
21:27:26.0090 4888 ================ Scan MBR ==================================
21:27:26.0121 4888 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
21:27:28.0742 4888 \Device\Harddisk0\DR0 - ok
21:27:28.0742 4888 ================ Scan VBR ==================================
21:27:28.0773 4888 [ DAF07E28CC82285D0EF163A3C53B1752 ] \Device\Harddisk0\DR0\Partition1
21:27:28.0898 4888 \Device\Harddisk0\DR0\Partition1 - ok
21:27:28.0914 4888 ============================================================
21:27:28.0914 4888 Scan finished
21:27:28.0914 4888 ============================================================
21:27:29.0101 4880 Detected object count: 2
21:27:29.0101 4880 Actual detected object count: 2
21:28:13.0549 4880 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:28:13.0549 4880 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:28:13.0552 4880 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
21:28:13.0552 4880 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:28:42.0769 4856 ============================================================
21:28:42.0769 4856 Scan started
21:28:42.0769 4856 Mode: Manual; SigCheck; TDLFS;
21:28:42.0769 4856 ============================================================
21:28:44.0922 4856 ================ Scan system memory ========================
21:28:44.0922 4856 System memory - ok
21:28:44.0922 4856 ================ Scan services =============================
21:28:45.0047 4856 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:28:45.0109 4856 1394ohci - ok
21:28:45.0125 4856 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:28:45.0156 4856 ACPI - ok
21:28:45.0171 4856 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:28:45.0218 4856 AcpiPmi - ok
21:28:45.0327 4856 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:28:45.0343 4856 AdobeARMservice - ok
21:28:45.0437 4856 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:28:45.0452 4856 AdobeFlashPlayerUpdateSvc - ok
21:28:45.0515 4856 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
21:28:45.0546 4856 adp94xx - ok
21:28:45.0561 4856 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
21:28:45.0577 4856 adpahci - ok
21:28:45.0593 4856 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
21:28:45.0608 4856 adpu320 - ok
21:28:45.0655 4856 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:28:45.0702 4856 AeLookupSvc - ok
21:28:45.0749 4856 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
21:28:45.0795 4856 AFD - ok
21:28:45.0842 4856 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:28:45.0858 4856 agp440 - ok
21:28:45.0905 4856 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:28:45.0920 4856 ALG - ok
21:28:45.0936 4856 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:28:45.0951 4856 aliide - ok
21:28:45.0983 4856 [ 57B773D82E8CC3C6D7E02CC8A6632043 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
21:28:46.0045 4856 AMD External Events Utility - ok
21:28:46.0061 4856 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:28:46.0092 4856 amdide - ok
21:28:46.0123 4856 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
21:28:46.0139 4856 AmdK8 - ok
21:28:46.0326 4856 [ AEFAF27F1B7E52C705DF4FB6C96732F6 ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys
21:28:46.0513 4856 amdkmdag - ok
21:28:46.0544 4856 [ 8149DB73BE27950EC72767A1193153A6 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
21:28:46.0560 4856 amdkmdap - ok
21:28:46.0607 4856 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
21:28:46.0669 4856 AmdPPM - ok
21:28:46.0700 4856 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:28:46.0716 4856 amdsata - ok
21:28:46.0747 4856 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
21:28:46.0763 4856 amdsbs - ok
21:28:46.0794 4856 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
21:28:46.0809 4856 amdxata - ok
21:28:46.0841 4856 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\windows\system32\Drivers\ssadadb.sys
21:28:46.0872 4856 androidusb - ok
21:28:46.0903 4856 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:28:46.0965 4856 AppID - ok
21:28:46.0997 4856 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:28:47.0028 4856 AppIDSvc - ok
21:28:47.0059 4856 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
21:28:47.0106 4856 Appinfo - ok
21:28:47.0137 4856 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
21:28:47.0153 4856 arc - ok
21:28:47.0168 4856 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
21:28:47.0184 4856 arcsas - ok
21:28:47.0215 4856 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
21:28:47.0231 4856 aswFsBlk - ok
21:28:47.0262 4856 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
21:28:47.0293 4856 aswMonFlt - ok
21:28:47.0309 4856 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
21:28:47.0324 4856 aswRdr - ok
21:28:47.0371 4856 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
21:28:47.0402 4856 aswSnx - ok
21:28:47.0449 4856 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
21:28:47.0465 4856 aswSP - ok
21:28:47.0511 4856 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
21:28:47.0543 4856 aswTdi - ok
21:28:47.0589 4856 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:28:47.0621 4856 AsyncMac - ok
21:28:47.0652 4856 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:28:47.0667 4856 atapi - ok
21:28:47.0699 4856 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
21:28:47.0714 4856 AtiPcie - ok
21:28:47.0761 4856 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:28:47.0808 4856 AudioEndpointBuilder - ok
21:28:47.0823 4856 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:28:47.0870 4856 AudioSrv - ok
21:28:47.0948 4856 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:28:47.0964 4856 avast! Antivirus - ok
21:28:47.0995 4856 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:28:48.0011 4856 AxInstSV - ok
21:28:48.0057 4856 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
21:28:48.0073 4856 b06bdrv - ok
21:28:48.0104 4856 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:28:48.0135 4856 b57nd60a - ok
21:28:48.0167 4856 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:28:48.0182 4856 BDESVC - ok
21:28:48.0198 4856 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:28:48.0229 4856 Beep - ok
21:28:48.0276 4856 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
21:28:48.0338 4856 BFE - ok
21:28:48.0385 4856 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
21:28:48.0440 4856 BITS - ok
21:28:48.0455 4856 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:28:48.0472 4856 blbdrive - ok
21:28:48.0495 4856 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:28:48.0515 4856 bowser - ok
21:28:48.0544 4856 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
21:28:48.0563 4856 BrFiltLo - ok
21:28:48.0572 4856 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
21:28:48.0592 4856 BrFiltUp - ok
21:28:48.0602 4856 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
21:28:48.0660 4856 BridgeMP - ok
21:28:48.0684 4856 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
21:28:48.0701 4856 Browser - ok
21:28:48.0713 4856 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:28:48.0734 4856 Brserid - ok
21:28:48.0742 4856 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:28:48.0762 4856 BrSerWdm - ok
21:28:48.0770 4856 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:28:48.0791 4856 BrUsbMdm - ok
21:28:48.0799 4856 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:28:48.0817 4856 BrUsbSer - ok
21:28:48.0827 4856 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
21:28:48.0850 4856 BTHMODEM - ok
21:28:48.0893 4856 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:28:48.0936 4856 bthserv - ok
21:28:48.0958 4856 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:28:48.0999 4856 cdfs - ok
21:28:49.0040 4856 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
21:28:49.0059 4856 cdrom - ok
21:28:49.0097 4856 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:28:49.0138 4856 CertPropSvc - ok
21:28:49.0164 4856 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
21:28:49.0184 4856 circlass - ok
21:28:49.0219 4856 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:28:49.0240 4856 CLFS - ok
21:28:49.0319 4856 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:28:49.0334 4856 clr_optimization_v2.0.50727_32 - ok
21:28:49.0415 4856 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:28:49.0430 4856 clr_optimization_v2.0.50727_64 - ok
21:28:49.0477 4856 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:28:49.0493 4856 clr_optimization_v4.0.30319_32 - ok
21:28:49.0555 4856 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:28:49.0571 4856 clr_optimization_v4.0.30319_64 - ok
21:28:49.0602 4856 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:28:49.0618 4856 CmBatt - ok
21:28:49.0649 4856 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:28:49.0664 4856 cmdide - ok
21:28:49.0696 4856 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
21:28:49.0727 4856 CNG - ok
21:28:49.0774 4856 [ E10C47A06EFDCD635940B6849F3654B4 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
21:28:49.0789 4856 CnxtHdAudService - ok
21:28:49.0836 4856 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
21:28:49.0852 4856 Compbatt - ok
21:28:49.0883 4856 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
21:28:49.0930 4856 CompositeBus - ok
21:28:49.0930 4856 COMSysApp - ok
21:28:49.0961 4856 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
21:28:49.0976 4856 crcdisk - ok
21:28:50.0023 4856 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
21:28:50.0039 4856 CryptSvc - ok
21:28:50.0086 4856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:28:50.0132 4856 DcomLaunch - ok
21:28:50.0164 4856 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:28:50.0210 4856 defragsvc - ok
21:28:50.0226 4856 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:28:50.0273 4856 DfsC - ok
21:28:50.0304 4856 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:28:50.0335 4856 Dhcp - ok
21:28:50.0382 4856 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:28:50.0413 4856 discache - ok
21:28:50.0444 4856 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
21:28:50.0460 4856 Disk - ok
21:28:50.0507 4856 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:28:50.0585 4856 Dnscache - ok
21:28:50.0632 4856 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:28:50.0678 4856 dot3svc - ok
21:28:50.0710 4856 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:28:50.0756 4856 DPS - ok
21:28:50.0788 4856 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:28:50.0803 4856 drmkaud - ok
21:28:50.0850 4856 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:28:50.0881 4856 DXGKrnl - ok
21:28:50.0912 4856 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:28:50.0944 4856 EapHost - ok
21:28:51.0037 4856 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
21:28:51.0146 4856 ebdrv - ok
21:28:51.0178 4856 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
21:28:51.0193 4856 EFS - ok
21:28:51.0271 4856 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:28:51.0302 4856 ehRecvr - ok
21:28:51.0334 4856 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:28:51.0349 4856 ehSched - ok
21:28:51.0380 4856 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
21:28:51.0396 4856 elxstor - ok
21:28:51.0490 4856 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
21:28:51.0536 4856 EPSON_PM_RPCV4_01 - ok
21:28:51.0552 4856 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:28:51.0568 4856 ErrDev - ok
21:28:51.0630 4856 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:28:51.0677 4856 EventSystem - ok
21:28:51.0692 4856 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:28:51.0739 4856 exfat - ok
21:28:51.0770 4856 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:28:51.0817 4856 fastfat - ok
21:28:51.0848 4856 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:28:51.0880 4856 Fax - ok
21:28:51.0926 4856 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
21:28:51.0942 4856 fdc - ok
21:28:51.0973 4856 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:28:52.0020 4856 fdPHost - ok
21:28:52.0036 4856 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:28:52.0082 4856 FDResPub - ok
21:28:52.0098 4856 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:28:52.0129 4856 FileInfo - ok
21:28:52.0160 4856 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:28:52.0192 4856 Filetrace - ok
21:28:52.0223 4856 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
21:28:52.0238 4856 flpydisk - ok
21:28:52.0285 4856 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:28:52.0301 4856 FltMgr - ok
21:28:52.0348 4856 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
21:28:52.0410 4856 FontCache - ok
21:28:52.0457 4856 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:28:52.0472 4856 FontCache3.0.0.0 - ok
21:28:52.0504 4856 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:28:52.0519 4856 FsDepends - ok
21:28:52.0550 4856 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:28:52.0566 4856 Fs_Rec - ok
21:28:52.0613 4856 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:28:52.0644 4856 fvevol - ok
21:28:52.0660 4856 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
21:28:52.0675 4856 gagp30kx - ok
21:28:52.0706 4856 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:28:52.0784 4856 gpsvc - ok
21:28:52.0847 4856 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:28:52.0862 4856 gupdate - ok
21:28:52.0862 4856 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:28:52.0878 4856 gupdatem - ok
21:28:52.0925 4856 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:28:52.0940 4856 hcw85cir - ok
21:28:52.0972 4856 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:28:53.0003 4856 HdAudAddService - ok
21:28:53.0018 4856 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
21:28:53.0050 4856 HDAudBus - ok
21:28:53.0081 4856 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
21:28:53.0096 4856 HidBatt - ok
21:28:53.0096 4856 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
21:28:53.0128 4856 HidBth - ok
21:28:53.0128 4856 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
21:28:53.0159 4856 HidIr - ok
21:28:53.0174 4856 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
21:28:53.0221 4856 hidserv - ok
21:28:53.0252 4856 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
21:28:53.0268 4856 HidUsb - ok
21:28:53.0299 4856 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:28:53.0346 4856 hkmsvc - ok
21:28:53.0377 4856 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:28:53.0408 4856 HomeGroupListener - ok
21:28:53.0424 4856 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:28:53.0440 4856 HomeGroupProvider - ok
21:28:53.0486 4856 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:28:53.0502 4856 HpSAMD - ok
21:28:53.0611 4856 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:28:53.0658 4856 HTTP - ok
21:28:53.0689 4856 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:28:53.0720 4856 hwpolicy - ok
21:28:53.0752 4856 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
21:28:53.0767 4856 i8042prt - ok
21:28:53.0798 4856 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:28:53.0814 4856 iaStorV - ok
21:28:53.0876 4856 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:28:53.0892 4856 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:28:53.0892 4856 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:28:53.0954 4856 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:28:54.0001 4856 idsvc - ok
21:28:54.0032 4856 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
21:28:54.0048 4856 iirsp - ok
21:28:54.0095 4856 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
21:28:54.0157 4856 IKEEXT - ok
21:28:54.0173 4856 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:28:54.0188 4856 intelide - ok
21:28:54.0220 4856 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:28:54.0235 4856 intelppm - ok
21:28:54.0282 4856 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:28:54.0329 4856 IPBusEnum - ok
21:28:54.0360 4856 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:28:54.0407 4856 IpFilterDriver - ok
21:28:54.0454 4856 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:28:54.0485 4856 iphlpsvc - ok
21:28:54.0516 4856 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:28:54.0532 4856 IPMIDRV - ok
21:28:54.0578 4856 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:28:54.0610 4856 IPNAT - ok
21:28:54.0641 4856 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:28:54.0656 4856 IRENUM - ok
21:28:54.0688 4856 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:28:54.0703 4856 isapnp - ok
21:28:54.0734 4856 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:28:54.0750 4856 iScsiPrt - ok
21:28:54.0781 4856 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:28:54.0797 4856 kbdclass - ok
21:28:54.0812 4856 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
21:28:54.0828 4856 kbdhid - ok
21:28:54.0859 4856 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
21:28:54.0875 4856 KeyIso - ok
21:28:54.0922 4856 [ 5D5017ACEBE26E166EA64D143F3EE3B8 ] kmodurl C:\Program files (x86)\Kingsoft\PCDoctor\kmodurl64.sys
21:28:54.0937 4856 kmodurl - ok
21:28:54.0968 4856 [ C32D068757D4AD6E4781A78CFFD883E5 ] KSafeSvc C:\Program files (x86)\Kingsoft\PCDoctor\KSafeSvc.exe
21:28:54.0984 4856 KSafeSvc - ok
21:28:55.0015 4856 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:28:55.0046 4856 KSecDD - ok
21:28:55.0078 4856 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:28:55.0093 4856 KSecPkg - ok
21:28:55.0140 4856 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:28:55.0171 4856 ksthunk - ok
21:28:55.0218 4856 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:28:55.0265 4856 KtmRm - ok
21:28:55.0280 4856 [ 655A5D8E80869781CCE23760ADA7E695 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
21:28:55.0312 4856 L1C - ok
21:28:55.0343 4856 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
21:28:55.0390 4856 LanmanServer - ok
21:28:55.0421 4856 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:28:55.0468 4856 LanmanWorkstation - ok
21:28:55.0483 4856 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:28:55.0530 4856 lltdio - ok
21:28:55.0577 4856 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:28:55.0624 4856 lltdsvc - ok
21:28:55.0639 4856 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:28:55.0686 4856 lmhosts - ok
21:28:55.0717 4856 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
21:28:55.0748 4856 LSI_FC - ok
21:28:55.0748 4856 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
21:28:55.0764 4856 LSI_SAS - ok
21:28:55.0780 4856 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
21:28:55.0795 4856 LSI_SAS2 - ok
21:28:55.0811 4856 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
21:28:55.0826 4856 LSI_SCSI - ok
21:28:55.0858 4856 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:28:55.0889 4856 luafv - ok
21:28:55.0920 4856 [ 07389F6925E490D2DB7882110E99921C ] lvpepf64 C:\windows\system32\DRIVERS\lv302a64.sys
21:28:55.0936 4856 lvpepf64 - ok
21:28:55.0982 4856 [ 7F0BA3A6E8996F15693C6B7D81DA049E ] LVRS64 C:\windows\system32\DRIVERS\lvrs64.sys
21:28:55.0998 4856 LVRS64 - ok
21:28:56.0029 4856 [ 5C3FF68267A5D242EE79EE01B993D6CE ] LVUSBS64 C:\windows\system32\drivers\LVUSBS64.sys
21:28:56.0045 4856 LVUSBS64 - ok
21:28:56.0076 4856 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:28:56.0092 4856 Mcx2Svc - ok
21:28:56.0123 4856 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
21:28:56.0138 4856 megasas - ok
21:28:56.0154 4856 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
21:28:56.0185 4856 MegaSR - ok
21:28:56.0201 4856 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:28:56.0248 4856 MMCSS - ok
21:28:56.0263 4856 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:28:56.0310 4856 Modem - ok
21:28:56.0326 4856 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:28:56.0341 4856 monitor - ok
21:28:56.0357 4856 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:28:56.0372 4856 mouclass - ok
21:28:56.0404 4856 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:28:56.0419 4856 mouhid - ok
21:28:56.0450 4856 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:28:56.0466 4856 mountmgr - ok
21:28:56.0544 4856 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:28:56.0560 4856 MozillaMaintenance - ok
21:28:56.0591 4856 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:28:56.0606 4856 mpio - ok
21:28:56.0638 4856 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:28:56.0684 4856 mpsdrv - ok
21:28:56.0747 4856 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
21:28:56.0794 4856 MpsSvc - ok
21:28:56.0825 4856 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:28:56.0856 4856 MRxDAV - ok
21:28:56.0903 4856 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:28:56.0934 4856 mrxsmb - ok
21:28:56.0950 4856 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:28:56.0981 4856 mrxsmb10 - ok
21:28:57.0012 4856 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:28:57.0043 4856 mrxsmb20 - ok
21:28:57.0074 4856 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
21:28:57.0090 4856 msahci - ok
21:28:57.0121 4856 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:28:57.0137 4856 msdsm - ok
21:28:57.0168 4856 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:28:57.0199 4856 MSDTC - ok
21:28:57.0230 4856 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:28:57.0262 4856 Msfs - ok
21:28:57.0277 4856 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:28:57.0324 4856 mshidkmdf - ok
21:28:57.0355 4856 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:28:57.0371 4856 msisadrv - ok
21:28:57.0418 4856 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:28:57.0464 4856 MSiSCSI - ok
21:28:57.0464 4856 msiserver - ok
21:28:57.0496 4856 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:28:57.0527 4856 MSKSSRV - ok
21:28:57.0574 4856 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:28:57.0620 4856 MSPCLOCK - ok
21:28:57.0620 4856 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:28:57.0667 4856 MSPQM - ok
21:28:57.0714 4856 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:28:57.0745 4856 MsRPC - ok
21:28:57.0776 4856 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
21:28:57.0808 4856 mssmbios - ok
21:28:57.0839 4856 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:28:57.0870 4856 MSTEE - ok
21:28:57.0886 4856 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
21:28:57.0901 4856 MTConfig - ok
21:28:57.0917 4856 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:28:57.0932 4856 Mup - ok
21:28:57.0979 4856 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:28:58.0026 4856 napagent - ok
21:28:58.0073 4856 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:28:58.0104 4856 NativeWifiP - ok
21:28:58.0135 4856 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
21:28:58.0166 4856 NDIS - ok
21:28:58.0198 4856 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:28:58.0244 4856 NdisCap - ok
21:28:58.0260 4856 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:28:58.0307 4856 NdisTapi - ok
21:28:58.0338 4856 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:28:58.0385 4856 Ndisuio - ok
21:28:58.0416 4856 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:28:58.0447 4856 NdisWan - ok
21:28:58.0478 4856 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:28:58.0525 4856 NDProxy - ok
21:28:58.0556 4856 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:28:58.0588 4856 NetBIOS - ok
21:28:58.0634 4856 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:28:58.0681 4856 NetBT - ok
21:28:58.0697 4856 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
21:28:58.0712 4856 Netlogon - ok
21:28:58.0759 4856 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:28:58.0806 4856 Netman - ok
21:28:58.0822 4856 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:28:58.0884 4856 netprofm - ok
21:28:58.0915 4856 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:28:58.0931 4856 NetTcpPortSharing - ok
21:28:58.0962 4856 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
21:28:58.0978 4856 nfrd960 - ok
21:28:59.0024 4856 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
21:28:59.0056 4856 NlaSvc - ok
21:28:59.0071 4856 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:28:59.0118 4856 Npfs - ok
21:28:59.0149 4856 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:28:59.0196 4856 nsi - ok
21:28:59.0196 4856 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:28:59.0243 4856 nsiproxy - ok
21:28:59.0321 4856 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:28:59.0368 4856 Ntfs - ok
21:28:59.0399 4856 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:28:59.0446 4856 Null - ok
21:28:59.0477 4856 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
21:28:59.0492 4856 nvraid - ok
21:28:59.0539 4856 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
21:28:59.0570 4856 nvstor - ok
21:28:59.0586 4856 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:28:59.0602 4856 nv_agp - ok
21:28:59.0617 4856 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:28:59.0633 4856 ohci1394 - ok
21:28:59.0711 4856 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:28:59.0726 4856 ose - ok
21:28:59.0929 4856 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:29:00.0116 4856 osppsvc - ok
21:29:00.0163 4856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:29:00.0194 4856 p2pimsvc - ok
21:29:00.0226 4856 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:29:00.0241 4856 p2psvc - ok
21:29:00.0272 4856 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
21:29:00.0288 4856 Parport - ok
21:29:00.0319 4856 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
21:29:00.0335 4856 partmgr - ok
21:29:00.0350 4856 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:29:00.0382 4856 PcaSvc - ok
21:29:00.0413 4856 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:29:00.0428 4856 pci - ok
21:29:00.0444 4856 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
21:29:00.0460 4856 pciide - ok
21:29:00.0491 4856 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
21:29:00.0506 4856 pcmcia - ok
21:29:00.0553 4856 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:29:00.0569 4856 pcw - ok
21:29:00.0600 4856 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:29:00.0647 4856 PEAUTH - ok
21:29:00.0725 4856 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:29:00.0756 4856 PerfHost - ok
21:29:00.0803 4856 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
21:29:00.0818 4856 PGEffect - ok
21:29:00.0896 4856 [ 087A343DFC337F37723DD7912DE6B6CD ] PID_PEPI C:\windows\system32\DRIVERS\LV302V64.SYS
21:29:00.0959 4856 PID_PEPI - ok
21:29:01.0021 4856 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:29:01.0084 4856 pla - ok
21:29:01.0115 4856 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:29:01.0162 4856 PlugPlay - ok
21:29:01.0193 4856 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:29:01.0208 4856 PNRPAutoReg - ok
21:29:01.0240 4856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:29:01.0255 4856 PNRPsvc - ok
21:29:01.0302 4856 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:29:01.0349 4856 PolicyAgent - ok
21:29:01.0396 4856 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:29:01.0427 4856 Power - ok
21:29:01.0474 4856 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:29:01.0520 4856 PptpMiniport - ok
21:29:01.0552 4856 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
21:29:01.0567 4856 Processor - ok
21:29:01.0614 4856 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
21:29:01.0645 4856 ProfSvc - ok
21:29:01.0661 4856 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
21:29:01.0676 4856 ProtectedStorage - ok
21:29:01.0708 4856 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:29:01.0754 4856 Psched - ok
21:29:01.0786 4856 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
21:29:01.0817 4856 QIOMem - ok
21:29:01.0864 4856 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
21:29:01.0910 4856 ql2300 - ok
21:29:01.0926 4856 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
21:29:01.0957 4856 ql40xx - ok
21:29:01.0973 4856 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:29:02.0004 4856 QWAVE - ok
21:29:02.0035 4856 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:29:02.0051 4856 QWAVEdrv - ok
21:29:02.0066 4856 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:29:02.0113 4856 RasAcd - ok
21:29:02.0144 4856 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:29:02.0207 4856 RasAgileVpn - ok
21:29:02.0222 4856 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:29:02.0269 4856 RasAuto - ok
21:29:02.0285 4856 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:29:02.0332 4856 Rasl2tp - ok
21:29:02.0378 4856 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:29:02.0425 4856 RasMan - ok
21:29:02.0456 4856 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:29:02.0503 4856 RasPppoe - ok
21:29:02.0534 4856 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:29:02.0597 4856 RasSstp - ok
21:29:02.0644 4856 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:29:02.0690 4856 rdbss - ok
21:29:02.0706 4856 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
21:29:02.0737 4856 rdpbus - ok
21:29:02.0753 4856 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:29:02.0784 4856 RDPCDD - ok
21:29:02.0815 4856 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:29:02.0846 4856 RDPENCDD - ok
21:29:02.0862 4856 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:29:02.0909 4856 RDPREFMP - ok
21:29:02.0956 4856 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:29:02.0987 4856 RDPWD - ok
21:29:03.0018 4856 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:29:03.0034 4856 rdyboost - ok
21:29:03.0065 4856 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:29:03.0127 4856 RemoteAccess - ok
21:29:03.0158 4856 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:29:03.0190 4856 RemoteRegistry - ok
21:29:03.0221 4856 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:29:03.0268 4856 RpcEptMapper - ok
21:29:03.0283 4856 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:29:03.0299 4856 RpcLocator - ok
21:29:03.0346 4856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
21:29:03.0392 4856 RpcSs - ok
21:29:03.0439 4856 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:29:03.0486 4856 rspndr - ok
21:29:03.0548 4856 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
21:29:03.0580 4856 RSUSBSTOR - ok
21:29:03.0642 4856 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
21:29:03.0691 4856 rtl8192se - ok
21:29:03.0715 4856 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
21:29:03.0733 4856 SamSs - ok
21:29:03.0766 4856 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:29:03.0784 4856 sbp2port - ok
21:29:03.0825 4856 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:29:03.0872 4856 SCardSvr - ok
21:29:03.0911 4856 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:29:03.0952 4856 scfilter - ok
21:29:04.0012 4856 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:29:04.0082 4856 Schedule - ok
21:29:04.0110 4856 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:29:04.0150 4856 SCPolicySvc - ok
21:29:04.0179 4856 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:29:04.0200 4856 SDRSVC - ok
21:29:04.0230 4856 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:29:04.0271 4856 secdrv - ok
21:29:04.0307 4856 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:29:04.0349 4856 seclogon - ok
21:29:04.0376 4856 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
21:29:04.0424 4856 SENS - ok
21:29:04.0440 4856 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:29:04.0460 4856 SensrSvc - ok
21:29:04.0481 4856 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
21:29:04.0499 4856 Serenum - ok
21:29:04.0508 4856 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
21:29:04.0527 4856 Serial - ok
21:29:04.0560 4856 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
21:29:04.0577 4856 sermouse - ok
21:29:04.0624 4856 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:29:04.0671 4856 SessionEnv - ok
21:29:04.0697 4856 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:29:04.0714 4856 sffdisk - ok
21:29:04.0736 4856 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:29:04.0753 4856 sffp_mmc - ok
21:29:04.0769 4856 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:29:04.0789 4856 sffp_sd - ok
21:29:04.0829 4856 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
21:29:04.0847 4856 sfloppy - ok
21:29:04.0886 4856 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:29:04.0938 4856 SharedAccess - ok
21:29:04.0983 4856 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:29:05.0029 4856 ShellHWDetection - ok
21:29:05.0039 4856 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
21:29:05.0056 4856 SiSRaid2 - ok
21:29:05.0066 4856 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
21:29:05.0084 4856 SiSRaid4 - ok
21:29:05.0103 4856 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:29:05.0147 4856 Smb - ok
21:29:05.0203 4856 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:29:05.0209 4856 SNMPTRAP - ok
21:29:05.0240 4856 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:29:05.0256 4856 spldr - ok
21:29:05.0287 4856 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
21:29:05.0318 4856 Spooler - ok
21:29:05.0427 4856 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:29:05.0568 4856 sppsvc - ok
21:29:05.0599 4856 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:29:05.0646 4856 sppuinotify - ok
21:29:05.0692 4856 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
21:29:05.0739 4856 srv - ok
21:29:05.0755 4856 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:29:05.0786 4856 srv2 - ok
21:29:05.0817 4856 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
21:29:05.0833 4856 SrvHsfHDA - ok
21:29:05.0880 4856 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
21:29:05.0911 4856 SrvHsfV92 - ok
21:29:05.0958 4856 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
21:29:06.0004 4856 SrvHsfWinac - ok
21:29:06.0036 4856 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:29:06.0051 4856 srvnet - ok
21:29:06.0098 4856 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\windows\system32\DRIVERS\ssadbus.sys
21:29:06.0129 4856 ssadbus - ok
21:29:06.0160 4856 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\windows\system32\DRIVERS\ssadmdfl.sys
21:29:06.0192 4856 ssadmdfl - ok
21:29:06.0223 4856 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\windows\system32\DRIVERS\ssadmdm.sys
21:29:06.0254 4856 ssadmdm - ok
21:29:06.0285 4856 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\windows\system32\DRIVERS\ssadserd.sys
21:29:06.0316 4856 ssadserd - ok
21:29:06.0348 4856 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:29:06.0394 4856 SSDPSRV - ok
21:29:06.0426 4856 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:29:06.0472 4856 SstpSvc - ok
21:29:06.0488 4856 Steam Client Service - ok
21:29:06.0535 4856 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
21:29:06.0550 4856 stexstor - ok
21:29:06.0597 4856 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:29:06.0644 4856 stisvc - ok
21:29:06.0675 4856 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
21:29:06.0691 4856 swenum - ok
21:29:06.0738 4856 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:29:06.0784 4856 swprv - ok
21:29:06.0816 4856 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:29:06.0847 4856 SynTP - ok
21:29:06.0894 4856 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:29:06.0956 4856 SysMain - ok
21:29:06.0987 4856 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:29:07.0003 4856 TabletInputService - ok
21:29:07.0050 4856 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:29:07.0096 4856 TapiSrv - ok
21:29:07.0128 4856 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:29:07.0159 4856 TBS - ok
21:29:07.0237 4856 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:29:07.0284 4856 Tcpip - ok
21:29:07.0315 4856 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:29:07.0362 4856 TCPIP6 - ok
21:29:07.0377 4856 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:29:07.0393 4856 tcpipreg - ok
21:29:07.0424 4856 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
21:29:07.0440 4856 tdcmdpst - ok
21:29:07.0471 4856 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:29:07.0502 4856 TDPIPE - ok
21:29:07.0564 4856 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:29:07.0580 4856 TDTCP - ok
21:29:07.0627 4856 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:29:07.0658 4856 tdx - ok
21:29:07.0674 4856 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
21:29:07.0705 4856 TermDD - ok
21:29:07.0736 4856 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:29:07.0798 4856 TermService - ok
21:29:07.0830 4856 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:29:07.0845 4856 Themes - ok
21:29:07.0861 4856 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:29:07.0908 4856 THREADORDER - ok
21:29:07.0986 4856 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:29:08.0001 4856 TMachInfo - ok
21:29:08.0032 4856 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
21:29:08.0048 4856 TODDSrv - ok
21:29:08.0110 4856 [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
21:29:08.0142 4856 TosCoSrv - ok
21:29:08.0173 4856 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
21:29:08.0188 4856 TOSHIBA HDD SSD Alert Service - ok
21:29:08.0235 4856 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:29:08.0266 4856 TrkWks - ok
21:29:08.0329 4856 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:29:08.0376 4856 TrustedInstaller - ok
21:29:08.0407 4856 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:29:08.0454 4856 tssecsrv - ok
21:29:08.0485 4856 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:29:08.0500 4856 TsUsbFlt - ok
21:29:08.0563 4856 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:29:08.0610 4856 tunnel - ok
21:29:08.0641 4856 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:29:08.0656 4856 TVALZ - ok
21:29:08.0688 4856 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
21:29:08.0703 4856 uagp35 - ok
21:29:08.0781 4856 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:29:08.0835 4856 udfs - ok
21:29:08.0882 4856 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:29:08.0904 4856 UI0Detect - ok
21:29:08.0926 4856 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:29:08.0944 4856 uliagpkx - ok
21:29:08.0980 4856 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
21:29:08.0998 4856 umbus - ok
21:29:09.0028 4856 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
21:29:09.0064 4856 UmPass - ok
21:29:09.0109 4856 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:29:09.0158 4856 upnphost - ok
21:29:09.0188 4856 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
21:29:09.0209 4856 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
21:29:09.0209 4856 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
21:29:09.0240 4856 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
21:29:09.0261 4856 usbaudio - ok
21:29:09.0281 4856 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:29:09.0310 4856 usbccgp - ok
21:29:09.0349 4856 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:29:09.0371 4856 usbcir - ok
21:29:09.0391 4856 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:29:09.0409 4856 usbehci - ok
21:29:09.0434 4856 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:29:09.0457 4856 usbhub - ok
21:29:09.0474 4856 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
21:29:09.0494 4856 usbohci - ok
21:29:09.0548 4856 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:29:09.0568 4856 usbprint - ok
21:29:09.0586 4856 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:29:09.0608 4856 usbscan - ok
21:29:09.0656 4856 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:29:09.0681 4856 USBSTOR - ok
21:29:09.0713 4856 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:29:09.0731 4856 usbuhci - ok
21:29:09.0768 4856 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
21:29:09.0791 4856 usbvideo - ok
21:29:09.0820 4856 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:29:09.0867 4856 UxSms - ok
21:29:09.0882 4856 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
21:29:09.0900 4856 VaultSvc - ok
21:29:09.0917 4856 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:29:09.0934 4856 vdrvroot - ok
21:29:09.0969 4856 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:29:10.0016 4856 vds - ok
21:29:10.0047 4856 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:29:10.0078 4856 vga - ok
21:29:10.0094 4856 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:29:10.0141 4856 VgaSave - ok
21:29:10.0172 4856 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:29:10.0188 4856 vhdmp - ok
21:29:10.0234 4856 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:29:10.0250 4856 viaide - ok
21:29:10.0266 4856 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:29:10.0281 4856 volmgr - ok
21:29:10.0312 4856 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:29:10.0328 4856 volmgrx - ok
21:29:10.0359 4856 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
21:29:10.0375 4856 volsnap - ok
21:29:10.0406 4856 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
21:29:10.0422 4856 vsmraid - ok
21:29:10.0484 4856 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:29:10.0546 4856 VSS - ok
21:29:10.0593 4856 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:29:10.0609 4856 vwifibus - ok
21:29:10.0640 4856 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:29:10.0656 4856 vwififlt - ok
21:29:10.0671 4856 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:29:10.0702 4856 vwifimp - ok
21:29:10.0734 4856 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:29:10.0796 4856 W32Time - ok
21:29:10.0812 4856 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
21:29:10.0843 4856 WacomPen - ok
21:29:10.0874 4856 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:29:10.0921 4856 WANARP - ok
21:29:10.0936 4856 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:29:10.0968 4856 Wanarpv6 - ok
21:29:11.0046 4856 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:29:11.0092 4856 WatAdminSvc - ok
21:29:11.0155 4856 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:29:11.0186 4856 wbengine - ok
21:29:11.0233 4856 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:29:11.0248 4856 WbioSrvc - ok
21:29:11.0295 4856 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:29:11.0326 4856 wcncsvc - ok
21:29:11.0358 4856 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:29:11.0373 4856 WcsPlugInService - ok
21:29:11.0404 4856 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
21:29:11.0420 4856 Wd - ok
21:29:11.0467 4856 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:29:11.0498 4856 Wdf01000 - ok
21:29:11.0545 4856 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:29:11.0592 4856 WdiServiceHost - ok
21:29:11.0592 4856 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:29:11.0623 4856 WdiSystemHost - ok
21:29:11.0670 4856 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
21:29:11.0685 4856 WebClient - ok
21:29:11.0716 4856 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:29:11.0763 4856 Wecsvc - ok
21:29:11.0779 4856 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:29:11.0826 4856 wercplsupport - ok
21:29:11.0872 4856 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:29:11.0919 4856 WerSvc - ok
21:29:11.0935 4856 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:29:11.0982 4856 WfpLwf - ok
21:29:12.0013 4856 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:29:12.0028 4856 WIMMount - ok
21:29:12.0060 4856 WinDefend - ok
21:29:12.0060 4856 WinHttpAutoProxySvc - ok
21:29:12.0106 4856 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:29:12.0153 4856 Winmgmt - ok
21:29:12.0231 4856 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:29:12.0325 4856 WinRM - ok
21:29:12.0356 4856 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:29:12.0387 4856 WinUsb - ok
21:29:12.0434 4856 [ F514C1C9D814F3DB46A17C59EA8214B2 ] WiseBootAssistant C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
21:29:12.0481 4856 WiseBootAssistant - ok
21:29:12.0528 4856 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:29:12.0590 4856 Wlansvc - ok
21:29:12.0652 4856 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
21:29:12.0668 4856 WmiAcpi - ok
21:29:12.0699 4856 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:29:12.0715 4856 wmiApSrv - ok
21:29:12.0762 4856 WMPNetworkSvc - ok
21:29:12.0777 4856 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:29:12.0808 4856 WPCSvc - ok
21:29:12.0840 4856 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:29:12.0855 4856 WPDBusEnum - ok
21:29:12.0871 4856 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:29:12.0918 4856 ws2ifsl - ok
21:29:12.0933 4856 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
21:29:12.0964 4856 wscsvc - ok
21:29:12.0980 4856 WSearch - ok
21:29:13.0058 4856 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
21:29:13.0136 4856 wuauserv - ok
21:29:13.0167 4856 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:29:13.0198 4856 WudfPf - ok
21:29:13.0214 4856 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:29:13.0245 4856 WUDFRd - ok
21:29:13.0276 4856 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:29:13.0292 4856 wudfsvc - ok
21:29:13.0339 4856 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
21:29:13.0370 4856 WwanSvc - ok
21:29:13.0401 4856 ================ Scan global ===============================
21:29:13.0417 4856 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:29:13.0464 4856 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
21:29:13.0479 4856 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
21:29:13.0510 4856 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:29:13.0573 4856 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:29:13.0588 4856 [Global] - ok
21:29:13.0588 4856 ================ Scan MBR ==================================
21:29:13.0604 4856 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
21:29:14.0056 4856 \Device\Harddisk0\DR0 - ok
21:29:14.0056 4856 ================ Scan VBR ==================================
21:29:14.0088 4856 [ DAF07E28CC82285D0EF163A3C53B1752 ] \Device\Harddisk0\DR0\Partition1
21:29:14.0103 4856 \Device\Harddisk0\DR0\Partition1 - ok
21:29:14.0103 4856 ============================================================
21:29:14.0103 4856 Scan finished
21:29:14.0103 4856 ============================================================
21:29:14.0103 4768 Detected object count: 2
21:29:14.0103 4768 Actual detected object count: 2
21:29:56.0864 4768 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:29:56.0864 4768 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:29:56.0864 4768 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
21:29:56.0864 4768 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:30:00.0230 4664 Deinitialize success

And aswMBR...

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-17 21:59:38
-----------------------------
21:59:39.037 OS Version: Windows x64 6.1.7601 Service Pack 1
21:59:39.037 Number of processors: 2 586 0x603
21:59:39.037 ComputerName: CHELE-PC UserName: CK
22:00:24.843 Initialize success
22:01:18.427 AVAST engine defs: 12111701
22:01:32.205 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:01:32.210 Disk 0 Vendor: Hitachi_HTS545025B9A300 PB2OC64G Size: 238475MB BusType: 11
22:01:32.377 Disk 0 MBR read successfully
22:01:32.383 Disk 0 MBR scan
22:01:37.929 Disk 0 Windows VISTA default MBR code
22:01:37.991 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
22:01:42.079 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 226661 MB offset 3074048
22:01:42.141 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10313 MB offset 467275776
22:01:43.795 Disk 0 scanning C:\windows\system32\drivers
22:02:38.972 Service scanning
22:03:24.779 Modules scanning
22:03:24.826 Disk 0 trace - called modules:
22:03:24.904 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:03:24.904 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003167060]
22:03:24.920 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002d37060]
22:03:31.752 AVAST engine scan C:\
03:48:43.089 Scan finished successfully
08:50:20.136 Disk 0 MBR has been saved successfully to "C:\Users\CK\Desktop\MBR.dat"
08:50:21.455 The log file has been saved successfully to "C:\Users\CK\Desktop\aswMBR.txt"


I think maybe why it showed on the first log but not the second was because I did a system restore and maybe that got back those missing files? But I did the system restore after I posted this first request but before you had answered when I was downloading other random programs that I mentioned to try to solve it on my own. In any case, the second Combofix log is the one after the system restore. It is still very slow. It said there were two suspicious files in the TDSSkiller program, but I skipped them both since there wasn't an option to cure them. One other thing is, I was removing those programs I added the night before last night so if it shows on some logs and not on others that is why. And I am unsure if I am supposed to click the fixmrb button. Thanks again.

#10 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:56 AM

Posted 18 November 2012 - 01:54 PM

Hi again,

First, please do not make any further changes to the machine as it can make the cleaning process impossible! Now I have no way of knowing where those missing files went or came from. I can only guess that your system restore was the cause...Do you see what I mean? :) How can I help you if I don't know where your files are going? Please keep that in mind, okay? :)

You can surf the internet and check to see if the problems still exist on the machine, but don't run any tools or fixes, or download or install any programs without my instruction until we're finished here.

==========

Let's run these tools next to clear out some adware:

Step :step1:

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

==========

Step :step2:

Download Junkware Removal Tool by thisisu, and save it to your desktop.
  • Right-click on JRT.exe and select "Run as Administrator"
  • When the scan finishes, please copy and paste the log in your next reply.

==========

In addition to both these logs, please let me know how the computer is behaving. Still slow?

bloopie

#11 chele9

chele9
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:05:56 AM

Posted 18 November 2012 - 03:30 PM

I apologize. I won't do anything else to the computer until we are done.

Here is the first log.



# AdwCleaner v2.008 - Logfile created 11/18/2012 at 14:48:03
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : CK - CHELE-PC
# Boot Mode : Normal
# Running from : C:\Users\CK\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\CK\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=116695&tt=4612_5&babsrc=HP_ss&mntrId=3aafdc5400000000000070f1a1fb71da --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Users\Chele\AppData\Roaming\Mozilla\Firefox\Profiles\7i7gqw68.default\prefs.js

C:\Users\Chele\AppData\Roaming\Mozilla\Firefox\Profiles\7i7gqw68.default\user.js ... Deleted !

Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");

Profile name : default
File : C:\Users\CK\AppData\Roaming\Mozilla\Firefox\Profiles\vawpt9j8.default\prefs.js

C:\Users\CK\AppData\Roaming\Mozilla\Firefox\Profiles\vawpt9j8.default\user.js ... Deleted !

Deleted : user_pref("extensions.claro.admin", false);
Deleted : user_pref("extensions.claro.aflt", "babsst");
Deleted : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Deleted : user_pref("extensions.claro.dfltLng", "en");
Deleted : user_pref("extensions.claro.excTlbr", false);
Deleted : user_pref("extensions.claro.id", "3aafdc5400000000000070f1a1fb71da");
Deleted : user_pref("extensions.claro.instlDay", "15661");
Deleted : user_pref("extensions.claro.instlRef", "sst");
Deleted : user_pref("extensions.claro.prdct", "claro");
Deleted : user_pref("extensions.claro.prtnrId", "claro");
Deleted : user_pref("extensions.claro.tlbrId", "base");
Deleted : user_pref("extensions.claro.tlbrSrchUrl", "");
Deleted : user_pref("extensions.claro.vrsn", "1.8.3.10");
Deleted : user_pref("extensions.claro.vrsni", "1.8.3.10");
Deleted : user_pref("extensions.claro_i.smplGrp", "none");
Deleted : user_pref("extensions.claro_i.vrsnTs", "1.8.3.104:16:57");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\CK\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3338 octets] - [18/11/2012 14:48:03]

########## EOF - C:\AdwCleaner[S1].txt - [3398 octets] ##########

And the 2nd one.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.3.1 (11.18.2012)
OS: Windows 7 Home Premium x64
Ran by CK on Sun 11/18/2012 at 15:11:22.80
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox


Successfully deleted the following from "C:\Users\CK\AppData\Roaming\Mozilla\Firefox\Profiles\vawpt9j8.default\prefs.js"

user_pref("extensions.crossrider.bic", "13b0d9e617fc41d9aced29543104869f");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/18/2012 at 15:26:23.91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

It's still running so slow. And it's still not recognizing my ethernet port so I'm using wifi on here. It has been hit and miss since this slow thing started a couple weeks ago.

Thanks,

Chele


#12 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:56 AM

Posted 18 November 2012 - 08:00 PM

Hi again,

Run these steps next, then tell me if your machine is recognizing your ethernet port:

Download Windows Repair (all in one) from this site

Install the program then run it.

Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

Posted Image



Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

Posted Image


Go to Step 4 and under "System Restore" click on Create button:

Posted Image


Go to Start Repairs tab and click Start button.

Posted Image


Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default):

Posted Image

Click on box next to the Restart System when Finished. Then click on Start.

==========

Let me know how that goes!

bloopie

#13 chele9

chele9
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Atlanta
  • Local time:05:56 AM

Posted 18 November 2012 - 10:05 PM

It seems to be a little faster and the ethernet port is working now so thank you. Is there anything else we can try according to what the logs showed? Thanks Bloopie!

#14 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:56 AM

Posted 18 November 2012 - 10:22 PM

Hi again,

I'm glad to hear that! :thumbup2:

I will have to get back to you tomorrow with the next steps as I'm falling asleep now... Thank you for your patience! You are doing very well and we should have this cleared up pretty soon! :)

bloopie

#15 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:56 AM

Posted 19 November 2012 - 12:37 PM

Hi again,

Run these two scans next:

Step :step1:

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

==========

Step :step2:

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan.

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

==========

In your next reply, please include the following:
  • The MBAM log
  • The ESET log
  • How is the computer running now?
bloopie




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users