Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast detected root kit activity and I don't think it has removed it.


  • This topic is locked This topic is locked
13 replies to this topic

#1 micklee34

micklee34

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 29 March 2013 - 11:20 AM

Previous to Avast being installed Windows Defender detected a Trojan (seeder) which it appeared to remove. Thought I'd ramp up security by installing Avast. Ran Malware Bytes Anti Malware, full system and boot scans with Avast. Avast detected missing files and malware which it says is severe and can't remove as the file no longer exists. (Description; HTC passthru server) PC behaviour seems unusual. Tried some tools from the safe list with no result, still think something is there, hope it's just my paranoia. Appreciate any help you can offer.

 

Best regards

 

Mick

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16519
Run by Michael at 16:06:09 on 2013-03-29
Microsoft Windows 8 Pro with Media Center  6.2.9200.0.1252.44.2057.18.8086.6013 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\WLANExt.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mqsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\taskeng.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\system32\msiexec.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\sysWow64\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bbc.co.uk/
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRunOnce: [Uninstall C:\Users\Michael\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
uRunOnce: [Uninstall C:\Users\Michael\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
uRunOnce: [Uninstall C:\Users\Michael\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\Users\Michael\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\WDQUIC~1.LNK - C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: LastPass - C:\Users\Michael\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - C:\Users\Michael\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.euro.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1007
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{0E82F9BB-962C-4392-A43D-4888CD0E0592} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{0E82F9BB-962C-4392-A43D-4888CD0E0592} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{87660E65-D437-4B15-8C1B-858266A6722C} : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\WINDOWS\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [IntelMyWiFiDashboard] C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe /startup
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
x64-mPolicies-Explorer: NoDrives = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\Drivers\aswRvrt.sys [2013-3-29 65336]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\Drivers\nvpciflt.sys [2013-3-26 30496]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\Drivers\PxHlpa64.sys [2011-9-23 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\WINDOWS\System32\Drivers\stdcfltn.sys [2012-11-14 21616]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\Drivers\aswSnx.sys [2013-3-29 1025808]
R1 aswSP;aswSP;C:\WINDOWS\System32\Drivers\aswSP.sys [2013-3-29 377920]
R1 nvkflt;nvkflt;C:\WINDOWS\System32\Drivers\nvkflt.sys [2013-3-26 284448]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-9-23 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-15 659976]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\System32\Drivers\aswFsBlk.sys [2013-3-29 33400]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\Drivers\aswMonFlt.sys [2013-3-29 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-3-29 45248]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-4-23 135952]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-12-28 100864]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-3-2 1861288]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-12-5 92632]
R2 TurboB;Turbo Boost UI Monitor driver;C:\WINDOWS\System32\Drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-23 2656280]
R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [2011-8-1 317328]
R2 WDFMEService;WDFMEService;C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [2011-8-1 1978256]
R2 WDRulesService;WDRulesService;C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-8-1 1338256]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-6-25 3325232]
R3 Acceler;Accelerometer Service;C:\WINDOWS\System32\Drivers\Accelern.sys [2011-9-23 27760]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\WINDOWS\System32\Drivers\CtClsFlt.sys [2011-9-27 176000]
R3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\Drivers\IntcDAud.sys [2011-9-23 317440]
R3 qicflt;upper Device Filter Driver;C:\WINDOWS\System32\Drivers\qicflt.sys [2011-9-23 29288]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 aswVmm;aswVmm;C:\WINDOWS\System32\Drivers\aswVmm.sys [2013-3-29 178624]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\Drivers\ssudbus.sys [2012-9-19 102368]
S3 fssfltr;fssfltr;C:\WINDOWS\System32\Drivers\fssfltr.sys [2011-9-27 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 htcnprot;HTC NDIS Protocol Driver;C:\WINDOWS\System32\Drivers\htcnprot.sys [2010-6-25 36928]
S3 Impcd;Impcd;C:\WINDOWS\System32\Drivers\Impcd.sys [2011-9-23 158976]
S3 JMCR;JMCR;C:\WINDOWS\System32\Drivers\jmcr.sys [2011-9-23 174168]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-6-25 272688]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\System32\Drivers\nvstusb.sys [2011-9-23 121960]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\Drivers\ssudmdm.sys [2012-9-19 203104]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile="C:\WINDOWS\System32\CScript.exe" "%1" %* [default=Open2]
FileExt: .vbs: VBSFile="C:\WINDOWS\System32\CScript.exe" "%1" %* [default=Open2]
FileExt: .jse: JSEFile=C:\WINDOWS\System32\CScript.exe "%1" %* [default=Open2]
FileExt: .wsf: WSFFile="C:\WINDOWS\System32\CScript.exe" "%1" %* [default=Open2]
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-03-29 11:23:31 70992 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys
2013-03-29 11:23:16 80816 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2013-03-29 11:23:16 65336 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2013-03-29 11:23:16 178624 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
2013-03-29 11:23:16 1025808 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2013-03-29 11:22:55 41664 ----a-w- C:\WINDOWS\avastSS.scr
2013-03-29 09:41:53 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0D74948-1B25-4103-A204-AE8176CB03F7}\mpengine.dll
2013-03-27 15:08:38 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-03-23 23:36:36 -------- d-----w- C:\Users\Michael\AppData\Roaming\Natural Selection 2
2013-03-23 19:24:28 -------- d-----w- C:\Users\Michael\AppData\Local\Skyrim
2013-03-23 19:24:15 74072 ----a-w- C:\WINDOWS\SysWow64\XAPOFX1_4.dll
2013-03-23 19:24:15 528216 ----a-w- C:\WINDOWS\SysWow64\XAudio2_6.dll
2013-03-23 19:24:15 238936 ----a-w- C:\WINDOWS\SysWow64\xactengine3_6.dll
2013-03-23 19:24:14 22360 ----a-w- C:\WINDOWS\SysWow64\X3DAudio1_7.dll
2013-03-23 19:24:08 4178264 ----a-w- C:\WINDOWS\SysWow64\D3DX9_41.dll
2013-03-23 19:24:05 519000 ----a-w- C:\WINDOWS\System32\d3dx10_40.dll
2013-03-23 19:24:05 452440 ----a-w- C:\WINDOWS\SysWow64\d3dx10_40.dll
2013-03-23 19:24:05 2605920 ----a-w- C:\WINDOWS\System32\D3DCompiler_40.dll
2013-03-23 19:24:05 2036576 ----a-w- C:\WINDOWS\SysWow64\D3DCompiler_40.dll
2013-03-23 19:24:03 5631312 ----a-w- C:\WINDOWS\System32\D3DX9_40.dll
2013-03-23 18:29:55 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2013-03-23 18:29:53 -------- d-----w- C:\Program Files (x86)\Steam
2013-03-18 16:15:11 205184 ----a-w- C:\WINDOWS\SysWow64\nvinit.dll
2013-03-18 16:15:11 1807136 ----a-w- C:\WINDOWS\System32\nvdispco6431421.dll
2013-03-18 16:15:11 1510176 ----a-w- C:\WINDOWS\System32\nvdispgenco6431421.dll
2013-03-18 15:52:51 -------- d-s---w- C:\WINDOWS\SysWow64\Microsoft
2013-03-14 22:07:52 559904 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2013-03-13 10:18:12 192784 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10196.bin
2013-03-12 19:48:03 78168 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2013-03-12 19:48:02 692568 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2013-03-12 19:38:58 4041728 ----a-w- C:\WINDOWS\System32\win32k.sys
2013-03-11 17:02:18 -------- d-----w- C:\Program Files (x86)\MSECache
2013-03-10 16:35:54 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-03-09 11:29:23 1807136 ----a-w- C:\WINDOWS\System32\nvdispco6431414.dll
2013-03-09 11:29:23 1510176 ----a-w- C:\WINDOWS\System32\nvdispgenco6431414.dll
2013-03-02 16:56:32 -------- d-----w- C:\Program Files\Western Digital
2013-03-02 16:27:59 24920 ----a-w- C:\WINDOWS\System32\X3DAudio1_6.dll
2013-03-02 15:30:35 563312 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-03-02 15:27:10 -------- d-----w- C:\Program Files\Microsoft Office 15
2013-03-02 15:09:36 -------- d-----w- C:\Users\Michael\AppData\Local\Western_Digital
2013-03-02 15:09:11 -------- d-----w- C:\ProgramData\Western Digital
2013-03-02 14:39:21 1010688 ----a-w- C:\WINDOWS\System32\reseteng.dll
2013-03-02 14:39:20 443392 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2013-03-02 14:39:20 375808 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2013-03-02 14:29:34 -------- d-----w- C:\Users\Michael\AppData\Local\Western Digital
.
==================== Find3M  ====================
.
2013-03-15 04:16:18 3477280 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2013-03-15 04:16:17 6398240 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2013-03-15 04:16:10 877856 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2013-03-15 04:16:10 76064 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2013-03-15 04:16:10 63776 ----a-w- C:\WINDOWS\System32\nvshext.dll
2013-03-15 04:16:10 2555680 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2013-03-15 04:16:10 237856 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2013-03-15 04:16:10 1016096 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2013-03-13 16:24:01 3065455 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2013-03-02 08:22:18 361984 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2013-03-02 02:44:30 468992 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2013-02-15 07:58:59 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2013-02-15 06:35:40 444416 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2013-02-12 01:30:04 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll
2013-02-12 00:56:19 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll
2013-02-12 00:17:50 20992 ----a-w- C:\WINDOWS\System32\drivers\usb8023.sys
2013-02-08 06:03:50 829264 ----a-w- C:\WINDOWS\System32\msvcr100.dll
2013-02-08 06:03:50 608080 ----a-w- C:\WINDOWS\System32\msvcp100.dll
2013-02-07 04:09:56 69864 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2013-02-07 03:34:58 10115072 ----a-w- C:\WINDOWS\System32\twinui.dll
2013-02-07 03:33:47 2302464 ----a-w- C:\WINDOWS\System32\authui.dll
2013-02-07 03:33:42 2146816 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2013-02-07 01:34:00 8856576 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2013-02-07 01:33:03 2033664 ----a-w- C:\WINDOWS\SysWow64\authui.dll
2013-02-07 01:33:01 754176 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2013-02-05 22:31:11 622080 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys
2013-02-05 22:29:09 370688 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2013-02-05 22:28:48 247808 ----a-w- C:\WINDOWS\System32\drivers\srvnet.sys
2013-02-05 22:28:36 215552 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
2013-02-05 04:58:01 1766912 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2013-02-05 04:56:33 2877952 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2013-02-05 04:56:27 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll
2013-02-05 04:56:27 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll
2013-02-05 03:55:27 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2013-02-05 01:44:50 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll
2013-02-04 22:39:47 2246656 ----a-w- C:\WINDOWS\System32\wininet.dll
2013-02-04 22:39:39 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll
2013-02-04 22:38:55 3966464 ----a-w- C:\WINDOWS\System32\jscript9.dll
2013-02-04 22:38:53 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll
2013-02-03 09:12:48 14794312 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-02-02 11:19:44 496872 ----a-w- C:\WINDOWS\System32\drivers\usbhub.sys
2013-02-02 11:19:44 446184 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2013-02-02 11:19:41 329960 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
2013-02-02 11:19:33 61672 ----a-w- C:\WINDOWS\System32\drivers\crashdmp.sys
2013-02-02 10:54:54 1933544 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2013-02-02 10:28:54 993512 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2013-02-02 10:28:54 2226408 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2013-02-02 09:42:07 2207232 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2013-02-02 08:40:58 375808 ----a-w- C:\WINDOWS\SysWow64\wbem\WmiPrvSE.exe
2013-02-02 08:40:55 80896 ----a-w- C:\WINDOWS\SysWow64\tasklist.exe
2013-02-02 08:40:55 79360 ----a-w- C:\WINDOWS\SysWow64\taskkill.exe
2013-02-02 08:40:36 155136 ----a-w- C:\WINDOWS\SysWow64\XpsRasterService.dll
2013-02-02 08:40:35 370688 ----a-w- C:\WINDOWS\SysWow64\WWanAPI.dll
2013-02-02 08:40:27 131072 ----a-w- C:\WINDOWS\SysWow64\wbem\WmiDcPrv.dll
2013-02-02 08:40:26 410624 ----a-w- C:\WINDOWS\SysWow64\wlroamextension.dll
2013-02-02 08:40:22 197632 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
2013-02-02 08:40:22 10792448 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2013-02-02 08:40:01 356352 ----a-w- C:\WINDOWS\SysWow64\SettingSync.dll
2013-02-02 08:39:59 325632 ----a-w- C:\WINDOWS\SysWow64\schannel.dll
2013-02-02 08:39:47 18432 ----a-w- C:\WINDOWS\SysWow64\npmproxy.dll
2013-02-02 08:39:34 55296 ----a-w- C:\WINDOWS\SysWow64\nlaapi.dll
2013-02-02 08:39:34 15872 ----a-w- C:\WINDOWS\SysWow64\nlmproxy.dll
2013-02-02 08:39:34 12288 ----a-w- C:\WINDOWS\SysWow64\nlmsprep.dll
2013-02-02 08:39:33 115712 ----a-w- C:\WINDOWS\SysWow64\netprofm.dll
2013-02-02 08:39:28 5090816 ----a-w- C:\WINDOWS\SysWow64\mstscax.dll
2013-02-02 08:39:15 157696 ----a-w- C:\WINDOWS\SysWow64\mbsmsapi.dll
2013-02-02 08:38:54 567808 ----a-w- C:\WINDOWS\SysWow64\duser.dll
2013-02-02 08:24:19 107520 ----a-w- C:\WINDOWS\System32\taskkill.exe
2013-02-02 08:24:19 102400 ----a-w- C:\WINDOWS\System32\tasklist.exe
2013-02-02 08:23:44 228352 ----a-w- C:\WINDOWS\System32\XpsRasterService.dll
2013-02-02 08:23:43 475136 ----a-w- C:\WINDOWS\System32\WWanAPI.dll
2013-02-02 08:23:37 611840 ----a-w- C:\WINDOWS\System32\wpd_ci.dll
2013-02-02 08:23:37 105472 ----a-w- C:\WINDOWS\System32\wpdbusenum.dll
2013-02-02 08:23:30 830464 ----a-w- C:\WINDOWS\System32\wbem\WmiPrvSD.dll
2013-02-02 08:23:28 543232 ----a-w- C:\WINDOWS\System32\wlroamextension.dll
2013-02-02 08:23:21 13643264 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2013-02-02 08:23:19 293376 ----a-w- C:\WINDOWS\System32\Windows.Networking.Connectivity.dll
2013-02-02 08:23:18 731648 ----a-w- C:\WINDOWS\System32\win32spl.dll
2013-02-02 08:23:16 87552 ----a-w- C:\WINDOWS\System32\wersvc.dll
2013-02-02 08:22:28 448512 ----a-w- C:\WINDOWS\System32\SettingSync.dll
2013-02-02 08:22:22 416256 ----a-w- C:\WINDOWS\System32\schannel.dll
2013-02-02 08:21:45 467456 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll
2013-02-02 08:21:44 385024 ----a-w- C:\WINDOWS\System32\ncsi.dll
2013-02-02 08:21:38 5977600 ----a-w- C:\WINDOWS\System32\mstscax.dll
2013-02-02 08:21:10 225280 ----a-w- C:\WINDOWS\System32\mbsmsapi.dll
2013-02-02 08:20:47 260096 ----a-w- C:\WINDOWS\System32\hotspotauth.dll
2013-02-02 08:20:31 729600 ----a-w- C:\WINDOWS\System32\duser.dll
2013-02-02 07:30:05 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2013-02-02 07:25:52 297984 ----a-w- C:\WINDOWS\System32\drivers\ks.sys
2013-02-02 07:25:26 82944 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys
2013-02-02 07:25:23 37632 ----a-w- C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
2013-02-02 05:41:57 1437184 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2013-02-02 05:31:54 1690624 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2013-01-30 10:53:22 273840 ------w- C:\WINDOWS\System32\MpSigStub.exe
2013-01-29 01:57:05 35232 ----a-w- C:\WINDOWS\System32\drivers\WdBoot.sys
2013-01-28 23:08:22 230904 ----a-w- C:\WINDOWS\System32\drivers\WdFilter.sys
2013-01-28 22:39:47 1807136 ----a-w- C:\WINDOWS\System32\nvdispco6420294.dll
2013-01-28 22:39:47 1510176 ----a-w- C:\WINDOWS\System32\nvdispgenco6420162.dll
2013-01-24 15:29:24 960416 ----a-w- C:\WINDOWS\System32\deployJava1.dll
2013-01-24 15:29:24 1081760 ----a-w- C:\WINDOWS\System32\npDeployJava1.dll
.
============= FINISH: 16:06:55.39 ===============
 



BC AdBot (Login to Remove)

 


#2 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:24 AM

Posted 30 March 2013 - 09:39 AM

Hello Mick and welcome to BleepingComputer forums.

Please follow my guidance and only do what I outline. Do not run any tools on your own; nor make changes to the system without checking with me.

To show all files:
  • Press and hold Windows-key & then press R key to get the RUN menu.
  • Type in
    explorer.exe
    and press Enter
  • When in Windows Explorer, press ALT-key then V key to get VIEW menu
  • Look at the top ribbon, right side. {the Show/Hide block}
  • Look at the line Hidden items. IF it has no checkmark, then Click the box one time so that it is checked.
  • IF you have Avast installed, Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then uncheck Enable AutoSandbox. OK
    Right click on the Avast Ball and select Avast! Shields Control and Disable Until Computer is Restarted

    Download aswMBR.exe ( 511KB ) to your desktop.
    On Windows 7 / 8 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.
    On Windows XP, double click the exe to start.

    IF prompted to update Avast definitions, answer NO.
    aswmbr-1_zps5bcff15d.gif

    On the following screen:
    aswmbr-2_zpse79f2c16.gif

    uncheck trace disk IO calls at the bottom left :excl:

    Now, Click the "Scan" button to start scan.
    Have patience as it scans.

    On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me)
    Now click save log, save it to your desktop and Copy & Paste in your next reply.
    Do NOT click any Fix button.
    EXIT the tool.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#3 micklee34

micklee34
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 30 March 2013 - 01:59 PM

Hi Maurice,

 

Thank you for the warm welcome and quick reply to my post.

 

I unchecked Auto sandbox in file shield settings.

 

I right clicked on the Avast ball and disabled all Avast shields until restart as per the second instruction.

 

I right clicked on the aswmbr.exe program and selected "run as administrator"

 

I wasn't prompted to update definitions.

 

I unchecked "trace disk IO calls"

 

I'm getting an error message,

 

"Avast! Anti Rootkit has stopped working.

 

A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available.

 

Close Program"

 

I ran aswmbr before posting here and had the same issue. I've cleared my temporary files but it still says the definitions are loaded.

 

Apologies.

 

If you could let me know how to proceed.

 

Thanks

 

Mick

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-03-30 18:34:42
-----------------------------
18:34:42.867    OS Version: Windows x64 6.2.9200
18:34:42.867    Number of processors: 4 586 0x2A07
18:34:42.868    ComputerName: MICHAEL-LAPTOP  UserName: Michael
18:34:43.777    Initialize success
18:34:43.839    AVAST engine defs: 13033000
18:36:26.876    The log file has been saved successfully to "C:\Users\Michael\Desktop\aswMBR.txt"



#4 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:24 AM

Posted 30 March 2013 - 09:35 PM

If you ran some other tools on your own, before we started, you need to tell me which ones.
Let's put aside aswMBR. Don't run it.

However, you will have to insure Avast is OFF while we run this next tool.

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.


    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#5 micklee34

micklee34
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 31 March 2013 - 02:35 AM

Hi Maurice,

 

Apologies again about aswmbr. Really appreciate your help with this.

 

Ran TDSkiller as instructed no threats found.

 

08:29:58.0640 7336 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

08:29:58.0765 7336 ============================================================

08:29:58.0765 7336 Current date / time: 2013/03/31 08:29:58.0765

08:29:58.0765 7336 SystemInfo:

08:29:58.0765 7336

08:29:58.0766 7336 OS Version: 6.2.9200 ServicePack: 0.0

08:29:58.0766 7336 Product type: Workstation

08:29:58.0766 7336 ComputerName: MICHAEL-LAPTOP

08:29:58.0766 7336 UserName: Michael

08:29:58.0766 7336 Windows directory: C:\WINDOWS

08:29:58.0766 7336 System windows directory: C:\WINDOWS

08:29:58.0766 7336 Running under WOW64

08:29:58.0766 7336 Processor architecture: Intel x64

08:29:58.0766 7336 Number of processors: 4

08:29:58.0766 7336 Page size: 0x1000

08:29:58.0766 7336 Boot type: Normal boot

08:29:58.0766 7336 ============================================================

08:29:59.0184 7336 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

08:29:59.0186 7336 ============================================================

08:29:59.0186 7336 \Device\Harddisk0\DR0:

08:29:59.0187 7336 MBR partitions:

08:29:59.0187 7336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000

08:29:59.0187 7336 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x37C41830

08:29:59.0187 7336 ============================================================

08:29:59.0252 7336 C: <-> \Device\Harddisk0\DR0\Partition2

08:29:59.0252 7336 ============================================================

08:29:59.0252 7336 Initialize success

08:29:59.0252 7336 ============================================================

08:30:09.0537 5464 ============================================================

08:30:09.0537 5464 Scan started

08:30:09.0537 5464 Mode: Manual;

08:30:09.0537 5464 ============================================================

08:30:09.0631 5464 ================ Scan system memory ========================

08:30:09.0631 5464 System memory - ok

08:30:09.0631 5464 ================ Scan services =============================

08:30:09.0908 5464 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys

08:30:09.0915 5464 1394ohci - ok

08:30:09.0958 5464 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys

08:30:09.0962 5464 3ware - ok

08:30:10.0012 5464 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\WINDOWS\system32\DRIVERS\Accelern.sys

08:30:10.0014 5464 Acceler - ok

08:30:10.0054 5464 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys

08:30:10.0061 5464 ACPI - ok

08:30:10.0076 5464 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys

08:30:10.0077 5464 acpiex - ok

08:30:10.0088 5464 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys

08:30:10.0089 5464 acpipagr - ok

08:30:10.0096 5464 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys

08:30:10.0098 5464 AcpiPmi - ok

08:30:10.0108 5464 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys

08:30:10.0110 5464 acpitime - ok

08:30:10.0138 5464 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\WINDOWS\system32\drivers\adfs.sys

08:30:10.0139 5464 adfs - ok

08:30:10.0297 5464 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

08:30:10.0300 5464 AdobeARMservice - ok

08:30:10.0510 5464 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

08:30:10.0517 5464 AdobeFlashPlayerUpdateSvc - ok

08:30:10.0551 5464 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys

08:30:10.0565 5464 adp94xx - ok

08:30:10.0675 5464 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys

08:30:10.0684 5464 adpahci - ok

08:30:10.0718 5464 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys

08:30:10.0720 5464 adpu320 - ok

08:30:10.0747 5464 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll

08:30:10.0749 5464 AeLookupSvc - ok

08:30:10.0807 5464 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

08:30:10.0809 5464 AERTFilters - ok

08:30:10.0859 5464 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys

08:30:10.0872 5464 AFD - ok

08:30:10.0893 5464 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys

08:30:10.0894 5464 agp440 - ok

08:30:10.0928 5464 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe

08:30:10.0932 5464 ALG - ok

08:30:10.0972 5464 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll

08:30:10.0978 5464 AllUserInstallAgent - ok

08:30:11.0016 5464 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys

08:30:11.0020 5464 AmdK8 - ok

08:30:11.0052 5464 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys

08:30:11.0055 5464 AmdPPM - ok

08:30:11.0078 5464 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys

08:30:11.0080 5464 amdsata - ok

08:30:11.0113 5464 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys

08:30:11.0116 5464 amdsbs - ok

08:30:11.0130 5464 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys

08:30:11.0131 5464 amdxata - ok

08:30:11.0250 5464 [ EDFB061F7D553B84731B8263077FD520 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

08:30:11.0261 5464 AMPPALR3 - ok

08:30:11.0323 5464 [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll

08:30:11.0326 5464 AppHostSvc - ok

08:30:11.0364 5464 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys

08:30:11.0367 5464 AppID - ok

08:30:11.0420 5464 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll

08:30:11.0423 5464 AppIDSvc - ok

08:30:11.0450 5464 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\WINDOWS\System32\appinfo.dll

08:30:11.0454 5464 Appinfo - ok

08:30:11.0482 5464 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

08:30:11.0490 5464 AppMgmt - ok

08:30:11.0518 5464 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys

08:30:11.0522 5464 arc - ok

08:30:11.0549 5464 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys

08:30:11.0553 5464 arcsas - ok

08:30:11.0937 5464 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

08:30:11.0940 5464 aspnet_state - ok

08:30:11.0974 5464 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys

08:30:11.0976 5464 aswFsBlk - ok

08:30:12.0020 5464 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys

08:30:12.0024 5464 aswMonFlt - ok

08:30:12.0049 5464 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\WINDOWS\System32\Drivers\aswrdr2.sys

08:30:12.0052 5464 aswRdr - ok

08:30:12.0078 5464 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys

08:30:12.0081 5464 aswRvrt - ok

08:30:12.0131 5464 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys

08:30:12.0166 5464 aswSnx - ok

08:30:12.0205 5464 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys

08:30:12.0209 5464 aswSP - ok

08:30:12.0235 5464 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys

08:30:12.0236 5464 aswTdi - ok

08:30:12.0262 5464 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys

08:30:12.0264 5464 aswVmm - ok

08:30:12.0279 5464 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

08:30:12.0280 5464 AsyncMac - ok

08:30:12.0287 5464 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys

08:30:12.0288 5464 atapi - ok

08:30:12.0311 5464 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll

08:30:12.0314 5464 AudioEndpointBuilder - ok

08:30:12.0347 5464 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll

08:30:12.0377 5464 Audiosrv - ok

08:30:12.0512 5464 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

08:30:12.0514 5464 avast! Antivirus - ok

08:30:12.0547 5464 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll

08:30:12.0552 5464 AxInstSV - ok

08:30:12.0600 5464 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys

08:30:12.0615 5464 b06bdrv - ok

08:30:12.0649 5464 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys

08:30:12.0650 5464 BasicDisplay - ok

08:30:12.0686 5464 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys

08:30:12.0689 5464 BasicRender - ok

08:30:12.0776 5464 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll

08:30:12.0783 5464 BDESVC - ok

08:30:12.0803 5464 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

08:30:12.0806 5464 Beep - ok

08:30:12.0834 5464 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\WINDOWS\System32\bfe.dll

08:30:12.0841 5464 BFE - ok

08:30:12.0937 5464 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll

08:30:12.0987 5464 BITS - ok

08:30:13.0024 5464 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys

08:30:13.0028 5464 bowser - ok

08:30:13.0067 5464 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll

08:30:13.0075 5464 BrokerInfrastructure - ok

08:30:13.0128 5464 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll

08:30:13.0133 5464 Browser - ok

08:30:13.0173 5464 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys

08:30:13.0174 5464 BthAvrcpTg - ok

08:30:13.0188 5464 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys

08:30:13.0190 5464 BthHFEnum - ok

08:30:13.0209 5464 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys

08:30:13.0211 5464 bthhfhid - ok

08:30:13.0229 5464 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys

08:30:13.0232 5464 BTHMODEM - ok

08:30:13.0292 5464 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll

08:30:13.0296 5464 bthserv - ok

08:30:13.0322 5464 [ A3BC030FC526643DFDCA27299F75544B ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

08:30:13.0326 5464 BTHSSecurityMgr - ok

08:30:13.0347 5464 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys

08:30:13.0351 5464 cdfs - ok

08:30:13.0373 5464 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys

08:30:13.0375 5464 cdrom - ok

08:30:13.0392 5464 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll

08:30:13.0395 5464 CertPropSvc - ok

08:30:13.0405 5464 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys

08:30:13.0406 5464 circlass - ok

08:30:13.0419 5464 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys

08:30:13.0423 5464 CLFS - ok

08:30:13.0442 5464 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys

08:30:13.0443 5464 CmBatt - ok

08:30:13.0460 5464 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys

08:30:13.0466 5464 CNG - ok

08:30:13.0482 5464 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys

08:30:13.0485 5464 CompositeBus - ok

08:30:13.0497 5464 COMSysApp - ok

08:30:13.0514 5464 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys

08:30:13.0515 5464 condrv - ok

08:30:13.0687 5464 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

08:30:13.0699 5464 cphs - ok

08:30:13.0760 5464 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll

08:30:13.0776 5464 CryptSvc - ok

08:30:13.0817 5464 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC C:\WINDOWS\system32\drivers\csc.sys

08:30:13.0834 5464 CSC - ok

08:30:13.0863 5464 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll

08:30:13.0882 5464 CscService - ok

08:30:13.0900 5464 [ DF214BFF646880D0EB31BDC86136B29B ] CtClsFlt C:\WINDOWS\system32\DRIVERS\CtClsFlt.sys

08:30:13.0902 5464 CtClsFlt - ok

08:30:13.0913 5464 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys

08:30:13.0914 5464 dam - ok

08:30:13.0966 5464 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

08:30:14.0010 5464 DcomLaunch - ok

08:30:14.0054 5464 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll

08:30:14.0066 5464 defragsvc - ok

08:30:14.0101 5464 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll

08:30:14.0105 5464 DeviceAssociationService - ok

08:30:14.0127 5464 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll

08:30:14.0132 5464 DeviceInstall - ok

08:30:14.0146 5464 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys

08:30:14.0150 5464 Dfsc - ok

08:30:14.0175 5464 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys

08:30:14.0176 5464 dg_ssudbus - ok

08:30:14.0204 5464 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll

08:30:14.0216 5464 Dhcp - ok

08:30:14.0262 5464 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys

08:30:14.0266 5464 discache - ok

08:30:14.0281 5464 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys

08:30:14.0284 5464 disk - ok

08:30:14.0297 5464 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys

08:30:14.0299 5464 dmvsc - ok

08:30:14.0327 5464 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

08:30:14.0330 5464 Dnscache - ok

08:30:14.0349 5464 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll

08:30:14.0356 5464 dot3svc - ok

08:30:14.0380 5464 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll

08:30:14.0389 5464 DPS - ok

08:30:14.0414 5464 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

08:30:14.0416 5464 drmkaud - ok

08:30:14.0442 5464 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll

08:30:14.0451 5464 DsmSvc - ok

08:30:14.0514 5464 [ ED120AA770A78B5079F8C7BB5AF8A035 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys

08:30:14.0560 5464 DXGKrnl - ok

08:30:14.0576 5464 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll

08:30:14.0579 5464 Eaphost - ok

08:30:14.0651 5464 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys

08:30:14.0719 5464 ebdrv - ok

08:30:14.0746 5464 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\WINDOWS\System32\lsass.exe

08:30:14.0755 5464 EFS - ok

08:30:14.0828 5464 [ 4B84E647C934EDFF7F28C4B91A5C0864 ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe

08:30:14.0842 5464 ehRecvr - ok

08:30:14.0868 5464 [ 72781EC7A97E44B9651550D7A83D1B96 ] ehSched C:\WINDOWS\ehome\ehsched.exe

08:30:14.0872 5464 ehSched - ok

08:30:14.0916 5464 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys

08:30:14.0919 5464 EhStorClass - ok

08:30:14.0942 5464 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys

08:30:14.0946 5464 EhStorTcgDrv - ok

08:30:14.0989 5464 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys

08:30:14.0991 5464 ErrDev - ok

08:30:15.0045 5464 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll

08:30:15.0051 5464 EventSystem - ok

08:30:15.0094 5464 [ 6EB16C7286FBCD3AB206743BA813EC48 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

08:30:15.0100 5464 EvtEng - ok

08:30:15.0116 5464 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys

08:30:15.0118 5464 exfat - ok

08:30:15.0131 5464 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys

08:30:15.0134 5464 fastfat - ok

08:30:15.0177 5464 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe

08:30:15.0185 5464 Fax - ok

08:30:15.0196 5464 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys

08:30:15.0199 5464 fdc - ok

08:30:15.0234 5464 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll

08:30:15.0236 5464 fdPHost - ok

08:30:15.0250 5464 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll

08:30:15.0252 5464 FDResPub - ok

08:30:15.0278 5464 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\WINDOWS\system32\fhsvc.dll

08:30:15.0281 5464 fhsvc - ok

08:30:15.0293 5464 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys

08:30:15.0295 5464 FileInfo - ok

08:30:15.0311 5464 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys

08:30:15.0313 5464 Filetrace - ok

08:30:15.0338 5464 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys

08:30:15.0340 5464 flpydisk - ok

08:30:15.0365 5464 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

08:30:15.0374 5464 FltMgr - ok

08:30:15.0431 5464 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll

08:30:15.0491 5464 FontCache - ok

08:30:15.0661 5464 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

08:30:15.0664 5464 FontCache3.0.0.0 - ok

08:30:15.0720 5464 [ D40B85303BCFF96A717392B06FB015C4 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

08:30:15.0724 5464 Freemake Improver - ok

08:30:15.0753 5464 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys

08:30:15.0756 5464 FsDepends - ok

08:30:15.0784 5464 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr.sys

08:30:15.0785 5464 fssfltr - ok

08:30:16.0164 5464 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

08:30:16.0194 5464 fsssvc - ok

08:30:16.0220 5464 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

08:30:16.0221 5464 Fs_Rec - ok

08:30:16.0243 5464 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys

08:30:16.0254 5464 fvevol - ok

08:30:16.0284 5464 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys

08:30:16.0286 5464 FxPPM - ok

08:30:16.0307 5464 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys

08:30:16.0311 5464 gagp30kx - ok

08:30:16.0343 5464 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

08:30:16.0345 5464 GEARAspiWDM - ok

08:30:16.0376 5464 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys

08:30:16.0379 5464 gencounter - ok

08:30:16.0413 5464 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys

08:30:16.0417 5464 GPIOClx0101 - ok

08:30:16.0500 5464 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll

08:30:16.0530 5464 gpsvc - ok

08:30:16.0575 5464 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys

08:30:16.0576 5464 HDAudBus - ok

08:30:16.0590 5464 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys

08:30:16.0591 5464 HidBatt - ok

08:30:16.0605 5464 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys

08:30:16.0606 5464 HidBth - ok

08:30:16.0632 5464 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys

08:30:16.0633 5464 hidi2c - ok

08:30:16.0649 5464 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys

08:30:16.0651 5464 HidIr - ok

08:30:16.0683 5464 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll

08:30:16.0689 5464 hidserv - ok

08:30:16.0732 5464 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys

08:30:16.0734 5464 HidUsb - ok

08:30:16.0754 5464 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll

08:30:16.0765 5464 hkmsvc - ok

08:30:16.0792 5464 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll

08:30:16.0809 5464 HomeGroupListener - ok

08:30:16.0852 5464 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll

08:30:16.0860 5464 HomeGroupProvider - ok

08:30:16.0884 5464 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys

08:30:16.0888 5464 HpSAMD - ok

08:30:16.0921 5464 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys

08:30:16.0923 5464 htcnprot - ok

08:30:16.0969 5464 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys

08:30:17.0021 5464 HTTP - ok

08:30:17.0038 5464 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys

08:30:17.0039 5464 hwpolicy - ok

08:30:17.0055 5464 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys

08:30:17.0058 5464 hyperkbd - ok

08:30:17.0077 5464 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys

08:30:17.0079 5464 HyperVideo - ok

08:30:17.0100 5464 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys

08:30:17.0104 5464 i8042prt - ok

08:30:17.0153 5464 [ D469B77687E12FE43E344806740B624D ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys

08:30:17.0161 5464 iaStor - ok

08:30:17.0267 5464 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys

08:30:17.0277 5464 iaStorV - ok

08:30:17.0392 5464 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys

08:30:17.0486 5464 igfx - ok

08:30:17.0496 5464 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys

08:30:17.0498 5464 iirsp - ok

08:30:17.0549 5464 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\WINDOWS\System32\ikeext.dll

08:30:17.0591 5464 IKEEXT - ok

08:30:17.0624 5464 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\WINDOWS\system32\drivers\Impcd.sys

08:30:17.0630 5464 Impcd - ok

08:30:18.0116 5464 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys

08:30:18.0140 5464 IntcAzAudAddService - ok

08:30:18.0172 5464 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys

08:30:18.0176 5464 IntcDAud - ok

08:30:18.0192 5464 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys

08:30:18.0194 5464 intelide - ok

08:30:18.0223 5464 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys

08:30:18.0227 5464 intelppm - ok

08:30:18.0246 5464 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

08:30:18.0250 5464 IpFilterDriver - ok

08:30:18.0299 5464 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll

08:30:18.0324 5464 iphlpsvc - ok

08:30:18.0352 5464 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys

08:30:18.0355 5464 IPMIDRV - ok

08:30:18.0389 5464 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys

08:30:18.0390 5464 IPNAT - ok

08:30:18.0400 5464 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys

08:30:18.0401 5464 IRENUM - ok

08:30:18.0410 5464 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys

08:30:18.0411 5464 isapnp - ok

08:30:18.0431 5464 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys

08:30:18.0438 5464 iScsiPrt - ok

08:30:18.0469 5464 [ E56417C56B6A7316B6F527C890A1860D ] JMCR C:\WINDOWS\system32\DRIVERS\jmcr.sys

08:30:18.0475 5464 JMCR - ok

08:30:18.0503 5464 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys

08:30:18.0507 5464 kbdclass - ok

08:30:18.0524 5464 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys

08:30:18.0527 5464 kbdhid - ok

08:30:18.0545 5464 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys

08:30:18.0547 5464 kdnic - ok

08:30:18.0563 5464 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\WINDOWS\system32\lsass.exe

08:30:18.0570 5464 KeyIso - ok

08:30:18.0598 5464 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys

08:30:18.0600 5464 KSecDD - ok

08:30:18.0629 5464 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys

08:30:18.0634 5464 KSecPkg - ok

08:30:18.0652 5464 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys

08:30:18.0655 5464 ksthunk - ok

08:30:18.0698 5464 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll

08:30:18.0732 5464 KtmRm - ok

08:30:18.0784 5464 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll

08:30:18.0805 5464 LanmanServer - ok

08:30:18.0846 5464 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

08:30:18.0872 5464 LanmanWorkstation - ok

08:30:18.0896 5464 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys

08:30:18.0899 5464 lltdio - ok

08:30:18.0946 5464 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll

08:30:18.0958 5464 lltdsvc - ok

08:30:18.0993 5464 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll

08:30:19.0001 5464 lmhosts - ok

08:30:19.0053 5464 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

08:30:19.0061 5464 LMS - ok

08:30:19.0094 5464 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys

08:30:19.0097 5464 LSI_SAS - ok

08:30:19.0131 5464 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys

08:30:19.0135 5464 LSI_SAS2 - ok

08:30:19.0160 5464 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys

08:30:19.0164 5464 LSI_SCSI - ok

08:30:19.0187 5464 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys

08:30:19.0191 5464 LSI_SSS - ok

08:30:19.0233 5464 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\WINDOWS\System32\lsm.dll

08:30:19.0259 5464 LSM - ok

08:30:19.0274 5464 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys

08:30:19.0279 5464 luafv - ok

08:30:19.0317 5464 [ 4448CCEA974F0B15A00EA33FCEDFC062 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll

08:30:19.0326 5464 Mcx2Svc - ok

08:30:19.0344 5464 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys

08:30:19.0348 5464 megasas - ok

08:30:19.0375 5464 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys

08:30:19.0379 5464 MegaSR - ok

08:30:19.0409 5464 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys

08:30:19.0412 5464 MEIx64 - ok

08:30:19.0438 5464 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\WINDOWS\system32\mmcss.dll

08:30:19.0446 5464 MMCSS - ok

08:30:19.0470 5464 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys

08:30:19.0473 5464 Modem - ok

08:30:19.0496 5464 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys

08:30:19.0498 5464 monitor - ok

08:30:19.0508 5464 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys

08:30:19.0511 5464 mouclass - ok

08:30:19.0527 5464 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys

08:30:19.0530 5464 mouhid - ok

08:30:19.0542 5464 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys

08:30:19.0544 5464 mountmgr - ok

08:30:19.0563 5464 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys

08:30:19.0565 5464 mpsdrv - ok

08:30:19.0601 5464 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll

08:30:19.0635 5464 MpsSvc - ok

08:30:19.0676 5464 [ 866AF645A3B1F4358C4201CE089839EA ] MQAC C:\WINDOWS\system32\drivers\mqac.sys

08:30:19.0689 5464 MQAC - ok

08:30:19.0730 5464 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys

08:30:19.0734 5464 MRxDAV - ok

08:30:19.0765 5464 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

08:30:19.0775 5464 mrxsmb - ok

08:30:19.0789 5464 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys

08:30:19.0793 5464 mrxsmb10 - ok

08:30:19.0809 5464 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys

08:30:19.0814 5464 mrxsmb20 - ok

08:30:19.0855 5464 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys

08:30:19.0859 5464 MsBridge - ok

08:30:19.0904 5464 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe

08:30:19.0915 5464 MSDTC - ok

08:30:19.0941 5464 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

08:30:19.0942 5464 Msfs - ok

08:30:19.0967 5464 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys

08:30:19.0969 5464 msgpiowin32 - ok

08:30:19.0988 5464 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys

08:30:19.0990 5464 mshidkmdf - ok

08:30:20.0006 5464 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys

08:30:20.0008 5464 mshidumdf - ok

08:30:20.0025 5464 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys

08:30:20.0026 5464 msisadrv - ok

08:30:20.0068 5464 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll

08:30:20.0077 5464 MSiSCSI - ok

08:30:20.0088 5464 msiserver - ok

08:30:20.0114 5464 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

08:30:20.0115 5464 MSKSSRV - ok

08:30:20.0132 5464 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys

08:30:20.0134 5464 MsLldp - ok

08:30:20.0144 5464 [ 80FF037D6184FFACB2740A50C7949D20 ] MSMQ C:\WINDOWS\system32\mqsvc.exe

08:30:20.0154 5464 MSMQ - ok

08:30:20.0164 5464 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

08:30:20.0168 5464 MSPCLOCK - ok

08:30:20.0185 5464 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

08:30:20.0186 5464 MSPQM - ok

08:30:20.0198 5464 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys

08:30:20.0207 5464 MsRPC - ok

08:30:20.0231 5464 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys

08:30:20.0232 5464 mssmbios - ok

08:30:20.0235 5464 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys

08:30:20.0236 5464 MSTEE - ok

08:30:20.0245 5464 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys

08:30:20.0246 5464 MTConfig - ok

08:30:20.0256 5464 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys

08:30:20.0258 5464 Mup - ok

08:30:20.0270 5464 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys

08:30:20.0271 5464 mvumis - ok

08:30:20.0300 5464 [ 7E11D1788F5B531D49EF0AF97202437B ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

08:30:20.0307 5464 MyWiFiDHCPDNS - ok

08:30:20.0356 5464 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll

08:30:20.0374 5464 napagent - ok

08:30:20.0413 5464 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys

08:30:20.0423 5464 NativeWifiP - ok

08:30:20.0472 5464 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll

08:30:20.0498 5464 NcaSvc - ok

08:30:20.0534 5464 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll

08:30:20.0544 5464 NcdAutoSetup - ok

08:30:20.0581 5464 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\WINDOWS\system32\drivers\ndis.sys

08:30:20.0592 5464 NDIS - ok

08:30:20.0604 5464 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys

08:30:20.0607 5464 NdisCap - ok

08:30:20.0630 5464 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys

08:30:20.0632 5464 NdisImPlatform - ok

08:30:20.0653 5464 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

08:30:20.0656 5464 NdisTapi - ok

08:30:20.0671 5464 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

08:30:20.0674 5464 Ndisuio - ok

08:30:20.0701 5464 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

08:30:20.0703 5464 NdisWan - ok

08:30:20.0707 5464 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys

08:30:20.0709 5464 NDISWANLEGACY - ok

08:30:20.0725 5464 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

08:30:20.0728 5464 NDProxy - ok

08:30:20.0745 5464 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys

08:30:20.0747 5464 Ndu - ok

08:30:20.0774 5464 [ D4F51E88C71BF8F06EA1BE320B0BB75B ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

08:30:20.0782 5464 Net Driver HPZ12 - ok

08:30:20.0793 5464 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

08:30:20.0797 5464 NetBIOS - ok

08:30:20.0812 5464 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

08:30:20.0817 5464 NetBT - ok

08:30:20.0829 5464 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\WINDOWS\system32\lsass.exe

08:30:20.0834 5464 Netlogon - ok

08:30:20.0908 5464 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll

08:30:20.0914 5464 Netman - ok

08:30:21.0004 5464 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:30:21.0006 5464 NetMsmqActivator - ok

08:30:21.0010 5464 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:30:21.0012 5464 NetPipeActivator - ok

08:30:21.0055 5464 [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll

08:30:21.0063 5464 netprofm - ok

08:30:21.0067 5464 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:30:21.0068 5464 NetTcpActivator - ok

08:30:21.0076 5464 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:30:21.0079 5464 NetTcpPortSharing - ok

08:30:23.0476 5464 [ 219A40EEEA50D638BA9D08680C354A0C ] NETwNs64 C:\WINDOWS\system32\DRIVERS\Netwsw00.sys

08:30:23.0629 5464 NETwNs64 - ok

08:30:23.0902 5464 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys

08:30:23.0906 5464 nfrd960 - ok

08:30:23.0940 5464 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll

08:30:23.0966 5464 NlaSvc - ok

08:30:23.0996 5464 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

08:30:23.0999 5464 Npfs - ok

08:30:24.0016 5464 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys

08:30:24.0019 5464 npsvctrig - ok

08:30:24.0059 5464 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll

08:30:24.0068 5464 nsi - ok

08:30:24.0078 5464 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys

08:30:24.0081 5464 nsiproxy - ok

08:30:24.0205 5464 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

08:30:24.0228 5464 Ntfs - ok

08:30:24.0237 5464 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys

08:30:24.0238 5464 Null - ok

08:30:24.0280 5464 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys

08:30:24.0286 5464 NVHDA - ok

08:30:24.0317 5464 [ 443D08DAA53E75A48E4834C3DAF30FCE ] nvkflt C:\WINDOWS\system32\DRIVERS\nvkflt.sys

08:30:24.0325 5464 nvkflt - ok

08:30:25.0133 5464 [ 4EE399576F76D38C04745DB739BBC8C7 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys

08:30:25.0262 5464 nvlddmkm - ok

08:30:25.0293 5464 [ 7067753FA8B75A3BDBA5633B4D2A5D0A ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys

08:30:25.0295 5464 nvpciflt - ok

08:30:25.0334 5464 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys

08:30:25.0339 5464 nvraid - ok

08:30:25.0357 5464 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys

08:30:25.0363 5464 nvstor - ok

08:30:25.0392 5464 [ 9E01B716C8085F7ADB1CDC10103CEEF8 ] NvStUSB C:\WINDOWS\system32\drivers\nvstusb.sys

08:30:25.0395 5464 NvStUSB - ok

08:30:25.0446 5464 [ 7335C3D78A7746D76D37F6722CC4A466 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe

08:30:25.0455 5464 nvsvc - ok

08:30:25.0727 5464 [ B7C53DA1C73FF39F4A6248643EFD979A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

08:30:25.0747 5464 nvUpdatusService - ok

08:30:25.0765 5464 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys

08:30:25.0766 5464 nv_agp - ok

08:30:25.0991 5464 [ B659DAD6C3D1860C7FCEB94FC2FE165C ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

08:30:26.0007 5464 OfficeSvc - ok

08:30:26.0034 5464 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

08:30:26.0039 5464 ose - ok

08:30:26.0124 5464 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll

08:30:26.0140 5464 p2pimsvc - ok

08:30:26.0186 5464 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll

08:30:26.0202 5464 p2psvc - ok

08:30:26.0215 5464 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys

08:30:26.0217 5464 Parport - ok

08:30:26.0238 5464 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys

08:30:26.0242 5464 partmgr - ok

08:30:26.0283 5464 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll

08:30:26.0309 5464 PcaSvc - ok

08:30:26.0331 5464 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys

08:30:26.0338 5464 pci - ok

08:30:26.0357 5464 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys

08:30:26.0360 5464 pciide - ok

08:30:26.0384 5464 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys

08:30:26.0391 5464 pcmcia - ok

08:30:26.0411 5464 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys

08:30:26.0412 5464 pcw - ok

08:30:26.0435 5464 [ AECC24430301DBC6A76916E3029B6B83 ] pdc C:\WINDOWS\system32\drivers\pdc.sys

08:30:26.0436 5464 pdc - ok

08:30:26.0462 5464 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys

08:30:26.0488 5464 PEAUTH - ok

08:30:26.0745 5464 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll

08:30:26.0780 5464 PeerDistSvc - ok

08:30:26.0898 5464 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe

08:30:26.0906 5464 PerfHost - ok

08:30:26.0962 5464 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll

08:30:27.0001 5464 pla - ok

08:30:27.0027 5464 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll

08:30:27.0039 5464 PlugPlay - ok

08:30:27.0075 5464 [ 9A80707D8B6C1806531BFD7399B3CC76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

08:30:27.0083 5464 Pml Driver HPZ12 - ok

08:30:27.0122 5464 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll

08:30:27.0126 5464 PNRPAutoReg - ok

08:30:27.0141 5464 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll

08:30:27.0158 5464 PNRPsvc - ok

08:30:27.0266 5464 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll

08:30:27.0281 5464 PolicyAgent - ok

08:30:27.0310 5464 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\WINDOWS\system32\umpo.dll

08:30:27.0321 5464 Power - ok

08:30:27.0366 5464 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

08:30:27.0371 5464 PptpMiniport - ok

08:30:27.0787 5464 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll

08:30:27.0812 5464 PrintNotify - ok

08:30:27.0840 5464 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\WINDOWS\System32\drivers\processr.sys

08:30:27.0842 5464 Processor - ok

08:30:27.0884 5464 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll

08:30:27.0910 5464 ProfSvc - ok

08:30:27.0960 5464 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys

08:30:27.0964 5464 Psched - ok

08:30:27.0992 5464 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys

08:30:27.0996 5464 PxHlpa64 - ok

08:30:28.0019 5464 [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt C:\WINDOWS\system32\DRIVERS\qicflt.sys

08:30:28.0022 5464 qicflt - ok

08:30:28.0054 5464 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll

08:30:28.0089 5464 QWAVE - ok

08:30:28.0108 5464 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys

08:30:28.0111 5464 QWAVEdrv - ok

08:30:28.0130 5464 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

08:30:28.0131 5464 RasAcd - ok

08:30:28.0166 5464 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys

08:30:28.0169 5464 RasAgileVpn - ok

08:30:28.0192 5464 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll

08:30:28.0196 5464 RasAuto - ok

08:30:28.0214 5464 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

08:30:28.0219 5464 Rasl2tp - ok

08:30:28.0244 5464 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll

08:30:28.0251 5464 RasMan - ok

08:30:28.0258 5464 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

08:30:28.0259 5464 RasPppoe - ok

08:30:28.0297 5464 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys

08:30:28.0299 5464 RasSstp - ok

08:30:28.0320 5464 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

08:30:28.0330 5464 rdbss - ok

08:30:28.0351 5464 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys

08:30:28.0354 5464 rdpbus - ok

08:30:28.0373 5464 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys

08:30:28.0375 5464 RDPDR - ok

08:30:28.0397 5464 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

08:30:28.0400 5464 RdpVideoMiniport - ok

08:30:28.0426 5464 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

08:30:28.0429 5464 RDPWD - ok

08:30:28.0441 5464 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys

08:30:28.0444 5464 rdyboost - ok

08:30:28.0584 5464 [ F09087C51C6AE42AE7DABE1EB3E44C17 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

08:30:28.0589 5464 RegSrvc - ok

08:30:28.0645 5464 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

08:30:28.0655 5464 RemoteAccess - ok

08:30:28.0682 5464 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

08:30:28.0697 5464 RemoteRegistry - ok

08:30:29.0036 5464 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

08:30:29.0053 5464 RoxMediaDB12OEM - ok

08:30:29.0078 5464 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

08:30:29.0081 5464 RoxWatch12 - ok

08:30:29.0110 5464 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll

08:30:29.0121 5464 RpcEptMapper - ok

08:30:29.0173 5464 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe

08:30:29.0180 5464 RpcLocator - ok

08:30:29.0239 5464 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll

08:30:29.0260 5464 RpcSs - ok

08:30:29.0279 5464 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys

08:30:29.0282 5464 rspndr - ok

08:30:29.0327 5464 [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys

08:30:29.0353 5464 RTL8168 - ok

08:30:29.0393 5464 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys

08:30:29.0395 5464 s3cap - ok

08:30:29.0412 5464 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\WINDOWS\system32\lsass.exe

08:30:29.0420 5464 SamSs - ok

08:30:29.0443 5464 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys

08:30:29.0448 5464 sbp2port - ok

08:30:29.0470 5464 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll

08:30:29.0487 5464 SCardSvr - ok

08:30:29.0505 5464 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys

08:30:29.0508 5464 scfilter - ok

08:30:29.0559 5464 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\WINDOWS\system32\schedsvc.dll

08:30:29.0612 5464 Schedule - ok

08:30:29.0667 5464 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll

08:30:29.0672 5464 SCPolicySvc - ok

08:30:29.0706 5464 [ 12F06525912BBEF67837DE47D87C60A9 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys

08:30:29.0710 5464 sdbus - ok

08:30:29.0721 5464 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll

08:30:29.0726 5464 SDRSVC - ok

08:30:29.0748 5464 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys

08:30:29.0751 5464 sdstor - ok

08:30:29.0772 5464 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys

08:30:29.0773 5464 secdrv - ok

08:30:29.0785 5464 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll

08:30:29.0789 5464 seclogon - ok

08:30:29.0797 5464 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll

08:30:29.0801 5464 SENS - ok

08:30:29.0818 5464 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll

08:30:29.0823 5464 SensrSvc - ok

08:30:29.0855 5464 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys

08:30:29.0857 5464 SerCx - ok

08:30:29.0891 5464 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys

08:30:29.0894 5464 Serenum - ok

08:30:29.0915 5464 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys

08:30:29.0919 5464 Serial - ok

08:30:29.0936 5464 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys

08:30:29.0940 5464 sermouse - ok

08:30:29.0968 5464 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll

08:30:29.0974 5464 SessionEnv - ok

08:30:29.0984 5464 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys

08:30:29.0986 5464 sfloppy - ok

08:30:30.0033 5464 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

08:30:30.0056 5464 SharedAccess - ok

08:30:30.0073 5464 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

08:30:30.0101 5464 ShellHWDetection - ok

08:30:30.0113 5464 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys

08:30:30.0114 5464 SiSRaid2 - ok

08:30:30.0127 5464 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys

08:30:30.0129 5464 SiSRaid4 - ok

08:30:30.0158 5464 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe

08:30:30.0164 5464 SNMPTRAP - ok

08:30:30.0179 5464 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys

08:30:30.0183 5464 spaceport - ok

08:30:30.0192 5464 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys

08:30:30.0194 5464 SpbCx - ok

08:30:30.0206 5464 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe

08:30:30.0216 5464 Spooler - ok

08:30:30.0557 5464 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe

08:30:30.0603 5464 sppsvc - ok

08:30:30.0646 5464 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys

08:30:30.0657 5464 srv - ok

08:30:30.0690 5464 [ 9912FDF63EC78E1977083E20DEAE4889 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys

08:30:30.0696 5464 srv2 - ok

08:30:30.0720 5464 [ FD8B4F201B681C555A4AF41922C52557 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys

08:30:30.0727 5464 srvnet - ok

08:30:30.0750 5464 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

08:30:30.0775 5464 SSDPSRV - ok

08:30:30.0795 5464 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll

08:30:30.0807 5464 SstpSvc - ok

08:30:30.0841 5464 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys

08:30:30.0847 5464 ssudmdm - ok

08:30:30.0882 5464 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\WINDOWS\system32\DRIVERS\stdcfltn.sys

08:30:30.0884 5464 stdcfltn - ok

08:30:30.0902 5464 Steam Client Service - ok

08:30:31.0035 5464 [ 81F177C1954453AF407604160BD149CB ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

08:30:31.0044 5464 Stereo Service - ok

08:30:31.0065 5464 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys

08:30:31.0067 5464 stexstor - ok

08:30:31.0115 5464 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll

08:30:31.0138 5464 stisvc - ok

08:30:31.0173 5464 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

08:30:31.0176 5464 stllssvr - ok

08:30:31.0196 5464 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys

08:30:31.0200 5464 storahci - ok

08:30:31.0235 5464 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys

08:30:31.0237 5464 storflt - ok

08:30:31.0247 5464 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll

08:30:31.0258 5464 StorSvc - ok

08:30:31.0274 5464 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys

08:30:31.0278 5464 storvsc - ok

08:30:31.0299 5464 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys

08:30:31.0303 5464 storvsp - ok

08:30:31.0323 5464 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll

08:30:31.0336 5464 svsvc - ok

08:30:31.0354 5464 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys

08:30:31.0357 5464 swenum - ok

08:30:31.0486 5464 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

08:30:31.0499 5464 SwitchBoard - ok

08:30:31.0529 5464 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll

08:30:31.0536 5464 swprv - ok

08:30:31.0605 5464 [ B0C7D4DCF4800DF2F2145B500D0161E8 ] SynTP C:\WINDOWS\System32\drivers\SynTP.sys

08:30:31.0645 5464 SynTP - ok

08:30:31.0814 5464 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\WINDOWS\system32\sysmain.dll

08:30:31.0844 5464 SysMain - ok

08:30:31.0877 5464 [ E219BF7BCCFE4881B0C053C7E0B47ECC ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

08:30:31.0897 5464 SystemEventsBroker - ok

08:30:31.0935 5464 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

08:30:31.0947 5464 TabletInputService - ok

08:30:31.0970 5464 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

08:30:31.0976 5464 TapiSrv - ok

08:30:32.0020 5464 [ F4F78B7F39BD56BD0BFE4C4399398F6F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys

08:30:32.0065 5464 Tcpip - ok

08:30:32.0102 5464 [ F4F78B7F39BD56BD0BFE4C4399398F6F ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys

08:30:32.0113 5464 TCPIP6 - ok

08:30:32.0158 5464 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys

08:30:32.0161 5464 tcpipreg - ok

08:30:32.0184 5464 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys

08:30:32.0188 5464 tdx - ok

08:30:32.0222 5464 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys

08:30:32.0223 5464 terminpt - ok

08:30:32.0252 5464 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll

08:30:32.0303 5464 TermService - ok

08:30:32.0335 5464 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll

08:30:32.0347 5464 Themes - ok

08:30:32.0370 5464 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\WINDOWS\system32\mmcss.dll

08:30:32.0378 5464 THREADORDER - ok

08:30:32.0394 5464 [ FF4135424A79DCC2998276D8E39C9B4D ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll

08:30:32.0410 5464 TimeBroker - ok

08:30:32.0455 5464 [ F620772888B6E3EDEF5C3E71E3D447F0 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

08:30:32.0458 5464 TomTomHOMEService - ok

08:30:32.0482 5464 [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM C:\WINDOWS\system32\drivers\tpm.sys

08:30:32.0487 5464 TPM - ok

08:30:32.0504 5464 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll

08:30:32.0518 5464 TrkWks - ok

08:30:32.0589 5464 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe

08:30:32.0592 5464 TrustedInstaller - ok

08:30:32.0639 5464 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys

08:30:32.0644 5464 TsUsbFlt - ok

08:30:32.0661 5464 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys

08:30:32.0664 5464 TsUsbGD - ok

08:30:32.0689 5464 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys

08:30:32.0694 5464 tunnel - ok

08:30:32.0724 5464 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\WINDOWS\system32\DRIVERS\TurboB.sys

08:30:32.0726 5464 TurboB - ok

08:30:32.0766 5464 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe

08:30:32.0771 5464 TurboBoost - ok

08:30:32.0793 5464 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys

08:30:32.0797 5464 uagp35 - ok

08:30:32.0817 5464 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys

08:30:32.0821 5464 UASPStor - ok

08:30:32.0843 5464 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys

08:30:32.0846 5464 UCX01000 - ok

08:30:32.0868 5464 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys

08:30:32.0877 5464 udfs - ok

08:30:32.0904 5464 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe

08:30:32.0917 5464 UI0Detect - ok

08:30:32.0931 5464 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys

08:30:32.0932 5464 uliagpkx - ok

08:30:32.0947 5464 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys

08:30:32.0948 5464 umbus - ok

08:30:32.0964 5464 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys

08:30:32.0967 5464 UmPass - ok

08:30:33.0019 5464 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll

08:30:33.0035 5464 UmRdpService - ok

08:30:33.0277 5464 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

08:30:33.0301 5464 UNS - ok

08:30:33.0347 5464 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll

08:30:33.0369 5464 upnphost - ok

08:30:33.0384 5464 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys

08:30:33.0386 5464 usbccgp - ok

08:30:33.0402 5464 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys

08:30:33.0406 5464 usbcir - ok

08:30:33.0439 5464 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys

08:30:33.0443 5464 usbehci - ok

08:30:33.0481 5464 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys

08:30:33.0496 5464 usbhub - ok

08:30:33.0526 5464 [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys

08:30:33.0539 5464 USBHUB3 - ok

08:30:33.0569 5464 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys

08:30:33.0572 5464 usbohci - ok

08:30:33.0592 5464 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys

08:30:33.0595 5464 usbprint - ok

08:30:33.0618 5464 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS

08:30:33.0623 5464 USBSTOR - ok

08:30:33.0655 5464 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys

08:30:33.0658 5464 usbuhci - ok

08:30:33.0679 5464 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys

08:30:33.0686 5464 usbvideo - ok

08:30:33.0720 5464 [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS

08:30:33.0724 5464 USBXHCI - ok

08:30:33.0736 5464 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\WINDOWS\system32\lsass.exe

08:30:33.0738 5464 VaultSvc - ok

08:30:33.0747 5464 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys

08:30:33.0749 5464 vdrvroot - ok

08:30:33.0789 5464 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\WINDOWS\System32\vds.exe

08:30:33.0822 5464 vds - ok

08:30:33.0835 5464 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys

08:30:33.0837 5464 VerifierExt - ok

08:30:33.0862 5464 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys

08:30:33.0878 5464 vhdmp - ok

08:30:33.0893 5464 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys

08:30:33.0894 5464 viaide - ok

08:30:33.0906 5464 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys

08:30:33.0909 5464 Vid - ok

08:30:33.0928 5464 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys

08:30:33.0933 5464 vmbus - ok

08:30:33.0956 5464 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys

08:30:33.0959 5464 VMBusHID - ok

08:30:33.0978 5464 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys

08:30:33.0980 5464 vmbusr - ok

08:30:34.0016 5464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll

08:30:34.0031 5464 vmicheartbeat - ok

08:30:34.0036 5464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll

08:30:34.0039 5464 vmickvpexchange - ok

08:30:34.0045 5464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll

08:30:34.0048 5464 vmicrdv - ok

08:30:34.0054 5464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll

08:30:34.0057 5464 vmicshutdown - ok

08:30:34.0063 5464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll

08:30:34.0066 5464 vmictimesync - ok

08:30:34.0072 5464 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll

08:30:34.0075 5464 vmicvss - ok

08:30:34.0091 5464 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys

08:30:34.0093 5464 volmgr - ok

08:30:34.0108 5464 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys

08:30:34.0113 5464 volmgrx - ok

08:30:34.0129 5464 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys

08:30:34.0138 5464 volsnap - ok

08:30:34.0154 5464 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys

08:30:34.0158 5464 vpci - ok

08:30:34.0174 5464 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys

08:30:34.0178 5464 vpcivsp - ok

08:30:34.0190 5464 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys

08:30:34.0194 5464 vsmraid - ok

08:30:34.0248 5464 [ EA658570314042C914964FC72AB50E6B ] VSS C:\WINDOWS\system32\vssvc.exe

08:30:34.0282 5464 VSS - ok

08:30:34.0299 5464 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys

08:30:34.0302 5464 VSTXRAID - ok

08:30:34.0315 5464 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys

08:30:34.0316 5464 vwifibus - ok

08:30:34.0325 5464 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys

08:30:34.0326 5464 vwififlt - ok

08:30:34.0336 5464 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys

08:30:34.0337 5464 vwifimp - ok

08:30:34.0372 5464 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll

08:30:34.0398 5464 W32Time - ok

08:30:34.0537 5464 [ 901CC968412F8155B08D7ABE0171166A ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll

08:30:34.0547 5464 W3SVC - ok

08:30:34.0573 5464 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys

08:30:34.0574 5464 WacomPen - ok

08:30:34.0590 5464 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

08:30:34.0592 5464 Wanarp - ok

08:30:34.0595 5464 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys

08:30:34.0596 5464 Wanarpv6 - ok

08:30:34.0605 5464 [ 901CC968412F8155B08D7ABE0171166A ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll

08:30:34.0608 5464 WAS - ok

08:30:34.0648 5464 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe

08:30:34.0696 5464 wbengine - ok

08:30:34.0726 5464 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll

08:30:34.0751 5464 WbioSrvc - ok

08:30:34.0767 5464 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll

08:30:34.0774 5464 Wcmsvc - ok

08:30:34.0807 5464 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll

08:30:34.0832 5464 wcncsvc - ok

08:30:34.0851 5464 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll

08:30:34.0864 5464 WcsPlugInService - ok

08:30:34.0903 5464 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys

08:30:34.0906 5464 Wd - ok

08:30:34.0927 5464 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys

08:30:34.0930 5464 WdBoot - ok

08:30:34.0969 5464 [ 20442A908FE6D3BC687A5B5DF4D5868C ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe

08:30:34.0977 5464 WDDMService - ok

08:30:35.0012 5464 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys

08:30:35.0019 5464 Wdf01000 - ok

08:30:35.0034 5464 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys

08:30:35.0037 5464 WdFilter - ok

08:30:35.0094 5464 [ BB9D012A82F66E08D2E235A53B0EBA40 ] WDFMEService C:\Program Files\Western Digital\WD SmartWare\WDFME.exe

08:30:35.0134 5464 WDFMEService - ok

08:30:35.0171 5464 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll

08:30:35.0187 5464 WdiServiceHost - ok

08:30:35.0197 5464 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll

08:30:35.0205 5464 WdiSystemHost - ok

08:30:35.0248 5464 [ D878C31511169DE535852FC6D15570E8 ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe

08:30:35.0270 5464 WDRulesService - ok

08:30:35.0288 5464 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll

08:30:35.0294 5464 WebClient - ok

08:30:35.0307 5464 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll

08:30:35.0313 5464 Wecsvc - ok

08:30:35.0326 5464 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll

08:30:35.0331 5464 wercplsupport - ok

08:30:35.0352 5464 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\WINDOWS\System32\WerSvc.dll

08:30:35.0356 5464 WerSvc - ok

08:30:35.0364 5464 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys

08:30:35.0367 5464 WFPLWFS - ok

08:30:35.0380 5464 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll

08:30:35.0394 5464 WiaRpc - ok

08:30:35.0424 5464 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\WINDOWS\system32\DRIVERS\wimfltr.sys

08:30:35.0429 5464 WimFltr - ok

08:30:35.0446 5464 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys

08:30:35.0447 5464 WIMMount - ok

08:30:35.0482 5464 WinDefend - ok

08:30:35.0568 5464 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll

08:30:35.0592 5464 WinHttpAutoProxySvc - ok

08:30:35.0691 5464 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

08:30:35.0697 5464 Winmgmt - ok

08:30:36.0194 5464 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll

08:30:36.0227 5464 WinRM - ok

08:30:36.0284 5464 [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys

08:30:36.0287 5464 WinUsb - ok

08:30:36.0336 5464 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll

08:30:36.0397 5464 WlanSvc - ok

08:30:36.0648 5464 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll

08:30:36.0681 5464 wlidsvc - ok

08:30:36.0693 5464 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys

08:30:36.0694 5464 WmiAcpi - ok

08:30:36.0746 5464 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe

08:30:36.0752 5464 wmiApSrv - ok

08:30:36.0796 5464 WMPNetworkSvc - ok

08:30:36.0851 5464 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys

08:30:36.0855 5464 wpcfltr - ok

08:30:36.0895 5464 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll

08:30:36.0908 5464 WPCSvc - ok

08:30:36.0928 5464 [ 39D8AB837F91B729D12D32ED81E2062F ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll

08:30:36.0933 5464 WPDBusEnum - ok

08:30:36.0946 5464 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys

08:30:36.0949 5464 WpdUpFltr - ok

08:30:36.0970 5464 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys

08:30:36.0972 5464 ws2ifsl - ok

08:30:36.0990 5464 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\WINDOWS\System32\wscsvc.dll

08:30:36.0994 5464 wscsvc - ok

08:30:37.0012 5464 [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys

08:30:37.0014 5464 WSDPrintDevice - ok

08:30:37.0017 5464 WSearch - ok

08:30:37.0120 5464 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\WINDOWS\System32\WSService.dll

08:30:37.0185 5464 WSService - ok

08:30:37.0483 5464 [ A8484C0CB54DB48180FB7CA00F1C3F8F ] wuauserv C:\WINDOWS\system32\wuaueng.dll

08:30:37.0516 5464 wuauserv - ok

08:30:37.0587 5464 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys

08:30:37.0591 5464 WudfPf - ok

08:30:37.0616 5464 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys

08:30:37.0622 5464 WUDFRd - ok

08:30:37.0641 5464 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

08:30:37.0645 5464 WUDFSensorLP - ok

08:30:37.0687 5464 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll

08:30:37.0701 5464 wudfsvc - ok

08:30:37.0714 5464 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

08:30:37.0719 5464 WUDFWpdFs - ok

08:30:37.0724 5464 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

08:30:37.0726 5464 WUDFWpdMtp - ok

08:30:37.0746 5464 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll

08:30:37.0755 5464 WwanSvc - ok

08:30:38.0118 5464 [ 5BCB1F6CB749B6826BE1C0F16FF2F600 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

08:30:38.0146 5464 ZeroConfigService - ok

08:30:38.0156 5464 ================ Scan global ===============================

08:30:38.0189 5464 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll

08:30:38.0220 5464 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll

08:30:38.0276 5464 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll

08:30:38.0320 5464 [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe

08:30:38.0346 5464 [Global] - ok

08:30:38.0347 5464 ================ Scan MBR ==================================

08:30:38.0364 5464 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

08:30:38.0745 5464 \Device\Harddisk0\DR0 - ok

08:30:38.0747 5464 ================ Scan VBR ==================================

08:30:38.0752 5464 [ 2363B737150876112F93E0D3C007A680 ] \Device\Harddisk0\DR0\Partition1

08:30:38.0756 5464 \Device\Harddisk0\DR0\Partition1 - ok

08:30:38.0776 5464 [ 935D9DF834FA10B64D14E1F5BC549FDB ] \Device\Harddisk0\DR0\Partition2

08:30:38.0780 5464 \Device\Harddisk0\DR0\Partition2 - ok

08:30:38.0781 5464 ============================================================

08:30:38.0781 5464 Scan finished

08:30:38.0781 5464 ============================================================

08:30:38.0802 7580 Detected object count: 0

08:30:38.0802 7580 Actual detected object count: 0



#6 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:24 AM

Posted 31 March 2013 - 08:55 AM

Very good result from Tdsskiller.
  • Download & SAVE to your Desktop Tigzy's RogueKiller >> from here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7 / 8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Do NOT press any Fix button.
  • Exit/Close RogueKiller

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#7 micklee34

micklee34
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 31 March 2013 - 09:02 AM

Hi Maurice,

 

I've run rogue killer as instructed, please find below the report details.

 

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Michael [Admin rights]
Mode : Scan -- Date : 03/31/2013 14:59:27
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BPKT-75PK4T0 +++++
--- User ---
[MBR] 9d490dd7e6adfb6a473e12293cc8b6b4
[BSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 212992 | Size: 20000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41172992 | Size: 456835 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_03312013_02d1459.txt >>
RKreport[1]_S_03312013_02d1459.txt



#8 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:24 AM

Posted 31 March 2013 - 10:35 AM

That is a good result. I do not see a sign of a rootkit. Your Avast just may be showing a false positive.

Download, & save & then run the MS Safety scanner
http://www.microsoft.com/security/scanner/en-us/default.aspx
Let me know the result.

Note: The Microsoft Safety Scanner expires 10 days after being downloaded.

Note: Any data files that are infected may only be cleaned by deleting the file entirely, which means there is a potential for data loss.

Task 2
Download Security Check by screen317 from >>here<<.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#9 micklee34

micklee34
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 31 March 2013 - 10:50 AM

Hi Maurice,

 

Ran MS Safety Scanner and it gave the all clear.

 

Ran Security Check details below,

 

 Results of screen317's Security Check version 0.99.61 
   x64 (UAC is enabled) 
 Internet Explorer 9 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
avast! Antivirus  
Windows Defender  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.70.0.1100 
 Adobe Flash Player  11.6.602.180 
 Adobe Reader XI 
 Google Chrome 24.0.1312.57 
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

 

Thanks

 

Mick
 



#10 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:24 AM

Posted 31 March 2013 - 12:21 PM

Very good results.

Save and close any work documents, close any apps that you started.

Temporarily turn off (disable) your antivirus program
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Start your MBAM MalwareBytes' Anti-Malware.
Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.
Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

If you have the PRO license, then do this too: Click the Protection tab. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.
Do a Full Scan. i_arrow-l.gif

When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When all done, Copy & paste the MBAM scan log into a new reply.
Tell me, How is the system ?

Re-enable your antivirus program.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#11 micklee34

micklee34
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 31 March 2013 - 02:20 PM

Hi Maurice,

 

The system seems to be running well. No more detections from Avast.

 

Malwarebytes has run and returned a clean scan (pasted below). Really do appreciate the peace of mind you've given me by being so thorough.

 

Let me know if you're happy with how things are looking.

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.31.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16519
Michael :: MICHAEL-LAPTOP [administrator]

31/03/2013 18:36:04
mbam-log-2013-03-31 (18-36-04).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 549033
Time elapsed: 1 hour(s), 14 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#12 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:24 AM

Posted 31 March 2013 - 03:08 PM

Please insure that your antivirus real-time protection is on now.

We can wrap this up now.
If you have a problem with these steps, or something does not quite work here, do let me know.

Delete the following if still present:
aswmbr.exe
tdsskiller.exe
roguekiller.exe
securitycheck.exe
the ms safety scanner download


make a Windows 8 rescue disc and store away for a rainy day
See Grinler's article http://www.bleepingcomputer.com/tutorials/create-a-windows-system-repair-disc/


Safer practices & malware prevention
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#13 micklee34

micklee34
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:24 PM

Posted 31 March 2013 - 03:19 PM

HI Maurice,

 

Thank you for all your help. I can't thank you enough.

 

It's hard to find great advice from true experts anywhere outside of this forum.

 

Everyone I've encountered at Bleeping Computer is courteous, patient and incredibly knowledgeable.

 

Let me know if you have a favourite charity, happy to help in return.

 

Thanks again.

 

Best regards

 

Mick



#14 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:24 AM

Posted 31 March 2013 - 03:37 PM

Mick,

You are very welcome. I am happy to have helped. And your remarks are very appreciated too.yahoo.gif

Stay safe. Cheers.
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users