Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help. Please and Thank you.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help. Please and Thank you.

Unread postby rmrrar » September 3rd, 2014, 6:17 am

I have been having some problems. I am running windows 7 os. I found that when opening cmd as admin it says local low appdata . also I see there are many users such as is restricted group, remote active log on, anonymous log in, terminal server user. I think someone has messed with my perissions and so forth any help would be great . Thanks rmrrar .

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239
Run by ROBERT at 5:09:54 on 2014-09-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2017 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\svchost.exe -k HsfXAudioService
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\ATT\8.4.1.11\ma\bin\pcTrayApp.exe
C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://www.google.com
uProxyOverride = <local>;*.local;192.168.*.*
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
uRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableSecureUIAPath = dword:1
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{2C42FF12-A26B-49CF-95AC-E1FCD6686B28} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{90E234F7-C657-4311-98DD-CFF16692B34C} : DHCPNameServer = 8.8.8.8 4.2.2.1
TCP: Interfaces\{D37F6B86-617F-44FB-8D81-EFFCBC1C359E} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{D37F6B86-617F-44FB-8D81-EFFCBC1C359E}\144545431373 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{D37F6B86-617F-44FB-8D81-EFFCBC1C359E}\2375942554338343 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{D37F6B86-617F-44FB-8D81-EFFCBC1C359E}\2456374702755637475627E6 : DHCPNameServer = 8.8.8.8 8.8.4.4 208.67.222.222
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://start.toshiba.com/
x64-mDefault_Page_URL = hxxp://start.toshiba.com/
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-Run: [ATT_McciTrayApp] "C:\Program Files\ATT\8.4.1.11\ma\bin\pcTrayApp.exe"
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-10-17 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-10-17 224896]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswsnx.sys [2013-10-17 1041168]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2013-11-7 427360]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2010-10-23 202752]
R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-5-2 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-10-17 79184]
R2 aswStm;aswStm;C:\windows\System32\drivers\aswstm.sys [2013-12-27 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-12 50344]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 HsfXAudioService;HsfXAudioService;C:\windows\System32\svchost.exe -k HsfXAudioService [2009-7-13 27136]
R2 regi;regi;C:\windows\System32\drivers\regi.sys [2010-10-24 14112]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 CAXHWAZL;CAXHWAZL;C:\windows\System32\drivers\CAXHWAZL.sys [2009-2-13 292864]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2010-10-23 35008]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-10-23 325152]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\drivers\rtwlane.sys [2013-5-2 1514568]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-10-23 54136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 Andbus;LGE Android Composite USB Device;C:\windows\System32\drivers\lgandbus.sys [2013-9-16 27944]
S3 AT&T Troubleshoot & Resolve;AT&T Troubleshoot & Resolve;C:\Program Files (x86)\ATT\8.4.1.11\ma\bin\MAHostService.exe [2014-4-2 321024]
S3 ATT MAHostService;ATT MAHostService;C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\MAHostService.exe [2013-8-26 321024]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;C:\windows\System32\drivers\hitmanpro36.sys [2012-4-28 27936]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-8-30 111616]
S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\windows\System32\drivers\btblan.sys [2009-10-9 40320]
S3 ptun0901;TAP Adapter V9 for Private Tunnel;C:\windows\System32\drivers\ptun0901.sys [2014-4-24 27136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-12-12 19456]
S3 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-4-16 39056]
S3 Revoflt;Revoflt;C:\windows\System32\drivers\revoflt.sys [2011-8-29 31800]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-10-23 232992]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2010-10-23 932384]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2013-11-13 42184]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-5-9 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-1-3 1255736]
S4 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2012-6-23 369152]
S4 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2013-4-29 460800]
.
=============== Created Last 30 ================
.
2014-09-02 06:05:33 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C695B95-60C8-4508-AAEB-3B0417B2ABA9}\mpengine.dll
2014-08-31 04:59:59 99480 ----a-w- C:\windows\SysWow64\infocardapi.dll
2014-08-31 04:59:59 171160 ----a-w- C:\windows\System32\infocardapi.dll
2014-08-31 04:59:58 619672 ----a-w- C:\windows\SysWow64\icardagt.exe
2014-08-31 04:59:58 1389208 ----a-w- C:\windows\System32\icardagt.exe
2014-08-31 04:59:56 8856 ----a-w- C:\windows\SysWow64\icardres.dll
2014-08-31 04:59:56 8856 ----a-w- C:\windows\System32\icardres.dll
2014-08-31 04:59:31 35480 ----a-w- C:\windows\SysWow64\TsWpfWrp.exe
2014-08-31 04:59:31 35480 ----a-w- C:\windows\System32\TsWpfWrp.exe
2014-08-31 04:54:58 1719296 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2014-08-31 04:53:54 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-08-31 04:52:59 288192 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2014-08-31 04:52:59 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys
2014-08-31 04:52:54 3163648 ----a-w- C:\windows\System32\win32k.sys
2014-08-31 04:52:53 404480 ----a-w- C:\windows\System32\gdi32.dll
2014-08-31 04:52:53 311808 ----a-w- C:\windows\SysWow64\gdi32.dll
2014-08-31 04:52:52 2048 ----a-w- C:\windows\SysWow64\msxml6r.dll
2014-08-31 04:52:52 2048 ----a-w- C:\windows\SysWow64\msxml3r.dll
2014-08-31 04:52:52 2048 ----a-w- C:\windows\System32\msxml6r.dll
2014-08-31 04:52:52 2048 ----a-w- C:\windows\System32\msxml3r.dll
2014-08-31 04:52:52 2002432 ----a-w- C:\windows\System32\msxml6.dll
2014-08-31 04:52:52 1882112 ----a-w- C:\windows\System32\msxml3.dll
2014-08-31 04:52:52 1389056 ----a-w- C:\windows\SysWow64\msxml6.dll
2014-08-31 04:52:52 1237504 ----a-w- C:\windows\SysWow64\msxml3.dll
2014-08-31 04:49:12 529920 ----a-w- C:\windows\System32\aepdu.dll
2014-08-31 04:49:12 424448 ----a-w- C:\windows\System32\aeinv.dll
2014-08-31 04:47:55 1216000 ----a-w- C:\windows\System32\rpcrt4.dll
2014-08-31 04:47:54 664064 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2014-08-25 06:41:02 -------- d-----w- C:\Program Files (x86)\proXPN
2014-08-09 20:08:11 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2014-08-09 20:08:11 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll
2014-08-09 20:05:53 -------- d-----w- C:\Program Files (x86)\OpenVPN Technologies
.
==================== Find3M ====================
.
2014-08-20 03:39:56 122584 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-08-05 14:20:00 270496 ------w- C:\windows\System32\MpSigStub.exe
2014-07-25 14:02:12 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-07-25 14:01:41 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-07-25 13:28:35 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27 548352 ----a-w- C:\windows\System32\vbscript.dll
2014-07-25 13:25:45 83968 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-07-25 13:04:40 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-07-25 13:00:25 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-07-25 12:59:28 758272 ----a-w- C:\windows\System32\jscript9diag.dll
2014-07-25 12:47:25 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-07-25 12:34:03 455168 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-07-25 12:33:08 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32 61952 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15 5824512 ----a-w- C:\windows\System32\jscript9.dll
2014-07-25 12:28:05 72704 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47 597504 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47 4204032 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-07-25 11:43:16 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29 2087936 ----a-w- C:\windows\System32\inetcpl.cpl
2014-07-25 11:39:25 1249280 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49 2001920 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06 2266624 ----a-w- C:\windows\System32\wininet.dll
2014-07-25 10:05:23 1792512 ----a-w- C:\windows\SysWow64\wininet.dll
2014-07-16 03:23:41 2048 ----a-w- C:\windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-07-13 02:14:28 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-07-13 02:14:28 92008 ----a-w- C:\windows\System32\drivers\aswstm.sys
2014-07-13 02:14:28 79184 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-07-13 02:14:28 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-07-13 02:14:28 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-07-13 02:14:28 224896 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-07-13 02:14:28 1041168 ----a-w- C:\windows\System32\drivers\aswsnx.sys
2014-07-13 02:14:27 43152 ----a-w- C:\windows\avastSS.scr
2014-06-18 02:18:30 692736 ----a-w- C:\windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\windows\SysWow64\osk.exe
2014-06-16 02:10:19 985536 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34 624128 ----a-w- C:\windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\windows\SysWow64\qedit.dll
2014-06-05 14:26:58 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
.
============= FINISH: 5:10:29.25 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/2/2011 10:51:07 PM
System Uptime: 8/31/2014 2:43:20 AM (75 hours ago)
.
Motherboard: TOSHIBA | | NALAE
Processor: AMD Turion(tm) II P540 Dual-Core Processor | Socket M2/S1G1 | 2400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 192.929 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&1B277202&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&1B277202&0&01
Service: vwifimp
.
==== System Restore Points ===================
.
RP543: 8/12/2014 12:06:57 AM - Installed Western Union
RP544: 8/12/2014 12:13:24 AM - Removed Western Union
RP545: 8/20/2014 7:32:33 AM - Scheduled Checkpoint
RP546: 8/20/2014 9:26:30 PM - Windows Update
RP547: 8/22/2014 4:25:25 AM - Removed Google Talk Plugin
RP548: 8/25/2014 1:41:09 AM - Device Driver Package Install: TAP-Windows Provider V9 Network adapters
RP549: 8/30/2014 11:57:53 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.08)
Amazon Links
Apple Mobile Device Support
Apple Software Update
AT&T Troubleshoot & Resolve
ATI Catalyst Install Manager
Audacity 2.0.3
avast! Free Antivirus
Bonjour
Canon MG2100 series MP Drivers
ccc-utility64
CopyTrans Suite Remove Only
Corel WinDVD
ffdshow [rev 2527] [2008-12-19]
Google Chrome
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis
Label@Once 1.0
LAME v3.99.3 (for Windows)
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
proXPN 2.7.2
Quickbooks Financial Center
RealDownloader
RealNetworks - Microsoft Visual C++ 2005 Runtime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek Ethernet Controller Driver For Windows 7
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
RealUpgrade 1.1
Revo Uninstaller Pro 2.5.3
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
SketchUp 2013
Skype Launcher
Synaptics Pointing Device Driver
Torres Box Tuning Calculator version 1.1
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
Toshiba Online Backup
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Tweaking.com - Registry Backup
Utility Common Driver
V.92 Modem On Hold
Vivitar Experience Image Manager
Vodafone WCDMA Composite Device Drive Software
Windows 7 USB/DVD Download Tool
Windows Live Sync
.
==== Event Viewer Messages From Past Week ========
.
8/31/2014 2:46:52 AM, Error: Microsoft-Windows-WMPNSS-Service [14338] - A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
8/31/2014 2:44:42 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PxHlpa64
8/31/2014 2:44:34 AM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/31/2014 2:44:31 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\system32\Rtlihvs.dll Error Code: 126
.
==== End Of File ===========================
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am
Advertisement
Register to Remove

Re: Help. Please and Thank you.

Unread postby Cypher » September 5th, 2014, 8:03 am

Hi,
Sorry for the delay, I'm checking your logs now be right back.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Help. Please and Thank you.

Unread postby Cypher » September 5th, 2014, 8:19 am

Hi,
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Create a new System Restore point

  • Click Start, Right Click on Computer, and select Properties.
  • In the left pane, click System Protection.
  • Now click on Create.
  • Give the new restore point a name like "Start Fix", then click Create again.
  • Now click OK.

Next.

I see you already have Tweaking dot com - Registry Backup installed, please click on THIS link, and follow the instructions for creating a new backup of your Registry.

Next.

I need you to run further scans for me.
Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.


Question, are you aware of this Proxy, did you set it? let me know in your next reply.
uProxyOverride = <local>;*.local;192.168.*.*


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Right click on adwcleaner.exe and select " Run as administrator " to run it.
  • Click on Scan.
  • When the scan has finished, uncheck any entries you don't want to remove, then click on Clean.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next.

Please download FRST ... by Farbar, from the link below and save it to your Desktop.

For 32 bit Systems

For 64 bit Systems

  • Right-click FRST.exe and select " Run as administrator " to run it.
  • When the tool opens click Yes to the disclaimer.
  • Press Scan button. ... When finished a log will be created, FRST.txt.
  • Please post the content of the FRST.txt in your next reply.
  • The first time the tool is run, it will create another log... Addition.txt.
  • Please post the content of the Addition.txt in your next reply.

Logs/Information to Post in your Next Reply

  • Proxy, did you set it?
  • AdwCleaner log.
  • FRST.txt and Addition.txt contents.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Help. Please and Thank you.

Unread postby rmrrar » September 5th, 2014, 8:50 am

I did not set the proxy.

# AdwCleaner v3.309 - Report created 05/09/2014 at 07:42:19
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ROBERT - ROBERT-PC
# Running from : C:\Users\ROBERT\Downloads\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Google Chrome v37.0.2062.103

[ File : C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[0].txt - [5002 octets] - [03/09/2013 01:32:43]
AdwCleaner[R0].txt - [2571 octets] - [18/10/2013 19:34:43]
AdwCleaner[R10].txt - [2072 octets] - [30/08/2014 14:36:40]
AdwCleaner[R11].txt - [2194 octets] - [05/09/2014 07:40:43]
AdwCleaner[R1].txt - [1110 octets] - [18/01/2014 07:36:55]
AdwCleaner[R2].txt - [2899 octets] - [25/04/2014 08:09:39]
AdwCleaner[R3].txt - [1187 octets] - [29/04/2014 16:25:20]
AdwCleaner[R4].txt - [1307 octets] - [02/05/2014 15:36:37]
AdwCleaner[R5].txt - [1574 octets] - [29/05/2014 06:25:17]
AdwCleaner[R6].txt - [1548 octets] - [06/06/2014 02:29:28]
AdwCleaner[R7].txt - [1939 octets] - [12/07/2014 21:00:21]
AdwCleaner[R8].txt - [1936 octets] - [24/07/2014 01:32:21]
AdwCleaner[R9].txt - [2101 octets] - [22/08/2014 05:07:34]
AdwCleaner[S0].txt - [2684 octets] - [18/10/2013 19:36:34]
AdwCleaner[S10].txt - [2135 octets] - [30/08/2014 14:38:09]
AdwCleaner[S11].txt - [1721 octets] - [05/09/2014 07:42:19]
AdwCleaner[S1].txt - [1176 octets] - [18/01/2014 07:38:14]
AdwCleaner[S2].txt - [2927 octets] - [25/04/2014 08:12:58]
AdwCleaner[S3].txt - [1249 octets] - [29/04/2014 16:26:45]
AdwCleaner[S4].txt - [1369 octets] - [02/05/2014 15:37:45]
AdwCleaner[S5].txt - [1639 octets] - [29/05/2014 06:26:12]
AdwCleaner[S6].txt - [1609 octets] - [06/06/2014 02:30:18]
AdwCleaner[S7].txt - [2008 octets] - [12/07/2014 21:01:44]
AdwCleaner[S8].txt - [2001 octets] - [24/07/2014 01:34:14]
AdwCleaner[S9].txt - [2166 octets] - [22/08/2014 05:09:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [2322 octets] ##########
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: Help. Please and Thank you.

Unread postby rmrrar » September 5th, 2014, 8:55 am

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by ROBERT (administrator) on ROBERT-PC on 05-09-2014 07:53:03
Running from C:\Users\ROBERT\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Alcatel-Lucent) C:\Program Files\ATT\8.4.1.11\ma\bin\pcTrayApp.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ATT_McciTrayApp] => C:\Program Files\ATT\8.4.1.11\ma\bin\pcTrayApp.exe [2834432 2014-04-02] (Alcatel-Lucent)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-07-21] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-29] (AVAST Software)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-1876674280-98715098-3197743793-1001\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe [3218792 2010-06-02] (Toshiba)
HKU\S-1-5-21-1876674280-98715098-3197743793-1001\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9C9A7121-333C-4183-94FE-593770E56758} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKLM-x32 - {413D6B5A-DDF9-452B-8138-3FB88131DF57} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKCU - {413D6B5A-DDF9-452B-8138-3FB88131DF57} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
SearchScopes: HKCU - {9C9A7121-333C-4183-94FE-593770E56758} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\ATT\8.4.1.11\ma\bin\npMotive.dll (Alcatel-Lucent)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-07-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-17]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchKeyword: Default -> 16532AD4D4C5F8765F9FB53286B7551F85EBF1AE2D5B1CCDEBE4CBFE7076F389
CHR DefaultSearchURL: Default -> C3586E25EDAB33CA24C3C64DB95F17F7F1FDFABFD2EC73D68664EA4360FCE031
CHR Plugin: (Shockwave Flash) - C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll ()
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Motive Plug-in) - C:\Program Files (x86)\ATT\8.4.1.11\ma\bin\npMotive.dll (Alcatel-Lucent)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Motive Management Plug-in) - C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Profile: C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]
CHR Extension: (Google Search) - C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]
CHR Extension: (Video Downloader professional) - C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-06-13]
CHR Extension: (Planner 5D) - C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfkgdpkecnmfcgfpfibpcnkeakahllc [2014-03-03]
CHR Extension: (Google Wallet) - C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-01]
CHR Extension: (Gmail) - C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-12]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AT&T Troubleshoot & Resolve; C:\Program Files (x86)\ATT\8.4.1.11\ma\bin\MAHostService.exe [321024 2014-04-02] (Alcatel-Lucent) [File not signed]
S3 ATT MAHostService; C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\MAHostService.exe [321024 2013-08-26] (Alcatel-Lucent) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-12] (AVAST Software)
S4 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2013-10-22] (Alcatel-Lucent) [File not signed]
S4 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460800 2013-10-22] (Alcatel-Lucent) [File not signed]
S3 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus.sys [27944 2013-09-16] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-12] ()
S3 hitmanpro35; C:\windows\system32\drivers\hitmanpro36.sys [27936 2012-04-28] ()
S3 motmodem; No ImagePath
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-04-24] (The OpenVPN Project)
R2 regi; C:\windows\SysWOW64\drivers\regi.sys [11032 2007-04-17] (InterVideo)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-11-13] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MREMPR5; \??\C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S0 PxHlpa64; System32\Drivers\PxHlpa64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 07:52 - 2014-09-05 07:52 - 00001423 _____ () C:\Users\ROBERT\Desktop\FRST64.exe - Shortcut.lnk
2014-09-05 07:51 - 2014-09-05 07:52 - 02104832 _____ (Farbar) C:\Users\ROBERT\Downloads\FRST64.exe
2014-09-05 07:40 - 2014-09-05 07:40 - 00001515 _____ () C:\Users\ROBERT\Desktop\adwcleaner_3.309.exe - Shortcut.lnk
2014-09-05 07:39 - 2014-09-05 07:39 - 01370467 _____ () C:\Users\ROBERT\Downloads\adwcleaner_3.309.exe
2014-09-03 05:10 - 2014-09-03 05:10 - 00017187 _____ () C:\Users\ROBERT\Desktop\dds.txt
2014-09-03 05:10 - 2014-09-03 05:10 - 00005601 _____ () C:\Users\ROBERT\Desktop\attach.txt
2014-09-03 05:06 - 2014-09-03 05:08 - 00000000 ____D () C:\Users\ROBERT\Downloads\New folder
2014-09-03 05:00 - 2014-09-03 05:01 - 00000000 ____D () C:\Users\ROBERT\Desktop\misc web info
2014-08-30 23:59 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-30 23:59 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-08-30 23:59 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-30 23:59 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-30 23:59 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-30 23:59 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-30 23:59 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-08-30 23:59 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-08-30 23:57 - 2014-07-31 18:41 - 00348856 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-30 23:57 - 2014-07-31 18:16 - 00307384 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-30 23:57 - 2014-07-25 09:52 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-30 23:57 - 2014-07-25 09:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-30 23:57 - 2014-07-25 09:01 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-30 23:57 - 2014-07-25 08:51 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-30 23:57 - 2014-07-25 08:30 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-30 23:57 - 2014-07-25 08:28 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-30 23:57 - 2014-07-25 08:28 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-30 23:57 - 2014-07-25 08:25 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-30 23:57 - 2014-07-25 08:25 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-08-30 23:57 - 2014-07-25 08:11 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-30 23:57 - 2014-07-25 08:10 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-30 23:57 - 2014-07-25 08:04 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-30 23:57 - 2014-07-25 08:03 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-30 23:57 - 2014-07-25 08:00 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-30 23:57 - 2014-07-25 08:00 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-30 23:57 - 2014-07-25 07:59 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-30 23:57 - 2014-07-25 07:47 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-30 23:57 - 2014-07-25 07:40 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-30 23:57 - 2014-07-25 07:34 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-30 23:57 - 2014-07-25 07:34 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-30 23:57 - 2014-07-25 07:33 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-30 23:57 - 2014-07-25 07:30 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-08-30 23:57 - 2014-07-25 07:28 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-30 23:57 - 2014-07-25 07:28 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-30 23:57 - 2014-07-25 07:21 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-30 23:57 - 2014-07-25 07:19 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-30 23:57 - 2014-07-25 07:18 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-30 23:57 - 2014-07-25 07:17 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-30 23:57 - 2014-07-25 07:17 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-30 23:57 - 2014-07-25 07:12 - 00438784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-30 23:57 - 2014-07-25 07:10 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-30 23:57 - 2014-07-25 07:10 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-30 23:57 - 2014-07-25 07:08 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-30 23:57 - 2014-07-25 07:06 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-30 23:57 - 2014-07-25 06:52 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-30 23:57 - 2014-07-25 06:47 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-30 23:57 - 2014-07-25 06:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-30 23:57 - 2014-07-25 06:42 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-30 23:57 - 2014-07-25 06:39 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-30 23:57 - 2014-07-25 06:39 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-30 23:57 - 2014-07-25 06:36 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-30 23:57 - 2014-07-25 06:34 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-30 23:57 - 2014-07-25 06:29 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-30 23:57 - 2014-07-25 06:23 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-30 23:57 - 2014-07-25 06:13 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-30 23:57 - 2014-07-25 06:07 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-30 23:57 - 2014-07-25 06:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-30 23:57 - 2014-07-25 06:03 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-30 23:57 - 2014-07-25 05:52 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-30 23:57 - 2014-07-25 05:26 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-30 23:57 - 2014-07-25 05:17 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-30 23:57 - 2014-07-25 05:09 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-30 23:57 - 2014-07-25 05:05 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-30 23:57 - 2014-07-25 05:00 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-30 23:54 - 2014-06-24 21:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-30 23:54 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-30 23:54 - 2014-05-08 04:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-08-30 23:54 - 2014-05-08 04:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-08-30 23:54 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-08-30 23:54 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-08-30 23:54 - 2014-03-04 04:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-08-30 23:54 - 2014-03-04 04:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-08-30 23:54 - 2014-03-04 04:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-08-30 23:54 - 2014-03-04 04:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-08-30 23:54 - 2014-03-04 04:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-08-30 23:54 - 2014-03-04 04:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-08-30 23:54 - 2014-03-04 04:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-08-30 23:54 - 2014-03-04 04:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-08-30 23:54 - 2014-03-04 04:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-08-30 23:54 - 2014-03-04 04:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-08-30 23:54 - 2014-03-04 04:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-08-30 23:54 - 2014-03-04 04:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-08-30 23:54 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-08-30 23:54 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-08-30 23:54 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-08-30 23:54 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-08-30 23:54 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-08-30 23:54 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-08-30 23:54 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-08-30 23:54 - 2014-03-04 04:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-08-30 23:53 - 2014-07-15 22:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-30 23:53 - 2014-07-15 21:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-08-30 23:53 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-08-30 23:53 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-08-30 23:53 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-30 23:53 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-08-30 23:53 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-08-30 23:53 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-08-30 23:53 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-08-30 23:53 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-08-30 23:53 - 2014-06-03 05:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-30 23:53 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-30 23:53 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-30 23:53 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-30 23:53 - 2014-06-03 04:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-30 23:53 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-30 23:53 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-30 23:53 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-08-30 23:53 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-08-30 23:53 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-08-30 23:53 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-08-30 23:53 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-08-30 23:53 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-08-30 23:53 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-08-30 23:53 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-08-30 23:53 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-08-30 23:53 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-08-30 23:53 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-08-30 23:53 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-08-30 23:53 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-08-30 23:53 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-08-30 23:53 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-08-30 23:53 - 2014-04-11 21:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-08-30 23:53 - 2014-04-11 21:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-08-30 23:53 - 2014-04-11 21:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-08-30 23:53 - 2014-04-11 21:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-08-30 23:53 - 2014-04-11 21:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-08-30 23:53 - 2014-04-11 21:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-08-30 23:52 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-30 23:52 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-30 23:52 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-30 23:52 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-08-30 23:52 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-08-30 23:52 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-08-30 23:52 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-08-30 23:52 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-08-30 23:52 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-08-30 23:52 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-08-30 23:52 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-08-30 23:52 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-08-30 23:52 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-08-30 23:49 - 2014-08-06 21:06 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-30 23:49 - 2014-08-06 21:01 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-30 23:47 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-30 23:47 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-08-25 01:45 - 2014-09-04 02:51 - 00003146 _____ () C:\windows\System32\Tasks\proXPN
2014-08-25 01:41 - 2014-08-25 01:41 - 00000000 ____D () C:\Users\ROBERT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\proXPN
2014-08-25 01:41 - 2014-08-25 01:41 - 00000000 ____D () C:\Program Files (x86)\proXPN
2014-08-25 01:40 - 2014-08-25 01:40 - 04197792 _____ () C:\Users\ROBERT\Downloads\installproXPN.exe
2014-08-25 01:10 - 2014-08-25 01:12 - 27281991 _____ () C:\Users\ROBERT\Downloads\torbrowser-install-3.6.4_en-US.exe
2014-08-24 06:48 - 2014-08-24 06:48 - 00000000 ____D () C:\Users\ROBERT\Downloads\TCPView
2014-08-24 06:47 - 2014-08-24 06:47 - 00291606 _____ () C:\Users\ROBERT\Downloads\TCPView.zip
2014-08-22 05:07 - 2014-08-22 05:07 - 01364531 _____ () C:\Users\ROBERT\Downloads\adwcleaner_3.308.exe
2014-08-20 21:27 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-20 21:27 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-20 21:27 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-20 21:27 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-20 21:27 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-20 21:27 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-08-20 21:27 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-08-20 21:27 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-20 21:27 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-20 21:27 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-20 21:27 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-20 21:27 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-20 21:27 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-20 21:27 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-08-19 03:15 - 2014-08-19 03:15 - 01133984 _____ () C:\Users\ROBERT\Desktop\MOV051.rv
2014-08-10 13:15 - 2014-08-10 13:15 - 00000000 ____D () C:\Users\ROBERT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-08-09 15:08 - 2014-08-09 15:07 - 00867240 _____ (Oracle Corporation) C:\windows\SysWOW64\npDeployJava1.dll
2014-08-09 15:08 - 2014-08-09 15:07 - 00789416 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2014-08-09 15:05 - 2014-08-09 15:37 - 00000000 ____D () C:\Program Files (x86)\OpenVPN Technologies
2014-08-06 17:14 - 2014-08-06 17:14 - 00000521 _____ () C:\DelFix.txt
2014-08-06 17:11 - 2014-08-06 17:11 - 00709564 _____ () C:\Users\ROBERT\Downloads\delfix_10.8.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 07:53 - 2014-07-28 20:29 - 00017403 _____ () C:\Users\ROBERT\Downloads\FRST.txt
2014-09-05 07:53 - 2014-07-28 20:29 - 00000000 ____D () C:\FRST
2014-09-05 07:52 - 2014-09-05 07:52 - 00001423 _____ () C:\Users\ROBERT\Desktop\FRST64.exe - Shortcut.lnk
2014-09-05 07:52 - 2014-09-05 07:51 - 02104832 _____ (Farbar) C:\Users\ROBERT\Downloads\FRST64.exe
2014-09-05 07:51 - 2009-07-13 23:45 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-05 07:51 - 2009-07-13 23:45 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-05 07:44 - 2013-11-07 11:46 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-09-05 07:43 - 2014-06-06 02:31 - 00001232 _____ () C:\windows\setupact.log
2014-09-05 07:43 - 2013-07-21 12:27 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-05 07:43 - 2013-03-26 16:50 - 00319470 _____ () C:\windows\PFRO.log
2014-09-05 07:43 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-05 07:42 - 2013-09-03 01:32 - 00000000 ____D () C:\AdwCleaner
2014-09-05 07:42 - 2010-10-23 23:42 - 01360479 _____ () C:\windows\WindowsUpdate.log
2014-09-05 07:40 - 2014-09-05 07:40 - 00001515 _____ () C:\Users\ROBERT\Desktop\adwcleaner_3.309.exe - Shortcut.lnk
2014-09-05 07:39 - 2014-09-05 07:39 - 01370467 _____ () C:\Users\ROBERT\Downloads\adwcleaner_3.309.exe
2014-09-05 07:10 - 2014-07-17 14:29 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-05 07:04 - 2013-07-21 12:27 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-04 11:08 - 2013-07-21 12:29 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-04 02:51 - 2014-08-25 01:45 - 00003146 _____ () C:\windows\System32\Tasks\proXPN
2014-09-03 21:28 - 2012-08-17 10:06 - 00000000 ____D () C:\Users\ROBERT\Desktop\new scans
2014-09-03 21:08 - 2014-06-03 06:59 - 00000000 ____D () C:\Users\ROBERT\Desktop\New folder
2014-09-03 08:12 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-03 05:10 - 2014-09-03 05:10 - 00017187 _____ () C:\Users\ROBERT\Desktop\dds.txt
2014-09-03 05:10 - 2014-09-03 05:10 - 00005601 _____ () C:\Users\ROBERT\Desktop\attach.txt
2014-09-03 05:08 - 2014-09-03 05:06 - 00000000 ____D () C:\Users\ROBERT\Downloads\New folder
2014-09-03 05:01 - 2014-09-03 05:00 - 00000000 ____D () C:\Users\ROBERT\Desktop\misc web info
2014-08-31 06:13 - 2013-07-19 20:58 - 00000258 __RSH () C:\Users\ROBERT\ntuser.pol
2014-08-31 06:13 - 2011-01-02 23:51 - 00000000 ____D () C:\Users\ROBERT
2014-08-31 03:25 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2014-08-31 02:41 - 2009-07-13 23:45 - 00279600 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-31 00:26 - 2009-07-14 02:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-31 00:26 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-08-31 00:26 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\Dism
2014-08-31 00:26 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-08-31 00:12 - 2013-08-13 22:02 - 00000000 ____D () C:\windows\system32\MRT
2014-08-30 23:58 - 2014-05-09 04:44 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-08-30 15:03 - 2013-10-17 12:39 - 00002219 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-30 14:34 - 2012-10-26 20:02 - 00783468 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-28 03:18 - 2011-01-14 19:36 - 00000000 ____D () C:\Users\ROBERT\AppData\Local\CrashDumps
2014-08-28 03:09 - 2011-03-01 16:06 - 00000000 ____D () C:\Users\ROBERT\AppData\Roaming\SoftGrid Client
2014-08-25 01:41 - 2014-08-25 01:41 - 00000000 ____D () C:\Users\ROBERT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\proXPN
2014-08-25 01:41 - 2014-08-25 01:41 - 00000000 ____D () C:\Program Files (x86)\proXPN
2014-08-25 01:41 - 2009-07-13 21:34 - 00000426 _____ () C:\windows\win.ini
2014-08-25 01:40 - 2014-08-25 01:40 - 04197792 _____ () C:\Users\ROBERT\Downloads\installproXPN.exe
2014-08-25 01:12 - 2014-08-25 01:10 - 27281991 _____ () C:\Users\ROBERT\Downloads\torbrowser-install-3.6.4_en-US.exe
2014-08-24 06:48 - 2014-08-24 06:48 - 00000000 ____D () C:\Users\ROBERT\Downloads\TCPView
2014-08-24 06:47 - 2014-08-24 06:47 - 00291606 _____ () C:\Users\ROBERT\Downloads\TCPView.zip
2014-08-24 06:13 - 2013-11-14 22:37 - 00003344 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1876674280-98715098-3197743793-1001
2014-08-24 06:13 - 2013-11-14 22:37 - 00003212 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1876674280-98715098-3197743793-1001
2014-08-22 21:07 - 2014-08-30 23:52 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-22 20:45 - 2014-08-30 23:52 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-22 19:59 - 2014-08-30 23:52 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-22 05:07 - 2014-08-22 05:07 - 01364531 _____ () C:\Users\ROBERT\Downloads\adwcleaner_3.308.exe
2014-08-22 04:27 - 2011-01-03 00:00 - 00000000 ____D () C:\Users\ROBERT\AppData\Local\Google
2014-08-22 04:25 - 2012-08-03 13:31 - 00000000 ____D () C:\Users\ROBERT\AppData\Roaming\Mozilla
2014-08-19 03:15 - 2014-08-19 03:15 - 01133984 _____ () C:\Users\ROBERT\Desktop\MOV051.rv
2014-08-13 21:13 - 2011-01-03 00:00 - 00000000 ____D () C:\Users\ROBERT\AppData\Roaming\Adobe
2014-08-12 01:29 - 2014-07-12 20:05 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-10 13:49 - 2013-01-12 21:22 - 00000000 ____D () C:\Users\ROBERT\Downloads\Gangnam Style (강남스타일)
2014-08-10 13:49 - 2013-01-12 21:08 - 00000000 ____D () C:\Users\ROBERT\Downloads\Tyga - Rack City
2014-08-10 13:49 - 2013-01-12 20:49 - 00000000 ____D () C:\Users\ROBERT\Downloads\French Montana - Pop That (feat. Rick Ross, Drake & Lil Wayne)
2014-08-10 13:49 - 2013-01-12 20:40 - 00000000 ____D () C:\Users\ROBERT\Downloads\Fuckin Problem (Prod. 40) (Ft. 2Chainz, Drake, Kendrick Lamar) [2012] 320kbps [nikaJK]
2014-08-10 13:49 - 2013-01-12 20:22 - 00000000 ____D () C:\Users\ROBERT\Downloads\Flo Rida - Whistle
2014-08-10 13:49 - 2013-01-12 18:50 - 00000000 ____D () C:\Users\ROBERT\Downloads\Machine Gun Kelly - Lace Up [2012-Album] iTunes Deluxe NimitMak SilverRG
2014-08-10 13:49 - 2013-01-12 18:24 - 00000000 ____D () C:\Users\ROBERT\Downloads\Swimming Pools (Drank) - Single
2014-08-10 13:24 - 2012-08-16 02:34 - 00000000 ____D () C:\Users\ROBERT\AppData\Roaming\WindSolutions
2014-08-10 13:24 - 2012-08-16 02:34 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-08-10 13:15 - 2014-08-10 13:15 - 00000000 ____D () C:\Users\ROBERT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-08-10 13:15 - 2012-08-16 02:34 - 00001342 _____ () C:\Users\ROBERT\Desktop\CopyTrans Control Center.lnk
2014-08-10 13:10 - 2013-02-01 23:14 - 00000000 ___DC () C:\Users\ROBERT\AppData\Local\MigWiz
2014-08-09 15:37 - 2014-08-09 15:05 - 00000000 ____D () C:\Program Files (x86)\OpenVPN Technologies
2014-08-09 15:07 - 2014-08-09 15:08 - 00867240 _____ (Oracle Corporation) C:\windows\SysWOW64\npDeployJava1.dll
2014-08-09 15:07 - 2014-08-09 15:08 - 00789416 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2014-08-08 11:45 - 2011-05-22 23:44 - 00000000 ____D () C:\Users\ROBERT\Music\Documents\AMANDAS HP INFO
2014-08-06 21:06 - 2014-08-30 23:49 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-06 21:01 - 2014-08-30 23:49 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-06 17:14 - 2014-08-06 17:14 - 00000521 _____ () C:\DelFix.txt
2014-08-06 17:14 - 2013-05-29 19:14 - 00000000 ____D () C:\windows\ERUNT
2014-08-06 17:11 - 2014-08-06 17:11 - 00709564 _____ () C:\Users\ROBERT\Downloads\delfix_10.8.exe

Some content of TEMP:
====================
C:\Users\ROBERT\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-27 00:33

==================== End Of Log ============================
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: Help. Please and Thank you.

Unread postby rmrrar » September 5th, 2014, 8:58 am

I cannot locate the addiotion log . also the frst64 was paused on my task bar. what do I do ?
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: Help. Please and Thank you.

Unread postby Cypher » September 5th, 2014, 10:55 am

Hi,
I cannot locate the addiotion log

Don't worry about that for now.
I'm not seeing any malware in your logs so far, but i would like you to run another scan for me.

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Click on Run ESET Online Scanner, then elect the option YES, I accept the Terms of Use, then click Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Help. Please and Thank you.

Unread postby rmrrar » September 5th, 2014, 3:08 pm

When I opened internet explorer to do scan web browser said that it had changed my search provider b/c my previous was crorupt. after starting the scan it found 1 threat at 33% but wont go past that point it freezes up.I rebooted it and tried again and the same thing as the first...
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: Help. Please and Thank you.

Unread postby rmrrar » September 5th, 2014, 3:08 pm

When I opened internet explorer to do scan web browser said that it had changed my search provider b/c my previous was crorupt. after starting the scan it found 1 threat at 33% but wont go past that point it freezes up.I rebooted it and tried again and the same thing as the first...
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: Help. Please and Thank you.

Unread postby rmrrar » September 5th, 2014, 3:09 pm

I dont know why it just double posted that either . lol
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: Help. Please and Thank you.

Unread postby Cypher » September 6th, 2014, 5:14 am

Hi,
rmrrar wrote:When I opened internet explorer to do scan web browser said that it had changed my search provider b/c my previous was crorupt. after starting the scan it found 1 threat at 33% but wont go past that point it freezes up.I rebooted it and tried again and the same thing as the first...


Ok run this scan for me then post the resulting log.

First please Disable any Antivirus you have active, as shown in This topic.
Note: Don't forget to re-enable it after the scan.

Next please download zoek.exe and save it to your desktop.
  • Close any open browsers.
  • Right click on zoek.exe and select " Run as administrator " to run it.
  • Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up.
  • Click the More Options button below the large panel and check the box:

    • Auto Clean
  • Click on Run script button
  • Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  • Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

    Note: It will also create a log in the C:\ directory named "zoek-results.log"
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Help. Please and Thank you.

Unread postby rmrrar » September 6th, 2014, 7:10 am

Zoek.exe v5.0.0.0 Updated 05-September-2014
Tool run by ROBERT on Sat 09/06/2014 at 5:48:15.77.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ROBERT\Desktop\zoek.exe [Scan all users] [Checkboxes used]

==== System Restore Info ======================

9/6/2014 5:50:21 AM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\PROGRA~2\Yahoo! deleted
C:\PROGRA~2\Chrome deleted
C:\Users\ROBERT\AppData\Roaming\Yahoo! deleted
C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted
C:\PROGRA~3\Yahoo! deleted
C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\Users\ROBERT\AppData\LocalLow\Yahoo! deleted
C:\Users\ROBERT\AppData\LocalLow\Yahoo! Companion deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
"C:\Users\ROBERT\AppData\Roaming\PCTools" deleted
"C:\Users\ROBERT\AppData\Roaming\Samsung" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [07/12/2014 09:14 PM]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
edmgmpmklgfbohogafcfobonnkogchec - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx[05/10/2014 12:21 AM]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07/12/2014 09:14 PM]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[04/16/2013 03:11 AM]

Google Voice Search Hotword (Beta) - ROBERT\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn

==== Chromium Startpages ======================

C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",
"startup_urls": [ "http://www.google.com" ],


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{26D159A9-FE30-477D-9A8A-0F58638F2C54}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{26D159A9-FE30-477D-9A8A-0F58638F2C54} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"
{413D6B5A-DDF9-452B-8138-3FB88131DF57} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND"
{9C9A7121-333C-4183-94FE-593770E56758} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1876674280-98715098-3197743793-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9C9A7121-333C-4183-94FE-593770E56758} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{711C28A5-B699-6680-D276-7F7C8BC7A2C5} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FA48BB90-ACC2-3256-5B48-CF047375AB40} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATT-SST_McciTrayApp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMessaging deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ROBERT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ROBERT\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\ROBERT\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=7 folders=8 1381707 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\ROBERT\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\ROBERT\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Sat 09/06/2014 at 6:07:05.09 ======================
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: Help. Please and Thank you.

Unread postby Cypher » September 6th, 2014, 7:59 am

Hi,
There was nothing of concern in that log to.
What problems if any are you still having?

Please download TDSSKiller.exe and save it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • The log is like UtilityName.Version_Date_Time_log.txt. for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  • Post the contents of that log in your next reply please.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Help. Please and Thank you.

Unread postby rmrrar » September 6th, 2014, 11:03 pm

Well it seems to be working ok but I have concern for the additional network conections that showed up like TAP-Windows Adapter V9, Microsoft Virtual WiFi Miniport Adapter, then I have two other network connections also. What about the permissions the trusted installer ect . Thanks rmrrar

21:53:56.0258 3916 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:53:58.0260 3916 ============================================================
21:53:58.0260 3916 Current date / time: 2014/09/06 21:53:58.0260
21:53:58.0260 3916 SystemInfo:
21:53:58.0260 3916
21:53:58.0260 3916 OS Version: 6.1.7601 ServicePack: 1.0
21:53:58.0260 3916 Product type: Workstation
21:53:58.0260 3916 ComputerName: ROBERT-PC
21:53:58.0260 3916 UserName: ROBERT
21:53:58.0260 3916 Windows directory: C:\windows
21:53:58.0260 3916 System windows directory: C:\windows
21:53:58.0260 3916 Running under WOW64
21:53:58.0260 3916 Processor architecture: Intel x64
21:53:58.0260 3916 Number of processors: 2
21:53:58.0260 3916 Page size: 0x1000
21:53:58.0260 3916 Boot type: Normal boot
21:53:58.0260 3916 ============================================================
21:54:00.0019 3916 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:54:00.0035 3916 ============================================================
21:54:00.0035 3916 \Device\Harddisk0\DR0:
21:54:00.0043 3916 MBR partitions:
21:54:00.0043 3916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23B81000
21:54:00.0043 3916 ============================================================
21:54:00.0127 3916 C: <-> \Device\Harddisk0\DR0\Partition1
21:54:00.0127 3916 ============================================================
21:54:00.0127 3916 Initialize success
21:54:00.0127 3916 ============================================================
21:54:27.0541 4180 ============================================================
21:54:27.0541 4180 Scan started
21:54:27.0541 4180 Mode: Manual;
21:54:27.0541 4180 ============================================================
21:54:28.0056 4180 ================ Scan system memory ========================
21:54:28.0056 4180 System memory - ok
21:54:28.0057 4180 ================ Scan services =============================
21:54:28.0221 4180 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:54:28.0224 4180 1394ohci - ok
21:54:28.0274 4180 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:54:28.0278 4180 ACPI - ok
21:54:28.0305 4180 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:54:28.0306 4180 AcpiPmi - ok
21:54:28.0416 4180 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:54:28.0417 4180 AdobeARMservice - ok
21:54:28.0455 4180 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
21:54:28.0460 4180 adp94xx - ok
21:54:28.0482 4180 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
21:54:28.0486 4180 adpahci - ok
21:54:28.0511 4180 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
21:54:28.0514 4180 adpu320 - ok
21:54:28.0547 4180 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:54:28.0548 4180 AeLookupSvc - ok
21:54:28.0617 4180 [ FA886682CFC5D36718D3E436AACF10B9 ] AFD C:\windows\system32\drivers\afd.sys
21:54:28.0622 4180 AFD - ok
21:54:28.0675 4180 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
21:54:28.0687 4180 AgereSoftModem - ok
21:54:28.0712 4180 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:54:28.0713 4180 agp440 - ok
21:54:28.0738 4180 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:54:28.0739 4180 ALG - ok
21:54:28.0776 4180 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:54:28.0777 4180 aliide - ok
21:54:28.0805 4180 [ 57B773D82E8CC3C6D7E02CC8A6632043 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
21:54:28.0807 4180 AMD External Events Utility - ok
21:54:28.0848 4180 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:54:28.0849 4180 amdide - ok
21:54:28.0875 4180 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
21:54:28.0877 4180 AmdK8 - ok
21:54:29.0064 4180 [ AEFAF27F1B7E52C705DF4FB6C96732F6 ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys
21:54:29.0200 4180 amdkmdag - ok
21:54:29.0269 4180 [ 8149DB73BE27950EC72767A1193153A6 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
21:54:29.0271 4180 amdkmdap - ok
21:54:29.0286 4180 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
21:54:29.0287 4180 AmdPPM - ok
21:54:29.0315 4180 [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata C:\windows\system32\DRIVERS\amdsata.sys
21:54:29.0316 4180 amdsata - ok
21:54:29.0347 4180 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
21:54:29.0350 4180 amdsbs - ok
21:54:29.0407 4180 [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata C:\windows\system32\DRIVERS\amdxata.sys
21:54:29.0408 4180 amdxata - ok
21:54:29.0470 4180 [ 68078ED55974D5F1E591AB0D03A81D41 ] Andbus C:\windows\system32\DRIVERS\lgandbus.sys
21:54:29.0471 4180 Andbus - ok
21:54:29.0508 4180 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:54:29.0510 4180 AppID - ok
21:54:29.0532 4180 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:54:29.0533 4180 AppIDSvc - ok
21:54:29.0578 4180 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll
21:54:29.0579 4180 Appinfo - ok
21:54:29.0661 4180 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:54:29.0663 4180 Apple Mobile Device - ok
21:54:29.0732 4180 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
21:54:29.0734 4180 arc - ok
21:54:29.0748 4180 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
21:54:29.0750 4180 arcsas - ok
21:54:29.0933 4180 [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:54:29.0935 4180 aspnet_state - ok
21:54:30.0017 4180 [ D95E64416A4A3ED6986E0F474DA934BD ] aswHwid C:\windows\system32\drivers\aswHwid.sys
21:54:30.0018 4180 aswHwid - ok
21:54:30.0070 4180 [ FF1E537A3632CBB9A0BF72B9FD0878D5 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
21:54:30.0071 4180 aswMonFlt - ok
21:54:30.0089 4180 [ A5757DE5F9C83AB40667A53D5126EA40 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
21:54:30.0090 4180 aswRdr - ok
21:54:30.0106 4180 [ 645D97385F3F284FB5604F9B970F4D24 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
21:54:30.0107 4180 aswRvrt - ok
21:54:30.0159 4180 [ B8FDEDE963B82CFD23B3A53A3084666D ] aswSnx C:\windows\system32\drivers\aswSnx.sys
21:54:30.0165 4180 aswSnx - ok
21:54:30.0258 4180 [ 0DEDC041DF594AEC2C3BD00417CFAF60 ] aswSP C:\windows\system32\drivers\aswSP.sys
21:54:30.0261 4180 aswSP - ok
21:54:30.0333 4180 [ 48DED912CDE54FC0923B9858512366E1 ] aswStm C:\windows\system32\drivers\aswStm.sys
21:54:30.0334 4180 aswStm - ok
21:54:30.0356 4180 [ 471A311745848B80339436688A8286E6 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
21:54:30.0359 4180 aswVmm - ok
21:54:30.0413 4180 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:54:30.0414 4180 AsyncMac - ok
21:54:30.0509 4180 [ 222D239F0845B8E5401DBA7C45BEDA31 ] AT&T Troubleshoot & Resolve C:\Program Files (x86)\ATT\8.4.1.11\ma\bin\MAHostService.exe
21:54:30.0512 4180 AT&T Troubleshoot & Resolve - ok
21:54:30.0565 4180 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:54:30.0566 4180 atapi - ok
21:54:30.0603 4180 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
21:54:30.0604 4180 AtiPcie - ok
21:54:30.0723 4180 [ 4E8185A861A544800648AF182684A7BC ] ATT MAHostService C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\MAHostService.exe
21:54:30.0727 4180 ATT MAHostService - ok
21:54:30.0786 4180 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:54:30.0793 4180 AudioEndpointBuilder - ok
21:54:30.0820 4180 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:54:30.0824 4180 AudioSrv - ok
21:54:30.0929 4180 [ 73F5C13B431915BAE35254B4E95DFB71 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:54:30.0930 4180 avast! Antivirus - ok
21:54:30.0971 4180 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:54:30.0974 4180 AxInstSV - ok
21:54:31.0011 4180 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
21:54:31.0016 4180 b06bdrv - ok
21:54:31.0059 4180 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:54:31.0062 4180 b57nd60a - ok
21:54:31.0099 4180 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:54:31.0101 4180 BDESVC - ok
21:54:31.0130 4180 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:54:31.0131 4180 Beep - ok
21:54:31.0174 4180 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
21:54:31.0181 4180 BFE - ok
21:54:31.0251 4180 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
21:54:31.0261 4180 BITS - ok
21:54:31.0346 4180 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:54:31.0347 4180 blbdrive - ok
21:54:31.0387 4180 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:54:31.0392 4180 Bonjour Service - ok
21:54:31.0462 4180 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:54:31.0464 4180 bowser - ok
21:54:31.0486 4180 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
21:54:31.0487 4180 BrFiltLo - ok
21:54:31.0502 4180 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
21:54:31.0503 4180 BrFiltUp - ok
21:54:31.0635 4180 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
21:54:31.0637 4180 BridgeMP - ok
21:54:31.0667 4180 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
21:54:31.0669 4180 Browser - ok
21:54:31.0690 4180 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:54:31.0693 4180 Brserid - ok
21:54:31.0717 4180 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:54:31.0718 4180 BrSerWdm - ok
21:54:31.0736 4180 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:54:31.0737 4180 BrUsbMdm - ok
21:54:31.0754 4180 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:54:31.0756 4180 BrUsbSer - ok
21:54:31.0775 4180 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
21:54:31.0776 4180 BTHMODEM - ok
21:54:31.0822 4180 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:54:31.0824 4180 bthserv - ok
21:54:31.0854 4180 catchme - ok
21:54:31.0915 4180 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\windows\system32\DRIVERS\CAXHWAZL.sys
21:54:31.0919 4180 CAXHWAZL - ok
21:54:31.0960 4180 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:54:31.0962 4180 cdfs - ok
21:54:31.0993 4180 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:54:31.0995 4180 cdrom - ok
21:54:32.0061 4180 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:54:32.0063 4180 CertPropSvc - ok
21:54:32.0085 4180 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
21:54:32.0086 4180 circlass - ok
21:54:32.0171 4180 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:54:32.0175 4180 CLFS - ok
21:54:32.0249 4180 [ F13EC8A783E0CB0D6DC26A3CA848B7B8 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:54:32.0251 4180 clr_optimization_v2.0.50727_32 - ok
21:54:32.0299 4180 [ B4D73F04E9BC076F7CDAC4327DF636BB ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:54:32.0301 4180 clr_optimization_v2.0.50727_64 - ok
21:54:32.0348 4180 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:54:32.0350 4180 clr_optimization_v4.0.30319_32 - ok
21:54:32.0367 4180 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:54:32.0369 4180 clr_optimization_v4.0.30319_64 - ok
21:54:32.0416 4180 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:54:32.0417 4180 CmBatt - ok
21:54:32.0458 4180 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:54:32.0460 4180 cmdide - ok
21:54:32.0509 4180 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\windows\system32\Drivers\cng.sys
21:54:32.0513 4180 CNG - ok
21:54:32.0538 4180 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
21:54:32.0538 4180 Compbatt - ok
21:54:32.0569 4180 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
21:54:32.0570 4180 CompositeBus - ok
21:54:32.0574 4180 COMSysApp - ok
21:54:32.0596 4180 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
21:54:32.0597 4180 crcdisk - ok
21:54:32.0638 4180 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\windows\system32\cryptsvc.dll
21:54:32.0641 4180 CryptSvc - ok
21:54:32.0720 4180 [ FD557A50A65E44041CD2FCEF4BEB04DB ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:54:32.0725 4180 cvhsvc - ok
21:54:32.0785 4180 [ D06E443457FADC6B1AFAF3AA4B6936F6 ] dc3d C:\windows\system32\DRIVERS\dc3d.sys
21:54:32.0786 4180 dc3d - ok
21:54:32.0833 4180 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:54:32.0840 4180 DcomLaunch - ok
21:54:32.0874 4180 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:54:32.0878 4180 defragsvc - ok
21:54:32.0965 4180 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:54:32.0967 4180 DfsC - ok
21:54:33.0008 4180 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:54:33.0012 4180 Dhcp - ok
21:54:33.0066 4180 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:54:33.0067 4180 discache - ok
21:54:33.0085 4180 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
21:54:33.0086 4180 Disk - ok
21:54:33.0123 4180 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:54:33.0126 4180 Dnscache - ok
21:54:33.0171 4180 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:54:33.0174 4180 dot3svc - ok
21:54:33.0208 4180 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\windows\system32\DRIVERS\Dot4.sys
21:54:33.0210 4180 dot4 - ok
21:54:33.0236 4180 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
21:54:33.0238 4180 Dot4Print - ok
21:54:33.0252 4180 [ 488669CD1CD3BDCFDD9A5FDA72209069 ] Dot4Scan C:\windows\system32\DRIVERS\Dot4Scan.sys
21:54:33.0253 4180 Dot4Scan - ok
21:54:33.0280 4180 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
21:54:33.0282 4180 dot4usb - ok
21:54:33.0354 4180 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:54:33.0357 4180 DPS - ok
21:54:33.0408 4180 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:54:33.0409 4180 drmkaud - ok
21:54:33.0459 4180 [ 87CE5C8965E101CCCED1F4675557E868 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:54:33.0465 4180 DXGKrnl - ok
21:54:33.0512 4180 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:54:33.0515 4180 EapHost - ok
21:54:33.0610 4180 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
21:54:33.0656 4180 ebdrv - ok
21:54:33.0689 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] EFS C:\windows\System32\lsass.exe
21:54:33.0691 4180 EFS - ok
21:54:33.0768 4180 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:54:33.0776 4180 ehRecvr - ok
21:54:33.0805 4180 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:54:33.0808 4180 ehSched - ok
21:54:33.0843 4180 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
21:54:33.0849 4180 elxstor - ok
21:54:33.0879 4180 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:54:33.0880 4180 ErrDev - ok
21:54:33.0930 4180 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:54:33.0936 4180 EventSystem - ok
21:54:33.0965 4180 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:54:33.0968 4180 exfat - ok
21:54:33.0983 4180 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:54:33.0987 4180 fastfat - ok
21:54:34.0055 4180 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:54:34.0063 4180 Fax - ok
21:54:34.0090 4180 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
21:54:34.0092 4180 fdc - ok
21:54:34.0116 4180 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:54:34.0118 4180 fdPHost - ok
21:54:34.0152 4180 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:54:34.0154 4180 FDResPub - ok
21:54:34.0209 4180 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:54:34.0210 4180 FileInfo - ok
21:54:34.0224 4180 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:54:34.0226 4180 Filetrace - ok
21:54:34.0259 4180 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
21:54:34.0260 4180 flpydisk - ok
21:54:34.0306 4180 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:54:34.0309 4180 FltMgr - ok
21:54:34.0391 4180 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
21:54:34.0404 4180 FontCache - ok
21:54:34.0472 4180 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:54:34.0473 4180 FontCache3.0.0.0 - ok
21:54:34.0497 4180 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:54:34.0499 4180 FsDepends - ok
21:54:34.0567 4180 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:54:34.0568 4180 Fs_Rec - ok
21:54:34.0596 4180 [ FA169871D8FADCC6539C4E8726610286 ] FTDIBUS C:\windows\system32\drivers\ftdibus.sys
21:54:34.0598 4180 FTDIBUS - ok
21:54:34.0609 4180 [ 24237091348D1EFB5635A1CF9649E311 ] FTSER2K C:\windows\system32\drivers\ftser2k.sys
21:54:34.0611 4180 FTSER2K - ok
21:54:34.0667 4180 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:54:34.0670 4180 fvevol - ok
21:54:34.0701 4180 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
21:54:34.0703 4180 gagp30kx - ok
21:54:34.0762 4180 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:54:34.0771 4180 gpsvc - ok
21:54:34.0842 4180 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:54:34.0843 4180 gupdate - ok
21:54:34.0860 4180 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:54:34.0862 4180 gupdatem - ok
21:54:34.0899 4180 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:54:34.0900 4180 hcw85cir - ok
21:54:34.0931 4180 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:54:34.0936 4180 HdAudAddService - ok
21:54:34.0978 4180 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
21:54:34.0979 4180 HDAudBus - ok
21:54:35.0014 4180 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
21:54:35.0016 4180 HidBatt - ok
21:54:35.0027 4180 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
21:54:35.0029 4180 HidBth - ok
21:54:35.0043 4180 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
21:54:35.0045 4180 HidIr - ok
21:54:35.0074 4180 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
21:54:35.0076 4180 hidserv - ok
21:54:35.0123 4180 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
21:54:35.0124 4180 HidUsb - ok
21:54:35.0172 4180 [ 461F1CA9B00F7142480C21A22EFA7288 ] hitmanpro35 C:\windows\system32\drivers\hitmanpro36.sys
21:54:35.0174 4180 hitmanpro35 - ok
21:54:35.0213 4180 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:54:35.0216 4180 hkmsvc - ok
21:54:35.0257 4180 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:54:35.0261 4180 HomeGroupListener - ok
21:54:35.0306 4180 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:54:35.0311 4180 HomeGroupProvider - ok
21:54:35.0342 4180 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:54:35.0343 4180 HpSAMD - ok
21:54:35.0419 4180 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\windows\SysWOW64\XAudio64.dll
21:54:35.0426 4180 HsfXAudioService - ok
21:54:35.0521 4180 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\windows\system32\DRIVERS\CAX_DPV.sys
21:54:35.0535 4180 HSF_DPV - ok
21:54:35.0582 4180 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:54:35.0590 4180 HTTP - ok
21:54:35.0642 4180 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:54:35.0643 4180 hwpolicy - ok
21:54:35.0691 4180 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
21:54:35.0693 4180 i8042prt - ok
21:54:35.0726 4180 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:54:35.0730 4180 iaStorV - ok
21:54:35.0796 4180 [ C98A5B9D932430AD8EEBD3EF73756EF7 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:54:35.0805 4180 idsvc - ok
21:54:35.0823 4180 IEEtwCollectorService - ok
21:54:35.0868 4180 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
21:54:35.0870 4180 iirsp - ok
21:54:35.0915 4180 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\windows\System32\ikeext.dll
21:54:35.0925 4180 IKEEXT - ok
21:54:36.0014 4180 [ 490947A9AFF7CA31EF2E08F5776105EB ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
21:54:36.0028 4180 IntcAzAudAddService - ok
21:54:36.0047 4180 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:54:36.0050 4180 intelide - ok
21:54:36.0076 4180 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:54:36.0077 4180 intelppm - ok
21:54:36.0112 4180 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:54:36.0115 4180 IPBusEnum - ok
21:54:36.0155 4180 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:54:36.0157 4180 IpFilterDriver - ok
21:54:36.0203 4180 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:54:36.0210 4180 iphlpsvc - ok
21:54:36.0230 4180 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:54:36.0232 4180 IPMIDRV - ok
21:54:36.0260 4180 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:54:36.0262 4180 IPNAT - ok
21:54:36.0284 4180 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:54:36.0285 4180 IRENUM - ok
21:54:36.0316 4180 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:54:36.0317 4180 isapnp - ok
21:54:36.0354 4180 [ 96BB922A0981BC7432C8CF52B5410FE6 ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:54:36.0358 4180 iScsiPrt - ok
21:54:36.0388 4180 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
21:54:36.0391 4180 IviRegMgr - ok
21:54:36.0439 4180 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:54:36.0440 4180 kbdclass - ok
21:54:36.0471 4180 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
21:54:36.0472 4180 kbdhid - ok
21:54:36.0489 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] KeyIso C:\windows\system32\lsass.exe
21:54:36.0491 4180 KeyIso - ok
21:54:36.0538 4180 [ 353009DEDF918B2A51414F330CF72DEC ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:54:36.0540 4180 KSecDD - ok
21:54:36.0555 4180 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:54:36.0557 4180 KSecPkg - ok
21:54:36.0595 4180 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:54:36.0596 4180 ksthunk - ok
21:54:36.0630 4180 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:54:36.0636 4180 KtmRm - ok
21:54:36.0695 4180 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
21:54:36.0700 4180 LanmanServer - ok
21:54:36.0736 4180 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:54:36.0741 4180 LanmanWorkstation - ok
21:54:36.0791 4180 [ 797289607A5EBF31353AA5EAD141F872 ] LeapFrog-USBLAN C:\windows\system32\DRIVERS\btblan.sys
21:54:36.0793 4180 LeapFrog-USBLAN - ok
21:54:36.0841 4180 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:54:36.0843 4180 lltdio - ok
21:54:36.0875 4180 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:54:36.0880 4180 lltdsvc - ok
21:54:36.0893 4180 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:54:36.0895 4180 lmhosts - ok
21:54:36.0925 4180 [ 41E122F6D1448C94CC05196BC41D6BFB ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
21:54:36.0926 4180 LPCFilter - ok
21:54:36.0961 4180 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
21:54:36.0963 4180 LSI_FC - ok
21:54:36.0980 4180 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
21:54:36.0982 4180 LSI_SAS - ok
21:54:37.0000 4180 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
21:54:37.0002 4180 LSI_SAS2 - ok
21:54:37.0021 4180 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
21:54:37.0023 4180 LSI_SCSI - ok
21:54:37.0105 4180 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:54:37.0106 4180 luafv - ok
21:54:37.0185 4180 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:54:37.0188 4180 Mcx2Svc - ok
21:54:37.0211 4180 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\windows\system32\DRIVERS\mdmxsdk.sys
21:54:37.0212 4180 mdmxsdk - ok
21:54:37.0224 4180 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
21:54:37.0225 4180 megasas - ok
21:54:37.0265 4180 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
21:54:37.0269 4180 MegaSR - ok
21:54:37.0294 4180 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:54:37.0297 4180 MMCSS - ok
21:54:37.0341 4180 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:54:37.0342 4180 Modem - ok
21:54:37.0401 4180 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:54:37.0402 4180 monitor - ok
21:54:37.0407 4180 motmodem - ok
21:54:37.0470 4180 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:54:37.0471 4180 mouclass - ok
21:54:37.0498 4180 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:54:37.0499 4180 mouhid - ok
21:54:37.0527 4180 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:54:37.0529 4180 mountmgr - ok
21:54:37.0553 4180 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:54:37.0555 4180 mpio - ok
21:54:37.0596 4180 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:54:37.0597 4180 mpsdrv - ok
21:54:37.0658 4180 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
21:54:37.0668 4180 MpsSvc - ok
21:54:37.0708 4180 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
21:54:37.0710 4180 MREMP50 - ok
21:54:37.0806 4180 [ C2758DF79C83A0D12A5599A040CA1818 ] MREMP50a64 C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
21:54:37.0808 4180 MREMP50a64 - ok
21:54:37.0843 4180 MREMPR5 - ok
21:54:37.0856 4180 MRENDIS5 - ok
21:54:37.0884 4180 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
21:54:37.0886 4180 MRESP50 - ok
21:54:37.0955 4180 [ 38BD5B32E0722752BE8465D2A6DA43D9 ] MRESP50a64 C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
21:54:37.0957 4180 MRESP50a64 - ok
21:54:37.0998 4180 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:54:38.0001 4180 MRxDAV - ok
21:54:38.0057 4180 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:54:38.0059 4180 mrxsmb - ok
21:54:38.0111 4180 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:54:38.0115 4180 mrxsmb10 - ok
21:54:38.0179 4180 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:54:38.0181 4180 mrxsmb20 - ok
21:54:38.0234 4180 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
21:54:38.0235 4180 msahci - ok
21:54:38.0267 4180 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:54:38.0269 4180 msdsm - ok
21:54:38.0282 4180 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:54:38.0286 4180 MSDTC - ok
21:54:38.0353 4180 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:54:38.0354 4180 Msfs - ok
21:54:38.0371 4180 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:54:38.0373 4180 mshidkmdf - ok
21:54:38.0405 4180 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:54:38.0406 4180 msisadrv - ok
21:54:38.0451 4180 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:54:38.0455 4180 MSiSCSI - ok
21:54:38.0460 4180 msiserver - ok
21:54:38.0506 4180 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:54:38.0507 4180 MSKSSRV - ok
21:54:38.0521 4180 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:54:38.0522 4180 MSPCLOCK - ok
21:54:38.0538 4180 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:54:38.0540 4180 MSPQM - ok
21:54:38.0581 4180 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:54:38.0585 4180 MsRPC - ok
21:54:38.0617 4180 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
21:54:38.0618 4180 mssmbios - ok
21:54:38.0668 4180 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:54:38.0669 4180 MSTEE - ok
21:54:38.0684 4180 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
21:54:38.0685 4180 MTConfig - ok
21:54:38.0724 4180 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:54:38.0725 4180 Mup - ok
21:54:38.0777 4180 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:54:38.0785 4180 napagent - ok
21:54:38.0859 4180 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:54:38.0863 4180 NativeWifiP - ok
21:54:38.0930 4180 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
21:54:38.0940 4180 NDIS - ok
21:54:38.0970 4180 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:54:38.0972 4180 NdisCap - ok
21:54:39.0016 4180 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:54:39.0017 4180 NdisTapi - ok
21:54:39.0054 4180 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:54:39.0055 4180 Ndisuio - ok
21:54:39.0102 4180 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:54:39.0104 4180 NdisWan - ok
21:54:39.0156 4180 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:54:39.0158 4180 NDProxy - ok
21:54:39.0185 4180 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:54:39.0186 4180 NetBIOS - ok
21:54:39.0229 4180 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:54:39.0232 4180 NetBT - ok
21:54:39.0289 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] Netlogon C:\windows\system32\lsass.exe
21:54:39.0291 4180 Netlogon - ok
21:54:39.0324 4180 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:54:39.0330 4180 Netman - ok
21:54:39.0410 4180 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:39.0412 4180 NetMsmqActivator - ok
21:54:39.0454 4180 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:39.0456 4180 NetPipeActivator - ok
21:54:39.0496 4180 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:54:39.0502 4180 netprofm - ok
21:54:39.0521 4180 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:39.0523 4180 NetTcpActivator - ok
21:54:39.0543 4180 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:39.0544 4180 NetTcpPortSharing - ok
21:54:39.0582 4180 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
21:54:39.0584 4180 nfrd960 - ok
21:54:39.0634 4180 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
21:54:39.0639 4180 NlaSvc - ok
21:54:39.0702 4180 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:54:39.0704 4180 Npfs - ok
21:54:39.0726 4180 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:54:39.0729 4180 nsi - ok
21:54:39.0737 4180 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:54:39.0738 4180 nsiproxy - ok
21:54:39.0848 4180 [ 1A29A59A4C5BA6F8C85062A613B7E2B2 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:54:39.0865 4180 Ntfs - ok
21:54:39.0925 4180 [ A2F750E416D1C628BDCDC2075AC33BC6 ] NuidFltr C:\windows\system32\DRIVERS\NuidFltr.sys
21:54:39.0926 4180 NuidFltr - ok
21:54:39.0980 4180 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:54:39.0981 4180 Null - ok
21:54:40.0005 4180 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
21:54:40.0008 4180 nvraid - ok
21:54:40.0040 4180 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
21:54:40.0043 4180 nvstor - ok
21:54:40.0064 4180 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:54:40.0066 4180 nv_agp - ok
21:54:40.0083 4180 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:54:40.0085 4180 ohci1394 - ok
21:54:40.0125 4180 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:54:40.0128 4180 ose - ok
21:54:40.0289 4180 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:54:40.0393 4180 osppsvc - ok
21:54:40.0428 4180 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:54:40.0434 4180 p2pimsvc - ok
21:54:40.0476 4180 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:54:40.0484 4180 p2psvc - ok
21:54:40.0514 4180 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
21:54:40.0517 4180 Parport - ok
21:54:40.0566 4180 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
21:54:40.0568 4180 partmgr - ok
21:54:40.0601 4180 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:54:40.0605 4180 PcaSvc - ok
21:54:40.0675 4180 [ 741C88A7F4AA6B120CF3E1627B2EC654 ] pcCMService C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
21:54:40.0679 4180 pcCMService - ok
21:54:40.0745 4180 [ EF4B5B3B1D1B05B0871C69CDF98CEA66 ] pcCMService64 C:\Program Files\Common Files\Motive\pcCMService.exe
21:54:40.0750 4180 pcCMService64 - ok
21:54:40.0805 4180 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:54:40.0808 4180 pci - ok
21:54:40.0833 4180 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
21:54:40.0834 4180 pciide - ok
21:54:40.0868 4180 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
21:54:40.0872 4180 pcmcia - ok
21:54:40.0894 4180 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:54:40.0895 4180 pcw - ok
21:54:40.0978 4180 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:54:40.0985 4180 PEAUTH - ok
21:54:41.0056 4180 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:54:41.0059 4180 PerfHost - ok
21:54:41.0111 4180 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
21:54:41.0112 4180 PGEffect - ok
21:54:41.0173 4180 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:54:41.0189 4180 pla - ok
21:54:41.0242 4180 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:54:41.0249 4180 PlugPlay - ok
21:54:41.0280 4180 [ 64CA1485214340CACC315FFDFDED73EF ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
21:54:41.0282 4180 Pml Driver HPZ12 - ok
21:54:41.0297 4180 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:54:41.0300 4180 PNRPAutoReg - ok
21:54:41.0318 4180 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:54:41.0322 4180 PNRPsvc - ok
21:54:41.0381 4180 [ 32D374C60778253B81FA76C2FE19E155 ] Point64 C:\windows\system32\DRIVERS\point64.sys
21:54:41.0382 4180 Point64 - ok
21:54:41.0424 4180 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:54:41.0430 4180 PolicyAgent - ok
21:54:41.0467 4180 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:54:41.0472 4180 Power - ok
21:54:41.0516 4180 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:54:41.0521 4180 PptpMiniport - ok
21:54:41.0594 4180 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
21:54:41.0595 4180 Processor - ok
21:54:41.0630 4180 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
21:54:41.0635 4180 ProfSvc - ok
21:54:41.0645 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] ProtectedStorage C:\windows\system32\lsass.exe
21:54:41.0648 4180 ProtectedStorage - ok
21:54:41.0704 4180 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:54:41.0707 4180 Psched - ok
21:54:41.0736 4180 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:54:41.0738 4180 PSI_SVC_2 - ok
21:54:41.0803 4180 [ D8EB393983B644879DE0546122CC16DF ] ptun0901 C:\windows\system32\DRIVERS\ptun0901.sys
21:54:41.0804 4180 ptun0901 - ok
21:54:41.0844 4180 PxHlpa64 - ok
21:54:41.0893 4180 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
21:54:41.0908 4180 ql2300 - ok
21:54:41.0944 4180 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
21:54:41.0946 4180 ql40xx - ok
21:54:41.0983 4180 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:54:41.0989 4180 QWAVE - ok
21:54:42.0008 4180 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:54:42.0010 4180 QWAVEdrv - ok
21:54:42.0031 4180 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:54:42.0033 4180 RasAcd - ok
21:54:42.0085 4180 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:54:42.0086 4180 RasAgileVpn - ok
21:54:42.0108 4180 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:54:42.0112 4180 RasAuto - ok
21:54:42.0151 4180 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:54:42.0153 4180 Rasl2tp - ok
21:54:42.0219 4180 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:54:42.0226 4180 RasMan - ok
21:54:42.0260 4180 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:54:42.0262 4180 RasPppoe - ok
21:54:42.0307 4180 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:54:42.0309 4180 RasSstp - ok
21:54:42.0388 4180 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:54:42.0392 4180 rdbss - ok
21:54:42.0425 4180 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
21:54:42.0427 4180 rdpbus - ok
21:54:42.0447 4180 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:54:42.0448 4180 RDPCDD - ok
21:54:42.0488 4180 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:54:42.0489 4180 RDPENCDD - ok
21:54:42.0507 4180 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:54:42.0507 4180 RDPREFMP - ok
21:54:42.0565 4180 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
21:54:42.0566 4180 RdpVideoMiniport - ok
21:54:42.0608 4180 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:54:42.0611 4180 RDPWD - ok
21:54:42.0665 4180 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:54:42.0668 4180 rdyboost - ok
21:54:42.0771 4180 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
21:54:42.0772 4180 RealNetworks Downloader Resolver Service - ok
21:54:42.0846 4180 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys
21:54:42.0847 4180 regi - ok
21:54:42.0868 4180 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:54:42.0871 4180 RemoteAccess - ok
21:54:42.0926 4180 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:54:42.0930 4180 RemoteRegistry - ok
21:54:42.0990 4180 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\windows\system32\DRIVERS\revoflt.sys
21:54:42.0992 4180 Revoflt - ok
21:54:43.0052 4180 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:54:43.0056 4180 RpcEptMapper - ok
21:54:43.0069 4180 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:54:43.0072 4180 RpcLocator - ok
21:54:43.0122 4180 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
21:54:43.0128 4180 RpcSs - ok
21:54:43.0209 4180 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:54:43.0211 4180 rspndr - ok
21:54:43.0261 4180 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
21:54:43.0264 4180 RSUSBSTOR - ok
21:54:43.0289 4180 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys
21:54:43.0291 4180 RTHDMIAzAudService - ok
21:54:43.0341 4180 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
21:54:43.0344 4180 RTL8167 - ok
21:54:43.0388 4180 [ FFC748D848740D1BC8F330A8879C2674 ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
21:54:43.0398 4180 RTL8192Ce - ok
21:54:43.0491 4180 [ F84917461BDB7C51B2ED7FF062B3A64A ] RTWlanE C:\windows\system32\DRIVERS\rtwlane.sys
21:54:43.0500 4180 RTWlanE - ok
21:54:43.0523 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] SamSs C:\windows\system32\lsass.exe
21:54:43.0525 4180 SamSs - ok
21:54:43.0559 4180 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:54:43.0561 4180 sbp2port - ok
21:54:43.0599 4180 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:54:43.0604 4180 SCardSvr - ok
21:54:43.0640 4180 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:54:43.0641 4180 scfilter - ok
21:54:43.0703 4180 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:54:43.0718 4180 Schedule - ok
21:54:43.0762 4180 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:54:43.0764 4180 SCPolicySvc - ok
21:54:43.0788 4180 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:54:43.0792 4180 SDRSVC - ok
21:54:43.0858 4180 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:54:43.0860 4180 secdrv - ok
21:54:43.0897 4180 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:54:43.0901 4180 seclogon - ok
21:54:43.0925 4180 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
21:54:43.0929 4180 SENS - ok
21:54:43.0938 4180 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:54:43.0942 4180 SensrSvc - ok
21:54:43.0959 4180 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
21:54:43.0960 4180 Serenum - ok
21:54:43.0999 4180 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
21:54:44.0001 4180 Serial - ok
21:54:44.0032 4180 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
21:54:44.0033 4180 sermouse - ok
21:54:44.0082 4180 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:54:44.0087 4180 SessionEnv - ok
21:54:44.0114 4180 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:54:44.0115 4180 sffdisk - ok
21:54:44.0131 4180 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:54:44.0132 4180 sffp_mmc - ok
21:54:44.0143 4180 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:54:44.0144 4180 sffp_sd - ok
21:54:44.0173 4180 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
21:54:44.0174 4180 sfloppy - ok
21:54:44.0262 4180 [ 2046AA7491DE7EFA4D70E615D9BC9D09 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
21:54:44.0267 4180 Sftfs - ok
21:54:44.0327 4180 [ 77C5A741A7452812F278EF2C18478862 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:54:44.0332 4180 sftlist - ok
21:54:44.0392 4180 [ 0E0446BC4D51BE4263ACB7E33491191C ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
21:54:44.0394 4180 Sftplay - ok
21:54:44.0429 4180 [ C5FB982CD266E604ED3142102C26D62C ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
21:54:44.0431 4180 Sftredir - ok
21:54:44.0497 4180 [ 2575511AF67AA1FA068CCC4918E2C2A3 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
21:54:44.0498 4180 Sftvol - ok
21:54:44.0535 4180 [ 39B1D0A636A400304565D4521FAD6D77 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:54:44.0537 4180 sftvsa - ok
21:54:44.0590 4180 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:54:44.0596 4180 SharedAccess - ok
21:54:44.0641 4180 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:54:44.0648 4180 ShellHWDetection - ok
21:54:44.0681 4180 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
21:54:44.0683 4180 SiSRaid2 - ok
21:54:44.0702 4180 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
21:54:44.0704 4180 SiSRaid4 - ok
21:54:44.0728 4180 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:54:44.0730 4180 Smb - ok
21:54:44.0789 4180 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:54:44.0792 4180 SNMPTRAP - ok
21:54:44.0836 4180 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:54:44.0837 4180 spldr - ok
21:54:44.0877 4180 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
21:54:44.0885 4180 Spooler - ok
21:54:44.0987 4180 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:54:45.0046 4180 sppsvc - ok
21:54:45.0107 4180 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:54:45.0111 4180 sppuinotify - ok
21:54:45.0190 4180 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
21:54:45.0196 4180 srv - ok
21:54:45.0240 4180 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:54:45.0245 4180 srv2 - ok
21:54:45.0281 4180 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
21:54:45.0285 4180 SrvHsfHDA - ok
21:54:45.0332 4180 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
21:54:45.0348 4180 SrvHsfV92 - ok
21:54:45.0376 4180 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
21:54:45.0384 4180 SrvHsfWinac - ok
21:54:45.0419 4180 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:54:45.0422 4180 srvnet - ok
21:54:45.0450 4180 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:54:45.0455 4180 SSDPSRV - ok
21:54:45.0490 4180 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:54:45.0495 4180 SstpSvc - ok
21:54:45.0526 4180 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
21:54:45.0528 4180 stexstor - ok
21:54:45.0585 4180 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:54:45.0594 4180 stisvc - ok
21:54:45.0620 4180 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
21:54:45.0621 4180 swenum - ok
21:54:45.0664 4180 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:54:45.0673 4180 swprv - ok
21:54:45.0707 4180 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:54:45.0709 4180 SynTP - ok
21:54:45.0801 4180 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:54:45.0821 4180 SysMain - ok
21:54:45.0861 4180 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:54:45.0866 4180 TabletInputService - ok
21:54:45.0921 4180 [ 3C32FF010F869BC184DF71290477384E ] tap0901 C:\windows\system32\DRIVERS\tap0901.sys
21:54:45.0923 4180 tap0901 - ok
21:54:45.0970 4180 [ 95206567C7CA71A3D485146824224C40 ] taphss6 C:\windows\system32\DRIVERS\taphss6.sys
21:54:45.0972 4180 taphss6 - ok
21:54:46.0011 4180 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:54:46.0017 4180 TapiSrv - ok
21:54:46.0038 4180 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:54:46.0043 4180 TBS - ok
21:54:46.0123 4180 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:54:46.0142 4180 Tcpip - ok
21:54:46.0168 4180 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:54:46.0179 4180 TCPIP6 - ok
21:54:46.0254 4180 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:54:46.0256 4180 tcpipreg - ok
21:54:46.0305 4180 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
21:54:46.0307 4180 tdcmdpst - ok
21:54:46.0334 4180 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:54:46.0335 4180 TDPIPE - ok
21:54:46.0367 4180 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:54:46.0368 4180 TDTCP - ok
21:54:46.0426 4180 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:54:46.0428 4180 tdx - ok
21:54:46.0478 4180 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
21:54:46.0480 4180 TermDD - ok
21:54:46.0535 4180 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:54:46.0545 4180 TermService - ok
21:54:46.0572 4180 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:54:46.0576 4180 Themes - ok
21:54:46.0606 4180 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:54:46.0609 4180 THREADORDER - ok
21:54:46.0695 4180 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:54:46.0696 4180 TMachInfo - ok
21:54:46.0737 4180 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
21:54:46.0741 4180 TODDSrv - ok
21:54:46.0829 4180 [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
21:54:46.0834 4180 TosCoSrv - ok
21:54:46.0877 4180 [ 2AB7A4697462EDB0C9DFAFC529746BA9 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
21:54:46.0880 4180 TOSHIBA eco Utility Service - ok
21:54:46.0931 4180 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
21:54:46.0934 4180 TOSHIBA HDD SSD Alert Service - ok
21:54:47.0007 4180 [ 97687D094AA597DA366E1194B218CC6C ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
21:54:47.0015 4180 TPCHSrv - ok
21:54:47.0082 4180 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:54:47.0086 4180 TrkWks - ok
21:54:47.0176 4180 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:54:47.0178 4180 TrustedInstaller - ok
21:54:47.0208 4180 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:54:47.0210 4180 tssecsrv - ok
21:54:47.0245 4180 [ E9981ECE8D894CEF7038FD1D040EB426 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:54:47.0247 4180 TsUsbFlt - ok
21:54:47.0293 4180 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:54:47.0295 4180 tunnel - ok
21:54:47.0346 4180 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:54:47.0348 4180 TVALZ - ok
21:54:47.0383 4180 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
21:54:47.0384 4180 TVALZFL - ok
21:54:47.0421 4180 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
21:54:47.0423 4180 uagp35 - ok
21:54:47.0477 4180 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:54:47.0481 4180 udfs - ok
21:54:47.0518 4180 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:54:47.0522 4180 UI0Detect - ok
21:54:47.0543 4180 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:54:47.0545 4180 uliagpkx - ok
21:54:47.0592 4180 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
21:54:47.0594 4180 umbus - ok
21:54:47.0622 4180 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
21:54:47.0623 4180 UmPass - ok
21:54:47.0666 4180 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:54:47.0673 4180 upnphost - ok
21:54:47.0738 4180 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
21:54:47.0740 4180 USBAAPL64 - ok
21:54:47.0794 4180 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
21:54:47.0797 4180 usbaudio - ok
21:54:47.0821 4180 [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:54:47.0823 4180 usbccgp - ok
21:54:47.0864 4180 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:54:47.0866 4180 usbcir - ok
21:54:47.0911 4180 [ 18A85013A3E0F7E1755365D287443965 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:54:47.0912 4180 usbehci - ok
21:54:47.0970 4180 [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:54:47.0974 4180 usbhub - ok
21:54:47.0996 4180 [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
21:54:47.0998 4180 usbohci - ok
21:54:48.0026 4180 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:54:48.0028 4180 usbprint - ok
21:54:48.0079 4180 [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:54:48.0081 4180 usbscan - ok
21:54:48.0112 4180 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:54:48.0114 4180 USBSTOR - ok
21:54:48.0145 4180 [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:54:48.0147 4180 usbuhci - ok
21:54:48.0181 4180 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
21:54:48.0184 4180 usbvideo - ok
21:54:48.0214 4180 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:54:48.0218 4180 UxSms - ok
21:54:48.0234 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] VaultSvc C:\windows\system32\lsass.exe
21:54:48.0237 4180 VaultSvc - ok
21:54:48.0266 4180 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:54:48.0268 4180 vdrvroot - ok
21:54:48.0315 4180 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:54:48.0324 4180 vds - ok
21:54:48.0348 4180 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:54:48.0350 4180 vga - ok
21:54:48.0408 4180 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:54:48.0410 4180 VgaSave - ok
21:54:48.0436 4180 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:54:48.0439 4180 vhdmp - ok
21:54:48.0484 4180 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:54:48.0486 4180 viaide - ok
21:54:48.0510 4180 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:54:48.0511 4180 volmgr - ok
21:54:48.0567 4180 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:54:48.0571 4180 volmgrx - ok
21:54:48.0590 4180 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
21:54:48.0593 4180 volsnap - ok
21:54:48.0635 4180 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
21:54:48.0638 4180 vsmraid - ok
21:54:48.0718 4180 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:54:48.0736 4180 VSS - ok
21:54:48.0773 4180 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:54:48.0774 4180 vwifibus - ok
21:54:48.0813 4180 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:54:48.0815 4180 vwififlt - ok
21:54:48.0837 4180 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:54:48.0839 4180 vwifimp - ok
21:54:48.0880 4180 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:54:48.0887 4180 W32Time - ok
21:54:48.0931 4180 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
21:54:48.0932 4180 WacomPen - ok
21:54:48.0968 4180 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:54:48.0969 4180 WANARP - ok
21:54:48.0976 4180 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:54:48.0978 4180 Wanarpv6 - ok
21:54:49.0041 4180 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:54:49.0054 4180 WatAdminSvc - ok
21:54:49.0125 4180 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:54:49.0143 4180 wbengine - ok
21:54:49.0176 4180 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:54:49.0182 4180 WbioSrvc - ok
21:54:49.0247 4180 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:54:49.0254 4180 wcncsvc - ok
21:54:49.0288 4180 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:54:49.0292 4180 WcsPlugInService - ok
21:54:49.0332 4180 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
21:54:49.0334 4180 Wd - ok
21:54:49.0397 4180 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:54:49.0405 4180 Wdf01000 - ok
21:54:49.0431 4180 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:54:49.0436 4180 WdiServiceHost - ok
21:54:49.0442 4180 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:54:49.0446 4180 WdiSystemHost - ok
21:54:49.0496 4180 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\windows\System32\webclnt.dll
21:54:49.0503 4180 WebClient - ok
21:54:49.0533 4180 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:54:49.0539 4180 Wecsvc - ok
21:54:49.0560 4180 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:54:49.0565 4180 wercplsupport - ok
21:54:49.0586 4180 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:54:49.0590 4180 WerSvc - ok
21:54:49.0619 4180 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:54:49.0621 4180 WfpLwf - ok
21:54:49.0636 4180 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:54:49.0637 4180 WIMMount - ok
21:54:49.0687 4180 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\windows\system32\DRIVERS\CAX_CNXT.sys
21:54:49.0695 4180 winachsf - ok
21:54:49.0720 4180 WinDefend - ok
21:54:49.0778 4180 WinHttpAutoProxySvc - ok
21:54:49.0840 4180 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:54:49.0843 4180 Winmgmt - ok
21:54:49.0931 4180 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:54:49.0955 4180 WinRM - ok
21:54:50.0019 4180 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:54:50.0021 4180 WinUsb - ok
21:54:50.0071 4180 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:54:50.0084 4180 Wlansvc - ok
21:54:50.0138 4180 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
21:54:50.0140 4180 WmiAcpi - ok
21:54:50.0178 4180 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:54:50.0182 4180 wmiApSrv - ok
21:54:50.0211 4180 WMPNetworkSvc - ok
21:54:50.0261 4180 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:54:50.0265 4180 WPCSvc - ok
21:54:50.0300 4180 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:54:50.0305 4180 WPDBusEnum - ok
21:54:50.0379 4180 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:54:50.0380 4180 ws2ifsl - ok
21:54:50.0415 4180 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
21:54:50.0420 4180 wscsvc - ok
21:54:50.0438 4180 WSearch - ok
21:54:50.0522 4180 [ 61FF576450CCC80564B850BC3FB6713A ] wuauserv C:\windows\system32\wuaueng.dll
21:54:50.0557 4180 wuauserv - ok
21:54:50.0613 4180 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:54:50.0615 4180 WudfPf - ok
21:54:50.0659 4180 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:54:50.0662 4180 WUDFRd - ok
21:54:50.0698 4180 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:54:50.0703 4180 wudfsvc - ok
21:54:50.0733 4180 [ 04F82965C09CBDF646B487E145060301 ] WwanSvc C:\windows\System32\wwansvc.dll
21:54:50.0739 4180 WwanSvc - ok
21:54:50.0807 4180 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\windows\system32\DRIVERS\XAudio64.sys
21:54:50.0808 4180 XAudio - ok
21:54:50.0840 4180 ================ Scan global ===============================
21:54:50.0866 4180 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:54:50.0905 4180 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
21:54:50.0916 4180 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
21:54:50.0935 4180 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:54:50.0970 4180 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:54:50.0976 4180 [Global] - ok
21:54:50.0976 4180 ================ Scan MBR ==================================
21:54:50.0989 4180 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
21:54:51.0134 4180 \Device\Harddisk0\DR0 - ok
21:54:51.0134 4180 ================ Scan VBR ==================================
21:54:51.0150 4180 [ F93A93F7A66B99F99DF71303A22FDD3C ] \Device\Harddisk0\DR0\Partition1
21:54:51.0151 4180 \Device\Harddisk0\DR0\Partition1 - ok
21:54:51.0151 4180 ============================================================
21:54:51.0151 4180 Scan finished
21:54:51.0151 4180 ============================================================
21:54:51.0163 4168 Detected object count: 0
21:54:51.0163 4168 Actual detected object count: 0
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am

Re: Help. Please and Thank you.

Unread postby rmrrar » September 6th, 2014, 11:03 pm

Well it seems to be working ok but I have concern for the additional network conections that showed up like TAP-Windows Adapter V9, Microsoft Virtual WiFi Miniport Adapter, then I have two other network connections also. What about the permissions the trusted installer ect . Thanks rmrrar

21:53:56.0258 3916 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:53:58.0260 3916 ============================================================
21:53:58.0260 3916 Current date / time: 2014/09/06 21:53:58.0260
21:53:58.0260 3916 SystemInfo:
21:53:58.0260 3916
21:53:58.0260 3916 OS Version: 6.1.7601 ServicePack: 1.0
21:53:58.0260 3916 Product type: Workstation
21:53:58.0260 3916 ComputerName: ROBERT-PC
21:53:58.0260 3916 UserName: ROBERT
21:53:58.0260 3916 Windows directory: C:\windows
21:53:58.0260 3916 System windows directory: C:\windows
21:53:58.0260 3916 Running under WOW64
21:53:58.0260 3916 Processor architecture: Intel x64
21:53:58.0260 3916 Number of processors: 2
21:53:58.0260 3916 Page size: 0x1000
21:53:58.0260 3916 Boot type: Normal boot
21:53:58.0260 3916 ============================================================
21:54:00.0019 3916 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:54:00.0035 3916 ============================================================
21:54:00.0035 3916 \Device\Harddisk0\DR0:
21:54:00.0043 3916 MBR partitions:
21:54:00.0043 3916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23B81000
21:54:00.0043 3916 ============================================================
21:54:00.0127 3916 C: <-> \Device\Harddisk0\DR0\Partition1
21:54:00.0127 3916 ============================================================
21:54:00.0127 3916 Initialize success
21:54:00.0127 3916 ============================================================
21:54:27.0541 4180 ============================================================
21:54:27.0541 4180 Scan started
21:54:27.0541 4180 Mode: Manual;
21:54:27.0541 4180 ============================================================
21:54:28.0056 4180 ================ Scan system memory ========================
21:54:28.0056 4180 System memory - ok
21:54:28.0057 4180 ================ Scan services =============================
21:54:28.0221 4180 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:54:28.0224 4180 1394ohci - ok
21:54:28.0274 4180 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:54:28.0278 4180 ACPI - ok
21:54:28.0305 4180 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:54:28.0306 4180 AcpiPmi - ok
21:54:28.0416 4180 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:54:28.0417 4180 AdobeARMservice - ok
21:54:28.0455 4180 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
21:54:28.0460 4180 adp94xx - ok
21:54:28.0482 4180 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
21:54:28.0486 4180 adpahci - ok
21:54:28.0511 4180 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
21:54:28.0514 4180 adpu320 - ok
21:54:28.0547 4180 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:54:28.0548 4180 AeLookupSvc - ok
21:54:28.0617 4180 [ FA886682CFC5D36718D3E436AACF10B9 ] AFD C:\windows\system32\drivers\afd.sys
21:54:28.0622 4180 AFD - ok
21:54:28.0675 4180 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
21:54:28.0687 4180 AgereSoftModem - ok
21:54:28.0712 4180 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:54:28.0713 4180 agp440 - ok
21:54:28.0738 4180 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:54:28.0739 4180 ALG - ok
21:54:28.0776 4180 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:54:28.0777 4180 aliide - ok
21:54:28.0805 4180 [ 57B773D82E8CC3C6D7E02CC8A6632043 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
21:54:28.0807 4180 AMD External Events Utility - ok
21:54:28.0848 4180 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:54:28.0849 4180 amdide - ok
21:54:28.0875 4180 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
21:54:28.0877 4180 AmdK8 - ok
21:54:29.0064 4180 [ AEFAF27F1B7E52C705DF4FB6C96732F6 ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys
21:54:29.0200 4180 amdkmdag - ok
21:54:29.0269 4180 [ 8149DB73BE27950EC72767A1193153A6 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
21:54:29.0271 4180 amdkmdap - ok
21:54:29.0286 4180 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
21:54:29.0287 4180 AmdPPM - ok
21:54:29.0315 4180 [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata C:\windows\system32\DRIVERS\amdsata.sys
21:54:29.0316 4180 amdsata - ok
21:54:29.0347 4180 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
21:54:29.0350 4180 amdsbs - ok
21:54:29.0407 4180 [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata C:\windows\system32\DRIVERS\amdxata.sys
21:54:29.0408 4180 amdxata - ok
21:54:29.0470 4180 [ 68078ED55974D5F1E591AB0D03A81D41 ] Andbus C:\windows\system32\DRIVERS\lgandbus.sys
21:54:29.0471 4180 Andbus - ok
21:54:29.0508 4180 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:54:29.0510 4180 AppID - ok
21:54:29.0532 4180 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:54:29.0533 4180 AppIDSvc - ok
21:54:29.0578 4180 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll
21:54:29.0579 4180 Appinfo - ok
21:54:29.0661 4180 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:54:29.0663 4180 Apple Mobile Device - ok
21:54:29.0732 4180 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
21:54:29.0734 4180 arc - ok
21:54:29.0748 4180 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
21:54:29.0750 4180 arcsas - ok
21:54:29.0933 4180 [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:54:29.0935 4180 aspnet_state - ok
21:54:30.0017 4180 [ D95E64416A4A3ED6986E0F474DA934BD ] aswHwid C:\windows\system32\drivers\aswHwid.sys
21:54:30.0018 4180 aswHwid - ok
21:54:30.0070 4180 [ FF1E537A3632CBB9A0BF72B9FD0878D5 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
21:54:30.0071 4180 aswMonFlt - ok
21:54:30.0089 4180 [ A5757DE5F9C83AB40667A53D5126EA40 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
21:54:30.0090 4180 aswRdr - ok
21:54:30.0106 4180 [ 645D97385F3F284FB5604F9B970F4D24 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
21:54:30.0107 4180 aswRvrt - ok
21:54:30.0159 4180 [ B8FDEDE963B82CFD23B3A53A3084666D ] aswSnx C:\windows\system32\drivers\aswSnx.sys
21:54:30.0165 4180 aswSnx - ok
21:54:30.0258 4180 [ 0DEDC041DF594AEC2C3BD00417CFAF60 ] aswSP C:\windows\system32\drivers\aswSP.sys
21:54:30.0261 4180 aswSP - ok
21:54:30.0333 4180 [ 48DED912CDE54FC0923B9858512366E1 ] aswStm C:\windows\system32\drivers\aswStm.sys
21:54:30.0334 4180 aswStm - ok
21:54:30.0356 4180 [ 471A311745848B80339436688A8286E6 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
21:54:30.0359 4180 aswVmm - ok
21:54:30.0413 4180 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:54:30.0414 4180 AsyncMac - ok
21:54:30.0509 4180 [ 222D239F0845B8E5401DBA7C45BEDA31 ] AT&T Troubleshoot & Resolve C:\Program Files (x86)\ATT\8.4.1.11\ma\bin\MAHostService.exe
21:54:30.0512 4180 AT&T Troubleshoot & Resolve - ok
21:54:30.0565 4180 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:54:30.0566 4180 atapi - ok
21:54:30.0603 4180 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
21:54:30.0604 4180 AtiPcie - ok
21:54:30.0723 4180 [ 4E8185A861A544800648AF182684A7BC ] ATT MAHostService C:\Program Files (x86)\ATT\8.3.1.7\ma\bin\MAHostService.exe
21:54:30.0727 4180 ATT MAHostService - ok
21:54:30.0786 4180 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:54:30.0793 4180 AudioEndpointBuilder - ok
21:54:30.0820 4180 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:54:30.0824 4180 AudioSrv - ok
21:54:30.0929 4180 [ 73F5C13B431915BAE35254B4E95DFB71 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:54:30.0930 4180 avast! Antivirus - ok
21:54:30.0971 4180 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:54:30.0974 4180 AxInstSV - ok
21:54:31.0011 4180 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
21:54:31.0016 4180 b06bdrv - ok
21:54:31.0059 4180 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:54:31.0062 4180 b57nd60a - ok
21:54:31.0099 4180 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:54:31.0101 4180 BDESVC - ok
21:54:31.0130 4180 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:54:31.0131 4180 Beep - ok
21:54:31.0174 4180 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
21:54:31.0181 4180 BFE - ok
21:54:31.0251 4180 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
21:54:31.0261 4180 BITS - ok
21:54:31.0346 4180 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:54:31.0347 4180 blbdrive - ok
21:54:31.0387 4180 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:54:31.0392 4180 Bonjour Service - ok
21:54:31.0462 4180 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:54:31.0464 4180 bowser - ok
21:54:31.0486 4180 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
21:54:31.0487 4180 BrFiltLo - ok
21:54:31.0502 4180 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
21:54:31.0503 4180 BrFiltUp - ok
21:54:31.0635 4180 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
21:54:31.0637 4180 BridgeMP - ok
21:54:31.0667 4180 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
21:54:31.0669 4180 Browser - ok
21:54:31.0690 4180 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:54:31.0693 4180 Brserid - ok
21:54:31.0717 4180 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:54:31.0718 4180 BrSerWdm - ok
21:54:31.0736 4180 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:54:31.0737 4180 BrUsbMdm - ok
21:54:31.0754 4180 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:54:31.0756 4180 BrUsbSer - ok
21:54:31.0775 4180 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
21:54:31.0776 4180 BTHMODEM - ok
21:54:31.0822 4180 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:54:31.0824 4180 bthserv - ok
21:54:31.0854 4180 catchme - ok
21:54:31.0915 4180 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\windows\system32\DRIVERS\CAXHWAZL.sys
21:54:31.0919 4180 CAXHWAZL - ok
21:54:31.0960 4180 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:54:31.0962 4180 cdfs - ok
21:54:31.0993 4180 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:54:31.0995 4180 cdrom - ok
21:54:32.0061 4180 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:54:32.0063 4180 CertPropSvc - ok
21:54:32.0085 4180 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
21:54:32.0086 4180 circlass - ok
21:54:32.0171 4180 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:54:32.0175 4180 CLFS - ok
21:54:32.0249 4180 [ F13EC8A783E0CB0D6DC26A3CA848B7B8 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:54:32.0251 4180 clr_optimization_v2.0.50727_32 - ok
21:54:32.0299 4180 [ B4D73F04E9BC076F7CDAC4327DF636BB ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:54:32.0301 4180 clr_optimization_v2.0.50727_64 - ok
21:54:32.0348 4180 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:54:32.0350 4180 clr_optimization_v4.0.30319_32 - ok
21:54:32.0367 4180 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:54:32.0369 4180 clr_optimization_v4.0.30319_64 - ok
21:54:32.0416 4180 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:54:32.0417 4180 CmBatt - ok
21:54:32.0458 4180 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:54:32.0460 4180 cmdide - ok
21:54:32.0509 4180 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\windows\system32\Drivers\cng.sys
21:54:32.0513 4180 CNG - ok
21:54:32.0538 4180 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
21:54:32.0538 4180 Compbatt - ok
21:54:32.0569 4180 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
21:54:32.0570 4180 CompositeBus - ok
21:54:32.0574 4180 COMSysApp - ok
21:54:32.0596 4180 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
21:54:32.0597 4180 crcdisk - ok
21:54:32.0638 4180 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\windows\system32\cryptsvc.dll
21:54:32.0641 4180 CryptSvc - ok
21:54:32.0720 4180 [ FD557A50A65E44041CD2FCEF4BEB04DB ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:54:32.0725 4180 cvhsvc - ok
21:54:32.0785 4180 [ D06E443457FADC6B1AFAF3AA4B6936F6 ] dc3d C:\windows\system32\DRIVERS\dc3d.sys
21:54:32.0786 4180 dc3d - ok
21:54:32.0833 4180 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:54:32.0840 4180 DcomLaunch - ok
21:54:32.0874 4180 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:54:32.0878 4180 defragsvc - ok
21:54:32.0965 4180 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:54:32.0967 4180 DfsC - ok
21:54:33.0008 4180 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:54:33.0012 4180 Dhcp - ok
21:54:33.0066 4180 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:54:33.0067 4180 discache - ok
21:54:33.0085 4180 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
21:54:33.0086 4180 Disk - ok
21:54:33.0123 4180 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:54:33.0126 4180 Dnscache - ok
21:54:33.0171 4180 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:54:33.0174 4180 dot3svc - ok
21:54:33.0208 4180 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\windows\system32\DRIVERS\Dot4.sys
21:54:33.0210 4180 dot4 - ok
21:54:33.0236 4180 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
21:54:33.0238 4180 Dot4Print - ok
21:54:33.0252 4180 [ 488669CD1CD3BDCFDD9A5FDA72209069 ] Dot4Scan C:\windows\system32\DRIVERS\Dot4Scan.sys
21:54:33.0253 4180 Dot4Scan - ok
21:54:33.0280 4180 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
21:54:33.0282 4180 dot4usb - ok
21:54:33.0354 4180 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:54:33.0357 4180 DPS - ok
21:54:33.0408 4180 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:54:33.0409 4180 drmkaud - ok
21:54:33.0459 4180 [ 87CE5C8965E101CCCED1F4675557E868 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:54:33.0465 4180 DXGKrnl - ok
21:54:33.0512 4180 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:54:33.0515 4180 EapHost - ok
21:54:33.0610 4180 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
21:54:33.0656 4180 ebdrv - ok
21:54:33.0689 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] EFS C:\windows\System32\lsass.exe
21:54:33.0691 4180 EFS - ok
21:54:33.0768 4180 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:54:33.0776 4180 ehRecvr - ok
21:54:33.0805 4180 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:54:33.0808 4180 ehSched - ok
21:54:33.0843 4180 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
21:54:33.0849 4180 elxstor - ok
21:54:33.0879 4180 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:54:33.0880 4180 ErrDev - ok
21:54:33.0930 4180 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:54:33.0936 4180 EventSystem - ok
21:54:33.0965 4180 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:54:33.0968 4180 exfat - ok
21:54:33.0983 4180 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:54:33.0987 4180 fastfat - ok
21:54:34.0055 4180 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:54:34.0063 4180 Fax - ok
21:54:34.0090 4180 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
21:54:34.0092 4180 fdc - ok
21:54:34.0116 4180 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:54:34.0118 4180 fdPHost - ok
21:54:34.0152 4180 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:54:34.0154 4180 FDResPub - ok
21:54:34.0209 4180 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:54:34.0210 4180 FileInfo - ok
21:54:34.0224 4180 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:54:34.0226 4180 Filetrace - ok
21:54:34.0259 4180 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
21:54:34.0260 4180 flpydisk - ok
21:54:34.0306 4180 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:54:34.0309 4180 FltMgr - ok
21:54:34.0391 4180 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
21:54:34.0404 4180 FontCache - ok
21:54:34.0472 4180 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:54:34.0473 4180 FontCache3.0.0.0 - ok
21:54:34.0497 4180 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:54:34.0499 4180 FsDepends - ok
21:54:34.0567 4180 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:54:34.0568 4180 Fs_Rec - ok
21:54:34.0596 4180 [ FA169871D8FADCC6539C4E8726610286 ] FTDIBUS C:\windows\system32\drivers\ftdibus.sys
21:54:34.0598 4180 FTDIBUS - ok
21:54:34.0609 4180 [ 24237091348D1EFB5635A1CF9649E311 ] FTSER2K C:\windows\system32\drivers\ftser2k.sys
21:54:34.0611 4180 FTSER2K - ok
21:54:34.0667 4180 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:54:34.0670 4180 fvevol - ok
21:54:34.0701 4180 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
21:54:34.0703 4180 gagp30kx - ok
21:54:34.0762 4180 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:54:34.0771 4180 gpsvc - ok
21:54:34.0842 4180 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:54:34.0843 4180 gupdate - ok
21:54:34.0860 4180 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:54:34.0862 4180 gupdatem - ok
21:54:34.0899 4180 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:54:34.0900 4180 hcw85cir - ok
21:54:34.0931 4180 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:54:34.0936 4180 HdAudAddService - ok
21:54:34.0978 4180 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
21:54:34.0979 4180 HDAudBus - ok
21:54:35.0014 4180 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
21:54:35.0016 4180 HidBatt - ok
21:54:35.0027 4180 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
21:54:35.0029 4180 HidBth - ok
21:54:35.0043 4180 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
21:54:35.0045 4180 HidIr - ok
21:54:35.0074 4180 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
21:54:35.0076 4180 hidserv - ok
21:54:35.0123 4180 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
21:54:35.0124 4180 HidUsb - ok
21:54:35.0172 4180 [ 461F1CA9B00F7142480C21A22EFA7288 ] hitmanpro35 C:\windows\system32\drivers\hitmanpro36.sys
21:54:35.0174 4180 hitmanpro35 - ok
21:54:35.0213 4180 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:54:35.0216 4180 hkmsvc - ok
21:54:35.0257 4180 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:54:35.0261 4180 HomeGroupListener - ok
21:54:35.0306 4180 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:54:35.0311 4180 HomeGroupProvider - ok
21:54:35.0342 4180 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:54:35.0343 4180 HpSAMD - ok
21:54:35.0419 4180 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\windows\SysWOW64\XAudio64.dll
21:54:35.0426 4180 HsfXAudioService - ok
21:54:35.0521 4180 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\windows\system32\DRIVERS\CAX_DPV.sys
21:54:35.0535 4180 HSF_DPV - ok
21:54:35.0582 4180 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:54:35.0590 4180 HTTP - ok
21:54:35.0642 4180 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:54:35.0643 4180 hwpolicy - ok
21:54:35.0691 4180 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
21:54:35.0693 4180 i8042prt - ok
21:54:35.0726 4180 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:54:35.0730 4180 iaStorV - ok
21:54:35.0796 4180 [ C98A5B9D932430AD8EEBD3EF73756EF7 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:54:35.0805 4180 idsvc - ok
21:54:35.0823 4180 IEEtwCollectorService - ok
21:54:35.0868 4180 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
21:54:35.0870 4180 iirsp - ok
21:54:35.0915 4180 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\windows\System32\ikeext.dll
21:54:35.0925 4180 IKEEXT - ok
21:54:36.0014 4180 [ 490947A9AFF7CA31EF2E08F5776105EB ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
21:54:36.0028 4180 IntcAzAudAddService - ok
21:54:36.0047 4180 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:54:36.0050 4180 intelide - ok
21:54:36.0076 4180 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:54:36.0077 4180 intelppm - ok
21:54:36.0112 4180 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:54:36.0115 4180 IPBusEnum - ok
21:54:36.0155 4180 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:54:36.0157 4180 IpFilterDriver - ok
21:54:36.0203 4180 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:54:36.0210 4180 iphlpsvc - ok
21:54:36.0230 4180 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:54:36.0232 4180 IPMIDRV - ok
21:54:36.0260 4180 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:54:36.0262 4180 IPNAT - ok
21:54:36.0284 4180 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:54:36.0285 4180 IRENUM - ok
21:54:36.0316 4180 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:54:36.0317 4180 isapnp - ok
21:54:36.0354 4180 [ 96BB922A0981BC7432C8CF52B5410FE6 ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:54:36.0358 4180 iScsiPrt - ok
21:54:36.0388 4180 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
21:54:36.0391 4180 IviRegMgr - ok
21:54:36.0439 4180 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:54:36.0440 4180 kbdclass - ok
21:54:36.0471 4180 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
21:54:36.0472 4180 kbdhid - ok
21:54:36.0489 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] KeyIso C:\windows\system32\lsass.exe
21:54:36.0491 4180 KeyIso - ok
21:54:36.0538 4180 [ 353009DEDF918B2A51414F330CF72DEC ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:54:36.0540 4180 KSecDD - ok
21:54:36.0555 4180 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:54:36.0557 4180 KSecPkg - ok
21:54:36.0595 4180 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:54:36.0596 4180 ksthunk - ok
21:54:36.0630 4180 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:54:36.0636 4180 KtmRm - ok
21:54:36.0695 4180 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
21:54:36.0700 4180 LanmanServer - ok
21:54:36.0736 4180 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:54:36.0741 4180 LanmanWorkstation - ok
21:54:36.0791 4180 [ 797289607A5EBF31353AA5EAD141F872 ] LeapFrog-USBLAN C:\windows\system32\DRIVERS\btblan.sys
21:54:36.0793 4180 LeapFrog-USBLAN - ok
21:54:36.0841 4180 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:54:36.0843 4180 lltdio - ok
21:54:36.0875 4180 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:54:36.0880 4180 lltdsvc - ok
21:54:36.0893 4180 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:54:36.0895 4180 lmhosts - ok
21:54:36.0925 4180 [ 41E122F6D1448C94CC05196BC41D6BFB ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
21:54:36.0926 4180 LPCFilter - ok
21:54:36.0961 4180 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
21:54:36.0963 4180 LSI_FC - ok
21:54:36.0980 4180 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
21:54:36.0982 4180 LSI_SAS - ok
21:54:37.0000 4180 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
21:54:37.0002 4180 LSI_SAS2 - ok
21:54:37.0021 4180 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
21:54:37.0023 4180 LSI_SCSI - ok
21:54:37.0105 4180 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:54:37.0106 4180 luafv - ok
21:54:37.0185 4180 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:54:37.0188 4180 Mcx2Svc - ok
21:54:37.0211 4180 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\windows\system32\DRIVERS\mdmxsdk.sys
21:54:37.0212 4180 mdmxsdk - ok
21:54:37.0224 4180 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
21:54:37.0225 4180 megasas - ok
21:54:37.0265 4180 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
21:54:37.0269 4180 MegaSR - ok
21:54:37.0294 4180 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:54:37.0297 4180 MMCSS - ok
21:54:37.0341 4180 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:54:37.0342 4180 Modem - ok
21:54:37.0401 4180 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:54:37.0402 4180 monitor - ok
21:54:37.0407 4180 motmodem - ok
21:54:37.0470 4180 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:54:37.0471 4180 mouclass - ok
21:54:37.0498 4180 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:54:37.0499 4180 mouhid - ok
21:54:37.0527 4180 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:54:37.0529 4180 mountmgr - ok
21:54:37.0553 4180 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:54:37.0555 4180 mpio - ok
21:54:37.0596 4180 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:54:37.0597 4180 mpsdrv - ok
21:54:37.0658 4180 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
21:54:37.0668 4180 MpsSvc - ok
21:54:37.0708 4180 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
21:54:37.0710 4180 MREMP50 - ok
21:54:37.0806 4180 [ C2758DF79C83A0D12A5599A040CA1818 ] MREMP50a64 C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
21:54:37.0808 4180 MREMP50a64 - ok
21:54:37.0843 4180 MREMPR5 - ok
21:54:37.0856 4180 MRENDIS5 - ok
21:54:37.0884 4180 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
21:54:37.0886 4180 MRESP50 - ok
21:54:37.0955 4180 [ 38BD5B32E0722752BE8465D2A6DA43D9 ] MRESP50a64 C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
21:54:37.0957 4180 MRESP50a64 - ok
21:54:37.0998 4180 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:54:38.0001 4180 MRxDAV - ok
21:54:38.0057 4180 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:54:38.0059 4180 mrxsmb - ok
21:54:38.0111 4180 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:54:38.0115 4180 mrxsmb10 - ok
21:54:38.0179 4180 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:54:38.0181 4180 mrxsmb20 - ok
21:54:38.0234 4180 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
21:54:38.0235 4180 msahci - ok
21:54:38.0267 4180 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:54:38.0269 4180 msdsm - ok
21:54:38.0282 4180 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:54:38.0286 4180 MSDTC - ok
21:54:38.0353 4180 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:54:38.0354 4180 Msfs - ok
21:54:38.0371 4180 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:54:38.0373 4180 mshidkmdf - ok
21:54:38.0405 4180 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:54:38.0406 4180 msisadrv - ok
21:54:38.0451 4180 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:54:38.0455 4180 MSiSCSI - ok
21:54:38.0460 4180 msiserver - ok
21:54:38.0506 4180 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:54:38.0507 4180 MSKSSRV - ok
21:54:38.0521 4180 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:54:38.0522 4180 MSPCLOCK - ok
21:54:38.0538 4180 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:54:38.0540 4180 MSPQM - ok
21:54:38.0581 4180 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:54:38.0585 4180 MsRPC - ok
21:54:38.0617 4180 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
21:54:38.0618 4180 mssmbios - ok
21:54:38.0668 4180 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:54:38.0669 4180 MSTEE - ok
21:54:38.0684 4180 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
21:54:38.0685 4180 MTConfig - ok
21:54:38.0724 4180 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:54:38.0725 4180 Mup - ok
21:54:38.0777 4180 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:54:38.0785 4180 napagent - ok
21:54:38.0859 4180 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:54:38.0863 4180 NativeWifiP - ok
21:54:38.0930 4180 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
21:54:38.0940 4180 NDIS - ok
21:54:38.0970 4180 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:54:38.0972 4180 NdisCap - ok
21:54:39.0016 4180 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:54:39.0017 4180 NdisTapi - ok
21:54:39.0054 4180 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:54:39.0055 4180 Ndisuio - ok
21:54:39.0102 4180 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:54:39.0104 4180 NdisWan - ok
21:54:39.0156 4180 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:54:39.0158 4180 NDProxy - ok
21:54:39.0185 4180 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:54:39.0186 4180 NetBIOS - ok
21:54:39.0229 4180 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:54:39.0232 4180 NetBT - ok
21:54:39.0289 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] Netlogon C:\windows\system32\lsass.exe
21:54:39.0291 4180 Netlogon - ok
21:54:39.0324 4180 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:54:39.0330 4180 Netman - ok
21:54:39.0410 4180 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:39.0412 4180 NetMsmqActivator - ok
21:54:39.0454 4180 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:39.0456 4180 NetPipeActivator - ok
21:54:39.0496 4180 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:54:39.0502 4180 netprofm - ok
21:54:39.0521 4180 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:39.0523 4180 NetTcpActivator - ok
21:54:39.0543 4180 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:39.0544 4180 NetTcpPortSharing - ok
21:54:39.0582 4180 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
21:54:39.0584 4180 nfrd960 - ok
21:54:39.0634 4180 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
21:54:39.0639 4180 NlaSvc - ok
21:54:39.0702 4180 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:54:39.0704 4180 Npfs - ok
21:54:39.0726 4180 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:54:39.0729 4180 nsi - ok
21:54:39.0737 4180 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:54:39.0738 4180 nsiproxy - ok
21:54:39.0848 4180 [ 1A29A59A4C5BA6F8C85062A613B7E2B2 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:54:39.0865 4180 Ntfs - ok
21:54:39.0925 4180 [ A2F750E416D1C628BDCDC2075AC33BC6 ] NuidFltr C:\windows\system32\DRIVERS\NuidFltr.sys
21:54:39.0926 4180 NuidFltr - ok
21:54:39.0980 4180 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:54:39.0981 4180 Null - ok
21:54:40.0005 4180 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
21:54:40.0008 4180 nvraid - ok
21:54:40.0040 4180 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
21:54:40.0043 4180 nvstor - ok
21:54:40.0064 4180 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:54:40.0066 4180 nv_agp - ok
21:54:40.0083 4180 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:54:40.0085 4180 ohci1394 - ok
21:54:40.0125 4180 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:54:40.0128 4180 ose - ok
21:54:40.0289 4180 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:54:40.0393 4180 osppsvc - ok
21:54:40.0428 4180 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:54:40.0434 4180 p2pimsvc - ok
21:54:40.0476 4180 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:54:40.0484 4180 p2psvc - ok
21:54:40.0514 4180 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
21:54:40.0517 4180 Parport - ok
21:54:40.0566 4180 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
21:54:40.0568 4180 partmgr - ok
21:54:40.0601 4180 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:54:40.0605 4180 PcaSvc - ok
21:54:40.0675 4180 [ 741C88A7F4AA6B120CF3E1627B2EC654 ] pcCMService C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
21:54:40.0679 4180 pcCMService - ok
21:54:40.0745 4180 [ EF4B5B3B1D1B05B0871C69CDF98CEA66 ] pcCMService64 C:\Program Files\Common Files\Motive\pcCMService.exe
21:54:40.0750 4180 pcCMService64 - ok
21:54:40.0805 4180 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:54:40.0808 4180 pci - ok
21:54:40.0833 4180 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
21:54:40.0834 4180 pciide - ok
21:54:40.0868 4180 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
21:54:40.0872 4180 pcmcia - ok
21:54:40.0894 4180 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:54:40.0895 4180 pcw - ok
21:54:40.0978 4180 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:54:40.0985 4180 PEAUTH - ok
21:54:41.0056 4180 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:54:41.0059 4180 PerfHost - ok
21:54:41.0111 4180 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
21:54:41.0112 4180 PGEffect - ok
21:54:41.0173 4180 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:54:41.0189 4180 pla - ok
21:54:41.0242 4180 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:54:41.0249 4180 PlugPlay - ok
21:54:41.0280 4180 [ 64CA1485214340CACC315FFDFDED73EF ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
21:54:41.0282 4180 Pml Driver HPZ12 - ok
21:54:41.0297 4180 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:54:41.0300 4180 PNRPAutoReg - ok
21:54:41.0318 4180 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:54:41.0322 4180 PNRPsvc - ok
21:54:41.0381 4180 [ 32D374C60778253B81FA76C2FE19E155 ] Point64 C:\windows\system32\DRIVERS\point64.sys
21:54:41.0382 4180 Point64 - ok
21:54:41.0424 4180 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:54:41.0430 4180 PolicyAgent - ok
21:54:41.0467 4180 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:54:41.0472 4180 Power - ok
21:54:41.0516 4180 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:54:41.0521 4180 PptpMiniport - ok
21:54:41.0594 4180 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
21:54:41.0595 4180 Processor - ok
21:54:41.0630 4180 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
21:54:41.0635 4180 ProfSvc - ok
21:54:41.0645 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] ProtectedStorage C:\windows\system32\lsass.exe
21:54:41.0648 4180 ProtectedStorage - ok
21:54:41.0704 4180 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:54:41.0707 4180 Psched - ok
21:54:41.0736 4180 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:54:41.0738 4180 PSI_SVC_2 - ok
21:54:41.0803 4180 [ D8EB393983B644879DE0546122CC16DF ] ptun0901 C:\windows\system32\DRIVERS\ptun0901.sys
21:54:41.0804 4180 ptun0901 - ok
21:54:41.0844 4180 PxHlpa64 - ok
21:54:41.0893 4180 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
21:54:41.0908 4180 ql2300 - ok
21:54:41.0944 4180 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
21:54:41.0946 4180 ql40xx - ok
21:54:41.0983 4180 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:54:41.0989 4180 QWAVE - ok
21:54:42.0008 4180 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:54:42.0010 4180 QWAVEdrv - ok
21:54:42.0031 4180 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:54:42.0033 4180 RasAcd - ok
21:54:42.0085 4180 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:54:42.0086 4180 RasAgileVpn - ok
21:54:42.0108 4180 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:54:42.0112 4180 RasAuto - ok
21:54:42.0151 4180 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:54:42.0153 4180 Rasl2tp - ok
21:54:42.0219 4180 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:54:42.0226 4180 RasMan - ok
21:54:42.0260 4180 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:54:42.0262 4180 RasPppoe - ok
21:54:42.0307 4180 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:54:42.0309 4180 RasSstp - ok
21:54:42.0388 4180 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:54:42.0392 4180 rdbss - ok
21:54:42.0425 4180 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
21:54:42.0427 4180 rdpbus - ok
21:54:42.0447 4180 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:54:42.0448 4180 RDPCDD - ok
21:54:42.0488 4180 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:54:42.0489 4180 RDPENCDD - ok
21:54:42.0507 4180 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:54:42.0507 4180 RDPREFMP - ok
21:54:42.0565 4180 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
21:54:42.0566 4180 RdpVideoMiniport - ok
21:54:42.0608 4180 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:54:42.0611 4180 RDPWD - ok
21:54:42.0665 4180 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:54:42.0668 4180 rdyboost - ok
21:54:42.0771 4180 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
21:54:42.0772 4180 RealNetworks Downloader Resolver Service - ok
21:54:42.0846 4180 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys
21:54:42.0847 4180 regi - ok
21:54:42.0868 4180 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:54:42.0871 4180 RemoteAccess - ok
21:54:42.0926 4180 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:54:42.0930 4180 RemoteRegistry - ok
21:54:42.0990 4180 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\windows\system32\DRIVERS\revoflt.sys
21:54:42.0992 4180 Revoflt - ok
21:54:43.0052 4180 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:54:43.0056 4180 RpcEptMapper - ok
21:54:43.0069 4180 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:54:43.0072 4180 RpcLocator - ok
21:54:43.0122 4180 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
21:54:43.0128 4180 RpcSs - ok
21:54:43.0209 4180 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:54:43.0211 4180 rspndr - ok
21:54:43.0261 4180 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
21:54:43.0264 4180 RSUSBSTOR - ok
21:54:43.0289 4180 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys
21:54:43.0291 4180 RTHDMIAzAudService - ok
21:54:43.0341 4180 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
21:54:43.0344 4180 RTL8167 - ok
21:54:43.0388 4180 [ FFC748D848740D1BC8F330A8879C2674 ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
21:54:43.0398 4180 RTL8192Ce - ok
21:54:43.0491 4180 [ F84917461BDB7C51B2ED7FF062B3A64A ] RTWlanE C:\windows\system32\DRIVERS\rtwlane.sys
21:54:43.0500 4180 RTWlanE - ok
21:54:43.0523 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] SamSs C:\windows\system32\lsass.exe
21:54:43.0525 4180 SamSs - ok
21:54:43.0559 4180 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:54:43.0561 4180 sbp2port - ok
21:54:43.0599 4180 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:54:43.0604 4180 SCardSvr - ok
21:54:43.0640 4180 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:54:43.0641 4180 scfilter - ok
21:54:43.0703 4180 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:54:43.0718 4180 Schedule - ok
21:54:43.0762 4180 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:54:43.0764 4180 SCPolicySvc - ok
21:54:43.0788 4180 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:54:43.0792 4180 SDRSVC - ok
21:54:43.0858 4180 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:54:43.0860 4180 secdrv - ok
21:54:43.0897 4180 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:54:43.0901 4180 seclogon - ok
21:54:43.0925 4180 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
21:54:43.0929 4180 SENS - ok
21:54:43.0938 4180 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:54:43.0942 4180 SensrSvc - ok
21:54:43.0959 4180 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
21:54:43.0960 4180 Serenum - ok
21:54:43.0999 4180 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
21:54:44.0001 4180 Serial - ok
21:54:44.0032 4180 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
21:54:44.0033 4180 sermouse - ok
21:54:44.0082 4180 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:54:44.0087 4180 SessionEnv - ok
21:54:44.0114 4180 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:54:44.0115 4180 sffdisk - ok
21:54:44.0131 4180 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:54:44.0132 4180 sffp_mmc - ok
21:54:44.0143 4180 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:54:44.0144 4180 sffp_sd - ok
21:54:44.0173 4180 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
21:54:44.0174 4180 sfloppy - ok
21:54:44.0262 4180 [ 2046AA7491DE7EFA4D70E615D9BC9D09 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
21:54:44.0267 4180 Sftfs - ok
21:54:44.0327 4180 [ 77C5A741A7452812F278EF2C18478862 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:54:44.0332 4180 sftlist - ok
21:54:44.0392 4180 [ 0E0446BC4D51BE4263ACB7E33491191C ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
21:54:44.0394 4180 Sftplay - ok
21:54:44.0429 4180 [ C5FB982CD266E604ED3142102C26D62C ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
21:54:44.0431 4180 Sftredir - ok
21:54:44.0497 4180 [ 2575511AF67AA1FA068CCC4918E2C2A3 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
21:54:44.0498 4180 Sftvol - ok
21:54:44.0535 4180 [ 39B1D0A636A400304565D4521FAD6D77 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:54:44.0537 4180 sftvsa - ok
21:54:44.0590 4180 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:54:44.0596 4180 SharedAccess - ok
21:54:44.0641 4180 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:54:44.0648 4180 ShellHWDetection - ok
21:54:44.0681 4180 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
21:54:44.0683 4180 SiSRaid2 - ok
21:54:44.0702 4180 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
21:54:44.0704 4180 SiSRaid4 - ok
21:54:44.0728 4180 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:54:44.0730 4180 Smb - ok
21:54:44.0789 4180 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:54:44.0792 4180 SNMPTRAP - ok
21:54:44.0836 4180 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:54:44.0837 4180 spldr - ok
21:54:44.0877 4180 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
21:54:44.0885 4180 Spooler - ok
21:54:44.0987 4180 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:54:45.0046 4180 sppsvc - ok
21:54:45.0107 4180 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:54:45.0111 4180 sppuinotify - ok
21:54:45.0190 4180 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
21:54:45.0196 4180 srv - ok
21:54:45.0240 4180 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:54:45.0245 4180 srv2 - ok
21:54:45.0281 4180 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
21:54:45.0285 4180 SrvHsfHDA - ok
21:54:45.0332 4180 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
21:54:45.0348 4180 SrvHsfV92 - ok
21:54:45.0376 4180 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
21:54:45.0384 4180 SrvHsfWinac - ok
21:54:45.0419 4180 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:54:45.0422 4180 srvnet - ok
21:54:45.0450 4180 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:54:45.0455 4180 SSDPSRV - ok
21:54:45.0490 4180 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:54:45.0495 4180 SstpSvc - ok
21:54:45.0526 4180 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
21:54:45.0528 4180 stexstor - ok
21:54:45.0585 4180 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:54:45.0594 4180 stisvc - ok
21:54:45.0620 4180 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
21:54:45.0621 4180 swenum - ok
21:54:45.0664 4180 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:54:45.0673 4180 swprv - ok
21:54:45.0707 4180 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:54:45.0709 4180 SynTP - ok
21:54:45.0801 4180 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:54:45.0821 4180 SysMain - ok
21:54:45.0861 4180 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:54:45.0866 4180 TabletInputService - ok
21:54:45.0921 4180 [ 3C32FF010F869BC184DF71290477384E ] tap0901 C:\windows\system32\DRIVERS\tap0901.sys
21:54:45.0923 4180 tap0901 - ok
21:54:45.0970 4180 [ 95206567C7CA71A3D485146824224C40 ] taphss6 C:\windows\system32\DRIVERS\taphss6.sys
21:54:45.0972 4180 taphss6 - ok
21:54:46.0011 4180 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:54:46.0017 4180 TapiSrv - ok
21:54:46.0038 4180 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:54:46.0043 4180 TBS - ok
21:54:46.0123 4180 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:54:46.0142 4180 Tcpip - ok
21:54:46.0168 4180 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:54:46.0179 4180 TCPIP6 - ok
21:54:46.0254 4180 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:54:46.0256 4180 tcpipreg - ok
21:54:46.0305 4180 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
21:54:46.0307 4180 tdcmdpst - ok
21:54:46.0334 4180 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:54:46.0335 4180 TDPIPE - ok
21:54:46.0367 4180 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:54:46.0368 4180 TDTCP - ok
21:54:46.0426 4180 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:54:46.0428 4180 tdx - ok
21:54:46.0478 4180 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
21:54:46.0480 4180 TermDD - ok
21:54:46.0535 4180 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:54:46.0545 4180 TermService - ok
21:54:46.0572 4180 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:54:46.0576 4180 Themes - ok
21:54:46.0606 4180 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:54:46.0609 4180 THREADORDER - ok
21:54:46.0695 4180 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:54:46.0696 4180 TMachInfo - ok
21:54:46.0737 4180 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
21:54:46.0741 4180 TODDSrv - ok
21:54:46.0829 4180 [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
21:54:46.0834 4180 TosCoSrv - ok
21:54:46.0877 4180 [ 2AB7A4697462EDB0C9DFAFC529746BA9 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
21:54:46.0880 4180 TOSHIBA eco Utility Service - ok
21:54:46.0931 4180 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
21:54:46.0934 4180 TOSHIBA HDD SSD Alert Service - ok
21:54:47.0007 4180 [ 97687D094AA597DA366E1194B218CC6C ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
21:54:47.0015 4180 TPCHSrv - ok
21:54:47.0082 4180 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:54:47.0086 4180 TrkWks - ok
21:54:47.0176 4180 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:54:47.0178 4180 TrustedInstaller - ok
21:54:47.0208 4180 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:54:47.0210 4180 tssecsrv - ok
21:54:47.0245 4180 [ E9981ECE8D894CEF7038FD1D040EB426 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:54:47.0247 4180 TsUsbFlt - ok
21:54:47.0293 4180 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:54:47.0295 4180 tunnel - ok
21:54:47.0346 4180 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:54:47.0348 4180 TVALZ - ok
21:54:47.0383 4180 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
21:54:47.0384 4180 TVALZFL - ok
21:54:47.0421 4180 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
21:54:47.0423 4180 uagp35 - ok
21:54:47.0477 4180 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:54:47.0481 4180 udfs - ok
21:54:47.0518 4180 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:54:47.0522 4180 UI0Detect - ok
21:54:47.0543 4180 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:54:47.0545 4180 uliagpkx - ok
21:54:47.0592 4180 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
21:54:47.0594 4180 umbus - ok
21:54:47.0622 4180 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
21:54:47.0623 4180 UmPass - ok
21:54:47.0666 4180 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:54:47.0673 4180 upnphost - ok
21:54:47.0738 4180 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
21:54:47.0740 4180 USBAAPL64 - ok
21:54:47.0794 4180 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
21:54:47.0797 4180 usbaudio - ok
21:54:47.0821 4180 [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:54:47.0823 4180 usbccgp - ok
21:54:47.0864 4180 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:54:47.0866 4180 usbcir - ok
21:54:47.0911 4180 [ 18A85013A3E0F7E1755365D287443965 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:54:47.0912 4180 usbehci - ok
21:54:47.0970 4180 [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:54:47.0974 4180 usbhub - ok
21:54:47.0996 4180 [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
21:54:47.0998 4180 usbohci - ok
21:54:48.0026 4180 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:54:48.0028 4180 usbprint - ok
21:54:48.0079 4180 [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:54:48.0081 4180 usbscan - ok
21:54:48.0112 4180 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:54:48.0114 4180 USBSTOR - ok
21:54:48.0145 4180 [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:54:48.0147 4180 usbuhci - ok
21:54:48.0181 4180 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
21:54:48.0184 4180 usbvideo - ok
21:54:48.0214 4180 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:54:48.0218 4180 UxSms - ok
21:54:48.0234 4180 [ 204F3F58212B3E422C90BD9691A2DF28 ] VaultSvc C:\windows\system32\lsass.exe
21:54:48.0237 4180 VaultSvc - ok
21:54:48.0266 4180 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:54:48.0268 4180 vdrvroot - ok
21:54:48.0315 4180 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:54:48.0324 4180 vds - ok
21:54:48.0348 4180 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:54:48.0350 4180 vga - ok
21:54:48.0408 4180 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:54:48.0410 4180 VgaSave - ok
21:54:48.0436 4180 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:54:48.0439 4180 vhdmp - ok
21:54:48.0484 4180 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:54:48.0486 4180 viaide - ok
21:54:48.0510 4180 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:54:48.0511 4180 volmgr - ok
21:54:48.0567 4180 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:54:48.0571 4180 volmgrx - ok
21:54:48.0590 4180 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
21:54:48.0593 4180 volsnap - ok
21:54:48.0635 4180 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
21:54:48.0638 4180 vsmraid - ok
21:54:48.0718 4180 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:54:48.0736 4180 VSS - ok
21:54:48.0773 4180 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:54:48.0774 4180 vwifibus - ok
21:54:48.0813 4180 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:54:48.0815 4180 vwififlt - ok
21:54:48.0837 4180 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:54:48.0839 4180 vwifimp - ok
21:54:48.0880 4180 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:54:48.0887 4180 W32Time - ok
21:54:48.0931 4180 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
21:54:48.0932 4180 WacomPen - ok
21:54:48.0968 4180 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:54:48.0969 4180 WANARP - ok
21:54:48.0976 4180 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:54:48.0978 4180 Wanarpv6 - ok
21:54:49.0041 4180 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:54:49.0054 4180 WatAdminSvc - ok
21:54:49.0125 4180 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:54:49.0143 4180 wbengine - ok
21:54:49.0176 4180 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:54:49.0182 4180 WbioSrvc - ok
21:54:49.0247 4180 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:54:49.0254 4180 wcncsvc - ok
21:54:49.0288 4180 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:54:49.0292 4180 WcsPlugInService - ok
21:54:49.0332 4180 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
21:54:49.0334 4180 Wd - ok
21:54:49.0397 4180 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:54:49.0405 4180 Wdf01000 - ok
21:54:49.0431 4180 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:54:49.0436 4180 WdiServiceHost - ok
21:54:49.0442 4180 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:54:49.0446 4180 WdiSystemHost - ok
21:54:49.0496 4180 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\windows\System32\webclnt.dll
21:54:49.0503 4180 WebClient - ok
21:54:49.0533 4180 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:54:49.0539 4180 Wecsvc - ok
21:54:49.0560 4180 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:54:49.0565 4180 wercplsupport - ok
21:54:49.0586 4180 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:54:49.0590 4180 WerSvc - ok
21:54:49.0619 4180 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:54:49.0621 4180 WfpLwf - ok
21:54:49.0636 4180 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:54:49.0637 4180 WIMMount - ok
21:54:49.0687 4180 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\windows\system32\DRIVERS\CAX_CNXT.sys
21:54:49.0695 4180 winachsf - ok
21:54:49.0720 4180 WinDefend - ok
21:54:49.0778 4180 WinHttpAutoProxySvc - ok
21:54:49.0840 4180 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:54:49.0843 4180 Winmgmt - ok
21:54:49.0931 4180 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:54:49.0955 4180 WinRM - ok
21:54:50.0019 4180 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:54:50.0021 4180 WinUsb - ok
21:54:50.0071 4180 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:54:50.0084 4180 Wlansvc - ok
21:54:50.0138 4180 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
21:54:50.0140 4180 WmiAcpi - ok
21:54:50.0178 4180 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:54:50.0182 4180 wmiApSrv - ok
21:54:50.0211 4180 WMPNetworkSvc - ok
21:54:50.0261 4180 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:54:50.0265 4180 WPCSvc - ok
21:54:50.0300 4180 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:54:50.0305 4180 WPDBusEnum - ok
21:54:50.0379 4180 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:54:50.0380 4180 ws2ifsl - ok
21:54:50.0415 4180 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
21:54:50.0420 4180 wscsvc - ok
21:54:50.0438 4180 WSearch - ok
21:54:50.0522 4180 [ 61FF576450CCC80564B850BC3FB6713A ] wuauserv C:\windows\system32\wuaueng.dll
21:54:50.0557 4180 wuauserv - ok
21:54:50.0613 4180 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:54:50.0615 4180 WudfPf - ok
21:54:50.0659 4180 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:54:50.0662 4180 WUDFRd - ok
21:54:50.0698 4180 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:54:50.0703 4180 wudfsvc - ok
21:54:50.0733 4180 [ 04F82965C09CBDF646B487E145060301 ] WwanSvc C:\windows\System32\wwansvc.dll
21:54:50.0739 4180 WwanSvc - ok
21:54:50.0807 4180 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\windows\system32\DRIVERS\XAudio64.sys
21:54:50.0808 4180 XAudio - ok
21:54:50.0840 4180 ================ Scan global ===============================
21:54:50.0866 4180 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:54:50.0905 4180 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
21:54:50.0916 4180 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
21:54:50.0935 4180 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:54:50.0970 4180 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:54:50.0976 4180 [Global] - ok
21:54:50.0976 4180 ================ Scan MBR ==================================
21:54:50.0989 4180 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
21:54:51.0134 4180 \Device\Harddisk0\DR0 - ok
21:54:51.0134 4180 ================ Scan VBR ==================================
21:54:51.0150 4180 [ F93A93F7A66B99F99DF71303A22FDD3C ] \Device\Harddisk0\DR0\Partition1
21:54:51.0151 4180 \Device\Harddisk0\DR0\Partition1 - ok
21:54:51.0151 4180 ============================================================
21:54:51.0151 4180 Scan finished
21:54:51.0151 4180 ============================================================
21:54:51.0163 4168 Detected object count: 0
21:54:51.0163 4168 Actual detected object count: 0
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 28 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware