Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Halp! I am infected!


  • Please log in to reply
10 replies to this topic

#1 Jiggity

Jiggity

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 19 February 2014 - 05:01 PM

My computer is slowing down big time and I get pop ups, I'm not able to download anything through internet explorer (had to get Fire Fox) but Fire Fox is starting to lag a lot from time to time and if I play a video I get prompted to close plug ins. Can anyone help?



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 19 February 2014 - 09:00 PM

You can try these from Safe Mode with Networking , it may be easier.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Jiggity

Jiggity
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 20 February 2014 - 11:35 AM

Mini Tool Box Logs:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Eagleeye (administrator) on 20-02-2014 at 11:21:16
Running from "C:\Users\Eagleeye\Desktop"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Connected)
802.11n Wireless LAN Card = Wi-Fi 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Jack
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : 20-10-7A-7A-D4-80
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 802.11n Wireless LAN Card
   Physical Address. . . . . . . . . : 20-10-7A-7A-D4-86
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : 78-E3-B5-B2-91-58
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4160:271d:632:3175%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.65(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, February 14, 2014 10:58:06 AM
   Lease Expires . . . . . . . . . . : Friday, February 21, 2014 10:22:48 AM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 259580853
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-E6-0A-64-78-E3-B5-B2-91-58
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:a2:25f4:3f57:febe(Preferred)
   Link-local IPv6 Address . . . . . : fe80::a2:25f4:3f57:febe%19(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  homeportal
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4002:c06::66
      74.125.21.102
      74.125.21.113
      74.125.21.101
      74.125.21.138
      74.125.21.139
      74.125.21.100


Pinging google.com [74.125.21.113] with 32 bytes of data:
Reply from 74.125.21.113: bytes=32 time=45ms TTL=41
Reply from 74.125.21.113: bytes=32 time=43ms TTL=41

Ping statistics for 74.125.21.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 43ms, Maximum = 45ms, Average = 44ms
Server:  homeportal
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=230ms TTL=46
Request timed out.

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 230ms, Maximum = 230ms, Average = 230ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...20 10 7a 7a d4 80 ......Microsoft Wi-Fi Direct Virtual Adapter #2
 15...20 10 7a 7a d4 86 ......802.11n Wireless LAN Card
 12...78 e3 b5 b2 91 58 ......Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
  1...........................Software Loopback Interface 1
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.65     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.65    276
     192.168.1.65  255.255.255.255         On-link      192.168.1.65    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.65    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.65    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.65    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 19    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 19    306 2001::/32                On-link
 19    306 2001:0:9d38:6ab8:a2:25f4:3f57:febe/128
                                    On-link
 12    276 fe80::/64                On-link
 19    306 fe80::/64                On-link
 19    306 fe80::a2:25f4:3f57:febe/128
                                    On-link
 12    276 fe80::4160:271d:632:3175/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    306 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/20/2014 11:21:16 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/20/2014 11:21:01 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/20/2014 11:20:46 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/20/2014 11:20:31 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/20/2014 11:20:16 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/20/2014 11:20:01 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/20/2014 11:19:46 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/20/2014 11:19:31 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/20/2014 11:19:16 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error

Error: (02/20/2014 11:19:01 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error


System errors:
=============
Error: (02/20/2014 11:16:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: Cumulative Security Update for ActiveX Killbits for Windows 8 for x64-based Systems (KB2900986).

Error: (02/19/2014 04:15:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: Cumulative Security Update for ActiveX Killbits for Windows 8 for x64-based Systems (KB2900986).

Error: (02/19/2014 04:12:50 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a171\??\Volume{8ec6ab96-c56b-4117-aaa9-98c04fd7f7dc}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{4BC47431-684E-4415-ADD5-7CE28C27FD08}

Error: (02/19/2014 04:05:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: Cumulative Security Update for ActiveX Killbits for Windows 8 for x64-based Systems (KB2900986).

Error: (02/19/2014 03:52:56 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a171\??\Volume{8ec6ab96-c56b-4117-aaa9-98c04fd7f7dc}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D59091D6-784D-4D3F-A88A-D0310E1DDDB8}

Error: (02/19/2014 02:22:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: Cumulative Security Update for ActiveX Killbits for Windows 8 for x64-based Systems (KB2900986).

Error: (02/18/2014 11:59:11 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: Cumulative Security Update for ActiveX Killbits for Windows 8 for x64-based Systems (KB2900986).

Error: (02/18/2014 05:25:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: Cumulative Security Update for ActiveX Killbits for Windows 8 for x64-based Systems (KB2900986).

Error: (02/17/2014 03:40:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: Cumulative Security Update for ActiveX Killbits for Windows 8 for x64-based Systems (KB2900986).

Error: (02/16/2014 11:04:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0831: Cumulative Security Update for ActiveX Killbits for Windows 8 for x64-based Systems (KB2900986).


Microsoft Office Sessions:
=========================
Error: (02/20/2014 11:21:16 AM) (Source: ATIeRecord)(User: )
Description:

Error: (02/20/2014 11:21:01 AM) (Source: ATIeRecord)(User: )
Description:

Error: (02/20/2014 11:20:46 AM) (Source: ATIeRecord)(User: )
Description:

Error: (02/20/2014 11:20:31 AM) (Source: ATIeRecord)(User: )
Description:

Error: (02/20/2014 11:20:16 AM) (Source: ATIeRecord)(User: )
Description:

Error: (02/20/2014 11:20:01 AM) (Source: ATIeRecord)(User: )
Description:

Error: (02/20/2014 11:19:46 AM) (Source: ATIeRecord)(User: )
Description:

Error: (02/20/2014 11:19:31 AM) (Source: ATIeRecord)(User: )
Description:

Error: (02/20/2014 11:19:16 AM) (Source: ATIeRecord)(User: )
Description:

Error: (02/20/2014 11:19:01 AM) (Source: ATIeRecord)(User: )
Description:


=========================== Installed Programs ============================

Adobe Flash Player 12 Plugin (Version: 12.0.0.44)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD VISION Engine Control Center (Version: 2012.0704.2139.36919)
AOL Toolbar
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
BitLord 2.3 (Version: 2.3.2-254)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0704.2139.36919)
Catalyst Control Center InstallProxy (Version: 2012.0704.2139.36919)
Catalyst Control Center Localization All (Version: 2012.0704.2139.36919)
CCC Help Chinese Standard (Version: 2012.0704.2138.36919)
CCC Help Chinese Traditional (Version: 2012.0704.2138.36919)
CCC Help Czech (Version: 2012.0704.2138.36919)
CCC Help Danish (Version: 2012.0704.2138.36919)
CCC Help Dutch (Version: 2012.0704.2138.36919)
CCC Help English (Version: 2012.0704.2138.36919)
CCC Help Finnish (Version: 2012.0704.2138.36919)
CCC Help French (Version: 2012.0704.2138.36919)
CCC Help German (Version: 2012.0704.2138.36919)
CCC Help Greek (Version: 2012.0704.2138.36919)
CCC Help Hungarian (Version: 2012.0704.2138.36919)
CCC Help Italian (Version: 2012.0704.2138.36919)
CCC Help Japanese (Version: 2012.0704.2138.36919)
CCC Help Korean (Version: 2012.0704.2138.36919)
CCC Help Norwegian (Version: 2012.0704.2138.36919)
CCC Help Polish (Version: 2012.0704.2138.36919)
CCC Help Portuguese (Version: 2012.0704.2138.36919)
CCC Help Russian (Version: 2012.0704.2138.36919)
CCC Help Spanish (Version: 2012.0704.2138.36919)
CCC Help Swedish (Version: 2012.0704.2138.36919)
CCC Help Thai (Version: 2012.0704.2138.36919)
CCC Help Turkish (Version: 2012.0704.2138.36919)
ccc-utility64 (Version: 2012.0704.2139.36919)
ConverterLite 1.6.6.0 (Version: 1.6.6.0)
CyberLink LabelPrint (Version: 2.5.1.5510)
CyberLink Media Suite 10 (Version: 10.0.1.1916)
CyberLink PhotoDirector (Version: 2.0.1.3109)
CyberLink Power2Go 8 (Version: 8.0.1.1902)
CyberLink PowerDirector 10 (Version: 10.0.1.1925)
CyberLink PowerDVD (Version: 10.0.1.4319)
D3DX10 (Version: 15.4.2368.0902)
GIMP 2.8.10 (Version: 2.8.10)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000)
HP Connected Music (Meridian - installer) (Version: v1.0)
HP Connected Remote (Version: 1.0.1202)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Games (Version: 1.0.3.0)
HP MyRoom (Version: 9.0.0.0)
HP Postscript Converter (Version: 3.1.3591)
HP Quick Start (Version: 1.0.4660.30220)
HP Registration Service (Version: 1.0.5976.4186)
HP Support Assistant (Version: 7.4.45.4)
HP Support Information (Version: 12.00.0000)
IDT Audio (Version: 1.0.6418.0)
iTunes (Version: 11.0.2.26)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Security Scan Plus (Version: 3.8.141.11)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (Version: 14.0.6120.5004)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 27.0.1 (x86 en-US) (Version: 27.0.1)
Mozilla Maintenance Service (Version: 27.0.1)
MSVCRT (Version: 15.4.2862.0708)
Mumble 1.2.3 (Version: 1.2.3)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (Version: 5.0.0.0)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
RealUpgrade 1.1 (Version: 1.1.0)
Recovery Manager (Version: 5.5.0.5530)
RollerCoaster Tycoon 3 Platinum (Version: 1.00.000)
SelectionLinks (Version: 1.0)
Skype™ 6.1 (Version: 6.1.129)
VLC media player 2.0.0 (Version: 2.0.0)
Warcraft III
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 5.00 (32-bit) (Version: 5.00.0)
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 5527.51 MB
Available physical RAM: 3685.59 MB
Total Pagefile: 6791.51 MB
Available Pagefile: 4453.75 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.69 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:910.65 GB) (Free:785 GB) NTFS
2 Drive d: (Recovery Image) (Fixed) (Total:19.38 GB) (Free:2.42 GB) NTFS

========================= Users: ========================================

User accounts for \\JACK

Administrator            Eagleeye                 Guest                    


**** End of log ****

 

 

TDSS Logs:

 

11:26:20.0808 0x75cc  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
11:26:20.0808 0x75cc  UEFI system
11:32:54.0665 0x75cc  ============================================================
11:32:54.0665 0x75cc  Current date / time: 2014/02/20 11:32:54.0665
11:32:54.0665 0x75cc  SystemInfo:
11:32:54.0665 0x75cc  
11:32:54.0665 0x75cc  OS Version: 6.2.9200 ServicePack: 0.0
11:32:54.0665 0x75cc  Product type: Workstation
11:32:54.0665 0x75cc  ComputerName: JACK
11:32:54.0665 0x75cc  UserName: Eagleeye
11:32:54.0665 0x75cc  Windows directory: C:\windows
11:32:54.0665 0x75cc  System windows directory: C:\windows
11:32:54.0665 0x75cc  Running under WOW64
11:32:54.0665 0x75cc  Processor architecture: Intel x64
11:32:54.0665 0x75cc  Number of processors: 4
11:32:54.0665 0x75cc  Page size: 0x1000
11:32:54.0665 0x75cc  Boot type: Normal boot
11:32:54.0665 0x75cc  ============================================================
11:32:55.0180 0x75cc  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:32:55.0227 0x75cc  ============================================================
11:32:55.0227 0x75cc  \Device\Harddisk0\DR0:
11:32:55.0227 0x75cc  GPT partitions:
11:32:55.0227 0x75cc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1CB5D73D-9573-4AD9-A492-63C8A9BDFFE7}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
11:32:55.0227 0x75cc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6BF5EEBE-EF4B-4FA8-8388-692AE2B39BC6}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
11:32:55.0227 0x75cc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {269ABCA7-4D42-455C-85A8-B0BBDD6B7145}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
11:32:55.0227 0x75cc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8EC6AB96-C56B-4117-AAA9-98C04FD7F7DC}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x71D4D800
11:32:55.0227 0x75cc  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3873D5CB-8737-4BEA-BDB8-54A69EEBC1FA}, Name: Basic data partition, StartLBA 0x72041800, BlocksNum 0x26C5000
11:32:55.0227 0x75cc  MBR partitions:
11:32:55.0227 0x75cc  ============================================================
11:32:55.0242 0x75cc  C: <-> \Device\Harddisk0\DR0\Partition4
11:32:55.0305 0x75cc  D: <-> \Device\Harddisk0\DR0\Partition5
11:32:55.0305 0x75cc  ============================================================
11:32:55.0305 0x75cc  Initialize success
11:32:55.0305 0x75cc  ============================================================
11:32:58.0159 0x54e4  ============================================================
11:32:58.0159 0x54e4  Scan started
11:32:58.0159 0x54e4  Mode: Manual;
11:32:58.0159 0x54e4  ============================================================
11:32:58.0425 0x54e4  ================ Scan system memory ========================
11:32:58.0425 0x54e4  System memory - ok
11:32:58.0425 0x54e4  ================ Scan services =============================
11:32:58.0518 0x54e4  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
11:32:58.0534 0x54e4  1394ohci - ok
11:32:58.0549 0x54e4  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\windows\system32\drivers\3ware.sys
11:32:58.0549 0x54e4  3ware - ok
11:32:58.0581 0x54e4  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\windows\system32\drivers\ACPI.sys
11:32:58.0596 0x54e4  ACPI - ok
11:32:58.0596 0x54e4  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\windows\system32\Drivers\acpiex.sys
11:32:58.0612 0x54e4  acpiex - ok
11:32:58.0627 0x54e4  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
11:32:58.0627 0x54e4  acpipagr - ok
11:32:58.0643 0x54e4  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
11:32:58.0643 0x54e4  AcpiPmi - ok
11:32:58.0659 0x54e4  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\windows\System32\drivers\acpitime.sys
11:32:58.0659 0x54e4  acpitime - ok
11:32:58.0752 0x54e4  [ C8C6C0D659734FDBF63F6F421A5416BC ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:32:58.0752 0x54e4  AdobeFlashPlayerUpdateSvc - ok
11:32:58.0783 0x54e4  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
11:32:58.0783 0x54e4  adp94xx - ok
11:32:58.0799 0x54e4  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\windows\system32\drivers\adpahci.sys
11:32:58.0799 0x54e4  adpahci - ok
11:32:58.0830 0x54e4  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\windows\system32\drivers\adpu320.sys
11:32:58.0830 0x54e4  adpu320 - ok
11:32:58.0861 0x54e4  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
11:32:58.0861 0x54e4  AeLookupSvc - ok
11:32:58.0908 0x54e4  [ 7C0E0EDF18D6CC565D7BFBB451709FA5 ] AFD             C:\windows\system32\drivers\afd.sys
11:32:58.0908 0x54e4  AFD - ok
11:32:58.0924 0x54e4  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\windows\system32\drivers\agp440.sys
11:32:58.0924 0x54e4  agp440 - ok
11:32:58.0955 0x54e4  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\windows\System32\alg.exe
11:32:58.0955 0x54e4  ALG - ok
11:32:58.0971 0x54e4  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
11:32:58.0971 0x54e4  AllUserInstallAgent - ok
11:32:58.0986 0x54e4  [ 9153EBE093D5C161B005D6D853F95FBE ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
11:32:58.0986 0x54e4  AMD External Events Utility - ok
11:32:59.0017 0x54e4  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\windows\System32\drivers\amdk8.sys
11:32:59.0017 0x54e4  AmdK8 - ok
11:32:59.0173 0x54e4  [ 03282EC251E929C0D797E1F8ADF58C05 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
11:32:59.0220 0x54e4  amdkmdag - ok
11:32:59.0236 0x54e4  [ B1A43C78634B68AD22450B766EB7818C ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
11:32:59.0251 0x54e4  amdkmdap - ok
11:32:59.0251 0x54e4  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
11:32:59.0267 0x54e4  AmdPPM - ok
11:32:59.0283 0x54e4  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\windows\system32\drivers\amdsata.sys
11:32:59.0283 0x54e4  amdsata - ok
11:32:59.0283 0x54e4  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
11:32:59.0283 0x54e4  amdsbs - ok
11:32:59.0314 0x54e4  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\windows\system32\drivers\amdxata.sys
11:32:59.0314 0x54e4  amdxata - ok
11:32:59.0345 0x54e4  [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc      C:\windows\system32\inetsrv\apphostsvc.dll
11:32:59.0345 0x54e4  AppHostSvc - ok
11:32:59.0392 0x54e4  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\windows\system32\drivers\appid.sys
11:32:59.0392 0x54e4  AppID - ok
11:32:59.0423 0x54e4  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\windows\System32\appidsvc.dll
11:32:59.0423 0x54e4  AppIDSvc - ok
11:32:59.0454 0x54e4  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\windows\System32\appinfo.dll
11:32:59.0454 0x54e4  Appinfo - ok
11:32:59.0517 0x54e4  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:32:59.0532 0x54e4  Apple Mobile Device - ok
11:32:59.0548 0x54e4  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\windows\system32\drivers\arc.sys
11:32:59.0548 0x54e4  arc - ok
11:32:59.0563 0x54e4  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\windows\system32\drivers\arcsas.sys
11:32:59.0563 0x54e4  arcsas - ok
11:32:59.0641 0x54e4  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:32:59.0641 0x54e4  aspnet_state - ok
11:32:59.0657 0x54e4  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
11:32:59.0657 0x54e4  AsyncMac - ok
11:32:59.0688 0x54e4  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\windows\system32\drivers\atapi.sys
11:32:59.0688 0x54e4  atapi - ok
11:32:59.0719 0x54e4  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
11:32:59.0719 0x54e4  AudioEndpointBuilder - ok
11:32:59.0766 0x54e4  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        C:\windows\System32\Audiosrv.dll
11:32:59.0782 0x54e4  Audiosrv - ok
11:32:59.0797 0x54e4  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\windows\System32\AxInstSV.dll
11:32:59.0797 0x54e4  AxInstSV - ok
11:32:59.0813 0x54e4  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
11:32:59.0829 0x54e4  b06bdrv - ok
11:32:59.0844 0x54e4  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
11:32:59.0844 0x54e4  BasicDisplay - ok
11:32:59.0860 0x54e4  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
11:32:59.0860 0x54e4  BasicRender - ok
11:32:59.0891 0x54e4  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\windows\System32\bdesvc.dll
11:32:59.0891 0x54e4  BDESVC - ok
11:32:59.0907 0x54e4  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\windows\system32\drivers\Beep.sys
11:32:59.0907 0x54e4  Beep - ok
11:32:59.0938 0x54e4  [ 53AA55632B94622F2DC3695E86EF9363 ] BFE             C:\windows\System32\bfe.dll
11:32:59.0953 0x54e4  BFE - ok
11:32:59.0985 0x54e4  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\windows\System32\qmgr.dll
11:33:00.0000 0x54e4  BITS - ok
11:33:00.0219 0x54e4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:33:00.0219 0x54e4  Bonjour Service - ok
11:33:00.0406 0x54e4  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\windows\system32\DRIVERS\bowser.sys
11:33:00.0406 0x54e4  bowser - ok
11:33:00.0437 0x54e4  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
11:33:00.0437 0x54e4  BrokerInfrastructure - ok
11:33:00.0468 0x54e4  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\windows\System32\browser.dll
11:33:00.0468 0x54e4  Browser - ok
11:33:00.0499 0x54e4  [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
11:33:00.0499 0x54e4  BthAvrcpTg - ok
11:33:00.0515 0x54e4  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
11:33:00.0515 0x54e4  BthHFEnum - ok
11:33:00.0531 0x54e4  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
11:33:00.0546 0x54e4  bthhfhid - ok
11:33:00.0546 0x54e4  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
11:33:00.0562 0x54e4  BTHMODEM - ok
11:33:00.0577 0x54e4  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\windows\system32\bthserv.dll
11:33:00.0577 0x54e4  bthserv - ok
11:33:00.0593 0x54e4  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
11:33:00.0593 0x54e4  cdfs - ok
11:33:00.0609 0x54e4  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\windows\System32\drivers\cdrom.sys
11:33:00.0609 0x54e4  cdrom - ok
11:33:00.0624 0x54e4  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\windows\System32\certprop.dll
11:33:00.0624 0x54e4  CertPropSvc - ok
11:33:00.0640 0x54e4  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\windows\System32\drivers\circlass.sys
11:33:00.0640 0x54e4  circlass - ok
11:33:00.0671 0x54e4  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\windows\system32\drivers\CLFS.sys
11:33:00.0671 0x54e4  CLFS - ok
11:33:00.0702 0x54e4  [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
11:33:00.0702 0x54e4  CLVirtualDrive - ok
11:33:00.0718 0x54e4  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
11:33:00.0718 0x54e4  CmBatt - ok
11:33:00.0749 0x54e4  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\windows\system32\Drivers\cng.sys
11:33:00.0749 0x54e4  CNG - ok
11:33:00.0765 0x54e4  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
11:33:00.0765 0x54e4  CompositeBus - ok
11:33:00.0780 0x54e4  COMSysApp - ok
11:33:00.0796 0x54e4  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\windows\system32\drivers\condrv.sys
11:33:00.0796 0x54e4  condrv - ok
11:33:00.0827 0x54e4  [ 5CE2742F063731EC10C1B2EE386A2C08 ] CryptSvc        C:\windows\system32\cryptsvc.dll
11:33:00.0827 0x54e4  CryptSvc - ok
11:33:00.0858 0x54e4  [ FAEF4C245BE832DB41B15DAAC336AFB7 ] dam             C:\windows\system32\drivers\dam.sys
11:33:00.0858 0x54e4  dam - ok
11:33:00.0889 0x54e4  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\windows\system32\rpcss.dll
11:33:00.0905 0x54e4  DcomLaunch - ok
11:33:00.0936 0x54e4  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\windows\System32\defragsvc.dll
11:33:00.0936 0x54e4  defragsvc - ok
11:33:00.0967 0x54e4  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
11:33:00.0967 0x54e4  DeviceAssociationService - ok
11:33:00.0999 0x54e4  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
11:33:01.0014 0x54e4  DeviceInstall - ok
11:33:01.0030 0x54e4  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
11:33:01.0030 0x54e4  Dfsc - ok
11:33:01.0061 0x54e4  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\windows\system32\dhcpcore.dll
11:33:01.0061 0x54e4  Dhcp - ok
11:33:01.0092 0x54e4  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\windows\system32\drivers\discache.sys
11:33:01.0092 0x54e4  discache - ok
11:33:01.0108 0x54e4  [ AE3786294CC246A5403783E1B86A0168 ] disk            C:\windows\system32\drivers\disk.sys
11:33:01.0108 0x54e4  disk - ok
11:33:01.0139 0x54e4  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
11:33:01.0139 0x54e4  dmvsc - ok
11:33:01.0155 0x54e4  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\windows\System32\dnsrslvr.dll
11:33:01.0155 0x54e4  Dnscache - ok
11:33:01.0170 0x54e4  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\windows\System32\dot3svc.dll
11:33:01.0186 0x54e4  dot3svc - ok
11:33:01.0201 0x54e4  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\windows\system32\dps.dll
11:33:01.0201 0x54e4  DPS - ok
11:33:01.0233 0x54e4  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
11:33:01.0233 0x54e4  drmkaud - ok
11:33:01.0264 0x54e4  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
11:33:01.0264 0x54e4  DsmSvc - ok
11:33:01.0326 0x54e4  [ E6AF4DF1817953D73C519B17CF849756 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
11:33:01.0342 0x54e4  DXGKrnl - ok
11:33:01.0357 0x54e4  [ 651FBD69A9713D623D456A240F96179C ] e1iexpress      C:\windows\system32\DRIVERS\e1i63x64.sys
11:33:01.0357 0x54e4  e1iexpress - ok
11:33:01.0373 0x54e4  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\windows\System32\eapsvc.dll
11:33:01.0373 0x54e4  Eaphost - ok
11:33:01.0451 0x54e4  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\windows\system32\drivers\evbda.sys
11:33:01.0467 0x54e4  ebdrv - ok
11:33:01.0498 0x54e4  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\windows\System32\lsass.exe
11:33:01.0498 0x54e4  EFS - ok
11:33:01.0513 0x54e4  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
11:33:01.0513 0x54e4  EhStorClass - ok
11:33:01.0529 0x54e4  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
11:33:01.0529 0x54e4  EhStorTcgDrv - ok
11:33:01.0560 0x54e4  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\windows\System32\drivers\errdev.sys
11:33:01.0560 0x54e4  ErrDev - ok
11:33:01.0607 0x54e4  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\windows\system32\es.dll
11:33:01.0607 0x54e4  EventSystem - ok
11:33:01.0638 0x54e4  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\windows\system32\drivers\exfat.sys
11:33:01.0638 0x54e4  exfat - ok
11:33:01.0669 0x54e4  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\windows\system32\drivers\fastfat.sys
11:33:01.0669 0x54e4  fastfat - ok
11:33:01.0701 0x54e4  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\windows\system32\fxssvc.exe
11:33:01.0716 0x54e4  Fax - ok
11:33:01.0732 0x54e4  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\windows\System32\drivers\fdc.sys
11:33:01.0732 0x54e4  fdc - ok
11:33:01.0747 0x54e4  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\windows\system32\fdPHost.dll
11:33:01.0747 0x54e4  fdPHost - ok
11:33:01.0779 0x54e4  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\windows\system32\fdrespub.dll
11:33:01.0779 0x54e4  FDResPub - ok
11:33:01.0810 0x54e4  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\windows\system32\fhsvc.dll
11:33:01.0810 0x54e4  fhsvc - ok
11:33:01.0825 0x54e4  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
11:33:01.0825 0x54e4  FileInfo - ok
11:33:01.0841 0x54e4  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
11:33:01.0857 0x54e4  Filetrace - ok
11:33:01.0888 0x54e4  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
11:33:01.0888 0x54e4  flpydisk - ok
11:33:01.0903 0x54e4  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
11:33:01.0903 0x54e4  FltMgr - ok
11:33:01.0950 0x54e4  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\windows\system32\FntCache.dll
11:33:01.0966 0x54e4  FontCache - ok
11:33:02.0028 0x54e4  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:33:02.0028 0x54e4  FontCache3.0.0.0 - ok
11:33:02.0044 0x54e4  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
11:33:02.0044 0x54e4  FsDepends - ok
11:33:02.0075 0x54e4  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
11:33:02.0075 0x54e4  Fs_Rec - ok
11:33:02.0106 0x54e4  [ C1646A95EAC515F60CDB2A7A8A013C1E ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
11:33:02.0122 0x54e4  fvevol - ok
11:33:02.0137 0x54e4  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
11:33:02.0137 0x54e4  FxPPM - ok
11:33:02.0169 0x54e4  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
11:33:02.0184 0x54e4  gagp30kx - ok
11:33:02.0200 0x54e4  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
11:33:02.0200 0x54e4  GEARAspiWDM - ok
11:33:02.0231 0x54e4  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
11:33:02.0231 0x54e4  gencounter - ok
11:33:02.0262 0x54e4  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
11:33:02.0262 0x54e4  GPIOClx0101 - ok
11:33:02.0309 0x54e4  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\windows\System32\gpsvc.dll
11:33:02.0325 0x54e4  gpsvc - ok
11:33:02.0356 0x54e4  [ 630555943E5A3FE21010CE91EC7FC84F ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:33:02.0356 0x54e4  HdAudAddService - ok
11:33:02.0371 0x54e4  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
11:33:02.0371 0x54e4  HDAudBus - ok
11:33:02.0403 0x54e4  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
11:33:02.0403 0x54e4  HidBatt - ok
11:33:02.0418 0x54e4  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\windows\System32\drivers\hidbth.sys
11:33:02.0418 0x54e4  HidBth - ok
11:33:02.0434 0x54e4  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
11:33:02.0449 0x54e4  hidi2c - ok
11:33:02.0465 0x54e4  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\windows\System32\drivers\hidir.sys
11:33:02.0465 0x54e4  HidIr - ok
11:33:02.0481 0x54e4  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\windows\system32\hidserv.dll
11:33:02.0481 0x54e4  hidserv - ok
11:33:02.0512 0x54e4  [ 012C354B4AB48E9A7A657DF39E3A2073 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
11:33:02.0512 0x54e4  HidUsb - ok
11:33:02.0543 0x54e4  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\windows\system32\kmsvc.dll
11:33:02.0543 0x54e4  hkmsvc - ok
11:33:02.0574 0x54e4  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:33:02.0574 0x54e4  HomeGroupListener - ok
11:33:02.0621 0x54e4  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:33:02.0621 0x54e4  HomeGroupProvider - ok
11:33:02.0683 0x54e4  [ 2A8B93A01621E100A578E83C768AFA2C ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
11:33:02.0683 0x54e4  HP Support Assistant Service - ok
11:33:02.0715 0x54e4  [ 949B6D4F2FEFDE409D1D73DA56739EA4 ] HPConnectedRemote c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
11:33:02.0715 0x54e4  HPConnectedRemote - ok
11:33:02.0777 0x54e4  [ D2946D9F020AE76E9CEF9B4A6DF838C0 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
11:33:02.0793 0x54e4  hpqwmiex - ok
11:33:02.0808 0x54e4  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
11:33:02.0808 0x54e4  HpSAMD - ok
11:33:02.0855 0x54e4  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\windows\system32\drivers\HTTP.sys
11:33:02.0855 0x54e4  HTTP - ok
11:33:02.0871 0x54e4  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
11:33:02.0871 0x54e4  hwpolicy - ok
11:33:02.0886 0x54e4  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
11:33:02.0886 0x54e4  hyperkbd - ok
11:33:02.0902 0x54e4  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
11:33:02.0902 0x54e4  HyperVideo - ok
11:33:02.0917 0x54e4  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
11:33:02.0917 0x54e4  i8042prt - ok
11:33:02.0933 0x54e4  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
11:33:02.0933 0x54e4  iaStorV - ok
11:33:03.0105 0x54e4  [ 83915E05E168AB63B48302F7DC5D8E00 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
11:33:03.0151 0x54e4  igfx - ok
11:33:03.0183 0x54e4  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\windows\system32\drivers\iirsp.sys
11:33:03.0183 0x54e4  iirsp - ok
11:33:03.0214 0x54e4  [ E455C83E029121270BED73CDAC381F37 ] IKEEXT          C:\windows\System32\ikeext.dll
11:33:03.0229 0x54e4  IKEEXT - ok
11:33:03.0245 0x54e4  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\windows\system32\drivers\intelide.sys
11:33:03.0245 0x54e4  intelide - ok
11:33:03.0261 0x54e4  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\windows\System32\drivers\intelppm.sys
11:33:03.0261 0x54e4  intelppm - ok
11:33:03.0276 0x54e4  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
11:33:03.0276 0x54e4  IpFilterDriver - ok
11:33:03.0307 0x54e4  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
11:33:03.0323 0x54e4  iphlpsvc - ok
11:33:03.0339 0x54e4  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
11:33:03.0339 0x54e4  IPMIDRV - ok
11:33:03.0354 0x54e4  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
11:33:03.0354 0x54e4  IPNAT - ok
11:33:03.0573 0x54e4  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:33:03.0588 0x54e4  iPod Service - ok
11:33:03.0697 0x54e4  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\windows\system32\drivers\irenum.sys
11:33:03.0713 0x54e4  IRENUM - ok
11:33:03.0729 0x54e4  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\windows\system32\drivers\isapnp.sys
11:33:03.0729 0x54e4  isapnp - ok
11:33:03.0744 0x54e4  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
11:33:03.0760 0x54e4  iScsiPrt - ok
11:33:03.0760 0x54e4  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
11:33:03.0775 0x54e4  kbdclass - ok
11:33:03.0791 0x54e4  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
11:33:03.0791 0x54e4  kbdhid - ok
11:33:03.0791 0x54e4  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
11:33:03.0791 0x54e4  kdnic - ok
11:33:03.0838 0x54e4  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\windows\system32\lsass.exe
11:33:03.0838 0x54e4  KeyIso - ok
11:33:03.0853 0x54e4  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
11:33:03.0853 0x54e4  KSecDD - ok
11:33:03.0885 0x54e4  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
11:33:03.0885 0x54e4  KSecPkg - ok
11:33:03.0916 0x54e4  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
11:33:03.0916 0x54e4  ksthunk - ok
11:33:03.0931 0x54e4  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\windows\system32\msdtckrm.dll
11:33:03.0947 0x54e4  KtmRm - ok
11:33:03.0994 0x54e4  [ CBD16721541EE334F6D623CE0B4003BF ] L1C             C:\windows\system32\DRIVERS\L1C63x64.sys
11:33:03.0994 0x54e4  L1C - ok
11:33:04.0087 0x54e4  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\windows\system32\srvsvc.dll
11:33:04.0087 0x54e4  LanmanServer - ok
11:33:04.0119 0x54e4  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:33:04.0119 0x54e4  LanmanWorkstation - ok
11:33:04.0134 0x54e4  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
11:33:04.0134 0x54e4  lltdio - ok
11:33:04.0165 0x54e4  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\windows\System32\lltdsvc.dll
11:33:04.0165 0x54e4  lltdsvc - ok
11:33:04.0181 0x54e4  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\windows\System32\lmhsvc.dll
11:33:04.0181 0x54e4  lmhosts - ok
11:33:04.0197 0x54e4  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
11:33:04.0197 0x54e4  LSI_SAS - ok
11:33:04.0212 0x54e4  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
11:33:04.0212 0x54e4  LSI_SAS2 - ok
11:33:04.0259 0x54e4  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
11:33:04.0259 0x54e4  LSI_SCSI - ok
11:33:04.0275 0x54e4  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
11:33:04.0275 0x54e4  LSI_SSS - ok
11:33:04.0306 0x54e4  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\windows\System32\lsm.dll
11:33:04.0306 0x54e4  LSM - ok
11:33:04.0321 0x54e4  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\windows\system32\drivers\luafv.sys
11:33:04.0337 0x54e4  luafv - ok
11:33:04.0353 0x54e4  [ CD51E1D0D638F1E07A6EDC98CD7F5DDA ] mbamchameleon   C:\windows\system32\drivers\mbamchameleon.sys
11:33:04.0353 0x54e4  mbamchameleon - ok
11:33:04.0384 0x54e4  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
11:33:04.0384 0x54e4  MBAMProtector - ok
11:33:04.0431 0x54e4  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:33:04.0431 0x54e4  MBAMScheduler - ok
11:33:04.0462 0x54e4  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:33:04.0477 0x54e4  MBAMService - ok
11:33:04.0477 0x54e4  MBAMSwissArmy - ok
11:33:04.0727 0x54e4  [ 49F5B235EDC9C6AC0ABA44737B190317 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
11:33:04.0743 0x54e4  McComponentHostService - ok
11:33:04.0867 0x54e4  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\windows\system32\drivers\megasas.sys
11:33:04.0867 0x54e4  megasas - ok
11:33:04.0899 0x54e4  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
11:33:04.0899 0x54e4  MegaSR - ok
11:33:04.0930 0x54e4  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\windows\system32\mmcss.dll
11:33:04.0930 0x54e4  MMCSS - ok
11:33:04.0945 0x54e4  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\windows\system32\drivers\modem.sys
11:33:04.0945 0x54e4  Modem - ok
11:33:04.0977 0x54e4  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\windows\System32\drivers\monitor.sys
11:33:04.0977 0x54e4  monitor - ok
11:33:04.0992 0x54e4  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\windows\System32\drivers\mouclass.sys
11:33:05.0008 0x54e4  mouclass - ok
11:33:05.0023 0x54e4  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\windows\System32\drivers\mouhid.sys
11:33:05.0023 0x54e4  mouhid - ok
11:33:05.0039 0x54e4  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
11:33:05.0039 0x54e4  mountmgr - ok
11:33:05.0086 0x54e4  [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:33:05.0101 0x54e4  MozillaMaintenance - ok
11:33:05.0117 0x54e4  [ 4CCBBD4944777CA100B9A6C2F149A46F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
11:33:05.0133 0x54e4  mpsdrv - ok
11:33:05.0164 0x54e4  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D ] MpsSvc          C:\windows\system32\mpssvc.dll
11:33:05.0179 0x54e4  MpsSvc - ok
11:33:05.0195 0x54e4  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
11:33:05.0195 0x54e4  MRxDAV - ok
11:33:05.0226 0x54e4  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
11:33:05.0226 0x54e4  mrxsmb - ok
11:33:05.0257 0x54e4  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
11:33:05.0273 0x54e4  mrxsmb10 - ok
11:33:05.0289 0x54e4  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
11:33:05.0289 0x54e4  mrxsmb20 - ok
11:33:05.0320 0x54e4  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
11:33:05.0320 0x54e4  MsBridge - ok
11:33:05.0351 0x54e4  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\windows\System32\msdtc.exe
11:33:05.0351 0x54e4  MSDTC - ok
11:33:05.0367 0x54e4  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\windows\system32\drivers\Msfs.sys
11:33:05.0367 0x54e4  Msfs - ok
11:33:05.0398 0x54e4  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
11:33:05.0398 0x54e4  msgpiowin32 - ok
11:33:05.0413 0x54e4  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
11:33:05.0413 0x54e4  mshidkmdf - ok
11:33:05.0413 0x54e4  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
11:33:05.0413 0x54e4  mshidumdf - ok
11:33:05.0445 0x54e4  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
11:33:05.0445 0x54e4  msisadrv - ok
11:33:05.0460 0x54e4  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\windows\system32\iscsiexe.dll
11:33:05.0460 0x54e4  MSiSCSI - ok
11:33:05.0476 0x54e4  msiserver - ok
11:33:05.0491 0x54e4  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
11:33:05.0491 0x54e4  MSKSSRV - ok
11:33:05.0507 0x54e4  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
11:33:05.0507 0x54e4  MsLldp - ok
11:33:05.0523 0x54e4  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
11:33:05.0523 0x54e4  MSPCLOCK - ok
11:33:05.0538 0x54e4  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
11:33:05.0538 0x54e4  MSPQM - ok
11:33:05.0554 0x54e4  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
11:33:05.0554 0x54e4  MsRPC - ok
11:33:05.0569 0x54e4  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
11:33:05.0569 0x54e4  mssmbios - ok
11:33:05.0585 0x54e4  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
11:33:05.0601 0x54e4  MSTEE - ok
11:33:05.0616 0x54e4  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
11:33:05.0616 0x54e4  MTConfig - ok
11:33:05.0632 0x54e4  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\windows\system32\Drivers\mup.sys
11:33:05.0632 0x54e4  Mup - ok
11:33:05.0647 0x54e4  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\windows\system32\drivers\mvumis.sys
11:33:05.0647 0x54e4  mvumis - ok
11:33:05.0694 0x54e4  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\windows\system32\qagentRT.dll
11:33:05.0694 0x54e4  napagent - ok
11:33:05.0725 0x54e4  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
11:33:05.0725 0x54e4  NativeWifiP - ok
11:33:05.0757 0x54e4  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\windows\System32\ncasvc.dll
11:33:05.0757 0x54e4  NcaSvc - ok
11:33:05.0772 0x54e4  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
11:33:05.0772 0x54e4  NcdAutoSetup - ok
11:33:05.0819 0x54e4  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            C:\windows\system32\drivers\ndis.sys
11:33:05.0819 0x54e4  NDIS - ok
11:33:05.0850 0x54e4  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
11:33:05.0850 0x54e4  NdisCap - ok
11:33:05.0866 0x54e4  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
11:33:05.0866 0x54e4  NdisImPlatform - ok
11:33:05.0897 0x54e4  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
11:33:05.0897 0x54e4  NdisTapi - ok
11:33:05.0897 0x54e4  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
11:33:05.0897 0x54e4  Ndisuio - ok
11:33:05.0913 0x54e4  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
11:33:05.0913 0x54e4  NdisWan - ok
11:33:05.0928 0x54e4  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
11:33:05.0928 0x54e4  NDISWANLEGACY - ok
11:33:05.0959 0x54e4  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
11:33:05.0959 0x54e4  NDProxy - ok
11:33:05.0959 0x54e4  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\windows\system32\drivers\Ndu.sys
11:33:05.0959 0x54e4  Ndu - ok
11:33:05.0975 0x54e4  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
11:33:05.0975 0x54e4  NetBIOS - ok
11:33:05.0991 0x54e4  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
11:33:06.0006 0x54e4  NetBT - ok
11:33:06.0022 0x54e4  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\windows\system32\lsass.exe
11:33:06.0022 0x54e4  Netlogon - ok
11:33:06.0053 0x54e4  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\windows\System32\netman.dll
11:33:06.0053 0x54e4  Netman - ok
11:33:06.0100 0x54e4  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\windows\System32\netprofmsvc.dll
11:33:06.0100 0x54e4  netprofm - ok
11:33:06.0178 0x54e4  [ 080417AC9E51B2B29656EC26B62E87F1 ] netr28x         C:\windows\system32\DRIVERS\netr28x.sys
11:33:06.0193 0x54e4  netr28x - ok
11:33:06.0256 0x54e4  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:33:06.0256 0x54e4  NetTcpPortSharing - ok
11:33:06.0287 0x54e4  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
11:33:06.0287 0x54e4  nfrd960 - ok
11:33:06.0318 0x54e4  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\windows\System32\nlasvc.dll
11:33:06.0334 0x54e4  NlaSvc - ok
11:33:06.0349 0x54e4  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\windows\system32\drivers\Npfs.sys
11:33:06.0349 0x54e4  Npfs - ok
11:33:06.0365 0x54e4  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
11:33:06.0365 0x54e4  npsvctrig - ok
11:33:06.0381 0x54e4  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\windows\system32\nsisvc.dll
11:33:06.0381 0x54e4  nsi - ok
11:33:06.0396 0x54e4  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
11:33:06.0396 0x54e4  nsiproxy - ok
11:33:06.0474 0x54e4  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
11:33:06.0490 0x54e4  Ntfs - ok
11:33:06.0505 0x54e4  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\windows\system32\drivers\Null.sys
11:33:06.0505 0x54e4  Null - ok
11:33:06.0521 0x54e4  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\windows\system32\drivers\nvraid.sys
11:33:06.0521 0x54e4  nvraid - ok
11:33:06.0537 0x54e4  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\windows\system32\drivers\nvstor.sys
11:33:06.0537 0x54e4  nvstor - ok
11:33:06.0537 0x54e4  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
11:33:06.0537 0x54e4  nv_agp - ok
11:33:06.0568 0x54e4  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
11:33:06.0568 0x54e4  p2pimsvc - ok
11:33:06.0584 0x54e4  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\windows\system32\p2psvc.dll
11:33:06.0584 0x54e4  p2psvc - ok
11:33:06.0615 0x54e4  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\windows\System32\drivers\parport.sys
11:33:06.0615 0x54e4  Parport - ok
11:33:06.0646 0x54e4  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
11:33:06.0646 0x54e4  partmgr - ok
11:33:06.0693 0x54e4  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\windows\System32\pcasvc.dll
11:33:06.0693 0x54e4  PcaSvc - ok
11:33:06.0724 0x54e4  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\windows\system32\drivers\pci.sys
11:33:06.0724 0x54e4  pci - ok
11:33:06.0755 0x54e4  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\windows\system32\drivers\pciide.sys
11:33:06.0755 0x54e4  pciide - ok
11:33:06.0771 0x54e4  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
11:33:06.0786 0x54e4  pcmcia - ok
11:33:06.0802 0x54e4  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\windows\system32\drivers\pcw.sys
11:33:06.0802 0x54e4  pcw - ok
11:33:06.0849 0x54e4  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\windows\system32\drivers\pdc.sys
11:33:06.0849 0x54e4  pdc - ok
11:33:06.0880 0x54e4  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
11:33:06.0896 0x54e4  PEAUTH - ok
11:33:06.0974 0x54e4  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\windows\SysWow64\perfhost.exe
11:33:06.0974 0x54e4  PerfHost - ok
11:33:07.0020 0x54e4  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\windows\system32\pla.dll
11:33:07.0036 0x54e4  pla - ok
11:33:07.0067 0x54e4  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
11:33:07.0067 0x54e4  PlugPlay - ok
11:33:07.0083 0x54e4  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
11:33:07.0083 0x54e4  PNRPAutoReg - ok
11:33:07.0098 0x54e4  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
11:33:07.0114 0x54e4  PNRPsvc - ok
11:33:07.0130 0x54e4  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
11:33:07.0145 0x54e4  PolicyAgent - ok
11:33:07.0176 0x54e4  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\windows\system32\umpo.dll
11:33:07.0176 0x54e4  Power - ok
11:33:07.0192 0x54e4  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
11:33:07.0192 0x54e4  PptpMiniport - ok
11:33:07.0301 0x54e4  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:33:07.0317 0x54e4  PrintNotify - ok
11:33:07.0332 0x54e4  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\windows\System32\drivers\processr.sys
11:33:07.0332 0x54e4  Processor - ok
11:33:07.0364 0x54e4  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\windows\system32\profsvc.dll
11:33:07.0364 0x54e4  ProfSvc - ok
11:33:07.0379 0x54e4  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\windows\system32\DRIVERS\pacer.sys
11:33:07.0395 0x54e4  Psched - ok
11:33:07.0410 0x54e4  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\windows\system32\qwave.dll
11:33:07.0410 0x54e4  QWAVE - ok
11:33:07.0426 0x54e4  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
11:33:07.0426 0x54e4  QWAVEdrv - ok
11:33:07.0442 0x54e4  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
11:33:07.0442 0x54e4  RasAcd - ok
11:33:07.0457 0x54e4  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
11:33:07.0457 0x54e4  RasAgileVpn - ok
11:33:07.0473 0x54e4  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\windows\System32\rasauto.dll
11:33:07.0473 0x54e4  RasAuto - ok
11:33:07.0488 0x54e4  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
11:33:07.0488 0x54e4  Rasl2tp - ok
11:33:07.0504 0x54e4  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\windows\System32\rasmans.dll
11:33:07.0520 0x54e4  RasMan - ok
11:33:07.0520 0x54e4  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
11:33:07.0520 0x54e4  RasPppoe - ok
11:33:07.0535 0x54e4  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
11:33:07.0535 0x54e4  RasSstp - ok
11:33:07.0566 0x54e4  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
11:33:07.0566 0x54e4  rdbss - ok
11:33:07.0582 0x54e4  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
11:33:07.0582 0x54e4  rdpbus - ok
11:33:07.0598 0x54e4  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
11:33:07.0613 0x54e4  RDPDR - ok
11:33:07.0644 0x54e4  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:33:07.0644 0x54e4  RdpVideoMiniport - ok
11:33:07.0660 0x54e4  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
11:33:07.0660 0x54e4  RDPWD - ok
11:33:07.0676 0x54e4  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
11:33:07.0676 0x54e4  rdyboost - ok
11:33:07.0738 0x54e4  [ 96EFEC24346A8EB1157E80523079ADDC ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
11:33:07.0738 0x54e4  RealNetworks Downloader Resolver Service - ok
11:33:07.0769 0x54e4  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\windows\System32\mprdim.dll
11:33:07.0769 0x54e4  RemoteAccess - ok
11:33:07.0800 0x54e4  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\windows\system32\regsvc.dll
11:33:07.0800 0x54e4  RemoteRegistry - ok
11:33:07.0832 0x54e4  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
11:33:07.0832 0x54e4  RpcEptMapper - ok
11:33:07.0847 0x54e4  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\windows\system32\locator.exe
11:33:07.0847 0x54e4  RpcLocator - ok
11:33:07.0878 0x54e4  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\windows\system32\rpcss.dll
11:33:07.0894 0x54e4  RpcSs - ok
11:33:07.0910 0x54e4  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
11:33:07.0910 0x54e4  rspndr - ok
11:33:07.0925 0x54e4  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\windows\System32\drivers\vms3cap.sys
11:33:07.0925 0x54e4  s3cap - ok
11:33:07.0956 0x54e4  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\windows\system32\lsass.exe
11:33:07.0956 0x54e4  SamSs - ok
11:33:07.0972 0x54e4  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
11:33:07.0972 0x54e4  sbp2port - ok
11:33:07.0988 0x54e4  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\windows\System32\SCardSvr.dll
11:33:07.0988 0x54e4  SCardSvr - ok
11:33:08.0019 0x54e4  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
11:33:08.0019 0x54e4  scfilter - ok
11:33:08.0066 0x54e4  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\windows\system32\schedsvc.dll
11:33:08.0081 0x54e4  Schedule - ok
11:33:08.0112 0x54e4  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\windows\System32\certprop.dll
11:33:08.0112 0x54e4  SCPolicySvc - ok
11:33:08.0144 0x54e4  [ F58B030A0664385C707B8C1C63682041 ] sdbus           C:\windows\System32\drivers\sdbus.sys
11:33:08.0144 0x54e4  sdbus - ok
11:33:08.0159 0x54e4  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\windows\System32\SDRSVC.dll
11:33:08.0175 0x54e4  SDRSVC - ok
11:33:08.0190 0x54e4  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\windows\System32\drivers\sdstor.sys
11:33:08.0190 0x54e4  sdstor - ok
11:33:08.0206 0x54e4  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
11:33:08.0206 0x54e4  secdrv - ok
11:33:08.0237 0x54e4  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\windows\system32\seclogon.dll
11:33:08.0237 0x54e4  seclogon - ok
11:33:08.0253 0x54e4  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\windows\System32\sens.dll
11:33:08.0253 0x54e4  SENS - ok
11:33:08.0268 0x54e4  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\windows\system32\sensrsvc.dll
11:33:08.0268 0x54e4  SensrSvc - ok
11:33:08.0300 0x54e4  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\windows\system32\drivers\SerCx.sys
11:33:08.0300 0x54e4  SerCx - ok
11:33:08.0300 0x54e4  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\windows\System32\drivers\serenum.sys
11:33:08.0300 0x54e4  Serenum - ok
11:33:08.0315 0x54e4  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\windows\System32\drivers\serial.sys
11:33:08.0315 0x54e4  Serial - ok
11:33:08.0331 0x54e4  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\windows\System32\drivers\sermouse.sys
11:33:08.0331 0x54e4  sermouse - ok
11:33:08.0346 0x54e4  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\windows\system32\sessenv.dll
11:33:08.0362 0x54e4  SessionEnv - ok
11:33:08.0378 0x54e4  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
11:33:08.0378 0x54e4  sfloppy - ok
11:33:08.0409 0x54e4  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\windows\System32\ipnathlp.dll
11:33:08.0409 0x54e4  SharedAccess - ok
11:33:08.0440 0x54e4  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:33:08.0440 0x54e4  ShellHWDetection - ok
11:33:08.0456 0x54e4  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
11:33:08.0456 0x54e4  SiSRaid2 - ok
11:33:08.0471 0x54e4  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
11:33:08.0471 0x54e4  SiSRaid4 - ok
11:33:08.0502 0x54e4  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:33:08.0502 0x54e4  SkypeUpdate - ok
11:33:08.0518 0x54e4  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
11:33:08.0518 0x54e4  SNMPTRAP - ok
11:33:08.0549 0x54e4  [ 9110193D93960E38B8692E4519C75D72 ] spaceport       C:\windows\system32\drivers\spaceport.sys
11:33:08.0549 0x54e4  spaceport - ok
11:33:08.0580 0x54e4  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
11:33:08.0580 0x54e4  SpbCx - ok
11:33:08.0596 0x54e4  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\windows\System32\spoolsv.exe
11:33:08.0612 0x54e4  Spooler - ok
11:33:08.0721 0x54e4  [ 061A977C920FBE4BF71FF47C966DDDCA ] sppsvc          C:\windows\system32\sppsvc.exe
11:33:08.0752 0x54e4  sppsvc - ok
11:33:08.0768 0x54e4  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\windows\system32\DRIVERS\srv.sys
11:33:08.0768 0x54e4  srv - ok
11:33:08.0799 0x54e4  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
11:33:08.0814 0x54e4  srv2 - ok
11:33:08.0830 0x54e4  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
11:33:08.0830 0x54e4  srvnet - ok
11:33:08.0861 0x54e4  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
11:33:08.0861 0x54e4  SSDPSRV - ok
11:33:08.0877 0x54e4  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\windows\system32\sstpsvc.dll
11:33:08.0877 0x54e4  SstpSvc - ok
11:33:08.0908 0x54e4  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\windows\system32\drivers\stexstor.sys
11:33:08.0908 0x54e4  stexstor - ok
11:33:08.0939 0x54e4  [ 7E89F65EB250463EE8665CFE19566FC3 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
11:33:08.0939 0x54e4  STHDA - ok
11:33:08.0970 0x54e4  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\windows\System32\wiaservc.dll
11:33:08.0970 0x54e4  stisvc - ok
11:33:09.0002 0x54e4  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\windows\system32\drivers\storahci.sys
11:33:09.0002 0x54e4  storahci - ok
11:33:09.0017 0x54e4  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
11:33:09.0017 0x54e4  storflt - ok
11:33:09.0033 0x54e4  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\windows\system32\storsvc.dll
11:33:09.0033 0x54e4  StorSvc - ok
11:33:09.0048 0x54e4  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\windows\system32\drivers\storvsc.sys
11:33:09.0064 0x54e4  storvsc - ok
11:33:09.0080 0x54e4  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\windows\system32\svsvc.dll
11:33:09.0080 0x54e4  svsvc - ok
11:33:09.0095 0x54e4  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\windows\System32\drivers\swenum.sys
11:33:09.0095 0x54e4  swenum - ok
11:33:09.0111 0x54e4  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\windows\System32\swprv.dll
11:33:09.0111 0x54e4  swprv - ok
11:33:09.0173 0x54e4  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\windows\system32\sysmain.dll
11:33:09.0173 0x54e4  SysMain - ok
11:33:09.0220 0x54e4  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
11:33:09.0236 0x54e4  SystemEventsBroker - ok
11:33:09.0251 0x54e4  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
11:33:09.0251 0x54e4  TabletInputService - ok
11:33:09.0282 0x54e4  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\windows\System32\tapisrv.dll
11:33:09.0282 0x54e4  TapiSrv - ok
11:33:09.0345 0x54e4  [ DD4249F03598043DED6FA540EB14898A ] Tcpip           C:\windows\system32\drivers\tcpip.sys
11:33:09.0376 0x54e4  Tcpip - ok
11:33:09.0392 0x54e4  [ DD4249F03598043DED6FA540EB14898A ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
11:33:09.0407 0x54e4  TCPIP6 - ok
11:33:09.0438 0x54e4  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
11:33:09.0438 0x54e4  tcpipreg - ok
11:33:09.0454 0x54e4  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
11:33:09.0454 0x54e4  tdx - ok
11:33:09.0470 0x54e4  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\windows\System32\drivers\terminpt.sys
11:33:09.0470 0x54e4  terminpt - ok
11:33:09.0501 0x54e4  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\windows\System32\termsrv.dll
11:33:09.0516 0x54e4  TermService - ok
11:33:09.0532 0x54e4  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\windows\system32\themeservice.dll
11:33:09.0548 0x54e4  Themes - ok
11:33:09.0563 0x54e4  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\windows\system32\mmcss.dll
11:33:09.0563 0x54e4  THREADORDER - ok
11:33:09.0594 0x54e4  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
11:33:09.0594 0x54e4  TimeBroker - ok
11:33:09.0610 0x54e4  [ E94F7A7B48C7638D1F3F8089344C97B7 ] TPM             C:\windows\system32\drivers\tpm.sys
11:33:09.0610 0x54e4  TPM - ok
11:33:09.0641 0x54e4  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\windows\System32\trkwks.dll
11:33:09.0641 0x54e4  TrkWks - ok
11:33:09.0688 0x54e4  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:33:09.0688 0x54e4  TrustedInstaller - ok
11:33:09.0719 0x54e4  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
11:33:09.0719 0x54e4  TsUsbFlt - ok
11:33:09.0735 0x54e4  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
11:33:09.0735 0x54e4  TsUsbGD - ok
11:33:09.0766 0x54e4  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
11:33:09.0766 0x54e4  tunnel - ok
11:33:09.0782 0x54e4  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\windows\system32\drivers\uagp35.sys
11:33:09.0782 0x54e4  uagp35 - ok
11:33:09.0797 0x54e4  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
11:33:09.0813 0x54e4  UASPStor - ok
11:33:09.0844 0x54e4  [ 061BA3EE0D2BE17944990544008CF190 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
11:33:09.0844 0x54e4  UCX01000 - ok
11:33:09.0875 0x54e4  [ 25C50F4EDF70D0A831E0566BD181CCF2 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
11:33:09.0891 0x54e4  udfs - ok
11:33:09.0922 0x54e4  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\windows\system32\UI0Detect.exe
11:33:09.0922 0x54e4  UI0Detect - ok
11:33:09.0953 0x54e4  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
11:33:09.0953 0x54e4  uliagpkx - ok
11:33:09.0969 0x54e4  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\windows\System32\drivers\umbus.sys
11:33:09.0969 0x54e4  umbus - ok
11:33:09.0984 0x54e4  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\windows\System32\drivers\umpass.sys
11:33:09.0984 0x54e4  UmPass - ok
11:33:10.0000 0x54e4  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\windows\System32\umrdp.dll
11:33:10.0000 0x54e4  UmRdpService - ok
11:33:10.0016 0x54e4  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\windows\System32\upnphost.dll
11:33:10.0031 0x54e4  upnphost - ok
11:33:10.0047 0x54e4  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\windows\System32\Drivers\usbaapl64.sys
11:33:10.0062 0x54e4  USBAAPL64 - ok
11:33:10.0078 0x54e4  [ C976C4306F9AE133D6BBD47FDFC3BF92 ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
11:33:10.0078 0x54e4  usbccgp - ok
11:33:10.0109 0x54e4  [ 427B6DB8C05A5A977E8C3525370A2595 ] usbcir          C:\windows\System32\drivers\usbcir.sys
11:33:10.0109 0x54e4  usbcir - ok
11:33:10.0109 0x54e4  [ B24FDEB1B18496F1B463782235AA3AF1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
11:33:10.0125 0x54e4  usbehci - ok
11:33:10.0140 0x54e4  [ 4875DC63E548812C75D4FDEF84970C89 ] usbfilter       C:\windows\System32\drivers\usbfilter.sys
11:33:10.0140 0x54e4  usbfilter - ok
11:33:10.0156 0x54e4  [ F8C2A832DF9403F5EA8080CBDBDA95FB ] usbhub          C:\windows\System32\drivers\usbhub.sys
11:33:10.0172 0x54e4  usbhub - ok
11:33:10.0203 0x54e4  [ E5F7328B1D29BCE791862CD3C0DD382A ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
11:33:10.0203 0x54e4  USBHUB3 - ok
11:33:10.0234 0x54e4  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\windows\System32\drivers\usbohci.sys
11:33:10.0234 0x54e4  usbohci - ok
11:33:10.0250 0x54e4  [ 9FDBA6982582A6F2354144980F641E7B ] usbprint        C:\windows\System32\drivers\usbprint.sys
11:33:10.0250 0x54e4  usbprint - ok
11:33:10.0296 0x54e4  [ BFC7FE4AAEB61317A921871B4085EF4B ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
11:33:10.0296 0x54e4  USBSTOR - ok
11:33:10.0312 0x54e4  [ 1ABF657259DB57F7E5558E4DF1357C0C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
11:33:10.0312 0x54e4  usbuhci - ok
11:33:10.0343 0x54e4  [ 8DC398D7B8E02C929A2096E74A170970 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
11:33:10.0343 0x54e4  USBXHCI - ok
11:33:10.0359 0x54e4  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\windows\system32\lsass.exe
11:33:10.0359 0x54e4  VaultSvc - ok
11:33:10.0390 0x54e4  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
11:33:10.0390 0x54e4  vdrvroot - ok
11:33:10.0421 0x54e4  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             C:\windows\System32\vds.exe
11:33:10.0421 0x54e4  vds - ok
11:33:10.0437 0x54e4  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
11:33:10.0452 0x54e4  VerifierExt - ok
11:33:10.0484 0x54e4  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
11:33:10.0484 0x54e4  vhdmp - ok
11:33:10.0499 0x54e4  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\windows\system32\drivers\viaide.sys
11:33:10.0499 0x54e4  viaide - ok
11:33:10.0515 0x54e4  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\windows\system32\drivers\vmbus.sys
11:33:10.0515 0x54e4  vmbus - ok
11:33:10.0530 0x54e4  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
11:33:10.0530 0x54e4  VMBusHID - ok
11:33:10.0546 0x54e4  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
11:33:10.0546 0x54e4  vmicheartbeat - ok
11:33:10.0562 0x54e4  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
11:33:10.0562 0x54e4  vmickvpexchange - ok
11:33:10.0562 0x54e4  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\windows\System32\ICSvc.dll
11:33:10.0577 0x54e4  vmicrdv - ok
11:33:10.0577 0x54e4  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\windows\System32\ICSvc.dll
11:33:10.0577 0x54e4  vmicshutdown - ok
11:33:10.0593 0x54e4  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\windows\System32\ICSvc.dll
11:33:10.0593 0x54e4  vmictimesync - ok
11:33:10.0593 0x54e4  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\windows\System32\ICSvc.dll
11:33:10.0608 0x54e4  vmicvss - ok
11:33:10.0608 0x54e4  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\windows\system32\drivers\volmgr.sys
11:33:10.0608 0x54e4  volmgr - ok
11:33:10.0624 0x54e4  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
11:33:10.0624 0x54e4  volmgrx - ok
11:33:10.0655 0x54e4  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         C:\windows\system32\drivers\volsnap.sys
11:33:10.0655 0x54e4  volsnap - ok
11:33:10.0671 0x54e4  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\windows\System32\drivers\vpci.sys
11:33:10.0671 0x54e4  vpci - ok
11:33:10.0686 0x54e4  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
11:33:10.0686 0x54e4  vsmraid - ok
11:33:10.0764 0x54e4  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\windows\system32\vssvc.exe
11:33:10.0780 0x54e4  VSS - ok
11:33:10.0780 0x54e4  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
11:33:10.0780 0x54e4  VSTXRAID - ok
11:33:10.0796 0x54e4  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
11:33:10.0796 0x54e4  vwifibus - ok
11:33:10.0811 0x54e4  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
11:33:10.0811 0x54e4  vwififlt - ok
11:33:10.0842 0x54e4  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
11:33:10.0842 0x54e4  vwifimp - ok
11:33:10.0889 0x54e4  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\windows\system32\w32time.dll
11:33:10.0889 0x54e4  W32Time - ok
11:33:10.0905 0x54e4  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\windows\System32\drivers\wacompen.sys
11:33:10.0905 0x54e4  WacomPen - ok
11:33:10.0952 0x54e4  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
11:33:10.0952 0x54e4  Wanarp - ok
11:33:10.0952 0x54e4  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
11:33:10.0952 0x54e4  Wanarpv6 - ok
11:33:11.0014 0x54e4  [ 901CC968412F8155B08D7ABE0171166A ] WAS             C:\windows\system32\inetsrv\iisw3adm.dll
11:33:11.0014 0x54e4  WAS - ok
11:33:11.0061 0x54e4  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\windows\system32\wbengine.exe
11:33:11.0076 0x54e4  wbengine - ok
11:33:11.0092 0x54e4  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
11:33:11.0108 0x54e4  WbioSrvc - ok
11:33:11.0123 0x54e4  [ AF1349386D4C6786EF4E34FACEF15042 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
11:33:11.0139 0x54e4  Wcmsvc - ok
11:33:11.0170 0x54e4  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\windows\System32\wcncsvc.dll
11:33:11.0186 0x54e4  wcncsvc - ok
11:33:11.0201 0x54e4  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:33:11.0217 0x54e4  WcsPlugInService - ok
11:33:11.0248 0x54e4  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\windows\system32\drivers\wd.sys
11:33:11.0248 0x54e4  Wd - ok
11:33:11.0279 0x54e4  [ FD47DF026B32969B8A68721A0243E8EE ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
11:33:11.0279 0x54e4  WdBoot - ok
11:33:11.0326 0x54e4  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
11:33:11.0326 0x54e4  Wdf01000 - ok
11:33:11.0342 0x54e4  [ 5F425D842DD6ADE9F95A51A0616AFAD7 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
11:33:11.0357 0x54e4  WdFilter - ok
11:33:11.0373 0x54e4  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\windows\system32\wdi.dll
11:33:11.0373 0x54e4  WdiServiceHost - ok
11:33:11.0373 0x54e4  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\windows\system32\wdi.dll
11:33:11.0388 0x54e4  WdiSystemHost - ok
11:33:11.0420 0x54e4  [ 9B1384CE8E681D2D77BB3524B8E86311 ] WebClient       C:\windows\System32\webclnt.dll
11:33:11.0420 0x54e4  WebClient - ok
11:33:11.0451 0x54e4  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\windows\system32\wecsvc.dll
11:33:11.0451 0x54e4  Wecsvc - ok
11:33:11.0482 0x54e4  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\windows\System32\wercplsupport.dll
11:33:11.0482 0x54e4  wercplsupport - ok
11:33:11.0513 0x54e4  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\windows\System32\WerSvc.dll
11:33:11.0513 0x54e4  WerSvc - ok
11:33:11.0529 0x54e4  [ 44BB9C31E6242C4BD1CE7C2B440C2533 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
11:33:11.0544 0x54e4  WFPLWFS - ok
11:33:11.0544 0x54e4  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\windows\System32\wiarpc.dll
11:33:11.0544 0x54e4  WiaRpc - ok
11:33:11.0576 0x54e4  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
11:33:11.0576 0x54e4  WIMMount - ok
11:33:11.0607 0x54e4  WinDefend - ok
11:33:11.0669 0x54e4  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
11:33:11.0669 0x54e4  WinHttpAutoProxySvc - ok
11:33:11.0716 0x54e4  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
11:33:11.0716 0x54e4  Winmgmt - ok
11:33:11.0810 0x54e4  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\windows\system32\WsmSvc.dll
11:33:11.0825 0x54e4  WinRM - ok
11:33:11.0856 0x54e4  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
11:33:11.0856 0x54e4  WinUsb - ok
11:33:11.0903 0x54e4  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\windows\System32\wlansvc.dll
11:33:11.0919 0x54e4  WlanSvc - ok
11:33:11.0966 0x54e4  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\windows\system32\wlidsvc.dll
11:33:11.0966 0x54e4  wlidsvc - ok
11:33:11.0981 0x54e4  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
11:33:11.0981 0x54e4  WmiAcpi - ok
11:33:12.0012 0x54e4  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
11:33:12.0012 0x54e4  wmiApSrv - ok
11:33:12.0028 0x54e4  WMPNetworkSvc - ok
11:33:12.0059 0x54e4  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
11:33:12.0059 0x54e4  wpcfltr - ok
11:33:12.0075 0x54e4  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\windows\System32\wpcsvc.dll
11:33:12.0090 0x54e4  WPCSvc - ok
11:33:12.0137 0x54e4  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
11:33:12.0153 0x54e4  WPDBusEnum - ok
11:33:12.0153 0x54e4  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
11:33:12.0168 0x54e4  WpdUpFltr - ok
11:33:12.0200 0x54e4  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
11:33:12.0200 0x54e4  ws2ifsl - ok
11:33:12.0231 0x54e4  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\windows\System32\wscsvc.dll
11:33:12.0231 0x54e4  wscsvc - ok
11:33:12.0231 0x54e4  WSearch - ok
11:33:12.0309 0x54e4  [ D4D04839F3DFAF09D94BAB1016F7A297 ] WSService       C:\windows\System32\WSService.dll
11:33:12.0324 0x54e4  WSService - ok
11:33:12.0402 0x54e4  [ 311E5E1976E0BD9110A88B93158055D5 ] wuauserv        C:\windows\system32\wuaueng.dll
11:33:12.0434 0x54e4  wuauserv - ok
11:33:12.0449 0x54e4  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
11:33:12.0449 0x54e4  WudfPf - ok
11:33:12.0465 0x54e4  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
11:33:12.0465 0x54e4  WUDFRd - ok
11:33:12.0480 0x54e4  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
11:33:12.0480 0x54e4  wudfsvc - ok
11:33:12.0496 0x54e4  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
11:33:12.0496 0x54e4  WUDFWpdFs - ok
11:33:12.0512 0x54e4  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
11:33:12.0512 0x54e4  WUDFWpdMtp - ok
11:33:12.0543 0x54e4  [ 6D9E07436B6646EC8F7EFFD39B6BA288 ] WwanSvc         C:\windows\System32\wwansvc.dll
11:33:12.0558 0x54e4  WwanSvc - ok
11:33:12.0605 0x54e4  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:33:12.0605 0x54e4  YahooAUService - ok
11:33:12.0636 0x54e4  ================ Scan global ===============================
11:33:12.0668 0x54e4  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
11:33:12.0683 0x54e4  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
11:33:12.0714 0x54e4  [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
11:33:12.0746 0x54e4  [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
11:33:12.0761 0x54e4  [Global] - ok
11:33:12.0761 0x54e4  ================ Scan MBR ==================================
11:33:12.0761 0x54e4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:33:12.0777 0x54e4  \Device\Harddisk0\DR0 - ok
11:33:12.0777 0x54e4  ================ Scan VBR ==================================
11:33:12.0777 0x54e4  [ 7CA6896C8D01984EE8C105C1E7399BDD ] \Device\Harddisk0\DR0\Partition1
11:33:12.0777 0x54e4  \Device\Harddisk0\DR0\Partition1 - ok
11:33:12.0792 0x54e4  [ C95126F01BA1F34D1B5C098B3B14CFA9 ] \Device\Harddisk0\DR0\Partition2
11:33:12.0792 0x54e4  \Device\Harddisk0\DR0\Partition2 - ok
11:33:12.0808 0x54e4  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
11:33:12.0808 0x54e4  \Device\Harddisk0\DR0\Partition3 - ok
11:33:12.0824 0x54e4  [ 3EC62D311A7153EC38960F46105D7DF3 ] \Device\Harddisk0\DR0\Partition4
11:33:12.0824 0x54e4  \Device\Harddisk0\DR0\Partition4 - ok
11:33:12.0855 0x54e4  [ 1C2700FAE2E515850B2F5E3F76673E15 ] \Device\Harddisk0\DR0\Partition5
11:33:12.0870 0x54e4  \Device\Harddisk0\DR0\Partition5 - ok
11:33:12.0870 0x54e4  ============================================================
11:33:12.0870 0x54e4  Scan finished
11:33:12.0870 0x54e4  ============================================================
11:33:12.0886 0x93b8  Detected object count: 0
11:33:12.0886 0x93b8  Actual detected object count: 0
 



#4 Jiggity

Jiggity
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 20 February 2014 - 11:48 AM

Adware Log:

 

 

# AdwCleaner v3.019 - Report created 20/02/2014 at 11:37:04
# Updated 17/02/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Eagleeye - JACK
# Running from : C:\Users\Eagleeye\Desktop\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\BitLord 2
Folder Deleted : C:\Users\Eagleeye\AppData\Roaming\BitLord
Folder Deleted : C:\Users\Eagleeye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\Users\Eagleeye\Documents\BitLord
File Deleted : C:\Users\Eagleeye\AppData\Roaming\Mozilla\Firefox\Profiles\dazcm40z.default\searchplugins\conduit-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16798

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Eagleeye\AppData\Roaming\Mozilla\Firefox\Profiles\dazcm40z.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP7C88ED0B-2398-489F-8611-06CBEB0DFB75");
Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");

*************************

AdwCleaner[R0].txt - [658 octets] - [09/09/2013 12:41:36]
AdwCleaner[R1].txt - [3886 octets] - [24/01/2014 23:44:11]
AdwCleaner[R2].txt - [2204 octets] - [20/02/2014 11:36:12]
AdwCleaner[S0].txt - [3950 octets] - [24/01/2014 23:46:36]
AdwCleaner[S1].txt - [1863 octets] - [20/02/2014 11:37:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1923 octets] ##########
 

 

 

JRT Log:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 x64
Ran by Eagleeye on Thu 02/20/2014 at 11:40:30.16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\aol toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8DBB0F05-5FE0-414E-A561-FF366A747882}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3EF64538-8B54-4573-B48F-4D34B0238AB2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D878F20-2013-4132-B294-F1458225BE7A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1D878F20-2013-4132-B294-F1458225BE7A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5BDE3F24-D7B3-40D9-BD31-D1CFF12C47B4}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 02/20/2014 at 11:46:13.98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 20 February 2014 - 01:48 PM

Let me know how its running after ESET.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Jiggity

Jiggity
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 20 February 2014 - 02:06 PM

Here is the eset report:

 

C:\$RECYCLE.BIN\S-1-5-21-2761581975-1894581015-2411478439-1001\$R2TX0QO.exe    a variant of Win32/AdWare.iBryte.Q application    cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-2761581975-1894581015-2411478439-1001\$R6TTG8F.exe    a variant of Win32/AdWare.iBryte.Q application    cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-2761581975-1894581015-2411478439-1001\$RANE25D.exe    a variant of Win32/AdWare.iBryte.Q application    cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-2761581975-1894581015-2411478439-1001\$RG9X518.exe    Win32/InstalleRex.M potentially unwanted application    deleted - quarantined
C:\$RECYCLE.BIN\S-1-5-21-2761581975-1894581015-2411478439-1001\$RQ80SCA.exe    a variant of Win32/AdWare.iBryte.Q application    cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-2761581975-1894581015-2411478439-1001\$RQHTSID.exe    a variant of Win32/AdWare.iBryte.Q application    cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-2761581975-1894581015-2411478439-1001\$RV8F0CN.exe    a variant of Win32/AdWare.iBryte.Q application    cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-2761581975-1894581015-2411478439-1001\$RZO2VNG.exe    a variant of Win32/AdWare.iBryte.Q application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BitLord 2\StubInstaller.exe.vir    Win32/Toolbar.Conduit potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Eagleeye\AppData\Roaming\Mozilla\Firefox\Profiles\dazcm40z.default\Extensions\firefox@linkswift.co.xpi.vir    Win32/BrowseFox.B potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\Warcraft III\ultrasurf.7z    Win32/UltraReach.AD potentially unsafe application    deleted - quarantined
C:\Program Files (x86)\Warcraft III\WinRARSetup.exe    Win32/DownWare.S potentially unwanted application    deleted - quarantined
C:\Users\Eagleeye\7zip_RocketFuelInstaller.exe    a variant of Win32/Verti.A potentially unwanted application    deleted - quarantined
C:\Users\Eagleeye\AppData\Local\Temp\nspE82E\SpSetup.exe    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application    deleted - quarantined
C:\Users\Eagleeye\Downloads\BitLordSetup.exe    Win32/Toolbar.Conduit.M potentially unwanted application    deleted - quarantined
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 20 February 2014 - 02:29 PM

OK, should be good now.. Open Malwarebytes, update and scan.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Jiggity

Jiggity
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 20 February 2014 - 03:35 PM

K, here's what I got from the scan:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.20.09

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
Eagleeye :: JACK [administrator]

2/20/2014 2:49:58 PM
mbam-log-2014-02-20 (14-49-58).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 415370
Time elapsed: 43 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\Eagleeye\AppData\Local\Temp\CT3319597 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 9
C:\$RECYCLE.BIN\S-1-5-21-2761581975-1894581015-2411478439-1001\$R6ZXA0Q.exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BitLord 2\BearShareSetup-r1123-w-bc.exe.vir (PUP.Optional.MusicToolbar.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Eagleeye\AppData\Roaming\BitLord\BrowserCache\f_000032.vir (PUP.Optional.MusicToolbar.A) -> Quarantined and deleted successfully.
C:\Users\Eagleeye\AppData\Local\Temp\nsf5FFD.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eagleeye\AppData\Local\Temp\nskABFE.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eagleeye\AppData\Local\Temp\nspB0FE.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eagleeye\AppData\Local\Temp\nss5546.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eagleeye\AppData\Local\Temp\nsu6319.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Eagleeye\AppData\Local\Temp\CT3319597\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)
 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 20 February 2014 - 04:18 PM

Looks good now ,these are in your Temp folder...
Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Jiggity

Jiggity
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 27 February 2014 - 10:37 PM

My computer wouldn't start up and I had to basically reset it back to how it came when I got it originally (with everything wiped clean off) - it's not bad but I'm still getting stop plug in errors and it gets kind of laggy, I've only had this computer for a year, any tips perhaps?



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 28 February 2014 - 11:10 AM

Lets ask this in the WIN 8 forum as it is clean from the reset and they need to look at the system now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users