Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-up Ad Virus


  • Please log in to reply
1 reply to this topic

#1 AvidLebon

AvidLebon

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 17 February 2013 - 08:27 PM

I recently updated my Veoh web player to watch a video a friend asked me to which existed on no other video host. Despite unchecking add-ons bundled with Veoh such as Girrafix and browser add-ons it added them anyway. Immediately afterward I noticed every few clicks I'd get a pop-up spawned. Before this I had no pop-up problems aside from the rare one which I maybe got one TOPS per night. Now I'm getting one every couple of minutes. I used Revo uninstaller to uninstall the mess, but the pop-ups are still coming.

 

I've already tried Avast!, Malaware, Spybot Search and Destroy, Microsoft Security Essentials, ComboFix, and tdssKiller with no luck. I saw in a similar thread ( http://www.bleepingcomputer.com/forums/t/454045/pop-up-ad-redirect-virus/ ) the user was asked to run MiniToolBox, aswMbr, and tdsskiller and post the reports. I did all three, but aswMBR crashed my computer with a BSOD so I'm not running that one again. 

aswMBR - http://i.imgur.com/Sfn3UHd.jpg

 

 

 

 


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

=================================================================================

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 



MiniToolBox.exe - MiniToolBox by Farbar  Version:10-01-2013

Ran by Avid (administrator) on 17-02-2013 at 19:22:10
Running from "C:\Users\Avid\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Whist
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : cable.rcn.com
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 06-25-D3-CE-C3-29
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : taintedenterprises.com
   Description . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : E0-CB-4E-57-6A-7B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : cable.rcn.com
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-25-D3-CE-C3-29
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::2d38:6f1d:451:3091%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.1.18(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 17, 2013 6:43:27 PM
   Lease Expires . . . . . . . . . . : Sunday, February 17, 2013 10:43:31 PM
   Default Gateway . . . . . . . . . : 10.0.1.1
   DHCP Server . . . . . . . . . . . : 10.0.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234890707
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-C9-ED-05-00-25-D3-CE-C3-29
   DNS Servers . . . . . . . . . . . : 10.0.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{62DB9817-0034-4F51-989B-41B1D77809B1}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.cable.rcn.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : cable.rcn.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3c1b:7da7:e76b:b581(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3c1b:7da7:e76b:b581%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.taintedenterprises.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  10.0.1.1
 
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  2607:f8b0:4009:803::1007
      74.125.225.132
      74.125.225.133
      74.125.225.134
      74.125.225.135
      74.125.225.130
      74.125.225.128
      74.125.225.136
      74.125.225.131
      74.125.225.142
      74.125.225.129
      74.125.225.137
 
 
Pinging google.com [74.125.225.132] with 32 bytes of data:
Reply from 74.125.225.132: bytes=32 time=37ms TTL=57
Reply from 74.125.225.132: bytes=32 time=11ms TTL=57
 
Ping statistics for 74.125.225.132:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 11ms, Maximum = 37ms, Average = 24ms
Server:  UnKnown
Address:  10.0.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=63ms TTL=53
Reply from 206.190.36.45: bytes=32 time=139ms TTL=53
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 63ms, Maximum = 139ms, Average = 101ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 20...06 25 d3 ce c3 29 ......Microsoft Virtual WiFi Miniport Adapter
 11...e0 cb 4e 57 6a 7b ......Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
 10...00 25 d3 ce c3 29 ......Atheros AR9285 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.1.1        10.0.1.18     25
         10.0.1.0    255.255.255.0         On-link         10.0.1.18    281
        10.0.1.18  255.255.255.255         On-link         10.0.1.18    281
       10.0.1.255  255.255.255.255         On-link         10.0.1.18    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.1.18    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.1.18    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:953c:3c1b:7da7:e76b:b581/128
                                    On-link
 10    281 fe80::/64                On-link
 12    306 fe80::/64                On-link
 10    281 fe80::2d38:6f1d:451:3091/128
                                    On-link
 12    306 fe80::3c1b:7da7:e76b:b581/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/17/2013 05:11:24 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43674633
 
Error: (02/17/2013 05:11:24 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43674633
 
Error: (02/17/2013 05:11:24 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/17/2013 05:11:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43673619
 
Error: (02/17/2013 05:11:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43673619
 
Error: (02/17/2013 05:11:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/17/2013 05:11:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43672621
 
Error: (02/17/2013 05:11:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43672621
 
Error: (02/17/2013 05:11:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/17/2013 05:11:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43671622
 
 
System errors:
=============
Error: (02/17/2013 06:43:10 PM) (Source: BugCheck) (User: )
Description: 0x000000d1 (0x0000000000000000, 0x0000000000000002, 0x0000000000000008, 0x0000000000000000)C:\Windows\MEMORY.DMP021713-34211-01
 
Error: (02/17/2013 06:43:07 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:39:34 PM on ?2/?17/?2013 was unexpected.
 
Error: (02/17/2013 01:58:16 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:56:42 AM on ?2/?17/?2013 was unexpected.
 
Error: (02/16/2013 06:01:02 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (02/16/2013 06:00:08 AM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (02/16/2013 05:56:08 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (02/16/2013 04:30:19 AM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (02/16/2013 04:30:19 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (02/15/2013 09:18:24 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (02/15/2013 09:08:47 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (02/17/2013 05:11:24 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43674633
 
Error: (02/17/2013 05:11:24 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43674633
 
Error: (02/17/2013 05:11:24 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/17/2013 05:11:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43673619
 
Error: (02/17/2013 05:11:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43673619
 
Error: (02/17/2013 05:11:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/17/2013 05:11:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43672621
 
Error: (02/17/2013 05:11:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43672621
 
Error: (02/17/2013 05:11:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/17/2013 05:11:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43671622
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-16 06:00:08.158
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-16 06:00:08.099
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.1)
Adobe After Effects 7.0 (Version: 7.0.0.244)
Adobe After Effects 7.0 Functional Content (Version: 7.0.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Audition 2.0 (Version: 2.0)
Adobe Audition 2.0 Loopology Content (Version: 2.0.0)
Adobe Bridge 1.0 (Version: 1.0.1.1)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Common File Installer (Version: 1.00.002)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe CSI CS4 (Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Download Assistant (Version: 1.0.4)
Adobe Dynamiclink Support (Version: 1)
Adobe Encore DVD 2.0 (Version: 2.0)
Adobe Encore DVD FC (Version: 2.0)
Adobe ExtendScript Toolkit 1.0 (Version: 001.000.002)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Flash CS4 (Version: 10.0)
Adobe Flash CS4 Extension - Flash Lite STI en (Version: 3.0)
Adobe Flash CS4 Professional (Version: 10.0)
Adobe Flash CS4 STI-en (Version: 10.0)
Adobe Flash Player 10 ActiveX (Version: 10.0.2.54)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Flash Professional CS6 (Version: 12.0)
Adobe Help Center 2.0 (Version: 2.0.0)
Adobe Help Manager (Version: 4.0.244)
Adobe Illustrator CS2 (Version: 12.000.000)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 1.8)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Photoshop CS2 Functional Content (Version: 2.0.0)
Adobe Premiere Pro 2.0 (Version: 2.000.000)
Adobe Premiere Pro FC (Version: 1.00.0000)
Adobe Production Studio
Adobe Reader X (10.1.1) (Version: 10.1.1)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Stock Photos 1.0 (Version: 1.0.2)
Adobe Story (Version: 1.0.571)
Adobe SVG Viewer 3.0 (Version:  3.0)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe Video Suite Extras (Version: 1.00.0000)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AnimatorDV Simple+
Any Video Converter Professional 3.1.2
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL
ASUS AI Recovery (Version: 1.0.7)
ASUS AP Bank (Version: 1.0.0.0)
ASUS Data Security Manager (Version: 1.00.0013)
ASUS FancyStart (Version: 1.0.5)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.22)
ASUS SmartLogon (Version: 1.0.0007)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ASUS Virtual Camera (Version: 1.0.17)
ASUS_ScreenSaver_GSeries
Atheros Client Installation Program (Version: 7.0)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.7)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0054)
ATK Media (Version: 2.0.0006)
ATKOSD2 (Version: 7.0.0007)
Audacity 1.3.13 (Unicode)
avast! Free Antivirus (Version: 6.0.1367.0)
Best Buy pc app (Version: 3.1.2.0)
Blender (Version: 2.65a-release)
Bonjour (Version: 3.0.0.10)
Bulk Rename Utility 2.7.1.2
CCleaner (Version: 3.02)
Choice Guard (Version: 1.2.87.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Connect (Version: 1.0.0.1)
ControlDeck (Version: 1.0.4)
Creative MediaSource 5 (Version: 5.00)
DAEMON Tools Toolbar (Version: 1.1.2.0185)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Setup (Version: 2.6.1.9)
Dropbox (Version: 1.6.16)
Epson Event Manager (Version: 2.40.0001)
EPSON NX420 Series Printer Uninstall
EPSON Scan
EpsonNet Print (Version: 2.4j)
EpsonNet Setup 3.3 (Version: 3.3b)
Express Gate (Version: 1.2.13.34)
Fallout Tactics
Fallout2
Fast Boot (Version: 1.0.4)
FL Studio 7
Fraps
Google Chrome (Version: 24.0.1312.57)
Google Talk Plugin (Version: 3.13.2.11592)
HTC Driver Installer (Version: 2.0.7.018)
IL Download Manager
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Turbo Boost Technology Driver (Version: 01.00.01.1002)
IrfanView (remove only) (Version: 4.35)
iTunes (Version: 10.7.0.21)
join.me (Version: 1.2.1.374)
Junk Mail filter update (Version: 14.0.8050.1202)
kuler (Version: 2.0)
LAME v3.99.3 (for Windows)
LG United Mobile Driver (Version: 3.6.0.0)
Livestream Procaster (Version: 20.3.0)
Macromedia Extension Manager (Version: 1.7.240)
Macromedia Flash 8 (Version: 8.00.0000)
Macromedia Flash 8 Video Encoder (Version: 1.00.0000)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 1.00.0000)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Monster Debugger (Version: 3.01)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA Drivers (Version: 1.9)
NVIDIA PhysX (Version: 9.09.0428)
Opera 11.52 (Version: 11.52.1100)
PDF Settings CS4 (Version: 9.0)
PDF Settings CS5 (Version: 10.0)
PDF Settings CS6 (Version: 11.0)
Photoshop Camera Raw (Version: 5.0)
Pixel Bender Toolkit (Version: 1.0)
Portal 2
Portal 2 Publishing Tool
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek High Definition Audio Driver (Version: 6.0.1.5983)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.94 (Version: 1.94)
RICOH R5U230 Media Driver ver.2.05.02.02 (Version: 2.05.02.02)
Roxio Burn (Version: 1.2)
Roxio Roxio Burn (Version: 1.0.0)
Roxio Update Manager (Version: 6.0.0)
SheepDog 1.0 (Version: 1.0.0.0)
Skype Toolbars (Version: 5.0.4137)
Skype™ 6.1 (Version: 6.1.129)
Sothink SWF Decompiler (Version: 6.4)
Sound Blaster Audigy HD (Version: 1.0)
Spiral Knights
Spybot - Search & Destroy (Version: 1.6.2)
Steam (Version: 1.0.0.0)
Suite Shared Configuration CS4 (Version: 1.0)
Swiff Player 1.7.2 (Version: 1.7.2)
Swivel
Synaptics Pointing Device Driver (Version: 14.0.1.1)
Team Fortress 2 Beta
TortoiseSVN 1.6.11.20210 (64 bit) (Version: 1.6.20210)
Trillian
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
USB 2.0 1.3M UVC WebCam
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 2.0.2 (Version: 2.0.2)
Wacom Tablet (Version: 6.3.1w3)
WebEx
WebTablet FB Plugin (Version: 2.0.0.6)
WebTablet IE Plugin (Version: 1.1.0.12)
WebTablet Netscape Plugin (Version: 1.1.0.10)
WIDCOMM Bluetooth Software (Version: 6.2.0.9400)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Family Safety (Version: 14.0.8052.1208)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinFlash (Version: 2.29.0)
WinRAR archiver
Wireless Console 3 (Version: 3.0.14)
Yontoo 1.10.02 (Version: 1.10.02)
 
========================= Devices: ================================
 
Name: MpKslab84497d
Description: MpKslab84497d
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKslab84497d
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 62%
Total physical RAM: 3957.19 MB
Available physical RAM: 1473.01 MB
Total Pagefile: 7912.57 MB
Available Pagefile: 4054.34 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.31 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:446.23 GB) (Free:97.15 GB) NTFS
3 Drive g: () (Removable) (Total:7.4 GB) (Free:2.44 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\WHIST
 
Administrator            Guest                    Avid            
 
 
**** End of log ****


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

=================================================================================

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 


tdsskiller



19:25:43.0228 7104  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:25:43.0833 7104  ============================================================
19:25:43.0834 7104  Current date / time: 2013/02/17 19:25:43.0833
19:25:43.0834 7104  SystemInfo:
19:25:43.0834 7104  
19:25:43.0834 7104  OS Version: 6.1.7601 ServicePack: 1.0
19:25:43.0834 7104  Product type: Workstation
19:25:43.0834 7104  ComputerName: WHIST
19:25:43.0834 7104  UserName: Avid
19:25:43.0834 7104  Windows directory: C:\Windows
19:25:43.0834 7104  System windows directory: C:\Windows
19:25:43.0834 7104  Running under WOW64
19:25:43.0834 7104  Processor architecture: Intel x64
19:25:43.0834 7104  Number of processors: 4
19:25:43.0834 7104  Page size: 0x1000
19:25:43.0834 7104  Boot type: Normal boot
19:25:43.0834 7104  ============================================================
19:25:44.0875 7104  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:25:44.0900 7104  Drive \Device\Harddisk1\DR1 - Size: 0x1DA600000 (7.41 Gb), SectorSize: 0x200, Cylinders: 0x3C7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:25:44.0904 7104  ============================================================
19:25:44.0904 7104  \Device\Harddisk0\DR0:
19:25:44.0904 7104  MBR partitions:
19:25:44.0904 7104  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711800, BlocksNum 0x37C74000
19:25:44.0904 7104  \Device\Harddisk1\DR1:
19:25:44.0905 7104  MBR partitions:
19:25:44.0905 7104  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xED1000
19:25:44.0905 7104  ============================================================
19:25:44.0965 7104  C: <-> \Device\Harddisk0\DR0\Partition1
19:25:44.0965 7104  ============================================================
19:25:44.0965 7104  Initialize success
19:25:44.0965 7104  ============================================================
19:25:47.0952 0892  ============================================================
19:25:47.0952 0892  Scan started
19:25:47.0952 0892  Mode: Manual; 
19:25:47.0952 0892  ============================================================
19:25:48.0321 0892  ================ Scan system memory ========================
19:25:48.0321 0892  System memory - ok
19:25:48.0321 0892  ================ Scan services =============================
19:25:49.0100 0892  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:25:49.0105 0892  1394ohci - ok
19:25:49.0168 0892  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:25:49.0173 0892  ACPI - ok
19:25:49.0246 0892  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:25:49.0249 0892  AcpiPmi - ok
19:25:49.0380 0892  [ 303C174A7303A7702A68653152FC65A0 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:25:49.0383 0892  Adobe LM Service - ok
19:25:49.0568 0892  [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:25:49.0572 0892  AdobeARMservice - ok
19:25:49.0619 0892  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:25:49.0627 0892  adp94xx - ok
19:25:49.0646 0892  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:25:49.0654 0892  adpahci - ok
19:25:49.0684 0892  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:25:49.0689 0892  adpu320 - ok
19:25:49.0748 0892  [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService     C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
19:25:49.0758 0892  ADSMService - ok
19:25:49.0777 0892  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:25:49.0792 0892  AeLookupSvc - ok
19:25:49.0818 0892  [ FB2BE0BAE9B3F248080CDBF91EF16C7F ] AFBAgent        C:\Windows\system32\FBAgent.exe
19:25:49.0932 0892  AFBAgent - ok
19:25:50.0029 0892  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:25:50.0037 0892  AFD - ok
19:25:50.0096 0892  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:25:50.0099 0892  agp440 - ok
19:25:50.0123 0892  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:25:50.0126 0892  ALG - ok
19:25:50.0149 0892  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:25:50.0153 0892  aliide - ok
19:25:50.0220 0892  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:25:50.0222 0892  amdide - ok
19:25:50.0248 0892  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:25:50.0251 0892  AmdK8 - ok
19:25:50.0264 0892  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:25:50.0268 0892  AmdPPM - ok
19:25:50.0316 0892  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:25:50.0320 0892  amdsata - ok
19:25:50.0345 0892  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:25:50.0350 0892  amdsbs - ok
19:25:50.0366 0892  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:25:50.0369 0892  amdxata - ok
19:25:50.0427 0892  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:25:50.0431 0892  AppID - ok
19:25:50.0451 0892  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:25:50.0454 0892  AppIDSvc - ok
19:25:50.0500 0892  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
19:25:50.0504 0892  Appinfo - ok
19:25:50.0617 0892  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:25:50.0684 0892  Apple Mobile Device - ok
19:25:50.0743 0892  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:25:50.0746 0892  arc - ok
19:25:50.0765 0892  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:25:50.0768 0892  arcsas - ok
19:25:50.0778 0892  [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm           C:\Windows\system32\drivers\AsDsm.sys
19:25:50.0782 0892  AsDsm - ok
19:25:50.0832 0892  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
19:25:50.0836 0892  ASLDRService - ok
19:25:50.0917 0892  [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64        C:\Program Files\ATKGFNEX\ASMMAP64.sys
19:25:50.0919 0892  ASMMAP64 - ok
19:25:50.0974 0892  [ CE6D8BCC4787704EA4FEEB92B0D0CAF8 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
19:25:50.0977 0892  aswFsBlk - ok
19:25:51.0036 0892  [ 0DEBEB2E3FBD0BF5343125CCE617F105 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:25:51.0039 0892  aswMonFlt - ok
19:25:51.0054 0892  [ 952EDC2E81F85D1781958D4128BF59F8 ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
19:25:51.0057 0892  aswRdr - ok
19:25:51.0140 0892  [ DD383E2AC941C545A85AB72503DA6C12 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:25:51.0157 0892  aswSnx - ok
19:25:51.0174 0892  [ EF5403FB8B2DCB791EC365FDF6040A4A ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:25:51.0181 0892  aswSP - ok
19:25:51.0197 0892  [ 34165DA5C6B30C0F9D61246BF8A28040 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
19:25:51.0200 0892  aswTdi - ok
19:25:51.0226 0892  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:25:51.0228 0892  AsyncMac - ok
19:25:51.0282 0892  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:25:51.0285 0892  atapi - ok
19:25:51.0326 0892  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
19:25:51.0360 0892  athr - ok
19:25:51.0375 0892  [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv     C:\Program Files\ATKGFNEX\GFNEXSrv.exe
19:25:51.0379 0892  ATKGFNEXSrv - ok
19:25:51.0444 0892  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:25:51.0461 0892  AudioEndpointBuilder - ok
19:25:51.0485 0892  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:25:51.0489 0892  AudioSrv - ok
19:25:51.0604 0892  [ 996E6D052438E8D8DFD501F31560B2E0 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
19:25:51.0608 0892  avast! Antivirus - ok
19:25:51.0701 0892  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:25:51.0705 0892  AxInstSV - ok
19:25:51.0749 0892  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:25:51.0757 0892  b06bdrv - ok
19:25:51.0801 0892  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:25:51.0807 0892  b57nd60a - ok
19:25:51.0838 0892  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:25:51.0842 0892  BDESVC - ok
19:25:51.0847 0892  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:25:51.0849 0892  Beep - ok
19:25:51.0928 0892  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:25:51.0947 0892  BFE - ok
19:25:52.0012 0892  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
19:25:52.0144 0892  BITS - ok
19:25:52.0163 0892  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:25:52.0166 0892  blbdrive - ok
19:25:52.0252 0892  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:25:52.0259 0892  Bonjour Service - ok
19:25:52.0310 0892  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:25:52.0313 0892  bowser - ok
19:25:52.0324 0892  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:25:52.0327 0892  BrFiltLo - ok
19:25:52.0335 0892  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:25:52.0338 0892  BrFiltUp - ok
19:25:52.0372 0892  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
19:25:52.0376 0892  BridgeMP - ok
19:25:52.0425 0892  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
19:25:52.0430 0892  Browser - ok
19:25:52.0447 0892  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:25:52.0454 0892  Brserid - ok
19:25:52.0469 0892  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:25:52.0473 0892  BrSerWdm - ok
19:25:52.0484 0892  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:25:52.0487 0892  BrUsbMdm - ok
19:25:52.0495 0892  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:25:52.0498 0892  BrUsbSer - ok
19:25:52.0552 0892  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
19:25:52.0555 0892  BthEnum - ok
19:25:52.0567 0892  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:25:52.0570 0892  BTHMODEM - ok
19:25:52.0624 0892  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:25:52.0627 0892  BthPan - ok
19:25:52.0658 0892  [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
19:25:52.0669 0892  BTHPORT - ok
19:25:52.0701 0892  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:25:52.0705 0892  bthserv - ok
19:25:52.0736 0892  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:25:52.0761 0892  BTHUSB - ok
19:25:52.0804 0892  [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
19:25:52.0807 0892  btusbflt - ok
19:25:52.0872 0892  [ BA1498A4C7E7372654433648A61434A7 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
19:25:52.0876 0892  btwaudio - ok
19:25:52.0946 0892  [ BA66CEB74D49E00820C2C8D34C9CAA83 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
19:25:52.0951 0892  btwavdt - ok
19:25:53.0062 0892  [ 541590DC8948E19F7F9F7C8E2E067D99 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:25:53.0095 0892  btwdins - ok
19:25:53.0113 0892  [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
19:25:53.0117 0892  btwl2cap - ok
19:25:53.0139 0892  [ 138771EA158E3D7A14B0E0E357C8CA93 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
19:25:53.0142 0892  btwrchid - ok
19:25:53.0187 0892  catchme - ok
19:25:53.0215 0892  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:25:53.0218 0892  cdfs - ok
19:25:53.0279 0892  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
19:25:53.0284 0892  cdrom - ok
19:25:53.0348 0892  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:25:53.0352 0892  CertPropSvc - ok
19:25:53.0376 0892  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:25:53.0378 0892  circlass - ok
19:25:53.0408 0892  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:25:53.0415 0892  CLFS - ok
19:25:53.0556 0892  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:25:53.0572 0892  clr_optimization_v2.0.50727_32 - ok
19:25:53.0609 0892  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:25:53.0623 0892  clr_optimization_v2.0.50727_64 - ok
19:25:53.0690 0892  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:25:53.0728 0892  clr_optimization_v4.0.30319_32 - ok
19:25:53.0773 0892  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:25:53.0813 0892  clr_optimization_v4.0.30319_64 - ok
19:25:53.0837 0892  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:25:53.0840 0892  CmBatt - ok
19:25:53.0882 0892  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:25:53.0885 0892  cmdide - ok
19:25:53.0946 0892  [ C4943B6C962E4B82197542447AD599F4 ] CNG             C:\Windows\system32\Drivers\cng.sys
19:25:53.0955 0892  CNG - ok
19:25:53.0979 0892  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:25:53.0982 0892  Compbatt - ok
19:25:54.0037 0892  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:25:54.0040 0892  CompositeBus - ok
19:25:54.0050 0892  COMSysApp - ok
19:25:54.0066 0892  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:25:54.0069 0892  crcdisk - ok
19:25:54.0109 0892  [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
19:25:54.0113 0892  Creative ALchemy AL6 Licensing Service - ok
19:25:54.0121 0892  [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
19:25:54.0125 0892  Creative Audio Engine Licensing Service - ok
19:25:54.0180 0892  [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:25:54.0185 0892  CryptSvc - ok
19:25:54.0238 0892  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:25:54.0272 0892  DcomLaunch - ok
19:25:54.0304 0892  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:25:54.0311 0892  defragsvc - ok
19:25:54.0353 0892  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:25:54.0357 0892  DfsC - ok
19:25:54.0411 0892  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:25:54.0419 0892  Dhcp - ok
19:25:54.0431 0892  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:25:54.0434 0892  discache - ok
19:25:54.0467 0892  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:25:54.0472 0892  Disk - ok
19:25:54.0532 0892  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:25:54.0538 0892  Dnscache - ok
19:25:54.0591 0892  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:25:54.0598 0892  dot3svc - ok
19:25:54.0649 0892  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:25:54.0655 0892  DPS - ok
19:25:54.0675 0892  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:25:54.0678 0892  drmkaud - ok
19:25:54.0709 0892  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:25:54.0734 0892  DXGKrnl - ok
19:25:54.0765 0892  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:25:54.0770 0892  EapHost - ok
19:25:54.0850 0892  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:25:54.0924 0892  ebdrv - ok
19:25:54.0975 0892  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:25:54.0981 0892  EFS - ok
19:25:55.0049 0892  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:25:55.0091 0892  ehRecvr - ok
19:25:55.0122 0892  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:25:55.0126 0892  ehSched - ok
19:25:55.0169 0892  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:25:55.0178 0892  elxstor - ok
19:25:55.0293 0892  [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
19:25:55.0296 0892  EpsonBidirectionalService - ok
19:25:55.0335 0892  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:25:55.0338 0892  ErrDev - ok
19:25:55.0379 0892  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:25:55.0387 0892  EventSystem - ok
19:25:55.0415 0892  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:25:55.0421 0892  exfat - ok
19:25:55.0438 0892  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:25:55.0443 0892  fastfat - ok
19:25:55.0502 0892  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:25:55.0523 0892  Fax - ok
19:25:55.0538 0892  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:25:55.0541 0892  fdc - ok
19:25:55.0564 0892  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:25:55.0568 0892  fdPHost - ok
19:25:55.0578 0892  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:25:55.0582 0892  FDResPub - ok
19:25:55.0593 0892  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:25:55.0597 0892  FileInfo - ok
19:25:55.0606 0892  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:25:55.0609 0892  Filetrace - ok
19:25:55.0712 0892  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:25:55.0729 0892  FLEXnet Licensing Service - ok
19:25:55.0744 0892  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:25:55.0747 0892  flpydisk - ok
19:25:55.0764 0892  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:25:55.0769 0892  FltMgr - ok
19:25:55.0837 0892  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
19:25:55.0863 0892  FontCache - ok
19:25:55.0926 0892  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:25:55.0930 0892  FontCache3.0.0.0 - ok
19:25:55.0950 0892  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:25:55.0953 0892  FsDepends - ok
19:25:55.0990 0892  [ 5814011B2F6E088E29D689B5FCD49B8F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
19:25:55.0993 0892  fssfltr - ok
19:25:56.0071 0892  [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:25:56.0087 0892  fsssvc - ok
19:25:56.0137 0892  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:25:56.0141 0892  Fs_Rec - ok
19:25:56.0195 0892  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:25:56.0200 0892  fvevol - ok
19:25:56.0221 0892  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:25:56.0224 0892  gagp30kx - ok
19:25:56.0267 0892  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:25:56.0271 0892  GEARAspiWDM - ok
19:25:56.0293 0892  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:25:56.0318 0892  gpsvc - ok
19:25:56.0331 0892  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:25:56.0334 0892  hcw85cir - ok
19:25:56.0389 0892  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:25:56.0395 0892  HdAudAddService - ok
19:25:56.0453 0892  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:25:56.0456 0892  HDAudBus - ok
19:25:56.0484 0892  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
19:25:56.0486 0892  HECIx64 - ok
19:25:56.0499 0892  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:25:56.0504 0892  HidBatt - ok
19:25:56.0515 0892  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:25:56.0519 0892  HidBth - ok
19:25:56.0529 0892  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:25:56.0533 0892  HidIr - ok
19:25:56.0596 0892  [ 3CC53BC405F609F61D4A879F3E7EBC4A ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
19:25:56.0600 0892  hidkmdf - ok
19:25:56.0619 0892  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
19:25:56.0623 0892  hidserv - ok
19:25:56.0668 0892  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:25:56.0731 0892  HidUsb - ok
19:25:56.0799 0892  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:25:56.0804 0892  hkmsvc - ok
19:25:56.0860 0892  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:25:56.0867 0892  HomeGroupListener - ok
19:25:56.0922 0892  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:25:56.0930 0892  HomeGroupProvider - ok
19:25:56.0992 0892  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:25:56.0996 0892  HpSAMD - ok
19:25:57.0054 0892  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:25:57.0057 0892  HTCAND64 - ok
19:25:57.0115 0892  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:25:57.0132 0892  HTTP - ok
19:25:57.0181 0892  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:25:57.0182 0892  hwpolicy - ok
19:25:57.0233 0892  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:25:57.0238 0892  i8042prt - ok
19:25:57.0269 0892  [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:25:57.0272 0892  iaStor - ok
19:25:57.0330 0892  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:25:57.0338 0892  iaStorV - ok
19:25:57.0461 0892  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:25:57.0465 0892  IDriverT - ok
19:25:57.0496 0892  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:25:57.0521 0892  idsvc - ok
19:25:57.0535 0892  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:25:57.0538 0892  iirsp - ok
19:25:57.0595 0892  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:25:57.0620 0892  IKEEXT - ok
19:25:57.0644 0892  [ 36FDF367A1DABFF903E2214023D71368 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
19:25:57.0649 0892  Impcd - ok
19:25:57.0713 0892  [ 52D9171838BB92319F23656F502916E9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:25:57.0755 0892  IntcAzAudAddService - ok
19:25:57.0802 0892  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:25:57.0804 0892  intelide - ok
19:25:57.0822 0892  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:25:57.0825 0892  intelppm - ok
19:25:57.0850 0892  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:25:57.0856 0892  IPBusEnum - ok
19:25:57.0898 0892  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:25:57.0902 0892  IpFilterDriver - ok
19:25:57.0951 0892  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:25:57.0962 0892  iphlpsvc - ok
19:25:58.0001 0892  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:25:58.0005 0892  IPMIDRV - ok
19:25:58.0024 0892  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:25:58.0028 0892  IPNAT - ok
19:25:58.0122 0892  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:25:58.0147 0892  iPod Service - ok
19:25:58.0162 0892  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:25:58.0165 0892  IRENUM - ok
19:25:58.0182 0892  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:25:58.0185 0892  isapnp - ok
19:25:58.0236 0892  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:25:58.0242 0892  iScsiPrt - ok
19:25:58.0303 0892  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:25:58.0306 0892  kbdclass - ok
19:25:58.0334 0892  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:25:58.0337 0892  kbdhid - ok
19:25:58.0363 0892  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
19:25:58.0367 0892  kbfiltr - ok
19:25:58.0375 0892  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:25:58.0378 0892  KeyIso - ok
19:25:58.0431 0892  [ DA1E991A61CFDD755A589E206B97644B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:25:58.0437 0892  KSecDD - ok
19:25:58.0461 0892  [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:25:58.0466 0892  KSecPkg - ok
19:25:58.0481 0892  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:25:58.0484 0892  ksthunk - ok
19:25:58.0514 0892  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:25:58.0538 0892  KtmRm - ok
19:25:58.0582 0892  [ 01C711667ABEDF8148998F3AC91991DB ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
19:25:58.0586 0892  L1C - ok
19:25:58.0711 0892  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
19:25:58.0744 0892  LanmanServer - ok
19:25:58.0794 0892  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:25:58.0813 0892  LanmanWorkstation - ok
19:25:58.0840 0892  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:25:58.0844 0892  lltdio - ok
19:25:58.0862 0892  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:25:58.0870 0892  lltdsvc - ok
19:25:58.0880 0892  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:25:58.0885 0892  lmhosts - ok
19:25:58.0953 0892  [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:25:58.0958 0892  LMS - ok
19:25:58.0992 0892  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:25:58.0996 0892  LSI_FC - ok
19:25:59.0008 0892  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:25:59.0012 0892  LSI_SAS - ok
19:25:59.0029 0892  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:25:59.0032 0892  LSI_SAS2 - ok
19:25:59.0044 0892  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:25:59.0048 0892  LSI_SCSI - ok
19:25:59.0058 0892  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:25:59.0062 0892  luafv - ok
19:25:59.0147 0892  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:25:59.0150 0892  MBAMProtector - ok
19:25:59.0273 0892  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:25:59.0294 0892  MBAMScheduler - ok
19:25:59.0370 0892  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:25:59.0374 0892  MBAMService - ok
19:25:59.0416 0892  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:25:59.0422 0892  Mcx2Svc - ok
19:25:59.0437 0892  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:25:59.0441 0892  megasas - ok
19:25:59.0467 0892  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:25:59.0474 0892  MegaSR - ok
19:25:59.0582 0892  Microsoft SharePoint Workspace Audit Service - ok
19:25:59.0618 0892  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:25:59.0624 0892  MMCSS - ok
19:25:59.0638 0892  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:25:59.0641 0892  Modem - ok
19:25:59.0659 0892  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:25:59.0660 0892  monitor - ok
19:25:59.0711 0892  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:25:59.0715 0892  mouclass - ok
19:25:59.0727 0892  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:25:59.0731 0892  mouhid - ok
19:25:59.0787 0892  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:25:59.0790 0892  mountmgr - ok
19:25:59.0877 0892  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:25:59.0880 0892  MozillaMaintenance - ok
19:25:59.0967 0892  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:25:59.0973 0892  MpFilter - ok
19:26:00.0019 0892  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:26:00.0024 0892  mpio - ok
19:26:00.0156 0892  MpKslab84497d - ok
19:26:00.0168 0892  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:26:00.0171 0892  mpsdrv - ok
19:26:00.0224 0892  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:26:00.0249 0892  MpsSvc - ok
19:26:00.0296 0892  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:26:00.0301 0892  MRxDAV - ok
19:26:00.0354 0892  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:26:00.0359 0892  mrxsmb - ok
19:26:00.0375 0892  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:26:00.0382 0892  mrxsmb10 - ok
19:26:00.0391 0892  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:26:00.0394 0892  mrxsmb20 - ok
19:26:00.0446 0892  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:26:00.0449 0892  msahci - ok
19:26:00.0503 0892  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:26:00.0526 0892  msdsm - ok
19:26:00.0607 0892  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:26:00.0632 0892  MSDTC - ok
19:26:00.0655 0892  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:26:00.0658 0892  Msfs - ok
19:26:00.0680 0892  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:26:00.0683 0892  mshidkmdf - ok
19:26:00.0709 0892  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:26:00.0712 0892  msisadrv - ok
19:26:00.0749 0892  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:26:00.0756 0892  MSiSCSI - ok
19:26:00.0760 0892  msiserver - ok
19:26:00.0782 0892  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:26:00.0785 0892  MSKSSRV - ok
19:26:00.0895 0892  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:26:00.0897 0892  MsMpSvc - ok
19:26:00.0910 0892  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:26:00.0913 0892  MSPCLOCK - ok
19:26:00.0921 0892  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:26:00.0924 0892  MSPQM - ok
19:26:00.0975 0892  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:26:00.0983 0892  MsRPC - ok
19:26:01.0032 0892  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:26:01.0033 0892  mssmbios - ok
19:26:01.0046 0892  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:26:01.0050 0892  MSTEE - ok
19:26:01.0061 0892  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:26:01.0065 0892  MTConfig - ok
19:26:01.0089 0892  [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
19:26:01.0093 0892  MTsensor - ok
19:26:01.0103 0892  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:26:01.0107 0892  Mup - ok
19:26:01.0127 0892  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:26:01.0144 0892  napagent - ok
19:26:01.0179 0892  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:26:01.0187 0892  NativeWifiP - ok
19:26:01.0214 0892  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:26:01.0240 0892  NDIS - ok
19:26:01.0257 0892  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:26:01.0260 0892  NdisCap - ok
19:26:01.0283 0892  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:26:01.0286 0892  NdisTapi - ok
19:26:01.0336 0892  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:26:01.0339 0892  Ndisuio - ok
19:26:01.0387 0892  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:01.0392 0892  NdisWan - ok
19:26:01.0444 0892  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:26:01.0447 0892  NDProxy - ok
19:26:01.0455 0892  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:26:01.0458 0892  NetBIOS - ok
19:26:01.0479 0892  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:26:01.0485 0892  NetBT - ok
19:26:01.0504 0892  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:26:01.0507 0892  Netlogon - ok
19:26:01.0530 0892  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:26:01.0539 0892  Netman - ok
19:26:01.0557 0892  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:26:01.0574 0892  netprofm - ok
19:26:01.0602 0892  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:26:01.0605 0892  NetTcpPortSharing - ok
19:26:01.0625 0892  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:26:01.0629 0892  nfrd960 - ok
19:26:01.0706 0892  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:26:01.0710 0892  NisDrv - ok
19:26:01.0773 0892  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
19:26:01.0780 0892  NisSrv - ok
19:26:01.0840 0892  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:26:01.0849 0892  NlaSvc - ok
19:26:01.0863 0892  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:26:01.0868 0892  Npfs - ok
19:26:01.0883 0892  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:26:01.0889 0892  nsi - ok
19:26:01.0899 0892  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:26:01.0902 0892  nsiproxy - ok
19:26:01.0973 0892  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:26:02.0007 0892  Ntfs - ok
19:26:02.0018 0892  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:26:02.0021 0892  Null - ok
19:26:02.0047 0892  [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
19:26:02.0051 0892  NVHDA - ok
19:26:02.0243 0892  [ FD39B98FF1BB8ED3848781497E9D02E0 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:26:02.0430 0892  nvlddmkm - ok
19:26:02.0491 0892  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:26:02.0496 0892  nvraid - ok
19:26:02.0538 0892  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:26:02.0541 0892  nvstor - ok
19:26:02.0596 0892  [ C1668D58547DD0C4A0FBD6AFA20D5890 ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:26:02.0612 0892  nvsvc - ok
19:26:02.0663 0892  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:26:02.0667 0892  nv_agp - ok
19:26:02.0719 0892  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:26:02.0723 0892  ohci1394 - ok
19:26:02.0786 0892  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:26:02.0790 0892  ose - ok
19:26:02.0949 0892  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:26:03.0033 0892  osppsvc - ok
19:26:03.0069 0892  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:26:03.0078 0892  p2pimsvc - ok
19:26:03.0095 0892  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:26:03.0112 0892  p2psvc - ok
19:26:03.0132 0892  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:26:03.0136 0892  Parport - ok
19:26:03.0187 0892  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:26:03.0190 0892  partmgr - ok
19:26:03.0210 0892  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:26:03.0218 0892  PcaSvc - ok
19:26:03.0267 0892  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:26:03.0272 0892  pci - ok
19:26:03.0294 0892  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:26:03.0296 0892  pciide - ok
19:26:03.0332 0892  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:26:03.0337 0892  pcmcia - ok
19:26:03.0351 0892  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:26:03.0354 0892  pcw - ok
19:26:03.0376 0892  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:26:03.0386 0892  PEAUTH - ok
19:26:03.0478 0892  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:26:03.0485 0892  PerfHost - ok
19:26:03.0523 0892  pfc - ok
19:26:03.0597 0892  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:26:03.0631 0892  pla - ok
19:26:03.0702 0892  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:26:03.0718 0892  PlugPlay - ok
19:26:03.0772 0892  [ 8AC5649C9070674D4607301C180AB10B ] pneteth         C:\Windows\system32\DRIVERS\pneteth.sys
19:26:03.0784 0892  pneteth - ok
19:26:03.0809 0892  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:26:03.0816 0892  PNRPAutoReg - ok
19:26:03.0837 0892  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:26:03.0842 0892  PNRPsvc - ok
19:26:03.0864 0892  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:26:03.0881 0892  PolicyAgent - ok
19:26:03.0910 0892  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:26:03.0919 0892  Power - ok
19:26:03.0971 0892  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:26:03.0975 0892  PptpMiniport - ok
19:26:04.0003 0892  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:26:04.0006 0892  Processor - ok
19:26:04.0024 0892  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
19:26:04.0033 0892  ProfSvc - ok
19:26:04.0044 0892  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:26:04.0047 0892  ProtectedStorage - ok
19:26:04.0109 0892  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:26:04.0113 0892  Psched - ok
19:26:04.0150 0892  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
19:26:04.0154 0892  PxHlpa64 - ok
19:26:04.0196 0892  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:26:04.0230 0892  ql2300 - ok
19:26:04.0241 0892  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:26:04.0245 0892  ql40xx - ok
19:26:04.0270 0892  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:26:04.0279 0892  QWAVE - ok
19:26:04.0294 0892  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:26:04.0297 0892  QWAVEdrv - ok
19:26:04.0308 0892  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:26:04.0311 0892  RasAcd - ok
19:26:04.0343 0892  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:26:04.0346 0892  RasAgileVpn - ok
19:26:04.0360 0892  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:26:04.0368 0892  RasAuto - ok
19:26:04.0412 0892  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:26:04.0416 0892  Rasl2tp - ok
19:26:04.0480 0892  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:26:04.0489 0892  RasMan - ok
19:26:04.0505 0892  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:26:04.0511 0892  RasPppoe - ok
19:26:04.0528 0892  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:26:04.0531 0892  RasSstp - ok
19:26:04.0582 0892  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:26:04.0588 0892  rdbss - ok
19:26:04.0607 0892  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:26:04.0610 0892  rdpbus - ok
19:26:04.0621 0892  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:26:04.0622 0892  RDPCDD - ok
19:26:04.0651 0892  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:26:04.0652 0892  RDPENCDD - ok
19:26:04.0663 0892  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:26:04.0664 0892  RDPREFMP - ok
19:26:04.0713 0892  [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:26:04.0718 0892  RDPWD - ok
19:26:04.0764 0892  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:26:04.0770 0892  rdyboost - ok
19:26:04.0799 0892  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:26:04.0805 0892  RemoteAccess - ok
19:26:04.0819 0892  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:26:04.0828 0892  RemoteRegistry - ok
19:26:04.0892 0892  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:26:04.0897 0892  RFCOMM - ok
19:26:04.0909 0892  [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci         C:\Windows\system32\DRIVERS\rimspe64.sys
19:26:04.0912 0892  rimspci - ok
19:26:04.0925 0892  [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie        C:\Windows\system32\DRIVERS\rixdpe64.sys
19:26:04.0930 0892  rixdpcie - ok
19:26:04.0942 0892  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:26:04.0949 0892  RpcEptMapper - ok
19:26:04.0959 0892  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:26:04.0964 0892  RpcLocator - ok
19:26:05.0015 0892  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:26:05.0021 0892  RpcSs - ok
19:26:05.0037 0892  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:26:05.0040 0892  rspndr - ok
19:26:05.0051 0892  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:26:05.0054 0892  SamSs - ok
19:26:05.0094 0892  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:26:05.0098 0892  sbp2port - ok
19:26:05.0229 0892  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:26:05.0263 0892  SBSDWSCService - ok
19:26:05.0282 0892  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:26:05.0291 0892  SCardSvr - ok
19:26:05.0340 0892  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:26:05.0343 0892  scfilter - ok
19:26:05.0416 0892  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:26:05.0455 0892  Schedule - ok
19:26:05.0511 0892  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:26:05.0513 0892  SCPolicySvc - ok
19:26:05.0564 0892  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
19:26:05.0568 0892  sdbus - ok
19:26:05.0591 0892  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:26:05.0600 0892  SDRSVC - ok
19:26:05.0638 0892  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:26:05.0641 0892  secdrv - ok
19:26:05.0658 0892  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:26:05.0665 0892  seclogon - ok
19:26:05.0674 0892  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
19:26:05.0681 0892  SENS - ok
19:26:05.0693 0892  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:26:05.0700 0892  SensrSvc - ok
19:26:05.0710 0892  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:26:05.0712 0892  Serenum - ok
19:26:05.0737 0892  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:26:05.0741 0892  Serial - ok
19:26:05.0755 0892  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:26:05.0758 0892  sermouse - ok
19:26:05.0810 0892  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:26:05.0820 0892  SessionEnv - ok
19:26:05.0871 0892  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:26:05.0874 0892  sffdisk - ok
19:26:05.0896 0892  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:26:05.0899 0892  sffp_mmc - ok
19:26:05.0912 0892  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:26:05.0915 0892  sffp_sd - ok
19:26:05.0926 0892  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:26:05.0930 0892  sfloppy - ok
19:26:05.0964 0892  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:26:05.0972 0892  SharedAccess - ok
19:26:05.0993 0892  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:26:06.0009 0892  ShellHWDetection - ok
19:26:06.0022 0892  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
19:26:06.0025 0892  SiSGbeLH - ok
19:26:06.0052 0892  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:26:06.0055 0892  SiSRaid2 - ok
19:26:06.0069 0892  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:26:06.0073 0892  SiSRaid4 - ok
19:26:06.0166 0892  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:26:06.0169 0892  SkypeUpdate - ok
19:26:06.0184 0892  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:26:06.0188 0892  Smb - ok
19:26:06.0233 0892  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:26:06.0240 0892  SNMPTRAP - ok
19:26:06.0290 0892  [ 7AEC460DBDD193680F0E77724E40E7B6 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
19:26:06.0324 0892  SNP2UVC - ok
19:26:06.0354 0892  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:26:06.0357 0892  spldr - ok
19:26:06.0418 0892  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
19:26:06.0439 0892  Spooler - ok
19:26:06.0564 0892  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:26:06.0631 0892  sppsvc - ok
19:26:06.0658 0892  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:26:06.0665 0892  sppuinotify - ok
19:26:06.0722 0892  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:26:06.0731 0892  srv - ok
19:26:06.0752 0892  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:26:06.0759 0892  srv2 - ok
19:26:06.0815 0892  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:26:06.0820 0892  srvnet - ok
19:26:06.0834 0892  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:26:06.0843 0892  SSDPSRV - ok
19:26:06.0851 0892  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:26:06.0859 0892  SstpSvc - ok
19:26:06.0906 0892  Steam Client Service - ok
19:26:06.0937 0892  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:26:06.0940 0892  stexstor - ok
19:26:07.0002 0892  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:26:07.0027 0892  stisvc - ok
19:26:07.0075 0892  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:26:07.0078 0892  swenum - ok
19:26:07.0174 0892  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:26:07.0191 0892  SwitchBoard - ok
19:26:07.0210 0892  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:26:07.0233 0892  swprv - ok
19:26:07.0244 0892  [ 0FAA1933FBCF916C301FF94ACC623031 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:26:07.0251 0892  SynTP - ok
19:26:07.0326 0892  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:26:07.0368 0892  SysMain - ok
19:26:07.0412 0892  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:26:07.0422 0892  TabletInputService - ok
19:26:07.0649 0892  [ 17A341D41F30FEA2EFF7223148899FEC ] TabletServiceWacom C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
19:26:07.0835 0892  TabletServiceWacom - ok
19:26:07.0906 0892  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:26:07.0922 0892  TapiSrv - ok
19:26:07.0948 0892  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:26:07.0956 0892  TBS - ok
19:26:08.0046 0892  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:26:08.0097 0892  Tcpip - ok
19:26:08.0137 0892  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:26:08.0148 0892  TCPIP6 - ok
19:26:08.0208 0892  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:26:08.0211 0892  tcpipreg - ok
19:26:08.0244 0892  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:26:08.0247 0892  TDPIPE - ok
19:26:08.0293 0892  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:26:08.0296 0892  TDTCP - ok
19:26:08.0340 0892  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:26:08.0343 0892  tdx - ok
19:26:08.0402 0892  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:26:08.0406 0892  TermDD - ok
19:26:08.0457 0892  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:26:08.0482 0892  TermService - ok
19:26:08.0501 0892  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:26:08.0511 0892  Themes - ok
19:26:08.0530 0892  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:26:08.0533 0892  THREADORDER - ok
19:26:08.0631 0892  [ A15A789141C74AAD7971FBCB4847A593 ] TouchServiceWacom C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
19:26:08.0640 0892  TouchServiceWacom - ok
19:26:08.0654 0892  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:26:08.0662 0892  TrkWks - ok
19:26:08.0733 0892  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:26:08.0782 0892  TrustedInstaller - ok
19:26:08.0826 0892  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:26:08.0830 0892  tssecsrv - ok
19:26:08.0883 0892  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:26:08.0886 0892  TsUsbFlt - ok
19:26:08.0941 0892  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:26:08.0944 0892  tunnel - ok
19:26:08.0967 0892  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:26:08.0970 0892  uagp35 - ok
19:26:08.0988 0892  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:26:08.0995 0892  udfs - ok
19:26:09.0014 0892  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:26:09.0022 0892  UI0Detect - ok
19:26:09.0068 0892  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:26:09.0071 0892  uliagpkx - ok
19:26:09.0124 0892  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
19:26:09.0128 0892  umbus - ok
19:26:09.0144 0892  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:26:09.0147 0892  UmPass - ok
19:26:09.0212 0892  [ 41118D920B2B268C0ADC36421248CDCF ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:26:09.0224 0892  UNS - ok
19:26:09.0262 0892  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:26:09.0279 0892  upnphost - ok
19:26:09.0330 0892  [ C85B8247FADD432FA54FE11667C8D97D ] usbbus          C:\Windows\system32\DRIVERS\lgx64bus.sys
19:26:09.0333 0892  usbbus - ok
19:26:09.0376 0892  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:26:09.0379 0892  usbccgp - ok
19:26:09.0433 0892  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:26:09.0438 0892  usbcir - ok
19:26:09.0503 0892  [ D8CDC12F5429878F23DDB3785A0FDF95 ] UsbDiag         C:\Windows\system32\DRIVERS\lgx64diag.sys
19:26:09.0506 0892  UsbDiag - ok
19:26:09.0548 0892  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:26:09.0551 0892  usbehci - ok
19:26:09.0579 0892  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:26:09.0586 0892  usbhub - ok
19:26:09.0634 0892  [ 79FA7A22B0F6F0082F640CBC82A00FCE ] USBModem        C:\Windows\system32\DRIVERS\lgx64modem.sys
19:26:09.0636 0892  USBModem - ok
19:26:09.0681 0892  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:26:09.0684 0892  usbohci - ok
19:26:09.0726 0892  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:26:09.0729 0892  usbprint - ok
19:26:09.0787 0892  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:26:09.0790 0892  usbscan - ok
19:26:09.0838 0892  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:26:09.0840 0892  USBSTOR - ok
19:26:09.0851 0892  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:26:09.0854 0892  usbuhci - ok
19:26:09.0878 0892  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:26:09.0883 0892  usbvideo - ok
19:26:09.0931 0892  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
19:26:09.0935 0892  usb_rndisx - ok
19:26:09.0971 0892  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:26:09.0978 0892  UxSms - ok
19:26:09.0993 0892  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:26:09.0996 0892  VaultSvc - ok
19:26:10.0021 0892  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:26:10.0023 0892  vdrvroot - ok
19:26:10.0075 0892  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:26:10.0100 0892  vds - ok
19:26:10.0127 0892  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:26:10.0130 0892  vga - ok
19:26:10.0140 0892  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:26:10.0143 0892  VgaSave - ok
19:26:10.0186 0892  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:26:10.0191 0892  vhdmp - ok
19:26:10.0235 0892  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:26:10.0238 0892  viaide - ok
19:26:10.0248 0892  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:26:10.0251 0892  volmgr - ok
19:26:10.0296 0892  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:26:10.0302 0892  volmgrx - ok
19:26:10.0350 0892  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:26:10.0356 0892  volsnap - ok
19:26:10.0385 0892  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:26:10.0390 0892  vsmraid - ok
19:26:10.0460 0892  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:26:10.0497 0892  VSS - ok
19:26:10.0510 0892  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:26:10.0514 0892  vwifibus - ok
19:26:10.0528 0892  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:26:10.0532 0892  vwififlt - ok
19:26:10.0584 0892  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:26:10.0586 0892  vwifimp - ok
19:26:10.0621 0892  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:26:10.0637 0892  W32Time - ok
19:26:10.0710 0892  [ 7CB1898A29188FB8DB102406EF0D8D9E ] WacHidRouter    C:\Windows\system32\DRIVERS\wachidrouter.sys
19:26:10.0714 0892  WacHidRouter - ok
19:26:10.0725 0892  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:26:10.0728 0892  WacomPen - ok
19:26:10.0790 0892  [ B59EC4DD1026F059CD95C1627562F3F3 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
19:26:10.0793 0892  wacomrouterfilter - ok
19:26:10.0851 0892  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:26:10.0855 0892  WANARP - ok
19:26:10.0867 0892  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:26:10.0869 0892  Wanarpv6 - ok
19:26:10.0948 0892  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:26:10.0974 0892  WatAdminSvc - ok
19:26:11.0046 0892  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:26:11.0089 0892  wbengine - ok
19:26:11.0118 0892  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:26:11.0128 0892  WbioSrvc - ok
19:26:11.0181 0892  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:26:11.0202 0892  wcncsvc - ok
19:26:11.0221 0892  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:26:11.0229 0892  WcsPlugInService - ok
19:26:11.0247 0892  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:26:11.0250 0892  Wd - ok
19:26:11.0271 0892  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:26:11.0288 0892  Wdf01000 - ok
19:26:11.0299 0892  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:26:11.0307 0892  WdiServiceHost - ok
19:26:11.0312 0892  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:26:11.0318 0892  WdiSystemHost - ok
19:26:11.0348 0892  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:26:11.0364 0892  WebClient - ok
19:26:11.0384 0892  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:26:11.0401 0892  Wecsvc - ok
19:26:11.0414 0892  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:26:11.0421 0892  wercplsupport - ok
19:26:11.0442 0892  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:26:11.0450 0892  WerSvc - ok
19:26:11.0472 0892  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:26:11.0475 0892  WfpLwf - ok
19:26:11.0494 0892  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
19:26:11.0499 0892  WimFltr - ok
19:26:11.0517 0892  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:26:11.0520 0892  WIMMount - ok
19:26:11.0532 0892  WinDefend - ok
19:26:11.0537 0892  WinHttpAutoProxySvc - ok
19:26:11.0582 0892  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:26:11.0611 0892  Winmgmt - ok
19:26:11.0688 0892  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:26:11.0739 0892  WinRM - ok
19:26:11.0809 0892  [ FE88B288356E7B47B74B13372ADD906D ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
19:26:11.0812 0892  WinUSB - ok
19:26:11.0847 0892  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:26:11.0873 0892  Wlansvc - ok
19:26:11.0915 0892  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:26:11.0918 0892  WmiAcpi - ok
19:26:11.0937 0892  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:26:11.0942 0892  wmiApSrv - ok
19:26:11.0973 0892  WMPNetworkSvc - ok
19:26:11.0984 0892  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:26:11.0992 0892  WPCSvc - ok
19:26:12.0041 0892  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:26:12.0049 0892  WPDBusEnum - ok
19:26:12.0074 0892  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:26:12.0077 0892  ws2ifsl - ok
19:26:12.0101 0892  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
19:26:12.0110 0892  wscsvc - ok
19:26:12.0115 0892  WSearch - ok
19:26:12.0208 0892  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:26:12.0267 0892  wuauserv - ok
19:26:12.0315 0892  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:26:12.0319 0892  WudfPf - ok
19:26:12.0352 0892  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:26:12.0357 0892  WUDFRd - ok
19:26:12.0368 0892  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:26:12.0378 0892  wudfsvc - ok
19:26:12.0398 0892  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:26:12.0415 0892  WwanSvc - ok
19:26:12.0452 0892  ================ Scan global ===============================
19:26:12.0467 0892  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:26:12.0518 0892  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:26:12.0540 0892  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:26:12.0565 0892  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:26:12.0592 0892  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:26:12.0608 0892  [Global] - ok
19:26:12.0609 0892  ================ Scan MBR ==================================
19:26:12.0623 0892  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:26:13.0152 0892  \Device\Harddisk0\DR0 - ok
19:26:13.0161 0892  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:26:13.0172 0892  \Device\Harddisk1\DR1 - ok
19:26:13.0172 0892  ================ Scan VBR ==================================
19:26:13.0175 0892  [ EC547CB2683EA85B80F52C817C032C34 ] \Device\Harddisk0\DR0\Partition1
19:26:13.0177 0892  \Device\Harddisk0\DR0\Partition1 - ok
19:26:13.0181 0892  [ AA47474C19982FC4F7CFD8220D85A81F ] \Device\Harddisk1\DR1\Partition1
19:26:13.0184 0892  \Device\Harddisk1\DR1\Partition1 - ok
19:26:13.0184 0892  ============================================================
19:26:13.0184 0892  Scan finished
19:26:13.0184 0892  ============================================================
19:26:13.0193 7124  Detected object count: 0
19:26:13.0193 7124  Actual detected object count: 0
 






 



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:35 PM

Posted 17 February 2013 - 08:35 PM


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================

Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users