dslreports logo
site
    All Forums Hot Topics Gallery
spc
Search Topic:
uniqs
26
share rss forum feed


LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26
Reviews:
·Comcast

1 recommendation

reply to Treabone

Re: [Malware] Malware infection from fake adobe update

Thanks for the info on the redirect. Also, note that I asked you to run Sophos AntiRootkit, not GMER. Please read the instructions carefully.

Note: No need to run Sophos. The redirect calls for a different program. Instructions for removing GMER follow..

First:
Click "Start," then "All Programs," and then "Accessories." Right-click "Command Prompt" and click "Run as Administrator."

Click "Yes" if a User Account Control prompt window appears.

Type "C:\WINDOWS\gmer_uninstall.cmd" into the command prompt window, and press "Enter."

Restart your computer by clicking "Start," pointing to the arrow to the right of Shut Down at the bottom right corner of the Start menu and clicking "Restart."

Second:
For the Zone Alarm error, I would suggest that you try uninstalling the program and re-installing the program on the computer which might help you to fix the issue.

If the issue still persists, then I suggest that you run System File Checker [SFC] scan on the computer, the scan replaces the corrupted System files with the original version of Windows files on the computer.

1. Click Start, and then type cmd in the Start Search box.
2. Right-click cmd in the Programs list, and then click Run as administrator.
If you are prompted for an administrator password or confirmation, type your password or click Continue
3. At the command prompt, the following line, and then press ENTER: sfc /scannow

When the scan is complete, test to see whether the issue that you are experiencing is resolved.

Additional information: How to use the System File Checker tool to troubleshoot missing or corrupted system files on Windows Vista or on Windows 7: »support.microsoft.com/kb/929833


Third:

Download and run TDSS Killer, posting the log in this thread. Please post the log, even if nothing is detected.

You'll find the link(s) and instruction(s) here:
»Security Cleanup FAQ »Rootkit Detection Applications

Fourth:
When you tried to
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

Treabone

join:2012-09-22
El Cajon, CA
Sorry about the Sophos mix up. I assumed (i know, i know) that Sophos was the only program on that page. anyway...
I tried to uninstall GMER but was not able to. Cound not find Gmer_unistall. It said that it wasn't a valid command.
I conducted the SFC. It said it found some corrupted files.and ask for a reboot. That seem to get rid on the .dll error that i was getting upon boot so i guess that's good. Zone alarm also seems to be running now. I'm was getting ready to run the TDSS killer when i looked dow and noticed that the fourth set of instructions was cut off...

Results from the TDSS Killer in two parts: No Threats Found

08:50:20.0305 2280 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:50:21.0740 2280 ============================================================
08:50:21.0740 2280 Current date / time: 2012/09/24 08:50:21.0740
08:50:21.0740 2280 SystemInfo:
08:50:21.0740 2280
08:50:21.0740 2280 OS Version: 6.1.7601 ServicePack: 1.0
08:50:21.0740 2280 Product type: Workstation
08:50:21.0740 2280 ComputerName: TREA-PC
08:50:21.0740 2280 UserName: Trea
08:50:21.0740 2280 Windows directory: C:\Windows
08:50:21.0740 2280 System windows directory: C:\Windows
08:50:21.0740 2280 Running under WOW64
08:50:21.0740 2280 Processor architecture: Intel x64
08:50:21.0740 2280 Number of processors: 2
08:50:21.0740 2280 Page size: 0x1000
08:50:21.0740 2280 Boot type: Normal boot
08:50:21.0740 2280 ============================================================
08:50:23.0986 2280 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:50:24.0002 2280 ============================================================
08:50:24.0002 2280 \Device\Harddisk0\DR0:
08:50:24.0002 2280 MBR partitions:
08:50:24.0002 2280 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
08:50:24.0002 2280 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x217EDB3E
08:50:24.0002 2280 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
08:50:24.0033 2280 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x22DCC800, BlocksNum 0x262E000
08:50:24.0033 2280 ============================================================
08:50:24.0064 2280 D: \Device\Harddisk0\DR0\Partition4
08:50:24.0127 2280 C: \Device\Harddisk0\DR0\Partition2
08:50:24.0127 2280 ============================================================
08:50:24.0127 2280 Initialize success
08:50:24.0127 2280 ============================================================
08:50:29.0774 3216 ============================================================
08:50:29.0774 3216 Scan started
08:50:29.0774 3216 Mode: Manual;
08:50:29.0774 3216 ============================================================
08:50:30.0757 3216 ================ Scan system memory ========================
08:50:30.0757 3216 System memory - ok
08:50:30.0757 3216 ================ Scan services =============================
08:50:31.0006 3216 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:50:31.0006 3216 1394ohci - ok
08:50:31.0038 3216 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
08:50:31.0038 3216 Accelerometer - ok
08:50:31.0069 3216 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:50:31.0069 3216 ACPI - ok
08:50:31.0116 3216 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:50:31.0116 3216 AcpiPmi - ok
08:50:31.0256 3216 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:50:31.0256 3216 AdobeFlashPlayerUpdateSvc - ok
08:50:31.0303 3216 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:50:31.0303 3216 adp94xx - ok
08:50:31.0334 3216 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:50:31.0334 3216 adpahci - ok
08:50:31.0350 3216 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:50:31.0350 3216 adpu320 - ok
08:50:31.0381 3216 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:50:31.0396 3216 AeLookupSvc - ok
08:50:31.0459 3216 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
08:50:31.0459 3216 AESTFilters - ok
08:50:31.0521 3216 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:50:31.0521 3216 AFD - ok
08:50:31.0552 3216 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:50:31.0552 3216 agp440 - ok
08:50:31.0584 3216 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:50:31.0584 3216 ALG - ok
08:50:31.0599 3216 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:50:31.0599 3216 aliide - ok
08:50:31.0662 3216 [ E4919C6C2DF3069D6E387069E0CCC189 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:50:31.0677 3216 AMD External Events Utility - ok
08:50:31.0693 3216 AMD FUEL Service - ok
08:50:31.0724 3216 [ DD27F6C3DE9BFE50635C721E09EDC5DD ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
08:50:31.0724 3216 AMD Reservation Manager - ok
08:50:31.0740 3216 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:50:31.0755 3216 amdide - ok
08:50:31.0771 3216 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
08:50:31.0771 3216 amdiox64 - ok
08:50:31.0786 3216 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:50:31.0786 3216 AmdK8 - ok
08:50:32.0083 3216 [ 376730EA9BECD1DF1A5A064A376904B3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:50:32.0301 3216 amdkmdag - ok
08:50:32.0348 3216 [ 72CDE1991D9277272D192DF9A9231F54 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
08:50:32.0348 3216 amdkmdap - ok
08:50:32.0364 3216 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:50:32.0379 3216 AmdPPM - ok
08:50:32.0395 3216 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:50:32.0395 3216 amdsata - ok
08:50:32.0410 3216 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:50:32.0410 3216 amdsbs - ok
08:50:32.0442 3216 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:50:32.0442 3216 amdxata - ok
08:50:32.0473 3216 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:50:32.0473 3216 AppID - ok
08:50:32.0504 3216 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:50:32.0504 3216 AppIDSvc - ok
08:50:32.0535 3216 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:50:32.0535 3216 Appinfo - ok
08:50:32.0644 3216 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:50:32.0660 3216 Apple Mobile Device - ok
08:50:32.0754 3216 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:50:32.0754 3216 arc - ok
08:50:32.0769 3216 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:50:32.0769 3216 arcsas - ok
08:50:32.0785 3216 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:50:32.0800 3216 AsyncMac - ok
08:50:32.0816 3216 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:50:32.0816 3216 atapi - ok
08:50:32.0863 3216 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
08:50:32.0863 3216 AtiHDAudioService - ok
08:50:32.0894 3216 [ 09149D03629A44F4773E621C432D1D89 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
08:50:32.0894 3216 atksgt - ok
08:50:32.0956 3216 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:50:32.0972 3216 AudioEndpointBuilder - ok
08:50:33.0003 3216 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:50:33.0003 3216 AudioSrv - ok
08:50:33.0097 3216 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
08:50:33.0097 3216 AxAutoMntSrv - ok
08:50:33.0159 3216 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:50:33.0159 3216 AxInstSV - ok
08:50:33.0190 3216 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:50:33.0206 3216 b06bdrv - ok
08:50:33.0222 3216 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:50:33.0237 3216 b57nd60a - ok
08:50:33.0284 3216 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:50:33.0284 3216 BDESVC - ok
08:50:33.0315 3216 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:50:33.0315 3216 Beep - ok
08:50:33.0393 3216 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:50:33.0424 3216 BFE - ok
08:50:33.0440 3216 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:50:33.0440 3216 blbdrive - ok
08:50:33.0596 3216 [ 9928D0CDD422213432C28EB22A856299 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
08:50:33.0643 3216 Bluetooth Device Manager - ok
08:50:33.0705 3216 [ 21B1CB06C0254BBC08B8C30D8F282E69 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
08:50:33.0721 3216 Bluetooth Media Service - ok
08:50:33.0799 3216 [ 0BC0DC720F22A9D6D721FD5B7D15E84F ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
08:50:33.0799 3216 Bluetooth OBEX Service - ok
08:50:33.0877 3216 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:50:33.0892 3216 Bonjour Service - ok
08:50:33.0939 3216 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:50:33.0939 3216 bowser - ok
08:50:33.0955 3216 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:50:33.0955 3216 BrFiltLo - ok
08:50:33.0970 3216 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:50:33.0970 3216 BrFiltUp - ok
08:50:33.0986 3216 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:50:33.0986 3216 BridgeMP - ok
08:50:34.0033 3216 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:50:34.0048 3216 Browser - ok
08:50:34.0064 3216 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:50:34.0064 3216 Brserid - ok
08:50:34.0080 3216 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:50:34.0080 3216 BrSerWdm - ok
08:50:34.0095 3216 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:50:34.0095 3216 BrUsbMdm - ok
08:50:34.0095 3216 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:50:34.0095 3216 BrUsbSer - ok
08:50:34.0158 3216 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
08:50:34.0158 3216 BthEnum - ok
08:50:34.0173 3216 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:50:34.0173 3216 BTHMODEM - ok
08:50:34.0189 3216 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:50:34.0204 3216 BthPan - ok
08:50:34.0251 3216 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:50:34.0267 3216 BTHPORT - ok
08:50:34.0282 3216 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:50:34.0298 3216 bthserv - ok
08:50:34.0345 3216 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:50:34.0345 3216 BTHUSB - ok
08:50:34.0360 3216 [ 6D3FF2B480F7AB8DA103CBC7FBEACD48 ] BTMCOM C:\Windows\system32\Drivers\btmcom.sys
08:50:34.0360 3216 BTMCOM - ok
08:50:34.0407 3216 [ 30F82ED1690986E9E49357A1F6F6D14A ] BTMUSB C:\Windows\system32\Drivers\btmusb.sys
08:50:34.0407 3216 BTMUSB - ok
08:50:34.0470 3216 [ 8827A47127C138A241CC720C6349C96B ] CASprint C:\Program Files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe
08:50:34.0470 3216 CASprint - ok
08:50:34.0501 3216 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:50:34.0516 3216 cdfs - ok
08:50:34.0563 3216 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:50:34.0563 3216 cdrom - ok
08:50:34.0610 3216 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:50:34.0626 3216 CertPropSvc - ok
08:50:34.0626 3216 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:50:34.0641 3216 circlass - ok
08:50:34.0657 3216 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:50:34.0672 3216 CLFS - ok
08:50:34.0735 3216 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:50:34.0735 3216 clr_optimization_v2.0.50727_32 - ok
08:50:34.0828 3216 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:50:34.0828 3216 clr_optimization_v2.0.50727_64 - ok
08:50:34.0906 3216 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:50:34.0953 3216 clr_optimization_v4.0.30319_32 - ok
08:50:35.0000 3216 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:50:35.0000 3216 clr_optimization_v4.0.30319_64 - ok
08:50:35.0047 3216 [ D68D9F4D53010B7E84D4E80A2E485554 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
08:50:35.0047 3216 clwvd - ok
08:50:35.0062 3216 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:50:35.0062 3216 CmBatt - ok
08:50:35.0078 3216 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:50:35.0078 3216 cmdide - ok
08:50:35.0140 3216 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:50:35.0156 3216 CNG - ok
08:50:35.0172 3216 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:50:35.0172 3216 Compbatt - ok
08:50:35.0218 3216 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:50:35.0218 3216 CompositeBus - ok
08:50:35.0234 3216 COMSysApp - ok
08:50:35.0250 3216 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:50:35.0250 3216 crcdisk - ok
08:50:35.0296 3216 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:50:35.0296 3216 CryptSvc - ok
08:50:35.0359 3216 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:50:35.0374 3216 DcomLaunch - ok
08:50:35.0406 3216 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:50:35.0406 3216 defragsvc - ok
08:50:35.0452 3216 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:50:35.0452 3216 DfsC - ok
08:50:35.0499 3216 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:50:35.0515 3216 Dhcp - ok
08:50:35.0515 3216 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:50:35.0515 3216 discache - ok
08:50:35.0546 3216 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:50:35.0546 3216 Disk - ok
08:50:35.0593 3216 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:50:35.0593 3216 Dnscache - ok
08:50:35.0655 3216 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:50:35.0655 3216 dot3svc - ok
08:50:35.0702 3216 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
08:50:35.0718 3216 Dot4 - ok
08:50:35.0764 3216 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
08:50:35.0764 3216 Dot4Print - ok
08:50:35.0796 3216 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
08:50:35.0796 3216 dot4usb - ok
08:50:35.0842 3216 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:50:35.0842 3216 DPS - ok
08:50:35.0858 3216 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:50:35.0858 3216 drmkaud - ok
08:50:35.0920 3216 [ A298AEA9FCA253E7EFF040A08C7C6376 ] DVMIO C:\Windows\system32\DRIVERS\dvmio.sys
08:50:35.0920 3216 DVMIO - ok
08:50:35.0983 3216 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:50:36.0014 3216 DXGKrnl - ok
08:50:36.0030 3216 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:50:36.0030 3216 EapHost - ok
08:50:36.0139 3216 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:50:36.0217 3216 ebdrv - ok
08:50:36.0264 3216 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:50:36.0264 3216 EFS - ok
08:50:36.0326 3216 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:50:36.0342 3216 ehRecvr - ok
08:50:36.0388 3216 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:50:36.0404 3216 ehSched - ok
08:50:36.0420 3216 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:50:36.0435 3216 elxstor - ok
08:50:36.0482 3216 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
08:50:36.0482 3216 epmntdrv - ok
08:50:36.0513 3216 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:50:36.0529 3216 ErrDev - ok
08:50:36.0576 3216 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
08:50:36.0576 3216 EuGdiDrv - ok
08:50:36.0607 3216 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:50:36.0622 3216 EventSystem - ok
08:50:36.0622 3216 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:50:36.0638 3216 exfat - ok
08:50:36.0654 3216 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:50:36.0669 3216 fastfat - ok
08:50:36.0716 3216 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:50:36.0732 3216 Fax - ok
08:50:36.0747 3216 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:50:36.0747 3216 fdc - ok
08:50:36.0794 3216 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:50:36.0794 3216 fdPHost - ok
08:50:36.0794 3216 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:50:36.0810 3216 FDResPub - ok
08:50:36.0810 3216 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:50:36.0810 3216 FileInfo - ok
08:50:36.0888 3216 [ 13AE84E8E90D60CE9AF309EE08FF1B85 ] FileOpenManagerSvc C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe
08:50:36.0888 3216 FileOpenManagerSvc - ok
08:50:36.0903 3216 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:50:36.0903 3216 Filetrace - ok
08:50:36.0966 3216 [ 3D9B36631032FDE0FFEA0DC0260E4E35 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:50:36.0981 3216 FLEXnet Licensing Service - ok
08:50:37.0044 3216 [ 52C0312AB35EB7187015FB6A99136BB5 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
08:50:37.0059 3216 FLEXnet Licensing Service 64 - ok
08:50:37.0059 3216 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:50:37.0059 3216 flpydisk - ok
08:50:37.0122 3216 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:50:37.0122 3216 FltMgr - ok
08:50:37.0200 3216 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
08:50:37.0262 3216 FontCache - ok
08:50:37.0324 3216 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:50:37.0324 3216 FontCache3.0.0.0 - ok
08:50:37.0356 3216 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:50:37.0356 3216 FsDepends - ok
08:50:37.0387 3216 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:50:37.0387 3216 Fs_Rec - ok
08:50:37.0434 3216 [ 35FD2BB5131714E657B7AB3A78642854 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
08:50:37.0434 3216 FTDIBUS - ok
08:50:37.0449 3216 [ 196C9BDDBEF9B6D0973F398BEF5B2EEE ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
08:50:37.0449 3216 FTSER2K - ok
08:50:37.0480 3216 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:50:37.0480 3216 fvevol - ok
08:50:37.0512 3216 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:50:37.0512 3216 gagp30kx - ok
08:50:37.0574 3216 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
08:50:37.0590 3216 GameConsoleService - ok
08:50:37.0652 3216 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:50:37.0652 3216 GEARAspiWDM - ok
08:50:37.0714 3216 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:50:37.0746 3216 gpsvc - ok
08:50:37.0808 3216 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:50:37.0824 3216 gupdate - ok
08:50:37.0839 3216 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:50:37.0839 3216 gupdatem - ok
08:50:37.0917 3216 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:50:37.0917 3216 hcw85cir - ok
08:50:37.0964 3216 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:50:37.0980 3216 HdAudAddService - ok
08:50:37.0995 3216 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:50:38.0011 3216 HDAudBus - ok
08:50:38.0026 3216 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:50:38.0026 3216 HidBatt - ok
08:50:38.0042 3216 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:50:38.0042 3216 HidBth - ok
08:50:38.0058 3216 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:50:38.0058 3216 HidIr - ok
08:50:38.0089 3216 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:50:38.0089 3216 hidserv - ok
08:50:38.0120 3216 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:50:38.0120 3216 HidUsb - ok
08:50:38.0167 3216 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:50:38.0167 3216 hkmsvc - ok
08:50:38.0214 3216 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:50:38.0229 3216 HomeGroupListener - ok
08:50:38.0276 3216 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:50:38.0292 3216 HomeGroupProvider - ok
08:50:38.0338 3216 [ BE78357FB49759B79CCC01894BCFDDDB ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
08:50:38.0338 3216 HP Health Check Service - ok
08:50:38.0401 3216 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
08:50:38.0401 3216 HP Wireless Assistant Service - ok
08:50:38.0432 3216 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
08:50:38.0432 3216 HPClientSvc - ok
08:50:38.0479 3216 [ 2DFB151FD34DF104DAC0ADF070EDA83C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
08:50:38.0494 3216 HPDrvMntSvc.exe - ok
08:50:38.0526 3216 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
08:50:38.0526 3216 hpdskflt - ok
08:50:38.0557 3216 [ 184C500CB9F69585F3FE85E1D2667CD8 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
08:50:38.0557 3216 hpqwmiex - ok
08:50:38.0588 3216 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:50:38.0604 3216 HpSAMD - ok
08:50:38.0619 3216 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
08:50:38.0619 3216 hpsrv - ok
08:50:38.0650 3216 [ 760D9B546AB3EC551D7827C88C026194 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
08:50:38.0650 3216 HPWMISVC - ok
08:50:38.0713 3216 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:50:38.0728 3216 HTTP - ok
08:50:38.0775 3216 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:50:38.0775 3216 hwpolicy - ok
08:50:38.0806 3216 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:50:38.0806 3216 i8042prt - ok
08:50:38.0853 3216 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:50:38.0869 3216 iaStorV - ok
08:50:38.0931 3216 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:50:38.0962 3216 idsvc - ok
08:50:39.0150 3216 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:50:39.0306 3216 igfx - ok
08:50:39.0321 3216 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:50:39.0321 3216 iirsp - ok
08:50:39.0368 3216 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:50:39.0399 3216 IKEEXT - ok
08:50:39.0430 3216 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:50:39.0430 3216 intelide - ok
08:50:39.0430 3216 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:50:39.0446 3216 intelppm - ok
08:50:39.0462 3216 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:50:39.0477 3216 IPBusEnum - ok
08:50:39.0508 3216 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:50:39.0508 3216 IpFilterDriver - ok
08:50:39.0540 3216 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:50:39.0540 3216 IPMIDRV - ok
08:50:39.0555 3216 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:50:39.0555 3216 IPNAT - ok
08:50:39.0618 3216 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:50:39.0618 3216 iPod Service - ok
08:50:39.0633 3216 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:50:39.0649 3216 IRENUM - ok
08:50:39.0664 3216 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:50:39.0664 3216 isapnp - ok
08:50:39.0696 3216 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:50:39.0711 3216 iScsiPrt - ok
08:50:39.0774 3216 [ 1152F8BEB568F2F72F1C5C32A1F4E529 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
08:50:39.0774 3216 ISWKL - ok
08:50:39.0852 3216 [ EF46EF3A790C42BBA9B5AFA2586448DB ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
08:50:39.0852 3216 IswSvc - ok
08:50:39.0883 3216 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:50:39.0883 3216 kbdclass - ok
08:50:39.0914 3216 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:50:39.0914 3216 kbdhid - ok
08:50:39.0930 3216 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:50:39.0930 3216 KeyIso - ok
08:50:39.0976 3216 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:50:39.0976 3216 KSecDD - ok
08:50:40.0023 3216 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:50:40.0023 3216 KSecPkg - ok
08:50:40.0101 3216 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:50:40.0101 3216 ksthunk - ok
08:50:40.0148 3216 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:50:40.0164 3216 KtmRm - ok
08:50:40.0210 3216 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:50:40.0226 3216 LanmanServer - ok
08:50:40.0273 3216 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:50:40.0273 3216 LanmanWorkstation - ok
08:50:40.0335 3216 [ 5EA407821BB3104C31A705175AB4F309 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
08:50:40.0335 3216 lirsgt - ok
08:50:40.0351 3216 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:50:40.0351 3216 lltdio - ok
08:50:40.0382 3216 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:50:40.0382 3216 lltdsvc - ok
08:50:40.0413 3216 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:50:40.0413 3216 lmhosts - ok
08:50:40.0444 3216 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:50:40.0444 3216 LSI_FC - ok
08:50:40.0460 3216 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:50:40.0460 3216 LSI_SAS - ok
08:50:40.0460 3216 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:50:40.0476 3216 LSI_SAS2 - ok
08:50:40.0476 3216 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:50:40.0476 3216 LSI_SCSI - ok
08:50:40.0491 3216 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:50:40.0491 3216 luafv - ok
08:50:40.0522 3216 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:50:40.0522 3216 MBAMProtector - ok
08:50:40.0569 3216 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:50:40.0569 3216 MBAMScheduler - ok
08:50:40.0600 3216 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:50:40.0616 3216 MBAMService - ok
08:50:40.0663 3216 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:50:40.0663 3216 Mcx2Svc - ok
08:50:40.0678 3216 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:50:40.0678 3216 megasas - ok
08:50:40.0694 3216 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:50:40.0710 3216 MegaSR - ok
08:50:40.0850 3216 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
08:50:40.0850 3216 Microsoft Office Groove Audit Service - ok
08:50:40.0881 3216 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:50:40.0881 3216 MMCSS - ok
08:50:40.0897 3216 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:50:40.0897 3216 Modem - ok
08:50:40.0928 3216 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:50:40.0928 3216 monitor - ok
08:50:40.0944 3216 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:50:40.0944 3216 mouclass - ok
08:50:40.0959 3216 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:50:40.0959 3216 mouhid - ok
08:50:40.0990 3216 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:50:40.0990 3216 mountmgr - ok
08:50:41.0037 3216 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:50:41.0037 3216 MozillaMaintenance - ok
08:50:41.0209 3216 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:50:41.0224 3216 mpio - ok
08:50:41.0240 3216 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:50:41.0240 3216 mpsdrv - ok
08:50:41.0318 3216 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:50:41.0349 3216 MpsSvc - ok
08:50:41.0380 3216 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:50:41.0380 3216 MRxDAV - ok
08:50:41.0427 3216 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:50:41.0427 3216 mrxsmb - ok
08:50:41.0474 3216 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:50:41.0474 3216 mrxsmb10 - ok
08:50:41.0505 3216 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:50:41.0505 3216 mrxsmb20 - ok
08:50:41.0552 3216 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:50:41.0552 3216 msahci - ok
08:50:41.0583 3216 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:50:41.0583 3216 msdsm - ok
08:50:41.0614 3216 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:50:41.0614 3216 MSDTC - ok
08:50:41.0630 3216 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:50:41.0646 3216 Msfs - ok
08:50:41.0661 3216 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:50:41.0661 3216 mshidkmdf - ok
08:50:41.0677 3216 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:50:41.0677 3216 msisadrv - ok
08:50:41.0708 3216 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:50:41.0724 3216 MSiSCSI - ok
08:50:41.0724 3216 msiserver - ok
08:50:41.0755 3216 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:50:41.0755 3216 MSKSSRV - ok
08:50:41.0770 3216 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:50:41.0770 3216 MSPCLOCK - ok
08:50:41.0817 3216 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:50:41.0833 3216 MSPQM - ok
08:50:41.0880 3216 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:50:41.0880 3216 MsRPC - ok
08:50:41.0911 3216 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:50:41.0911 3216 mssmbios - ok
08:50:41.0926 3216 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:50:41.0926 3216 MSTEE - ok
08:50:41.0942 3216 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:50:41.0942 3216 MTConfig - ok
08:50:41.0958 3216 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:50:41.0958 3216 Mup - ok
08:50:42.0004 3216 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:50:42.0020 3216 napagent - ok
08:50:42.0051 3216 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:50:42.0051 3216 NativeWifiP - ok
08:50:42.0098 3216 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:50:42.0129 3216 NDIS - ok
08:50:42.0160 3216 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:50:42.0160 3216 NdisCap - ok
08:50:42.0176 3216 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:50:42.0176 3216 NdisTapi - ok
08:50:42.0223 3216 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:50:42.0223 3216 Ndisuio - ok
08:50:42.0270 3216 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:50:42.0270 3216 NdisWan - ok
08:50:42.0316 3216 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:50:42.0316 3216 NDProxy - ok
08:50:42.0363 3216 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:50:42.0363 3216 Net Driver HPZ12 - ok
08:50:42.0379 3216 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:50:42.0379 3216 NetBIOS - ok
08:50:42.0410 3216 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:50:42.0410 3216 NetBT - ok
08:50:42.0426 3216 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:50:42.0441 3216 Netlogon - ok
08:50:42.0457 3216 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:50:42.0472 3216 Netman - ok
08:50:42.0488 3216 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:50:42.0504 3216 netprofm - ok
08:50:42.0566 3216 [ 24CF1304D899124336F67F88F3C15E21 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
08:50:42.0582 3216 netr28x - ok
08:50:42.0613 3216 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:50:42.0613 3216 NetTcpPortSharing - ok
08:50:42.0769 3216 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
08:50:42.0925 3216 netw5v64 - ok
08:50:42.0956 3216 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:50:42.0956 3216 nfrd960 - ok
08:50:43.0003 3216 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:50:43.0003 3216 NlaSvc - ok
08:50:43.0018 3216 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:50:43.0018 3216 Npfs - ok
08:50:43.0034 3216 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:50:43.0034 3216 nsi - ok
08:50:43.0050 3216 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:50:43.0050 3216 nsiproxy - ok
08:50:43.0143 3216 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:50:43.0190 3216 Ntfs - ok
08:50:43.0221 3216 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:50:43.0221 3216 Null - ok
08:50:43.0268 3216 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:50:43.0268 3216 nvraid - ok
08:50:43.0315 3216 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:50:43.0315 3216 nvstor - ok
08:50:43.0362 3216 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:50:43.0377 3216 nv_agp - ok
08:50:43.0408 3216 [ 783787D3EB1360B0C20FB2B53FE50F5C ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
08:50:43.0424 3216 NWADI - ok
08:50:43.0533 3216 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:50:43.0549 3216 odserv - ok
08:50:43.0596 3216 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:50:43.0596 3216 ohci1394 - ok
08:50:43.0658 3216 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:50:43.0658 3216 ose - ok
08:50:43.0705 3216 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:50:43.0720 3216 p2pimsvc - ok
08:50:43.0814 3216 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:50:43.0830 3216 p2psvc - ok
08:50:43.0861 3216 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:50:43.0861 3216 Parport - ok
08:50:43.0908 3216 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:50:43.0908 3216 partmgr - ok
08:50:43.0939 3216 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:50:43.0954 3216 PcaSvc - ok
08:50:43.0970 3216 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:50:43.0970 3216 pci - ok
08:50:44.0001 3216 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:50:44.0001 3216 pciide - ok
08:50:44.0017 3216 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:50:44.0032 3216 pcmcia - ok
08:50:44.0048 3216 [ AFA669C9BA66EC74BFBDEBE5AD428C18 ] PCTINDIS5X64 C:\Windows\system32\PCTINDIS5X64.SYS
08:50:44.0064 3216 PCTINDIS5X64 - ok
08:50:44.0079 3216 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:50:44.0079 3216 pcw - ok

Treabone

join:2012-09-22
El Cajon, CA
reply to LoPhatPhuud
Part 2:

08:50:44.0095 3216 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:50:44.0110 3216 PEAUTH - ok
08:50:44.0220 3216 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:50:44.0220 3216 PerfHost - ok
08:50:44.0251 3216 PEVSystemStart - ok
08:50:44.0329 3216 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:50:44.0376 3216 pla - ok
08:50:44.0407 3216 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:50:44.0422 3216 PlugPlay - ok
08:50:44.0438 3216 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:50:44.0438 3216 Pml Driver HPZ12 - ok
08:50:44.0500 3216 [ A010F13D27C1033A8BE09D5FA9BF348B ] pneteth C:\Windows\system32\DRIVERS\pneteth.sys
08:50:44.0500 3216 pneteth - ok
08:50:44.0532 3216 [ 06841F5CD8410B6BDC0B5A631B8F8787 ] pnetmdm C:\Windows\system32\DRIVERS\pnetmdm64.sys
08:50:44.0532 3216 pnetmdm - ok
08:50:44.0563 3216 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:50:44.0563 3216 PNRPAutoReg - ok
08:50:44.0578 3216 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:50:44.0578 3216 PNRPsvc - ok
08:50:44.0610 3216 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:50:44.0625 3216 PolicyAgent - ok
08:50:44.0656 3216 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:50:44.0672 3216 Power - ok
08:50:44.0703 3216 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:50:44.0703 3216 PptpMiniport - ok
08:50:44.0719 3216 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:50:44.0734 3216 Processor - ok
08:50:44.0766 3216 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:50:44.0781 3216 ProfSvc - ok
08:50:44.0797 3216 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:50:44.0797 3216 ProtectedStorage - ok
08:50:44.0844 3216 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:50:44.0844 3216 Psched - ok
08:50:44.0906 3216 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:50:44.0937 3216 ql2300 - ok
08:50:44.0953 3216 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:50:44.0953 3216 ql40xx - ok
08:50:44.0984 3216 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:50:44.0984 3216 QWAVE - ok
08:50:45.0015 3216 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:50:45.0015 3216 QWAVEdrv - ok
08:50:45.0078 3216 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
08:50:45.0093 3216 RapiMgr - ok
08:50:45.0109 3216 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:50:45.0109 3216 RasAcd - ok
08:50:45.0140 3216 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:50:45.0140 3216 RasAgileVpn - ok
08:50:45.0156 3216 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:50:45.0156 3216 RasAuto - ok
08:50:45.0202 3216 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:50:45.0218 3216 Rasl2tp - ok
08:50:45.0265 3216 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:50:45.0280 3216 RasMan - ok
08:50:45.0296 3216 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:50:45.0296 3216 RasPppoe - ok
08:50:45.0312 3216 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:50:45.0312 3216 RasSstp - ok
08:50:45.0343 3216 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:50:45.0343 3216 rdbss - ok
08:50:45.0374 3216 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:50:45.0374 3216 rdpbus - ok
08:50:45.0390 3216 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:50:45.0390 3216 RDPCDD - ok
08:50:45.0405 3216 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:50:45.0405 3216 RDPENCDD - ok
08:50:45.0436 3216 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:50:45.0436 3216 RDPREFMP - ok
08:50:45.0468 3216 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:50:45.0468 3216 RDPWD - ok
08:50:45.0514 3216 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:50:45.0514 3216 rdyboost - ok
08:50:45.0546 3216 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:50:45.0546 3216 RemoteAccess - ok
08:50:45.0561 3216 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:50:45.0577 3216 RemoteRegistry - ok
08:50:45.0608 3216 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:50:45.0608 3216 RFCOMM - ok
08:50:45.0670 3216 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
08:50:45.0670 3216 RimUsb - ok
08:50:45.0717 3216 [ 0DE22421179D5A8440B68517DDF2B051 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
08:50:45.0717 3216 RimVSerPort - ok
08:50:45.0733 3216 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
08:50:45.0733 3216 ROOTMODEM - ok
08:50:45.0780 3216 [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
08:50:45.0780 3216 RoxioNow Service - ok
08:50:45.0811 3216 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:50:45.0811 3216 RpcEptMapper - ok
08:50:45.0858 3216 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:50:45.0858 3216 RpcLocator - ok
08:50:45.0889 3216 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:50:45.0889 3216 RpcSs - ok
08:50:45.0951 3216 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:50:45.0951 3216 rspndr - ok
08:50:45.0998 3216 [ 9BEB5F18A418FF70659CE2E356829568 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
08:50:45.0998 3216 RSUSBSTOR - ok
08:50:46.0029 3216 [ 47032C855DDCB5AD7236286689EDE288 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:50:46.0029 3216 RTL8167 - ok
08:50:46.0045 3216 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:50:46.0045 3216 SamSs - ok
08:50:46.0092 3216 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:50:46.0092 3216 sbp2port - ok
08:50:46.0107 3216 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:50:46.0107 3216 SCardSvr - ok
08:50:46.0154 3216 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:50:46.0154 3216 scfilter - ok
08:50:46.0216 3216 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:50:46.0263 3216 Schedule - ok
08:50:46.0294 3216 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:50:46.0294 3216 SCPolicySvc - ok
08:50:46.0341 3216 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
08:50:46.0341 3216 sdbus - ok
08:50:46.0388 3216 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:50:46.0388 3216 SDRSVC - ok
08:50:46.0404 3216 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:50:46.0404 3216 secdrv - ok
08:50:46.0450 3216 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:50:46.0450 3216 seclogon - ok
08:50:46.0466 3216 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:50:46.0466 3216 SENS - ok
08:50:46.0497 3216 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:50:46.0497 3216 SensrSvc - ok
08:50:46.0528 3216 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:50:46.0528 3216 Serenum - ok
08:50:46.0560 3216 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:50:46.0560 3216 Serial - ok
08:50:46.0575 3216 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:50:46.0591 3216 sermouse - ok
08:50:46.0622 3216 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:50:46.0622 3216 SessionEnv - ok
08:50:46.0669 3216 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:50:46.0669 3216 sffdisk - ok
08:50:46.0684 3216 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:50:46.0684 3216 sffp_mmc - ok
08:50:46.0700 3216 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:50:46.0700 3216 sffp_sd - ok
08:50:46.0716 3216 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:50:46.0716 3216 sfloppy - ok
08:50:46.0778 3216 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:50:46.0794 3216 ShellHWDetection - ok
08:50:46.0794 3216 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:50:46.0809 3216 SiSRaid2 - ok
08:50:46.0809 3216 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:50:46.0809 3216 SiSRaid4 - ok
08:50:46.0825 3216 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:50:46.0825 3216 Smb - ok
08:50:46.0872 3216 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:50:46.0872 3216 SNMPTRAP - ok
08:50:46.0887 3216 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:50:46.0887 3216 spldr - ok
08:50:46.0950 3216 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:50:46.0965 3216 Spooler - ok
08:50:47.0074 3216 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:50:47.0106 3216 sppsvc - ok
08:50:47.0137 3216 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:50:47.0137 3216 sppuinotify - ok
08:50:47.0184 3216 [ 007BEF02834D51EC54C86D8A874D1E44 ] SprintRcAppSvc C:\Program Files (x86)\Sprint\Sprint SmartView\RcAppSvc.exe
08:50:47.0184 3216 SprintRcAppSvc - ok
08:50:47.0246 3216 [ A15860E920B02C9A7CE8F3A6C2FF1E3A ] sptd C:\Windows\System32\Drivers\sptd.sys
08:50:47.0262 3216 sptd - ok
08:50:47.0293 3216 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:50:47.0308 3216 srv - ok
08:50:47.0340 3216 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:50:47.0340 3216 srv2 - ok
08:50:47.0371 3216 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
08:50:47.0386 3216 SrvHsfHDA - ok
08:50:47.0449 3216 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
08:50:47.0496 3216 SrvHsfV92 - ok
08:50:47.0542 3216 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
08:50:47.0558 3216 SrvHsfWinac - ok
08:50:47.0589 3216 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:50:47.0589 3216 srvnet - ok
08:50:47.0620 3216 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:50:47.0636 3216 SSDPSRV - ok
08:50:47.0652 3216 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:50:47.0652 3216 SstpSvc - ok
08:50:47.0698 3216 [ BACF09A6426AA666F9BDB7D1A7BD1BA7 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
08:50:47.0698 3216 STacSV - ok
08:50:47.0823 3216 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
08:50:47.0839 3216 StarWindServiceAE - ok
08:50:47.0854 3216 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:50:47.0854 3216 stexstor - ok
08:50:47.0901 3216 [ 84311D693857D5AE2E397B43C91F7B41 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
08:50:47.0917 3216 STHDA - ok
08:50:47.0995 3216 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
08:50:47.0995 3216 StillCam - ok
08:50:48.0057 3216 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:50:48.0073 3216 stisvc - ok
08:50:48.0182 3216 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:50:48.0182 3216 swenum - ok
08:50:48.0244 3216 [ FE832822AC176D124EBA579FA9D00CF1 ] swmsflt C:\Windows\System32\drivers\swmsflt.sys
08:50:48.0244 3216 swmsflt - ok
08:50:48.0276 3216 [ 46394D236EC92F79F5CC6C4319143B25 ] swmx00 C:\Windows\system32\DRIVERS\swmx00.sys
08:50:48.0291 3216 swmx00 - ok
08:50:48.0307 3216 [ B6AA5A7C8BFEE6A5BA9A6C485BB4CE72 ] SWNC5E00 C:\Windows\system32\DRIVERS\SWNC5E00.sys
08:50:48.0307 3216 SWNC5E00 - ok
08:50:48.0338 3216 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:50:48.0354 3216 swprv - ok
08:50:48.0400 3216 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:50:48.0416 3216 SynTP - ok
08:50:48.0494 3216 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:50:48.0556 3216 SysMain - ok
08:50:48.0603 3216 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:50:48.0619 3216 TabletInputService - ok
08:50:48.0650 3216 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:50:48.0666 3216 TapiSrv - ok
08:50:48.0681 3216 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:50:48.0681 3216 TBS - ok
08:50:48.0759 3216 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:50:48.0853 3216 Tcpip - ok
08:50:48.0931 3216 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:50:48.0946 3216 TCPIP6 - ok
08:50:48.0978 3216 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:50:48.0993 3216 tcpipreg - ok
08:50:49.0009 3216 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:50:49.0009 3216 TDPIPE - ok
08:50:49.0056 3216 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:50:49.0056 3216 TDTCP - ok
08:50:49.0102 3216 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:50:49.0102 3216 tdx - ok
08:50:49.0149 3216 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:50:49.0149 3216 TermDD - ok
08:50:49.0212 3216 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:50:49.0227 3216 TermService - ok
08:50:49.0243 3216 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:50:49.0258 3216 Themes - ok
08:50:49.0274 3216 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:50:49.0274 3216 THREADORDER - ok
08:50:49.0305 3216 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:50:49.0305 3216 TrkWks - ok
08:50:49.0368 3216 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:50:49.0368 3216 TrustedInstaller - ok
08:50:49.0430 3216 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:50:49.0430 3216 tssecsrv - ok
08:50:49.0477 3216 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:50:49.0477 3216 TsUsbFlt - ok
08:50:49.0539 3216 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:50:49.0539 3216 tunnel - ok
08:50:49.0555 3216 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:50:49.0570 3216 uagp35 - ok
08:50:49.0602 3216 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:50:49.0617 3216 udfs - ok
08:50:49.0648 3216 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:50:49.0648 3216 UI0Detect - ok
08:50:49.0680 3216 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:50:49.0680 3216 uliagpkx - ok
08:50:49.0742 3216 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:50:49.0742 3216 umbus - ok
08:50:49.0758 3216 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:50:49.0758 3216 UmPass - ok
08:50:49.0789 3216 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:50:49.0789 3216 upnphost - ok
08:50:49.0836 3216 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:50:49.0836 3216 USBAAPL64 - ok
08:50:49.0882 3216 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:50:49.0898 3216 usbccgp - ok
08:50:49.0960 3216 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:50:49.0960 3216 usbcir - ok
08:50:50.0007 3216 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:50:50.0007 3216 usbehci - ok
08:50:50.0054 3216 [ DC2B306861F42EEEB92EF525F4119F08 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
08:50:50.0054 3216 usbfilter - ok
08:50:50.0085 3216 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:50:50.0085 3216 usbhub - ok
08:50:50.0101 3216 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
08:50:50.0101 3216 usbohci - ok
08:50:50.0132 3216 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:50:50.0132 3216 usbprint - ok
08:50:50.0163 3216 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:50:50.0163 3216 usbscan - ok
08:50:50.0194 3216 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:50:50.0210 3216 USBSTOR - ok
08:50:50.0226 3216 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:50:50.0226 3216 usbuhci - ok
08:50:50.0241 3216 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:50:50.0257 3216 usbvideo - ok
08:50:50.0272 3216 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:50:50.0272 3216 UxSms - ok
08:50:50.0288 3216 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:50:50.0288 3216 VaultSvc - ok
08:50:50.0335 3216 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:50:50.0335 3216 vdrvroot - ok
08:50:50.0413 3216 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:50:50.0428 3216 vds - ok
08:50:50.0444 3216 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:50:50.0460 3216 vga - ok
08:50:50.0475 3216 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:50:50.0475 3216 VgaSave - ok
08:50:50.0506 3216 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:50:50.0506 3216 vhdmp - ok
08:50:50.0522 3216 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:50:50.0522 3216 viaide - ok
08:50:50.0538 3216 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:50:50.0553 3216 volmgr - ok
08:50:50.0600 3216 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:50:50.0600 3216 volmgrx - ok
08:50:50.0631 3216 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:50:50.0631 3216 volsnap - ok
08:50:50.0678 3216 [ 239D8D72730226CD460BDC8CA0A23D43 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
08:50:50.0694 3216 Vsdatant - ok
08:50:50.0725 3216 vsmon - ok
08:50:50.0756 3216 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:50:50.0756 3216 vsmraid - ok
08:50:50.0850 3216 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:50:50.0928 3216 VSS - ok
08:50:50.0959 3216 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:50:50.0959 3216 vwifibus - ok
08:50:50.0959 3216 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:50:50.0974 3216 vwififlt - ok
08:50:50.0990 3216 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:50:51.0006 3216 W32Time - ok
08:50:51.0021 3216 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:50:51.0037 3216 WacomPen - ok
08:50:51.0068 3216 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:50:51.0068 3216 WANARP - ok
08:50:51.0068 3216 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:50:51.0068 3216 Wanarpv6 - ok
08:50:51.0146 3216 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:50:51.0193 3216 WatAdminSvc - ok
08:50:51.0271 3216 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:50:51.0318 3216 wbengine - ok
08:50:51.0333 3216 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:50:51.0333 3216 WbioSrvc - ok
08:50:51.0364 3216 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
08:50:51.0364 3216 WcesComm - ok
08:50:51.0411 3216 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:50:51.0427 3216 wcncsvc - ok
08:50:51.0442 3216 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:50:51.0442 3216 WcsPlugInService - ok
08:50:51.0442 3216 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:50:51.0458 3216 Wd - ok
08:50:51.0474 3216 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:50:51.0489 3216 Wdf01000 - ok
08:50:51.0505 3216 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:50:51.0505 3216 WdiServiceHost - ok
08:50:51.0520 3216 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:50:51.0520 3216 WdiSystemHost - ok
08:50:51.0583 3216 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:50:51.0583 3216 WebClient - ok
08:50:51.0598 3216 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:50:51.0614 3216 Wecsvc - ok
08:50:51.0614 3216 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:50:51.0630 3216 wercplsupport - ok
08:50:51.0645 3216 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:50:51.0645 3216 WerSvc - ok
08:50:51.0661 3216 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:50:51.0661 3216 WfpLwf - ok
08:50:51.0676 3216 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:50:51.0676 3216 WIMMount - ok
08:50:51.0723 3216 WinDefend - ok
08:50:51.0723 3216 WinHttpAutoProxySvc - ok
08:50:51.0801 3216 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:50:51.0801 3216 Winmgmt - ok
08:50:51.0926 3216 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:50:52.0004 3216 WinRM - ok
08:50:52.0051 3216 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
08:50:52.0066 3216 WinUSB - ok
08:50:52.0098 3216 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:50:52.0129 3216 Wlansvc - ok
08:50:52.0238 3216 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:50:52.0300 3216 wlidsvc - ok
08:50:52.0316 3216 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:50:52.0316 3216 WmiAcpi - ok
08:50:52.0332 3216 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:50:52.0347 3216 wmiApSrv - ok
08:50:52.0363 3216 WMPNetworkSvc - ok
08:50:52.0378 3216 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:50:52.0378 3216 WPCSvc - ok
08:50:52.0425 3216 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:50:52.0441 3216 WPDBusEnum - ok
08:50:52.0456 3216 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:50:52.0456 3216 ws2ifsl - ok
08:50:52.0488 3216 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
08:50:52.0488 3216 wscsvc - ok
08:50:52.0503 3216 WSearch - ok
08:50:52.0519 3216 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:50:52.0519 3216 WudfPf - ok
08:50:52.0566 3216 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:50:52.0581 3216 WUDFRd - ok
08:50:52.0628 3216 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:50:52.0644 3216 wudfsvc - ok
08:50:52.0675 3216 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:50:52.0706 3216 WwanSvc - ok
08:50:52.0784 3216 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
08:50:52.0784 3216 yukonw7 - ok
08:50:52.0846 3216 ================ Scan global ===============================
08:50:52.0862 3216 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:50:52.0893 3216 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:50:52.0909 3216 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
08:50:52.0940 3216 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:50:52.0956 3216 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:50:52.0956 3216 [Global] - ok
08:50:52.0956 3216 ================ Scan MBR ==================================
08:50:52.0987 3216 [ A3095E5B8060D0D6B97E87EC1BB50C3C ] \Device\Harddisk0\DR0
08:50:53.0065 3216 \Device\Harddisk0\DR0 - ok
08:50:53.0065 3216 ================ Scan VBR ==================================
08:50:53.0065 3216 [ 09F6C83F79DE2C649E87B57EA0F0D71F ] \Device\Harddisk0\DR0\Partition1
08:50:53.0080 3216 \Device\Harddisk0\DR0\Partition1 - ok
08:50:53.0096 3216 [ 8A884E6DA8C180B05B7DC7160EE8EBBC ] \Device\Harddisk0\DR0\Partition2
08:50:53.0096 3216 \Device\Harddisk0\DR0\Partition2 - ok
08:50:53.0127 3216 [ EB6CEFA31858AF6E3DAAF181F9CB3A3C ] \Device\Harddisk0\DR0\Partition3
08:50:53.0127 3216 \Device\Harddisk0\DR0\Partition3 - ok
08:50:53.0143 3216 [ 591F12B6B95038FC8E98042EFAA29573 ] \Device\Harddisk0\DR0\Partition4
08:50:53.0158 3216 \Device\Harddisk0\DR0\Partition4 - ok
08:50:53.0158 3216 ============================================================
08:50:53.0158 3216 Scan finished
08:50:53.0158 3216 ============================================================
08:50:53.0174 3260 Detected object count: 0
08:50:53.0174 3260 Actual detected object count: 0

Treabone

join:2012-09-22
El Cajon, CA
On a hunch, I tried running Combofix after running the SFC. It worked. Below is the logfile.

ComboFix 12-09-24.02 - Trea 09/24/2012 11:06:46.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2666.1141 [GMT -7:00]
Running from: c:\users\Trea\Desktop\ComboFix.exe
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-08-24 to 2012-09-24 )))))))))))))))))))))))))))))))
.
.
2012-09-24 18:20 . 2012-09-24 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-22 14:50 . 2012-09-22 14:50 -------- d-----w- c:\program files (x86)\ESET
2012-09-22 00:12 . 2012-09-22 00:12 -------- d-----w- c:\users\Trea\AppData\Roaming\Malwarebytes
2012-09-22 00:12 . 2012-09-22 00:12 -------- d-----w- c:\programdata\Malwarebytes
2012-09-22 00:12 . 2012-09-22 00:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-22 00:12 . 2012-09-08 00:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 03:04 . 2012-09-21 03:04 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-09-20 21:12 . 2012-09-21 17:27 -------- d-----w- C:\PERRLA
2012-09-19 01:00 . 2012-09-19 03:51 -------- d-----w- c:\users\Trea\AppData\Roaming\Elluminate
2012-09-15 20:48 . 2012-09-15 20:48 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-12 01:51 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 01:51 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 01:51 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 01:51 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 01:51 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 01:51 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 01:51 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 01:47 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B204F5C7-3CD3-4AEB-B46A-351A50EBDA31}\mpengine.dll
2012-08-31 05:03 . 2012-08-31 05:03 -------- d-----w- c:\users\Trea\AppData\Roaming\Media Player Classic
2012-08-31 01:12 . 2012-08-31 01:12 4278384 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-08-31 01:10 . 2012-08-31 01:10 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-08-31 01:00 . 2012-08-31 01:00 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-08-31 00:40 . 2012-06-09 17:21 178688 ----a-w- c:\windows\SysWow64\unrar.dll
2012-08-31 00:39 . 2012-08-31 00:41 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2012-08-31 00:23 . 2012-09-22 17:22 -------- d-----w- c:\program files (x86)\VideoConverter
2012-08-29 19:32 . 2012-08-29 19:32 -------- d-----w- c:\program files (x86)\TCFI3_Log_V3
2012-08-29 19:32 . 2012-08-29 19:32 -------- d-----w- c:\users\Trea\AppData\Roaming\{46DFC4B3-56FE-4644-961F-EBC62AC65305}
2012-08-29 19:31 . 2012-08-29 19:31 -------- d-----w- c:\program files (x86)\PC_Link_TCFI3_V4
2012-08-29 19:31 . 2012-08-29 19:31 -------- d-----w- c:\users\Trea\AppData\Roaming\{2E145773-1EA5-43AA-AFA4-A71CD4B5068E}
2012-08-29 18:55 . 2012-08-29 18:55 -------- d-----w- c:\program files\DIFX
2012-08-29 18:51 . 2012-08-29 18:51 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-08-29 18:51 . 2012-08-29 18:51 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-20 23:18 . 2012-04-09 04:01 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-20 23:18 . 2011-06-05 20:37 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-31 07:43 . 2011-02-06 03:42 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-07-19 01:11 . 2012-07-19 01:11 476976 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-07-19 01:11 . 2010-12-14 01:01 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-18 18:15 . 2012-08-14 18:33 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-06 20:07 . 2012-08-15 17:14 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-07-04 22:16 . 2012-08-14 18:34 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-14 18:34 59392 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 22:13 . 2012-08-14 18:34 136704 ----a-w- c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-14 18:34 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-07-03 16:21 . 2011-02-04 04:22 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-01 01:08 . 2012-07-01 00:44 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-06-30 05:18 . 2012-06-30 05:18 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-06-30 05:17 . 2012-06-30 05:17 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-06-30 05:15 . 2012-06-30 05:15 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-06-30 05:15 . 2012-06-30 05:15 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-29 04:55 . 2012-08-15 17:10 17809920 ----a-w- c:\windows\system32\mshtml.dll
2012-06-29 04:09 . 2012-08-15 17:10 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-06-29 03:56 . 2012-08-15 17:10 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-06-29 03:49 . 2012-08-15 17:10 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-29 03:49 . 2012-08-15 17:10 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-29 03:48 . 2012-08-15 17:10 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-29 03:47 . 2012-08-15 17:10 237056 ----a-w- c:\windows\system32\url.dll
2012-06-29 03:45 . 2012-08-15 17:10 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-29 03:44 . 2012-08-15 17:10 816640 ----a-w- c:\windows\system32\jscript.dll
2012-06-29 03:43 . 2012-08-15 17:10 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-29 03:42 . 2012-08-15 17:10 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-29 03:40 . 2012-08-15 17:10 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-29 03:39 . 2012-08-15 17:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-29 03:35 . 2012-08-15 17:10 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-29 00:16 . 2012-08-15 17:10 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-29 00:09 . 2012-08-15 17:10 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-29 00:08 . 2012-08-15 17:10 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-29 00:04 . 2012-08-15 17:10 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-29 00:00 . 2012-08-15 17:10 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-10 336384]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-08-24 584760]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2012-06-02 73392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Trea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
PdaNet Desktop.lnk - c:\program files (x86)\PdaNet for Android\PdaNetPC.exe [2011-5-19 484976]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-11-12 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-04 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 250288]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2010-06-30 52736]
R3 BTMNET;Motorola Bluetooth Network Adapter Service;c:\windows\system32\DRIVERS\btmnet.sys [2010-07-16 30208]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2010-10-27 484096]
R3 CASprint;Sprint Con App Svc;c:\program files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe [2008-07-07 124184]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-04 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-15 114144]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [2008-07-07 43032]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-07-21 247400]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-05 1255736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys [2009-11-11 20056]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-08-04 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-10 354304]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-07-16 679176]
S2 FileOpenManagerSvc;FileOpen Manager Service;c:\program files\FileOpen\Services\FileOpenManagerSvc64.exe [2011-12-10 334720]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-15 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-14 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-08-24 26680]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-04-30 33672]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-04-30 827520]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-08 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-08 676936]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-08-04 9364480]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-08-04 309760]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-10-26 4150864]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-07-15 1188616]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys [2010-09-04 31088]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-06 1028096]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-08 25928]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-11-05 1041760]
S3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-20 349800]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-04-29 38528]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 23:18]
.
2012-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-04 04:22]
.
2012-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-04 04:22]
.
2012-09-12 c:\windows\Tasks\HPCeeScheduleForTREA-PC$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-11-09 22:16 2238976 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-29 489472]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-10-26 21705296]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-01 611896]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"FileOpenBroker"="c:\program files\FileOpen\Services\FileOpenBroker64.exe" [2011-12-10 900992]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-04-30 1126528]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.43.1
FF - ProfilePath - c:\users\Trea\AppData\Roaming\Mozilla\Firefox\Profiles\x7p0fgki.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.zonealarm.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.zonealarm.autoRvrt - true
FF - user.js: extensions.zonealarm_i.newTab - false
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN20644180144344-1001&toolbarId=base&affiliateId=1025&Lan={dfltLng}&utid=303d8c51000000000000002637bd3942&q=
FF - user.js: extensions.zonealarm.id - 303d8c51000000000000002637bd3942
FF - user.js: extensions.zonealarm.instlDay - 15510
FF - user.js: extensions.zonealarm.vrsn - 1.5.24.4
FF - user.js: extensions.zonealarm.vrsni - 1.5.24.4
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.5.24.420:36
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1025
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base
FF - user.js: extensions.zonealarm.instlRef - ZLN20644180144344-1001
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - true
FF - user.js: extensions.zonealarm.admin - false
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-24 11:26:12
ComboFix-quarantined-files.txt 2012-09-24 18:26
ComboFix2.txt 2012-09-24 17:35
.
Pre-Run: 144,732,364,800 bytes free
Post-Run: 144,670,617,600 bytes free
.
- - End Of File - - 0DEE0B87E8E0916835C20FAF43891367